Activities of "riley.trevillion"

Hello, thankyou for the information you have provided!

For customizing the MVC login screen, I have followed the instructions you have at this link - https://gist.github.com/ebicoglu/ce0f0425bab806d0ee1a87d0073af96b but this seems to only allow us to change the login form itself, but none of the structure / layouts around it. For example, what if I want to set the background to an image and move the login form over to the right of the screen? I've attached a picture showing a potential arrangement of the login screen. To be clear, I'm not asking how to implement this specific layout, rather I'm asking how can we implement layouts like it. The picture is just an example. It would also be important to know if layouts like the one in the picture be easily achieved without access to the commercial modules sourcecode, or do we require access to the commercial modules sourcecode to do this?

With regards to the Angular specific styling, you mention that there is something coming in v4.2-preview that will make it easier to add our own custom styling to the Lepton themed Angular components. Are you able to provide further details on the feature and how it will work?

In the meantime, before the new feature is available, if we had full access to the commercial module sourcecode (i.e business plan), would we be able to make our own styles for the Lepton themed Angular UI and put them into the application without too much trouble? It doesn't have to be a dynamically loaded style. It could be one premade at build time. Is there a guide somewhere on how this can be done with the Angular UI? I noticed the link you provided (https://community.abp.io/articles/creating-a-new-ui-theme-by-copying-the-basic-theme-for-blazor-ui-qaf5ho1b) was for the Blazor UI and not the Angular UI. The main thing we want to determine here is whether full access to the sourcecode is needed to change the styling, colours etc. of all the existing Lepton UI elements easily without requiring us to have to rip apart the entire framework to get it done.

Thankyou in advanced

Hi Alper and Mehmet

I'm very sorry for not responding back to this issue - I've been very busy implementing client functionality within the ABP framework(!) and it slipped my mind.

Thankyou for the instructions you provided. I have used bits and pieces from them with varying levels of success (like using the global styles to override component level styles and adding a new theme). I did, however, have to download the Lepton Theme sourcecode and integrate it within our main project to make the changes needed for the login screen layout we wanted.

I understand the styling customization features slated for 4.2 got pushed to 4.3, so I might revisit our approach once 4.3 comes out.

Thankyou again for your help. Keep up the good work!

• ABP Framework version: v4.2.2
• UI type: Angular
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): No
• Exception message and stack trace: See my comment (due to text limit)
• Steps to reproduce the issue: See below

Hello

I'm having trouble with users self registering where they are being directly logged into the application before they've confirmed their email address. This only occurs when they register initially. If they log out and attempt to log in again they are prevented from doing so until they confirm their email address. Ideally, they should not be immediately logged in upon registration until they have confirmed their email.

I have seen other people bring this issue up in another ticket (https://github.com/abpframework/abp/issues/3541), but I don't think concrete steps have been given to you for confirming the issue which is why it was closed off. Hopefully these steps will help

Steps To Reproduce

1. Brand new project created via ABP Suite v4.2.2
2. Build the app, run initial db migration, yarn install, yarn start etc etc. to get ABP running as per the standard documention you provide to your users for setup
3. Log in as the preseeded host admin user (I have confirmed this issue also affects user registration with tenants too)
4. Enable 'Require confirmed email' setting
5. Log out
6. Register a new user from the login page
7. Observe that the user is immediately taken to the home page and is logged into the application instead of returned to the login screen until they confirm their email
8. Confirmation email was 'sent' (NullEmailSender for development) during the registration process as expected. Evidence of this is in the log extract below provided in my comment. Clicking on the confirmation link provided correctly verifies the user email allowing them access to the application for subsequent logins. The log extract is from the moment I pressed the 'Register' button through to the home screen above where the user is logged in.

<br> Any assistance on whether I need to perform additional configuration would be appreciated, or whether this is a bug that needs fixing. If it's a bug, any workaround code as a temporary solution until a real fix is integrated into the main ABP codebase would also be appreciated.

