Please check the logs of the real API(api/account/my-profile) website.
but the grant extension method it doesn't validate the token.
I don't understand.
You can send the code to user, then pass userid and code to your grant extension
if the code is correct. Then, return the access token. in this way, you can use the access token to call the api.
hi
Are you using the gateway?
Please check the service logs.
500 error logs seem to be on other websites.
[14:10:09 INF] [] Request starting "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - null null
[14:10:09 INF] [] CORS policy execution successful.
[14:10:09 INF] [] Handling request: /api/account/my-profile
[14:10:09 INF] [] Handling request logProject: product
[14:10:09 INF] [] Handling request logProjectGroupName: /ecs/product-dev-gateway
[14:10:09 INF] [] Handling request logProject change tenant: product
[14:10:09 INF] [Product] Executing endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"'
[14:10:09 INF] [Product] Route matched with "{area = \"account\", controller = \"Profile\", action = \"Get\", page = \"\"}". Executing controller action with signature "System.Threading.Tasks.Task`1[Volo.Abp.Account.ProfileDto] GetAsync()" on controller "Volo.Abp.Account.ProfileController" ("Volo.Abp.Account.Pro.Public.HttpApi").
[14:10:09 INF] [Product] Executed action "Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)" in 13.5452ms
[14:10:09 INF] [Product] Executed endpoint '"Volo.Abp.Account.ProfileController.GetAsync (Volo.Abp.Account.Pro.Public.HttpApi)"'
[14:10:09 INF] [] Finished handling request.
[14:10:09 INF] [] Request finished "HTTP/2" "GET" "https"://"localhost:44359""""/api/account/my-profile""" - 500 null "application/json" 195.4187ms
hi
after calling the /api/account/my-profile API, I am encountering an internal server error.
Please call the API a few more times and share the log. Your log seems incomplete.
Thanks.
You can set log level to Debug
public class Program
{
public async static Task<int> Main(string[] args)
{
Log.Logger = new LoggerConfiguration()
.MinimumLevel.Debug()
.MinimumLevel.Override("Microsoft.EntityFrameworkCore", LogEventLevel.Warning)
.Enrich.FromLogContext()
.WriteTo.Async(c => c.File("Logs/logs.txt"))
.WriteTo.Async(c => c.Console())
.CreateLogger();
hi
Something like this:
return new Microsoft.AspNetCore.Mvc.SignInResult(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, claimsPrincipal); will generate a access token.
namespace G1.health.AuthServer.PasswordlessAuthentication;
public class EmpowermTokenExtensionGrant : ITokenExtensionGrant
{
public const string ExtensionGrantName = "PasswordlessLoginProvider";
public string Name => ExtensionGrantName;
public async Task<IActionResult> HandleAsync(ExtensionGrantContext context)
{
var userToken = context.Request.GetParameter("token").ToString();
if (string.IsNullOrEmpty(userToken))
{
return new ForbidResult(
new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
properties: new AuthenticationProperties(new Dictionary<string, string>
{
[OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidRequest
}!));
}
var userId = context.Request.GetParameter("userid").ToString();
if (string.IsNullOrEmpty(userId))
{
return new ForbidResult(
new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
properties: new AuthenticationProperties(new Dictionary<string, string>
{
[OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidRequest
}!));
}
var userManager = context.HttpContext.RequestServices.GetRequiredService<EmpowermIdentityUserManager>();
var user = await userManager.GetByIdAsync(userId);
if(!await UserManager.VerifyUserTokenAsync(user, "PasswordlessLoginProvider", "passwordless-auth", token))
{
return new ForbidResult(
new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
properties: new AuthenticationProperties(new Dictionary<string, string>
{
[OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidRequest
}!));
}
var userClaimsPrincipalFactory = context.HttpContext.RequestServices.GetRequiredService<IUserClaimsPrincipalFactory<Volo.Abp.Identity.IdentityUser>>();
var claimsPrincipal = await userClaimsPrincipalFactory.CreateAsync(user);
claimsPrincipal.SetScopes(principal.GetScopes());
claimsPrincipal.SetResources(await GetResourcesAsync(context, principal.GetScopes()));
await context.HttpContext.RequestServices.GetRequiredService<AbpOpenIddictClaimsPrincipalManager>().HandleAsync(context.Request, claimsPrincipal);
return new Microsoft.AspNetCore.Mvc.SignInResult(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, claimsPrincipal);
}
private async Task<IEnumerable<string>> GetResourcesAsync(ExtensionGrantContext context, ImmutableArray<string> scopes)
{
var resources = new List<string>();
if (!scopes.Any())
{
return resources;
}
await foreach (var resource in context.HttpContext.RequestServices.GetRequiredService<IOpenIddictScopeManager>().ListResourcesAsync(scopes))
{
resources.Add(resource);
}
return resources;
}
}
hi
These code are not compatible with your case.
