Base solution for your next web application
Open Closed

IDX10223: Lifetime validation failed #7951


User avatar
0
kasem created

Hi

App in dev mode keeps failing with the following thrown exception:

IDX10223: Lifetime validation failed. The token is expired. ValidTo: '[PII is hidden]', Current time: '[PII is hidden]'.


46 Answer(s)
  • User Avatar
    0
    muhittincelik created

    [email protected] a webex meeting daveti gönderdim.

  • User Avatar
    0
    maliming created
    Support Team

    hi muhittincelik

    Did you enable Identity Server4?

    When you run the application using the Start without Debugging method, I believe the application will run as expected, except that the above log may be included in the log.

  • User Avatar
    0
    kasem created

    What do you mean by Start without Debugging ? How can I do this?

  • User Avatar
    0
    BobIngham created

    I can confirm that this is a problem. Here is a screen shot of Application Insights from my Azure production system. my logs are written direct to Application Insights and not to text file.... I am currently trying to reduce exceptions in my logs, can someone advise accordingly?

  • User Avatar
    0
    musa.demir created

    Hi @bobingham, As i mentioned here : 39f1b34bb292 it is normal if the page redirect back to login page after get 401. Is it going back to login ?

  • User Avatar
    0
    musa.demir created

    What do you mean by Start without Debugging ? How can I do this?

  • User Avatar
    0
    BobIngham created

    Hi @demimursa, We seem to be using exception to handle programming flow. Let me give a simple example. I want to oursource the support of my system to a third party. One of the things this out-sourcing company will do is to check HTTP 500 errors and report them back to me. At the moment it is not possible to monitor HTTP 500 errors with Zero because the error log is full of exceptions such as "wrong password" and "token expired". These are not exceptions and should not be handled as such. So, I have to order my out-sourcing company to ignore exceptions because 99.5% of them are not actually exceptions: Failed login and token expired should both be warnings at best. And, moreover, as I said, this is a production system. Am I supposed to trace each exception back to the user and find out if they were redirected to the login page? The following issues would address the problem to some extent, they have all been on the backlog for months. Silent refresh token for JWT Session lock screen User lockout

  • User Avatar
    0
    musa.demir created

    Login failed returns Http 401 unauthorized error (which is totaly correct http result code in this case) If you think there is something unexpected please open new issue. Then we can continue to discussion on new issue.

  • User Avatar
    0
    BobIngham created

    @demirmusa, Forgive my ignorance. Why is a 401 reported as an exception?

  • User Avatar
    0
    musa.demir created

    @bobingham https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/401

  • User Avatar
    0
    BobIngham created

    @demimursa, I stand corrected but flummoxed as to why a 401 should be considered as an exception, it's a user error not a system error. Can anypone throw any light on this?

  • User Avatar
    0
    musa.demir created

    It is not a user error. It is generated by that line AbpZeroTemplateJwtSecurityTokenHandler.cs#L40 when any endpoint gets request with an expired token. Then the requested endpoint returns http 401 response to says to the client you are unauthorized.

  • User Avatar
    0
    BobIngham created

    Because the user has left open the system in the browser or has entered an incorrect password. In a large system this happens so often that it is extremely difficult to find exceptions thrown by the system as a result of cose error.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @bobingham

    Sorry but this is not a decision that we can make. HTTP 401 is accepted as an error code. Do you mean we should throw any other error when the token is expired ?

  • User Avatar
    1
    BobIngham created

    Hi @ismcagdas, Ok, I hear what you're saying. At the moment I'm up to my ears trying to feed my logs into Sumo Logic. Once I'm done I may be to reach out and see if I can filter out these types of erros as exceptions in the end solution. Can we leave this item as open and I will revert when I know more.

  • User Avatar
    0
    ashishani created

    Hi, I am having the same issue. I am a recent client who uses v8.0.0

    However, the reason I am currently investigating this issue is that I suspect it is causing some data leak which causes my app to reach the maximum number of connections in the pool "100 connections". This forces me to restart the application in IIS.

    The reason for me to think that the error in this Question is the cause, I am suspecting that there is a unit of work within that scope and it doesn't execute "uow.Complete();" to close the DB Connection.

    I am not sure it is the cause, but this is the error I get and it always happen the same time when the token get expired.


