hi
Can you try to inject the
ISettingEncryptionService
andEncrypt
your default value?
I tested it with IStringEncryptionService
directly and it worked!
The ISettingEncryptionService
Encrypt
method needs a SettingDefinition
type parameter but doesn't really use it. Maybe this was unintentional.
Thank you!
hi
We can set the default value
Please share your code.Usually, you don't need to care about the encryption, which is done automatically.
https://docs.abp.io/en/abp/latest/Settings#isettingencryptionservice
public override void Define(ISettingDefinitionContext context)
{
context.Add(new SettingDefinition(ProductServiceSettings.DataShareApiUrl, "http://192.168.15.3:5150", isEncrypted: false));
context.Add(new SettingDefinition(ProductServiceSettings.DataSharePublicKey, "015e5387-05d4-4904-9d1a-b7a6c4241bd6", isEncrypted: false));
context.Add(new SettingDefinition(ProductServiceSettings.DataShareSecretKey, "11ddf380-c141-4889-b5ee-dcdd72c0b8d0", isEncrypted: true));
context.Add(new SettingDefinition(ProductServiceSettings.SchedulerUsername, "scheduler_user"));
context.Add(new SettingDefinition(ProductServiceSettings.SchedulerPassword, "123456", isEncrypted: true));
// and so on...
}
Please note that settings that are not encrypted we can get default values using ISettingProvider normally, like this example:
var urlHeader = $"{(await settingProvider.GetOrNullAsync(ProductServiceSettings.DataShareApiUrl)).EnsureEndsWith('/')}{url}";
But encrypted ones returns null. like this one:
await settingProvider.GetOrNullAsync(ProductServiceSettings.DataShareSecretKey)
Check the docs before asking a question: https://docs.abp.io/en/commercial/latest/ Check the samples to see the basic tasks: https://docs.abp.io/en/commercial/latest/samples/index The exact solution to your question may have been answered before, and please first use the search on the homepage. Provide us with the following info:
Hello! We are using the ABP settings provider, but we are having difficulty setting a default value for a encrypted setting. We can set the default value, but it cannot be read after. I guess it's because ABP is trying to decrypt a value that is not encrypted yet. Is there a way to set a default value to an encrypted setting?
Thanks.
hi
Try the
abp get-source Volo.Docs
command, It also includes theadmin
part.https://github.com/abpframework/abp/tree/dev/modules/docs
Thanks, it worked!
Hello! We are trying to download ABP Modules and everything ran fine, except for Volo.Docs.Admin.
Steps to reproduce: Simple run abp get-source Volo.Docs.Admin
Exception message:
ABP CLI 7.3.3
Downloading source code of Volo.Docs.Admin (Latest)
Output folder: C:\Evlos\ABP
Downloading module: Volo.Docs.Admin, version: 7.3.3
Error occured while downloading source-code from https://abp.io/api/download/module/ : StatusCode: 500, ReasonPhrase: 'Internal Server Error', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
Date: Mon, 02 Oct 2023 19:49:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache,no-store
Pragma: no-cache
Set-Cookie: .AspNetCore.Antiforgery.-6OvtTX3HwI=CfDJ8KhVN67WFEhFqv9GBjcJb_YWcKmDXlMRwB3tiE6CL_ScMG895PBT4DA5D2wQBukVBCwRL1RO21blgHJuKwlDWzBjgsAUBnR6afZ4sFpQedI0hSJcvIQsfoWminBPMH-VvFRwgS9T0Z6NaCGl6doZZ6c; path=/; samesite=strict; httponly
Set-Cookie: XSRF-TOKEN=CfDJ8KhVN67WFEhFqv9GBjcJb_Z09cIxdHpzUEXdu8QoGqMTCe4ZDp7bRG_C9I3nMES8-zuaURcy9sB1RbwDM7-hoCHp2sg6KfO1J_S7xBehfFLcYgy6R87a6NvOYyThKccLrKFPayGu9ulvDG8Opgg847MMFSXJQ8pIxtt5MLEU0vQs4WPvJ_Zn9VdZXskL9zsr1w; expires=Tue, 01 Oct 2024 19:49:56 GMT; path=/; secure; samesite=none
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15724800; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
x-correlation-id: 95f1911ef9ab4bdfab73fa5be8927f48
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjT%2FpEwEpwMNa58t%2FHhhkp2HaZErBkTGys202drKHuaEHByrPbgy15ii6t6kZuQ48J2hFn5feLUZvHW5YK21jxiE%2F4DaTnWOl1pNVSuUu6PLZBlgHeDkPD8wpRd7RfgAkCLT2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 80ff78b1fb001b2c-GRU
Content-Type: text/html; charset=utf-8
Expires: -1
}
'<' is an invalid start of a value. Path: $ | LineNumber: 1 | BytePositionInLine: 0.
