Comments (20)
Hey, @Boriszn I solved the issue using hosts file in windows.
🎆 🍾 🔥
According to this StackOverflow question, in Windows, there are issues present while using localhost
within container services. We should use the service name
.
Hence, I defined the following two values in the hosts
file present in
C:\Windows\System32\drivers\etc\hosts.
127.0.0.1 devicemanager.api
127.0.0.1 devicemanager.identityserver
Then modified docker-compose.override.yml
file with below settings
services:
devicemanager.api:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- AUTHENTICATION_AUTHORITY=http://devicemanager.identityserver:5000
- ASPNETCORE_URLS=http://0.0.0.0:5001
ports:
- "5001:5001"
devicemanager.identityserver:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=http://0.0.0.0:5000
- SWAGGER_CLIENT=http://devicemanager.api:5001
ports:
- "5000:5000"
Then changed launchsettings.json
"profiles": {
"IIS Express": {
"commandName": "IISExpress",
"launchBrowser": true,
"launchUrl": "swagger",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development",
"AUTHENTICATION_AUTHORITY": "http://devicemanager.identityserver:5000/"
},
"applicationUrl": "http://devicemanager.api:5001"
},
"DeviceManagerApi": {
"commandName": "Project",
"launchBrowser": true,
"launchUrl": "swagger",
"environmentVariables": {
"ASPNETCORE_ENVIRONMENT": "Development",
"AUTHENTICATION_AUTHORITY": "http://devicemanager.identityserver:5000/"
},
"applicationUrl": "http://devicemanager.api:5001"
},
"Docker": {
"commandName": "Docker",
"launchBrowser": true,
"launchUrl": "http://devicemanager.api:5001/swagger"
}
}
The docker file looks like
FROM microsoft/dotnet:2.1-aspnetcore-runtime AS base
WORKDIR /app
EXPOSE 5001
FROM microsoft/dotnet:2.1-sdk AS build
WORKDIR /src
COPY ["src/DeviceManager.Api/DeviceManager.Api.csproj", "src/DeviceManager.Api/"]
RUN dotnet restore "src/DeviceManager.Api/DeviceManager.Api.csproj"
COPY . .
WORKDIR "/src/src/DeviceManager.Api"
RUN dotnet build "DeviceManager.Api.csproj" -c Release -o /app
FROM build AS publish
RUN dotnet publish "DeviceManager.Api.csproj" -c Release -o /app
FROM base AS final
WORKDIR /app
COPY --from=publish /app .
ENTRYPOINT ["dotnet", "DeviceManager.Api.dll"]
Now the authentication is happening without any static IP configuration. The configuration works with/without docker-compose
.
One thing is running docker images need to be stopped when the user wants to run outside docker using docker stop image_id
.
TODO:
Currently, the identity server is using sqlite
as the database.
Add more clients for the console app.
Allow user to send queries from postman/restlet client
from devicemanager.api.
@Boriszn
🙌 🙌 🙌 🙌 🙌
🎆 🍾 🎉
Now unit tests are running under Authentication. Authentication is an add-on feature using the compiler switch UseAuthentication
. I will add new test cases for Authentication
and update the README.md
. Then create a new pull request.
from devicemanager.api.
I have implemented Bearer authentication. I will create a pull request this weekend.
from devicemanager.api.
@Boriszn
🎉🎉🎉
➕ ➕ 💥 ➕ ➕
Hey, I fixed the issue by using the static-IP address for each container in the docker-compose
file.
Authentication & Authorization both are working with or without docker.
Only, thing currently not working are Device-Api Test because they are also building the request context.
I will try to fix the same.
I have pushed the code to a new branch in my forked repository by the name Identity Server Integration. You can clone it and run.
Users can be configured in the Config file.
from devicemanager.api.
@rudreshgp Regarding Identity Server: Have you created Identity Server repository somewhere or you using some Identity Server online, as as service ?
Regarding docker issue, could please explain the issue (with authorization) in detail ;) ?
Thanks,
Boris
from devicemanager.api.
Hey @rudreshgp that's awesome.
Don't forget to put all you findings in the readme file.
I'm not completely get what is issue about. :) So you can't connect to the Identity server from docker container, Right ? If yes then you should not use localhost
names etc from the container and you should use IP.
