- ABP Framework version: v5.1.3
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes / no
- Exception message and stack trace:
- Steps to reproduce the issue:"
Hi Team,
Impersonation works fine in case I Impersonate the user from master tenant.
When I logged into a specific tenant and try to impersonate user its not working Request: /connect/token (400 bad request) Reponse:"error": "invalid_request"
I checked and __tenant header is passing correctly
Form Body is as followed
access_token: eyJhbGciOiJSUzI1NiIsImtpZCI6IjFDNUMzM0IwNjY0MDczNTYxRDE3N0RDMzAyMDkzM0VCIiwidHlwIjoiYXQrand0In0.eyJuYmYiOjE2ODU1MjI3ODgsImV4cCI6MTcxNzA1ODc4OCwiaXNzIjoiaHR0cHM6Ly9tb3RydjIuY29tOjQ0MzY4IiwiYXVkIjoibW90ciIsImNsaWVudF9pZCI6Im1vdHJfQXBwIiwic3ViIjoiODAxOGQ2OWMtODQ3Ny0zN2VhLWRjOTEtM2EwYTg4OGY3OGFjIiwiYXV0aF90aW1lIjoxNjg1NTIyNzgwLCJpZHAiOiJsb2NhbCIsInRlbmFudGlkIjoiMzdmNjAyZjAtZjg5NS0yYTAwLTdkNzctM2EwYTg4OGY3NjYzIiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvZ2l2ZW5uYW1lIjoiYWRtaW4iLCJ1bmlxdWVfbmFtZSI6ImFkbWluIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJnaXZlbl9uYW1lIjoiYWRtaW4iLCJyb2xlIjoiYWRtaW4iLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOiJGYWxzZSIsImVtYWlsIjoibWlrZS50b2JpYXNAbWVyY2FuaXguY29tIiwiZW1haWxfdmVyaWZpZWQiOiJGYWxzZSIsImVkaXRpb25pZCI6IjkwY2UzZGVlLWVmNjEtYmU4Ni1jZDJkLTNhMDFmMWIzZDA3NyIsIm5hbWUiOiJhZG1pbiIsInNpZCI6IjkxRkZCMkY5MEFERkVBMUVBMENGNDc5NTA5MDJFNjhEIiwiaWF0IjoxNjg1NTIyNzg4LCJzY29wZSI6WyJvcGVuaWQiLCJtb3RyIiwib2ZmbGluZV9hY2Nlc3MiXSwiYW1yIjpbInB3ZCJdfQ.V0D_5BxCvv_LVufBrKq-yrckIQpbh4TWdwH9TwFZK6B3OXLUrLK8ONOM5irIFgmx3_dSQnKSgsWqxc_L8OInqfdTw2i3eqBPU1q2PRUAPh7uvQiLR_2a7iib3YVrtAmOka9sOz5ajsnqrC4z4-l-9ah9zyvT2yF-16bXEMlZALLSpo__Hmm0YwtcDAX1EP3y__ja6VjiSB6aJxzU0FGsoJlENznRv0voWU--Uqfx6DnrgkZZLvLN5OopRDHPYjKDHVgSvpw_vo47DMxz571fGcOB-wc9n47gY5GJtRhEJdog2wBL-j0rdCKYNskDmd9dzeGmb_2PnBLZTzwvoBThbw grant_type: Impersonation Client_Id: xxxx_App Client_Secret: null TenantId: xxx-xxx-x-xx--x UserId: exxxxe5f-e668-3be9-f01d-3a0b8341fxxx
4 Answer(s)
-
0
Reponse:"error": "invalid_request"
Could you share the full error logs? thanks.
-
0
Hi Thanks for reply
Here are the logs.
https://drive.google.com/file/d/14iT1yi5WXJBtT6OfSlyJmsYsWbh8OvVK/view?usp=drive_link
Thanks
-
0
System.ArgumentNullException: Value cannot be null. (Parameter 'value') at System.Security.Claims.Claim..ctor(String type, String value, String valueType, String issuer, String originalIssuer, ClaimsIdentity subject, String propertyKey, String propertyValue) at System.Security.Claims.Claim..ctor(String type, String value) at Volo.Abp.Account.Web.ExtensionGrantValidators.ImpersonationExtensionGrantValidator.ImpersonateUserAsync(ExtensionGrantValidationContext context, Nullable`1 tenantId, Guid userId) in D:\Teams\Work\Initto\mot-r-V2\aspnet-core\modules\Volo.Account.Pro\src\Volo.Abp.Account.Pro.Public.Web.IdentityServer\ExtensionGrantValidators\ImpersonationExtensionGrantValidator.cs:line 242 at Volo.Abp.Account.Web.ExtensionGrantValidators.ImpersonationExtensionGrantValidator.ValidateAsync(ExtensionGrantValidationContext context) in D:\Teams\Work\Initto\mot-r-V2\aspnet-core\modules\Volo.Account.Pro\src\Volo.Abp.Account.Pro.Public.Web.IdentityServer\ExtensionGrantValidators\ImpersonationExtensionGrantValidator.cs:line 124 at IdentityServer4.Validation.ExtensionGrantValidator.ValidateAsync(ValidatedTokenRequest request)
Abp is trying to add the current tenant's name to the claims, but the tenant's name is null. Can you check this tenant?
-
0
Hi Team,
Thanks, this resolved my issue.