ABP Framework version: v8.1.1
UI Type:React
Database System: EF Core (SQL Server)
Tiered (for MVC) or Auth Server Separated (for Angular): yes
Exception message and full stack trace: NA
Steps to reproduce the issue: NA
Hi,
In my application some external system user is calling one API from where we redirect to some page of my application, sample of API is below
[Authorize]
public async Task<IActionResult> BTViewEncounter(string MRN, string ENo)
{
string webRedirctUrl = string.Empty;
IConfigurationRoot _config = new ConfigurationBuilder().SetBasePath(Directory.GetParent(AppContext.BaseDirectory).FullName)
.AddJsonFile("appsettings.json", false).Build();
string webBaseUri = _config.GetSection("WebUISetting:URL").Get<string>();
webRedirctUrl = webBaseUri;
if (!string.IsNullOrEmpty(MRN) || !string.IsNullOrEmpty(EncounterNo))
{
Encounter encounters = new Encounter();
try
{
encounters = await _encounterRepository.GetEncounterAsync(ENo, MRN);
if (encounters != null)
{
string relativeUri = string.Format("{0}{1}{2}{3}",
"read/admission/view?",
"encounterNo=" + encounters.Encounter.IdentificationText,
"&encounterId=" + encounters.Encounter.Id.ToString(),
"&institutionId=" + encounters.Encounter.InstitutionId.ToString());
Uri CompleteUrl = new Uri(new Uri(webBaseUri), relativeUri);
webRedirctUrl = CompleteUrl.ToString();
}
else
{
webRedirctUrl = string.Format("{0}{1}", webBaseUri, "datanotfound.html");
}
}
catch (Exception)
{
throw;
}
}
return Redirect(webRedirctUrl);
}
In the same service I have 3 API, all 3 API is doing the redirect on some page, every first API call is working fine but from 2nd call onwards user is getting below error, seems like it is trying to create multiple cookies
All 3 requests are working fine If I remove [Authorize] tag from APIs.
Please help why with [Authorize] tag it is giving "Bad Request - Request Too Long".
Thanks
23 Answer(s)
-
0
It looks like the request is carrying too many cookies or other information, you can try to change the
webconfig<?xml version="1.0" encoding="utf-8"?> <configuration> <system.web> <!-- Increase max request length in KB --> <httpRuntime maxRequestLength="51200" /> <!-- 50 MB --> </system.web> <system.webServer> <security> <requestFiltering> <!-- Increase max content length in bytes --> <requestLimits maxAllowedContentLength="52428800" /> <!-- 50 MB --> </requestFiltering> </security> </system.webServer> </configuration> -
0
It looks like the request is carrying too many cookies or other information, you can try to change the
webconfig<?xml version="1.0" encoding="utf-8"?> <configuration> <system.web> <!-- Increase max request length in KB --> <httpRuntime maxRequestLength="51200" /> <!-- 50 MB --> </system.web> <system.webServer> <security> <requestFiltering> <!-- Increase max content length in bytes --> <requestLimits maxAllowedContentLength="52428800" /> <!-- 50 MB --> </requestFiltering> </security> </system.webServer> </configuration>Thank you for the response, I have updated this but I'm still getting the same error. I can see below cookies (attached image) in normal case I see only first 3
-
0
below is the error log
2025-01-14 15:10:35.991 +08:00 [INF] Request starting HTTP/1.1 GET https://app02/UAT/eFCApp/Account/BTViewEncounter?MRN=XXXXXXXX&ENo=XXXXXXXXXXX01 - null null 2025-01-14 15:10:35.995 +08:00 [INF] Authorization failed. These requirements were not met: DenyAnonymousAuthorizationRequirement: Requires an authenticated user. 2025-01-14 15:10:35.995 +08:00 [INF] AuthenticationScheme: Identity.Application was challenged. 2025-01-14 15:10:35.995 +08:00 [INF] Request finished HTTP/1.1 GET https://app02/UAT/eFCApp/Account/BTViewEncounter?MRN=XXXXXXXX&ENO=XXXXXXXXXXX01 - 302 null null 4.7929ms 2025-01-14 15:10:36.008 +08:00 [INF] Request starting HTTP/1.1 GET https://app02/UAT/eFCApp/Account/Login?ReturnUrl=%2FUAT%2FeFCApp%2FAccount%2FBTViewEncounter%3FMRN%XXXXXXXX%26ENO%XXXXXXXXXXX01 - null null 2025-01-14 15:10:36.019 +08:00 [INF] Executing endpoint '/Account/Login' 2025-01-14 15:10:36.020 +08:00 [INF] Route matched with {page = "/Account/Login", action = "", controller = "", area = ""}. Executing page /Account/Login 2025-01-14 15:10:36.020 +08:00 [INF] [!dt trace_id=630191ab8549ef29494afe553a3167fd,span_id=d0933559fd000000,trace_sampled=true] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy 2025-01-14 15:10:36.030 +08:00 [INF] Executing handler method eFC.Web.Pages.Account.LoginCustomModel.OnGetAsync - ModelState is "Valid" 2025-01-14 15:10:36.031 +08:00 [INF] [!dt trace_id=630191ab8549ef29494afe553a3167fd,span_id=70818beb68020000,trace_sampled=true] Return URL:/UAT/eFCApp/Account/BTViewEncounter?MRN=XXXXXXXX&ENo=XXXXXXXXXXX01 2025-01-14 15:10:36.031 +08:00 [INF] Executed handler method OnGetAsync, returned result Microsoft.AspNetCore.Mvc.ChallengeResult. 2025-01-14 15:10:36.031 +08:00 [INF] Executing ChallengeResult with authentication schemes (["ADFS"]). 2025-01-14 15:10:36.032 +08:00 [INF] AuthenticationScheme: ADFS was challenged. 2025-01-14 15:10:36.032 +08:00 [INF] Executed page /Account/Login in 12.0754ms 2025-01-14 15:10:36.032 +08:00 [INF] Executed endpoint '/Account/Login' 2025-01-14 15:10:36.033 +08:00 [INF] Request finished HTTP/1.1 GET https://app02/UAT/eFCApp/Account/Login?ReturnUrl=%2FUAT%2FeFCApp%2FAccount%2FBTViewEncounter%3FMRN%XXXXXXXX%26ENo%XXXXXXXXXXX01 - 302 null null 24.9095ms 2025-01-14 15:10:42.567 +08:00 [INF] Request starting HTTP/1.1 POST https://app02/UAT/eFCApp/signin-oidc - application/x-www-form-urlencoded 1072 2025-01-14 15:10:42.568 +08:00 [INF] CORS policy execution successful. 2025-01-14 15:10:42.595 +08:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-01-14 15:10:42.596 +08:00 [INF] Request finished HTTP/1.1 POST https://app02/UAT/eFCApp/signin-oidc - 302 null null 29.1642ms
-
0
Hi,
There are too many cookies. This is an external login mechanism that stores all data in cookies.
