chore 优化authserver配置

Merge branch 'master' of https://git.konsoft.top/konsoft/KonSoft.Clean
chore 优化authserverAudience
2025-10-30 00:10:48 +08:00 · 2025-10-29 23:52:43 +08:00 · 2025-10-29 23:52:40 +08:00 · 2025-10-28 08:39:41 +08:00 · 2025-10-27 20:23:34 +08:00 · 2025-10-27 20:21:24 +08:00
8 changed files with 67 additions and 36 deletions
--- a/.gitignore
+++ b/.gitignore
@ -265,3 +265,4 @@ src/KonSoft.Admin.Blazor.Server.Tiered/Logs/*
 **/wwwroot/libs/*
 **/Logs/*
 **/logs.txt
--- a/applications/KonSoft.AuthServer/KonSoftAuthServerModule.cs
+++ b/applications/KonSoft.AuthServer/KonSoftAuthServerModule.cs
@ -26,6 +26,7 @@ using Volo.Abp.Localization;
 using Volo.Abp.Modularity;
 using Volo.Abp.OpenIddict;
 using Volo.Abp.Security.Claims;
 using Volo.Abp.UI.Navigation.Urls;
 using IPNetwork = Microsoft.AspNetCore.HttpOverrides.IPNetwork;
 namespace KonSoft;
@ -50,15 +51,20 @@ public class KonSoftAuthServerModule : AbpModule
        {
            builder.AddValidation(options =>
            {
-                options.AddAudiences("KonSoft");
+                options.AddAudiences(KonSoftConsts.AuthServerAudience);
                options.UseLocalServer();
                options.UseAspNetCore();
            });
        });
-        context.Services.Configure<ForwardedHeadersOptions>(options =>
+        PreConfigure<ForwardedHeadersOptions>(options =>
        {
-            options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+            options.ForwardedHeaders = ForwardedHeaders.XForwardedFor |
                                       ForwardedHeaders.XForwardedProto |
                                       ForwardedHeaders.XForwardedHost;
            options.KnownNetworks.Add(new IPNetwork(IPAddress.Parse("::ffff:127.0.0.1"), 104));
            options.KnownProxies.Add(IPAddress.Parse("::ffff:127.0.0.1"));
        });
        if (!hostingEnvironment.IsDevelopment())
@ -105,6 +111,16 @@ public class KonSoftAuthServerModule : AbpModule
            options.ApplicationName = "AuthServer";
        });
        Configure<AppUrlOptions>(options =>
        {
            options.Applications["MVC"].RootUrl = configuration["App:SelfUrl"];
            options.RedirectAllowedUrls.AddRange(configuration["App:RedirectAllowedUrls"]?.Split(',') ??
                                                 Array.Empty<string>());
            options.Applications["Angular"].RootUrl = configuration["App:ClientUrl"];
            options.Applications["Angular"].Urls[AccountUrlNames.PasswordReset] = "account/reset-password";
        });
        Configure<AbpBackgroundJobOptions>(options => { options.IsJobExecutionEnabled = false; });
        context.Services.Configure<AbpClaimsPrincipalFactoryOptions>(options =>
@ -137,17 +153,16 @@ public class KonSoftAuthServerModule : AbpModule
        var app = context.GetApplicationBuilder();
        var env = context.GetEnvironment();
-        if (env.IsDevelopment())
+        app.UseForwardedHeaders();
        app.Use(async (ctx, next) =>
        {
-            app.UseDeveloperExceptionPage();
+            ctx.Request.Scheme = "https";
-            app.UseForwardedHeaders();
+            await next();
-        }
+        });
-        else
+
-        {
+        app.UseDeveloperExceptionPage();
-            app.UseErrorPage();
+        app.UseAbpRequestLocalization();
