Unable to setup the code in my local environment about bing-maps-fleet-tracker HOT 11 OPEN

Hi Ankit,

This error is thrown when the connection string is invalid, or your connection is blocked by a firewall. Please double check that the SQL Server connection string value you inserted in "defaultConnection" setting points to an existing database that you can access from your local machine. It may help to verify that you can connect with any database client (eg. Sql Server Management Studio) using that connection string.

Since you mentioned this is a SQL Server instance hosted on Azure, please verify that the server firewall rules as configured from the azure portal allow your local machine's ip to connect.

Regards,
Mustafa

from bing-maps-fleet-tracker.

Hi MustafaLeithy,

I am Prashanth, I and Ankit both are working on this entire solution (Backend, Frontend and Mobile client) to setup in our local environment.

As per the instructions provided in the Readme file we have done the following steps:

Step 1: Backend Service setup
The above issue (connecting to SQL Server) is resolved by replacing with on-premise SQL Server with windows authentication. That is now I am able to Build the Backend Service and ran successfully from VS 2017. When I verify the Trackable database in my local SQL Server all the required tables are created. But in the browser it is throwing Http 500 error. Even I tried by accessing http://localhost:xxxx/api but no luck.

Registered the above local URL in Azure App registrations using our Tenant ID: [email protected] and provided App Id, Secret key, and Bing key in appsettings.json for Authorization.

Step 2: Frontend setup
Downloaded the Frontend code base from Git hub and installed all the pre-requisites. Finally able to run the Frontend application in NodeJS. As per the instructions provided in the Readme file I have replace the Backend url and Frontend url in environment.ts file.

While loading http://localhost:xxxx/assets it redirecting to https://login.microsoftonline.com/common/oauth2/v2.0/authorize with App Id and Backend URL as query string and throwing below error:

Sign in
Sorry, but we’re having trouble signing you in.

AADSTS50194: Application 'xxxxxxxxxxxx'(App Name) is not configured as a multi-tenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant.

Request Id: xxxxxxxx
Correlation Id: xxxxxxxxxxxxxx
Timestamp: 2019-08-21T09:12:45Z
Message: AADSTS50194: Application 'xxxxxxxxxxxxxx'(App Name) is not configured as a multi-tenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant.

Thanks,
Prashanth

from bing-maps-fleet-tracker.

Hello Prashanth,

This error indicates your Azure Active Directory application is not configured to support multi-tenancy.

When you are creating your AAD application, please make sure to choose the "Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)" option under "Supported account types" heading. Alternatively you can create the application from the https://apps.dev.microsoft.com portal which automatically does this for you.

If you are intentionally trying to limit the audience of your BMFT deployment to your organization only, then you will need to replace the /common/ in the "https://login.microsoftonline.com/common/oauth2/v2.0/authorize" url with your organization's tenant id. This URL is exposed in the appsettings.json file, under the section 'Authorization' with the title 'Authority'.

Regards,
Mustafa

from bing-maps-fleet-tracker.

Thanks Mustafa for the quick reply. I really appreciate for your time.

I have updated the App registration to configure as multi-tenancy support. Now It is redirected to the Backend application (URL given during the App Registration) which is running on my local machine like http://localhost:xxxx/api/users/accessdenied.

Any thoughts on this? Am I missing something in the Backend Service?

Do you have any Architectural diagram of the entire solution to understand the flow? If yes, please provide.

Thanks,
Prashanth

from bing-maps-fleet-tracker.

Adding to above...

Can you please provide some insights on how User module works. When I am accessing first time it should ask me for registration but here it is redirecting to access denied page in Backend service.

Let me put my understanding here:

1. Backend service is running in my local machine, which will serve for all the requests coming from Front end layer.
2. Front end (Admin portal) running on my local machine where we can register the Assets, Reports, etc....
3. In my case when open the Front end application it is redirecting AAD for authorization and than redirecting to Backend application where it will check for the user existence.
4. Since I am a new user it could not find my details and hence, throwing access denied error. What I thinking here is it should ask for registration instead it is giving access denied error.

Please suggest on how to proceed.

Thanks,
Prashanth

from bing-maps-fleet-tracker.

Hello Prashanth,

This scenario is handled with the "Owner Email" setting. For a user to sign up, another user has to approve his sign up request. So who approves the first user? The answer is that first user is created automatically and bypasses the approval process. However that first user must be signing in with the same email as is specified in the "Owner Email" setting. The setting is listed here as a required value.

Regards,
Mustafa

from bing-maps-fleet-tracker.

Thanks Mustafa.

Presently I am the owner and I used my tenant id [email protected] in appsetting.json and published the Backend Service to cloud.

Under Authentication/Authorization section on Azure I have changed to use Active directory.

When I run the front end service while loading it prompted me to select and authorize. After selecting my user id it was redirected to backend service with error message.

Finally it is not creating the user even for first time also.

How can I add/grant permissions to my other email id like [email protected] from where I am logged in instead of tenant id.

Thanks,
Prashanth

from bing-maps-fleet-tracker.

I am getting below error:

AADSTS700054: response_type 'id_token' is not enabled for the application.

from bing-maps-fleet-tracker.

Just had this issue after doing the one-click deployment.

It appears that by default, the one-click deployment does not enable "Implicit grant" with "ID tokens".

To resolve this issue, go to the following path:

Azure Portal > Azure Active Directory > App Registrations > Select your app registration for this app > Authentication > Advanced Settings > Implicit grant

Check the box for "ID Tokens" and it should resolve the AADSTS700054 issue.

We were able to log in and use the application both locally and in Azure after this.

May want to update the one-click deployment script to enable "ID Tokens" by default if possible.

from bing-maps-fleet-tracker.

from bing-maps-fleet-tracker.

We just ran the one-click deployment again and received the same 503 error as you. We had to delete the resource group generated by the deployment and all its resources. Then ran the one-click deployment again. After failing multiple times, on the 5th one-click deployment, the site opens properly. We still had to correct the ID Tokens issue to enable logging in properly.

from bing-maps-fleet-tracker.