To accomplish with this is enough if external portal call ANZ loginUrl with returnUrl set to its url and in ANZ side append the authToken to returnUrl and redirect it?
That's not strictly SSO. TokenAuthController already does AddSingleSignInParametersToReturnUrl and return accessToken. https://github.com/aspnetzero/aspnet-zero-core/.../TokenAuthController.cs#L104-L170
The problem is not with page caching. Why does it matter if you need to GetGrantedPermissionsAsync and inject anyway?
Use AsNoTracking. Instead of GetRoleByIdAsync, do:
var role = await Repository.GetAll().AsNoTracking().FirstAsync(x => x.Id == input.Id.Value);
Are both modals using the same _Layout.cshtml file?
You should put the quick fix close to where it is required - in the same file as the modal.
The permissions in the role from GetRoleByIdAsync are populated only if the permissions exist in the current context. You should not rely on the permissions here.
Always use GetGrantedPermissionsAsync, which returns permissions in the database, then inject other permissions.
So the roles do not actually have permissions, but only from your injected objects?
Can you check that bootstrap.css is loaded?
A quick fix would be to add:
<style>
.modal-body {
padding: 15px;
}
</style>
Do you mean that the permissions are already in the database and that every time you get (without editing), it doesn't give the same result?
These serve different purposes: ViewBag (dynamic) and ViewData - valid for the current request. TempData - valid for a single redirect. Session - valid for a login session. Cache - valid for 60 minutes (sliding expiration) while your application runs (singleton) and shared globally (with other users).
Do you mean calling EditMakerModalViewModel at the same place works? Or it works in a different view?