I had same issue with SQL Server local instance (or express).
Regarding Identity Server. It is right, but I would like to create my own Identity Server Repository based on examples and templates, they provided here. IdentityServer4.Templates also would like to get it work with Azure Active directory.
from devicemanager.api.
Hi @rudreshgp
I think, creating Docker Network (or network bridge) may help.
Here the link with same issue:
I will try also tackle this issue in the future.
from devicemanager.api.
Hi @rudreshgp
Sounds quite impressive !!! ;) You overcome all issues. :)) Thank you a so much.
I've seen your PR, I will take a look.
Best Regards,
Boris
from devicemanager.api.
Hi, @Boriszn I added oauth2 bearer authentication to the project and now through Swagger-UI we can log in. Also, roles/claims support is added. I am now working on updating docker files as I have used sample project from idenityserver4 repository project for the identity server.
I will try to push the code to another branch where you can give feedback.
from devicemanager.api.
So in docker authentication is working but authorization is failing. I will try to fix the same.
from devicemanager.api.
Hi, @rudreshgp.
Thank you a lot for the question and input.
I would say, the first priority is bearer token.
However, Google, and Facebook (or at least one of them) would be nice to have. (as configurative option, for example)
Best Regards,
Boris
from devicemanager.api.
Currently, I am using IdentityServer4 server project provided by IdentityServer4 samples. But is it better to use an external service?
from devicemanager.api.
The issue with docker is, the client(Device Manager API) is not able to verify the authority which issued the token, Even both client and server are connected using localhost.
from devicemanager.api.
Yes. even though they connect using localhost
. The API can't verify identity authority while running in the container.
from devicemanager.api.
Hi, @Boriszn I have updated the project using templates you mentioned.
Also, I have added new claims by the name tenant_id
which stores tenant id for users and role
to store user type to limit the access to the resource.
The users having admin
role can access data from any tenant. Non admin
users need a claim by the name tenant_id
and value being the tenant they belong. Users now can't access data from other tenants.
Currently, data is stored in a local database file.
While running in docker compose it's facing the same issue as before because redirect URLs stored in the database are pointing to localhost address. I will try to fix the same.
from devicemanager.api.
bridge
network doesn't work for windows.
from devicemanager.api.
Hi @rudreshgp
Thank you a lot for the input.
I have some questions:
- Are you using docker-toolbox ? If yes you shouldn't because it is legacy solution, you should switch to
Docker for Windows: https://docs.docker.com/docker-for-windows/install/ Below is warn message from docker portal:
Docker Toolbox is for older Mac and Windows systems that do not meet the requirements of Docker Desktop for Mac and Docker Desktop for Windows. We recommend updating to the newer applications, if possible.
- In the Hosts you are using same IP for both services ? If yes how it can work then ? Or I missed something ? :)
- Identity Server aslo allows you to use SQL Server (LocalDb, Express, etc) http://docs.identityserver.io/en/latest/quickstarts/7_entity_framework.html I think It would be better to use it, isn't it ?.
@rudreshgp Could you please send me link to your implementation of IdentityServer ?
Best,
Boris
from devicemanager.api.
- I am using Docker Desktop for windows. Currently, need to update database settings to connect to local SQL express database.
- The local ports are mapped to access container images using localhost in
docker-compose.override.yml
I have created a Identity Server Integration branch in my fork.
from devicemanager.api.
Hey @rudreshgp .
Thank you a lot, I see the point.
As I understood, Connection to SQL Express/(local)
DB from Docker container, not an issue anymore, Right ?
from devicemanager.api.
The solution is to use the way you mentioned, by entering the IP Address.
One way we can handle this is by entering the IP address in .env
file and enabling remote connections.
We can then get the IP address value in the environment variable and replace it in the connection string.
from devicemanager.api.
Related Issues (11)
- Add automapper
- UOW for multiple entities instead of Transaction HOT 22
- Cannot run the project HOT 10
- UOW - Stored Proc HOT 5
- Connect from Docker container to the (local) resources like SQL, NoSQL etc.
- Delete Opertaion Query HOT 2
- EF Global Query filters HOT 4
- Dapper incorporation HOT 3
- Using single swagger documentation for different Version of Web Controllers?
- Get multiple child objects
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from devicemanager.api.