Permission get lost during application running #4348

10 उत्तर (ओं)

• 

  0

  maliming बनाया था one year ago

  सहायता दल Fullstack Developer

  We deployed a demo app Mvc/tiered application with a custom module on azure.

  hi

  Please share the logs of AuthServer.

  बचाना रद्द करना
• 

  0

  manuel42 बनाया था one year ago

  Logs of the application server and the auth server when the error appears

  Application logs

  2023-01-16 08:21:59.625 +00:00 [INF] Request starting HTTP/1.1 GET https://it42scalesweb.azurewebsites.net/SurveyBase/Companies - -
  2023-01-16 08:21:59.626 +00:00 [INF] Executing endpoint '/SurveyBase/Companies/Index'
  2023-01-16 08:21:59.626 +00:00 [INF] Route matched with {page = "/SurveyBase/Companies/Index", action = "", controller = "", area = ""}. Executing page /SurveyBase/Companies/Index
  2023-01-16 08:21:59.626 +00:00 [INF] Skipping the execution of current filter as its not the most effective filter implementing the policy Microsoft.AspNetCore.Mvc.ViewFeatures.IAntiforgeryPolicy
  2023-01-16 08:21:59.626 +00:00 [INF] Executing handler method IT42Portal.SurveyBase.Web.Pages.SurveyBase.Companies.IndexModel.OnGetAsync - ModelState is "Valid"
  2023-01-16 08:21:59.627 +00:00 [INF] Start processing HTTP request GET "https://it42scalesapihost.azurewebsites.net/api/survey-base/companies/address-lookup?SkipCount=0&MaxResultCount=1000&api-version=1.0"
  2023-01-16 08:21:59.627 +00:00 [INF] Sending HTTP request GET "https://it42scalesapihost.azurewebsites.net/api/survey-base/companies/address-lookup?SkipCount=0&MaxResultCount=1000&api-version=1.0"
  2023-01-16 08:21:59.790 +00:00 [INF] Received HTTP response headers after 162.3864ms - 401
  2023-01-16 08:21:59.790 +00:00 [INF] End processing HTTP request after 162.5497ms - 401
  2023-01-16 08:21:59.793 +00:00 [INF] Executed page /SurveyBase/Companies/Index in 167.2128ms
  2023-01-16 08:21:59.794 +00:00 [INF] Executed endpoint '/SurveyBase/Companies/Index'
  2023-01-16 08:21:59.798 +00:00 [ERR] An unhandled exception has occurred while executing the request.
  Volo.Abp.Http.Client.AbpRemoteCallException: Unauthorized
     at Volo.Abp.Http.Client.ClientProxying.ClientProxyBase`1.ThrowExceptionForResponseAsync(HttpResponseMessage response)
     at Volo.Abp.Http.Client.ClientProxying.ClientProxyBase`1.RequestAsync(ClientProxyRequestContext requestContext)
     at Volo.Abp.Http.Client.ClientProxying.ClientProxyBase`1.RequestAsync[T](ClientProxyRequestContext requestContext)
     at Volo.Abp.Http.Client.DynamicProxying.DynamicHttpProxyInterceptorClientProxy`1.CallRequestAsync[T](ClientProxyRequestContext requestContext)
     at Volo.Abp.Http.Client.DynamicProxying.DynamicHttpProxyInterceptor`1.CallRequestAsync[T](ClientProxyRequestContext context)
     at Volo.Abp.Http.Client.DynamicProxying.DynamicHttpProxyInterceptor`1.GetResultAsync(Task task, Type resultType)
     at Volo.Abp.Http.Client.DynamicProxying.DynamicHttpProxyInterceptor`1.InterceptAsync(IAbpMethodInvocation invocation)
     at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
     at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo)
     at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
     at Volo.Abp.Validation.ValidationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
     at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
