Worked Thanks for the support
We used the below statement to filter data for ExtraProperties, not working for mongoDb
(await GetQueryableAsync()).Where(u => EF.Property<string>(u, "SocialSecurityNumber") == "123")
Is there any other way to filter Extraproperties in MongoDB, Please advise.
hi
The
AbpEntityChanges" & "AbpEntityPropertyChanges
are sub-navigation of theAuditLog
aggregate root.So you should
crud
them byIAuditLogRepository
Thanks for the input, Let us try the same and update you accordingly.
We would like to implement the Audit Trial for MonGo DB services, as it is not there Out of the box(if we are not wrong we are planning to implement with custom code). we tried to find the menthods/repository to have the CURD operations on "AbpEntityChanges" & "AbpEntityPropertyChanges", but not able to find the same. can you please advise.
hi
You need to use a existing
scope
egAuthServer
context.Services.AddAuthentication() .AddJwtBearer(options => { options.Authority = configuration["AuthServer:Authority"]; options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]); options.Audience = "AuthServer"; });
Thanks for the quick response, below is our Auth server Audiance, do we need to replace 'AccountService' with 'AuthServer' or we need to add new Audiance 'AuthServer'?
hi
Your
JwtBearer
requires anAccountService
audience.context.Services.AddAuthentication() .AddJwtBearer(options => { options.Authority = configuration["AuthServer:Authority"]; options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]); options.Audience = "AccountService"; });
but your access token doesn't have this audience.
By the way, does AccountService exist in your identity server?
AccountService does not exist in our identity server, We upgraded our Application from Version 5.1.3 to 7.3.2 and there was no AccountService in 5.1.3, Can you please what will be the best possiblesolution
https://identityserver4.readthedocs.io/en/docs-preview/search.html?q=audience&check_keywords=yes&area=default
Thanks for the inputs, We will check and update accordingly
Hi Sry for delay,
I sahred the code to your email liming.ma@volosoft.com (via WeTransfer)
hi
You can try to add
AccountService
here
If we add 'AccountService', we are getting this error: 2024-01-25 11:56:57.402 +05:30 [ERR] Scope AccountService not found in store. 2024-01-25 11:56:57.402 +05:30 [ERR] Request validation failed
Without 'AccountService', we are getting this error:
2024-01-25 12:01:34.565 +05:30 [INF] Executing endpoint '/Account/ImpersonateUser'
2024-01-25 12:01:34.567 +05:30 [INF] Route matched with {page = "/Account/ImpersonateUser", action = "", controller = "", area = ""}. Executing page /Account/ImpersonateUser
2024-01-25 12:01:34.567 +05:30 [INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy
2024-01-25 12:01:34.582 +05:30 [INF] Executing handler method Volo.Abp.Account.Public.Web.Pages.Account.ImpersonateUserModel.OnGetAsync - ModelState is "Valid"
2024-01-25 12:01:34.586 +05:30 [INF] Failed to validate the token.
Microsoft.IdentityModel.Tokens.SecurityTokenInvalidAudienceException: IDX10214: Audience validation failed. Audiences: 'IdentityService, AdministrationService, SaasService, EmployeeService, IncidentService, AttachmentService, ObservationsService, ActionService, UserTaskService, HSEPlansService, NCRService, CustomerService, InspectionService, Forms, FileManagement, AuthServer, RMService, TMService, PTWService'. Did not match: validationParameters.ValidAudience: 'AccountService' or validationParameters.ValidAudiences: 'null'.
at Microsoft.IdentityModel.Tokens.Validators.ValidateAudience(IEnumerable1 audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateAudience(IEnumerable
1 audiences, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters, BaseConfiguration configuration)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateJWS(String token, TokenValidationParameters validationParameters, BaseConfiguration currentConfiguration, SecurityToken& signatureValidatedToken, ExceptionDispatchInfo& exceptionThrown)
--- End of stack trace from previous location ---
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, JwtSecurityToken outerToken, TokenValidationParameters validationParameters, SecurityToken& signatureValidatedToken)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
2024-01-25 12:01:34.586 +05:30 [INF] Bearer was not authenticated. Failure message: IDX10214: Audience validation failed. Audiences: 'IdentityService, AdministrationService, SaasService, EmployeeService, IncidentService, AttachmentService, ObservationsService, ActionService, UserTaskService, HSEPlansService, NCRService, CustomerService, InspectionService, Forms, FileManagement, AuthServer, RMService, TMService, PTWService'. Did not match: validationParameters.ValidAudience: 'AccountService' or validationParameters.ValidAudiences: 'null'.
2024-01-25 12:01:34.600 +05:30 [WRN] ---------- RemoteServiceErrorInfo ----------
{
"code": "Volo.Account:RequirePermissionToImpersonateUser",
"message": "Require AbpIdentity.Users.Impersonation permission to impersonate user!",
"details": null,
"data": {
"PermissionName": "AbpIdentity.Users.Impersonation"
},
"validationErrors": null
}
2024-01-25 12:01:34.600 +05:30 [WRN] Exception of type 'Volo.Abp.BusinessException' was thrown. Volo.Abp.BusinessException: Exception of type 'Volo.Abp.BusinessException' was thrown. at Volo.Abp.Account.Web.Pages.Account.IdentityServerImpersonateUserModel.OnGetAsync() at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.ExecutorFactory.GenericTaskHandlerMethod.Convert[T](Object taskAsObject) at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.ExecutorFactory.GenericTaskHandlerMethod.Execute(Object receiver, Object[] arguments) at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker.InvokeHandlerMethodAsync() at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker.InvokeNextPageFilterAsync() at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker.Rethrow(PageHandlerExecutedContext context) at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker.InvokeInnerFilterAsync() at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted) 2024-01-25 12:01:34.658 +05:30 [WRN] Code:Volo.Account:RequirePermissionToImpersonateUser 2024-01-25 12:01:34.658 +05:30 [WRN] Details: 2024-01-25 12:01:34.660 +05:30 [WRN] ---------- Exception Data ---------- PermissionName = AbpIdentity.Users.Impersonation
We Upgraded our application from 5.1.3 to 7.3.2 and We are using 'AuthServer' not using 'AccountService' in Scopes