Activities of "enisn"

Feel free to re-open or create another issue whenever you face an issue while implementing it

It's a strange case. We could reproduce the same problem. It doesn't affect for a while or page-refresh is required to see the it.

I'm creating an internal issue for this and out team will try to figure it out and provide a solution in the framework

Hi,

Our team is working on this topic, we've sent for a report to anti-virus softwares to indicate a false-positive situation but the process isn't completed yet. It seems this is a behavioral situation and not related to a specific code or DLL file. If we have more information about what is the specific action, we might improve that case, but for now we're awaiting response primarily from kaspersky. We do not face ant problems with other anti-virus softwares than kaspersky for now.

Hi @cheelam1220

It's hard to understand the exact problem but based on the information available, the issue described involves a token expiration error. The log indicates a SecurityTokenExpiredException, meaning the token's lifetime validation has failed because it is expired.

Suggested Solutions:

1. Ensure Proper Token Lifetime:

   • Check your token configuration in your authentication server.
   • Verify settings like TokenLifetime in your application settings or wherever the token expiration policy is defined. Extend the token validity duration if necessary.

2. Handle Refresh Tokens:

   • Implement a refresh token mechanism if not already in place. This ensures users can obtain new tokens without needing to re-login when the current token expires.

3. Synchronization of Server Clocks:

   • Check the server's time settings. Differences between the authentication server's clock and the API server's clock can cause this error.

4. Check for Long-Running Requests:

   • Ensure tokens do not expire during long-running API calls. You might need to adjust the token expiration or rethink how long-running tasks are handled.

5. Diagnostics:

   • Add more detailed logging to trace how tokens are being issued and validated.
   • Verify the middleware in your application pipeline (e.g., JwtBearerMiddleware) is correctly handling token validation.

If these steps don't resolve the issue, more details about the token generation and validation process might be necessary to troubleshoot further.

Hi,

In Entity Framework doesn't define any kind of bulk operations and it uses AddRangeAsync() method. If the database provider and EF adapter package supports, it updates database once but it's not guaranteed. It depends on your provider and provider package.

https://github.com/abpframework/abp/blob/7fb232b7b73d0031e1c40c5a2385a6373c4c2729/framework/src/Volo.Abp.EntityFrameworkCore/Volo/Abp/Domain/Repositories/EntityFrameworkCore/EfCoreRepository.cs#L139-L150

You can provide a method for bulk operations by implementing IEfCoreBulkOperationProvider on your own and use such libraries like [EntityFramework-Plus(https://github.com/zzzprojects/EntityFramework-Plus) inside this provider implementation:

[Dependency(ReplaceServices = true)]
[ExposeServices(typeof(IEfCoreBulkOperationProvider))]
public class MyProjectNameBulkOperationProvider : IEfCoreBulkOperationProvider, ITransientDependency
{
    public async Task DeleteManyAsync<TDbContext, TEntity>(IEfCoreRepository<TEntity> repository, IEnumerable<TEntity> entities, bool autoSave, CancellationToken cancellationToken)
         where TDbContext : IEfCoreDbContext where TEntity : class, IEntity
    {
        // Your custom bulk delete logic here...

    }

    public async Task InsertManyAsync<TDbContext, TEntity>(IEfCoreRepository<TEntity> repository, IEnumerable<TEntity> entities, bool autoSave, CancellationToken cancellationToken)
         where TDbContext : IEfCoreDbContext where TEntity : class, IEntity
    {
        // Your custom bulk insert logic here...

    }

    public async Task UpdateManyAsync<TDbContext, TEntity>(IEfCoreRepository<TEntity> repository, IEnumerable<TEntity> entities, bool autoSave, CancellationToken cancellationToken)
         where TDbContext : IEfCoreDbContext where TEntity : class, IEntity
    {
        // Your custom bulk update logic here...

    }
}

Hi,

As the beste practise, we only enable swagger in debug mode by default. But if you need to an authentication, you can go with Basic Authentication and it's something like that:

public class BasicAuthenticationMiddleware
{
    private readonly RequestDelegate _next;

    public BasicAuthenticationMiddleware(RequestDelegate next)
    {
        _next = next;
    }

    public async Task InvokeAsync(HttpContext context)
    {
        // Check if the request path matches /swagger
        if (context.Request.Path.StartsWithSegments("/swagger"))
        {
            if (!context.Request.Headers.ContainsKey("Authorization"))
            {
                context.Response.Headers["WWW-Authenticate"] = "Basic";
                context.Response.StatusCode = StatusCodes.Status401Unauthorized;
                return;
            }

            var authHeader = context.Request.Headers["Authorization"].ToString();
            if (authHeader.StartsWith("Basic ", StringComparison.OrdinalIgnoreCase))
            {
                var encodedCredentials = authHeader.Substring("Basic ".Length).Trim();
                var decodedCredentials = Encoding.UTF8.GetString(Convert.FromBase64String(encodedCredentials));
                var parts = decodedCredentials.Split(':', 2);
                if (parts.Length == 2 && ValidateCredentials(parts[0], parts[1]))
                {
                    await _next(context); // Proceed to the next middleware
                    return;
                }
            }

            context.Response.StatusCode = StatusCodes.Status401Unauthorized; // Unauthorized
            return;
        }

        // Continue with the pipeline for other requests
        await _next(context);
    }

    private bool ValidateCredentials(string username, string password)
    {
        // Replace with your logic to validate credentials
        return username == "admin" && password == "password";
    }
}

app.UseMiddleware<BasicAuthenticationMiddleware>();

And browser will prompt users for username and password:

Hi @portx-dev

ABP Framework does not have built-in React support and we're not expert on react at the moment.

