Summary Description In a freshly generated ABP v10.1.0 Tiered solution (Studio 2.2.1), there is a critical failure in permission resolution for the Web.Public (MVC/Razor) application when the CmsKit module is included. While the Angular UI functions correctly, the Web.Public app receives an empty grantedPolicies object in the Abp/ApplicationConfigurationScript response, effectively breaking all authorized UI elements.
Troubleshooting has revealed a "chained" failure in the template generation:
The OpenIddict Data Seeder fails to create the required CmsKit and CmsKitPublic scopes.
Even after manually patching the scopes and ensuring a successful OIDC handshake, the Permission/Feature Checkers on the Host/Public-Web boundary fail to populate the policies.
Additionally, a UI bug in ABP Studio incorrectly displays the --without-cms-kit flag in the solution configuration even when the module is present.
Check the docs before asking a question: https://abp.io/docs/latest - Checked. Check the samples to see the basic tasks: https://abp.io/docs/latest/samples - Checked. Search on the homepage: Checked. (Ref: Similar issues found in 10.x regarding empty grantedPolicies).
Solution Configurations Configuration 1: WORKING Solution (No CmsKit)
Template: app
Created ABP Studio Version: 2.2.1
Current ABP Studio Version: 2.2.1
Tiered: Yes
Multi-Tenancy: No
UI Framework: angular
Database Provider: ef
Database Management System: sqlserver
Public Website: Yes
Create Command: abp new Acs.Cts.Portal -t app --tiered --ui-framework angular --database-provider ef --database-management-system sqlserver --theme leptonx --skip-migration --skip-migrator --no-tests --public-website --without-cms-kit --dont-run-install-libs --dont-run-bundling --no-multi-tenancy --no-social-logins -file-management
Configuration 2: NON-WORKING Solution (Includes CmsKit)
Template: app
Created ABP Studio Version: 2.2.1
Current ABP Studio Version: 2.2.1
Tiered: Yes
Multi-Tenancy: No
UI Framework: angular
Database Provider: ef
Database Management System: sqlserver
Public Website: Yes
Optional Modules: CmsKit (Selected in UI)
Create Command (Observed Bug): abp new Acs.Cts.Portal -t app --tiered --ui-framework angular --database-provider ef --database-management-system sqlserver --theme leptonx --skip-migration --skip-migrator --no-tests --public-website --without-cms-kit --dont-run-install-libs --dont-run-bundling --no-multi-tenancy --no-social-logins -file-management
Note: Even though CmsKit was selected and packages are physically referenced in the solution, the Studio configuration window incorrectly displays --without-cms-kit.
Exception message and full stack trace Issue: The Web.Public (MVC/Razor) application fails to retrieve permissions for authenticated users when CmsKit is installed. The response from Abp/ApplicationConfigurationScript shows: "auth": { "grantedPolicies": {} }
Technical Findings during troubleshooting:
Missing Scopes: The v10.1 template/migrator failed to seed CmsKit and CmsKitPublic into the OpenIddictScopes table.
Invalid Scope Error: When manually adding these scopes to AbpOpenIdConnectOptions in the Web.Public module, OpenIddict returns error:invalid_scope (ID2052) because the scopes are missing from the database.
Persistent Empty Policies: After manually patching the OpenIddictDataSeedContributor to include these scopes and confirming the OIDC handshake succeeds with the correct scopes in the token, the grantedPolicies object remains empty.
Steps to reproduce the issue Create a brand new Tiered solution with Public Website using ABP Studio 2.2.1 (v10.1.0).
Select the CmsKit module during the creation process.
Run the migrations and start the AuthServer, HttpApi.Host, and Web.Public applications.
Log in as 'admin' on the Web.Public site.
Inspect the response of https://localhost:XXXX/Abp/ApplicationConfigurationScript.
Observe: The grantedPolicies object is empty { }.
Compare: Create an identical solution without CmsKit. Perform the same login.
Observe: grantedPolicies are correctly populated for the same 'admin' user.
Secondary Issues Observed ABP Studio Sync Bug: When creating a solution with CmsKit, the "Solution Configuration" window (and the generated CLI command) incorrectly lists the --without-cms-kit flag, even though the module is physically integrated into the solution.
Missing Data Seeding: The default DataSeeder for v10.1 tiered solutions appears to miss the required OpenIddict Scopes for CmsKit, preventing the Public Web client from successfully authorized communication with the API host out-of-the-box.
