Activities of "Anjaneyulu"

• ABP Framework version: v7.0.0
• UI Type:MVC
• Database System: EF Core (SQL Server)
• Tiered (for MVC): yes
• Exception message and full stack trace:
• Steps to reproduce the issue:
• Create an application, try to login to application and check login request params in the inspect, password is visible.

I got an interesting case here... I could solve the above issue by writing extension to Identity EF core repository. No change in the calling function from the client application.

public class XSenseEfCoreIdentityUserRepository  : EfCoreIdentityUserRepository, IXSenseIdentityUserRepository
    {
        public XSenseEfCoreIdentityUserRepository(
        IDbContextProvider<IIdentityDbContext> dbContextProvider)
        : base(dbContextProvider)
        {
        }
        
    public virtual async Task<IdentityUser> GetIdentityUserDataAsync(Guid userId)
        {
            var dbContext = await GetDbContextAsync();
            var usersData = await dbContext.Set<IdentityUser>().IncludeDetails(true).Where(u => u.Id ==                                             userId).FirstOrDefaultAsync();
            return usersData;
        }
}

Now i have different issue with

idenityUsermanger.UpdateAsync(user)

Below is the stack trace:

An unhandled exception has occurred while executing the request.
System.OperationCanceledException: The operation was canceled.
   at System.Threading.CancellationToken.ThrowOperationCanceledException()
   at System.Threading.CancellationToken.ThrowIfCancellationRequested()
   at Volo.Abp.Identity.IdentityUserStore.GetSecurityStampAsync(IdentityUser user, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Identity.UserManager`1.GetSecurityStampAsync(TUser user)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Microsoft.AspNetCore.Identity.UserManager`1.ValidateUserAsync(TUser user)
   at Microsoft.AspNetCore.Identity.UserManager`1.UpdateUserAsync(TUser user)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at XSense.Controllers.ComputerController.GetAuthenticationCode(SendAuthenticationRequest request) in D:\Git_Sandbox\XSenseOne\src\XSense.HttpApi\Controllers\ComputerController.cs:line 1207
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask`1 actionResultValueTask)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.&lt;InvokeNextActionFilterAsync&gt;g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.&lt;InvokeInnerFilterAsync&gt;g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.&lt;InvokeNextExceptionFilterAsync&gt;g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ExceptionContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.&lt;InvokeNextResourceFilter&gt;g__Awaited|25_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.&lt;InvokeFilterPipelineAsync&gt;g__Awaited|20_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.&lt;InvokeAsync&gt;g__Logged|17_1(ResourceInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.&lt;InvokeAsync&gt;g__Logged|17_1(ResourceInvoker invoker)
   at Microsoft.AspNetCore.Routing.EndpointMiddleware.&lt;Invoke&gt;g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger)
   at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)
   at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)
   at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
   at Cotur.Abp.ApiKeyAuthorization.Http.ApiKeys.ApiKeyAuthorizationMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) in D:\Git_Sandbox\XSenseOne\modules\abp-api-key-authorization\src\Cotur.Abp.ApiKeyAuthorization.AspNetCore\ApiKeys\ApiKeyAuthorizationMiddleware.cs:line 50
   at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.&lt;&gt;c__DisplayClass6_1.&lt;&lt;UseMiddlewareInterface&gt;b__1>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Builder.ApplicationBuilderAbpOpenIddictMiddlewareExtension.&lt;&gt;c__DisplayClass0_0.&lt;&lt;UseAbpOpenIddictValidation&gt;b__0>d.MoveNext() in D:\Git_Sandbox\XSenseOne\modules\Volo.OpenIddict.Pro\src\Volo.Abp.OpenIddict.AspNetCore\Microsoft\AspNetCore\Builder\ApplicationBuilderAbpOpenIddictMiddlewareExtension.cs:line 21
--- End of stack trace from previous location ---
   at Volo.Abp.AspNetCore.Uow.AbpUnitOfWorkMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
   at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.&lt;&gt;c__DisplayClass6_1.&lt;&lt;UseMiddlewareInterface&gt;b__1>d.MoveNext()
--- End of stack trace from previous location ---
   at Volo.Abp.AspNetCore.ExceptionHandling.AbpExceptionHandlingMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
   at Volo.Abp.AspNetCore.ExceptionHandling.AbpExceptionHandlingMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
   at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.&lt;&gt;c__DisplayClass6_1.&lt;&lt;UseMiddlewareInterface&gt;b__1>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at XSense.Web.XSenseWebModule.&lt;&gt;c.&lt;&lt;OnApplicationInitialization&gt;b__18_1>d.MoveNext() in D:\Git_Sandbox\XSenseOne\src\XSense.Web\XSenseWebModule.cs:line 562
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Session.SessionMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Session.SessionMiddleware.Invoke(HttpContext context)
   at Volo.Abp.AspNetCore.Tracing.AbpCorrelationIdMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
   at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.&lt;&gt;c__DisplayClass6_1.&lt;&lt;UseMiddlewareInterface&gt;b__1>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.RequestLocalization.AbpRequestLocalizationMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
   at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.&lt;&gt;c__DisplayClass6_1.&lt;&lt;UseMiddlewareInterface&gt;b__1>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)

