Activities of "cmthomps"
Trying to do a proof of concept that allows a third party application to use the embedded IdentityServer for single sign on. I can see that the IdentityServer is running because when I request http://localhost:62114/.well-known/openid-configuration, I get:
{{
"issuer": "http://localhost:62114",
"jwks_uri": "http://localhost:62114/.well-known/openid-configuration/jwks",
"authorization_endpoint": "http://localhost:62114/connect/authorize",
"token_endpoint": "http://localhost:62114/connect/token",
"userinfo_endpoint": "http://localhost:62114/connect/userinfo",
"end_session_endpoint": "http://localhost:62114/connect/endsession",
"check_session_iframe": "http://localhost:62114/connect/checksession",
"revocation_endpoint": "http://localhost:62114/connect/revocation",
"introspection_endpoint": "http://localhost:62114/connect/introspect",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true,
"backchannel_logout_supported": true,
"backchannel_logout_session_supported": true,
"scopes_supported": [
"openid",
"profile",
"email",
"phone",
"default-api",
"offline_access"
],
"claims_supported": [
"sub",
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at",
"email",
"email_verified",
"phone_number",
"phone_number_verified"
],
"grant_types_supported": [
"authorization_code",
"client_credentials",
"refresh_token",
"implicit",
"password"
],
"response_types_supported": [
"code",
"token",
"id_token",
"id_token token",
"code id_token",
"code token",
"code id_token token"
],
"response_modes_supported": [
"form_post",
"query",
"fragment"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"subject_types_supported": [
"public"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"code_challenge_methods_supported": [
"plain",
"S256"
]
}}
The problem is that when I make a request to http://localhost:62114/connect/authorize, I get an error:
Full request:
http://localhost:62114/connect/authorize?client_id=implicit&redirect_uri=http%3A%2F%2Flocalhost%3A44077%2Fsignin-oidc&response_type=id_token&scope=openid%20profile%20email&response_mode=form_post&nonce=636731393554871981.ODg5OGYzOTYtNWVlMy00MWNmLWE1Y2MtY2ViNmVlNzBmZTZhNTcwNTM0NzktNzhkNC00ZGYzLThjYzgtMWRkZGM4OGVlNzk2&state=CfDJ8LRmRAoWNcxFrJRw5HHQysTVsGMPTIG8jR0PvpWOtlmzv6mv1PSS1SmG6ZeRprtHTf37KjojOFDAteGgRtkvVFZh94XUjvLpVPKCtkqDFTw5LyH3w0PxbJIZ08SX4t2c7HQhmfoou4zCOfevPq6bNgmW-mvUIEEDn1GQmleMrUz48gPlaa2Sp-pN87E7kMyfVcdQ7dnzsCPKevbT7qvdpZwwEFtjXXqj5fhxGXawezOAKTpaIlLPY1Z0MahhwIJELdO5Fm773h4-RYft9gr6730xR221nsp1Ma66kZrIklbVZutERJcPyoIJktOJJMvBJ32UVzrasdqPLV4lK4mQzn0&x-client-SKU=ID_NET&x-client-ver=2.1.4.0
And the error:
HTTP/1.1 302 Found
Location: http://localhost:62114/home/error?errorId=CfDJ8LRmRAoWNcxFrJRw5HHQysSZzqNP2t0VE4h3EjoX9QLFs3G52aKE59RK1G27QDS4sMCpbWilnW9Tuucwl6HBTORZN7BG6pKpB1MfsqBJiQ-jD9mvVj1pABzybvQt2m0gTHFA7F-ZqD5nW-HHFGgfmt238snkhwI5Qw_dXOfjJWiij30JBg8S40174f7wlAi3b1uhIGpcicw6tj-UpWSBh-gI83-eNbKRvpZBDKPQZYadzNfKUNBSHvTSz4uzGTJvDCBIGdu-GZWfnZwhDtLuXi5_oxOhcMvh2wRed45l4pnHS6ADllB-pXwPF2LnkwvCwQ
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-SourceFiles: =?UTF-8?B?QzpcVXNlcnNcY3Rob21wc29uLkdPU01DUEFSVE5FUlNcRG9jdW1lbnRzXFZpc3VhbCBTdHVkaW8gMjAxN1xQcm9qZWN0c1xBc3BOZXRaZXJvVGVzdFxUZXN0Q2FjaGVcVGVzdFxUZXN0XHNyY1xTbWMuVGVzdC5XZWIuTXZjXGNvbm5lY3RcYXV0aG9yaXpl?=
Date: Fri, 21 Sep 2018 15:09:15 GMT
Content-Length: 0
Thoughts on what I'm doing wrong?
