- ABP Framework version: v8.2.0
- UI Type: Angular
- Database System: EF Core (SQL Server, Oracle, MySQL, PostgreSQL, etc..)
- Tiered (for MVC) or Auth Server Separated (for Angular): yes/no
- Exception message and full stack trace:
CRM Service
[08:34:28 INF] Sending HTTP request GET http://192.168.1.105:44516/api/setting-service/product-group/by-merchant-id/c8909caa-775d-f757-aadb-3a1559e60015?api-version=1.0 [08:34:28 INF] Received HTTP response headers after 12.7151ms - 401 [08:34:28 INF] End processing HTTP request after 12.8701ms - 401 [08:34:28 ERR] ---------- RemoteServiceErrorInfo ---------- { "code": "Unauthorized", "message": "Unauthorized", "details": null, "data": null, "validationErrors": null }
[08:34:28 ERR] Unauthorized
Setting Service
[08:34:28 INF] Bearer was not authenticated. Failure message: IDX10223: Lifetime validation failed. The token is expired. ValidTo (UTC): '11/15/2024 8:28:35 AM', Current time (UTC): '11/15/2024 8:34:28 AM'.
[08:34:28 INF] Executing endpoint 'MyProject.SettingService.ProductGroups.ProductGroupController.GetListByMerchantIdAsync (MyProject.SettingService.HttpApi)'
[08:34:28 INF] Route matched with {area = "SettingService", action = "GetListByMerchantId", controller = "ProductGroup"}. Executing controller action with signature System.Threading.Tasks.Task1[System.Collections.Generic.List
1[MyProject.SettingService.ProductGroups.ProductGroupDto]] GetListByMerchantIdAsync(System.Guid) on controller MyProject.SettingService.ProductGroups.ProductGroupController (MyProject.SettingService.HttpApi).
[08:34:28 INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy
[08:34:28 INF] Authorization failed. These requirements were not met:
PermissionRequirement: SettingService.ProductGroups
[08:34:28 WRN] ---------- RemoteServiceErrorInfo ----------
{
"code": "Volo.Authorization:010001",
"message": "Authorization failed! Given policy has not granted.",
"details": null,
"data": {},
"validationErrors": null
}
[08:34:28 WRN] Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown. Volo.Abp.Authorization.AbpAuthorizationException: Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown.
- Steps to reproduce the issue:
- I am sending a request to the merchant/detail endpoint.
- Merchant service is sending a request (http) to SettingService to get the details.
- The request sent at 8:32:00 is successful.
- The request sent at 8:34:00 gives a 401.
- When I look at the logs, it says that the token expired at 08:28:00. So how did the request sent at 8:32:00 return 200?
When I clear the redis cache, the problem is temporarily solved. A few minutes later, I encounter the same scenario again.
Note: I only have this problem with communication between microservices.
5 Answer(s)
-
0
I am sending a request to the merchant/detail endpoint.
could you share your code?
-
0
public MerchantAppService( IMerchantRepository merchantRepository, IProductGroupAppService productGroupAppService, ... ) { _productGroupAppService = productGroupAppService; ... } public async Task<MerchantDetailDto> GetDetailAsync(Guid id) { MerchantDetailDto merchantDetail = new MerchantDetailDto(); var merchant = await _merchantRepository.GetDetailAsync(id); merchantDetail.Merchant = ObjectMapper.Map<Merchant, MerchantDto>(merchant); merchantDetail.ProductGroups = await _productGroupAppService.GetListByMerchantIdAsync(id); ... }
-
1
Hi,
The problem is that the access_token's lifetime is short. You can change the cache expiration time
When I look at the logs, it says that the token expired at 08:28:00. So how did the request sent at 8:32:00 return 200?
This is the JWT token clock skew https://stackoverflow.com/questions/47153080/clock-skew-and-tokens
-
1
Hi,
The problem is that the access_token's lifetime is short. You can change the cache expiration time
When I look at the logs, it says that the token expired at 08:28:00. So how did the request sent at 8:32:00 return 200?
This is the JWT token clock skew https://stackoverflow.com/questions/47153080/clock-skew-and-tokens
-
0
Thanks. I changed the app token lifetime and the problem was solved.