Ends in:
5 DAYS
17 HRS
29 MIN
58 SEC
Ends in:
5 D
17 H
29 M
58 S

Activities of "maliming"

hi

You can debug the code to see why return new ForbidResult

bwt, the question has too many replies.

Can you create a new question to reply?

Thanks

hi

Please share a screenshot of your solution structure.

Please check the logs of the real API(api/account/my-profile) website.

but the grant extension method it doesn't validate the token.

I don't understand.

You can send the code to user, then pass userid and code to your grant extension

if the code is correct. Then, return the access token. in this way, you can use the access token to call the api.

hi

Are you using the gateway?

Please check the service logs.

500 error logs seem to be on other websites.

[14:10:09 INF] [] Request starting "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - null null
[14:10:09 INF] [] CORS policy execution successful.
[14:10:09 INF] [] Handling request: /api/account/my-profile
[14:10:09 INF] [] Handling request logProject: product
[14:10:09 INF] [] Handling request logProjectGroupName: /ecs/product-dev-gateway
[14:10:09 INF] [] Handling request logProject change tenant: product
[14:10:09 INF] [Product] Executing endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"'
[14:10:09 INF] [Product] Route matched with "{area = \"account\", controller = \"Profile\", action = \"Get\", page = \"\"}". Executing controller action with signature "System.Threading.Tasks.Task`1[Volo.Abp.Account.ProfileDto] GetAsync()" on controller "Volo.Abp.Account.ProfileController" ("Volo.Abp.Account.Pro.Public.HttpApi").
[14:10:09 INF] [Product] Executed action "Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)" in 13.5452ms
[14:10:09 INF] [Product] Executed endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"'
[14:10:09 INF] [] Finished handling request.
[14:10:09 INF] [] Request finished "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - 500 null "application/json" 195.4187ms

hi

after calling the /api/account/my-profile API, I am encountering an internal server error.

Please call the API a few more times and share the log. Your log seems incomplete.

Thanks.

You can set log level to Debug

public class Program
{
    public async static Task<int> Main(string[] args)
    {
        Log.Logger = new LoggerConfiguration()
            .MinimumLevel.Debug()
            .MinimumLevel.Override("Microsoft.EntityFrameworkCore", LogEventLevel.Warning)
            .Enrich.FromLogContext()
            .WriteTo.Async(c => c.File("Logs/logs.txt"))
            .WriteTo.Async(c => c.Console())
            .CreateLogger();

hi

Something like this:

return new Microsoft.AspNetCore.Mvc.SignInResult(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, claimsPrincipal); will generate a access token.

namespace G1.health.AuthServer.PasswordlessAuthentication;

public class EmpowermTokenExtensionGrant : ITokenExtensionGrant
{
    public const string ExtensionGrantName = "PasswordlessLoginProvider";

    public string Name => ExtensionGrantName;
    
    public async Task<IActionResult> HandleAsync(ExtensionGrantContext context)
    {
        var userToken = context.Request.GetParameter("token").ToString();
        if (string.IsNullOrEmpty(userToken))
        {
            return new ForbidResult(
                new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
                properties: new AuthenticationProperties(new Dictionary<string, string>
                {
                    [OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidRequest
                }!));
        }

        var userId = context.Request.GetParameter("userid").ToString();
        if (string.IsNullOrEmpty(userId))
        {
            return new ForbidResult(
                new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
                properties: new AuthenticationProperties(new Dictionary<string, string>
                {
                    [OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidRequest
                }!));
        }

        var userManager = context.HttpContext.RequestServices.GetRequiredService<EmpowermIdentityUserManager>();
        var user = await userManager.GetByIdAsync(userId);

        if(!await UserManager.VerifyUserTokenAsync(user, "PasswordlessLoginProvider", "passwordless-auth", token))
        {
            return new ForbidResult(
                new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
                properties: new AuthenticationProperties(new Dictionary<string, string>
                {
                    [OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidRequest
                }!));
        }

        var userClaimsPrincipalFactory = context.HttpContext.RequestServices.GetRequiredService<IUserClaimsPrincipalFactory<Volo.Abp.Identity.IdentityUser>>();
        var claimsPrincipal = await userClaimsPrincipalFactory.CreateAsync(user);
        claimsPrincipal.SetScopes(principal.GetScopes());
        claimsPrincipal.SetResources(await GetResourcesAsync(context, principal.GetScopes()));

        await context.HttpContext.RequestServices.GetRequiredService<AbpOpenIddictClaimsPrincipalManager>().HandleAsync(context.Request, claimsPrincipal);

        return new Microsoft.AspNetCore.Mvc.SignInResult(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, claimsPrincipal);
    }

    private async Task<IEnumerable<string>> GetResourcesAsync(ExtensionGrantContext context, ImmutableArray<string> scopes)
    {
        var resources = new List<string>();
        if (!scopes.Any())
        {
            return resources;
        }

        await foreach (var resource in context.HttpContext.RequestServices.GetRequiredService<IOpenIddictScopeManager>().ListResourcesAsync(scopes))
        {
            resources.Add(resource);
        }
        return resources;
    }
}

hi

These code are not compatible with your case.

You should use UserManager.VerifyUserTokenAsync(user, "PasswordlessLoginProvider", "passwordless-auth", token) to check the code.

If the code is correct, you can generate the access_token for the user.

And there is no user in your token request. You can consider passing a userid in the request.

var transaction = await context.HttpContext.RequestServices.GetRequiredService<IOpenIddictServerFactory>().CreateTransactionAsync();
transaction.EndpointType = OpenIddictServerEndpointType.Introspection;
transaction.Request = new OpenIddictRequest
{
    ClientId = context.Request.ClientId,
    ClientSecret = context.Request.ClientSecret,
    Token = userToken
};

var notification = new OpenIddictServerEvents.ProcessAuthenticationContext(transaction);
var dispatcher = context.HttpContext.RequestServices.GetRequiredService<IOpenIddictServerDispatcher>();
await dispatcher.DispatchAsync(notification);

if (notification.IsRejected)
{
    return new ForbidResult(
        new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
        properties: new AuthenticationProperties(new Dictionary<string, string>
        {
            [OpenIddictServerAspNetCoreConstants.Properties.Error] = notification.Error ?? OpenIddictConstants.Errors.InvalidRequest,
            [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = notification.ErrorDescription,
            [OpenIddictServerAspNetCoreConstants.Properties.ErrorUri] = notification.ErrorUri
        }));
}

var principal = notification.GenericTokenPrincipal;
if (principal == null)
{
    return new ForbidResult(
        new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
        properties: new AuthenticationProperties(new Dictionary<string, string>
        {
            [OpenIddictServerAspNetCoreConstants.Properties.Error] = notification.Error ?? OpenIddictConstants.Errors.InvalidRequest,
            [OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = notification.ErrorDescription,
            [OpenIddictServerAspNetCoreConstants.Properties.ErrorUri] = notification.ErrorUri
        }));
}

Please share the error logs of the 500

Showing 91 to 100 of 8490 entries
Made with ❤️ on ABP v9.1.0-preview. Updated on November 26, 2024, 12:49