    System.InvalidOperationException: Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached. at Microsoft.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection) at Microsoft.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource1 retry, DbConnectionOptions userOptions) at Microsoft.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource1 retry) at Microsoft.Data.SqlClient.SqlConnection.Open() at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.OpenDbConnection(Boolean errorsExpected) at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.Open(Boolean errorsExpected) at Microsoft.EntityFrameworkCore.Storage.RelationalConnection.BeginTransaction(IsolationLevel isolationLevel) at Microsoft.EntityFrameworkCore.SqlServer.Storage.Internal.SqlServerExecutionStrategy.Execute[TState,TResult](TState state, Func3 operation, Func3 verifySucceeded) at Microsoft.EntityFrameworkCore.RelationalDatabaseFacadeExtensions.BeginTransaction(DatabaseFacade databaseFacade, IsolationLevel isolationLevel) at Abp.EntityFrameworkCore.Uow.DbContextEfCoreTransactionStrategy.CreateDbContext[TDbContext](String connectionString, IDbContextResolver dbContextResolver) at Abp.EntityFrameworkCore.Uow.EfCoreUnitOfWork.GetOrCreateDbContext[TDbContext](Nullable1 multiTenancySide, String name) at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase3.get_Table() at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase3.Insert(TEntity entity) at Abp.EntityFrameworkCore.Repositories.EfCoreRepositoryBase`3.InsertAsync(TEntity enti...


    This is how my log looks like:

  • User Avatar
    0
    ismcagdas created
    Support Team

    @ashishani Do you still have this problem ?

    Thanks,

  • User Avatar
    0
    ashishani created

    Hi @ismcagdas, Yes it is still happening and it is hard to spot the location of the database connection leak. My app reaches the limit of SQL connections (100 open connections) every couple of days. At the moment I do restart IIS almost everyday to kill the open DB connections until I identify the scope of problem. I did a code review and added a UnitOfWork using statement and made sure that I complete the UnitOfWork in the end, like this:

            using (var unitOfWork = _unitOfWorkManager.Begin())
            {
                ... some code
                
                await unitOfWork.CompleteAsync();
            }
            
    

    I do have 2 DBContexts each one accessing a different database to migrate list of customers, products and other type of data every day. Not sure if it can be relavent.

    Other scope that I am suspecting to be the cause is an exception when validating tokens. There is a Salesforce App that consumes my .Net Core 3 API. I am also using Angular 8. I noticed that there are lots of Token validation throwing an exception because the token used is expired. I am just suspecing that this may be a scope which has a unit of work and the exception doesn't allow the unit of work to complete (Maybe?)

    I am trying to think of an approach to identify the source. I am open for suggestions.

    Thanks, Ali

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @ashishani

    Thank you for the extra information. Do you have any "async void" methods ?

  • User Avatar
    0
    ashishani created

    Hi @ismcagdas, yes I do. like the example below:

    public async Task DeleteAdjustmentMap(EntityDto<int> input)
    {
        var allAdjustmentMaps = _adjustmentMapRepository.GetAll();
        
        ... some code...
        
        await _adjustmentMapRepository.DeleteAsync(adjustmentMap);
    }
    

    Your question reminded me of an issue that I fixed recently. It could be the cause but let me confirm with you first.

    The bug was that I have an async method to delete records and and I used to call it without the key-word await. of course the DBContext was not happy sometimes, and I had an exception (sometimes) at that scope because I am using the same DBContext in 2 threads. I just rememberd that I only deployed that fix in production few days ago. I didn't see the error yet because I restart IIS everyday.

    The code before fixing the bug looked like this:

    var opportunityLineItemIdsToDelete = (from l in allOpportunityLineItems
                                                                  where l.OpportunityId == opportunityOutput.Id
                                                                  && !opportunityLineItemReferences.Contains(l.LineItemReference)
                                                                  select l.Id).ToList();
    
    if (opportunityLineItemIdsToDelete.Count() > 0)
    {
        **_ = DeleteOpportunityLineItemsRelatedEntities(opportunityLineItemIdsToDelete, true);**
    }
    

    after fixing the bug, the code looked like this:

    var opportunityLineItemIdsToDelete = (from l in allOpportunityLineItems
                                                                  where l.OpportunityId == opportunityOutput.Id
                                                                  && !opportunityLineItemReferences.Contains(l.LineItemReference)
                                                                  select l.Id).ToList();
    
    if (opportunityLineItemIdsToDelete.Count() > 0)
    {
        **await DeleteOpportunityLineItemsRelatedEntities(opportunityLineItemIdsToDelete, true);**
    }
    

    Would that lead to the leak issue? I stopped restarting the server so I can see the error if it happens.

    Sorry, most probably the issue I was having is not relevant to the Lifetime validation failed.

    Thanks

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @ashishani

    Sorry for my late reply. Your method is good because it is async Task, not async void.

    Yes, it might be the cause. Not using await can cause such problems. I also think your problem is not related to token lifetime validation. You can create a new issue if you face same problem again.

    Thanks.