12 Answer(s)
-
0
I also encountered this issue, just comments out below dependents resolved it temporarily
//typeof(CmsKitProPublicWebModule), //typeof(CmsKitProWebModule), -
0
Well, this certainly seems similar - though I'm not even on 10.1 yet:
https://abp.io/support/questions/10481/Intermittent-GrantedPolicies--0-for-authenticated-user
-
0
hi
For abp 10.1:
Can you try to add the code below to your web project?
public override void ConfigureServices(ServiceConfigurationContext context) { context.Services.RemoveAll(x => x.ServiceType == typeof(IAbpApplicationConfigurationAppService) && x.ImplementationType == typeof(AbpApplicationConfigurationClientProxy)); context.Services.RemoveAll(x => x.ServiceType == typeof(IAbpTenantAppService) && x.ImplementationType == typeof(AbpTenantClientProxy)); }@kfrancis
I think your case is different from the current case. I will check it.
Thanks.
-
0
Hi
I tried the suggested change in both the boilerplate generated solution, and my own production solution and it didn't make any difference.
Calls to the web project https://localhost:44376/Abp/ApplicationConfigurationScript still return: "auth": { "grantedPolicies": {} },
Here is my PortalWebPublicModule.cs :
using System; using System.IO; using Medallion.Threading; using Medallion.Threading.Redis; using Microsoft.AspNetCore.Authentication.OpenIdConnect; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.Hosting; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Acs.Cts.Portal.Localization; using Acs.Cts.Portal.MultiTenancy; using Acs.Cts.Portal.Web.Public.Menus; using Acs.Cts.Portal.Web.Public.HealthChecks; using StackExchange.Redis; using Volo.Abp; using Volo.Abp.Studio; using Volo.Abp.AspNetCore.Authentication.OpenIdConnect; using Volo.Abp.AspNetCore.Mvc.Client; using Volo.Abp.AspNetCore.Mvc.Localization; using Volo.Abp.AspNetCore.Mvc.UI; using Volo.Abp.AspNetCore.Mvc.UI.Bootstrap; using Volo.Abp.AspNetCore.Mvc.UI.Bundling; using Volo.Abp.AspNetCore.Mvc.UI.Theme.LeptonX; using Volo.Abp.AspNetCore.Mvc.UI.Theme.LeptonX.Bundling; using Volo.Abp.LeptonX.Shared; using Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared; using Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Toolbars; using Volo.Abp.AspNetCore.Serilog; using Volo.Abp.Autofac; using Volo.Abp.Mapperly; using Volo.Abp.BackgroundJobs; using Volo.Abp.Caching; using Volo.Abp.Caching.StackExchangeRedis; using Volo.Abp.DistributedLocking; using Volo.Abp.Http.Client.IdentityModel.Web; using Volo.Abp.Http.Client.Web; using Volo.Abp.Modularity; using Volo.Abp.MultiTenancy; using Volo.Abp.Security.Claims; using Volo.Abp.UI; using Volo.Abp.UI.Navigation; using Volo.Abp.UI.Navigation.Urls; using Volo.Abp.VirtualFileSystem; using Owl.reCAPTCHA; using Volo.Abp.GlobalFeatures; using Volo.CmsKit.GlobalFeatures; using Volo.CmsKit.Pro.Public.Web; using Volo.CmsKit.Pro.Public.Web.Middlewares; using Volo.CmsKit.Comments; using Volo.Abp.Studio.Client.AspNetCore; using System.Collections.Generic; using Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations; using Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ClientProxies; using Volo.Abp.AspNetCore.Mvc.MultiTenancy; using Pages.Abp.MultiTenancy.ClientProxies;
namespace Acs.Cts.Portal.Web.Public;
[DependsOn( typeof(AbpAutofacModule), typeof(AbpCachingStackExchangeRedisModule), typeof(AbpDistributedLockingModule), typeof(AbpAspNetCoreSerilogModule), typeof(AbpStudioClientAspNetCoreModule), typeof(AbpAspNetCoreMvcUiLeptonXThemeModule), typeof(PortalHttpApiClientModule), typeof(CmsKitProPublicWebModule), typeof(PortalHttpApiModule), typeof(AbpAspNetCoreAuthenticationOpenIdConnectModule), typeof(AbpAspNetCoreMvcClientModule), typeof(AbpHttpClientWebModule), typeof(AbpHttpClientIdentityModelWebModule) )] public class PortalWebPublicModule : AbpModule { public override void PreConfigureServices(ServiceConfigurationContext context) { context.Services.PreConfigure<AbpMvcDataAnnotationsLocalizationOptions>(options => { options.AddAssemblyResource( typeof(PortalResource), typeof(PortalDomainSharedModule).Assembly, typeof(PortalApplicationContractsModule).Assembly, typeof(PortalWebPublicModule).Assembly ); }); }
