search

Finbuckle / Finbuckle.MultiTenant

Finbuckle.MultiTenant is an open-source multitenancy middleware library for .NET. It enables tenant resolution, per-tenant app behavior, and per-tenant data isolation.
https://www.finbuckle.com/multitenant
Apache License 2.0
1.3k stars 265 forks source link

.NET Core 3.1 upgrade broke Tenant Resolution #205

Closed williambowsher closed 4 years ago

williambowsher commented 4 years ago

Hi,

I have just upgraded my application from .NET Core 2.2.7 to 3.1 LTS and I have the following issue. I opening the application and it resolved the tenant correctly, then I login in, which redirect to IdentityServer 4, upon successfully logging in it redirects back to my application at which point the tenant can no longer be resolved.

I was just wondering if there are any important issue with a .NET Core 3.1 implementation?

This is an extract from my log file:

2020-01-06 07:09:10.092 +01:00 [Information] Request starting HTTP/2.0 GET https://localhost:44335/tenant1/Home/EmployeeHome
2020-01-06 07:09:10.095 +01:00 [Information] Finbuckle.MultiTenant.Strategies.RouteStrategy.GetIdentifierAsync: Found identifier: "tenant1". 2020-01-06 07:09:10.095 +01:00 [Information] Finbuckle.MultiTenant.Stores.InMemoryStore.TryGetByIdentifierAsync: Tenant found with identifier "tenant1". 2020-01-06 07:09:10.102 +01:00 [Information] Authorization failed. 2020-01-06 07:09:10.430 +01:00 [Information] AuthenticationScheme: "oidc" was challenged. 2020-01-06 07:09:10.432 +01:00 [Information] Request finished in 339.7645ms 302 2020-01-06 07:09:13.211 +01:00 [Information] Request starting HTTP/2.0 POST https://localhost:44335/tenant1/signin-oidc application/x-www-form-urlencoded 1579 2020-01-06 07:09:13.212 +01:00 [Information] Finbuckle.MultiTenant.Strategies.RouteStrategy.GetIdentifierAsync: No identifier found.

AndrewTriesToCode commented 4 years ago

Hi, I am prepping a release with better 3.1 support for later this week. Not sure if that alone would resolve this for you.

Can you post your ConfigureServices or at least the multitenant part of it?

williambowsher commented 4 years ago

Here is my Finbuckle config 

services.AddMultiTenant()
                .WithRouteStrategy()
                .WithInMemoryStore(configuration.GetSection("Finbuckle:MultiTenant:InMemoryStore"))
                .WithRemoteAuthentication()
                .WithPerTenantOptions<CookieAuthenticationOptions>((options, tenantContext) =>
                {
                    // Set a unique cookie name for this tenant.
                    options.Cookie.Name += tenantContext.Identifier.ToLower() + "-cookie";
                    // Note the paths set take our routing strategy into account.
                    options.LoginPath = "/" + tenantContext.Identifier + "/Home";
                    options.LogoutPath = "/" + tenantContext.Identifier + "/Logout";
                    options.Cookie.Path = "/" + tenantContext.Identifier;
                })
                .WithPerTenantOptions<OpenIdConnectOptions>((options, tenantContext) =>
                {
                    options.CallbackPath = "/" + tenantContext.Identifier + "/signin-oidc";
                    options.SignedOutCallbackPath = "/" + tenantContext.Identifier + "/Logout";
                    options.SignedOutRedirectUri = "/" + tenantContext.Identifier + "/Logout";
                });
AndrewTriesToCode commented 4 years ago

Thanks! And if you simply change the Asp.NET Core version back to 2.2 does it work again?

AndrewTriesToCode commented 4 years ago

Oh I just noticed your callback path! Try it with the default callback path, the library has special handing for openid connect callback and you shouldn’t Need to set it per tenant (because the identity server only knows the main callback url).

williambowsher commented 4 years ago

Yeah this is a new branch for 3.1 upgrade, the existing 2.2.7 version is up and running.

On Tue, 7 Jan 2020, 18:45 Andrew White, notifications@github.com wrote:

Thanks! And if you simply change the Asp.NET Core version back to 2.2 does it work again?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Finbuckle/Finbuckle.MultiTenant/issues/205?email_source=notifications&email_token=AFICAZ6NR2YMHXZ37YHJZULQ4S5T7A5CNFSM4KD4BIYKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIJV7BY#issuecomment-571694983, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFICAZ6HYV5FCYMNCDIDTH3Q4S5T7ANCNFSM4KD4BIYA .

williambowsher commented 4 years ago

Ok I will give that ago, thanks for the great work and quick response time on questions.

On Tue, 7 Jan 2020, 18:47 Andrew White, notifications@github.com wrote:

Oh I just noticed your callback path! Try it with the default callback path, the library has special handing of opened connect callback and you shouldn’t set it per tenant (because the identity server only knows the main callback url).

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Finbuckle/Finbuckle.MultiTenant/issues/205?email_source=notifications&email_token=AFICAZ4IJNJDFP5ASBMP3ZTQ4S52NA5CNFSM4KD4BIYKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIJWEKI#issuecomment-571695657, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFICAZZURJG6AJ7AEY3OQ73Q4S52NANCNFSM4KD4BIYA .

stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.