'<' is an invalid start of a value. Path: $ | LineNumber: 1 | BytePositionInLine: 0.
System.Text.Json.JsonException: '<' is an invalid start of a value. Path: $ | LineNumber: 1 | BytePositionInLine: 0.
---> System.Text.Json.JsonReaderException: '<' is an invalid start of a value. LineNumber: 1 | BytePositionInLine: 0.
at System.Text.Json.ThrowHelper.ThrowJsonReaderException(Utf8JsonReader& json, ExceptionResource resource, Byte nextByte, ReadOnlySpan`1 bytes)
at System.Text.Json.Utf8JsonReader.ConsumeValue(Byte marker)
at System.Text.Json.Utf8JsonReader.ReadFirstToken(Byte first)
at System.Text.Json.Utf8JsonReader.ReadSingleSegment()
at System.Text.Json.Utf8JsonReader.Read()
at System.Text.Json.Serialization.JsonConverter`1.ReadCore(Utf8JsonReader& reader, JsonSerializerOptions options, ReadStack& state)
--- End of inner exception stack trace ---
at System.Text.Json.ThrowHelper.ReThrowWithPath(ReadStack& state, JsonReaderException ex)
at System.Text.Json.Serialization.JsonConverter`1.ReadCore(Utf8JsonReader& reader, JsonSerializerOptions options, ReadStack& state)
at System.Text.Json.JsonSerializer.ReadFromSpan[TValue](ReadOnlySpan`1 utf8Json, JsonTypeInfo jsonTypeInfo, Nullable`1 actualByteCount)
at System.Text.Json.JsonSerializer.ReadFromSpan[TValue](ReadOnlySpan`1 json, JsonTypeInfo jsonTypeInfo)
at System.Text.Json.JsonSerializer.Deserialize[TValue](String json, JsonSerializerOptions options)
at Volo.Abp.Json.SystemTextJson.AbpSystemTextJsonSerializer.Deserialize[T](String jsonString, Boolean camelCase) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Json.SystemTextJson\Volo\Abp\Json\SystemTextJson\AbpSystemTextJsonSerializer.cs:line 25
at Volo.Abp.Cli.ProjectBuilding.RemoteServiceExceptionHandler.GetAbpRemoteServiceErrorAsync(HttpResponseMessage responseMessage) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\RemoteServiceExceptionHandler.cs:line 52
at Volo.Abp.Cli.ProjectBuilding.RemoteServiceExceptionHandler.EnsureSuccessfulHttpResponseAsync(HttpResponseMessage responseMessage) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\RemoteServiceExceptionHandler.cs:line 38
at Volo.Abp.Cli.ProjectBuilding.AbpIoSourceCodeStore.DownloadSourceCodeContentAsync(SourceCodeDownloadInputDto input) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\AbpIoSourceCodeStore.cs:line 258
at Volo.Abp.Cli.ProjectBuilding.AbpIoSourceCodeStore.GetAsync(String name, String type, String version, String templateSource, Boolean includePreReleases, Boolean skipCache) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\AbpIoSourceCodeStore.cs:line 123
at Volo.Abp.Cli.ProjectBuilding.ModuleProjectBuilder.BuildAsync(ProjectBuildArgs args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\ModuleProjectBuilder.cs:line 48
at Volo.Abp.Cli.Commands.Services.SourceCodeDownloadService.DownloadModuleAsync(String moduleName, String outputFolder, String version, String gitHubAbpLocalRepositoryPath, String gitHubVoloLocalRepositoryPath, AbpCommandLineOptions options) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\Services\SourceCodeDownloadService.cs:line 39
at Volo.Abp.Cli.Commands.GetSourceCommand.ExecuteAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\GetSourceCommand.cs:line 59
at Volo.Abp.Cli.CliService.RunInternalAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 169
at Volo.Abp.Cli.CliService.RunAsync(String[] args) in D:\ci\Jenkins\workspace\abp-volo-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 77
hi
We are unsure if the microservices request a new token with every HTTP request or if they continue using the same token until it expires and then obtain a new using refresh token.
It will request a token, cache it, and then continue to use it.
refresh_token
is not currently not supported.
So, when does he know he needs a new one? Apparently it's not getting it when the first expires. If we keep the default expiration (1 hour) the problem won't occur.
Hello! Anyone, please?
Hello again!