public override void ConfigureServices(ServiceConfigurationContext context) { var hostingEnvironment = context.Services.GetHostingEnvironment(); var configuration = context.Services.GetConfiguration(); if (!configuration.GetValue<bool>("App:DisablePII")) { Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true; Microsoft.IdentityModel.Logging.IdentityModelEventSource.LogCompleteSecurityArtifact = true; } ConfigureStudio(hostingEnvironment); ConfigureBundles(); ConfigureUrls(configuration); ConfigureCache(configuration); ConfigureDataProtection(context, configuration, hostingEnvironment); ConfigureDistributedLocking(context, configuration); ConfigureMultiTenancy(); ConfigureAuthentication(context, configuration); ConfigureVirtualFileSystem(hostingEnvironment); ConfigureNavigationServices(configuration); ConfigureTheme(); ConfigureBackgroundJobs(); ConfigureHealthChecks(context); context.Services.AddreCAPTCHAV3(o => { o.SiteKey = "test"; o.SiteSecret = "test"; }); Configure<CmsKitCommentOptions>(options => { options.EntityTypes.Add(new CommentEntityTypeDefinition("SampleArticle")); }); context.Services.RemoveAll(x => x.ServiceType == typeof(IAbpApplicationConfigurationAppService) && x.ImplementationType == typeof(AbpApplicationConfigurationClientProxy)); context.Services.RemoveAll(x => x.ServiceType == typeof(IAbpTenantAppService) && x.ImplementationType == typeof(AbpTenantClientProxy)); } private void ConfigureStudio(IHostEnvironment hostingEnvironment) { if (hostingEnvironment.IsProduction()) { Configure<AbpStudioClientOptions>(options => { options.IsLinkEnabled = false; }); } } private void ConfigureBundles() { Configure<AbpBundlingOptions>(options => { options.StyleBundles.Configure( LeptonXThemeBundles.Styles.Global, bundle => { bundle.AddFiles("/global-styles.css"); } ); options.ScriptBundles.Configure( LeptonXThemeBundles.Scripts.Global, bundle => { bundle.AddFiles("/global-scripts.js"); } ); }); } private void ConfigureBackgroundJobs() { Configure<AbpBackgroundJobOptions>(options => { options.IsJobExecutionEnabled = false; }); } private void ConfigureTheme() { Configure<LeptonXThemeOptions>(options => { options.DefaultStyle = LeptonXStyleNames.System; }); Configure<LeptonXThemeMvcOptions>(options => { options.ApplicationLayout = LeptonXMvcLayouts.PublicWebsite; }); } private void ConfigureHealthChecks(ServiceConfigurationContext context) { context.Services.AddPortalPublicHealthChecks(); } private void ConfigureUrls(IConfiguration configuration) { Configure<AppUrlOptions>(options => { options.Applications["MVC"].RootUrl = configuration["App:SelfUrl"]; }); } private void ConfigureCache(IConfiguration configuration) { Configure<AbpDistributedCacheOptions>(options => { options.KeyPrefix = "Portal:"; }); } private void ConfigureMultiTenancy() { Configure<AbpMultiTenancyOptions>(options => { options.IsEnabled = MultiTenancyConsts.IsEnabled; }); } private void ConfigureAuthentication(ServiceConfigurationContext context, IConfiguration configuration) { context.Services.AddAuthentication(options => { options.DefaultScheme = "Cookies"; options.DefaultChallengeScheme = "oidc"; }) .AddCookie("Cookies", options => { options.ExpireTimeSpan = TimeSpan.FromDays(365); options.CheckTokenExpiration(); }) .AddAbpOpenIdConnect("oidc", options => { options.Authority = configuration["AuthServer:Authority"]; options.RequireHttpsMetadata = configuration.GetValue<bool>("AuthServer:RequireHttpsMetadata"); options.ResponseType = OpenIdConnectResponseType.CodeIdToken; options.ClientId = configuration["AuthServer:ClientId"]; options.ClientSecret = configuration["AuthServer:ClientSecret"]; options.SaveTokens = true; options.GetClaimsFromUserInfoEndpoint = true; options.Scope.Add("roles"); options.Scope.Add("email"); options.Scope.Add("phone"); options.Scope.Add("Portal"); options.Scope.Add("CmsKit"); options.Scope.Add("CmsKitPublic"); }); /* * This configuration is used when the AuthServer is running on the internal network such as docker or k8s. * Configuring the redirectin URLs for internal network and the web */ if (configuration.GetValue<bool>("AuthServer:IsOnK8s")) { context.Services.Configure<OpenIdConnectOptions>("oidc", options => { options.TokenValidationParameters.ValidIssuers = new[] { configuration["AuthServer:MetaAddress"]!.EnsureEndsWith('/'), configuration["AuthServer:Authority"]!.EnsureEndsWith('/') }; options.MetadataAddress = configuration["AuthServer:MetaAddress"]!.EnsureEndsWith('/') + ".well-known/openid-configuration"; var previousOnRedirectToIdentityProvider = options.Events.OnRedirectToIdentityProvider; options.Events.OnRedirectToIdentityProvider = async ctx => { // Intercept the redirection so the browser navigates to the right URL in your host ctx.ProtocolMessage.IssuerAddress = configuration["AuthServer:Authority"]!.EnsureEndsWith('/') + "connect/authorize"; if (previousOnRedirectToIdentityProvider != null) { await previousOnRedirectToIdentityProvider(ctx); } }; var previousOnRedirectToIdentityProviderForSignOut = options.Events.OnRedirectToIdentityProviderForSignOut; options.Events.OnRedirectToIdentityProviderForSignOut = async ctx => { // Intercept the redirection for signout so the browser navigates to the right URL in your host ctx.ProtocolMessage.IssuerAddress = configuration["AuthServer:Authority"]!.EnsureEndsWith('/') + "connect/endsession"; if (previousOnRedirectToIdentityProviderForSignOut != null) { await previousOnRedirectToIdentityProviderForSignOut(ctx); } }; }); } context.Services.Configure<AbpClaimsPrincipalFactoryOptions>(options => { options.IsDynamicClaimsEnabled = true; }); } private void ConfigureVirtualFileSystem(IWebHostEnvironment hostingEnvironment) { Configure<AbpVirtualFileSystemOptions>(options => { options.FileSets.AddEmbedded<PortalWebPublicModule>(); if (hostingEnvironment.IsDevelopment()) { options.FileSets.ReplaceEmbeddedByPhysical<PortalDomainSharedModule>(Path.Combine(hostingEnvironment.ContentRootPath, string.Format("..{0}Acs.Cts.Portal.Domain.Shared", Path.DirectorySeparatorChar))); options.FileSets.ReplaceEmbeddedByPhysical<PortalApplicationContractsModule>(Path.Combine(hostingEnvironment.ContentRootPath, string.Format("..{0}Acs.Cts.Portal.Application.Contracts", Path.DirectorySeparatorChar))); options.FileSets.ReplaceEmbeddedByPhysical<PortalWebPublicModule>(hostingEnvironment.ContentRootPath); } }); } private void ConfigureNavigationServices(IConfiguration configuration) { Configure<AbpNavigationOptions>(options => { options.MenuContributors.Add(new PortalPublicMenuContributor(configuration)); }); Configure<AbpToolbarOptions>(options => { options.Contributors.Add(new PortalToolbarContributor()); }); } private void ConfigureDataProtection( ServiceConfigurationContext context, IConfiguration configuration, IWebHostEnvironment hostingEnvironment) { if (AbpStudioAnalyzeHelper.IsInAnalyzeMode) { return; } var dataProtectionBuilder = context.Services.AddDataProtection().SetApplicationName("Portal"); if (!hostingEnvironment.IsDevelopment()) { var redis = ConnectionMultiplexer.Connect(configuration["Redis:Configuration"]!); dataProtectionBuilder.PersistKeysToStackExchangeRedis(redis, "Portal-Protection-Keys"); } } private void ConfigureDistributedLocking( ServiceConfigurationContext context, IConfiguration configuration) { if (AbpStudioAnalyzeHelper.IsInAnalyzeMode) { return; } context.Services.AddSingleton<IDistributedLockProvider>(sp => { var connection = ConnectionMultiplexer.Connect(configuration["Redis:Configuration"]!); return new RedisDistributedSynchronizationProvider(connection.GetDatabase()); }); } public override void OnApplicationInitialization(ApplicationInitializationContext context) { var app = context.GetApplicationBuilder(); var env = context.GetEnvironment(); if (GlobalFeatureManager.Instance.IsEnabled<UrlShortingFeature>()) { app.UseMiddleware<UrlShortingMiddleware>(); } if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } app.UseAbpRequestLocalization(); if (!env.IsDevelopment()) { app.UseErrorPage(); } app.UseRouting(); app.MapAbpStaticAssets(); app.UseAbpStudioLink(); app.UseAbpSecurityHeaders(); app.UseAuthentication(); if (MultiTenancyConsts.IsEnabled) { app.UseMultiTenancy(); } app.UseDynamicClaims(); app.UseAuthorization(); app.UseAbpSerilogEnrichers(); app.UseConfiguredEndpoints(); }}
-
0
hi
Does it work if you remove CmsKit modules?