You should use UserManager.VerifyUserTokenAsync(user, "PasswordlessLoginProvider", "passwordless-auth", token) to check the code.
If the code is correct, you can generate the access_token for the user.
And there is no user in your token request. You can consider passing a userid in the request.
var transaction = await context.HttpContext.RequestServices.GetRequiredService<IOpenIddictServerFactory>().CreateTransactionAsync();
transaction.EndpointType = OpenIddictServerEndpointType.Introspection;
transaction.Request = new OpenIddictRequest
{
ClientId = context.Request.ClientId,
ClientSecret = context.Request.ClientSecret,
Token = userToken
};
var notification = new OpenIddictServerEvents.ProcessAuthenticationContext(transaction);
var dispatcher = context.HttpContext.RequestServices.GetRequiredService<IOpenIddictServerDispatcher>();
await dispatcher.DispatchAsync(notification);
if (notification.IsRejected)
{
return new ForbidResult(
new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
properties: new AuthenticationProperties(new Dictionary<string, string>
{
[OpenIddictServerAspNetCoreConstants.Properties.Error] = notification.Error ?? OpenIddictConstants.Errors.InvalidRequest,
[OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = notification.ErrorDescription,
[OpenIddictServerAspNetCoreConstants.Properties.ErrorUri] = notification.ErrorUri
}));
}
var principal = notification.GenericTokenPrincipal;
if (principal == null)
{
return new ForbidResult(
new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
properties: new AuthenticationProperties(new Dictionary<string, string>
{
[OpenIddictServerAspNetCoreConstants.Properties.Error] = notification.Error ?? OpenIddictConstants.Errors.InvalidRequest,
[OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = notification.ErrorDescription,
[OpenIddictServerAspNetCoreConstants.Properties.ErrorUri] = notification.ErrorUri
}));
}
Please share the error logs of the 500
hi
I am encountering an internal server error.
Can you share the error logs of the 500?
The access_token you passed to API is not gotten from ABP. I think API doesn't recognize it.
hi
I need to implement a new datafilter called ICompany which will hold a guid for the current company a user has chosen. This filter needs to be used across several abp modules each with their own DBContext. What's the best way to implement this given my use case
public interface ICompany
{
Guid CompanyId { get; set; }
}
ICompany interface.ICompany in some entities of some modules.StructureCloudDbContext.(https://abp.io/docs/latest/framework/infrastructure/data-filtering#entityframework-core)how would I go about setting the CompanyId for this filter when a user changes the current company guid they are wanting to filter the data with.
How do your users change their CompanyId?
Where do you store the CompanyId? In CurrentUserClaims?
This article stores the OrganizationId in IDistributedCache and changes it in ASPNET Core middleware
hi
Your StructureCloudDbContext has already replaced some modules.
You can add your custom data filter in StructureCloudDbContext.
https://abp.io/docs/latest/framework/infrastructure/data-filtering#entityframework-core