     at IT42Portal.SurveyBase.Web.Pages.SurveyBase.Companies.IndexModel.OnGetAsync() in C:\Users\ManuelKrump\source\repos\IT42Portal.SurveyBase\src\IT42Portal.SurveyBase.Web\Pages\SurveyBase\Companies\Index.cshtml.cs:line 46
     at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.ExecutorFactory.NonGenericTaskHandlerMethod.Execute(Object receiver, Object[] arguments)
     at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker.InvokeHandlerMethodAsync()
     at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker.InvokeNextPageFilterAsync()
     at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker.Rethrow(PageHandlerExecutedContext context)
     at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
     at Microsoft.AspNetCore.Mvc.RazorPages.Infrastructure.PageActionInvoker.InvokeInnerFilterAsync()
     at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
     at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ExceptionContextSealed context)
     at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
     at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResourceFilter>g__Awaited|25_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
     at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)
     at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
     at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|20_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
     at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
     at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
     at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger)
     at Volo.Abp.AspNetCore.Serilog.AbpSerilogMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
     at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<<UseMiddlewareInterface>b__1>d.MoveNext()
  --- End of stack trace from previous location ---
     at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)
     at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)
     at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
     at Volo.Abp.AspNetCore.MultiTenancy.MultiTenancyMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
     at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<<UseMiddlewareInterface>b__1>d.MoveNext()
  --- End of stack trace from previous location ---
     at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
     at Volo.Abp.AspNetCore.Security.AbpSecurityHeadersMiddleware.InvokeAsync(HttpContext context, RequestDelegate next)
     at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<<UseMiddlewareInterface>b__1>d.MoveNext()
  --- End of stack trace from previous location ---
     at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)
  2023-01-16 08:21:59.799 +00:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)'
  2023-01-16 08:21:59.799 +00:00 [INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared).
  2023-01-16 08:21:59.801 +00:00 [INF] Executing action method Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared) - Validation state: "Valid"
  2023-01-16 08:21:59.801 +00:00 [INF] Executed action method Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared), returned result Microsoft.AspNetCore.Mvc.ViewResult in 0.0598ms.
  2023-01-16 08:21:59.802 +00:00 [INF] Executing ViewResult, running view ~/Views/Error/401.cshtml.
  2023-01-16 08:21:59.823 +00:00 [WRN] Could not find the localization resource LeptonX on the remote server!
  