//typeof(CmsKitProPublicWebModule)Thanks.
-
0
Yes - if I comment out that one depends on and the URL Shortening, then it works: "auth": { "grantedPolicies": { "FeatureManagement.ManageHostFeatures": true, "SettingManagement.Emailing": true, "SettingManagement.Emailing.Test": true, "SettingManagement.TimeZone": true, "AbpIdentity.Roles": true, "AbpIdentity.Roles.Create": true, "AbpIdentity.Roles.Update": true, "AbpIdentity.Roles.Delete": true, "AbpIdentity.Roles.ManagePermissions": true, "AbpIdentity.Users": true, "AbpIdentity.Users.Create": true, "AbpIdentity.Users.Update": true, "AbpIdentity.Users.Update.ManageRoles": true, "AbpIdentity.Users.Update.ManageOU": true, "AbpIdentity.Users.Delete": true, "AbpIdentity.Users.ManagePermissions": true, "AbpIdentity.Users.Impersonation": true, "AbpIdentity.Users.Import": true, "AbpIdentity.Users.Export": true, "AbpIdentity.Users.ViewDetails": true, "AbpIdentity.OrganizationUnits": true, "AbpIdentity.OrganizationUnits.ManageOU": true, "AbpIdentity.OrganizationUnits.ManageRoles": true, "AbpIdentity.OrganizationUnits.ManageMembers": true, "AbpIdentity.ClaimTypes": true, "AbpIdentity.ClaimTypes.Create": true, "AbpIdentity.ClaimTypes.Update": true, "AbpIdentity.ClaimTypes.Delete": true, "AbpIdentity.SettingManagement": true, "AbpIdentity.SecurityLogs": true, "AbpIdentity.Sessions": true, "AbpAccount.SettingManagement": true, "AuditLogging.AuditLogs": true, "AuditLogging.AuditLogs.Export": true, "OpenIddictPro.Application": true, "OpenIddictPro.Application.Update": true, "OpenIddictPro.Application.Delete": true, "OpenIddictPro.Application.Create": true, "OpenIddictPro.Application.ManagePermissions": true, "AuditLogging.ViewChangeHistory:Volo.Abp.OpenIddict.Pro.Applications.Application": true, "OpenIddictPro.Scope": true, "OpenIddictPro.Scope.Update": true, "OpenIddictPro.Scope.Delete": true, "OpenIddictPro.Scope.Create": true, "AuditLogging.ViewChangeHistory:Volo.Abp.OpenIddict.Pro.Scopes.Scope": true, "TextTemplateManagement.TextTemplates": true, "TextTemplateManagement.TextTemplates.EditContents": true, "LanguageManagement.LanguageTexts": true, "LanguageManagement.LanguageTexts.Edit": true, "LanguageManagement.Languages": true, "LanguageManagement.Languages.Create": true, "LanguageManagement.Languages.Edit": true, "LanguageManagement.Languages.ChangeDefault": true, "LanguageManagement.Languages.Delete": true, "FileManagement.DirectoryDescriptor": true, "FileManagement.DirectoryDescriptor.Create": true, "FileManagement.DirectoryDescriptor.Update": true, "FileManagement.DirectoryDescriptor.Delete": true, "FileManagement.FileDescriptor": true, "FileManagement.FileDescriptor.Create": true, "FileManagement.FileDescriptor.Update": true, "FileManagement.FileDescriptor.Delete": true, "FileManagement