You can try using
OnTicketReceivedto delete unnecessary claims to reduce cookie size..AddOpenIdConnect(...., options => { options.Events.OnTicketReceived += .... }); -
0
Hi,
There are too many cookies. This is an external login mechanism that stores all data in cookies.
You can try using
OnTicketReceivedto delete unnecessary claims to reduce cookie size..AddOpenIdConnect(...., options => { options.Events.OnTicketReceived += .... });Can you share the sample code file, also I have added few claims which is required, is it possible to delete pre-defined claims?
-
0
Hi,
You can try this, and put a breakpoint to debug
options.Events.OnTicketReceived += receivedContext => { //Remove unnecessary claims receivedContext.Principal!.RemoveClaims("..."); return Task.CompletedTask; }; -
0
Hi,
You can try this, and put a breakpoint to debug
options.Events.OnTicketReceived += receivedContext => { //Remove unnecessary claims receivedContext.Principal!.RemoveClaims("..."); return Task.CompletedTask; };In my token I can see below claims
"iss": "exp": "iat": "aud": "sub": "oi_au_id": "preferred_username": "azp": "at_hash": "oi_tkn_id":
also, I have manually added given_name, permissionClaim, and concurrentUserId, I believe I cannot delete these, am I supposed to delete other JWTClaims even if it is not in token?
-
0
below is the error log https://abp.io/support/questions/8635/Bad-Request---Request-Too-Long#answer-3a1775dc-aad6-8d64-4a56-5a23a2169434
I didn't see any error message there.
BTW,will it work if you try this
Configure<IISServerOptions>(options => { options.MaxRequestBodySize = 209715200; }); Configure<KestrelServerOptions>(options => { options.Limits.MaxRequestBodySize = 209715200; }); -
0
below is the error log https://abp.io/support/questions/8635/Bad-Request---Request-Too-Long#answer-3a1775dc-aad6-8d64-4a56-5a23a2169434
I didn't see any error message there.
BTW,will it work if you try this
Configure<IISServerOptions>(options => { options.MaxRequestBodySize = 209715200; }); Configure<KestrelServerOptions>(options => { options.Limits.MaxRequestBodySize = 209715200; });yes, error is not there but still I'm getting bad request.
I tried below code, it's not working, I'm still getting bad request.
Configure<IISServerOptions>(options =>
{ options.MaxRequestBodySize = 209715200; });
-
0
Hi,
How do I reproduce the problem?
Or can you share a test project with me? i will check it. shiwei.liang@volosoft.com
-
0
Hi,
How do I reproduce the problem?
Or can you share a test project with me? i will check it. shiwei.liang@volosoft.com
Hi, I'll be able to share sample code only, but I cannot assure that you will be able to replicate the issue as in my case, I'm redirecting it to my application from some external application, also I'm using external login. Let me know if it is fine.
-
0
Can I check it remotely? my email is shiwei.liang@volosoft.com
-
0
Can I check it remotely? my email is shiwei.liang@volosoft.com
sure, let me send you the meeting invite.
-
0
Hi,
can we use zoom https://us05web.zoom.us/j/5929668302?pwd=UXl2M2RUeG5PazVSY2ZCOW1NMUxtZz09
-
0
Hi,
can we use zoom https://us05web.zoom.us/j/5929668302?pwd=UXl2M2RUeG5PazVSY2ZCOW1NMUxtZz09
sure, Iet me join
-
0
Hi,
I joined your meeting.
-
0
https://us05web.zoom.us/j/5929668302?pwd=UXl2M2RUeG5PazVSY2ZCOW1NMUxtZz09
-
0
Hi,
Could you please share the configure code for external login provider.
-
0
You can consider set
SaveTokenstofalse -
0
SaveTokens
ok, let me try this
-
0
You can consider set
SaveTokenstofalseThank you. It is working with this, but may I know the use of it, is there any possibility that it can impact some other functionality ?
-
0
Hi,
It store
access_tokenandrefresh_tokento the cookies, It will not affect your application. And the default value isfalse. we usually don't recommend setting it to true.It will be useful when you need to call the Azure AD API(I assume you are using Azure external login).
-
0
Hi,
It store
access_tokenandrefresh_tokento the cookies, It will not affect your application. And the default value isfalse. we usually don't recommend setting it to true.It will be useful when you need to call the Azure AD API(I assume you are using Azure external login).
ok, thank you.