  Auth server logs

  2023-01-16 08:21:55.450 +00:00 [INF] Executing ObjectResult, writing value of type 'Volo.Abp.Content.RemoteStreamContent'.
  2023-01-16 08:21:55.451 +00:00 [INF] Executed action Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi) in 268.6417ms
  2023-01-16 08:21:55.451 +00:00 [INF] Executed endpoint 'Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
  2023-01-16 08:21:55.451 +00:00 [INF] Request finished HTTP/1.1 GET https://it42scalesauthserver.azurewebsites.net/api/account/profile-picture-file/bead807e-8eac-ed60-565d-3a08b73fdd53?api-version=1.0 - - - 200 2939 image/jpeg 274.8704ms
  2023-01-16 08:21:59.692 +00:00 [INF] Request starting HTTP/1.1 GET https://it42scalesauthserver.azurewebsites.net/.well-known/openid-configuration - -
  2023-01-16 08:21:59.693 +00:00 [INF] The request address matched a server endpoint: "Configuration".
  2023-01-16 08:21:59.693 +00:00 [INF] The configuration request was successfully extracted: {}.
  2023-01-16 08:21:59.694 +00:00 [INF] The configuration request was successfully validated.
  2023-01-16 08:21:59.694 +00:00 [INF] The response was successfully returned as a JSON document: {
    "issuer": "https://it42scalesauthserver.azurewebsites.net/",
    "authorization_endpoint": "https://it42scalesauthserver.azurewebsites.net/connect/authorize",
    "token_endpoint": "https://it42scalesauthserver.azurewebsites.net/connect/token",
    "introspection_endpoint": "https://it42scalesauthserver.azurewebsites.net/connect/introspect",
    "end_session_endpoint": "https://it42scalesauthserver.azurewebsites.net/connect/logout",
    "revocation_endpoint": "https://it42scalesauthserver.azurewebsites.net/connect/revocat",
    "userinfo_endpoint": "https://it42scalesauthserver.azurewebsites.net/connect/userinfo",
    "device_authorization_endpoint": "https://it42scalesauthserver.azurewebsites.net/device",
    "jwks_uri": "https://it42scalesauthserver.azurewebsites.net/.well-known/jwks",
    "grant_types_supported": [
      "authorization_code",
      "implicit",
      "password",
      "client_credentials",
      "refresh_token",
      "urn:ietf:params:oauth:grant-type:device_code",
      "LinkLogin",
      "Impersonation"
    ],
    "response_types_supported": [
      "code",
      "code id_token",
      "code id_token token",
      "code token",
      "id_token",
      "id_token token",
      "token",
      "none"
    ],
    "response_modes_supported": [
      "form_post",
      "fragment",
      "query"
    ],
    "scopes_supported": [
      "openid",
      "offline_access",
      "email",
      "profile",
      "phone",
      "roles",
      "address"
    ],
    "claims_supported": [
      "aud",
      "exp",
      "iat",
      "iss",
      "sub"
    ],
    "id_token_signing_alg_values_supported": [
      "RS256"
    ],
    "code_challenge_methods_supported": [
      "S256"
    ],
    "subject_types_supported": [
      "public"
    ],
    "token_endpoint_auth_methods_supported": [
      "client_secret_basic",
      "client_secret_post"
    ],
    "introspection_endpoint_auth_methods_supported": [
      "client_secret_basic",
      "client_secret_post"
    ],
    "revocation_endpoint_auth_methods_supported": [
      "client_secret_basic",
      "client_secret_post"
    ],
    "claims_parameter_supported": false,
    "request_parameter_supported": false,
    "request_uri_parameter_supported": false
  }.
  2023-01-16 08:21:59.694 +00:00 [INF] Request finished HTTP/1.1 GET https://it42scalesauthserver.azurewebsites.net/.well-known/openid-configuration - - - 200 2174 application/json;charset=UTF-8 2.1042ms
