Hi,
It store
access_tokenandrefresh_tokento the cookies, It will not affect your application. And the default value isfalse. we usually don't recommend setting it to true.It will be useful when you need to call the Azure AD API(I assume you are using Azure external login).
ok, thank you.
You can consider set
SaveTokenstofalse
Thank you. It is working with this, but may I know the use of it, is there any possibility that it can impact some other functionality ?
SaveTokens
ok, let me try this
Hi,
can we use zoom https://us05web.zoom.us/j/5929668302?pwd=UXl2M2RUeG5PazVSY2ZCOW1NMUxtZz09
sure, Iet me join
Can I check it remotely? my email is shiwei.liang@volosoft.com
sure, let me send you the meeting invite.
Hi,
How do I reproduce the problem?
Or can you share a test project with me? i will check it. shiwei.liang@volosoft.com
Hi, I'll be able to share sample code only, but I cannot assure that you will be able to replicate the issue as in my case, I'm redirecting it to my application from some external application, also I'm using external login. Let me know if it is fine.
below is the error log https://abp.io/support/questions/8635/Bad-Request---Request-Too-Long#answer-3a1775dc-aad6-8d64-4a56-5a23a2169434
I didn't see any error message there.
BTW,will it work if you try this
Configure<IISServerOptions>(options => { options.MaxRequestBodySize = 209715200; }); Configure<KestrelServerOptions>(options => { options.Limits.MaxRequestBodySize = 209715200; });
yes, error is not there but still I'm getting bad request.
I tried below code, it's not working, I'm still getting bad request.
Configure<IISServerOptions>(options =>
{ options.MaxRequestBodySize = 209715200; });
Hi,
You can try this, and put a breakpoint to debug
options.Events.OnTicketReceived += receivedContext => { //Remove unnecessary claims receivedContext.Principal!.RemoveClaims("..."); return Task.CompletedTask; };
In my token I can see below claims
"iss": "exp": "iat": "aud": "sub": "oi_au_id": "preferred_username": "azp": "at_hash": "oi_tkn_id":
also, I have manually added given_name, permissionClaim, and concurrentUserId, I believe I cannot delete these, am I supposed to delete other JWTClaims even if it is not in token?
Hi,
There are too many cookies. This is an external login mechanism that stores all data in cookies.
You can try using
OnTicketReceivedto delete unnecessary claims to reduce cookie size..AddOpenIdConnect(...., options => { options.Events.OnTicketReceived += .... });
Can you share the sample code file, also I have added few claims which is required, is it possible to delete pre-defined claims?
below is the error log
2025-01-14 15:10:35.991 +08:00 [INF] Request starting HTTP/1.1 GET https://app02/UAT/eFCApp/Account/BTViewEncounter?MRN=XXXXXXXX&ENo=XXXXXXXXXXX01 - null null 2025-01-14 15:10:35.995 +08:00 [INF] Authorization failed. These requirements were not met: DenyAnonymousAuthorizationRequirement: Requires an authenticated user. 2025-01-14 15:10:35.995 +08:00 [INF] AuthenticationScheme: Identity.Application was challenged. 2025-01-14 15:10:35.995 +08:00 [INF] Request finished HTTP/1.1 GET https://app02/UAT/eFCApp/Account/BTViewEncounter?MRN=XXXXXXXX&ENO=XXXXXXXXXXX01 - 302 null null 4.7929ms 2025-01-14 15:10:36.008 +08:00 [INF] Request starting HTTP/1.1 GET https://app02/UAT/eFCApp/Account/Login?ReturnUrl=%2FUAT%2FeFCApp%2FAccount%2FBTViewEncounter%3FMRN%XXXXXXXX%26ENO%XXXXXXXXXXX01 - null null 2025-01-14 15:10:36.019 +08:00 [INF] Executing endpoint '/Account/Login' 2025-01-14 15:10:36.020 +08:00 [INF] Route matched with {page = "/Account/Login", action = "", controller = "", area = ""}. Executing page /Account/Login 2025-01-14 15:10:36.020 +08:00 [INF] [!dt trace_id=630191ab8549ef29494afe553a3167fd,span_id=d0933559fd000000,trace_sampled=true] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy 2025-01-14 15:10:36.030 +08:00 [INF] Executing handler method eFC.Web.Pages.Account.LoginCustomModel.OnGetAsync - ModelState is "Valid" 2025-01-14 15:10:36.031 +08:00 [INF] [!dt trace_id=630191ab8549ef29494afe553a3167fd,span_id=70818beb68020000,trace_sampled=true] Return URL:/UAT/eFCApp/Account/BTViewEncounter?MRN=XXXXXXXX&ENo=XXXXXXXXXXX01 2025-01-14 15:10:36.031 +08:00 [INF] Executed handler method OnGetAsync, returned result Microsoft.AspNetCore.Mvc.ChallengeResult. 2025-01-14 15:10:36.031 +08:00 [INF] Executing ChallengeResult with authentication schemes (["ADFS"]). 2025-01-14 15:10:36.032 +08:00 [INF] AuthenticationScheme: ADFS was challenged. 2025-01-14 15:10:36.032 +08:00 [INF] Executed page /Account/Login in 12.0754ms 2025-01-14 15:10:36.032 +08:00 [INF] Executed endpoint '/Account/Login' 2025-01-14 15:10:36.033 +08:00 [INF] Request finished HTTP/1.1 GET https://app02/UAT/eFCApp/Account/Login?ReturnUrl=%2FUAT%2FeFCApp%2FAccount%2FBTViewEncounter%3FMRN%XXXXXXXX%26ENo%XXXXXXXXXXX01 - 302 null null 24.9095ms 2025-01-14 15:10:42.567 +08:00 [INF] Request starting HTTP/1.1 POST https://app02/UAT/eFCApp/signin-oidc - application/x-www-form-urlencoded 1072 2025-01-14 15:10:42.568 +08:00 [INF] CORS policy execution successful. 2025-01-14 15:10:42.595 +08:00 [INF] AuthenticationScheme: Identity.External signed in. 2025-01-14 15:10:42.596 +08:00 [INF] Request finished HTTP/1.1 POST https://app02/UAT/eFCApp/signin-oidc - 302 null null 29.1642ms