Activities of "nicolas.muniere@soprasteria.com"

All Question Answer
Newest Oldest
Duplicate api resources in identity server #3407
Question

We are facing "Duplicate api resources" exception using identity server pro module. This bug has already been reported here a few month ago : https://support.abp.io/QA/Questions/2672/Duplicate-api-resources-in-identity-server

liangshiwei said:

I create an internal issue and will fix it in the next version.

But still no fix available, and the ticket is locked. Can you help?

Duplicate api resources in identity server #2672
Question

We are facing "Duplicate api resources" exception using identity server pro module. This bug has already been reported here a few month ago : https://support.abp.io/QA/Questions/1126/Bugs--Issues-v43X#answer-aee6a847-3590-2a64-81de-39fbde90446e

  • ABP Framework version: v5.1.3
  • UI type: MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace:
  • Steps to reproduce the issue: From a new solution, not tiered

Login with admin Open IdentityServer clients, edit AuthService_Swagger client Go to advanced -> Grant types and add client_credentials then save

Open postman, create a new get query on whatever, example https://localhost:44345/api/identity/users In authorization, select oauth2, then grant type : client credential access token url : https://localhost:44345/connect/token client id : AuthService_Swagger client secret : 1q2w3e* scope : AuthService then click 'get new access token'

=> it works correctly, because we are using a single scope

return to abp with admin account create a new api scope named AuthService.Read

edit api ressource and select the 2 scopes, save

In swagger, add the new scope AuthService.Read after AuthService

=> it does not work anymore, here is the error in logs

2022-03-04 09:42:42.689 +01:00 [INF] {"Details":"System.Exception: Duplicate api resources found. This is an invalid configuration. Use different names for API resources. Names found: AuthService\r\n at IdentityServer4.Stores.IResourceStoreExtensions.Validate(IEnumerable1 identity, IEnumerable1 apiResources, IEnumerable1 apiScopes)\r\n at IdentityServer4.Stores.IResourceStoreExtensions.FindResourcesByScopeAsync(IResourceStore store, IEnumerable1 scopeNames)\r\n at IdentityServer4.Stores.IResourceStoreExtensions.FindEnabledResourcesByScopeAsync(IResourceStore store, IEnumerable1 scopeNames)\r\n at IdentityServer4.Validation.DefaultResourceValidator.ValidateRequestedResourcesAsync(ResourceValidationRequest request)\r\n at IdentityServer4.Validation.TokenRequestValidator.ValidateRequestedScopesAsync(NameValueCollection parameters, Boolean ignoreImplicitIdentityScopes, Boolean ignoreImplicitOfflineAccess)\r\n at IdentityServer4.Validation.TokenRequestValidator.ValidateClientCredentialsRequestAsync(NameValueCollection parameters)\r\n at IdentityServer4.Validation.TokenRequestValidator.RunValidationAsync(Func2 validationFunc, NameValueCollection parameters)\r\n at IdentityServer4.Validation.TokenRequestValidator.ValidateRequestAsync(NameValueCollection parameters, ClientSecretValidationResult clientValidationResult)\r\n at IdentityServer4.Endpoints.TokenEndpoint.ProcessTokenRequestAsync(HttpContext context)\r\n at IdentityServer4.Endpoints.TokenEndpoint.ProcessAsync(HttpContext context)\r\n at IdentityServer4.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IEndpointRouter router, IUserSession session, IEventService events, IBackChannelLogoutService backChannelLogoutService)","Category":"Error","Name":"Unhandled Exception","EventType":"Error","Id":3000,"Message":"Duplicate api resources found. This is an invalid configuration. Use different names for API resources. Names found: AuthService","ActivityId":"8000000a-0008-fc00-b63f-84710c7967bb","TimeStamp":"2022-03-04T08:42:42.0000000Z","ProcessId":30676,"LocalIpAddress":"::1:44345","RemoteIpAddress":"::1","$type":"UnhandledExceptionEvent"} 2022-03-04 09:42:42.689 +01:00 [FTL] Unhandled exception: Duplicate api resources found. This is an invalid configuration. Use different names for API resources. Names found: AuthService System.Exception: Duplicate api resources found. This is an invalid configuration. Use different names for API resources. Names found: AuthService at IdentityServer4.Stores.IResourceStoreExtensions.Validate(IEnumerable1 identity, IEnumerable1 apiResources, IEnumerable1 apiScopes) at IdentityServer4.Stores.IResourceStoreExtensions.FindResourcesByScopeAsync(IResourceStore store, IEnumerable1 scopeNames) at IdentityServer4.Stores.IResourceStoreExtensions.FindEnabledResourcesByScopeAsync(IResourceStore store, IEnumerable1 scopeNames) at IdentityServer4.Validation.DefaultResourceValidator.ValidateRequestedResourcesAsync(ResourceValidationRequest request) at IdentityServer4.Validation.TokenRequestValidator.ValidateRequestedScopesAsync(NameValueCollection parameters, Boolean ignoreImplicitIdentityScopes, Boolean ignoreImplicitOfflineAccess) at IdentityServer4.Validation.TokenRequestValidator.ValidateClientCredentialsRequestAsync(NameValueCollection parameters) at IdentityServer4.Validation.TokenRequestValidator.RunValidationAsync(Func2 validationFunc, NameValueCollection parameters) at IdentityServer4.Validation.TokenRequestValidator.ValidateRequestAsync(NameValueCollection parameters, ClientSecretValidationResult clientValidationResult) at IdentityServer4.Endpoints.TokenEndpoint.ProcessTokenRequestAsync(HttpContext context) at IdentityServer4.Endpoints.TokenEndpoint.ProcessAsync(HttpContext context) at IdentityServer4.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IEndpointRouter router, IUserSession session, IEventService events, IBackChannelLogoutService backChannelLogoutService)