Thankyou

Log extract part 1 (split due to forum text limit) <br>

[17:57:04 INF] Request starting HTTP/2 POST https://localhost:44362/Account/Register?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DEmailConfirmationVerify_App%26state%3DLWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A4200%26scope%3Doffline_access%2520openid%2520profile%2520role%2520email%2520phone%2520EmailConfirmationVerify%26code_challenge%3DcQ4FhogKNMUbr6EIkVpCDsG-db_LISzwN8TPrhdWWp8%26code_challenge_method%3DS256%26nonce%3DLWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs application/x-www-form-urlencoded 278
[17:57:04 INF] CORS policy execution failed.
[17:57:04 INF] Request origin https://localhost:44362 does not have permission to access the resource.
[17:57:04 INF] No CORS policy found for the specified request.
[17:57:04 INF] Executing endpoint '/Account/Register'
[17:57:04 INF] Route matched with {page = "/Account/Register", action = "", controller = "", area = ""}. Executing page /Account/Register
[17:57:04 INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy
[17:57:04 INF] Executing handler method Volo.Abp.Account.Public.Web.Pages.Account.RegisterModel.OnPostAsync - ModelState is Valid
[17:57:04 DBG] Added 0 entity changes to the current audit log
[17:57:04 DBG] Added 0 entity changes to the current audit log
[17:57:04 DBG] Added 0 entity changes to the current audit log
[17:57:04 DBG] Added 0 entity changes to the current audit log
[17:57:04 WRN] USING NullEmailSender!
[17:57:04 DBG] SendEmailAsync:
[17:57:04 DBG] test.user@fakedomain.com
[17:57:04 DBG] 
[17:57:04 DBG] Email confirmation
[17:57:04 DBG] <!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta charset="utf-8" />
</head>
<body>
    <h3>Email confirmation</h3>
<p>Please confirm your email address by clicking the following link.</p>
<div>
    <a href="https://localhost:44362/Account/EmailConfirmation?userId=39fb9418-c0c9-105d-2469-f451a67e059c&tenantId=&confirmationToken=CfDJ8EsHVoI09O9NqclZwYBgchfwhFgPHiKsv2nj17jXpv7vh3DthB5QHOvX5iim0tJ2q%2BXiHpfS9DAj%2BPNn4KYkIyQqe6Ky1gvPndCYob7rFZ9WS%2BuLOKgSLCUSIf3MOBORWNAI5X%2Bo1cv6nLCN4Oo3seFtoYEAAZUd8mAVfAv0oIzTeHAjTkT%2BWORmsSy2HuclR70ALN8Bs8rvENhedD3sth8lgfDya4OIzH6v1y1J563ia665fkOX0uqh%2BHqdnH25%2FQ%3D%3D&returnUrl=http://localhost:4200">Confirm my email address</a>
</div>
</body>
</html>
[17:57:04 DBG] Augmenting SignInContext
[17:57:04 DBG] Adding idp claim with value: local
[17:57:04 DBG] Adding amr claim with value: pwd
[17:57:04 DBG] Adding auth_time claim with value: 1617087424
[17:57:04 INF] AuthenticationScheme: Identity.Application signed in.
[17:57:04 INF] Executed handler method OnPostAsync, returned result Microsoft.AspNetCore.Mvc.RedirectResult.
[17:57:04 INF] Executing RedirectResult, redirecting to /connect/authorize/callback?response_type=code&client_id=EmailConfirmationVerify_App&state=LWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs&redirect_uri=http%3A%2F%2Flocalhost%3A4200&scope=offline_access%20openid%20profile%20role%20email%20phone%20EmailConfirmationVerify&code_challenge=cQ4FhogKNMUbr6EIkVpCDsG-db_LISzwN8TPrhdWWp8&code_challenge_method=S256&nonce=LWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs.
[17:57:04 INF] Executed page /Account/Register in 79.2189ms
[17:57:04 INF] Executed endpoint '/Account/Register'
[17:57:04 DBG] Added 0 entity changes to the current audit log
[17:57:04 DBG] Added 0 entity changes to the current audit log
[17:57:04 INF] Request finished HTTP/2 POST https://localhost:44362/Account/Register?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DEmailConfirmationVerify_App%26state%3DLWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs%26redirect_uri%3Dhttp%253A%252F%252Flocalhost%253A4200%26scope%3Doffline_access%2520openid%2520profile%2520role%2520email%2520phone%2520EmailConfirmationVerify%26code_challenge%3DcQ4FhogKNMUbr6EIkVpCDsG-db_LISzwN8TPrhdWWp8%26code_challenge_method%3DS256%26nonce%3DLWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs application/x-www-form-urlencoded 278 - 302 - - 95.2128ms
[17:57:04 INF] Request starting HTTP/2 GET https://localhost:44362/connect/authorize/callback?response_type=code&client_id=EmailConfirmationVerify_App&state=LWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs&redirect_uri=http%3A%2F%2Flocalhost%3A4200&scope=offline_access%20openid%20profile%20role%20email%20phone%20EmailConfirmationVerify&code_challenge=cQ4FhogKNMUbr6EIkVpCDsG-db_LISzwN8TPrhdWWp8&code_challenge_method=S256&nonce=LWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs - -
[17:57:04 DBG] Request path /connect/authorize/callback matched to endpoint type Authorize
[17:57:04 DBG] Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeCallbackEndpoint
[17:57:04 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeCallbackEndpoint for /connect/authorize/callback
[17:57:04 DBG] Start authorize callback request
[17:57:04 DBG] User in authorize request: 39fb9418-c0c9-105d-2469-f451a67e059c
[17:57:04 DBG] Start authorize request protocol validation
[17:57:04 DBG] client configuration validation for client EmailConfirmationVerify_App succeeded.
[17:57:04 DBG] Checking for PKCE parameters
[17:57:04 DBG] Calling into custom validator: IdentityServer4.Validation.DefaultCustomAuthorizeRequestValidator
[17:57:04 DBG] ValidatedAuthorizeRequest
