Use `UrlHelpers's IsSubdomainOf` to check the wildcard domain.

framework/src/Volo.Abp.Core/Volo/Abp/Http/UrlHelpers.cs

@@ -6,6 +6,10 @@ public static class UrlHelpers
 {
     private const string WildcardSubdomain = "*.";
 
+    /// <summary>
+    /// Check if the subdomain is a subdomain of the domain.
+    /// The Uri must be absolute URI and the scheme, port, and host must be the same.
+    /// </summary>
     public static bool IsSubdomainOf(string subdomain, string domain)
     {
         if (Uri.TryCreate(subdomain, UriKind.Absolute, out var subdomainUri) &&
@@ -17,6 +21,10 @@ public static class UrlHelpers
         return false;
     }
 
+    /// <summary>
+    /// Check if the subdomain is a subdomain of the domain.
+    /// The Uri must be absolute URI and the scheme, port, and host must be the same.
+    /// </summary>
     public static bool IsSubdomainOf(Uri subdomain, Uri domain)
     {
         return subdomain.IsAbsoluteUri

modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs

@@ -34,6 +34,7 @@ using Volo.Abp.SettingManagement.Web;
 using Volo.Abp.TenantManagement;
 using Volo.Abp.TenantManagement.EntityFrameworkCore;
 using Volo.Abp.TenantManagement.Web;
+using Volo.Abp.Uow;
 
 namespace OpenIddict.Demo.Server;
 
@@ -116,7 +117,7 @@ public class OpenIddictServerModule : AbpModule
         PreConfigure<AbpOpenIddictWildcardDomainOptions>(options =>
         {
             options.EnableWildcardDomainSupport = true;
-            options.WildcardDomainsFormat.Add("https://{0}.abp.io/signin-oidc");
+            options.WildcardDomainsFormat.Add("https://*.abp.io");
         });
 
         PreConfigure<OpenIddictBuilder>(builder =>
@@ -155,8 +156,19 @@ public class OpenIddictServerModule : AbpModule
         });
     }
 
-    public async override Task OnApplicationInitializationAsync(ApplicationInitializationContext context)
+    public async override Task OnPreApplicationInitializationAsync(ApplicationInitializationContext context)
     {
+        using var uow = context.ServiceProvider.GetRequiredService<IUnitOfWorkManager>().Begin();
+        {
+            var dbContext = await context.ServiceProvider.GetRequiredService<IDbContextProvider<ServerDbContext>>().GetDbContextAsync();
+            if ((await dbContext.Database.GetPendingMigrationsAsync()).Any())
+            {
+                await dbContext.Database.MigrateAsync();
+            }
+
+            await uow.CompleteAsync();
+        }
+
         await context.ServiceProvider
             .GetRequiredService<IDataSeeder>()
             .SeedAsync();

modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpOpenIddictWildcardDomainBase.cs

@@ -1,10 +1,11 @@
-using System;
+using System.Linq;
 using System.Threading.Tasks;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Logging.Abstractions;
 using Microsoft.Extensions.Options;
+using Microsoft.IdentityModel.Tokens;
 using OpenIddict.Server;
-using Volo.Abp.Text.Formatting;
+using Volo.Abp.Http;
 
 namespace Volo.Abp.OpenIddict.WildcardDomains;
 
@@ -29,30 +30,24 @@ public abstract class AbpOpenIddictWildcardDomainBase<THandler, TOriginalHandler
 
     protected virtual Task<bool> CheckWildcardDomainAsync(string url)
     {
-        Logger.LogDebug("Checking wildcard domain for url: {url}", url);
-
-        foreach (var domainFormat in WildcardDomainOptions.WildcardDomainsFormat)
+        if (WildcardDomainOptions.WildcardDomainsFormat.IsNullOrEmpty())
         {
-            Logger.LogDebug("Checking wildcard domain format: {domainFormat}", domainFormat);
-            var extractResult = FormattedStringValueExtracter.Extract(url, domainFormat, ignoreCase: true);
-            if (extractResult.IsMatch)
-            {
-                Logger.LogDebug("Wildcard domain found for url: {url}", url);
-                return Task.FromResult(true);
-            }
+            Logger.LogDebug("No wildcard domain format configured.");
+            return Task.FromResult(false);
         }
 
-        foreach (var domainFormat in WildcardDomainOptions.WildcardDomainsFormat)
+        Logger.LogDebug("Checking wildcard domain for url: {url}", url);
+        foreach (var domain in WildcardDomainOptions.WildcardDomainsFormat.Select(domainFormat => domainFormat.Replace("{0}", "*")))
         {
-            Logger.LogDebug("Checking wildcard domain format: {domainFormat}", domainFormat);
-            if (domainFormat.Replace("{0}.", "").Equals(url, StringComparison.OrdinalIgnoreCase))
+            Logger.LogDebug("Checking wildcard domain format: {newDomainFormat}", domain);
+            if (UrlHelpers.IsSubdomainOf(url, domain))
             {
-                Logger.LogDebug("Wildcard domain found for url: {url}", url);
+                Logger.LogDebug("The url: {url} is a wildcard domain of: {domain}", url, domain);
                 return Task.FromResult(true);
             }
         }
 
-        Logger.LogDebug("Wildcard domain not found for url: {url}", url);
+        Logger.LogDebug("No wildcard domain found for url: {url}", url);
         return Task.FromResult(false);
     }
 }

modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpOpenIddictWildcardDomainOptions.cs

@@ -6,6 +6,9 @@ public class AbpOpenIddictWildcardDomainOptions
 {
     public bool EnableWildcardDomainSupport { get; set; }
 
+    /// <summary>
+    /// Wildcard domains format. For example: https://*.abp.io
+    /// </summary>
     public HashSet<string> WildcardDomainsFormat { get; }
 
     public AbpOpenIddictWildcardDomainOptions()