<br> we cas try to use only the new scope : In swagger, replace scope with only AuthService.Read

=> it does not work, here is the error in logs

[ERR] Client AuthService\_Swagger is not allowed access to scope AuthService.Read. 2022-03-04 09:50:08.023 +01:00 [ERR] Invalid scopes requested, {"ClientId":"AuthService\_Swagger","ClientName":"AuthService\_Swagger","GrantType":"client\_credentials","Scopes":null,"AuthorizationCode":"**","RefreshToken":"**","UserName":null,"AuthenticationContextReferenceClasses":null,"Tenant":null,"IdP":null,"Raw":{"grant\_type":"client\_credentials","scope":"AuthService.Read"},"$type":"TokenRequestValidationLog"} 2022-03-04 09:50:08.023 +01:00 [INF] {"ClientId":"AuthService\_Swagger","ClientName":"AuthService\_Swagger","RedirectUri":null,"Endpoint":"Token","SubjectId":null,"Scopes":null,"GrantType":"client\_credentials","Error":"invalid\_scope","ErrorDescription":null,"Category":"Token","Name":"Token Issued Failure","EventType":"Failure","Id":2001,"Message":null,"ActivityId":"80000051-000a-fe00-b63f-84710c7967bb","TimeStamp":"2022-03-04T08:50:08.0000000Z","ProcessId":30676,"LocalIpAddress":"::1:44345","RemoteIpAddress":"::1","$type":"TokenIssuedFailureEvent"}

We are currently blocked, and need urgently a solution. Our project is starting, and if we can't archieve authentication we will have to look atfer another technical solution. Thanks for your help

Does license check still bloc dev after license expires? #912
Question

Before hiring one of my clients for a new project, I need to clarify the situation we will face when the license expires. Or to be more precise, when my client wants to bring in one of his developers in a few years and I won't be around anymore.

Currently, if a developer in my team doesn't have a valid license, they cannot run the project. I've tried with and without debbug and it doesn't change anything, project won't start. It seems normal since we have to attach it to a valid license. But what will happen when there is no more license.

Will we have to remove 'AbpLicenseCode' from appsettings.json ? Will the developers be able to debug ? Will there be other constraints ?

The nuget.config contains a reference to a commercial url.

Will this url still work?

Showing 1 to 3 of 3 entries
Made with ❤️ on ABP v8.2.0-preview Updated on March 25, 2024, 15:11