{"ClientId": "EmailConfirmationVerify_App", "ClientName": "EmailConfirmationVerify_App", "RedirectUri": "http://localhost:4200", "AllowedRedirectUris": ["http://localhost:4200"], "SubjectId": "39fb9418-c0c9-105d-2469-f451a67e059c", "ResponseType": "code", "ResponseMode": "query", "GrantType": "authorization_code", "RequestedScopes": "offline_access openid profile role email phone EmailConfirmationVerify", "State": "LWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs", "UiLocales": null, "Nonce": "LWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs", "AuthenticationContextReferenceClasses": null, "DisplayMode": null, "PromptMode": "", "MaxAge": null, "LoginHint": null, "SessionId": "60EB95D1AF5D4756950AB452A81480BF", "Raw": {"response_type": "code", "client_id": "EmailConfirmationVerify_App", "state": "LWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs", "redirect_uri": "http://localhost:4200", "scope": "offline_access openid profile role email phone EmailConfirmationVerify", "code_challenge": "cQ4FhogKNMUbr6EIkVpCDsG-db_LISzwN8TPrhdWWp8", "code_challenge_method": "S256", "nonce": "LWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs"}, "$type": "AuthorizeRequestValidationLog"}
[17:57:04 DBG] Client is configured to not require consent, no consent is required
[17:57:04 DBG] Creating Authorization Code Flow response.
[17:57:04 INF] {"ClientId": "EmailConfirmationVerify_App", "ClientName": "EmailConfirmationVerify_App", "RedirectUri": "http://localhost:4200", "Endpoint": "Authorize", "SubjectId": "39fb9418-c0c9-105d-2469-f451a67e059c", "Scopes": "offline_access openid profile role email phone EmailConfirmationVerify", "GrantType": "authorization_code", "Tokens": [{"TokenType": "code", "TokenValue": "****787D", "$type": "Token"}], "Category": "Token", "Name": "Token Issued Success", "EventType": "Success", "Id": 2000, "Message": null, "ActivityId": "80000089-0001-d900-b63f-84710c7967bb", "TimeStamp": "2021-03-30T06:57:04.0000000Z", "ProcessId": 15492, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "TokenIssuedSuccessEvent"}
[17:57:04 DBG] Authorize endpoint response
{"SubjectId": "39fb9418-c0c9-105d-2469-f451a67e059c", "ClientId": "EmailConfirmationVerify_App", "RedirectUri": "http://localhost:4200", "State": "LWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs", "Scope": "offline_access openid profile role email phone EmailConfirmationVerify", "Error": null, "ErrorDescription": null, "$type": "AuthorizeResponseLog"}
[17:57:04 DBG] Augmenting SignInContext
[17:57:04 INF] AuthenticationScheme: Identity.Application signed in.
[17:57:04 INF] Request finished HTTP/2 GET https://localhost:44362/connect/authorize/callback?response_type=code&client_id=EmailConfirmationVerify_App&state=LWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs&redirect_uri=http%3A%2F%2Flocalhost%3A4200&scope=offline_access%20openid%20profile%20role%20email%20phone%20EmailConfirmationVerify&code_challenge=cQ4FhogKNMUbr6EIkVpCDsG-db_LISzwN8TPrhdWWp8&code_challenge_method=S256&nonce=LWlUVlBrY3BFMU9PZ3BGbnNaVEY3bGJwcGRIVy5qcmVPcEdIWHB4REozUVRs - - - 302 - - 41.7471ms
[17:57:05 INF] Request starting HTTP/2 GET https://localhost:44362/.well-known/openid-configuration - -
[17:57:05 INF] CORS policy execution successful.
[17:57:05 DBG] CORS request made for path: /.well-known/openid-configuration from origin: http://localhost:4200
[17:57:05 DBG] CorsPolicyService allowed origin: http://localhost:4200
[17:57:05 INF] CORS policy execution successful.
[17:57:05 DBG] Request path /.well-known/openid-configuration matched to endpoint type Discovery
[17:57:05 DBG] Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryEndpoint
[17:57:05 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryEndpoint for /.well-known/openid-configuration
[17:57:05 DBG] Start discovery request
[17:57:05 INF] Request finished HTTP/2 GET https://localhost:44362/.well-known/openid-configuration - - - 200 - application/json;+charset=UTF-8 25.6047ms
[17:57:05 INF] Request starting HTTP/2 GET https://localhost:44362/.well-known/openid-configuration/jwks - -
[17:57:05 INF] CORS policy execution successful.
[17:57:05 DBG] CORS request made for path: /.well-known/openid-configuration/jwks from origin: http://localhost:4200
[17:57:05 DBG] CorsPolicyService allowed origin: http://localhost:4200
[17:57:05 INF] CORS policy execution successful.
[17:57:05 DBG] Request path /.well-known/openid-configuration/jwks matched to endpoint type Discovery
[17:57:05 DBG] Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryKeyEndpoint
[17:57:05 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryKeyEndpoint for /.well-known/openid-configuration/jwks
[17:57:05 DBG] Start key discovery request
[17:57:05 INF] Request finished HTTP/2 GET https://localhost:44362/.well-known/openid-configuration/jwks - - - 200 - application/json;+charset=UTF-8 17.5562ms
[17:57:05 INF] Request starting HTTP/2 POST https://localhost:44362/connect/token application/x-www-form-urlencoded 247
[17:57:05 INF] CORS policy execution successful.
[17:57:05 DBG] CORS request made for path: /connect/token from origin: http://localhost:4200
[17:57:05 DBG] CorsPolicyService allowed origin: http://localhost:4200
[17:57:05 INF] CORS policy execution successful.
[17:57:05 DBG] Request path /connect/token matched to endpoint type Token
[17:57:05 DBG] Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint
[17:57:05 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
[17:57:05 DBG] Start token request.
[17:57:05 DBG] Start client validation
[17:57:05 DBG] Start parsing Basic Authentication secret
[17:57:05 DBG] Start parsing for secret in post body
[17:57:05 DBG] client id without secret found
[17:57:05 DBG] Parser found secret: PostBodySecretParser
[17:57:05 DBG] Secret id found: EmailConfirmationVerify_App
[17:57:05 DBG] client configuration validation for client EmailConfirmationVerify_App succeeded.
[17:57:05 DBG] Public Client - skipping secret validation success
[17:57:05 DBG] Client validation success

