Base solution for your next web application
Open Closed

System.FormatException on impersonation after upgrade to ASPNETZERO 9.0.1 #9365

User avatar
0
alexanderpilhar created

9.0.1, .NET Core, Angular

When impersonating a tenant user and later switching back to host user, the following error appears in src\ProjectName.Web.Host\Startup\AuthConfigurer.cs multiple times: System.FormatException: 'The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.'

Does any one else experience this issue!?

EDIT

Here is the content of Logs.txt:

ERROR 2020-07-14 15:22:38,814 [157  ] uthentication.JwtBearer.JwtBearerHandler - Exception occurred while processing message.
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
   at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
   at System.Convert.FromBase64String(String s)
   at Abp.Runtime.Security.SimpleStringCipher.Decrypt(String cipherText, String passPhrase, Byte[] salt, Nullable`1 keySize, Byte[] initVectorBytes)
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.SetToken(MessageReceivedContext context, Boolean allowAnonymous) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 126
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.QueryStringTokenResolver(MessageReceivedContext context) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 90
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
ERROR 2020-07-14 15:22:41,777 [119  ] uthentication.JwtBearer.JwtBearerHandler - Exception occurred while processing message.
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
   at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
   at System.Convert.FromBase64String(String s)
   at Abp.Runtime.Security.SimpleStringCipher.Decrypt(String cipherText, String passPhrase, Byte[] salt, Nullable`1 keySize, Byte[] initVectorBytes)
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.SetToken(MessageReceivedContext context, Boolean allowAnonymous) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 126
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.QueryStringTokenResolver(MessageReceivedContext context) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 90
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
ERROR 2020-07-14 15:22:41,778 [120  ] uthentication.JwtBearer.JwtBearerHandler - Exception occurred while processing message.
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
   at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
   at System.Convert.FromBase64String(String s)
   at Abp.Runtime.Security.SimpleStringCipher.Decrypt(String cipherText, String passPhrase, Byte[] salt, Nullable`1 keySize, Byte[] initVectorBytes)
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.SetToken(MessageReceivedContext context, Boolean allowAnonymous) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 126
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.QueryStringTokenResolver(MessageReceivedContext context) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 90
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
ERROR 2020-07-14 15:22:41,778 [64   ] uthentication.JwtBearer.JwtBearerHandler - Exception occurred while processing message.
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
   at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
   at System.Convert.FromBase64String(String s)
   at Abp.Runtime.Security.SimpleStringCipher.Decrypt(String cipherText, String passPhrase, Byte[] salt, Nullable`1 keySize, Byte[] initVectorBytes)
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.SetToken(MessageReceivedContext context, Boolean allowAnonymous) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 126
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.QueryStringTokenResolver(MessageReceivedContext context) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 90
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
ERROR 2020-07-14 15:22:41,779 [119  ] nostics.DeveloperExceptionPageMiddleware - An unhandled exception has occurred while executing the request.
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
   at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
   at System.Convert.FromBase64String(String s)
   at Abp.Runtime.Security.SimpleStringCipher.Decrypt(String cipherText, String passPhrase, Byte[] salt, Nullable`1 keySize, Byte[] initVectorBytes)
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.SetToken(MessageReceivedContext context, Boolean allowAnonymous) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 126
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.QueryStringTokenResolver(MessageReceivedContext context) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 90
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
   at Abp.AspNetZeroCore.Web.Authentication.JwtBearer.JwtTokenMiddleware.<>c__DisplayClass0_0.<<UseJwtTokenMiddleware>b__0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
ERROR 2020-07-14 15:22:41,779 [157  ] nostics.DeveloperExceptionPageMiddleware - An unhandled exception has occurred while executing the request.
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
   at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
   at System.Convert.FromBase64String(String s)
   at Abp.Runtime.Security.SimpleStringCipher.Decrypt(String cipherText, String passPhrase, Byte[] salt, Nullable`1 keySize, Byte[] initVectorBytes)
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.SetToken(MessageReceivedContext context, Boolean allowAnonymous) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 126
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.QueryStringTokenResolver(MessageReceivedContext context) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 90
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
   at Abp.AspNetZeroCore.Web.Authentication.JwtBearer.JwtTokenMiddleware.<>c__DisplayClass0_0.<<UseJwtTokenMiddleware>b__0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
ERROR 2020-07-14 15:22:41,780 [120  ] nostics.DeveloperExceptionPageMiddleware - An unhandled exception has occurred while executing the request.
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
   at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
   at System.Convert.FromBase64String(String s)
   at Abp.Runtime.Security.SimpleStringCipher.Decrypt(String cipherText, String passPhrase, Byte[] salt, Nullable`1 keySize, Byte[] initVectorBytes)
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.SetToken(MessageReceivedContext context, Boolean allowAnonymous) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 126
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.QueryStringTokenResolver(MessageReceivedContext context) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 90
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
   at Abp.AspNetZeroCore.Web.Authentication.JwtBearer.JwtTokenMiddleware.<>c__DisplayClass0_0.<<UseJwtTokenMiddleware>b__0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
ERROR 2020-07-14 15:22:41,780 [64   ] nostics.DeveloperExceptionPageMiddleware - An unhandled exception has occurred while executing the request.
System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
   at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength)
   at System.Convert.FromBase64String(String s)
   at Abp.Runtime.Security.SimpleStringCipher.Decrypt(String cipherText, String passPhrase, Byte[] salt, Nullable`1 keySize, Byte[] initVectorBytes)
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.SetToken(MessageReceivedContext context, Boolean allowAnonymous) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 126
   at CompanyName.ProjectName.Web.Startup.AuthConfigurer.QueryStringTokenResolver(MessageReceivedContext context) in D:\UserName\source\repos\CompanyName.ProjectName.All\Core\src\CompanyName.ProjectName.Web.Host\Startup\AuthConfigurer.cs:line 90
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
   at Abp.AspNetZeroCore.Web.Authentication.JwtBearer.JwtTokenMiddleware.<>c__DisplayClass0_0.<<UseJwtTokenMiddleware>b__0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
Go to accepted answer
6 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    Could you check if you have this change in your source code https://github.com/aspnetzero/aspnet-zero-core/commit/007f73962dbf13cb17901fb6cb85670ea2e5d612 ?

