Hi. It works. When will the fix be released?
Could you try to apply for a Microsoft clientId? It might help to reproduce my problem.
Hi
AuthenticationFailureException: OAuth token endpoint failure: invalid_client;Description=AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app 'e42cec2e-afd5-45ef-83e6-85bb54f58b19'. Trace ID: 0262dabf-2e50-47a0-8117-7d83235a2100 Correlation ID: f7fce4f7-bef4-44b9-917e-b5077b8d7bc8 Timestamp: 2025-03-11 06:05:36Z;Uri=https://login.microsoftonline.com/error?code=7000215
Hi ! I applied this piece of code, but the issue still remained unsolved.
Could you copy the code of Microsoft.AspNetCore.Authentication.MicrosoftAccount?
The ClientSecret obtained in the code is encrypted content.
[Dependency(ReplaceServices = true)] [ExposeServices(typeof(ExternalProviderSettingsHelper))] public class MyExternalProviderSettingsHelper : ExternalProviderSettingsHelper { private readonly ISettingDefinitionManager _settingDefinitionManager; private readonly ISettingEncryptionService _settingEncryptionService; private readonly ICurrentTenant _currentTenant; private readonly AbpExternalProviderOptions _externalProviderOptions; private readonly ISettingManager _settingManager; private readonly IJsonSerializer _jsonSerializer; public MyExternalProviderSettingsHelper( ICurrentTenant currentTenant, IOptions<AbpExternalProviderOptions> externalProvidersOptions, ISettingManager settingManager, IJsonSerializer jsonSerializer, IStringEncryptionService stringEncryptionService, ISettingDefinitionManager settingDefinitionManager, ISettingEncryptionService settingEncryptionService) : base(currentTenant, externalProvidersOptions, settingManager, jsonSerializer, stringEncryptionService) { _settingDefinitionManager = settingDefinitionManager; _settingEncryptionService = settingEncryptionService; _currentTenant = currentTenant; _externalProviderOptions = externalProvidersOptions.Value; _settingManager = settingManager; _jsonSerializer = jsonSerializer; }
Using your approach will result in the clientSecret configured by tenant in the setting being ineffective.
Ok. How to solve the problem of failed login from External provider now? The Client secrets obtained by my provider are encrypted.
Why is it necessary to encrypt the Client secret? This leads to a very serious disaster in the update of the Release environment, and this is not mentioned in the migration instructions.
All Client secrets are not displayed and this has affected the OAuth login. The Client secret acquisition is encrypted.
Got it
Is binding to existing username not currently supported when logging in via SSO?
Need to log in with a username for SSO binding?
Angular environment that can be reproduced
const oAuthConfig = {
issuer: 'http://localhost:44372/',
redirectUri: baseUrl,
clientId: 'BookStore_App',
responseType: 'password', // change to password
scope: 'offline_access BookStore',
requireHttps: false,
impersonation: {
userImpersonation: true,
tenantImpersonation: true,
},
};
