Hi and thank you for that.
We have made the change and are now seeing the error below.
As you can see, it says that the token expired 5th July. How do we set it so that it's valid? Do we reset it? Can we set it not to expire?
Look forward to your reply with thanks.
Microsoft.IdentityModel.Tokens.SecurityTokenExpiredException: IDX10223: Lifetime validation failed. The token is expired. ValidTo: '07/05/2023 04:28:02', Current time: '07/21/2023 07:07:24'.
at Microsoft.IdentityModel.Tokens.Validators.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, SecurityToken securityToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
2023-07-21 07:07:24.673 +00:00 [INF] Bearer was not authenticated. Failure message: IDX10223: Lifetime validation failed. The token is expired. ValidTo: '07/05/2023 04:28:02', Current time: '07/21/2023 07:07:24'.
2023-07-21 07:07:24.693 +00:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApiExploring.AbpApiDefinitionController.Get (Volo.Abp.AspNetCore.Mvc)'
2023-07-21 07:07:24.701 +00:00 [INF] Route matched with {area = "abp", action = "Get", controller = "AbpApiDefinition", page = ""}. Executing controller action with signature Volo.Abp.Http.Modeling.ApplicationApiDescriptionModel Get(Volo.Abp.Http.Modeling.ApplicationApiDescriptionModelRequestDto) on controller Volo.Abp.AspNetCore.Mvc.ApiExploring.AbpApiDefinitionController (Volo.Abp.AspNetCore.Mvc).
2023-07-21 07:07:24.787 +00:00 [INF] Executing ObjectResult, writing value of type 'Volo.Abp.Http.Modeling.ApplicationApiDescriptionModel'.
2023-07-21 07:07:24.905 +00:00 [INF] Executed action Volo.Abp.AspNetCore.Mvc.ApiExploring.AbpApiDefinitionController.Get (Volo.Abp.AspNetCore.Mvc) in 204.4343ms
2023-07-21 07:07:24.905 +00:00 [INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApiExploring.AbpApiDefinitionController.Get (Volo.Abp.AspNetCore.Mvc)'
2023-07-21 07:07:24.906 +00:00 [INF] Request finished HTTP/1.1 GET http://dfo-prod-web.azurewebsites.net/api/abp/api-definition - - - 200 - application/json;+charset=utf-8 1483.8878ms
2023-07-21 07:07:25.258 +00:00 [INF] Request starting HTTP/1.1 GET http://dfo-prod-web.azurewebsites.net/api/app/subscription/checkout-session-url/?stripeAccount=AU&locale=auto&accountPayableEmail=vineet%40belani.com.au&plan=3&planProductId=prod_OA6MBexajdKl8H&planPriceId=price_1NNmADJpbmFTtQzMCzj1FnZR&planUserCount=1&trainingProductId=prod_NOd3sPjdre4qFo&trainingPriceId=price_1N2rr6JpbmFTtQzMUYFedLWp&trainingUserCount=1&coachingProductId=prod_NOd54xutUW9zac&coachingPriceId=price_1N2rq9JpbmFTtQzMVG4Z060T&coachingUserCount=1&couponId=&successUrl=https%3A%2F%2Fdesertfire.com.au%2Fpayment-success%2F&cancelUrl=https%3A%2F%2Fdfo-prod-web.azurewebsites.net%2Fcancel%2F&clientReferenceId=¤cy=AUD&pipeDriveId=694 application/json 0
2023-07-21 07:07:25.375 +00:00 [INF] Failed to validate the token.
Microsoft.IdentityModel.Tokens.SecurityTokenExpiredException: IDX10223: Lifetime validation failed. The token is expired. ValidTo: '07/05/2023 04:28:02', Current time: '07/21/2023 07:07:25'.
at Microsoft.IdentityModel.Tokens.Validators.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, SecurityToken securityToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
2023-07-21 07:07:25.375 +00:00 [INF] Bearer was not authenticated. Failure message: IDX10223: Lifetime validation failed. The token is expired. ValidTo: '07/05/2023 04:28:02', Current time: '07/21/2023 07:07:25'.
2023-07-21 07:07:25.395 +00:00 [INF] Authorization failed. These requirements were not met:
PermissionRequirement: Ppm.Subscriptions.GenerateCheckoutSession
2023-07-21 07:07:25.403 +00:00 [INF] AuthenticationScheme: Identity.Application was challenged.