All the apis are working good earlier, but recently we have to flush the data and after that it seems we are having this issues. I couldnt guess what went wrong.

Hi,

Calling in golang application:

API : APIGetUser             string = "/api/pc/get-user-info"

Libhandle is structure to handle the api & db configuration , Where is client is an http client implementationf for api calls.

type LibHandle struct {
	db  *adapter.Adapter
	log logger.Logger
	cfg *Config
	c   *Client
}

Calling Function :

func (h *LibHandle) getUser(userName string, localUser bool) (*UserCrdential, bool, error) {
	uc, noLocalUser := h.getLocalUser(userName)
	mr := make(map[string]interface{})
	mr["UID"] = h.getUID()
	mr["UserName"] = userName

	``` req, err := h.getRequest("POST", APIGetUser, mr) ```
	if err != nil {
		h.log.Error("Failed to get user, failed to create API request", "err", err)
		if noLocalUser {
			return nil, false, err
		}
		return uc, true, nil
	}
	// q := req.URL.Query()
	// q.Add("UID", h.getUID())
	// q.Add("UserName", userName)
	// req.URL.RawQuery = q.Encode()

	```resp, err := h.c.Do(req) ```
	
	if err != nil {
		h.log.Error("Failed to get user, invalid response from the server", "err", err)
		if noLocalUser {
			return nil, false, err
		}
		return uc, true, nil
	}
	defer resp.Body.Close()
	if resp.StatusCode != http.StatusOK {
		h.log.Error("Failed to get user, get user failed with status", "status", resp.StatusCode)
		if noLocalUser {
			return nil, false, err
		}
		return uc, true, nil
	}
	var ud UserDetials
	err = jsonutil.DecodeJSONFromReader(resp.Body, &ud)
	if err != nil {
		h.log.Error("Failed to get user, failed to parse the json", "err", err)
		if noLocalUser {
			return nil, false, err
		}
		return uc, true, nil
	}

}

Function : Common function to form a request based on the provided method,route and inputs >> h.getRequest("POST", APIGetUser, Mr)

func (h *LibHandle) getRequest(method string, path string, model interface{}) (*http.Request, error) {
	req, err := h.c.JSONRequest(method, path, model)
	if err != nil {
		return nil, err
	}
	//req.Header.Add("XSENSE-APP-ID", h.cfg.AppID)
	req.Header.Add("XSENSE-API-KEY", h.cfg.AppSecret)
	return req, nil
}

