Open Closed

Microservice communication 401 error #8288


User avatar
0
sefa created
  • ABP Framework version: v8.2.0
  • UI Type: Angular
  • Database System: EF Core (SQL Server, Oracle, MySQL, PostgreSQL, etc..)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes/no
  • Exception message and full stack trace:

CRM Service

[08:34:28 INF] Sending HTTP request GET http://192.168.1.105:44516/api/setting-service/product-group/by-merchant-id/c8909caa-775d-f757-aadb-3a1559e60015?api-version=1.0 [08:34:28 INF] Received HTTP response headers after 12.7151ms - 401 [08:34:28 INF] End processing HTTP request after 12.8701ms - 401 [08:34:28 ERR] ---------- RemoteServiceErrorInfo ---------- { "code": "Unauthorized", "message": "Unauthorized", "details": null, "data": null, "validationErrors": null }

[08:34:28 ERR] Unauthorized

Setting Service

[08:34:28 INF] Bearer was not authenticated. Failure message: IDX10223: Lifetime validation failed. The token is expired. ValidTo (UTC): '11/15/2024 8:28:35 AM', Current time (UTC): '11/15/2024 8:34:28 AM'. [08:34:28 INF] Executing endpoint 'MyProject.SettingService.ProductGroups.ProductGroupController.GetListByMerchantIdAsync (MyProject.SettingService.HttpApi)' [08:34:28 INF] Route matched with {area = "SettingService", action = "GetListByMerchantId", controller = "ProductGroup"}. Executing controller action with signature System.Threading.Tasks.Task1[System.Collections.Generic.List1[MyProject.SettingService.ProductGroups.ProductGroupDto]] GetListByMerchantIdAsync(System.Guid) on controller MyProject.SettingService.ProductGroups.ProductGroupController (MyProject.SettingService.HttpApi). [08:34:28 INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy [08:34:28 INF] Authorization failed. These requirements were not met: PermissionRequirement: SettingService.ProductGroups [08:34:28 WRN] ---------- RemoteServiceErrorInfo ---------- { "code": "Volo.Authorization:010001", "message": "Authorization failed! Given policy has not granted.", "details": null, "data": {}, "validationErrors": null }

[08:34:28 WRN] Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown. Volo.Abp.Authorization.AbpAuthorizationException: Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown.

  • Steps to reproduce the issue:
  1. I am sending a request to the merchant/detail endpoint.
  2. Merchant service is sending a request (http) to SettingService to get the details.
  3. The request sent at 8:32:00 is successful.
  4. The request sent at 8:34:00 gives a 401.
  5. When I look at the logs, it says that the token expired at 08:28:00. So how did the request sent at 8:32:00 return 200?

When I clear the redis cache, the problem is temporarily solved. A few minutes later, I encounter the same scenario again.

Note: I only have this problem with communication between microservices.


5 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    I am sending a request to the merchant/detail endpoint.

    could you share your code?

  • User Avatar
    0
    sefa created
         public MerchantAppService(
             IMerchantRepository merchantRepository,
             IProductGroupAppService productGroupAppService,
             ...
         )
         {
             _productGroupAppService = productGroupAppService;
             ...
         }
    
        public async Task<MerchantDetailDto> GetDetailAsync(Guid id)
        {
            MerchantDetailDto merchantDetail = new MerchantDetailDto();
            var merchant = await _merchantRepository.GetDetailAsync(id);
            merchantDetail.Merchant = ObjectMapper.Map<Merchant, MerchantDto>(merchant);
            merchantDetail.ProductGroups = await _productGroupAppService.GetListByMerchantIdAsync(id);
            ...
        }
    
  • User Avatar
    1
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    The problem is that the access_token's lifetime is short. You can change the cache expiration time

    When I look at the logs, it says that the token expired at 08:28:00. So how did the request sent at 8:32:00 return 200?

    This is the JWT token clock skew https://stackoverflow.com/questions/47153080/clock-skew-and-tokens

  • User Avatar
    1
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    The problem is that the access_token's lifetime is short. You can change the cache expiration time

    When I look at the logs, it says that the token expired at 08:28:00. So how did the request sent at 8:32:00 return 200?

    This is the JWT token clock skew https://stackoverflow.com/questions/47153080/clock-skew-and-tokens

  • User Avatar
    0
    sefa created

    Thanks. I changed the app token lifetime and the problem was solved.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 13, 2024, 06:09