Open Closed

IExtensionGrantValidator IdentityServer4 Not Recongnised. #2738


User avatar
0
otee@urvin.finance created

I created an IExtensionGrantValidator using the code below. I want the code to be hit **ValidateAsync ** when i request a token using the grant type named delegation.

public class DelegationGrantValidator : IExtensionGrantValidator
    {
        private readonly UserManager<IdentityUser> _userManager;

        public string GrantType => "delegation";

        public DelegationGrantValidator(UserManager<IdentityUser> userManager)
        {
            _userManager = userManager;
        }
        
        public async Task ValidateAsync(ExtensionGrantValidationContext context)
        {
            var userId = context.Request.Raw.Get("user_id");

            var user = await _userManager.FindByIdAsync(userId);

            if (user == null)
            {
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant);
                return;
            }
            else
            {
                var userClaims = await _userManager.GetClaimsAsync(user);
                var claimsIdentity = new ClaimsIdentity(userClaims);
                var claimsPrincipal = new ClaimsPrincipal(claimsIdentity);
                context.Result = new GrantValidationResult(claimsPrincipal);

                return;
            }
        }
    }

I registered the grant as below:

public override void PostConfigureServices(ServiceConfigurationContext context)
    {
        var hostingEnvironment = context.Services.GetHostingEnvironment();
        
        context.Services.Configure<IIdentityServerBuilder>(builder =>
        {
            builder.AddExtensionGrantValidator<DelegationGrantValidator>();
        });
    }

I get an error when i call the token endpoint on AuthServer as below using :

2022-03-14 13:53:45.997 +01:00 [ERR] No validator is registered for the grant type{"grantType":"delegation"}, details: {"ClientId":"UrvinFinance_BlazorServer","ClientName":"UrvinFinance_BlazorServer","GrantType":"delegation","Scopes":null,"AuthorizationCode":"********","RefreshToken":"********","UserName":null,"AuthenticationContextReferenceClasses":null,"Tenant":null,"IdP":null,"Raw":{"grant_type":"delegation","username":"admin","token":"1q2w3E*","client_id":"UrvinFinance_BlazorServer","client_secret":"***REDACTED***"},"$type":"TokenRequestValidationLog"}
2022-03-14 13:53:46.009 +01:00 [INF] {"ClientId":"UrvinFinance_BlazorServer","ClientName":"UrvinFinance_BlazorServer","RedirectUri":null,"Endpoint":"Token","SubjectId":null,"Scopes":null,"GrantType":"delegation","Error":"unsupported_grant_type","ErrorDescription":null,"Category":"Token","Name":"Token Issued Failure","EventType":"Failure","Id":2001,"Message":null,"ActivityId":"0HMG5N6KTSCAB:00000002","TimeStamp":"2022-03-14T12:53:46.0000000Z","ProcessId":35236,"LocalIpAddress":"::1:44322","RemoteIpAddress":"::1","$type":"TokenIssuedFailureEvent"}

Note: I've registered the granttype for on the client. I also tried configuring in ConfigureService and PreConfigureService of AuthServer.

I also removed my code and followed the documentation on identity server. https://identityserver4.readthedocs.io/en/aspnetcore2/topics/extension_grants.html#refextensiongrants I got same error.


4 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team

    hi

    Please try to addExtensionGrantValidator in PreConfigure method.

    public override void PreConfigureServices(ServiceConfigurationContext context)
    {
        PreConfigure<IIdentityServerBuilder>(identityServerBuilder =>
        {
            identityServerBuilder.AddExtensionGrantValidator<DelegationGrantValidator>();
        });
    }
    
  • User Avatar
    0
    otee@urvin.finance created

    Thanks it worked. But now the UserManager<IdentityUser> _userManager is not injected. I get

    DependencyResolutionException: None of the constructors found with 'Autofac.Core.Activators.Reflection.DefaultConstructorFinder' on type 'UrvinFinance.AuthServer.IdentityGrant.DelegationGrantValidator' can be invoked with the available services and parameters: Cannot resolve parameter 'Microsoft.AspNetCore.Identity.UserManager1[Microsoft.AspNetCore.Identity.IdentityUser] userManager' of constructor 'Void .ctor(Microsoft.AspNetCore.Identity.UserManager1[Microsoft.AspNetCore.Identity.IdentityUser])'.

    I believe this is already registered because it works for controllers.

  • User Avatar
    0
    maliming created
    Support Team

    hi

    using IdentityUser = Volo.Abp.Identity.IdentityUser;
    

    and you can inject the Volo.Abp.Identity.IdentityUserManager service.

  • User Avatar
    0
    otee@urvin.finance created

    This worked thanks

Made with ❤️ on ABP v9.2.0-preview. Updated on January 14, 2025, 14:54