2023-07-21 07:07:25.404 +00:00 [INF] Request finished HTTP/1.1 GET http://dfo-prod-web.azurewebsites.net/api/app/subscription/checkout-session-url/?stripeAccount=AU&locale=auto&accountPayableEmail=vineet%40belani.com.au&plan=3&planProductId=prod_OA6MBexajdKl8H&planPriceId=price_1NNmADJpbmFTtQzMCzj1FnZR&planUserCount=1&trainingProductId=prod_NOd3sPjdre4qFo&trainingPriceId=price_1N2rr6JpbmFTtQzMUYFedLWp&trainingUserCount=1&coachingProductId=prod_NOd54xutUW9zac&coachingPriceId=price_1N2rq9JpbmFTtQzMVG4Z060T&coachingUserCount=1&couponId=&successUrl=https%3A%2F%2Fdesertfire.com.au%2Fpayment-success%2F&cancelUrl=https%3A%2F%2Fdfo-prod-web.azurewebsites.net%2Fcancel%2F&clientReferenceId=¤cy=AUD&pipeDriveId=694 application/json 0 - 302 0 - 145.2284ms
2023-07-21 07:07:26.271 +00:00 [INF] Request starting HTTP/1.1 GET http://dfo-prod-web.azurewebsites.net/Account/Login?ReturnUrl=%2Fapi%2Fapp%2Fsubscription%2Fcheckout-session-url%2F%3FstripeAccount%3DAU%26locale%3Dauto%26accountPayableEmail%3Dvineet%2540belani.com.au%26plan%3D3%26planProductId%3Dprod_OA6MBexajdKl8H%26planPriceId%3Dprice_1NNmADJpbmFTtQzMCzj1FnZR%26planUserCount%3D1%26trainingProductId%3Dprod_NOd3sPjdre4qFo%26trainingPriceId%3Dprice_1N2rr6JpbmFTtQzMUYFedLWp%26trainingUserCount%3D1%26coachingProductId%3Dprod_NOd54xutUW9zac%26coachingPriceId%3Dprice_1N2rq9JpbmFTtQzMVG4Z060T%26coachingUserCount%3D1%26couponId%3D%26successUrl%3Dhttps%253A%252F%252Fdesertfire.com.au%252Fpayment-success%252F%26cancelUrl%3Dhttps%253A%252F%252Fdfo-prod-web.azurewebsites.net%252Fcancel%252F%26clientReferenceId%3D%26currency%3DAUD%26pipeDriveId%3D694 application/json 0
2023-07-21 07:07:26.329 +00:00 [INF] Failed to validate the token.
Microsoft.IdentityModel.Tokens.SecurityTokenExpiredException: IDX10223: Lifetime validation failed. The token is expired. ValidTo: '07/05/2023 04:28:02', Current time: '07/21/2023 07:07:26'.
at Microsoft.IdentityModel.Tokens.Validators.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, SecurityToken securityToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateLifetime(Nullable`1 notBefore, Nullable`1 expires, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters)
at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken)
at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
2023-07-21 07:07:26.329 +00:00 [INF] Bearer was not authenticated. Failure message: IDX10223: Lifetime validation failed. The token is expired. ValidTo: '07/05/2023 04:28:02', Current time: '07/21/2023 07:07:26'.
2023-07-21 07:07:26.341 +00:00 [INF] Executing endpoint '/Account/Login'
2023-07-21 07:07:26.347 +00:00 [INF] Route matched with {page = "/Account/Login", action = "", controller = "", area = ""}. Executing page /Account/Login
2023-07-21 07:07:26.347 +00:00 [INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy
2023-07-21 07:07:26.368 +00:00 [INF] Executing handler method Volo.Abp.Account.Public.Web.Pages.Account.PpmLoginModel.OnGetAsync - ModelState is "Valid"
2023-07-21 07:07:26.379 +00:00 [INF] Executed handler method OnGetAsync, returned result Microsoft.AspNetCore.Mvc.RazorPages.PageResult.