.FileDescriptor.Share": true, "CmsKitPublic.Comments": true, "CmsKitPublic.Comments.DeleteAll": true, "CmsKit.Comments": true, "CmsKit.Comments.Delete": true, "CmsKit.Comments.Update": true, "CmsKit.Comments.SettingManagement": true, "CmsKit.Tags": true, "CmsKit.Tags.Create": true, "CmsKit.Tags.Update": true, "CmsKit.Tags.Delete": true, "CmsKit.Pages": true, "CmsKit.Pages.Create": true, "CmsKit.Pages.Update": true, "CmsKit.Pages.Delete": true, "CmsKit.Pages.SetAsHomePage": true, "CmsKit.Blogs": true, "CmsKit.Blogs.Create": true, "CmsKit.Blogs.Update": true, "CmsKit.Blogs.Delete": true, "CmsKit.Blogs.Features": true, "CmsKit.BlogPosts": true, "CmsKit.BlogPosts.Create": true, "CmsKit.BlogPosts.Update": true, "CmsKit.BlogPosts.Delete": true, "CmsKit.BlogPosts.Publish": true, "CmsKit.Menus": true, "CmsKit.Menus.Create": true, "CmsKit.Menus.Update": true, "CmsKit.Menus.Delete": true, "CmsKit.GlobalResources": true, "CmsKit.Newsletter": true, "CmsKit.Newsletter.EditPreferences": true, "CmsKit.Newsletter.Import": true, "CmsKit.Poll": true, "CmsKit.Poll.Create": true, "CmsKit.Poll.Update": true, "CmsKit.Poll.Delete": true, "CmsKit.SettingManagement": true, "CmsKit.UrlShorting": true, "CmsKit.UrlShorting.Create": true, "CmsKit.UrlShorting.Update": true, "CmsKit.UrlShorting.Delete": true, "CmsKit.PageFeedback": true, "CmsKit.PageFeedback.Update": true, "CmsKit.PageFeedback.Delete": true, "CmsKit.PageFeedback.Settings": true, "CmsKit.PageFeedback.SettingManagement": true, "CmsKit.PageFeedback.Export": true, "CmsKit.Faq": true, "CmsKit.Faq.Create": true, "CmsKit.Faq.Update": true, "CmsKit.Faq.Delete": true, "Portal.Dashboard.Host": true }
-
0
Thanks. I will deep check it.
-
0
hi
This version of
HttpContextAbpAccessTokenProviderwill fix the problem.Can you try to add it to your Web.Public project?
[Dependency(ReplaceServices = true)] [ExposeServices(typeof(IAbpAccessTokenProvider))] public class MyHttpContextAbpAccessTokenProvider : HttpContextAbpAccessTokenProvider { public MyHttpContextAbpAccessTokenProvider(IHttpContextAccessor httpContextAccessor) : base(httpContextAccessor) { } public override async Task<string?> GetTokenAsync() { var httpContext = HttpContextAccessor?.HttpContext; if (httpContext == null) { return null; } if (!httpContext.RequestServices.GetRequiredService<ICurrentUser>().IsAuthenticated) { var result = await httpContext.AuthenticateAsync(); if (result.Succeeded && result.Properties != null) { return result.Properties.GetTokenValue("access_token"); } return null; } return await httpContext.GetTokenAsync("access_token"); } }Thanks.
-
0
Hi
It seems to work intermittently now.
After I log in the initial results are:
"auth": { "grantedPolicies": {} },
Sometimes, after I press F5, the granted policies are returned.
