chore 优化authserver配置

Merge branch 'master' of https://git.konsoft.top/konsoft/KonSoft.Clean
chore 优化authserverAudience
2025-10-30 00:10:48 +08:00 · 2025-10-29 23:52:43 +08:00 · 2025-10-29 23:52:40 +08:00 · 2025-10-28 08:39:41 +08:00 · 2025-10-27 20:23:34 +08:00 · 2025-10-27 20:21:24 +08:00
8 changed files with 110 additions and 30 deletions
--- a/.gitignore
+++ b/.gitignore
@ -265,3 +265,4 @@ src/KonSoft.Admin.Blazor.Server.Tiered/Logs/*
 **/wwwroot/libs/*

 **/Logs/*
+**/logs.txt
--- a/applications/KonSoft.AuthServer/KonSoftAuthServerModule.cs
+++ b/applications/KonSoft.AuthServer/KonSoftAuthServerModule.cs
@ -26,6 +26,7 @@ using Volo.Abp.Localization;
 using Volo.Abp.Modularity;
 using Volo.Abp.OpenIddict;
 using Volo.Abp.Security.Claims;
+using Volo.Abp.UI.Navigation.Urls;
 using IPNetwork = Microsoft.AspNetCore.HttpOverrides.IPNetwork;

 namespace KonSoft;
@ -50,15 +51,20 @@ public class KonSoftAuthServerModule : AbpModule
        {
            builder.AddValidation(options =>
            {
-                options.AddAudiences("KonSoft");
+                options.AddAudiences(KonSoftConsts.AuthServerAudience);
                options.UseLocalServer();
                options.UseAspNetCore();
            });
        });

-        context.Services.Configure<ForwardedHeadersOptions>(options =>
+        PreConfigure<ForwardedHeadersOptions>(options =>
        {
-            options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+            options.ForwardedHeaders = ForwardedHeaders.XForwardedFor |
+                                       ForwardedHeaders.XForwardedProto |
+                                       ForwardedHeaders.XForwardedHost;
+
+            options.KnownNetworks.Add(new IPNetwork(IPAddress.Parse("::ffff:127.0.0.1"), 104));
+            options.KnownProxies.Add(IPAddress.Parse("::ffff:127.0.0.1"));
        });

        if (!hostingEnvironment.IsDevelopment())
@ -105,6 +111,16 @@ public class KonSoftAuthServerModule : AbpModule
            options.ApplicationName = "AuthServer";
        });

+        Configure<AppUrlOptions>(options =>
+        {
+            options.Applications["MVC"].RootUrl = configuration["App:SelfUrl"];
+            options.RedirectAllowedUrls.AddRange(configuration["App:RedirectAllowedUrls"]?.Split(',') ??
+                                                 Array.Empty<string>());
+
+            options.Applications["Angular"].RootUrl = configuration["App:ClientUrl"];
+            options.Applications["Angular"].Urls[AccountUrlNames.PasswordReset] = "account/reset-password";
+        });
+
        Configure<AbpBackgroundJobOptions>(options => { options.IsJobExecutionEnabled = false; });

        context.Services.Configure<AbpClaimsPrincipalFactoryOptions>(options =>
@ -137,17 +153,16 @@ public class KonSoftAuthServerModule : AbpModule
        var app = context.GetApplicationBuilder();
        var env = context.GetEnvironment();

-        if (env.IsDevelopment())
+        app.UseForwardedHeaders();
+        app.Use(async (ctx, next) =>
        {
+            ctx.Request.Scheme = "https";
+            await next();
+        });
+
        app.UseDeveloperExceptionPage();
-            app.UseForwardedHeaders();
-        }
-        else
-        {
+        app.UseAbpRequestLocalization();
        app.UseErrorPage();
-            app.UseForwardedHeaders();
-            app.UseHsts();
-        }

        app.UseAbpRequestLocalization();

