Activities of "william@iwell.nl"

Thank you, adding the lines fixed it.

var buildInGrantTypes = new[] {
    OpenIddictConstants.GrantTypes.Implicit, OpenIddictConstants.GrantTypes.Password,
    OpenIddictConstants.GrantTypes.AuthorizationCode,          OpenIddictConstants.GrantTypes.ClientCredentials,
    OpenIddictConstants.GrantTypes.DeviceCode, OpenIddictConstants.GrantTypes.RefreshToken
};

if (!buildInGrantTypes.Contains(grantType))
{
    application.Permissions.Add(OpenIddictConstants.Permissions.Prefixes.GrantType + grantType);
}
  • ABP Framework version: v8.2.2
  • UI Type: Angular
  • Database System: EF Core (SQL Server)
  • Tiered (for MVC) or Auth Server Separated (for Angular): no
  • Exception message and full stack trace:
  • Steps to reproduce the issue:

We have enabled the impersonation, however the impersonation grant type is not seeded to the database. We added "Impersonation" to the grantTypes, as described in the documentation (https://abp.io/docs/latest/modules/account/impersonation#angular). When creating a new database, the Console Test / Angular Application is added to the table OpenIddictApplications.

However, the OpenIddictApplications row Portal_App and column Permissions is missing the 'gt:Impersonation' field. This results in the error message This client application is not allowed to use the specified grant type.. We can fix this by manually adding the gt:Impersonation, as described in this issue.

We would like this to be seeded, so new databases don't require this manual step.

What are we missing?

Content of OpenIddictApplications row Portal_App and column Permissions after seeding. [ "ept:logout", "gt:authorization_code", "rst:code", "ept:authorization", "ept:token", "ept:revocation", "ept:introspection", "gt:password", "gt:client_credentials", "gt:refresh_token", "scp:address", "scp:email", "scp:phone", "scp:profile", "scp:roles", "scp:Portal" ]

Our implementation of the seeder: We are sure this one is being used, as changing the display name does work.

OpenIddictDataSeedContributor

//Console Test / Angular Client
var consoleAndAngularClientId = configurationSection["Portal_App:ClientId"];
if (!consoleAndAngularClientId.IsNullOrWhiteSpace())
{
    var consoleAndAngularClientRootUrl = configurationSection["Portal_App:RootUrl"]?.TrimEnd('/');
    await CreateApplicationAsync(
        name: consoleAndAngularClientId,
        type: OpenIddictConstants.ClientTypes.Public,
        consentType: OpenIddictConstants.ConsentTypes.Implicit,
        displayName: "Console Test / Angular Application",
        secret: null,
        grantTypes:
        [
            OpenIddictConstants.GrantTypes.AuthorizationCode,
            OpenIddictConstants.GrantTypes.Password,
            OpenIddictConstants.GrantTypes.ClientCredentials,
            OpenIddictConstants.GrantTypes.RefreshToken,
            "LinkLogin", // somehow this is not being seeded to the database
            "Impersonation" // somehow this is not being seeded to the database
        ],
        scopes: commonScopes,
        redirectUri: consoleAndAngularClientRootUrl,
        clientUri: consoleAndAngularClientRootUrl,
        postLogoutRedirectUri: consoleAndAngularClientRootUrl
    );
}

Thank you, alper!

Thanks, that works. Added it like this.

Log.Logger = new LoggerConfiguration()
               .Filter.ByExcluding(logEvent => logEvent.MessageTemplate.Text.StartsWith("An error occurred using the connection to database"))
               .ReadFrom.Configuration(configuration)
                .CreateLogger();

Thanks, the adding the filter indeed removes two of the three log entries.

There is just one entry left, see below. Any idea how to suppress/filter that one?

[16:46:01 ERR] An error occurred using the connection to database 'portal-test' on server '.'.

Thanks, adding the filter will remove the [15:48:35 ERR] A task was canceled. System.Threading.Tasks.TaskCanceledException: A task was canceled. line.

However 3 other lines are still there. Any suggestion how to suppress/filter those?