  2023-01-16 08:21:59.722 +00:00 [INF] Request starting HTTP/1.1 GET https://it42scalesauthserver.azurewebsites.net/.well-known/jwks - -
  2023-01-16 08:21:59.722 +00:00 [INF] The request address matched a server endpoint: "Cryptography".
  2023-01-16 08:21:59.722 +00:00 [INF] The cryptography request was successfully extracted: {}.
  2023-01-16 08:21:59.722 +00:00 [INF] The cryptography request was successfully validated.
  2023-01-16 08:21:59.723 +00:00 [INF] The response was successfully returned as a JSON document: {
    "keys": [
      {
        "kid": "1765FC3711211A4CD2AA6092DFC4B1C00F8B9350",
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "e": "AQAB",
        "n": "xVdFLey2ZxFoLTKU4idQM8LngcF2ND5hCqavlxux2G_esn6xhMkONB68cCggWgdZ2hxzIs-gwf-zWARKaoA08wBmq5Igt-VqqaV68Od21iUoAqSmPsc0-nVBZX7EXOisYXe-3af8XriUOh_6oxuEzmG6c68W-k0RyOKjhMTvooLRDoDIGydw0MA263bCa8Bgh2p7WWtcCYvYOK9NSxbFwt1AKXIWXuKVHmiC1Ei4jyoCI4S2dSgKD9vt-G01pzATcif2Yk_sEyICw9s23frwVRJhgFjrvfXu3lDOXnTrA87cdaNTbHwoho5KH0p4jHESMzdWERDUMl73z3MqNyfWIQ",
        "x5t": "F2X8NxEhGkzSqmCS38SxwA-Lk1A",
        "x5c": [
          "MIIC9TCCAd2gAwIBAgIJAPvsRWCrR2VAMA0GCSqGSIb3DQEBCwUAMDAxLjAsBgNVBAMTJU9wZW5JZGRpY3QgU2VydmVyIFNpZ25pbmcgQ2VydGlmaWNhdGUwHhcNMjMwMTE2MDgxODIyWhcNMjUwMTE2MDgxODIyWjAwMS4wLAYDVQQDEyVPcGVuSWRkaWN0IFNlcnZlciBTaWduaW5nIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVdFLey2ZxFoLTKU4idQM8LngcF2ND5hCqavlxux2G/esn6xhMkONB68cCggWgdZ2hxzIs+gwf+zWARKaoA08wBmq5Igt+VqqaV68Od21iUoAqSmPsc0+nVBZX7EXOisYXe+3af8XriUOh/6oxuEzmG6c68W+k0RyOKjhMTvooLRDoDIGydw0MA263bCa8Bgh2p7WWtcCYvYOK9NSxbFwt1AKXIWXuKVHmiC1Ei4jyoCI4S2dSgKD9vt+G01pzATcif2Yk/sEyICw9s23frwVRJhgFjrvfXu3lDOXnTrA87cdaNTbHwoho5KH0p4jHESMzdWERDUMl73z3MqNyfWIQIDAQABoxIwEDAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAJzuqTkoPLAekbk+hkpH2pye3WBn761kslRXcMdLBcXPtaf6vcc5ird01lx07KLCBAsrkbjLNFg/q6JVUuAylUKe1P+IQgMOlSorspjefjyhyrUymitkO0+uvelDSgLwl9Bimy2WUMQGB1GIEiOK0YuGuNHOd61wjfgCPgJ+uG8vot1uoy1x9GXHz4S9SIIAcpS1EChoelmlowM6/Ye/EQE8MOUyr812bbh/umXHnpiwbho07KxQzO5VYKLHmJf8BKSVs+LbZ4QFAShHTARCZIMr6B3zNiMMa1IPT1iodmRwBT34q7osAKp45fmXH9zl9/wl7sFn93E2TE4uXKFPv3Y="
        ]
      }
    ]
  }.
  2023-01-16 08:21:59.724 +00:00 [INF] Request finished HTTP/1.1 GET https://it42scalesauthserver.azurewebsites.net/.well-known/jwks - - - 200 1635 application/json;charset=UTF-8 1.8856ms
  2023-01-16 08:22:00.240 +00:00 [INF] Request starting HTTP/1.1 GET https://it42scalesauthserver.azurewebsites.net/api/account/profile-picture-file/bead807e-8eac-ed60-565d-3a08b73fdd53?api-version=1.0 - -
  2023-01-16 08:22:00.248 +00:00 [INF] OpenIddict.Validation.AspNetCore was not authenticated. Failure message: An error occurred while authenticating the current request.
  2023-01-16 08:22:00.248 +00:00 [INF] OpenIddict.Validation.AspNetCore was not authenticated. Failure message: An error occurred while authenticating the current request.
  2023-01-16 08:22:00.249 +00:00 [INF] Executing endpoint 'Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
  2023-01-16 08:22:00.249 +00:00 [INF] Route matched with {area = "account", action = "GetProfilePictureFile", controller = "Account", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.Content.IRemoteStreamContent] GetProfilePictureFileAsync(System.Guid) on controller Volo.Abp.Account.AccountController (Volo.Abp.Account.Pro.Public.HttpApi).
  2023-01-16 08:22:00.263 +00:00 [INF] Executing action method Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi) - Validation state: "Valid"
  2023-01-16 08:22:00.279 +00:00 [INF] Executed action method Volo.Abp.Account.AccountController.GetProfilePictureFileAsync (Volo.Abp.Account.Pro.Public.HttpApi), returned result Microsoft.AspNetCore.Mvc.ObjectResult in 16.5409ms.
  

