Base solution for your next web application

Activities of "Jason"

So I changed the port number for the server side host project, {Project}.Web.Host, in the launchsettings and the appsettings.json files, and changed the references in the angular project everywhere to match the new port number. Now, I am getting an error when trying to launch the angular project, that it cant hit the https://localhost:{port}/AbpUserConfiguration/GetAll?id={idString} endpoint. It is not logged in, so it should be loading just the login page. I tried to find that endpoint in the code, but I could not. It returns a 404 and nothing is loaded.

Wondering if anybody has experienced this and was able to resolve it?

I am running the ASP.Net Core Zero 3.0 project with Angular, and I have a client application that uses it as a login provider and a user store. The client app, TRX, has a method that calls the user list after gaining an access token via a password token request. The token request itself works, and returns the access token which I then attach to the request for the user list, pretty much the same way that the Client app within the ASP Net zero project does:

        private static async Task<string> GetAccessTokenViaOwnerPasswordAsync()
        {
            var client = new HttpClient();

            var disco = await client.GetDiscoveryDocumentAsync(ServerUrlBase);
            if (disco.IsError)
            {
                throw new Exception(disco.Error);
            }

            client.DefaultRequestHeaders.Add(TenantConstants.Tenant1, "1");  //Set TenantId
            var tokenResponse = await client.RequestPasswordTokenAsync(new PasswordTokenRequest
            {
                Address = disco.TokenEndpoint,
                ClientId = "client",
                ClientSecret = "secret",
                Scope = "default-api",
                UserName = "username",
                Password = "password"
            });

            if (tokenResponse.IsError)
            {
                Console.WriteLine("Error: ");
                Console.WriteLine(tokenResponse.Error);
            }

            Console.WriteLine(tokenResponse.Json);

            return tokenResponse.AccessToken;
        }
        
        ...
        
        private static async Task<PagedResultDto<UserListDto>> GetUsersListAsync(string accessToken)
        {
            // ReSharper disable once ConvertToUsingDeclaration
            using (var client = new HttpClient())
            {
                client.SetBearerToken(accessToken);

                try
                {
                    var response = await client.GetAsync($"{ServerUrlBase}api/services/app/user/getUsers");
                    if (!response.IsSuccessStatusCode)
                    {
                        Console.WriteLine(response.StatusCode);
                        return null;
                    }

                    var content = await response.Content.ReadAsStringAsync();
                    var ajaxResponse = JsonConvert.DeserializeObject<AjaxResponse<PagedResultDto<UserListDto>>>(content);
                    if (!ajaxResponse.Success)
                    {
                        throw new Exception(ajaxResponse.Error?.Message ?? "Remote service throws exception!");
                    }

                    Console.WriteLine();
                    Console.WriteLine("Total user count: " + ajaxResponse.Result.TotalCount);
                    Console.WriteLine();

                    foreach (var user in ajaxResponse.Result.Items)
                    {
                        Console.WriteLine($"### UserId: {user.Id}, UserName: {user.UserName}");
                        Console.WriteLine(user.ToJsonString(indented: true));
                    }
                    return ajaxResponse.Result;
                }
                catch (Exception exception)
                {
                    Console.WriteLine(exception);
                    throw;
                }
                
            }
        }

And when it hits ValidateToken, during the user list GET request, it errors out with this error:

IDX10501: Signature validation failed. Unable to match key: kid: '{key here}'

I have looked around to see what this might be caused by, and at the very least I know it means that the key does not match the validationParameters that it is checking against, but I have not been able to determine why, or what could fix this.

I would appreciate any help that can be provided for this issue.

public ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, out SecurityToken validatedToken)

...

var principal = _tokenHandler.ValidateToken(securityToken, validationParameters, out validatedToken); //error here

For a little more specificity, I am working on the same project as mac, and we are using a couple different approaches for the connections: user password, and code flow with PKCE. For the user password approach, we are trying to build the user list GET separately in our own project. Every time we ping it, we get an error with the discovery document GET request:

 var client = new HttpClient();

            var disco = await client.GetDiscoveryDocumentAsync(ServerUrlBase);
            if (disco.IsError)
            {
                throw new Exception(disco.Error);
            }

This prevents further connection. The error coming back is that the target machine is actively refusing the connection. The ServerUrlBase being used is the same one that is set in the IdentityServer project, and I have run the dotnet cert to see if the certificate exists, which it does, so that doesnt seem to be the issue.

Our problem is that we cannot get past the discovery document bit to get to the access token request.

Seems like it does, at least through the discovery document part. I get this error when it tries to grab the users list, after getting the access token:

I upgraded AspNetCore Zero application to AspNetCore 3 from 2.2, and started trying to rebuild connections I had written with an external app to access certain things, including using the AspNetCore Zero application, (EXP), as a login provider, and getting and uploading Users to EXP from my external app (RXP). For the most part, I assumed any changes would be small, just adding the client again, and Api resources necessary to allow access. I am using two different kinds of approaches. For the user bits, with the GET request to EXP for the users list, and the POST back to EXP with an excel file to import users, I use a password connection to get the access token and then make the request. For the actual SSO login provision, I used code flow with PKCE. In testing out the GET request for the users, it first grabs the Discovery document from the base url of EXP, which I matched to the url specified in the appsettings.json file in EXP. I either get NotFound, or Blocked by the target, everytime I try to get it, so I don't even get to the point of initiating the access token request completely.

I am wondering what the issue may be, if anyone else has experienced this.

Here are a few code snippets that pertain directly to this:

//Users list GET reuqest
var client = new HttpClient();

            var disco = await client.GetDiscoveryDocumentAsync(ServerUrlBase);
            if (disco.IsError)
            {
                throw new Exception(disco.Error);
            }
            ...
            
            //Users excel import into EXP
            var byteArrayContent = new ByteArrayContent(data);
                   
                    var content = new MultipartFormDataContent {{byteArrayContent, "file", "UserList.xslx"}};

                    var response = await client.PostAsync($"{ServerUrlBase}Users/ImportFromExcel",content);
Showing 1 to 5 of 5 entries