Activities of "DJudge"

1. We have built a custom Zapier connector to transfer data from an order form in Cognito Forms > ABP. The connector uses the data to generate a custom Stripe checkout URL. It worked last week.
2. It works on our developer's local machine with his local database. But when connecting from local machine to live database it throws the error.

**ABP Framework version: **v4.3.2

UI type: Angular / MVC

DB provider: EF Core

**Tiered (MVC) or Identity Server Separated (Angular): **yes ** **Exception message and stack trace: ****Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10205: Issuer validation failed. Issuer: 'System.String'. Did not match: validationParameters.ValidIssuer: 'System.String' or validationParameters.ValidIssuers: 'System.String'.

Steps to reproduce the issue:

Error message in full:

2023-07-19 22:28:37.467 +10:00 [INF] Executing ObjectResult, writing value of type 'Volo.Abp.Http.Modeling.ApplicationApiDescriptionModel'.
2023-07-19 22:28:37.480 +10:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.ApiExploring.AbpApiDefinitionController.Get (Volo.Abp.AspNetCore.Mvc) in 45.4639ms
2023-07-19 22:28:37.480 +10:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApiExploring.AbpApiDefinitionController.Get (Volo.Abp.AspNetCore.Mvc)'
2023-07-19 22:28:37.480 +10:00 [INF] Request finished HTTP/1.1 GET http://localhost:44363/api/abp/api-definition - - - 200 - application/json;+charset=utf-8 66.7054ms
2023-07-19 22:28:39.744 +10:00 [INF] Request starting HTTP/1.1 GET http://localhost:44363/api/app/subscription/checkout-session-url/?stripeAccount=AU&locale=auto&accountPayableEmail=vineet%40belani.com.au&plan=3&planProductId=prod_OA6MBexajdKl8H&planPriceId=price_1NNmADJpbmFTtQzMCzj1FnZR&planUserCount=1&trainingProductId=prod_NOd3sPjdre4qFo&trainingPriceId=price_1N2rr6JpbmFTtQzMUYFedLWp&trainingUserCount=1&coachingProductId=prod_NOd54xutUW9zac&coachingPriceId=price_1N2rq9JpbmFTtQzMVG4Z060T&coachingUserCount=1&couponId=&successUrl=https%3A%2F%2Fdesertfire.com.au%2Fpayment-success%2F&cancelUrl=https%3A%2F%2Fdfo-prod-web.azurewebsites.net%2Fcancel%2F&clientReferenceId=&currency=AUD&pipeDriveId=694 application/json -
2023-07-19 22:28:39.766 +10:00 [INF] Failed to validate the token.
Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10205: Issuer validation failed. Issuer: 'System.String'. Did not match: validationParameters.ValidIssuer: 'System.String' or validationParameters.ValidIssuers: 'System.String'.
   at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters)
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateIssuer(String issuer, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
2023-07-19 22:28:39.766 +10:00 [INF] Bearer was not authenticated. Failure message: IDX10205: Issuer validation failed. Issuer: 'System.String'. Did not match: validationParameters.ValidIssuer: 'System.String' or validationParameters.ValidIssuers: 'System.String'.
2023-07-19 22:28:39.773 +10:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: Ppm.Subscriptions.GenerateCheckoutSession
2023-07-19 22:28:39.774 +10:00 [INF] AuthenticationScheme: Identity.Application was challenged.
2023-07-19 22:28:39.774 +10:00 [INF] Request finished HTTP/1.1 GET http://localhost:44363/api/app/subscription/checkout-session-url/?stripeAccount=AU&locale=auto&accountPayableEmail=vineet%40belani.com.au&plan=3&planProductId=prod_OA6MBexajdKl8H&planPriceId=price_1NNmADJpbmFTtQzMCzj1FnZR&planUserCount=1&trainingProductId=prod_NOd3sPjdre4qFo&trainingPriceId=price_1N2rr6JpbmFTtQzMUYFedLWp&trainingUserCount=1&coachingProductId=prod_NOd54xutUW9zac&coachingPriceId=price_1N2rq9JpbmFTtQzMVG4Z060T&coachingUserCount=1&couponId=&successUrl=https%3A%2F%2Fdesertfire.com.au%2Fpayment-success%2F&cancelUrl=https%3A%2F%2Fdfo-prod-web.azurewebsites.net%2Fcancel%2F&clientReferenceId=&currency=AUD&pipeDriveId=694 application/json - - 302 0 - 29.8742ms