  बचाना रद्द करना
• 

  0

  maliming बनाया था one year ago

  सहायता दल Fullstack Developer

  hi

  Do you have similar code in your web project?

  Is the ExpireTimeSpan set to 365 days?

  context.Services.AddAuthentication(options =>
  {
      options.DefaultScheme = "Cookies";
      options.DefaultChallengeScheme = "oidc";
  })
  .AddCookie("Cookies", options =>
  {
      options.ExpireTimeSpan = TimeSpan.FromDays(365);
  })
  

  बचाना रद्द करना
• 

  0

  manuel42 बनाया था one year ago

  Yes that the code of the template. we did not change it.

    context.Services.AddAuthentication(options =>
              {
                  options.DefaultScheme = "Cookies";
                  options.DefaultChallengeScheme = "oidc";
              })
              .AddCookie("Cookies", options =>
              {
                  options.ExpireTimeSpan = TimeSpan.FromDays(365);
              })
              .AddAbpOpenIdConnect("oidc", options =>
              {
                  options.Authority = configuration["AuthServer:Authority"];
                  options.RequireHttpsMetadata =  Convert.ToBoolean(configuration["AuthServer:RequireHttpsMetadata"]);
                  options.ResponseType = OpenIdConnectResponseType.CodeIdToken;
  
                  options.ClientId = configuration["AuthServer:ClientId"];
                  options.ClientSecret = configuration["AuthServer:ClientSecret"];
  
                  options.UsePkce = true;
                  options.SaveTokens = true;
                  options.GetClaimsFromUserInfoEndpoint = true;
  
                  options.Scope.Add("roles");
                  options.Scope.Add("email");
                  options.Scope.Add("phone");
                  options.Scope.Add("Scale");
              });
  

  बचाना रद्द करना
• 

  0

  maliming बनाया था one year ago

  सहायता दल Fullstack Developer

  hi

  [INF] AuthenticationScheme: Cookies was forbidden. 2023-01-13 07:15:27.044 +00:00 [INF] AuthenticationScheme: oidc was forbidden. 2023-01-13 07:15:27.052 +00:00

  I see that the app's cookie authentication fails. However, the app's cookie is valid for 1 year, and I'm wondering why it doesn't work.

  Can the problem be reproduced in a local development environment?

  बचाना रद्द करना
• 

  0

  manuel42 बनाया था one year ago

  Yes the same problem we use this redis docker container for local testing. We are wondering too about this issue.

  docker run --name demoContainer -p 6379:6379 -d redis
  

  The only thing we have changed so far is that we removed the unused localization .json files. In both in the application template and in the custom module templates.

  Is it possible that the error is related to this warning ? it always appears before the errors.

  [WRN] Could not find the localization resource LeptonX on the remote server! 2023-01-13 07:15:13.347 +00:00
  

  बचाना रद्द करना
• 

  0

  maliming बनाया था one year ago

  सहायता दल Fullstack Developer

  It does not fix the problem when we logout and login again. After a few times the permissions get loaded again

  Can you share a URL and username & password so I can reproduce the problem online?

  liming.ma@volosoft.com

  बचाना रद्द करना
• 

  0

  manuel42 बनाया था one year ago

  I have sent you the requested information. Error appears when you are logged in in the application but you are not active in the application for round about 30 minutes

  बचाना रद्द करना
• 

  0

  maliming बनाया था one year ago

  सहायता दल Fullstack Developer

  OK, I will test it asap. Thanks

  बचाना रद्द करना
• 

  0

  manuel42 बनाया था one year ago

  We have solved the problem with a template change. Now we use the standard application template and added the custom modules. After the deploying this template the problem was solved.

  I can not provide more information to this problem at this moment. I hope we will not encounter this problem again in the future.

  बचाना रद्द करना