Microservice communication 401 error #8288 | Support

sefa created 9 days ago

ABP Framework version: v8.2.0
UI Type: Angular
Database System: EF Core (SQL Server, Oracle, MySQL, PostgreSQL, etc..)
Tiered (for MVC) or Auth Server Separated (for Angular): yes/no
Exception message and full stack trace:

CRM Service

[08:34:28 INF] Sending HTTP request GET http://192.168.1.105:44516/api/setting-service/product-group/by-merchant-id/c8909caa-775d-f757-aadb-3a1559e60015?api-version=1.0 [08:34:28 INF] Received HTTP response headers after 12.7151ms - 401 [08:34:28 INF] End processing HTTP request after 12.8701ms - 401 [08:34:28 ERR] ---------- RemoteServiceErrorInfo ---------- { "code": "Unauthorized", "message": "Unauthorized", "details": null, "data": null, "validationErrors": null }

[08:34:28 ERR] Unauthorized

Setting Service

[08:34:28 INF] Bearer was not authenticated. Failure message: IDX10223: Lifetime validation failed. The token is expired. ValidTo (UTC): '11/15/2024 8:28:35 AM', Current time (UTC): '11/15/2024 8:34:28 AM'. [08:34:28 INF] Executing endpoint 'MyProject.SettingService.ProductGroups.ProductGroupController.GetListByMerchantIdAsync (MyProject.SettingService.HttpApi)' [08:34:28 INF] Route matched with {area = "SettingService", action = "GetListByMerchantId", controller = "ProductGroup"}. Executing controller action with signature System.Threading.Tasks.Task1[System.Collections.Generic.List1[MyProject.SettingService.ProductGroups.ProductGroupDto]] GetListByMerchantIdAsync(System.Guid) on controller MyProject.SettingService.ProductGroups.ProductGroupController (MyProject.SettingService.HttpApi). [08:34:28 INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy [08:34:28 INF] Authorization failed. These requirements were not met: PermissionRequirement: SettingService.ProductGroups [08:34:28 WRN] ---------- RemoteServiceErrorInfo ---------- { "code": "Volo.Authorization:010001", "message": "Authorization failed! Given policy has not granted.", "details": null, "data": {}, "validationErrors": null }

[08:34:28 WRN] Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown. Volo.Abp.Authorization.AbpAuthorizationException: Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown.

Steps to reproduce the issue:

I am sending a request to the merchant/detail endpoint.
Merchant service is sending a request (http) to SettingService to get the details.
The request sent at 8:32:00 is successful.
The request sent at 8:34:00 gives a 401.
When I look at the logs, it says that the token expired at 08:28:00. So how did the request sent at 8:32:00 return 200?

When I clear the redis cache, the problem is temporarily solved. A few minutes later, I encounter the same scenario again.

Note: I only have this problem with communication between microservices.

Go to accepted answer

5 Answer(s)

0

liangshiwei created 6 days ago
Support Team Fullstack Developer

I am sending a request to the merchant/detail endpoint.

could you share your code?

sefa created 6 days ago

     public MerchantAppService(
         IMerchantRepository merchantRepository,
         IProductGroupAppService productGroupAppService,
         ...
     )
     {
         _productGroupAppService = productGroupAppService;
         ...
     }

    public async Task<MerchantDetailDto> GetDetailAsync(Guid id)
    {
        MerchantDetailDto merchantDetail = new MerchantDetailDto();
        var merchant = await _merchantRepository.GetDetailAsync(id);
        merchantDetail.Merchant = ObjectMapper.Map<Merchant, MerchantDto>(merchant);
        merchantDetail.ProductGroups = await _productGroupAppService.GetListByMerchantIdAsync(id);
        ...
    }

1

liangshiwei created 6 days ago
Support Team Fullstack Developer

Hi,

The problem is that the access_token's lifetime is short. You can change the cache expiration time

When I look at the logs, it says that the token expired at 08:28:00. So how did the request sent at 8:32:00 return 200?

This is the JWT token clock skew https://stackoverflow.com/questions/47153080/clock-skew-and-tokens

1
1

liangshiwei created 6 days ago
Support Team Fullstack Developer

Hi,

The problem is that the access_token's lifetime is short. You can change the cache expiration time

When I look at the logs, it says that the token expired at 08:28:00. So how did the request sent at 8:32:00 return 200?

This is the JWT token clock skew https://stackoverflow.com/questions/47153080/clock-skew-and-tokens

1
0

sefa created 6 days ago

Thanks. I changed the app token lifetime and the problem was solved.

Have an answer to this question? Log in and write your answer.