Starts in:
0 DAY
11 HRS
27 MIN
47 SEC
Starts in:
0 D
11 H
27 M
47 S

Activities of "WaelRazouk"

This is set to true already (the logs are the same in my question). P.S: It works fine locally (on my PC with docker and tye configurations), this issue appeared when deployed on the server (using IIS to serve the services)

Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null or empty.

you can add Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true; to service to get the error details.

Already done from solution template

public class BaseServiceHttpApiHostModule : AbpModule
{
    public override void ConfigureServices(ServiceConfigurationContext context)
    {
        //You can disable this setting in production to avoid any potential security risks.
        Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;
  • ABP Framework version: v8.1.1
  • UI Type: Angular
  • Database System: EF Core (SQL Server)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes

I'm working on a micro-service solution and built some services. In one service I have Classificaitons and Services App services and some other services. Each one has its permissions and it was working fine. Now my business changed and need to move these 2 app services to another micro-service (called BaseService). When I moved them they stopped working and I'm having AuthorizationException when I try to access them. Here is the logs from the service:

2024-08-01 18:18:43.034 +03:00 [INF] CORS policy execution failed. 2024-08-01 18:18:43.035 +03:00 [INF] Request origin https://angular.ajwad-sa.com does not have permission to access the resource. 2024-08-01 18:18:45.067 +03:00 [INF] Failed to validate the token. Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10204: Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null or empty. at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerAsync(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters, BaseConfiguration configuration) at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters, BaseConfiguration configuration) at Microsoft.IdentityModel.Tokens.InternalValidators.ValidateAfterSignatureFailed(SecurityToken securityToken, Nullable1 notBefore, Nullable1 expires, IEnumerable1 audiences, TokenValidationParameters validationParameters, BaseConfiguration configuration) at Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateSignature(JsonWebToken jwtToken, TokenValidationParameters validationParameters, BaseConfiguration configuration) at Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateSignatureAndIssuerSecurityKey(JsonWebToken jsonWebToken, TokenValidationParameters validationParameters, BaseConfiguration configuration) at Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateJWSAsync(JsonWebToken jsonWebToken, TokenValidationParameters validationParameters, BaseConfiguration configuration) 2024-08-01 18:18:45.068 +03:00 [INF] Bearer was not authenticated. Failure message: IDX10204: Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null or empty. 2024-08-01 18:18:45.070 +03:00 [INF] Executing endpoint 'RMG.Iso20.BaseService.Services.ServiceController.GetListAsync (RMG.Iso20.BaseService.HttpApi)' 2024-08-01 18:18:45.070 +03:00 [INF] Route matched with {area = "BaseService", controller = "Service", action = "GetList"}. Executing controller action with signature System.Threading.Tasks.Task1[Volo.Abp.Application.Dtos.PagedResultDto`1[RMG.Iso20.BaseService.Services.ServiceWithNavigationPropertiesDto]] GetListAsync(RMG.Iso20.BaseService.Services.GetServicesInput) on controller RMG.Iso20.BaseService.Services.ServiceController (RMG.Iso20.BaseService.HttpApi). 2024-08-01 18:18:45.075 +03:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: BaseService.Services 2024-08-01 18:18:45.078 +03:00 [WRN] ---------- RemoteServiceErrorInfo ---------- { "code": "Volo.Authorization:010001", "message": "فشل التفويض! لم تمنح السياسة المعينة.", "details": null, "data": {}, "validationErrors": null }

2024-08-01 18:18:45.078 +03:00 [WRN] Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown. Volo.Abp.Authorization.AbpAuthorizationException: Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown. at Microsoft.AspNetCore.Authorization.AbpAuthorizationServiceExtensions.CheckAsync(IAuthorizationService authorizationService, AuthorizationPolicy policy) at Volo.Abp.Authorization.MethodInvocationAuthorizationService.CheckAsync(MethodInvocationAuthorizationContext context) at Volo.Abp.Authorization.AuthorizationInterceptor.AuthorizeAsync(IAbpMethodInvocation invocation) at Volo.Abp.Authorization.AuthorizationInterceptor.InterceptAsync(IAbpMethodInvocation invocation) at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func3 proceed) at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo) at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue1.ProceedAsync() at Volo.Abp.Auditing.AuditingInterceptor.ProceedByLoggingAsync(IAbpMethodInvocation invocation, AbpAuditingOptions options, IAuditingHelper auditingHelper, IAuditLogScope auditLogScope) at Volo.Abp.Auditing.AuditingInterceptor.InterceptAsync(IAbpMethodInvocation invocation) at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func3 proceed) at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo) at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue1.ProceedAsync() at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation) at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func3 proceed) at lambda_method1572(Closure, Object) at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.