2023-07-19 22:28:40.677 +10:00 [INF] Request starting HTTP/1.1 GET http://localhost:44363/Account/Login?ReturnUrl=%2Fapi%2Fapp%2Fsubscription%2Fcheckout-session-url%2F%3FstripeAccount%3DAU%26locale%3Dauto%26accountPayableEmail%3Dvineet%2540belani.com.au%26plan%3D3%26planProductId%3Dprod_OA6MBexajdKl8H%26planPriceId%3Dprice_1NNmADJpbmFTtQzMCzj1FnZR%26planUserCount%3D1%26trainingProductId%3Dprod_NOd3sPjdre4qFo%26trainingPriceId%3Dprice_1N2rr6JpbmFTtQzMUYFedLWp%26trainingUserCount%3D1%26coachingProductId%3Dprod_NOd54xutUW9zac%26coachingPriceId%3Dprice_1N2rq9JpbmFTtQzMVG4Z060T%26coachingUserCount%3D1%26couponId%3D%26successUrl%3Dhttps%253A%252F%252Fdesertfire.com.au%252Fpayment-success%252F%26cancelUrl%3Dhttps%253A%252F%252Fdfo-prod-web.azurewebsites.net%252Fcancel%252F%26clientReferenceId%3D%26currency%3DAUD%26pipeDriveId%3D694 application/json -
2023-07-19 22:28:40.697 +10:00 [INF] Failed to validate the token.
Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10205: Issuer validation failed. Issuer: 'System.String'. Did not match: validationParameters.ValidIssuer: 'System.String' or validationParameters.ValidIssuers: 'System.String'.
   at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters)
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateIssuer(String issuer, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
   at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
2023-07-19 22:28:40.697 +10:00 [INF] Bearer was not authenticated. Failure message: IDX10205: Issuer validation failed. Issuer: 'System.String'. Did not match: validationParameters.ValidIssuer: 'System.String' or validationParameters.ValidIssuers: 'System.String'.
2023-07-19 22:28:40.704 +10:00 [INF] Executing endpoint '/Account/Login'
2023-07-19 22:28:40.704 +10:00 [INF] Route matched with {page = "/Account/Login", action = "", controller = "", area = ""}. Executing page /Account/Login
2023-07-19 22:28:40.704 +10:00 [INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy
2023-07-19 22:28:40.713 +10:00 [INF] Executing handler method Volo.Abp.Account.Public.Web.Pages.Account.PpmLoginModel.OnGetAsync - ModelState is "Valid"
2023-07-19 22:28:40.718 +10:00 [INF] Executed handler method OnGetAsync, returned result Microsoft.AspNetCore.Mvc.RazorPages.PageResult.
2023-07-19 22:28:40.819 +10:00 [DBG] Added bundle 'Lepton.Global' to the page in 0.36 ms.
2023-07-19 22:28:40.825 +10:00 [DBG] Added bundle 'Lepton.Global' to the page in 1.26 ms.
2023-07-19 22:28:40.826 +10:00 [INF] Executed page /Account/Login in 121.3286ms
2023-07-19 22:28:40.826 +10:00 [INF] Executed endpoint '/Account/Login'
2023-07-19 22:28:40.826 +10:00 [INF] Request finished HTTP/1.1 GET http://localhost:44363/Account/Login?ReturnUrl=%2Fapi%2Fapp%2Fsubscription%2Fcheckout-session-url%2F%3FstripeAccount%3DAU%26locale%3Dauto%26accountPayableEmail%3Dvineet%2540belani.com.au%26plan%3D3%26planProductId%3Dprod_OA6MBexajdKl8H%26planPriceId%3Dprice_1NNmADJpbmFTtQzMCzj1FnZR%26planUserCount%3D1%26trainingProductId%3Dprod_NOd3sPjdre4qFo%26trainingPriceId%3Dprice_1N2rr6JpbmFTtQzMUYFedLWp%26trainingUserCount%3D1%26coachingProductId%3Dprod_NOd54xutUW9zac%26coachingPriceId%3Dprice_1N2rq9JpbmFTtQzMVG4Z060T%26coachingUserCount%3D1%26couponId%3D%26successUrl%3Dhttps%253A%252F%252Fdesertfire.com.au%252Fpayment-success%252F%26cancelUrl%3Dhttps%253A%252F%252Fdfo-prod-web.azurewebsites.net%252Fcancel%252F%26clientReferenceId%3D%26currency%3DAUD%26pipeDriveId%3D694 application/json - - 200 - text/html;+charset=utf-8 148.8182ms