J
-
0
hi
Can you also override the
ICachedApplicationConfigurationClientand test again?using System; using System.Globalization; using Microsoft.AspNetCore.Http; using System.Threading.Tasks; using Microsoft.Extensions.Caching.Distributed; using Microsoft.Extensions.Options; using Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations; using Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ClientProxies; using Volo.Abp.AspNetCore.Mvc.Client; using Volo.Abp.Caching; using Volo.Abp.DependencyInjection; using Volo.Abp.Threading; using Volo.Abp.Users; namespace My.Web.Public; [Dependency(ReplaceServices = true)] [ExposeServices(typeof(ICachedApplicationConfigurationClient))] public class MvcCachedApplicationConfigurationClient : ICachedApplicationConfigurationClient, ITransientDependency { private const string HttpContextItemsCacheKeyFormat = "ApplicationConfigurationDto_{0}_{1}_CacheKey"; protected IHttpContextAccessor HttpContextAccessor { get; } protected AbpApplicationConfigurationClientProxy ApplicationConfigurationAppService { get; } protected AbpApplicationLocalizationClientProxy ApplicationLocalizationClientProxy { get; } protected ICurrentUser CurrentUser { get; } protected MvcCachedApplicationConfigurationClientHelper CacheHelper { get; } protected IDistributedCache<ApplicationConfigurationDto> Cache { get; } protected AbpAspNetCoreMvcClientCacheOptions Options { get; } public MvcCachedApplicationConfigurationClient( MvcCachedApplicationConfigurationClientHelper cacheHelper, IDistributedCache<ApplicationConfigurationDto> cache, AbpApplicationConfigurationClientProxy applicationConfigurationAppService, ICurrentUser currentUser, IHttpContextAccessor httpContextAccessor, AbpApplicationLocalizationClientProxy applicationLocalizationClientProxy, IOptions<AbpAspNetCoreMvcClientCacheOptions> options) { ApplicationConfigurationAppService = applicationConfigurationAppService; CurrentUser = currentUser; HttpContextAccessor = httpContextAccessor; ApplicationLocalizationClientProxy = applicationLocalizationClientProxy; Options = options.Value; CacheHelper = cacheHelper; Cache = cache; } public virtual async Task<ApplicationConfigurationDto> GetAsync() { string? cacheKey = null; var httpContext = HttpContextAccessor?.HttpContext; var itemsKey = GetHttpContextItemsCacheKey(); if (httpContext != null && httpContext.Items[itemsKey] is string key) { cacheKey = key; } if (cacheKey.IsNullOrWhiteSpace()) { cacheKey = await CreateCacheKeyAsync(); if (httpContext != null) { httpContext.Items[itemsKey] = cacheKey; } } if (httpContext != null && httpContext.Items[cacheKey] is ApplicationConfigurationDto configuration) { return configuration; } configuration = (await Cache.GetOrAddAsync( cacheKey, async () => await GetRemoteConfigurationAsync(), () => new DistributedCacheEntryOptions { AbsoluteExpirationRelativeToNow = Options.ApplicationConfigurationDtoCacheAbsoluteExpiration } ))!; if (httpContext != null) { httpContext.Items[cacheKey] = configuration; } return configuration; } private async Task<ApplicationConfigurationDto> GetRemoteConfigurationAsync() { var config = await ApplicationConfigurationAppService.GetAsync( new ApplicationConfigurationRequestOptions { IncludeLocalizationResources = false } ); var localizationDto = await ApplicationLocalizationClientProxy.GetAsync( new ApplicationLocalizationRequestDto { CultureName = config.Localization.CurrentCulture.Name, OnlyDynamics = true } ); config.Localization.Resources = localizationDto.Resources; return config; } public ApplicationConfigurationDto Get() { string? cacheKey = null; var httpContext = HttpContextAccessor?.HttpContext; var itemsKey = GetHttpContextItemsCacheKey(); if (httpContext != null && httpContext.Items[itemsKey] is string key) { cacheKey = key; } if (cacheKey.IsNullOrWhiteSpace()) { cacheKey = AsyncHelper.RunSync(CreateCacheKeyAsync); if (httpContext != null) { httpContext.Items[itemsKey] = cacheKey; } } if (httpContext != null && httpContext.Items[cacheKey] is ApplicationConfigurationDto configuration) { return configuration; } return AsyncHelper.RunSync(GetAsync); } protected virtual async Task<string> CreateCacheKeyAsync() { return await CacheHelper.CreateCacheKeyAsync(CurrentUser.Id); } protected virtual string GetHttpContextItemsCacheKey() { return string.Format(CultureInfo.InvariantCulture, HttpContextItemsCacheKeyFormat, CurrentUser.Id?.ToString("N") ?? "Anonymous", CultureInfo.CurrentUICulture.Name); } }We make the same changes on https://github.com/abpframework/abp/pull/24990
Thanks.
-
0
Hi
Those fixes appear to have resolved the issues.
Thanks
-
0
Great, we also released 10.1.1. You can try upgrading and removing the patch code.
https://github.com/abpframework/abp/releases/tag/10.1.1
Thanks.
