Activities of "improwise"

Hi @improwise

As mentioned in article, Secure Storage requires platform-specific configuration. Preferences usage is for development purposes. You should replace it for production.

Even so that should probably be highlighted more than it is today, as I would assume that most people would assume that generated code is "best in class" and being ready for production (as ready as anything MAUI can be).

Just noticed that it was your community post I linked to :)

As I understand it, the MAUI mobile application generated by ABP Suite seem to use Preferences instead of SecureStorage for storing JWT tokens which AFAIK isn't the recommended way of doing it as it is not as secure as SecureStorage. There is even a community post about this

https://community.abp.io/posts/using-abp-client-proxies-in-maui-with-openid-connect-em7x1s8k

private async Task SetTokenCacheAsync(string accessToken, string refreshToken)
{
    await _storage.SetAsync(IssueTrackrConsts.OidcConsts.AccessTokenKeyName, accessToken);
    await _storage.SetAsync(IssueTrackrConsts.OidcConsts.RefreshTokenKeyName, refreshToken);
}

private async Task ClearTokenCacheAsync()
{
    await _storage.RemoveAsync(IssueTrackrConsts.OidcConsts.AccessTokenKeyName);
    await _storage.RemoveAsync(IssueTrackrConsts.OidcConsts.RefreshTokenKeyName);
}

public class DefaultStorage : IStorage, ITransientDependency
{
    public Task<string> GetAsync(string key)
    {
        return Task.FromResult(Preferences.Get(key, string.Empty));
    }

    public Task SetAsync(string key, string value)
    {
        Preferences.Set(key, value);
        return Task.CompletedTask;
    }

    public Task RemoveAsync(string key)
    {
        Preferences.Remove(key);
        return Task.CompletedTask;
    }
}

Add support for MAUI Blazor (BlazorWebView) in the ABP Suite Mobile Application (don't remember exactly what it is called). MAUI is supported but only as XAML. As I understand it, authentication is supposed to be handled in the XAML even when using mainly Blazor, so the changes needed would probably be quite small.

Authentication in Blazor Hybrid apps is handled by native platform libraries, as they offer enhanced security guarantees that the browser sandbox can't offer. Authentication of native apps uses an OS-specific mechanism or via a federated protocol, such as OpenID Connect (OIDC). Follow the guidance for the identity provider that you've selected for the app and then further integrate identity with Blazor using the guidance in this article.

https://docs.microsoft.com/en-us/aspnet/core/blazor/hybrid/security/?view=aspnetcore-6.0&pivots=maui

Perhaps a better alternative could be to switch to MAUI Blazor project type instead of a plain MAUI one, since the former support Xaml AND Blazor, while the normal MAUI only supports Xaml and requires quite a bit a configuring to get Blazor working.

Since ABP is primarilly a web framework, it would seem reasonable that anyone using ABP is more likely to use Blazor than XAML, as anyone interested in writing native apps only probably would not be using ABP at all.

Hi, you probably tried to update ABP Suite without all related packages being released. Can you try again?

What is the ABP Suite to be used with RC4?

You can update the ABP Suite to RC.4. Your CLI version and ABP Suite version should be the same.

Hi,

Yes, it seems to be working now so I guess it was a configuration error on the "server side". Thanks.

I guess that normally there would not be a new version available to update to without all the needed packages also being available and released?

I tried to update to ABP Suite matching the latest RC 6.0.0 RC4 but that did not seem to exist (and instead installed some Preview 7 from July even though I specified the version in the CLI command). So I did a "abp suite remove" and also deleted the directory, and then did a "abp suite install --version 6.0.0-rc.3". Now I seem to have a mismatch of versions, which I would assume is rather the ABP Suite RC3 having some incorrect INF

abp suite install --version 6.0.0-rc.3 [18:36:35 INF] ABP CLI (https://abp.io) [18:36:36 INF] Version 6.0.0-rc.4 (Prerelease) [18:36:36 INF] Installing ABP Suite v6.0.0-rc.3... You can invoke the tool using the following command: abp-suite Tool 'volo.abp.suite' (version '6.0.0-rc.3') was successfully installed.

abp suite [18:37:01 INF] ABP CLI (https://abp.io) [18:37:01 INF] Version 6.0.0-rc.4 (Prerelease) Starting Suite v6.0.0-rc.3 ... Opening http://localhost:3000

What is the ABP Suite to be used with RC4 and is there a ABP Suite RC4 as well?

Add support for MAUI Blazor (BlazorWebView) in the ABP Suite Mobile Application (don't remember exactly what it is called). MAUI is supported but only as XAML. As I understand it, authentication is supposed to be handled in the XAML even when using mainly Blazor, so the changes needed would probably be quite small.

Authentication in Blazor Hybrid apps is handled by native platform libraries, as they offer enhanced security guarantees that the browser sandbox can't offer. Authentication of native apps uses an OS-specific mechanism or via a federated protocol, such as OpenID Connect (OIDC). Follow the guidance for the identity provider that you've selected for the app and then further integrate identity with Blazor using the guidance in this article.

https://docs.microsoft.com/en-us/aspnet/core/blazor/hybrid/security/?view=aspnetcore-6.0&pivots=maui

With Blazor comming close to build once - run everywhere with MAUI and Blazor Hybrid, wouldn't it be nice with just one "Blazor" template for which you could select which Blazor UIs (WASM, Server, native) you want and then that generated components were but into a Razor Component Library instead?

Perhaps from the start it could just be WASM + Server but with MAUI becoming more mature, perhaps become WASM + Server + MAUI. AFAIK, unless you start using Native controls, the Blazor components themselves and their markup should be very similar regardless of hosting environment.

Not sure what amount of work this would mean, but just floating the idea in general.

This was also posted as https://github.com/abpframework/abp/issues/13710 and has two votes on there which should count, one of them I believe is from a core team member :)

This is the only thing I've been able to find about this:

"12.2 ABP Commercial products cannot be publicly shared or cannot be licensed as an open-source product without asking written permission of Volosoft Bilişim Anonim Şirketi. "

hi

You can't make public the commercial source code or packages.

https://commercial.abp.io/faq

Hi,

I've read that already but I don't think it really answers the question. I also don't see anything in there about distributing the applications to clients (with or without the source code) like when you build a system for a client. Ie the FAQ seems to be lacking information about runtime vs development time etc. We have just assumed that it is probably working in the same way as other tooling, like development time licenses for DevExpress, Telerik etc.

(We have yet to actually build and distribute a real application with ABP, but we plan to do it in the future).

hi

You just need to add the commercial packages to your project. You can check the commercial template project.

Does this mean that we can include commercial packages in open source then on GitHub etc without breaking the license? Will it still be something that a non ABP customer could still compile even though they probably could not use it? Mostly interested in the legal aspects here so that we don't break any rules etc. Thanks.