[16:46:01 ERR] An error occurred using the connection to database 'portal-test' on server '.'. [16:46:01 ERR] ---------- RemoteServiceErrorInfo ---------- { "code": null, "message": "An internal error occurred during your request!", "details": null, "data": {}, "validationErrors": null }

[16:46:01 ERR] HTTP GET /api/app/cubes?skipCount=0&maxResultCount=20 responded 500 in 1303.3537 ms

  • ABP Framework version: v7
  • UI Type: Angular
  • Database System: EF Core (SQL Server)
  • Tiered (for MVC) or Auth Server Separated (for Angular): Auth server angular

When a request is cancelled by the browser, the logs show an error (see below). However this is expected behaviour and should not be logged as error as it clutters our logs. Can you guide us in how to filter this error message from the logs?

I have read the documentation about exception handling, but did not find a way https://docs.abp.io/en/abp/latest/Exception-Handling

  1. I've created a SuppressTaskCanceledExceptionFilter. Is that the best way to go, as it inherits and overrides the AbpExceptionFilter? Better to add another filter, is there a way to do so?
  2. After creating the filter I see the message is partially gone. Only the 'An error occurred using the connection to database' stays. How to get rid of that line?
[15:48:35 ERR] An error occurred using the connection to database 'portal-test' on server '.'.
[15:48:35 ERR] ---------- RemoteServiceErrorInfo ----------
{
  "code": null,
  "message": "An internal error occurred during your request!",
  "details": null,
  "data": {},
  "validationErrors": null
}

[15:48:35 ERR] A task was canceled.
System.Threading.Tasks.TaskCanceledException: A task was canceled.
   at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenInternalAsync(Boolean errorsExpected, CancellationToken cancellationToken)
   at Microsoft.EntityFrameworkCore.Stor
using Microsoft.AspNetCore.Mvc.Filters;
    using System.Threading.Tasks;
    [ExposeServices(typeof(AbpExceptionFilter), typeof(IAsyncExceptionFilter))]
    public class SuppressTaskCanceledExceptionFilter : AbpExceptionFilter, ITransientDependency
    {
        public override Task OnExceptionAsync(ExceptionContext context)
        {
            if (context.Exception is TaskCanceledException)
            {
                context.ExceptionHandled = true; // This will suppress the logging
                return Task.CompletedTask;
            }

            return base.OnExceptionAsync(context);
        }
    }

Hi Anjali,

does it contain functionality to connect a google login after account creation? can you explain it with the scenario i am not able understand.

for example when we create user accounts, it would be convenient to have the following steps:

  1. as admin you create a user and set it's roles and organizational units
  2. as user you get an email, activate your account and login
  3. as user you want to use 2FA via google, and want to connect that to your account. So you can use that for future logins.

Step 3 is, as far as I know, not possible at the moment? Note: we use the commercial packages.

Hi Anjali,

thanks for the quick response. Using a default role helps, newly created users will see something. This resolves the 'remove cookies' step.

However, I'm still figuring out how to bypass the enable self registration step. We use the ABP commercial package which seem to handle all user management and registration. I could not find the pages/account folder to put the register.cshtm file in. Is there a way to modify this behaviour?

Another question with regards to the ABP commercial package: does it contain functionality to connect a google login after account creation?

Thank you!

  • ABP Framework version: v5.2
  • UI Type: Angular
  • Database System: EF Core (SQL Server)
  • Tiered (for MVC) or Auth Server Separated (for Angular): Auth Server Separated (for Angular)

Hi ABP team,

i have a question about account creation. We would like to create account for new employees and prepare that before they start their onboarding. But this process is a bit cumbersome at the moment.

Two requirements:

  1. using google authentication is preferred, to avoid multiple accounts and credentials and different MFA steps
  2. account creation should not be allowed (otherwise random users can create accounts)

What we do now to create an account with google authentication:

  1. sit together with the new employee
  2. admin enables the self registration
  3. new user goes to login page and clicks the login with google button
  4. a register user screen appears and the account is created with the email of the google account. A blank screen appears (no permissions)
  5. admin adds permissions
  6. new user still sees a blank screen
  7. new user removes cookies and then the page and data becomes visible
  8. admin disables the self registration

We would like to improve this proces. Can you point us in a direction how to do this? Are we encountering a (known) bug or desired (to be build) feature of the framework or should we change our implementation?

Thanks a lot!

Showing 1 to 10 of 27 entries
Made with ❤️ on ABP v9.1.0-preview. Updated on October 11, 2024, 07:13