--- a/gateways/KonSoft.InternalGateway/Extensions/YarpSwaggerUIBuilderExtensions.cs
+++ b/gateways/KonSoft.InternalGateway/Extensions/YarpSwaggerUIBuilderExtensions.cs
@ -0,0 +1,50 @@
+using Microsoft.AspNetCore.Builder;
+using Yarp.ReverseProxy.Configuration;
+namespace KonSoft.InternalGateway.Extensions
+{
+    public static class YarpSwaggerUIBuilderExtensions
+    {
+        public static IApplicationBuilder UseSwaggerUIWithYarp(this IApplicationBuilder app)
+        {
+            var serviceProvider = app.ApplicationServices;
+
+            app.UseSwagger();
+            app.UseSwaggerUI(options =>
+            {
+                var configuration = serviceProvider.GetRequiredService<IConfiguration>();
+                var logger = serviceProvider.GetRequiredService<ILogger<Program>>();
+                var proxyConfigProvider = serviceProvider.GetRequiredService<IProxyConfigProvider>();
+                var yarpConfig = proxyConfigProvider.GetConfig();
+
+                var routedClusters = yarpConfig.Clusters
+                    .SelectMany(t => t.Destinations,
+                        (clusterId, destination) => new { clusterId.ClusterId, destination.Value });
+
+                var groupedClusters = routedClusters
+                    .GroupBy(q => q.Value.Address)
+                    .Select(t => t.First())
+                    .Distinct()
+                    .ToList();
+                var gatewayUrl = configuration["GatewayUrl"];
+
+                options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+                options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
+                foreach (var clusterGroup in groupedClusters)
+                {
+                    var routeConfig = yarpConfig.Routes.FirstOrDefault(q =>
+                        q.ClusterId == clusterGroup.ClusterId);
+                    if (routeConfig == null)
+                    {
+                        logger.LogWarning($"Swagger UI: Couldn't find route configuration for {clusterGroup.ClusterId}...");
+                        continue;
+                    }
+                    
+                   // options.SwaggerEndpoint($"{clusterGroup.Value.Address}/swagger/v1/swagger.json", $"{routeConfig.RouteId} API");
+                    options.SwaggerEndpoint(new Uri(new Uri(!string.IsNullOrWhiteSpace(gatewayUrl)? gatewayUrl: clusterGroup.Value.Address), $"{routeConfig.RouteId.Split("-")[0]}/swagger/v1/swagger.json").AbsoluteUri, $"{routeConfig.RouteId} API");
+                }
+            });
+
+            return app;
+        }
+    }
+}
--- a/gateways/KonSoft.InternalGateway/Program.cs
+++ b/gateways/KonSoft.InternalGateway/Program.cs
@ -1,5 +1,9 @@
 using KonSoft.InternalGateway;
+using KonSoft.InternalGateway.Extensions;
 using KonSoft.Shared.Hosting.AspNetCore;
+using Microsoft.AspNetCore.Rewrite;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.OpenApi.Models;
 using Serilog;

