Open Closed

Nginx reverse proxy deployment - login does not return #465


User avatar
1
jason.smith created
  • ABP Framework version: v3.1.2
  • UI type: Angular
  • Tiered (MVC) or Identity Server Seperated (Angular): no (single host)
  • Exception message and stack trace: None
  • Steps to reproduce the issue:

The setup works find on the developers machine using localhost, and local database. Looking to now deploy using the following:

  • Nginx reverse proxy
    • host angular front end
    • host API redirect
  • AWS ec2 instance with ports 80, 443, and 5000 allowed
  • RDS database setup as postgreSQL 12.4 (version used in development)
  • dotnet kestrel service bound to localhost:5000 (Nginx redirects public_ip:5000 to this)

Angular environment file - replace <public_ip> with actual public address <br>

import { Config } from '@abp/ng.core';
const baseUrl = 'http://<public_ip>:80';
export const environment = {
    production: false,
    application: {
        baseUrl,
        name: 'Repros',
        logoUrl: '',
    },
    oAuthConfig: {
        issuer: 'http://<public_ip>:5000',
        redirectUri: baseUrl,
        clientId: 'Repros_App',
        responseType: 'code',
        scope: 'offline_access Repros',
    },
    apis: {
        default: {
            url: 'http://<public_ip>:5000',
            rootNamespace: 'eWater.Repros'
        },
    },
} as Config.Environment;

<br> Http.Host environment file - again replace <public_ip> with actual public address, same for connection string <br>

{ 
    "Urls": "[http://localhost:5000](http://localhost:5000)", 
    "App": { 
        "SelfUrl": "[http://localhost:5000](http://localhost:5000)", 
        "CorsOrigins": "http://<public_ip>,[http://localhost:80,http://localhost:4200](http://localhost:80,http://localhost:4200)" 
    }, 
    "ConnectionStrings": { 
        "Default": "<connection_string>" 
    }, 
    "AuthServer": { 
        "Authority": "[http://localhost:5000](http://localhost:5000)" 
    }
}

<br> Ngnix configuraiton file <br>

worker_processes 1;

events {
    worker_connections 1024;
}

http {
    include mime.types;
    default_type application/octet-stream;
    sendfile        on;
    keepalive_timeout  0;

    server {
        listen       80;
        index index.html;
        root scenario-datastore-debug/dist;
        ignore_invalid_headers off;
        underscores_in_headers on;
        location / {
            try_files $uri %uri/ /index.html;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
        root   html;
    }
}

server {
    listen        5000;
    location / {
        proxy_pass         [http://127.0.0.1:5000](http://127.0.0.1:5000);
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection keep-alive;
        proxy_set_header   Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }
}

<br> The resulting behaviour is the following:

  1. The front end starts up and the Angular front end loads into the index page with user logged out. 
  2. Clicking login results in the progress bar across the top, and only one endpoint being hit. Nothing is logged in the Host service log file. 

<br> Lastly I know the http host is working as expected as I can see it being called in the initial home page load.

I don't see any errors or activity in the dev console, host log, or nginx log. The script just seems to stop.

I am uncertain as to where to even start with an error like this. The dev environment works correctly, even having parts of it (i.e. not ng serve) go through nginx.

I found that the requireHttps for oAuth was set to the default of everything but localhost requires. So I turned this off and started getting the following error in the chrome dev console:

invalid issuer in discovery document expected: http://<public_ip>:5000 current: http://<public_ip>

My nginx configuration should be allowing this through, so confused as to what is occurring here.


27 Answer(s)
  • User Avatar
    0
    jason.smith created

    "hi jason.smith Can you create a new quesion?"

    "closing the issue, you can always reopen if you need help on the same issue."

    Sure. Please note this adds a full weekend to turn around now. Why not create a new issue and address start to address the issue there. Creating a new issue.

  • User Avatar
    0
    alper created
    Support Team

    @jason.smith if you think this is a subject of the Nginx reverse proxy problem, you can keep on discussing it here. If you think it's a separate issue, it'd be better to discuss it in a different thread. If you are worried about your question credits, I already increased your question credits by 1.

Made with ❤️ on ABP v9.2.0-preview. Updated on January 14, 2025, 14:54