Activities of "naeem76"

Solved by using --no-launch-profile For some reason even though the environment was set it was still using the launch profiles

  • ABP Framework version: v9.0.0
  • UI Type: MVC
  • Database System: EF Core PostgreSQL
  • Tiered (for MVC) or Auth Server Separated (for Angular): no - single layer application in this case
  • Exception message and full stack trace:
  • Steps to reproduce the issue:

Getting license errors in GitLab CI, wasn't happening before on older .NET - ABP CLI 9.0.2

[11:29:25 ERR] ABP-LIC-ERROR - License check failed for 'Volo.Abp.AspNetCore.Mvc.UI.Theme.LeptonX-v4.0.0.0'.
You need to log in using the command `abp login <username>`.
For more information, contact to license@abp.io.

the command

dotnet restore $PROJECT_NAME.csproj --runtime linux-x64
dotnet build $PROJECT_NAME.csproj --configuration Release --no-restore
dotnet run --migrate-database --configuration Release --no-build --no-restore

ASPNETCORE_ENVIRONMENT is set to Production

hi

The device code flow is used to authenticate/generate tokens for a device. e.g., ABP CLI supports this flow. You can try run abp login --device.

  1. it will generate a user code.
  2. open the abpio website. sign in and enter the user code
  3. abp will get an access token.

The source code : https://github.com/abpframework/abp/pull/10857

Yes that is working, I have already tried that, and also implemented the custom grant as well, both are working well in a test abp project. But I am just trying to understand how the default flow works under the hood for authorizing the device, so whatever happens in the /connect/verify POST endpoint, but maybe in my own appservice for example. Or maybe I want to authorize someone else's device code that was received from /device.

  • ABP Framework version: v9.0
  • UI Type:MVC
  • Database System: EF Core ( PostgreSQL )
  • Tiered (for MVC) or Auth Server Separated (for Angular): No
  • Exception message and full stack trace:
  • Steps to reproduce the issue:

Apologies if this has been asked before, just wanting a quick way to do this. Trying to implement custom grants and it is working well with that, from here. https://github.com/abpframework/abp/blob/b2878b4d3dca82811a5fc1739dee29cc88669eaa/docs/en/Community-Articles/2022-11-14-How-to-add-a-custom-grant-type-in-OpenIddict/POST.md

Now for a default flow when calling the default /device endpoint, and getting a device_code and user_code, how to authorize that manually in my own code without going through cookie authentication in the dashboard, any pointers in the right direction would be appreciated, maybe even with a user that's Bearer authenticated.

  • ABP Framework version: v8.3.1
  • UI Type: MVC
  • Database System: EF Core ( PostgreSQL)
  • Tiered (for MVC) or Auth Server Separated (for Angular): no
  • Exception message and full stack trace:
  • Steps to reproduce the issue:

I am currently using ABP 8.3.1 Pro version. There is a bug when trying to use tokens created via a custom grant. The main issue from the logs says:

[16:45:33 DBG] AuthenticationScheme: OpenIddict.Validation.AspNetCore was successfully authenticated. [16:45:33 DBG] Get dynamic claims cache for user: a9a8d44f-c8e3-482f-a870-66e93186d540 [16:45:33 DBG] Filling dynamic claims cache for user: a9a8d44f-c8e3-482f-a870-66e93186d540 [16:45:33 WRN] SessionId() claim not found for user: a9a8d44f-c8e3-482f-a870-66e93186d540, log out. [16:45:33 DBG] Remove dynamic claims cache for user: a9a8d44f-c8e3-482f-a870-66e93186d540 [16:45:33 WRN] The token is no longer valid because the user's session expired. [16:45:33 INF] Authorization failed. These requirements were not met: DenyAnonymousAuthorizationRequirement: Requires an authenticated user.

I am removing the dynamic claim right now with this as a temporary solution.

        context.Services.Configure<AbpClaimsPrincipalFactoryOptions>(options =>
        {
            options.IsDynamicClaimsEnabled = false;
        });

But I would prefer to keep them for other flows of my application.

I would prefer that my custom grant is not part of dynamic claims (or it could if you provide some code to create sessions appropriately?) This page mentions that there is a Principal Contributor: https://abp.io/docs/latest/modules/identity/session-management#how-it-works So I tried to get rid of it with this command: options.RemoveEventHandler(OpenIddictValidateIdentitySessionValidationHandler.Descriptor); But I still get the error. Maybe there is a flag I can set on the context to avoid getting my principal attached with a sessionId, but I can’t really debug further because all these packages are in the Pro and not compiled with ILDASM.

Can you please provide the following:

  1. Have a way to turn off session in this token grant
  2. Have a way to create the session appropriately when creating the token

Supporting code

public class MagicTokenHandler
{
    public const string ExtensionGrantName = "magic_token";
    public const string MagicTokenKey = "magic_token";
}