We're trying to add a new action filter to our application services. We're running the CORE/jQuery version (v5.3) of AspNetZero. The filter needs to inherit from IActionFilter which requires a reference to Microsoft.AspNetCore.Mvc. The current Application project in AspNetZero does not have that reference so we're not sure which is the best project to put the new filter. We've thought about just adding a new project to the solution but we are not confident that is the best approach.
The second question is how do we register the new filter so that it can be used by a service. In this link [https://forum.aspnetboilerplate.com/viewtopic.php?f=5&t=10803&p=27013&hilit=action+filter+api#p27013]), the is a reference to adding it in the startup class in Web.Host project but that project doesn't exist anymore in newer versions of AspNetZero. Can you point us in the right direction for that as well?
Thanks, Craig
Is there a easy way to send a calendar invitation? Ran across some examples here [https://esausilva.com/2016/11/17/create-ical-ics-files-in-c-asp-net-mvc-several-methods/]) but wondering if there is a better way using ABP.
Thanks, Craig
I'm playing with the PhoneBook Core Xamarin demo application ([https://github.com/aspnetzero/aspnet-zero-samples/tree/master/PhoneBook-Core]). The app starts and I can login as the host no problem. If I try to switch to the default tenant and login, I get an error. I haven't been able to track down the error in the code. I've tried setting a breakpoint in the LogException method, but it never gets hit.
I'm trying to determine which keys/secrets in appsettings.config need to change for the purposes of securing our site.
There are a couple places in the default config file where there appear to be keys that should change. Specifically here:
"Clients": [
{
"ClientId": "client",
"AllowedGrantTypes": [ "password" ],
"ClientSecrets": [
{
"Value": "def2edf7-5d42-4edc-a84a-30136c340e13"
}
],
"AllowedScopes": [ "default-api" ]
},
And here:
"JwtBearer": {
"IsEnabled": "true",
"SecurityKey": "AbpZeroTemplate_8CFB2EC534E14D56",
"Issuer": "AbpZeroTemplate",
"Audience": "AbpZeroTemplate"
},
Can these these two secrets be safely changed? Is the JwtBearer section necessary?
Thanks, Craig
Just installed an application on a new Windows 2012 server and getting the error below. The site comes up and I can login but it throws the error when trying to access <a class="postlink" href="http://localhost/AbpServiceProxies/GetAll?v=636529892276783364">http://localhost/AbpServiceProxies/GetA ... 2276783364</a>. I've tried disabling FIPS Policy using [https://docs.microsoft.com/en-us/dotnet/framework/configure-apps/file-schema/runtime/enforcefipspolicy-element])
INFO 2018-01-31 10:47:26,657 [8 ] ore.Mvc.Internal.ControllerActionInvoker - Executing action method Abp.AspNetCore.Mvc.Proxying.AbpServiceProxiesController.GetAll (Abp.AspNetCore) with arguments (Abp.AspNetCore.Mvc.Proxying.ApiProxyGenerationModel) - ModelState is Valid
ERROR 2018-01-31 10:47:26,658 [8 ] Mvc.ExceptionHandling.AbpExceptionFilter - Exception has been thrown by the target of an invocation.
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.MD5CryptoServiceProvider..ctor()
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.Security.Cryptography.CryptoConfig.CreateFromName(String name, Object[] args)
at System.Security.Cryptography.MD5.Create()
at Abp.Extensions.StringExtensions.ToMd5(String str)
at Abp.Web.Api.ProxyScripting.ApiProxyScriptManager.GetScript(ApiProxyGenerationOptions options)
at lambda_method(Closure , Object , Object[] )
at Microsoft.AspNetCore.Mvc.Internal.ObjectMethodExecutor.Execute(Object target, Object[] parameters)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.<InvokeActionMethodAsync>d__27.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.<InvokeNextActionFilterAsync>d__25.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Rethrow(ActionExecutedContext context)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.<InvokeNextExceptionFilterAsync>d__24.MoveNext()
INFO 2018-01-31 10:47:26,658 [8 ] ore.Mvc.Internal.ControllerActionInvoker - Executed action Abp.AspNetCore.Mvc.Proxying.AbpServiceProxiesController.GetAll (Abp.AspNetCore) in 1.3309ms
ERROR 2018-01-31 10:47:26,659 [8 ] e.Diagnostics.ExceptionHandlerMiddleware - An unhandled exception has occurred: Exception has been thrown by the target of an invocation.