We've set the token generation in the AuthServer as follows in PreConfigureServices
:
PreConfigure<OpenIddictServerBuilder>(builder =>
{
builder.AddSigningCertificate(GetSigningCertificate(hostingEnvironment, configuration));
builder.AddEncryptionCertificate(GetSigningCertificate(hostingEnvironment, configuration));
builder.SetIssuer(new Uri(configuration["AuthServer:Authority"]));
builder.SetAccessTokenLifetime(TimeSpan.FromMinutes(5));
builder.SetIdentityTokenLifetime(TimeSpan.FromMinutes(5));
builder.SetRefreshTokenLifetime(TimeSpan.FromMinutes(30));
});
And the TokenCleanup as follows in ConfigureServices
:
Configure<TokenCleanupOptions>(options =>
{
options.CleanupPeriod = 1000 * 60 * 30; // Default: 3,600,000 ms, 1 hour
options.MinimumAuthorizationLifespan = TimeSpan.FromMinutes(30);
options.MinimumTokenLifespan = TimeSpan.FromMinutes(30);
});
However, for some reason, the communication between microservices is returning "Unauthorized" after 10 minutes. We are unsure if the microservices request a new token with every HTTP request or if they continue using the same token until it expires and then obtain a new using refresh token. I'm afraid we might have done something wrong. Could you please enlighten us?
hi
System.IO.InvalidDataException: Form key length limit 2048 exceeded.
You can configure the
KeyLengthLimit
ofFormOptions
.
It worked. Thanks!
Hello,
We are encountering a strange problem when trying to send a refresh token. It seems that the OpenIddict Module or .NET won't accept the length of the refresh token. The endpoint is returning the following error: "Form key length limit 2048 exceeded." The question is: Should we set the form value limit to accommodate the refresh token, or is there a way to compress its size?
Exception: [auth-server_1de50682-b]: [18:18:48 INF] Request starting HTTP/1.1 POST https://127.0.0.1:44322/connect/token application/x-www-form-urlencoded 4619 [auth-server_1de50682-b]: [18:18:48 DBG] The event OpenIddict.Validation.OpenIddictValidationEvents+ProcessRequestContext was successfully processed by OpenIddict.Validation.AspNetCore.OpenIddictValidationAspNetCoreHandlers+ResolveRequestUri. [auth-server_1de50682-b]: [18:18:48 DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ResolveRequestUri. [auth-server_1de50682-b]: [18:18:48 INF] The request URI matched a server endpoint: Token. [auth-server_1de50682-b]: [18:18:48 DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.OpenIddictServerHandlers+InferEndpointType. [auth-server_1de50682-b]: [18:18:48 DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by Volo.Abp.Account.Web.Pages.Account.OpenIddictImpersonateInferEndpointType. [auth-server_1de50682-b]: [18:18:48 DBG] The event OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext was successfully processed by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ValidateHostHeader. [auth-server_1de50682-b]: [18:18:48 DBG] An exception was thrown by OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers+ExtractPostRequest`1[[OpenIddict.Server.OpenIddictServerEvents+ExtractTokenRequestContext, OpenIddict.Server, Version=4.2.0.0, Culture=neutral, PublicKeyToken=35a561290d20de2f]] while handling the OpenIddict.Server.OpenIddictServerEvents+ExtractTokenRequestContext event. [auth-server_1de50682-b]: System.IO.InvalidDataException: Form key length limit 2048 exceeded. [auth-server_1de50682-b]: at Microsoft.AspNetCore.WebUtilities.FormPipeReader.ThrowKeyTooLargeException() [auth-server_1de50682-b]: at Microsoft.AspNetCore.WebUtilities.FormPipeReader.ParseValuesSlow(ReadOnlySequence`1& buffer, KeyValueAccumulator& accumulator, Boolean isFinalBlock) [auth-server_1de50682-b]: at Microsoft.AspNetCore.WebUtilities.FormPipeReader.ParseFormValues(ReadOnlySequence`1& buffer, KeyValueAccumulator& accumulator, Boolean isFinalBlock) [auth-server_1de50682-b]: at Microsoft.AspNetCore.WebUtilities.FormPipeReader.ReadFormAsync(CancellationToken cancellationToken) [auth-server_1de50682-b]: at Microsoft.AspNetCore.Http.Features.FormFeature.InnerReadFormAsync(CancellationToken cancellationToken) [auth-server_1de50682-b]: at OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers.ExtractPostRequest`1.HandleAsync(TContext context) [auth-server_1de50682-b]: at OpenIddict.Server.OpenIddictServerDispatcher.DispatchAsync[TContext](TContext context) [auth-server_1de50682-b]: at OpenIddict.Server.OpenIddictServerDispatcher.DispatchAsync[TContext](TContext context) [auth-server_1de50682-b]: at OpenIddict.Server.OpenIddictServerHandlers.Exchange.ExtractTokenRequest.HandleAsync(ProcessRequestContext context) [auth-server_1de50682-b]: at OpenIddict.Server.OpenIddictServerDispatcher.DispatchAsync[TContext](TContext context) [auth-server_1de50682-b]: [18:18:48 DBG] An exception was thrown by OpenIddict.Server.OpenIddictServerHandlers+Exchange+ExtractTokenRequest while handling the OpenIddict.Server.OpenIddictServerEvents+ProcessRequestContext event.