// https://github.com/abpframework/abp/blob/b2878b4d3dca82811a5fc1739dee29cc88669eaa/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.cs#L49
// https://github.com/abpframework/abp/blob/b2878b4d3dca82811a5fc1739dee29cc88669eaa/docs/en/Community-Articles/2022-11-14-How-to-add-a-custom-grant-type-in-OpenIddict/POST.md
public class MagicTokenExtensionGrant(
    IdentityUserManager identityUserManager,
    SignInManager<Volo.Abp.Identity.IdentityUser> signInManager,
    IUserClaimsPrincipalFactory<Volo.Abp.Identity.IdentityUser> userClaimsPrincipalFactory,
    AbpOpenIddictClaimsPrincipalManager abpOpenIddictClaimsPrincipalManager,
    IOpenIddictScopeManager openIddictScopeManager
) : ITokenExtensionGrant, IScopedDependency
{
    public readonly string TOKEN_HANDLER = LinkUserTokenProviderConsts.LinkUserTokenProviderName;
    public readonly string TOKEN_PURPOSE = LinkUserTokenProviderConsts.LinkUserLoginTokenPurpose;

    public string Name => MagicTokenHandler.ExtensionGrantName;

    public async Task<IActionResult> HandleAsync(ExtensionGrantContext context)
    {
        var magicToken = context.Request.GetParameter(MagicTokenHandler.MagicTokenKey).ToString();

        if (string.IsNullOrEmpty(magicToken) || string.IsNullOrEmpty(context.Request.Username))
        {
            return GenericError;
        }

        var user = await identityUserManager.FindByNameAsync(context.Request.Username);
        if (user == null)
        {
            return GenericError;
        }

        var result = await identityUserManager.VerifyUserTokenAsync(user, TOKEN_HANDLER, TOKEN_PURPOSE, magicToken);
        if (!result)
        {
            return GenericError;
        }

        var principal = await signInManager.CreateUserPrincipalAsync(user);
        var claimsPrincipal = await userClaimsPrincipalFactory.CreateAsync(user);
        claimsPrincipal.SetScopes(principal.GetScopes());
        claimsPrincipal.SetAudiences("VarScanner");
        claimsPrincipal.SetResources(await GetResourcesAsync(context, principal.GetScopes()));

        //For abp version >= 7.3
        await abpOpenIddictClaimsPrincipalManager.HandleAsync(context.Request, principal);

        return new Microsoft.AspNetCore.Mvc.SignInResult(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, claimsPrincipal);
    }

    private async Task<IEnumerable<string>> GetResourcesAsync(ExtensionGrantContext context, ImmutableArray<string> scopes)
    {
        var resources = new List<string>();
        if (!scopes.Any())
        {
            return resources;
        }

        await foreach (var resource in openIddictScopeManager.ListResourcesAsync(scopes))
        {
            resources.Add(resource);
        }

        return resources;
    }

    private ForbidResult GenericError => new ForbidResult(
        new[] { OpenIddictServerAspNetCoreDefaults.AuthenticationScheme },
        properties: new AuthenticationProperties(new Dictionary<string, string>
        {
            [OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidRequest
        }!));
}

I had to remove this AuditLoggin.AuditLogs.SettingManagement as well, any idea how this came to be?

Features Table

  • ABP Framework version: v7.1.0
  • UI Type: / MVC
  • Database System: EF Core MySQL
  • Tiered (for MVC) or Auth Server Separated (for Angular): no
  • Exception message and full stack trace:
  • Steps to reproduce the issue:

Got a random error suddenly, it cant load AbpConfigurationScript on the js side.

03:20:03 [INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationScriptController.Get (Volo.Abp.AspNetCore.Mvc) in 70.155ms
03:20:03 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationScriptController.Get (Volo.Abp.AspNetCore.Mvc)'
03:20:04 [ERR] An unhandled exception has occurred while executing the request.
Volo.Abp.AbpException: Undefined feature: AuditLogging.SettingManagement
   at Volo.Abp.Features.FeatureDefinitionManager.GetAsync(String name)
   at Volo.Abp.Features.FeatureChecker.GetOrNullAsync(String name)
   at Volo.Abp.Features.FeatureCheckerBase.IsEnabledAsync(String name)
   at Volo.Abp.Features.FeatureCheckerExtensions.IsEnabledAsync(IFeatureChecker featureChecker, Boolean requiresAll, String[] featureNames)
   at Volo.Abp.Features.RequireFeaturesSimpleStateChecker`1.IsEnabledAsync(SimpleStateCheckerContext`1 context)
   at Volo.Abp.SimpleStateChecking.SimpleStateCheckerManager`1.InternalIsEnabledAsync(TState state, Boolean useBatchChecker)
   at Volo.Abp.SimpleStateChecking.SimpleStateCheckerManager`1.IsEnabledAsync(TState state)
   at Volo.Abp.Authorization.Permissions.PermissionChecker.IsGrantedAsync(ClaimsPrincipal claimsPrincipal, String[] names)
   at Volo.Abp.Authorization.Permissions.PermissionChecker.IsGrantedAsync(String[] names)
   at Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationAppService.GetAuthConfigAsync()
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.GlobalFeatures.GlobalFeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Auditing.AuditingInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Validation.ValidationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationAppService.GetAsync(ApplicationConfigurationRequestOptions options)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.GlobalFeatures.GlobalFeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Auditing.AuditingInterceptor.ProceedByLoggingAsync(IAbpMethodInvocation invocation, AbpAuditingOptions options, IAuditingHelper auditingHelper, IAuditLogScope auditLogScope)
   at Volo.Abp.Auditing.AuditingInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Validation.ValidationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
   at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
   at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
   at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
   at Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationScriptController.Get()
   at lambda_method4685(Closure, Object)
Answer

But that's not even related to the problem. And also it failed because build failed due to errors.

Anyways a restart solved the issue.

Answer

New sample project, new entity, still got the same issue.

Showing 1 to 10 of 42 entries
Made with ❤️ on ABP v9.1.0-preview. Updated on December 13, 2024, 06:09