2023-07-21 07:07:26.670 +00:00 [INF] Executed page /Account/Login in 323.1886ms
2023-07-21 07:07:26.670 +00:00 [INF] Executed endpoint '/Account/Login'
2023-07-21 07:07:26.670 +00:00 [INF] Request finished HTTP/1.1 GET http://dfo-prod-web.azurewebsites.net/Account/Login?ReturnUrl=%2Fapi%2Fapp%2Fsubscription%2Fcheckout-session-url%2F%3FstripeAccount%3DAU%26locale%3Dauto%26accountPayableEmail%3Dvineet%2540belani.com.au%26plan%3D3%26planProductId%3Dprod_OA6MBexajdKl8H%26planPriceId%3Dprice_1NNmADJpbmFTtQzMCzj1FnZR%26planUserCount%3D1%26trainingProductId%3Dprod_NOd3sPjdre4qFo%26trainingPriceId%3Dprice_1N2rr6JpbmFTtQzMUYFedLWp%26trainingUserCount%3D1%26coachingProductId%3Dprod_NOd54xutUW9zac%26coachingPriceId%3Dprice_1N2rq9JpbmFTtQzMVG4Z060T%26coachingUserCount%3D1%26couponId%3D%26successUrl%3Dhttps%253A%252F%252Fdesertfire.com.au%252Fpayment-success%252F%26cancelUrl%3Dhttps%253A%252F%252Fdfo-prod-web.azurewebsites.net%252Fcancel%252F%26clientReferenceId%3D%26currency%3DAUD%26pipeDriveId%3D694 application/json 0 - 200 - text/html;+charset=utf-8 399.0605ms
hi
Please set
IdentityModelEventSource.ShowPII = true;and reshare the error logs. Thanks
Hi, Where do we set this?
Thanks
Hi muhammedaltug,
AbsoluteRefreshTokenLifetime: 31536000, we haven't set the SlidingRefreshTokenLifetime value so it's the default value?
We appreciate your help in the sample project and after testing and reviewing your code we think it's cleaner and has a better structure in handling login and routing than our current structure.
We're planning to implement your changes in our main project structure, it will take some time so we will keep the ticket open till we get back to you with the result. We will send the backend log then as well if the error still happens.
Thanks again for your efforts.
Hi gterdam, yes the Angular application was created separately and we installed ABP libraries and proxies to get it to work. However, the only reason why we are not updating to 5.3 is that we did lots of customizations in ABP side and it will cost us to do the upgrade process to get everything to work well with the Angular app. Is updating to 5.3 the only option to solve this?
We have recorded this video to show the error message in action and also to show the angular app code parts for the login, hopefully, it will make it easier to detect the problem: error and code video link
We noticed that the problem happens mostly with slower internet connections, it doesn't happen all the time. For the purpose of catching it on localhost, I set the value of timeout to a small value. But it shows the same error when it happens with larger values sometimes.
It seems that it might be a problem in our Angular app and the way we connect with ABP, but we can't identify where is the issue.
One suggestion that might help you and us understand the problem, we created our Angular app using the following link: https://www.initgrep.com/posts/javascript/angular/microsoft-office-addin-using-angular-cli
If you created the app the same way and get it to connect and login with ABP, perhaps this will show us the right way to do things? The steps are straightforward to get it to run on Word.
Otherwise, we have created a sample app using the link above, it has some ABP errors that we couldn't fix, if you fixed it will run exactly as our main application and then you can identify the problem: https://github.com/DesertfireOnline/ABP-Word-Addin-Sample
Thanks for your help and please let us know if you require further information.
Hi muhammedaltug thanks a lot for your reply. Your suggestion about disabling the button works better thanks. We watched the video, I think the main difference in our case is that we are using a standalone Angular app with Office-JS so it's not build inside ABP like your test project.
We will create a sample project with our code in both ABP and Angular sides and share it with you in github, perhaps it'll shed some light on the problem that we're facing.
Will update this post once we create the project, thanks.
Great thanks a lot for your support we appreciate it
No we haven't as we did lots of customization in our current ABP template. Has this been solved in 5.3? Is there any way we can solve it on 4.3.2? as we can't afford to do the upgrade now because of too much customization.
Thanks for your reply, we understand more about clock skew now. So now we have increased the test time to 6 minutes, the error message will be displayed afterwards, how can we handle it after it expires? Can you please advise how to catch it to display a message to users or how to refresh the token automatically so it doesn't throw that exception again?