Prerequisites
Please answer the following questions before submitting an issue. YOU MAY DELETE THE PREREQUISITES SECTION.
- 10.2.0
- MVC
- .net core
If issue related with ABP Framework
- 10.2.0
Our Issue
We ran into an issue where we could not get "Stop Impersonating" to show after the initial page load, on other pages consistently. We did find this post - https://support.aspnetzero.com/QA/Questions/10019/When-I-refresh-the-pageImpersonaton-does-not-work - but it did not help.
We then found this: https://github.com/aspnetzero/aspnet-zero-core/issues/3902 - it helped a little bit, but we still get this error:
ERROR 2022-01-10 15:08:47,799 [18 ] nostics.DeveloperExceptionPageMiddleware - An unhandled exception has occurred while executing the request. Abp.UI.UserFriendlyException: Impersonation token is invalid or expired! at Solu.Greenlight.Authorization.Impersonation.ImpersonationManager.GetImpersonatedUserAndIdentity(String impersonationToken) in /opt/atlassian/pipelines/agent/build/src/Solu.Greenlight.Core/Authorization/Impersonation/ImpersonationManager.cs:line 39 at Solu.Greenlight.Web.Controllers.AccountController.ImpersonateSignIn(String tokenId) in /opt/atlassian/pipelines/agent/build/src/Solu.Greenlight.Web.Mvc/Controllers/AccountController.cs:line 940 at Abp.Domain.Uow.UnitOfWorkInterceptor.InternalInterceptAsynchronous[TResult](IInvocation invocation) at lambda_method3376(Closure , Object )
Is there additional information we can provide you to further troubleshoot?
3 Answer(s)
-
0
Hi @solusupport
Do you mean "back to my account" link/button by "Stop Impersonating" ? Could you explain the steps you are following to reproduce this problem so we can reproduce it on our side and offer you a solution ?
Thanks,
-
0
Hi @ismcagdas -
Yes - that's correct. For our portal:
- Login as a service rep (specific role)
- Go to the users list and find a customer (different role from service rep) to impersonate
- Click on "impersonate user"
- Now impersonating as said customer, clicking around, then click on "stop impersonating" (aka back to my account) Expected result: go back to page where originally cicked on impersonate user (step 2/3) Actual result: I get this error message:
An unhandled exception occurred while processing the request. UserFriendlyException: Impersonation token is invalid or expired! Solu.Greenlight.Authorization.Impersonation.ImpersonationManager.GetImpersonatedUserAndIdentity(string impersonationToken) in ImpersonationManager.cs, line 39
Stack Query Cookies Headers Routing UserFriendlyException: Impersonation token is invalid or expired! Solu.Greenlight.Authorization.Impersonation.ImpersonationManager.GetImpersonatedUserAndIdentity(string impersonationToken) in ImpersonationManager.cs Solu.Greenlight.Web.Controllers.AccountController.ImpersonateSignIn(string tokenId) in AccountController.cs Abp.Domain.Uow.UnitOfWorkInterceptor.InternalInterceptAsynchronous<TResult>(IInvocation invocation) lambda_method2485(Closure , object ) Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor+TaskOfActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, object controller, object[] arguments) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask<IActionResult> actionResultValueTask) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(ref State next, ref Scope scope, ref object state, ref bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|25_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ExceptionContextSealed context) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(ref State next, ref Scope scope, ref object state, ref bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResourceFilter>g__Awaited|24_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(ref State next, ref Scope scope, ref object state, ref bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|19_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker) Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger) Microsoft.AspNetCore.Session.SessionMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Session.SessionMiddleware.Invoke(HttpContext context) Joonasw.AspNetCore.SecurityHeaders.Csp.CspMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
Image of the same text message:
We have this working on our CERT environment, but not the dev environment. We thought it was consistent but it's working properly in one environment.
Also, what's the correct way to "reset" the site so that we can start with a clean slate to test impersonation. like is resetting iis and clearing cache OK or do we need to manually delete a token somewhere?
-
0
Hi @solusupport
Do you use multiple instances of Redis in your app ? If so, reseting redis cache might help. If you are able to reproduce this in your DEV environment, is it possible for us to access your source code to reproduce this ?