2024-08-01 18:27:42.854 +03:00 [WRN] Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown. Volo.Abp.Authorization.AbpAuthorizationException: Exception of type 'Volo.Abp.Authorization.AbpAuthorizationException' was thrown. at Microsoft.AspNetCore.Authorization.AbpAuthorizationServiceExtensions.CheckAsync(IAuthorizationService authorizationService, AuthorizationPolicy policy) at Volo.Abp.Authorization.MethodInvocationAuthorizationService.CheckAsync(MethodInvocationAuthorizationContext context) at Volo.Abp.Authorization.AuthorizationInterceptor.AuthorizeAsync(IAbpMethodInvocation invocation) at Volo.Abp.Authorization.AuthorizationInterceptor.InterceptAsync(IAbpMethodInvocation invocation) at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func3 proceed) at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo) at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue1.ProceedAsync() at Volo.Abp.Auditing.AuditingInterceptor.ProceedByLoggingAsync(IAbpMethodInvocation invocation, AbpAuditingOptions options, IAuditingHelper auditingHelper, IAuditLogScope auditLogScope) at Volo.Abp.Auditing.AuditingInterceptor.InterceptAsync(IAbpMethodInvocation invocation) at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func3 proceed) at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo) at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue1.ProceedAsync() at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation) at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func3 proceed) at lambda_method1572(Closure, Object) at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.

I have 2 concerns regarding the logs: 1- Why I'm getting Failed to validate the token. Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10204: Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null or empty for this specific microservice only (other microservices work fine)? 2- Logs say that Authorization failed. These requirements were not met: PermissionRequirement: BaseService.Services but in the frontend this requirement is set on the menu item and it's granted (I can assure this from AbpPermissionGrants database table and from the endpoint of GetPermissions)

P.S: https://angular.ajwad-sa.com is my frontend site URL (even though I'm sending the requests to the gateway https://gateway.ajwad-sa.com and yarp is responsible for redirecting to the correct service)

I'm using IIS to serve my services (sites) on the server.

Thanks

Can you confirm where did you add this code?

Configure<AbpDistributedEntityEventOptions>(options =>
{
    options.AutoEventSelectors.Add<OrganizationUnit>();
    options.EtoMappings.RemoveAll(x => x.Value.EtoType == typeof(OrganizationUnitEto));
    options.EtoMappings.Add<OrganizationUnit, CustomOrganizationUnitEto>(typeof(AbpIdentityDomainModule));
});

In which project and service. Because for me It only worked under IdentityService And based on this: I need to define new AutoMapper profile in the IdentityService to map this

CreateMap<OrganizationUnit, MyOrganizationUnitEto>();

Am I right? or did I miss something?

Hi, It works now (because I moved the AbpDistributedEntityEventOptions to the IdentityServiceDomainModule project ( I was setting it in my service domain project previously.

But I still have an issue: OrganizationUnitEto doesn't have ParentId property like OrganizationUnit and I need to know this property to save it in my db table. When I try to get the OrganizationUnit entity using IOrganizationUnitRepository I get the following error: [ERR] An error occurred using the connection to database '' on server ''.

Stacktrace: 2024-07-01 11:00:47.184 +03:00 [ERR] An error occurred using the connection to database '' on server ''. 2024-07-01 11:00:47.192 +03:00 [ERR] An exception occurred while iterating over the results of a query for context type 'RMG.Iso20.IdentityService.EntityFrameworkCore.IdentityServiceDbContext'. System.InvalidOperationException: The ConnectionString property has not been initialized. at Microsoft.Data.SqlClient.SqlConnection.PermissionDemand() at Microsoft.Data.SqlClient.SqlConnectionFactory.PermissionDemand(DbConnection outerConnection) at Microsoft.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions) at Microsoft.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions) at Microsoft.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource1 retry, SqlConnectionOverrides overrides) at Microsoft.Data.SqlClient.SqlConnection.InternalOpenAsync(CancellationToken cancellationToken) --- End of stack trace from previous location --- at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenAsync(CancellationToken cancellationToken, Boolean errorsExpected) at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable1.AsyncEnumerator.InitializeReaderAsync(AsyncEnumerator enumerator, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.SqlServer.Storage.Internal.SqlServerExecutionStrategy.ExecuteAsync[TState,TResult](TState state, Func4 operation, Func4 verifySucceeded, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable1.AsyncEnumerator.MoveNextAsync() System.InvalidOperationException: The ConnectionString property has not been initialized. at Microsoft.Data.SqlClient.SqlConnection.PermissionDemand() at Microsoft.Data.SqlClient.SqlConnectionFactory.PermissionDemand(DbConnection outerConnection) at Microsoft.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions) at Microsoft.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions) at Microsoft.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource1 retry, SqlConnectionOverrides overrides) at Microsoft.Data.SqlClient.SqlConnection.InternalOpenAsync(CancellationToken cancellationToken) --- End of stack trace from previous location --- at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenAsync(CancellationToken cancellationToken, Boolean errorsExpected) at Microsoft.EntityFrameworkCore.Storage.RelationalCommand.ExecuteReaderAsync(RelationalCommandParameterObject parameterObject, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable1.AsyncEnumerator.InitializeReaderAsync(AsyncEnumerator enumerator, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.SqlServer.Storage.Internal.SqlServerExecutionStrategy.ExecuteAsync[TState,TResult](TState state, Func4 operation, Func4 verifySucceeded, CancellationToken cancellationToken) at Microsoft.EntityFrameworkCore.Query.Internal.SplitQueryingEnumerable1.AsyncEnumerator.MoveNextAsync()