func (c *Client) JSONRequest(method string, requestPath string, model interface{}) (*http.Request, error) {
	var body *bytes.Buffer
	if model != nil {
		j, err := json.Marshal(model)
		if err != nil {
			return nil, err
		}
		body = bytes.NewBuffer(j)
	} else {
		body = bytes.NewBuffer(make([]byte, 0))
	}
	url := &url.URL{
		Scheme: c.addr.Scheme,
		Host:   c.addr.Host,
		User:   c.addr.User,
		Path:   path.Join(c.addr.Path, requestPath),
	}
	req, err := http.NewRequest(method, url.RequestURI(), body)
	req.Host = url.Host
	req.URL.User = url.User
	req.URL.Scheme = url.Scheme
	req.URL.Host = url.Host
	req.Header.Set("Content-Type", "application/json")
	return req, err
}

Function : Common function to excute the request >>  resp, err := h.c.Do(req)

func (c *Client) Do(req *http.Request, timeout ...time.Duration) (*http.Response, error) {
	if timeout != nil {
		c.hc.Timeout = timeout[0]
	} else {
		c.hc.Timeout = c.defaultTimeout
	}
	return c.hc.Do(req)
}

Hope this helps .

• ABP Framework version: v7.3.2
• UI Type: MVC
• Database System: EF Core (SQL Server
• Tiered (for MVC) or Auth Server Separated (for Angular): yes/
• Exception message and full stack trace:

Task was cancelled & 
t Microsoft.EntityFrameworkCore.Storage.RelationalCommand.<ExecuteReaderAsync>d__19.MoveNext() at
 Microsoft.EntityFrameworkCore.Storage.RelationalCommand.<ExecuteReaderAsync>d__19.MoveNext() at 
 Microsoft.EntityFrameworkCore.Query.RelationalShapedQueryCompilingExpressionVisitor.ShaperProcessingExpressionVisitor.<<PopulateSplitIncludeCollectionAsync>g__InitializeReaderAsync|27_0>d`2.MoveNext() at
  Microsoft.EntityFrameworkCore.SqlServer.Storage.Internal.SqlServerExecutionStrategy.&lt;ExecuteAsync&gt;d__7`2.MoveNext() at Microsoft.EntityFrameworkCore.Query.RelationalShapedQueryCompilingExpressionVisitor.ShaperProcessingExpressionVisitor.<PopulateSplitIncludeCollectionAsync>d__27`2.MoveNext() at 
  Microsoft.EntityFrameworkCore.Query.RelationalShapedQueryCompilingExpressionVisitor.ShaperProcessingExpressionVisitor.&lt;TaskAwaiter&gt;d__37.MoveNext() at 
  Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable`1.AsyncEnumerator.<MoveNextAsync>d__21.MoveNext() at 
  Microsoft.EntityFrameworkCore.Query.ShapedQueryCompilingExpressionVisitor.<SingleOrDefaultAsync>d__15`1.MoveNext() at 
  Microsoft.EntityFrameworkCore.Query.ShapedQueryCompilingExpressionVisitor.&lt;SingleOrDefaultAsync&gt;d__15`1.MoveNext() at 
  Volo.Abp.Domain.Repositories.EntityFrameworkCore.EfCoreRepository`3.&lt;FindAsync&gt;d__2.MoveNext() at 
  Castle.DynamicProxy.AsyncInterceptorBase.&lt;ProceedAsynchronous&gt;d__14`1.MoveNext() at 
  Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.&lt;ProceedAsync&gt;d__7.MoveNext() at Volo.Abp.Uow.UnitOfWorkInterceptor.&lt;InterceptAsync&gt;d__2.MoveNext() at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.<InterceptAsync>d__3`1.MoveNext() at XSense.Controllers.ComputerController.&lt;GetUserInfo&gt;d__58.MoveNext() in

• Steps to reproduce the issue:

In the GetUserInfo api > I see an exception at >>>>> var userinfo = await identityrepository.FindAsync("userid");

Im getting the above exception when i call this api from APP, but it works fine with postman. I have checked the parameters and all are same.