Log extract part 2 <br>

[17:57:05 INF] {"ClientId": "EmailConfirmationVerify_App", "AuthenticationMethod": "NoSecret", "Category": "Authentication", "Name": "Client Authentication Success", "EventType": "Success", "Id": 1010, "Message": null, "ActivityId": "80000038-0005-eb00-b63f-84710c7967bb", "TimeStamp": "2021-03-30T06:57:05.0000000Z", "ProcessId": 15492, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "ClientAuthenticationSuccessEvent"}
[17:57:05 DBG] Start token request validation
[17:57:05 DBG] Start validation of authorization code token request
[17:57:05 DBG] Client required a proof key for code exchange. Starting PKCE validation
[17:57:05 DBG] Validation of authorization code token request success
[17:57:05 INF] Token request validation success, {"ClientId": "EmailConfirmationVerify_App", "ClientName": "EmailConfirmationVerify_App", "GrantType": "authorization_code", "Scopes": null, "AuthorizationCode": "****787D", "RefreshToken": "********", "UserName": null, "AuthenticationContextReferenceClasses": null, "Tenant": null, "IdP": null, "Raw": {"grant_type": "authorization_code", "code": "E6FEB6A7F36746AE123310B92BD9E63D398A406E3BAC7F69B80715B28CC5787D", "redirect_uri": "http://localhost:4200", "code_verifier": "MUswUERQazhBUS5hUDB2VWhtVTJDYVUtdTBTMUhYZWJEYzVycmhmWmk2a0hG", "client_id": "EmailConfirmationVerify_App"}, "$type": "TokenRequestValidationLog"}
[17:57:05 DBG] client configuration validation for client EmailConfirmationVerify_App succeeded.
[17:57:05 DBG] Getting claims for access token for client: EmailConfirmationVerify_App
[17:57:05 DBG] Getting claims for access token for subject: 39fb9418-c0c9-105d-2469-f451a67e059c
[17:57:05 DBG] Creating refresh token
[17:57:05 DBG] Setting an absolute lifetime: 31536000
[17:57:05 DBG] client configuration validation for client EmailConfirmationVerify_App succeeded.
[17:57:05 DBG] Getting claims for identity token for subject: 39fb9418-c0c9-105d-2469-f451a67e059c and client: EmailConfirmationVerify_App
[17:57:05 INF] {"ClientId": "EmailConfirmationVerify_App", "ClientName": "EmailConfirmationVerify_App", "RedirectUri": null, "Endpoint": "Token", "SubjectId": "39fb9418-c0c9-105d-2469-f451a67e059c", "Scopes": "offline_access openid profile role email phone EmailConfirmationVerify", "GrantType": "authorization_code", "Tokens": [{"TokenType": "id_token", "TokenValue": "****37Jw", "$type": "Token"}, {"TokenType": "refresh_token", "TokenValue": "****F8C5", "$type": "Token"}, {"TokenType": "access_token", "TokenValue": "****FQsg", "$type": "Token"}], "Category": "Token", "Name": "Token Issued Success", "EventType": "Success", "Id": 2000, "Message": null, "ActivityId": "80000038-0005-eb00-b63f-84710c7967bb", "TimeStamp": "2021-03-30T06:57:05.0000000Z", "ProcessId": 15492, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "TokenIssuedSuccessEvent"}
[17:57:05 DBG] Token request success.
[17:57:05 INF] Request finished HTTP/2 POST https://localhost:44362/connect/token application/x-www-form-urlencoded 247 - 200 - application/json;+charset=UTF-8 108.0022ms
[17:57:05 INF] Request starting HTTP/2 OPTIONS https://localhost:44362/api/abp/application-configuration - -
[17:57:05 INF] CORS policy execution successful.
[17:57:05 INF] Request finished HTTP/2 OPTIONS https://localhost:44362/api/abp/application-configuration - - - 204 - - 0.1693ms
[17:57:05 INF] Request starting HTTP/2 GET https://localhost:44362/api/abp/application-configuration - -
[17:57:05 INF] CORS policy execution successful.
[17:57:05 INF] Successfully validated the token.
[17:57:05 DBG] CORS request made for path: /api/abp/application-configuration from origin: http://localhost:4200 but was ignored because path was not for an allowed IdentityServer CORS endpoint
[17:57:05 INF] No CORS policy found for the specified request.
[17:57:05 INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[17:57:05 INF] Route matched with {area = "abp", action = "Get", controller = "AbpApplicationConfiguration", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto] GetAsync() on controller Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController (Volo.Abp.AspNetCore.Mvc).
[17:57:05 DBG] Executing AbpApplicationConfigurationAppService.GetAsync()...
[17:57:05 DBG] Getting not cache granted permissions from the repository for this provider name,key: U,39fb9418-c0c9-105d-2469-f451a67e059c
[17:57:05 DBG] Setting the cache items. Count: 63
[17:57:05 DBG] Finished setting the cache items. Count: 63
[17:57:05 DBG] Getting not cache granted permissions from the repository for this provider name,key: R,user
[17:57:05 DBG] Setting the cache items. Count: 63
[17:57:05 DBG] Finished setting the cache items. Count: 63
[17:57:05 DBG] Executed AbpApplicationConfigurationAppService.GetAsync().
[17:57:05 INF] Executing ObjectResult, writing value of type 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.ApplicationConfigurationDto'.
[17:57:05 INF] Executed action Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc) in 98.628ms
[17:57:05 INF] Executed endpoint 'Volo.Abp.AspNetCore.Mvc.ApplicationConfigurations.AbpApplicationConfigurationController.GetAsync (Volo.Abp.AspNetCore.Mvc)'
[17:57:05 INF] Request finished HTTP/2 GET https://localhost:44362/api/abp/application-configuration - - - 200 - application/json;+charset=utf-8 112.3838ms
[17:57:05 INF] Request starting HTTP/2 OPTIONS https://localhost:44362/api/account/profile-picture/39fb9418-c0c9-105d-2469-f451a67e059c - -
[17:57:05 INF] CORS policy execution successful.
[17:57:05 INF] Request finished HTTP/2 OPTIONS https://localhost:44362/api/account/profile-picture/39fb9418-c0c9-105d-2469-f451a67e059c - - - 204 - - 0.5028ms
[17:57:05 INF] Request starting HTTP/2 GET https://localhost:44362/api/account/profile-picture/39fb9418-c0c9-105d-2469-f451a67e059c - -
[17:57:05 INF] CORS policy execution successful.
[17:57:05 INF] Successfully validated the token.
[17:57:05 DBG] CORS request made for path: /api/account/profile-picture/39fb9418-c0c9-105d-2469-f451a67e059c from origin: http://localhost:4200 but was ignored because path was not for an allowed IdentityServer CORS endpoint
[17:57:05 INF] No CORS policy found for the specified request.
[17:57:05 INF] Executing endpoint 'Volo.Abp.Account.AccountController.GetProfilePictureAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
[17:57:05 INF] Route matched with {area = "account", action = "GetProfilePicture", controller = "Account", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.Account.ProfilePictureSourceDto] GetProfilePictureAsync(System.Guid) on controller Volo.Abp.Account.AccountController (Volo.Abp.Account.Pro.Public.HttpApi).
[17:57:05 INF] Executing ObjectResult, writing value of type 'Volo.Abp.Account.ProfilePictureSourceDto'.
[17:57:05 INF] Executed action Volo.Abp.Account.AccountController.GetProfilePictureAsync (Volo.Abp.Account.Pro.Public.HttpApi) in 14.7263ms
[17:57:05 INF] Executed endpoint 'Volo.Abp.Account.AccountController.GetProfilePictureAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
[17:57:05 INF] Request finished HTTP/2 GET https://localhost:44362/api/account/profile-picture/39fb9418-c0c9-105d-2469-f451a67e059c - - - 200 - application/json;+charset=utf-8 25.2785ms

Hi maliming

Thankyou for your reply.

The upcoming enhancements sound great. I will wait for 4.3 to be released to verify whether the issue I've described above has been resolved or not. I think the 4.3-preview is coming out in the next couple of days according to the milestones you have defined in Github.

Thanks again

Hi @maliming

I have switched over to the 4.3-preview branch using ABP Suite and the issue I have described above is still happening. Are you able to confirm the issue on your end using the reproducability steps I've provided above?

Thankyou

• ABP Framework version: v4.2.2 / v4.3-preview
• UI type: Angular
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): No
• Exception message and stack trace:

Hello

I've been looking for a way to expire a users login session after X period of time has passed which automatically redirects them to the Identity Server login page.

As a starting point for this task, I have followed the advice provided on https://support.abp.io/QA/Questions/957/Force-users-to-re-login-if-they-are-inactive-in-30-minutes and set, in the IdentityServerClients DB table, the

• AbsoluteRefreshTokenLifetime value to 30min
• SlidingRefreshTokenLifetime to 15min
• AccessTokenLifetime to 6.5mins

As expected, the access_tokenis renewed using the refresh_token at the correct time and continues to do so up until the 30 min mark when the refresh_token expires. This is all fine and works as expected.

Where I'm having trouble is when the refresh_token expires, instead of the ABP / Angular client redirecting to the Identity Server login screen for re-authentication, the application becomes stuck when refreshing the browser page and is unusable until the user clears all their cookies / cache. A 400 error is given which makes me think the application is trying to use the expired refresh_token to get more access_tokens after the 30 minute mark.