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.MD5CryptoServiceProvider..ctor()
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.Security.Cryptography.CryptoConfig.CreateFromName(String name, Object[] args)
at System.Security.Cryptography.MD5.Create()
at Abp.Extensions.StringExtensions.ToMd5(String str)
at Abp.Web.Api.ProxyScripting.ApiProxyScriptManager.GetScript(ApiProxyGenerationOptions options)
at lambda_method(Closure , Object , Object[] )
at Microsoft.AspNetCore.Mvc.Internal.ObjectMethodExecutor.Execute(Object target, Object[] parameters)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.<InvokeActionMethodAsync>d__27.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.<InvokeNextActionFilterAsync>d__25.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Rethrow(ActionExecutedContext context)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.<InvokeNextExceptionFilterAsync>d__24.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Rethrow(ExceptionContext context)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.<InvokeNextResourceFilter>d__22.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Rethrow(ResourceExecutedContext context)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.<InvokeAsync>d__20.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Builder.RouterMiddleware.<Invoke>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Owin.Mapping.MapMiddleware.<Invoke>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Owin.WebSocketAcceptAdapter.<>c__DisplayClass6_0.<<AdaptWebSockets>b__0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.<Invoke>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.AccessTokenValidation.IdentityServerAuthenticationMiddleware.<Invoke>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Hosting.IdentityServerMiddleware.<Invoke>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Hosting.FederatedSignOutMiddleware.<Invoke>d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Hosting.AuthenticationMiddleware.<Invoke>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Cors.Infrastructure.CorsMiddleware.<Invoke>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Hosting.BaseUrlMiddleware.<Invoke>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware`1.<Invoke>d__18.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>d__6.MoveNext()
Is anyone else having an issue where you set the navigation to be across the top and the menu items fail to "click"? The side nav works fine for me and, with the top nav, if I right click the item and select open in new tab it works fine too. Seems like there maybe an css z-index issue or something like that. Wondering if it's just me.
I'm trying to integrate with an OpenId server and I'm new to the process. I've enabled the openId authentication provider in appsettings.json. When I click the openid button on the login screen it takes me to the openid server login page. After login, I see an error that says:
Error invalid_grant There was an error processing your request.
A redirect_uri can only be used by implicit or authorization_code grant types.
Does anyone know if this is an issue with how the application is configured or does this seem like a server problem? I've tried changing the AllowedGrantTypes in appsettings.json to include "implicit" and "authorization_code" but I see the same error.
Thanks, Craig
We're starting to experiment with using docker. When we try to run "docker-compose up -d", we're getting an error that says:
Pulling zero_mvc (zero/mvc:latest)... ERROR: repository zero/mvc not found: does not exist or no pull access
Should we be using a different image?
Thanks, Craig
I'm having a similar issue as the one presented at: [https://forum.aspnetboilerplate.com/viewtopic.php?f=5&t=9887&p=22368&hilit=notification#p22368])
I've gone through the post and am not having any luck. The users never receive the notifications. I can see that the service is getting called because I can set a breakpoint and I can also see the jobs in the Hangfire tables.
Here is my domain service code. Happy to send the project along if it would be easier.
Thanks, Craig
using Abp;
using Abp.Domain.Repositories;
using Abp.Domain.Uow;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using TestCode.TestCode.Authorization.Users;
namespace TestCode.TestCode.Notifications
{
public class NotificationDomainService : TestCodeDomainServiceBase, INotificationDomainService
{
//private readonly INotificationDomainService _notificationDomainService;
private readonly IAppNotifier _appNotifier;
private readonly UserManager _userManager;
private IRepository<User, long> _userRepository;
private readonly IUnitOfWorkManager _unitOfWorkManager;
public NotificationDomainService(IAppNotifier appNotifier, IRepository<User, long> userRepository, IUnitOfWorkManager unitOfWorkManager)//, UserManager userManager)
{
_appNotifier = appNotifier;
//_userManager = userManager;
_userRepository = userRepository;
_unitOfWorkManager = unitOfWorkManager;
}
public virtual void NotifyAllForTenantById(int? tenantId, string message = "Domain Service", string severity = "info")
{
using (_unitOfWorkManager.Begin())
{
using (CurrentUnitOfWork.DisableFilter(AbpDataFilters.MayHaveTenant))
{
var users = _userRepository.GetAllList(u => u.TenantId == tenantId);
UserIdentifier[] userIds = new UserIdentifier[users.Count()];
int i = 0;
foreach (User u in users)
{
UserIdentifier userId = new UserIdentifier(tenantId, u.Id);
_appNotifier.SendMessageAsync(userId, "Hello to All Tenant Users From The Domain Service");
}
CurrentUnitOfWork.SaveChanges();
}
}
}
}
}