Activities of "portx-dev"

Hi Masum,

I have a bug. ABP Framework version: v8.3.3

1. Create a new ABP project using the following command: abp new Acme.BookStore -u angular -dbms MySQL -m none --separate-auth-server --theme basic --pwa -csf
2. Configure the AccessTokenLifetime in your ABP (ASP.NET Core) back-end application to a short duration, such as 2 minutes.
3. Open Multiple Tabs: Launch your Angular application and open it in multiple browser tabs.
4. Wait for Token Expiry: Wait for the access token to expire after the 2-minute lifetime. Once the token expires, a Refresh Token process should be initiated in one or more tabs to acquire a new access token.
5. Observe the Behavior: All pages reload and get logged out.

I tried creating a new project, but the issue still occurs. All pages reload and get logged out.

I saw that the problem was reported to be fixed in v7.3. However, I am using v8.3.3. I tried downgrading to v8.2.2, and the problem disappeared. Please check this issue.

• ABP Framework version: v8.3.3
• UI Type: Angular
• Database System: EF Core (My SQL)
• Tiered (for MVC) or Auth Server Separated (for Angular): yes
• Exception message and full stack trace:
• Steps to reproduce the issue:
  • 1. Set Access Token Lifetime:
    • Configure the AccessTokenLifetime in your ABP (ASP.NET Core) back-end application to a short duration, such as 2 minutes. This can typically be done in the configuration settings or startup configuration for your authentication options.
  • 2. Open Multiple Tabs:
    • Launch your Angular application and open it in multiple browser tabs.
    • Ensure that all tabs are authenticated using the same session (i.e., logged in with the same user account)
  • 3. Wait for Token Expiry:
    • Wait for the access token to expire after the 2-minute lifetime.
    • Once the token expires, a Refresh Token process should be initiated in one or more tabs to acquire a new access token.
  • 4. Observe the Behavior:
    • Notice that when the refresh token request completes, all the open tabs are reloaded, which might disrupt the user experience.
  • This behavior can be unexpected, and understanding why all tabs reload when one tab initiates the refresh process is critical. This could be related to how the token management or session synchronization is handled across tabs in the ABP framework.
  • After the reload, observe that some screens are redirected to a 403 (Forbidden) page. This may indicate that certain state or authorization checks failed after the token refresh, leading to restricted access on those screens

@liangshiwei i sent log to your email, pls check it

I would like to provide you with more information about Error refreshing token (code 409) when updating ABP to version 8.3.2. Please check. Thanks

Error refreshing token { "headers": { "normalizedNames": "[Map]", "lazyUpdate": null, "lazyInit": "[Function] unknown" }, "status": 409, "statusText": "OK", "url": "https://huyendt.id.portx-test.com/connect/token", "ok": false, "name": "HttpErrorResponse", "message": "Http failure response for https://huyendt.id.portx-test.com/connect/token: 409 OK",

@liangshiwei pls give me your email, i will sent log file to email

Thanks, Can you explain more clearly that the override controller you mentioned is only intended to set infor to the cache so that the next call request will use the infor in the cache, right? If I understand correctly, it only helps improve the next calls. The first call does not change anything in speed, right? I would appreciate it if you could give me specific instructions on improving the [application-configuration] and [application-localization] APIs. because I am worried that the override will cause missing information in case ABP updates that API.

Thanks. I will check the source code again. By the way, can you answer my second question?

2.Can I alter the aforementioned API to increase speed?

i updated to 8.3.3 but the same log still appears

Nov 13 14:51:57.351
portx-id-server
Request starting "HTTP/1.1" "POST" "http"://"phuongntl_test.id.portx-test.com""""/connect/token""" - "application/x-www-form-urlencoded" 4216

Nov 13 14:51:57.351
portx-id-server
CORS policy execution successful.

Nov 13 14:51:57.352
portx-id-server
The request URI matched a server endpoint: Token.

Nov 13 14:51:57.353
portx-id-server
The token request was successfully extracted: "{
  \"grant_type\": \"refresh_token\",
  \"scope\": \"offline_access openid profile email phone PortX\",
  \"refresh_token\": \"[redacted]\",
  \"client_id\": \"PortX_App\"
}".

Nov 13 14:51:57.382
portx-id-server
The response was successfully returned as a JSON document: "{
  \"error\": \"invalid_grant\",
  \"error_description\": \"The specified token is invalid.\",
  \"error_uri\": \"https://documentation.openiddict.com/errors/ID2004\"
}".

Nov 13 14:51:57.383
portx-id-server
Request finished "HTTP/1.1" "POST" "https"://"phuongntl_test.id.portx-test.com""""/connect/token""" - 400 null "application/json;charset=UTF-8" 31.8096ms```