-            app.UseForwardedHeaders();
+        app.UseErrorPage();
            app.UseHsts();
        }
        app.UseAbpRequestLocalization();
--- a/gateways/KonSoft.InternalGateway/Extensions/YarpSwaggerUIBuilderExtensions.cs
+++ b/gateways/KonSoft.InternalGateway/Extensions/YarpSwaggerUIBuilderExtensions.cs
@ -1,4 +1,5 @@
-using Yarp.ReverseProxy.Configuration;
+using Microsoft.AspNetCore.Builder;
 using Yarp.ReverseProxy.Configuration;
 namespace KonSoft.InternalGateway.Extensions
 {
    public static class YarpSwaggerUIBuilderExtensions
@ -24,7 +25,10 @@ namespace KonSoft.InternalGateway.Extensions
                    .Select(t => t.First())
                    .Distinct()
                    .ToList();
                var gatewayUrl = configuration["GatewayUrl"];
                options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
                options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
                foreach (var clusterGroup in groupedClusters)
                {
                    var routeConfig = yarpConfig.Routes.FirstOrDefault(q =>
@ -35,9 +39,8 @@ namespace KonSoft.InternalGateway.Extensions
                        continue;
                    }
-                    options.SwaggerEndpoint($"{clusterGroup.Value.Address}/swagger/v1/swagger.json", $"{routeConfig.RouteId} API");
+                   // options.SwaggerEndpoint($"{clusterGroup.Value.Address}/swagger/v1/swagger.json", $"{routeConfig.RouteId} API");
-                    options.OAuthClientId(configuration["AuthServer:SwaggerClientId"]);
+                    options.SwaggerEndpoint(new Uri(new Uri(!string.IsNullOrWhiteSpace(gatewayUrl)? gatewayUrl: clusterGroup.Value.Address), $"{routeConfig.RouteId.Split("-")[0]}/swagger/v1/swagger.json").AbsoluteUri, $"{routeConfig.RouteId} API");
                    options.OAuthClientSecret(configuration["AuthServer:SwaggerClientSecret"]);
                }
            });
--- a/gateways/KonSoft.InternalGateway/Program.cs
+++ b/gateways/KonSoft.InternalGateway/Program.cs
@ -1,6 +1,9 @@
 using KonSoft.InternalGateway;
 using KonSoft.InternalGateway.Extensions;
 using KonSoft.Shared.Hosting.AspNetCore;
 using Microsoft.AspNetCore.Rewrite;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.OpenApi.Models;
 using Serilog;
 var assemblyName = typeof(Program).Assembly.GetName().Name!;
@ -18,14 +21,28 @@ try
        .AddAppSettingsSecretsJson()
        .UseAutofac()
        .UseSerilog();
    builder.Services.AddAbpSwaggerGenWithOidc(builder.Configuration["AuthServer:Authority"]!, setupAction: options =>
    {
        options.SwaggerDoc("v1", new OpenApiInfo
        {
            Title = "Gateway",
            Version = "v1"
        });
        options.DocInclusionPredicate((docName, description) => true);
        options.CustomSchemaIds(type => type.FullName);
    });
    builder.Services.AddReverseProxy()
        .LoadFromConfig(builder.Configuration.GetSection("ReverseProxy"));
    builder.Services.AddControllers();
    await builder.AddApplicationAsync<InternalGatewayModule>();
    var app = builder.Build();
    await app.InitializeApplicationAsync();
    app.UseSwaggerUIWithYarp();
    app.MapReverseProxy();
    app.MapGet("/heath", () => "Online");
    app.UseSwaggerUIWithYarp();
    await app.RunAsync();
