search

abpframework / eShopOnAbp

Reference microservice solution built with the ABP Framework and .NET, runs on Kubernetes with Helm configuration, includes API Gateways, Angular and ASP.NET Core MVC applications, PostgreSQL and MongoDB databases
https://www.eShopOnAbp.com/
MIT License
694 stars 272 forks source link

Swagger Authentication problem on K8s production #157

Closed gterdem closed 8 months ago

gterdem commented 1 year ago

image

eShopOnAbp is the main sample for this problem.

We are running all the application/microservices on pods.

When we are making a login request the issuer, it is set to dns name (https://auth.eshoponabp.com) so it is redirected back to the issuer (dns). The internal requests like /.well-known/openid-configuration is made to the pod (http://eshop-az-authserver). We have an OpenIdConnectOptions configuration to separate the internal and web requests.

However, the AddAbpSwaggerGenWithOAuth configuration to authenticate the swagger user doesn't have this kind of configurations so we can not authenticate the swagger user using authorization code.

We need to find a way to add OpenIdConnectOptions or similar configuration to set whenever redirect to dns and whenever redirect to pod.

gterdem commented 1 year ago

https://github.com/abpframework/abp/pull/16574 will solve the problem.

Update swagger configuration after ABP 7.4

Should also solve https://github.com/abpframework/eShopOnAbp/issues/171