Hi,

We have been facing two critical issues and would appreciate your prompt help. We'll provide a detailed description of our app and how to reproduce the issue.

We use ABP for the backend and Angular as the client for the frontend. Our Angular app uses Office-JS technology to create a Microsoft Word Add-in.

The connection and API calls from the Angular app and ABP are working flawlessly throughout the app. However, only two issues are still happening and we don't know how to resolve them.

When the timeout expires, an error message is displayed in the console log and users will be kicked of the app. After that, trying to call the Login function again doesn't work, and trying to click the button to redirect to ABP login page doesn't work as the connection has been lost. It works only after several quick clicks on the button or when we close and restart the app.

Can you please help us understand why this happens and how can we resolve it? Can we handle that error using ABP or Angular?

We suspect that perhaps we're not implementing the login logic correctly. Can you please take a look on how we implement it and advice if we need to change anything?

1. We use this variable (function) to check if the user is logged in or not: get hasLoggedIn(): boolean { return this.oAuthService.hasValidAccessToken(); }

2. We check the variable hasLoggedIn in the homepage to display different UIs accordingly: <div *ngIf="hasLoggedIn"> <!-- User is logged in, show the application menus, etc --> </div> <div *ngIf="!hasLoggedIn"> <!-- User is not logged in, show the splash screen with login button to direct to ABP login page --> </div>

3. When users click on Login button, the following function is called that will redirect to ABP login page: Login(event: any) { event.target.disabled = true; this.authService.navigateToLogin(); }

Can you please advice if that's the recommended way to check if users are logged in? We noticed that hasLoggedIn is being called constantly when we debug it, but perhaps that's how it's intended to be.

Summary of our questions:

1. How to handle or resolve the token refresh error mentioned above?
2. Are we checking for logged in users correctly?
3. When it comes to tracking timeout before it expires, do we handle that in Angular or in ABP? Can you share any resources on how to do so please?
4. Sometimes the token expiry timeout happens before the specified time, instead of 30 seconds it happens after 15 is that normal?
5. After the timeout issue happens, clicking the login page to redirect to ABP login page doesn't work and the button must be clicked several times quickly for it to work, any suggestions of the reason?

• ABP Framework version: v4.3.2
• UI type: Angular / MVC
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): yes
• Exception message and stack trace: Error refreshing token
• Steps to reproduce the issue:
  1. Set the Access Token Lifetime to a small value for testing: 30 seconds.
  2. Wait until the timeout expires, two error messages will appear in the console log:
     1. Error: POST https://localhost:44363/connect/token 400
     2. Error refreshing token

Thank you for your help.

Hi,

We are using MVC 4.3.2 with Angular, how do we get access to edition id and edition name for the current logged-in user?