Can you please let me know the possible cause.

If i have to give the updated files after install libs, what are the minimum file i need to share from the publish folder to client.

Thank you for prompt response . Will check and update you.

• ABP Framework version: v5
• UI Type: MVC
• • Database System: EF Core (SQL Server)
• Tiered (for MVC) or Auth Server Separated (for Angular): yes
• Exception message and full stack trace:
• Steps to reproduce the issue:

We have created a dotnet project with earlier versions of ABP framework on dotnet 3 and later upgraded the dotnet version to 5 and lepton theme with ABP framwork 5.

Now the issue is our client has raised a black box pointer regarding the datatables.net version of the jquery.

*** The below POC describes that Application is using vulnerable version of datatables.net v1.10.22 below mentioned is the cve id for it: jquery datatables.net v1.10.22 :- CVE-2020-28458,CVE-2021-2344 ***

I need to updagrade the jquery& datatable.net version with out disturbing any other things as the application in production. I need to make sure resolve the pointer in the best way possible. attaching here with the screenshots for your reference.

I do see the follwing in the yarn.lock file :

"@abp/datatables.net-bs4@~3.3.2": version "3.3.2" resolved "https://registry.yarnpkg.com/@abp/datatables.net-bs4/-/datatables.net-bs4-3.3.2.tgz#8f55957f2d9e1558ebef2e42e2661573d7d76447" integrity sha512-oERUHVPldaVL5z4CJX6cFkSBoa5IQUEYyyxGiV8zJ/mzZ7uiV2+hMrSP90R9J4625op9rU2+OJpDoZaj6wsULQ== dependencies: "@abp/datatables.net" "~3.3.2" datatables.net-bs4 "^1.10.21"

"@abp/datatables.net@~3.3.2": version "3.3.2" resolved "https://registry.yarnpkg.com/@abp/datatables.net/-/datatables.net-3.3.2.tgz#7a396dd06f4c7cddae534a59f9b21036b26d234a" integrity sha512-huB1A8aXDpS1CdE4t2NukZxTZnOuGy+8nRGlKVI3kMDD4tRveX5ITfgPEAY/CckcbSwjFP2zqbmFZiuqim7FaQ== dependencies: "@abp/jquery" "~3.3.2" datatables.net "^1.10.21"

Thanks & Appreciate your response ASAP.

Steps:

1. Run the demo server and login into application as host.
2. Create a tenant
3. Login into tenant page and add any openid client in the Openid applications
4. You can also check our sample ebanking in the test folder in repository
5. After adding an openid client in server, configure the client with the client,secret and default scopes.
6. Try logging in to the openid client application.
7. Try logout.
8. It is not logging out. If you open the url again it is navigating to the main page with out asking login credentials.

HI @maliming, we have created a basic abp project. @ https://github.com/rajasekhard2015/demo

Tried extending openid dict to tenant . Please check the commits to see what all changes we have made.

We were able to add client and do authentication. but we are having issue for logout.

Can you please help us. It very critical for our delivery.

• ABP Framework version: v6.0.1

• UI type: MVC

• DB provider: EF Core

• Tiered (MVC) or Identity Server Separated (Angular): yes

• Exception message and stack trace: AutoMapperConfigurationException: The following member on IdentityServer4.Models.ApiResource cannot be mapped:AllowedAccessTokenSigningAlgorithmsAdd a custom mapping expression, ignore, add a custom resolver, or modify the destination type IdentityServer4.Models.ApiResource.Context:Mapping to member AllowedAccessTokenSigningAlgorithms from Volo.Abp.IdentityServer.ApiResources.ApiResource to IdentityServer4.Models.ApiResourceException of type 'AutoMapper.AutoMapperConfigurationException' was thrown.

• Steps to reproduce the issue:"

• Upgrade abp framework from 5.2.0 to 6.0.1

• We are using identity server source code instead of packages.