    Thanks,

  • User Avatar
    0
    alexanderpilhar created

    Hi @ismcagdas!

    Yes, this file is up to date!

    I was wondering if it might be related to one of my other issues: [exception when impersonating tenant user #8611](https://support.aspnetzero.com/QA/Questions/8611/exception-when-impersonating-tenant-user). I used the #if DEBUG preprocessor directive to work around this issue in my debug environment and thought it might interfere somehow now - I then reverted my changes but it didn't solve the current problem.

  • User Avatar
    0
    alexanderpilhar created

    I just tried with a clean install of my project and this problem exists there as well.

  • User Avatar
    0
    alexanderpilhar created

    Implemented preprocessor directive as a work-around:

    #if DEBUG
            try
            {
                context.Token = SimpleStringCipher.Instance.Decrypt(qsAuthToken, AppConsts.DefaultPassPhrase);
            }
            catch
            {
                // ignore
            }
#else
            context.Token = SimpleStringCipher.Instance.Decrypt(qsAuthToken, AppConsts.DefaultPassPhrase);
#endif

    I would prefer a better solution, though ...

    PS: It seems there is a problem with the SignalR chat-service related to this as well! When impersonating a tenant user, chat-service failed to connect, also when switching back to host user, chat-service failed to connect. Since I use the workaround above the problem seems to be gone.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @alexanderpilhar

    Could you write steps to repdocue this problem on a clean project ?

    Thanks,

  • User Avatar
    0
    alexanderpilhar created

    Hi @ismcagdas!

    It seems this one is another of the browser cache related problems. I cleaned all browser data and now the problem does not occur anymore!

    Thank you for your time!

Assignee
No one
Labels
Non yet