Base solution for your next web application
Open Closed

"Stop Impersonating" Disappears After Initial Page Click #10819

User avatar
0
solusupport created

Prerequisites

Please answer the following questions before submitting an issue. YOU MAY DELETE THE PREREQUISITES SECTION.

  • 10.2.0
  • MVC
  • .net core

If issue related with ABP Framework

  • 10.2.0

Our Issue

We ran into an issue where we could not get "Stop Impersonating" to show after the initial page load, on other pages consistently. We did find this post - https://support.aspnetzero.com/QA/Questions/10019/When-I-refresh-the-pageImpersonaton-does-not-work - but it did not help.

We then found this: https://github.com/aspnetzero/aspnet-zero-core/issues/3902 - it helped a little bit, but we still get this error:

ERROR 2022-01-10 15:08:47,799 [18 ] nostics.DeveloperExceptionPageMiddleware - An unhandled exception has occurred while executing the request. Abp.UI.UserFriendlyException: Impersonation token is invalid or expired! at Solu.Greenlight.Authorization.Impersonation.ImpersonationManager.GetImpersonatedUserAndIdentity(String impersonationToken) in /opt/atlassian/pipelines/agent/build/src/Solu.Greenlight.Core/Authorization/Impersonation/ImpersonationManager.cs:line 39 at Solu.Greenlight.Web.Controllers.AccountController.ImpersonateSignIn(String tokenId) in /opt/atlassian/pipelines/agent/build/src/Solu.Greenlight.Web.Mvc/Controllers/AccountController.cs:line 940 at Abp.Domain.Uow.UnitOfWorkInterceptor.InternalInterceptAsynchronous[TResult](IInvocation invocation) at lambda_method3376(Closure , Object )

Is there additional information we can provide you to further troubleshoot?

Go to accepted answer
3 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @solusupport

    Do you mean "back to my account" link/button by "Stop Impersonating" ? Could you explain the steps you are following to reproduce this problem so we can reproduce it on our side and offer you a solution ?

    Thanks,

  • User Avatar
    0
    solusupport created

    Hi @ismcagdas -

    Yes - that's correct. For our portal:

    1. Login as a service rep (specific role)
    2. Go to the users list and find a customer (different role from service rep) to impersonate
    3. Click on "impersonate user"
    4. Now impersonating as said customer, clicking around, then click on "stop impersonating" (aka back to my account) Expected result: go back to page where originally cicked on impersonate user (step 2/3) Actual result: I get this error message:

    An unhandled exception occurred while processing the request. UserFriendlyException: Impersonation token is invalid or expired! Solu.Greenlight.Authorization.Impersonation.ImpersonationManager.GetImpersonatedUserAndIdentity(string impersonationToken) in ImpersonationManager.cs, line 39

    Stack Query Cookies Headers Routing UserFriendlyException: Impersonation token is invalid or expired! Solu.Greenlight.Authorization.Impersonation.ImpersonationManager.GetImpersonatedUserAndIdentity(string impersonationToken) in ImpersonationManager.cs Solu.Greenlight.Web.Controllers.AccountController.ImpersonateSignIn(string tokenId) in AccountController.cs Abp.Domain.Uow.UnitOfWorkInterceptor.InternalInterceptAsynchronous<TResult>(IInvocation invocation) lambda_method2485(Closure , object ) Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor+TaskOfActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, object controller, object[] arguments) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask<IActionResult> actionResultValueTask) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(ref State next, ref Scope scope, ref object state, ref bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|25_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ExceptionContextSealed context) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(ref State next, ref Scope scope, ref object state, ref bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResourceFilter>g__Awaited|24_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(ref State next, ref Scope scope, ref object state, ref bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|19_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, object state, bool isCompleted) Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker) Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger) Microsoft.AspNetCore.Session.SessionMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Session.SessionMiddleware.Invoke(HttpContext context) Joonasw.AspNetCore.SecurityHeaders.Csp.CspMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)

    Image of the same text message:

    We have this working on our CERT environment, but not the dev environment. We thought it was consistent but it's working properly in one environment.

    Also, what's the correct way to "reset" the site so that we can start with a clean slate to test impersonation. like is resetting iis and clearing cache OK or do we need to manually delete a token somewhere?

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi @solusupport

    Do you use multiple instances of Redis in your app ? If so, reseting redis cache might help. If you are able to reproduce this in your DEV environment, is it possible for us to access your source code to reproduce this ?

Assignee
No one
Labels
Non yet