Activities of "Leonardo.Willrich"
Hi maliming,
I've found that the CurrentUser is not NULL at all, actually, only the Name and Surname are null.
See the CurrentUser object:
{
"IsAuthenticated": true,
"Id": "39fce267-691b-005d-2688-42fe82789338",
"UserName": "leo",
"Name": null,
"SurName": null,
"PhoneNumber": "+64275874295",
"PhoneNumberVerified": false,
"Email": "leonardo.willrich@tvd.co.nz",
"EmailVerified": true,
"TenantId": "39fce25b-2b37-c3fe-2285-69ad471c4ffe",
"Roles": [
"admin"
]
}
I've found it on this topic in Github: https://github.com/abpframework/abp/issues/6571
Hi Maliming,
Requesting the token like this. In the Header, I've added the key "__tenant" with the tenant name.
Here is the token generated:
eyJhbGciOiJSUzI1NiIsImtpZCI6IjYyM0RCMjY5MThBRUNGMTcwRjYzMTk3RkJEQTQwNUVBIiwidHlwIjoiYXQrand0In0.eyJuYmYiOjE2NTc2OTU2NzAsImV4cCI6MTY4OTIzMTY3MCwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzNjQiLCJhdWQiOiJTQkMiLCJjbGllbnRfaWQiOiJTQkNfTW9iaWxlIiwic3ViIjoiMzlmY2UyNjctNjkxYi0wMDVkLTI2ODgtNDJmZTgyNzg5MzM4IiwiYXV0aF90aW1lIjoxNjU3Njk1NjcwLCJpZHAiOiJsb2NhbCIsInRlbmFudGlkIjoiMzlmY2UyNWItMmIzNy1jM2ZlLTIyODUtNjlhZDQ3MWM0ZmZlIiwicm9sZSI6ImFkbWluIiwicGhvbmVfbnVtYmVyIjoiKzY0Mjc1ODc0Mjk1IiwicGhvbmVfbnVtYmVyX3ZlcmlmaWVkIjoiRmFsc2UiLCJlbWFpbCI6Imxlb25hcmRvLndpbGxyaWNoQHR2ZC5jby5ueiIsImVtYWlsX3ZlcmlmaWVkIjoiVHJ1ZSIsImVkaXRpb25pZCI6IjM5ZmNlMjU5LTViNGEtZmFjNi1iYzU2LWY3OGEyN2RlMmUyZiIsIm5hbWUiOiJsZW8iLCJpYXQiOjE2NTc2OTU2NzAsInNjb3BlIjpbImFkZHJlc3MiLCJlbWFpbCIsIm9wZW5pZCIsInBob25lIiwicHJvZmlsZSIsInJvbGUiLCJTQkMiLCJvZmZsaW5lX2FjY2VzcyJdLCJhbXIiOlsicHdkIl19.CTIS5YyRvFigvPN8qPboDzQg8DeKogy-SBTRJMrTL7hZiYCYRR9sv4nsHTrMNDgLJf8IJf-Tq4RJ-XmM4ZsnFhGxXsiXdCiHfAIo0QJJ_TVNgwazUWDk6wakIpCppH0dlGa2vayTQc882lvflTutxgbfNiRdDJ5_mKEAmgb1XuVGRu6GHig-tpXHrUp_R-GzistEV8IaHppErDjHtcAdyTPtBUpZsRUxPDSeAJylZZScRxT_IUHKA2BigzY3MkbYDgfcfAew7En6QGpK0jE3FBU7UIQfsINf6QJTAXNA4WuvOzhNVovBKHdormwSHBWTOmBEkxgpBZZko4iKM4_68A
If I try to call a method from my API, passing the token in Authorization and the __tenant, the CurrentUser will be NULL.
I've follow also the steps from this post in the community, but, also the CurrentUser is null.
How can I set the Current User? It is quite important in my methods as I am filtering data based on the Current User Id. I don't want to have two methods, one for my website and another one for other applications calling the API method.
Thank you!
Ok, no problem. I've already fixed the Secret expiration date/time changing the database and restarting the server to clear the cache.