<br>

log.js:24 [HMR] Waiting for update signal from WDS...
ngxs-store.js:1965 RECOMMENDATION: Set developmentMode to true on the NgxsModule when Angular is running in development mode.
angular-oauth2-oidc.js:1551 Error refreshing token HttpErrorResponse {headers: HttpHeaders, status: 400, statusText: "OK", url: "https://localhost:44362/connect/token", ok: false, …}
core.js:5980 ERROR HttpErrorResponse {headers: HttpHeaders, status: 400, statusText: "OK", url: "https://localhost:44362/connect/token", ok: false, …}
main.ts:14 HttpErrorResponse {headers: HttpHeaders, status: 400, statusText: "OK", url: "https://localhost:44362/connect/token", ok: false, …}
(anonymous) @ main.ts:14
invoke @ zone-evergreen.js:364
run @ zone-evergreen.js:123
(anonymous) @ zone-evergreen.js:857
invokeTask @ zone-evergreen.js:399
runTask @ zone-evergreen.js:167
drainMicroTaskQueue @ zone-evergreen.js:569
invokeTask @ zone-evergreen.js:484
invokeTask @ zone-evergreen.js:1621
globalZoneAwareCallback @ zone-evergreen.js:1658
load (async)
customScheduleGlobal @ zone-evergreen.js:1773
scheduleTask @ zone-evergreen.js:385
onScheduleTask @ zone-evergreen.js:272
scheduleTask @ zone-evergreen.js:378
scheduleTask @ zone-evergreen.js:210
scheduleEventTask @ zone-evergreen.js:236
(anonymous) @ zone-evergreen.js:1928
(anonymous) @ http.js:1773
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ finalize.js:11
subscribe @ Observable.js:23
innerSubscribe @ innerSubscribe.js:67
_innerSub @ mergeMap.js:57
_tryNext @ mergeMap.js:51
_next @ mergeMap.js:34
next @ Subscriber.js:49
(anonymous) @ subscribeToArray.js:3
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ mergeMap.js:19
subscribe @ Observable.js:23
call @ filter.js:13
subscribe @ Observable.js:23
call @ map.js:16
subscribe @ Observable.js:23
call @ switchMap.js:15
subscribe @ Observable.js:23
(anonymous) @ angular-oauth2-oidc.js:1543
ZoneAwarePromise @ zone-evergreen.js:960
refreshToken @ angular-oauth2-oidc.js:1512
(anonymous) @ abp-ng.core.js:2411
invoke @ zone-evergreen.js:364
onInvoke @ core.js:28301
invoke @ zone-evergreen.js:363
run @ zone-evergreen.js:123
(anonymous) @ zone-evergreen.js:857
invokeTask @ zone-evergreen.js:399
onInvokeTask @ core.js:28289
invokeTask @ zone-evergreen.js:398
runTask @ zone-evergreen.js:167
drainMicroTaskQueue @ zone-evergreen.js:569
invokeTask @ zone-evergreen.js:484
invokeTask @ zone-evergreen.js:1621
globalZoneAwareCallback @ zone-evergreen.js:1658
load (async)
customScheduleGlobal @ zone-evergreen.js:1773
scheduleTask @ zone-evergreen.js:385
onScheduleTask @ zone-evergreen.js:272
scheduleTask @ zone-evergreen.js:378
scheduleTask @ zone-evergreen.js:210
scheduleEventTask @ zone-evergreen.js:236
(anonymous) @ zone-evergreen.js:1928
(anonymous) @ http.js:1773
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ finalize.js:11
subscribe @ Observable.js:23
innerSubscribe @ innerSubscribe.js:67
_innerSub @ mergeMap.js:57
_tryNext @ mergeMap.js:51
_next @ mergeMap.js:34
next @ Subscriber.js:49
(anonymous) @ subscribeToArray.js:3
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ mergeMap.js:19
subscribe @ Observable.js:23
call @ filter.js:13
subscribe @ Observable.js:23
call @ map.js:16
subscribe @ Observable.js:23
(anonymous) @ angular-oauth2-oidc.js:1339
ZoneAwarePromise @ zone-evergreen.js:960
loadJwks @ angular-oauth2-oidc.js:1337
(anonymous) @ angular-oauth2-oidc.js:1313
__tryOrUnsub @ Subscriber.js:183
next @ Subscriber.js:122
_next @ Subscriber.js:72
next @ Subscriber.js:49
_next @ map.js:35
next @ Subscriber.js:49
_next @ filter.js:33
next @ Subscriber.js:49
notifyNext @ mergeMap.js:70
_next @ innerSubscribe.js:10
next @ Subscriber.js:49
_next @ Subscriber.js:72
next @ Subscriber.js:49
onLoad @ http.js:1687
invokeTask @ zone-evergreen.js:399
onInvokeTask @ core.js:28289
invokeTask @ zone-evergreen.js:398
runTask @ zone-evergreen.js:167
invokeTask @ zone-evergreen.js:480
invokeTask @ zone-evergreen.js:1621
globalZoneAwareCallback @ zone-evergreen.js:1658
load (async)
customScheduleGlobal @ zone-evergreen.js:1773
scheduleTask @ zone-evergreen.js:385
onScheduleTask @ zone-evergreen.js:272
scheduleTask @ zone-evergreen.js:378
scheduleTask @ zone-evergreen.js:210
scheduleEventTask @ zone-evergreen.js:236
(anonymous) @ zone-evergreen.js:1928
(anonymous) @ http.js:1773
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ finalize.js:11
subscribe @ Observable.js:23
innerSubscribe @ innerSubscribe.js:67
_innerSub @ mergeMap.js:57
_tryNext @ mergeMap.js:51
_next @ mergeMap.js:34
next @ Subscriber.js:49
(anonymous) @ subscribeToArray.js:3
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ mergeMap.js:19
subscribe @ Observable.js:23
call @ filter.js:13
subscribe @ Observable.js:23
call @ map.js:16
subscribe @ Observable.js:23
(anonymous) @ angular-oauth2-oidc.js:1291
ZoneAwarePromise @ zone-evergreen.js:960
loadDiscoveryDocument @ angular-oauth2-oidc.js:1279
(anonymous) @ abp-ng.core.js:2391
(anonymous) @ tslib.es6.js:76
ZoneAwarePromise @ zone-evergreen.js:960
__awaiter @ tslib.es6.js:72
init @ abp-ng.core.js:2386
(anonymous) @ abp-ng.core.js:2405
(anonymous) @ tslib.es6.js:76
ZoneAwarePromise @ zone-evergreen.js:960
__awaiter @ tslib.es6.js:72
init @ abp-ng.core.js:2404
(anonymous) @ abp-ng.core.js:2492
(anonymous) @ tslib.es6.js:76
ZoneAwarePromise @ zone-evergreen.js:960
__awaiter @ tslib.es6.js:72
init @ abp-ng.core.js:2491
(anonymous) @ abp-ng.core.js:2654
fulfilled @ tslib.es6.js:73
invoke @ zone-evergreen.js:364
onInvoke @ core.js:28301
invoke @ zone-evergreen.js:363
run @ zone-evergreen.js:123
(anonymous) @ zone-evergreen.js:857
invokeTask @ zone-evergreen.js:399
onInvokeTask @ core.js:28289
invokeTask @ zone-evergreen.js:398
runTask @ zone-evergreen.js:167
drainMicroTaskQueue @ zone-evergreen.js:569
invokeTask @ zone-evergreen.js:484
invokeTask @ zone-evergreen.js:1621
globalZoneAwareCallback @ zone-evergreen.js:1658
load (async)
customScheduleGlobal @ zone-evergreen.js:1773
scheduleTask @ zone-evergreen.js:385
onScheduleTask @ zone-evergreen.js:272
scheduleTask @ zone-evergreen.js:378
scheduleTask @ zone-evergreen.js:210
scheduleEventTask @ zone-evergreen.js:236
(anonymous) @ zone-evergreen.js:1928
(anonymous) @ http.js:1773
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ finalize.js:11
subscribe @ Observable.js:23
innerSubscribe @ innerSubscribe.js:67
_innerSub @ mergeMap.js:57
_tryNext @ mergeMap.js:51
_next @ mergeMap.js:34
next @ Subscriber.js:49
(anonymous) @ subscribeToArray.js:3
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ mergeMap.js:19
subscribe @ Observable.js:23
call @ filter.js:13
subscribe @ Observable.js:23
call @ map.js:16
subscribe @ Observable.js:23
call @ catchError.js:14
subscribe @ Observable.js:23
call @ tap.js:16
subscribe @ Observable.js:23
(anonymous) @ Observable.js:91
ZoneAwarePromise @ zone-evergreen.js:960
toPromise @ Observable.js:89
getRemoteEnv @ abp-ng.core.js:2521
(anonymous) @ abp-ng.core.js:2652
(anonymous) @ tslib.es6.js:76
ZoneAwarePromise @ zone-evergreen.js:960
__awaiter @ tslib.es6.js:72
fn @ abp-ng.core.js:2646
runInitializers @ core.js:27596
(anonymous) @ core.js:28911
_callAndReportToErrorHandler @ core.js:29012
(anonymous) @ core.js:28909
invoke @ zone-evergreen.js:364
onInvoke @ core.js:28301
invoke @ zone-evergreen.js:363
run @ zone-evergreen.js:123
run @ core.js:28184
bootstrapModuleFactory @ core.js:28891
(anonymous) @ core.js:28943
invoke @ zone-evergreen.js:364
run @ zone-evergreen.js:123
(anonymous) @ zone-evergreen.js:857
invokeTask @ zone-evergreen.js:399
runTask @ zone-evergreen.js:167
drainMicroTaskQueue @ zone-evergreen.js:569
Promise.then (async)
scheduleMicroTask @ zone-evergreen.js:552
scheduleTask @ zone-evergreen.js:388
scheduleTask @ zone-evergreen.js:210
scheduleMicroTask @ zone-evergreen.js:230
scheduleResolveOrReject @ zone-evergreen.js:847
then @ zone-evergreen.js:979
bootstrapModule @ core.js:28943
(anonymous) @ main.ts:13
zUnb @ main.ts:14
__webpack_require__ @ bootstrap:853
fn @ bootstrap:150
9 @ main.js:2507
__webpack_require__ @ bootstrap:853
checkDeferredModules @ bootstrap:45
webpackJsonpCallback @ bootstrap:32
(anonymous) @ main.js:1
Show 191 more frames

