Check the identityserver logs. https://idmstg-authserver.conlog.com/.well-known/openid-configuration should be reachable.
When does this error occur exactly? On which operation you are doing, you get this error? How can we reproduce it?
I am using the LocalDistributedEventBus which is default.
The user is created at IdentityServer and you are trying to handle it in an Http.Api.Host application. LocalDistributedEventBus works in-process. You need to use a distributed event bus provider like RabbitMq or Kafka.
Sorry, this issue seems IdentityServer specific and out of my expertise. Please also try asking to IdentityServer github issues or stackoverflow.
Can you also check the rabbitmq-management page when an event is published to guarantee the event is published?
It is not a good practice to inherit from IdentityUser. I would suggest using Object Extensions.
Or create a different entity isolating your user-related business:
public class AppUser: Entity<Guid>
{
public Guid IdentityUserId {get; set;}
public IdentityUser User {get; set;
}
You can event use the same IdentityUserId for AppUser if you care.
It seems admin-service
can not be resolved. Can you make sure this DNS is correct and be resolved?
Http.Api.Client layer is the short-hand api client for your module/application, not a layer for other clients to be injected or used.
These steps saves you from creating http clients from factories, serializing/deseralizing dtos and provides you hard-coded application service contract (IAbpAppXApplicationService) you can use without bothering to write wrappers for service end-points etc.
Now you have an external http api service which is not Abp module/application but you want to use it in your Abp application naturally. Abp is layered application so your question is, which is the question of the era: Where do I put the code?
My answer to that is, it depends.
IHttpClientFactory
in the Web
layer. This will make your presentation layer dependent on external service.Application
layer. This will make your application and presentation layers dependent on external service.Domain
layer. This will make your domain, application, and presentation layers dependent on external service.I wanted to point out the dependency graph. You need to decide the dependency level for your application to an external service.
It is not working partially, they are different. I will try to explain better.
Request URL: https://webgateway.xyz.io/api/permission-management/permissions?providerName=R&providerKey=Employee%20User ------> This Works
This request is done to AdministrationService to get the permissions of the role,
Request URL: https://webgateway.xyz.io/api/permission-management/permissions?providerName=U&providerKey=7d2bf3e2-881f-82af-2e19-3a025c616e15 ----> This Doesn't Work
This request is done to the AdministrationService to get the permission of the user. Since user list can be found in IdentityService; AdministrationService makes a server-to-server request to IdentityService to get this list. See this: https://docs.abp.io/en/commercial/latest/startup-templates/microservice/microservices#identity-server-authorization-1
And it seems AdministrationService is having a problem when getting token from the AuthServer (client-credential request, see related docs above) to make a request to IdentityService.
Can AdministrationService pod reach the internet? To https://yourAuthServer.com/.well-known/openid-configuration endpoint?