Open Closed

scopes too long #3366


User avatar
0
mgurer created

Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples, to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, please use the search on the homepage.

If you're creating a bug/problem report, please include followings:

  • ABP Framework version: v5.3.0
  • UI type: Blazor
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): yes
  • Exception message and stack trace:2022-07-01 15:19:44.232 +03:00 [DBG] Request path /connect/authorize matched to endpoint type Authorize 2022-07-01 15:19:44.237 +03:00 [DBG] Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeEndpoint 2022-07-01 15:19:44.237 +03:00 [INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize 2022-07-01 15:19:44.237 +03:00 [DBG] Start authorize request 2022-07-01 15:19:44.237 +03:00 [DBG] No user present in authorize request 2022-07-01 15:19:44.237 +03:00 [DBG] Start authorize request protocol validation 2022-07-01 15:19:44.252 +03:00 [DBG] client configuration validation for client CoMed_Blazor succeeded. 2022-07-01 15:19:44.252 +03:00 [DBG] Checking for PKCE parameters 2022-07-01 15:19:44.252 +03:00 [ERR] scopes too long.
  • Steps to reproduce the issue: 1 - Our project has 17 microservices. During authorization_code flow, when scope names are sent to to the identity server's authorize endpoint, a validator error about the length of scopes occurs. How can I override related settings? I have added the codes below to to configureservices method of authserver ui projecet, it did'nt work. Configure<IdentityServerOptions>(builder => { builder.InputLengthRestrictions.Scope = 1000000; }); 2- Türkçe destek istegi yapabilecegimiz bir adresiniz var mı? Bu şekilde sıkıcı oluyor.

8 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    I have added the codes below to to configureservices method of authserver ui projecet, it did'nt work.

    Is same error occurs? [ERR] scopes too long.

  • User Avatar
    0
    mgurer created

    Yes

  • User Avatar
    0
    mgurer created

    Below is the related request body - log;

    {"ClientId":"CoMed_Blazor","ClientName":"CoMed_Blazor","RedirectUri":"https://???.???.com.tr/authentication/login-callback","AllowedRedirectUris":["http://???/#/login-callback","https://????/authentication/login-callback","https://???/Home/Privacy","https://???/#/login-callback"],"SubjectId":"anonymous","ResponseType":"code","ResponseMode":"query","GrantType":"authorization_code","RequestedScopes":"","State":"a7b59c9e5c9a492bb31807792b623bcc","UiLocales":null,"Nonce":null,"AuthenticationContextReferenceClasses":null,"DisplayMode":null,"PromptMode":"","MaxAge":null,"LoginHint":null,"SessionId":null,"Raw":{"client_id":"CoMed_Blazor","redirect_uri":"https://???/authentication/login-callback","response_type":"code","scope":"openid profile role email phone AuthServer IdentityService AdministrationService SaasService TimelineService AppointmentService ResourceService EResultService PrescriptionService ProfileService ConnectorService VideoService IOService PaymentService MessageService SurveyService ContentService AgentService","state":"a7b59c9e5c9a492bb31807792b623bcc","code_challenge":"uyU0F1tAHimKrLwGDJ8OgUB47A0zx6DXV3zVPbF5XnM","code_challenge_method":"S256","response_mode":"query"},"$type":"AuthorizeRequestValidationLog"}

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    This is weird, your scope should not be larger than InputLengthRestrictions.Scope.

    https://github.com/IdentityServer/IdentityServer4/blob/5c876281c5977fed56faf59636aa1a2626396d3f/src/IdentityServer4/src/Validation/Default/AuthorizeRequestValidator.cs#L554

  • User Avatar
    0
    mgurer created

    I have tried to rename the scope names in database by getting rid of the "Service" postfix to minimize the total scopes length but admin ui somehow kept asking for the original scope names during the authentication flow. I could not figure out how to shorten the names properly. I can not figure out where to change in the application code to override original scope names.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    Try to clear the redis when updating the database.

  • User Avatar
    0
    mgurer created

    I have updated all of the scope names in the database. Removed the redis image from docker and re-installed it.

    I have tested the updated scope names in a small test app, it works properly. No more scope lenght error occurs. This will give me some time, I hope you figure out a proper fix about the error till then.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    ok, You can also create a new project and reproduce the issue then share it with me liming.ma@volosoft.com

Made with ❤️ on ABP v9.1.0-preview. Updated on December 10, 2024, 06:38