<br> I have tried to handle this error in my top level component and redirect the user to the login page manually by subscribing to the OAuthService events Observable, but the 400 error seems to be happening much earlier in the application startup process so it never reaches my handling code. It seems to be happening in the @abp/ng.core module (in this file I think - https://github.com/abpframework/abp/blob/b183a24cfe56ad8263aaefcf4939b9cd0c18b1c7/npm/ng-packs/packages/core/src/lib/strategies/auth-flow.strategy.ts#L23).

Are you able to confirm if this is a bug? If it is not a bug or is intended behaviour, do you know how I can correctly handle this 400 error before the @abp/ng.core module attempts to get a new access_token with an expired refresh_token (if that is indeed the issue)?

Thankyou

API / Identity Server Log

I've removed some of the repeating successful token refresh lines to fit within forum text limit

[23:27:53 INF] Request starting HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - -
[23:27:53 INF] CORS policy execution successful.
[23:27:53 INF] Request finished HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - - - 204 - - 0.2743ms
[23:27:53 INF] Request starting HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160
[23:27:53 INF] CORS policy execution successful.
[23:27:53 INF] Successfully validated the token.
[23:27:53 DBG] CORS request made for path: /connect/token from origin: [http://localhost:4200](http://localhost:4200)
[23:27:53 DBG] CorsPolicyService allowed origin: [http://localhost:4200](http://localhost:4200)
[23:27:53 INF] CORS policy execution successful.
[23:27:53 DBG] Request path /connect/token matched to endpoint type Token
[23:27:53 DBG] Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint
[23:27:53 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
[23:27:53 DBG] Start token request.
[23:27:53 DBG] Start client validation
[23:27:53 DBG] Start parsing Basic Authentication secret
[23:27:53 DBG] Start parsing for secret in post body
[23:27:53 DBG] client id without secret found
[23:27:53 DBG] Parser found secret: PostBodySecretParser
[23:27:53 DBG] Secret id found: Client_App
[23:27:53 DBG] client configuration validation for client Client_App succeeded.
[23:27:53 DBG] Public Client - skipping secret validation success
[23:27:53 DBG] Client validation success
[23:27:53 INF] {"ClientId": "Client_App", "AuthenticationMethod": "NoSecret", "Category": "Authentication", "Name": "Client Authentication Success", "EventType": "Success", "Id": 1010, "Message": null, "ActivityId": "80000182-0003-f700-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:27:53.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "ClientAuthenticationSuccessEvent"}
[23:27:53 DBG] Start token request validation
[23:27:53 DBG] Start validation of refresh token request
[23:27:53 DBG] Validation of refresh token request success
[23:27:53 INF] Token request validation success, {"ClientId": "Client_App", "ClientName": "Client_App", "GrantType": "refresh_token", "Scopes": null, "AuthorizationCode": "********", "RefreshToken": "****ED42", "UserName": null, "AuthenticationContextReferenceClasses": null, "Tenant": null, "IdP": null, "Raw": {"grant_type": "refresh_token", "scope": "offline_access Client", "refresh_token": "***REDACTED***", "client_id": "Client_App"}, "$type": "TokenRequestValidationLog"}
[23:27:53 DBG] Updating refresh token
[23:27:53 DBG] Token usage is one-time only. Setting current handle as consumed, and generating new handle
[23:27:53 DBG] Created refresh token in store
[23:27:53 DBG] Getting claims for identity token for subject: 39fb0cd8-5993-8e42-b1a5-e791f73d1e9f and client: Client_App
[23:27:53 INF] {"ClientId": "Client_App", "ClientName": "Client_App", "RedirectUri": null, "Endpoint": "Token", "SubjectId": "39fb0cd8-5993-8e42-b1a5-e791f73d1e9f", "Scopes": "openid Client offline_access", "GrantType": "refresh_token", "Tokens": [{"TokenType": "id_token", "TokenValue": "****4Wmw", "$type": "Token"}, {"TokenType": "refresh_token", "TokenValue": "****62BC", "$type": "Token"}, {"TokenType": "access_token", "TokenValue": "****l3yQ", "$type": "Token"}], "Category": "Token", "Name": "Token Issued Success", "EventType": "Success", "Id": 2000, "Message": null, "ActivityId": "80000182-0003-f700-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:27:53.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "TokenIssuedSuccessEvent"}
[23:27:53 DBG] Token request success.
[23:27:53 INF] Request finished HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160 - 200 - application/json;+charset=UTF-8 123.8776ms