 var assemblyName = typeof(Program).Assembly.GetName().Name!;
@ -17,11 +21,26 @@ try
        .AddAppSettingsSecretsJson()
        .UseAutofac()
        .UseSerilog();
+
+    builder.Services.AddAbpSwaggerGenWithOidc(builder.Configuration["AuthServer:Authority"]!, setupAction: options =>
+    {
+        options.SwaggerDoc("v1", new OpenApiInfo
+        {
+            Title = "Gateway",
+            Version = "v1"
+        });
+        options.DocInclusionPredicate((docName, description) => true);
+        options.CustomSchemaIds(type => type.FullName);
+    });
+
+
    builder.Services.AddReverseProxy()
        .LoadFromConfig(builder.Configuration.GetSection("ReverseProxy"));
+    builder.Services.AddControllers();
    await builder.AddApplicationAsync<InternalGatewayModule>();
    var app = builder.Build();
    await app.InitializeApplicationAsync();
+    app.UseSwaggerUIWithYarp();
    app.MapReverseProxy();
    app.MapGet("/heath", () => "Online");
    await app.RunAsync();
--- a/gateways/KonSoft.InternalGateway/appsettings.json
+++ b/gateways/KonSoft.InternalGateway/appsettings.json
@ -4,5 +4,10 @@
    "name": "KonSoft.InternalGateway",
    "nodes": "https://config.konsoft.top/",
    "secret": "DBE31703-14F9-4B01-893D-900B8380CE04"
+  },
+  "AuthServer": {
+    "Authority": "https://devauth.konsoft.top",
+    "RequireHttpsMetadata": true,
+    "SwaggerClientId": "Gateway_Swagger"
  }
 }
--- a/microservices/KonSoft.Admin.HttpApi.Host/AdminHttpApiHostModule.cs
+++ b/microservices/KonSoft.Admin.HttpApi.Host/AdminHttpApiHostModule.cs
@ -26,7 +26,7 @@ public class AdminHttpApiHostModule : AbpModule
        SwaggerConfigurationHelper.ConfigureWithOidc(
            context,
            configuration["AuthServer:Authority"]!,
-            ["AdministrationService"],
+            ["Admin", "Dispatch", "Payment", "Report", "TenantManagement"],
            discoveryEndpoint: configuration["AuthServer:MetadataAddress"],
            apiTitle: "Administration Service API"
        );
--- a/microservices/KonSoft.Admin.HttpApi.Host/Properties/launchSettings.json
+++ b/microservices/KonSoft.Admin.HttpApi.Host/Properties/launchSettings.json
@ -6,18 +6,7 @@
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      },
-      "applicationUrl": "https://localhost:44354"
-    },
-    "Container (Dockerfile)": {
-      "commandName": "Docker",
-      "launchBrowser": true,
-      "launchUrl": "{Scheme}://{ServiceHost}:{ServicePort}",
-      "environmentVariables": {
-        "ASPNETCORE_HTTPS_PORTS": "8081",
-        "ASPNETCORE_HTTP_PORTS": "8080"
-      },
-      "publishAllPorts": true,
-      "useSSL": true
+      "applicationUrl": "http://localhost:44354"
    }
  },
  "$schema": "http://json.schemastore.org/launchsettings.json"
--- a/microservices/KonSoft.Admin.HttpApi.Host/appsettings.json
+++ b/microservices/KonSoft.Admin.HttpApi.Host/appsettings.json
@ -6,8 +6,9 @@
    "secret": "DBE31703-14F9-4B01-893D-900B8380CE04"
  },
  "AuthServer": {
-    "Authority": "https://localhost:44322",
-    "RequireHttpsMetadata": true,
-    "SwaggerClientId": "Admin_Swagger"
+    "Authority": "https://devauth.konsoft.top",
+    "RequireHttpsMetadata": false,
+    "SwaggerClientId": "Dev_Admin_Swagger",
+    "MetadataAddress": "https://devauth.konsoft.top"
  }
 }
Author	SHA1	Message	Date
张兆鑫	ea3a825825	chore 优化authserver配置	2025-10-30 00:10:48 +08:00
张兆鑫	90f0040f63	Merge branch 'master' of https://git.konsoft.top/konsoft/KonSoft.Clean	2025-10-29 23:52:43 +08:00
张兆鑫	d4e54f5709	chore 优化authserverAudience	2025-10-29 23:52:40 +08:00
叶建欣	8d9e7658d7	upd:把OAuthClientId和secret的获取移动到了循环的外面	2025-10-28 08:39:41 +08:00
张兆鑫	d340be4e2c	fix 调整authserver服务https代理配置	2025-10-27 20:23:34 +08:00
张兆鑫	4afd7924b7	chore 调整adminservice swagger	2025-10-27 20:21:24 +08:00
于鹏	30e5e6a4dc	upd	2025-10-27 15:53:21 +08:00
于鹏	df78f842f3	upd: appsettings	2025-10-27 15:42:26 +08:00
于鹏	5138daebea	upd: InternalGateWay AddAbpSwaggerGenWithOidc	2025-10-27 14:47:41 +08:00
于鹏	bbead3a651	upd: 网关swagger	2025-10-26 22:28:32 +08:00
于鹏	802624e7ea	upd: 网关swagger	2025-10-26 22:13:17 +08:00
于鹏	b2bccc34f5	upd: 忽略logs.txt文件	2025-10-26 22:12:46 +08:00
于鹏	f060641e97	upd: UseSwaggerUIWithYarp	2025-10-26 16:03:23 +08:00
于鹏	e7aaacc410	upd: 网关添加swagger	2025-10-26 15:35:38 +08:00
KarlsEcho	75cd096b60	upd：刚刚好像没加完	2025-10-26 15:25:45 +08:00
KarlsEcho	e4629b1771	Merge branch 'master' of https://git.konsoft.top/konsoft/KonSoft.Clean	2025-10-26 15:07:23 +08:00
KarlsEcho	b699762c1b	upd:在swagger里面聚合了Swagger	2025-10-26 15:07:13 +08:00