But, we have React Native support in our templates, you can find it as Mobile UI option while creating a new solution:

Whenever you choose it, your solution will have a react native project and everything is written in this tempalte and not using npm packages. You can easily review and see how an ABP backend can be connected to a javascript application. That may help you to integrate react application I think

Hi,

It's hard to determine the exact problem right now but here is some extra suggestions to find the source of problem and we can help then:

1. Investigate Dependencies: The error indicates a problem with Microsoft.Extensions.DependencyInjection.ActivatorUtilities.CreateInstance. Ensure that all dependencies related to this library are properly included in your project and container. Sometimes, certain assemblies may not be copied during the publishing process. Verify the contents of the bin/Release/net9.0/publish/ folder.

2. Check .NET Version: Ensure the container is using the correct version of the .NET runtime that matches your application's target framework. The Dockerfile uses mcr.microsoft.com/dotnet/aspnet:9.0, so confirm this aligns with your application.

3. Debug Assembly Loading: Since this issue occurs only in the containerized environment, it could be related to assembly loading. You might need to explicitly include certain assemblies in the Dockerfile or publishing settings.

4. Test with Minimal Setup: Try running the application in a simpler containerized environment, like Docker alone, instead of Kubernetes. This can help isolate Kubernetes-specific issues.

5. Update ABP Framework: If you're not using the latest version of ABP Framework, consider updating it to rule out potential framework bugs.

6. WebAssembly Module Loading: The error happens when loading the WebAssembly UI module. Look into how the module is loaded and initialized, especially in a containerized environment. Ensure any required configuration files for the WebAssembly module are accessible within the container.

7. Logs and Diagnostics: Examine the application and container logs closely. While you mentioned the pod logs are clear, additional diagnostic tools like dotnet-dump or dotnet-trace could provide insights into what happens at the point of failure.

These steps aim to help pinpoint the source of the issue and resolve the containerized deployment problem. Further information may help us to undertsand and solve the problem

Hi,

Since it's a still a Blazor application, you can implement your own AuthenticationStateProvider and notify authentication system from single point like something similar:

[Volo.Abp.DependencyInjection.Dependency(ReplaceServices = true)]
[ExposeServices(typeof(AuthenticationStateProvider))]
public class CustomAuthenticationStateProvider : AuthenticationStateProvider, ISingletonDependency
{
    private ClaimsPrincipal _currentUser = new ClaimsPrincipal(new ClaimsIdentity());
    
    public void NotifyUserChanged(ClaimsPrincipal user)
    {
        _currentUser = user;
        NotifyAuthenticationStateChanged(GetAuthenticationStateAsync());
    }

    public override Task<AuthenticationState> GetAuthenticationStateAsync()
    {
        return Task.FromResult(new AuthenticationState(_currentUser));
    }
}

You can call NotifyUserChanged by injecting singleton CustomAuthenticationStateProvider service to notify all the existing components about the state is changed.

We also faced a similar problem during the investigation, we'll try to find a solution on framework level, but for now this can be a workaround

The error message indicates that the requested authorization policy was not granted, stemming from either a configuration issue or missing permissions. Based on the details provided, here are a few steps to troubleshoot the issue:

1. Policy Configuration:

   • Verify that the required authorization policy is correctly defined in your project. Policies in ABP Framework can be set in the Startup.cs file using the ConfigureServices method. Ensure that the specific policy mentioned is correctly implemented and mapped to roles or claims.

2. Azure App Registration Settings:

   • Double-check the settings for your Azure App Registration. Specifically:
     • Check API permissions to ensure the necessary scope is granted.
     • Validate Redirect URIs to match the URLs used in your application.
     • Ensure that Multi-Factor Authentication (MFA) settings align with the organization’s configuration. The error AADSTS50076 is often related to MFA requirements or configuration changes.

3. Claims Mapping:

   • Confirm that claims are being correctly mapped during authentication and that the claim used in the authorization policy is present. Check logs to ensure claims are being read correctly after login.

4. Logging and Debugging:

   • Enable detailed logging for your application to capture errors related to OpenIdConnect authentication.
   • Use tools like Fiddler or browser developer tools to analyze the authentication flow and see where issues might arise.

5. Check ABP Framework Configuration:

   • Verify the configuration settings for OpenIdConnect in your application, especially the identity server integration within ABP. Ensure your settings in appsettings.json align with Azure portal configuration.