[REMOVED MULTIPLE REPEATING TOEKN REFRESH SUCCESS BLOCKS]

[23:53:08 INF] Request starting HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - -
[23:53:08 INF] CORS policy execution successful.
[23:53:08 INF] Request finished HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - - - 204 - - 0.3562ms
[23:53:08 INF] Request starting HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160
[23:53:08 INF] CORS policy execution successful.
[23:53:08 INF] Successfully validated the token.
[23:53:08 DBG] CORS request made for path: /connect/token from origin: [http://localhost:4200](http://localhost:4200)
[23:53:08 DBG] CorsPolicyService allowed origin: [http://localhost:4200](http://localhost:4200)
[23:53:08 INF] CORS policy execution successful.
[23:53:08 DBG] Request path /connect/token matched to endpoint type Token
[23:53:08 DBG] Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint
[23:53:08 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
[23:53:08 DBG] Start token request.
[23:53:08 DBG] Start client validation
[23:53:08 DBG] Start parsing Basic Authentication secret
[23:53:08 DBG] Start parsing for secret in post body
[23:53:08 DBG] client id without secret found
[23:53:08 DBG] Parser found secret: PostBodySecretParser
[23:53:08 DBG] Secret id found: Client_App
[23:53:08 DBG] client configuration validation for client Client_App succeeded.
[23:53:08 DBG] Public Client - skipping secret validation success
[23:53:08 DBG] Client validation success
[23:53:08 INF] {"ClientId": "Client_App", "AuthenticationMethod": "NoSecret", "Category": "Authentication", "Name": "Client Authentication Success", "EventType": "Success", "Id": 1010, "Message": null, "ActivityId": "800001f6-0004-ea00-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:53:08.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "ClientAuthenticationSuccessEvent"}
[23:53:08 DBG] Start token request validation
[23:53:08 DBG] Start validation of refresh token request
[23:53:08 WRN] Refresh token has expired.
[23:53:08 WRN] Refresh token validation failed. aborting, {"ClientId": "Client_App", "ClientName": "Client_App", "GrantType": "refresh_token", "Scopes": null, "AuthorizationCode": "********", "RefreshToken": "********", "UserName": null, "AuthenticationContextReferenceClasses": null, "Tenant": null, "IdP": null, "Raw": {"grant_type": "refresh_token", "scope": "offline_access Client", "refresh_token": "***REDACTED***", "client_id": "Client_App"}, "$type": "TokenRequestValidationLog"}
[23:53:08 INF] {"ClientId": "Client_App", "ClientName": "Client_App", "RedirectUri": null, "Endpoint": "Token", "SubjectId": null, "Scopes": null, "GrantType": "refresh_token", "Error": "invalid_grant", "ErrorDescription": null, "Category": "Token", "Name": "Token Issued Failure", "EventType": "Failure", "Id": 2001, "Message": null, "ActivityId": "800001f6-0004-ea00-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:53:08.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "TokenIssuedFailureEvent"}
[23:53:08 INF] Request finished HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160 - 400 - application/json;+charset=UTF-8 41.7969ms
[23:56:04 INF] Request starting HTTP/2 OPTIONS [https://localhost:44362/.well-known/openid-configuration](https://localhost:44362/.well-known/openid-configuration) - -
[23:56:04 INF] CORS policy execution successful.
[23:56:04 INF] Request finished HTTP/2 OPTIONS [https://localhost:44362/.well-known/openid-configuration](https://localhost:44362/.well-known/openid-configuration) - - - 204 - - 0.9833ms
[23:56:04 INF] Request starting HTTP/2 GET [https://localhost:44362/.well-known/openid-configuration](https://localhost:44362/.well-known/openid-configuration) - -
[23:56:04 INF] CORS policy execution successful.
[23:56:04 INF] Successfully validated the token.
[23:56:04 DBG] CORS request made for path: /.well-known/openid-configuration from origin: [http://localhost:4200](http://localhost:4200)
[23:56:04 DBG] CorsPolicyService allowed origin: [http://localhost:4200](http://localhost:4200)
[23:56:04 INF] CORS policy execution successful.
[23:56:04 DBG] Request path /.well-known/openid-configuration matched to endpoint type Discovery
[23:56:04 DBG] Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryEndpoint
[23:56:04 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryEndpoint for /.well-known/openid-configuration
[23:56:04 DBG] Start discovery request
[23:56:04 INF] Request finished HTTP/2 GET [https://localhost:44362/.well-known/openid-configuration](https://localhost:44362/.well-known/openid-configuration) - - - 200 - application/json;+charset=UTF-8 29.5408ms
[23:56:04 INF] Request starting HTTP/2 OPTIONS [https://localhost:44362/.well-known/openid-configuration/jwks](https://localhost:44362/.well-known/openid-configuration/jwks) - -
[23:56:04 INF] CORS policy execution successful.
[23:56:04 INF] Request finished HTTP/2 OPTIONS [https://localhost:44362/.well-known/openid-configuration/jwks](https://localhost:44362/.well-known/openid-configuration/jwks) - - - 204 - - 0.2289ms
[23:56:04 INF] Request starting HTTP/2 GET [https://localhost:44362/.well-known/openid-configuration/jwks](https://localhost:44362/.well-known/openid-configuration/jwks) - -
[23:56:04 INF] CORS policy execution successful.
[23:56:04 INF] Successfully validated the token.
[23:56:04 DBG] CORS request made for path: /.well-known/openid-configuration/jwks from origin: [http://localhost:4200](http://localhost:4200)
[23:56:04 DBG] CorsPolicyService allowed origin: [http://localhost:4200](http://localhost:4200)
[23:56:04 INF] CORS policy execution successful.
[23:56:04 DBG] Request path /.well-known/openid-configuration/jwks matched to endpoint type Discovery
[23:56:04 DBG] Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryKeyEndpoint
[23:56:04 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryKeyEndpoint for /.well-known/openid-configuration/jwks
[23:56:04 DBG] Start key discovery request
[23:56:04 INF] Request finished HTTP/2 GET [https://localhost:44362/.well-known/openid-configuration/jwks](https://localhost:44362/.well-known/openid-configuration/jwks) - - - 200 - application/json;+charset=UTF-8 10.8135ms
[23:56:04 INF] Request starting HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - -
[23:56:04 INF] CORS policy execution successful.
[23:56:04 INF] Request finished HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - - - 204 - - 0.2310ms
[23:56:04 INF] Request starting HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160
[23:56:04 INF] CORS policy execution successful.
[23:56:04 INF] Successfully validated the token.
[23:56:04 DBG] CORS request made for path: /connect/token from origin: [http://localhost:4200](http://localhost:4200)
[23:56:04 DBG] CorsPolicyService allowed origin: [http://localhost:4200](http://localhost:4200)
[23:56:04 INF] CORS policy execution successful.
[23:56:04 DBG] Request path /connect/token matched to endpoint type Token
[23:56:04 DBG] Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint
[23:56:04 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
[23:56:04 DBG] Start token request.
[23:56:04 DBG] Start client validation
[23:56:04 DBG] Start parsing Basic Authentication secret
[23:56:04 DBG] Start parsing for secret in post body
[23:56:04 DBG] client id without secret found
[23:56:04 DBG] Parser found secret: PostBodySecretParser
[23:56:04 DBG] Secret id found: Client_App
[23:56:04 DBG] client configuration validation for client Client_App succeeded.
[23:56:04 DBG] Public Client - skipping secret validation success
[23:56:04 DBG] Client validation success
[23:56:04 INF] {"ClientId": "Client_App", "AuthenticationMethod": "NoSecret", "Category": "Authentication", "Name": "Client Authentication Success", "EventType": "Success", "Id": 1010, "Message": null, "ActivityId": "8000053f-0005-e500-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:56:04.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "ClientAuthenticationSuccessEvent"}
[23:56:04 DBG] Start token request validation
[23:56:04 DBG] Start validation of refresh token request
[23:56:04 WRN] Refresh token has expired.
[23:56:04 WRN] Refresh token validation failed. aborting, {"ClientId": "Client_App", "ClientName": "Client_App", "GrantType": "refresh_token", "Scopes": null, "AuthorizationCode": "********", "RefreshToken": "********", "UserName": null, "AuthenticationContextReferenceClasses": null, "Tenant": null, "IdP": null, "Raw": {"grant_type": "refresh_token", "scope": "offline_access Client", "refresh_token": "***REDACTED***", "client_id": "Client_App"}, "$type": "TokenRequestValidationLog"}
[23:56:04 INF] {"ClientId": "Client_App", "ClientName": "Client_App", "RedirectUri": null, "Endpoint": "Token", "SubjectId": null, "Scopes": null, "GrantType": "refresh_token", "Error": "invalid_grant", "ErrorDescription": null, "Category": "Token", "Name": "Token Issued Failure", "EventType": "Failure", "Id": 2001, "Message": null, "ActivityId": "8000053f-0005-e500-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:56:04.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "TokenIssuedFailureEvent"}
[23:56:04 INF] Request finished HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160 - 400 - application/json;+charset=UTF-8 31.2436ms