Hi,

Did you configure the AutoEventSelectors

Configure<AbpDistributedEntityEventOptions>(options => 
{ 
    options.AutoEventSelectors.Add<OrganizationUnit>(); 
    options.EtoMappings.Add<OrganizationUnit, OrganizationUnitEto>(); 
}); 

Hi, yes in my DomainModule, here is the ConfigureServices method

public override void ConfigureServices(ServiceConfigurationContext context)
{
    base.ConfigureServices(context);
    Configure<AbpDistributedEntityEventOptions>(options =>
    {
        options.AutoEventSelectors.Add<OrganizationUnit>();
        options.EtoMappings.Add<OrganizationUnit, OrganizationUnitEto>();
    });
}
  • ABP Framework version: v8.1.1
  • UI Type: Angular
  • Database System: EF Core (SQL Server)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes
  • Exception message and full stack trace:
  • Steps to reproduce the issue:

I have the micro-service architecture.

Follow the steps described in https://docs.abp.io/en/abp/latest/Distributed-Event-Bus#entity-synchronizer and try to synchronize OrganizationUnit (so I can have a replica of the table in my custom service)

Here is the synchronizer class


public class CssDepartmentSynchronizer :
    EntitySynchronizer<CssDepartment, OrganizationUnitEto>
{

    private readonly ILogger<CssDepartmentSynchronizer> _logger;

    public CssDepartmentSynchronizer(
        IObjectMapper objectMapper, 
        IRepository<CssDepartment> repository,
        ILogger<CssDepartmentSynchronizer> logger) : base(objectMapper, repository)
    {
        _logger = logger;
    }

    public override Task HandleEventAsync(EntityCreatedEto<OrganizationUnitEto> eventData)
    {
        _logger.LogInformation("CssDepartmentSynchronizer EntityCreatedEto");
        return base.HandleEventAsync(eventData);
    }

    public override Task HandleEventAsync(EntityDeletedEto<OrganizationUnitEto> eventData)
    {
        _logger.LogInformation("CssDepartmentSynchronizer EntityDeletedEto");
        return base.HandleEventAsync(eventData);
    }

    public override Task HandleEventAsync(EntityUpdatedEto<OrganizationUnitEto> eventData)
    {
        _logger.LogInformation("CssDepartmentSynchronizer EntityUpdatedEto");
        return base.HandleEventAsync(eventData);
    }

    protected override async Task<CssDepartment?> FindLocalEntityAsync(OrganizationUnitEto eto)
    {
        _logger.LogInformation("CssDepartmentSynchronizer FindLocalEntityAsync");
        var entity = await Repository.FindAsync(d => d.Id  == eto.Id);
        if (entity == null)
            _logger.LogInformation("CssDepartmentSynchronizer not found");
        else
            _logger.LogInformation("CssDepartmentSynchronizer found");
        return entity;
    }
}

This class is not being hit (no logs added to the logs file). Similar code for IdentityUser works fine

public class CssUserSynchronizer :
 EntitySynchronizer<CssUser, UserEto>

hi

One way is a good approach. You can use GUID? UserId in your module.

You mean just define a property UserId in my module without any relation? or define an entity replica to IdentityUser entity and connect my Service entity to it?

  • ABP Framework version: v8.1.1
  • UI Type: Angular
  • Database System: EF Core (SQL Server)
  • Tiered (for MVC) or Auth Server Separated (for Angular): yes
  • Exception message and full stack trace:
  • Steps to reproduce the issue:

I'm building an app using the micro-service template. I have an entity called Service in my microservice project, this entity has some navigation properties related to Identity entities (Owner which should relate to IdentityUser entity, and Department which should relate to OrganizationUnit entity).

What is the best way to define this relation?

I searched some topics and read the docs:

  • one way is to define an entity in my project which reflects the desired entity (just like CMS kit defines CMSUser which synchronizes with IdentityUser). but IdentityUser has some useful code to do this like UserLookupService (defined in Volo.Abp.Users). OrganizationUnit doesn't.
  • Another way is to include the desired module (i.e: Identity module) and in ABP suite define the navigation using pre-built modules from ABP (but this way increases the coupling between the services I think)
Showing 11 to 19 of 19 entries
Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06