I'll send you the details tomorrow. Do you have any examples of your answer? For example, how can I use api/abp/application-configuration.
If you're creating a bug/problem report, please include followings:
- ABP Framework version: v5.3
- UI type: Blazor WASM
- DB provider: EF Core
Hi,
I'm building another Web Application in Blazor WebAssembly PWA that will just trigger some actions from my main web page application. It is not using ABP.IO framework, it is just a simple application.
To call methods from Web API, I know that I can request the Token using /access/token and using the Identity Server client details. Then, when calling the method using HttpClient, I have to add the "__tenant" and "Authorization" with "Bearer {access_token}" in the Header.
Questions:
- In the application service, the Current User is always Null.
- How can I use Dynamic API Clients using the module HttpApi.Client? Is there some example? (https://docs.abp.io/en/abp/latest/API/Dynamic-CSharp-API-Clients)
- I need to check the user permissions on the application side, how I can do that properly?
- In Post methods it is a return error related to AntiForgery ([15:57:46 ERR] The required antiforgery cookie ".AspNetCore.Antiforgery.VzbPRCldIbQ" is not present.). What is missing? Do you have an example of calling a Post method using Postman?
Kind regards,
Leonardo Willrich.
Another question. I'm using RabbitMQ as Broker Message. We had another issue related to User Role Event Handler not being called because of this. Do you think that the event handler for Clients that removes the cache could not be reached due to the RabbitMQ?
Here is the log:
[08:14:56 ERR] Failed executing DbCommand (1ms) [Parameters=[@p0='?' (DbType = Guid), @p1='?', @p2='?', @p3='?', @p4='?' (DbType = DateTime), @p53='?' (DbType = Guid), @p5='?' (DbType = Int32), @p6='?' (DbType = Int32), @p7='?' (DbType = Int32), @p8='?' (DbType = Boolean), @p9='?' (DbType = Boolean), @p10='?' (DbType = Boolean), @p11='?' (DbType = Boolean), @p12='?', @p13='?' (DbType = Boolean), @p14='?' (DbType = Boolean), @p15='?' (DbType = Int32), @p16='?' (DbType = Boolean), @p17='?', @p18='?', @p19='?', @p20='?', @p21='?', @p22='?', @p54='?', @p23='?' (DbType = Int32), @p24='?' (DbType = DateTime), @p25='?' (DbType = Guid), @p26='?' (DbType = Guid), @p27='?' (DbType = DateTime), @p28='?', @p29='?' (DbType = Int32), @p30='?' (DbType = Boolean), @p31='?' (DbType = Boolean), @p32='?', @p33='?' (DbType = Boolean), @p34='?', @p35='?' (DbType = Int32), @p36='?' (DbType = Boolean), @p37='?' (DbType = Boolean), @p38='?' (DbType = DateTime), @p39='?' (DbType = Guid), @p40='?', @p41='?', @p42='?', @p43='?' (DbType = Int32), @p44='?' (DbType = Int32), @p45='?' (DbType = Boolean), @p46='?' (DbType = Boolean), @p47='?' (DbType = Boolean), @p48='?' (DbType = Boolean), @p49='?' (DbType = Int32), @p50='?' (DbType = Boolean), @p51='?', @p52='?' (DbType = Int32)], CommandType='Text', CommandTimeout='30'] INSERT INTO "IdentityServerClientSecrets" ("ClientId", "Type", "Value", "Description", "Expiration") VALUES (@p0, @p1, @p2, @p3, @p4); UPDATE "IdentityServerClients" SET "AbsoluteRefreshTokenLifetime" = @p5, "AccessTokenLifetime" = @p6, "AccessTokenType" = @p7, "AllowAccessTokensViaBrowser" = @p8, "AllowOfflineAccess" = @p9, "AllowPlainTextPkce" = @p10, "AllowRememberConsent" = @p11, "AllowedIdentityTokenSigningAlgorithms" = @p12, "AlwaysIncludeUserClaimsInIdToken" = @p13, "AlwaysSendClientClaims" = @p14, "AuthorizationCodeLifetime" = @p15, "BackChannelLogoutSessionRequired" = @p16, "BackChannelLogoutUri" = @p17, "ClientClaimsPrefix" = @p18, "ClientId" = @p19, "ClientName" = @p20, "ClientUri" = @p21, "ConcurrencyStamp" = @p22, "ConsentLifetime" = @p23, "CreationTime" = @p24, "CreatorId" = @p25, "DeleterId" = @p26, "DeletionTime" = @p27, "Description" = @p28, "DeviceCodeLifetime" = @p29, "EnableLocalLogin" = @p30, "Enabled" = @p31, "ExtraProperties" = @p32, "FrontChannelLogoutSessionRequired" = @p33, "FrontChannelLogoutUri" = @p34, "IdentityTokenLifetime" = @p35, "IncludeJwtId" = @p36, "IsDeleted" = @p37, "LastModificationTime" = @p38, "LastModifierId" = @p39, "LogoUri" = @p40, "PairWiseSubjectSalt" = @p41, "ProtocolType" = @p42, "RefreshTokenExpiration" = @p43, "RefreshTokenUsage" = @p44, "RequireClientSecret" = @p45, "RequireConsent" = @p46, "RequirePkce" = @p47, "RequireRequestObject" = @p48, "SlidingRefreshTokenLifetime" = @p49, "UpdateAccessTokenClaimsOnRefresh" = @p50, "UserCodeType" = @p51, "UserSsoLifetime" = @p52 WHERE "Id" = @p53 AND "ConcurrencyStamp" = @p54; [08:14:56 ERR] An exception occurred in the database while saving changes for context type 'Volo.Abp.IdentityServer.EntityFrameworkCore.IdentityServerDbContext'. Microsoft.EntityFrameworkCore.DbUpdateException: An error occurred while saving the entity changes. See the inner exception for details. ---> Npgsql.PostgresException (0x80004005): 23505: duplicate key value violates unique constraint "PK_IdentityServerClientSecrets" DETAIL: Detail redacted as it may contain sensitive data. Specify 'Include Error Detail' in the connection string to include this information. at Npgsql.Internal.NpgsqlConnector.<ReadMessage>g__ReadMessageLong|211_0(NpgsqlConnector connector, Boolean async, DataRowLoadingMode dataRowLoadingMode, Boolean readingNotifications, Boolean isReadingPrependedMessage) at Npgsql.NpgsqlDataReader.NextResult(Boolean async, Boolean isConsuming, CancellationToken cancellationToken) at Npgsql.NpgsqlCommand.ExecuteReader(CommandBehavior behavior, Boolean async, CancellationToken cancellationToken) at Npgsql.NpgsqlCommand.ExecuteReader(CommandBehavior behavior, Boolean async, CancellationToken cancellationToken) at Npgsql.NpgsqlCommand.ExecuteDbDataReaderAsync(CommandBehavior behavior, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Update.ReaderModificationCommandBatch.ExecuteAsync(IRelationalConnection connection, CancellationToken cancellationToken) Exception data: Severity: ERROR SqlState: 23505 MessageText: duplicate key value violates unique constraint "PK_IdentityServerClientSecrets" Detail: Detail redacted as it may contain sensitive data. Specify 'Include Error Detail' in the connection string to include this information. SchemaName: public TableName: IdentityServerClientSecrets ConstraintName: PK_IdentityServerClientSecrets File: d:\pginstaller_13.auto\postgres.windows-x64\src\backend\access\nbtree\nbtinsert.c Line: 656 Routine: _bt_check_unique --- End of inner exception stack trace ---
Hi liangshiwei,
To reproduce, you can create a new client in Administration > Identity Server > Clients, add a Secret. Save the client and then add another Secret and delete the previous. When you try to save, it will show the error.
How about the error when editing the Identity Client? I think due to this error, the cache has not been removed.
Hi, I just like to add that somehow it is working now, using the same client_id and client_secret. Before, I've added a long period of expiration: 31/12/2050. Then, I changed it to 31/12/2022. But, it hadn't worked. After writing this issue, I tried again, and it was working. It looks like it took some time to update the server.
The questions are, does it keep some kind of cache? If so, how to clean it to read the new parameters? Is possible to set the expiration date/time for a long period?