    return 0;
--- a/gateways/KonSoft.InternalGateway/appsettings.json
+++ b/gateways/KonSoft.InternalGateway/appsettings.json
@ -4,5 +4,10 @@
    "name": "KonSoft.InternalGateway",
    "nodes": "https://config.konsoft.top/",
    "secret": "DBE31703-14F9-4B01-893D-900B8380CE04"
  },
  "AuthServer": {
    "Authority": "https://devauth.konsoft.top",
    "RequireHttpsMetadata": true,
    "SwaggerClientId": "Gateway_Swagger"
  }
 }
--- a/microservices/KonSoft.Admin.HttpApi.Host/AdminHttpApiHostModule.cs
+++ b/microservices/KonSoft.Admin.HttpApi.Host/AdminHttpApiHostModule.cs
@ -26,7 +26,7 @@ public class AdminHttpApiHostModule : AbpModule
        SwaggerConfigurationHelper.ConfigureWithOidc(
            context,
            configuration["AuthServer:Authority"]!,
-            ["AdministrationService"],
+            ["Admin", "Dispatch", "Payment", "Report", "TenantManagement"],
            discoveryEndpoint: configuration["AuthServer:MetadataAddress"],
            apiTitle: "Administration Service API"
        );
--- a/microservices/KonSoft.Admin.HttpApi.Host/Properties/launchSettings.json
+++ b/microservices/KonSoft.Admin.HttpApi.Host/Properties/launchSettings.json
@ -6,18 +6,7 @@
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      },
-      "applicationUrl": "https://localhost:44354"
+      "applicationUrl": "http://localhost:44354"
    },
    "Container (Dockerfile)": {
      "commandName": "Docker",
      "launchBrowser": true,
      "launchUrl": "{Scheme}://{ServiceHost}:{ServicePort}",
      "environmentVariables": {
        "ASPNETCORE_HTTPS_PORTS": "8081",
        "ASPNETCORE_HTTP_PORTS": "8080"
      },
      "publishAllPorts": true,
      "useSSL": true
    }
  },
  "$schema": "http://json.schemastore.org/launchsettings.json"
--- a/microservices/KonSoft.Admin.HttpApi.Host/appsettings.json
+++ b/microservices/KonSoft.Admin.HttpApi.Host/appsettings.json
@ -6,8 +6,9 @@
    "secret": "DBE31703-14F9-4B01-893D-900B8380CE04"
  },
  "AuthServer": {
-    "Authority": "https://localhost:44322",
+    "Authority": "https://devauth.konsoft.top",
-    "RequireHttpsMetadata": true,
+    "RequireHttpsMetadata": false,
-    "SwaggerClientId": "Admin_Swagger"
+    "SwaggerClientId": "Dev_Admin_Swagger",
    "MetadataAddress": "https://devauth.konsoft.top"
  }
 }
Author	SHA1	Message	Date
张兆鑫	ea3a825825	chore 优化authserver配置	2025-10-30 00:10:48 +08:00
张兆鑫	90f0040f63	Merge branch 'master' of https://git.konsoft.top/konsoft/KonSoft.Clean	2025-10-29 23:52:43 +08:00
张兆鑫	d4e54f5709	chore 优化authserverAudience	2025-10-29 23:52:40 +08:00
叶建欣	8d9e7658d7	upd:把OAuthClientId和secret的获取移动到了循环的外面	2025-10-28 08:39:41 +08:00
张兆鑫	d340be4e2c	fix 调整authserver服务https代理配置	2025-10-27 20:23:34 +08:00
张兆鑫	4afd7924b7	chore 调整adminservice swagger	2025-10-27 20:21:24 +08:00
于鹏	30e5e6a4dc	upd	2025-10-27 15:53:21 +08:00
于鹏	df78f842f3	upd: appsettings	2025-10-27 15:42:26 +08:00
于鹏	5138daebea	upd: InternalGateWay AddAbpSwaggerGenWithOidc	2025-10-27 14:47:41 +08:00
于鹏	bbead3a651	upd: 网关swagger	2025-10-26 22:28:32 +08:00
于鹏	802624e7ea	upd: 网关swagger	2025-10-26 22:13:17 +08:00
于鹏	b2bccc34f5	upd: 忽略logs.txt文件	2025-10-26 22:12:46 +08:00
于鹏	f060641e97	upd: UseSwaggerUIWithYarp	2025-10-26 16:03:23 +08:00
于鹏	e7aaacc410	upd: 网关添加swagger	2025-10-26 15:35:38 +08:00
KarlsEcho	75cd096b60	upd：刚刚好像没加完	2025-10-26 15:25:45 +08:00