IdentityServerClients DBTable

<br> <br>

Id,ClientId,ClientName,Description,ClientUri,LogoUri,Enabled,ProtocolType,RequireClientSecret,RequireConsent,AllowRememberConsent,AlwaysIncludeUserClaimsInIdToken,RequirePkce,AllowPlainTextPkce,RequireRequestObject,AllowAccessTokensViaBrowser,FrontChannelLogoutUri,FrontChannelLogoutSessionRequired,BackChannelLogoutUri,BackChannelLogoutSessionRequired,AllowOfflineAccess,IdentityTokenLifetime,AllowedIdentityTokenSigningAlgorithms,AccessTokenLifetime,AuthorizationCodeLifetime,ConsentLifetime,AbsoluteRefreshTokenLifetime,SlidingRefreshTokenLifetime,RefreshTokenUsage,UpdateAccessTokenClaimsOnRefresh,RefreshTokenExpiration,AccessTokenType,EnableLocalLogin,IncludeJwtId,AlwaysSendClientClaims,ClientClaimsPrefix,PairWiseSubjectSalt,UserSsoLifetime,UserCodeType,DeviceCodeLifetime,ExtraProperties,ConcurrencyStamp,CreationTime,CreatorId,LastModificationTime,LastModifierId,IsDeleted,DeleterId,DeletionTime
39fb0cd8-5ebd-d891-7227-41d8bdb599c4,Client_Swagger,Client_Swagger,Client_Swagger,,,t,oidc,f,f,t,t,f,f,f,f,,t,,t,t,300,,31536000,300,,31536000,1296000,1,f,1,0,t,f,f,client_,,,,300,{},d17f0620c203454b9a9aec1fffacd6e2,38:01.2,,38:01.2,,f,,
39fb0cd8-5e77-c65d-6d9b-b4a467324d69,Client_App,Client_App,Client_App,,,t,oidc,f,f,t,t,f,f,f,f,,t,,t,t,300,,400,300,,1800,900,1,f,1,0,t,f,f,client_,,,,300,{},2577c8202df3412db530849fa91dc765,38:01.1,,15:01.1,39fb0cd8-5993-8e42-b1a5-e791f73d1e9f,f,,