Activities of "jopperman@waltons.co.za"

According to log Audience is invalid, below is JWT and Module code:

022-10-12 00:44:56.852 +02:00 [INF] Request starting HTTP/1.1 GET https://REDACTED/api/app/orders application/json - 2022-10-12 00:44:56.854 +02:00 [INF] Failed to validate the token. Microsoft.IdentityModel.Tokens.SecurityTokenInvalidAudienceException: IDX10214: Audience validation failed. Audiences: 'System.String'. Did not match: validationParameters.ValidAudience: 'System.String' or validationParameters.ValidAudiences: 'System.String'. at Microsoft.IdentityModel.Tokens.Validators.ValidateAudience(IEnumerable1 audiences, SecurityToken securityToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken) at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync() 2022-10-12 00:44:56.854 +02:00 [INF] Bearer was not authenticated. Failure message: IDX10214: Audience validation failed. Audiences: 'System.String'. Did not match: validationParameters.ValidAudience: 'System.String' or validationParameters.ValidAudiences: 'System.String'. 2022-10-12 00:44:56.855 +02:00 [INF] Executing endpoint 'Waltons.Switch.Controllers.Orders.OrderController.GetListAsync (Waltons.Switch.HttpApi)' 2022-10-12 00:44:56.855 +02:00 [INF] Route matched with {area = "app", controller = "Order", action = "GetList", page = ""}. Executing controller action with signature System.Threading.Tasks.Task1[Volo.Abp.Application.Dtos.PagedResultDto`1[Waltons.Switch.Orders.OrderWithNavigationPropertiesDto]] GetListAsync(Waltons.Switch.Orders.GetOrdersInput) on controller Waltons.Switch.Controllers.Orders.OrderController (Waltons.Switch.HttpApi). 2022-10-12 00:44:56.866 +02:00 [INF] Authorization failed. These requirements were not met: PermissionRequirement: Switch.Orders 2022-10-12 00:44:56.868 +02:00 [WRN] ---------- RemoteServiceErrorInfo ---------- { "code": "Volo.Authorization:010001", "message": "Authorization failed! Given policy has not granted.", "details": null, "data": {}, "validationErrors": null }

  • ABP Framework version: v5.3.3
  • UI type: Blazor Server
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace: [23:06:20 INF] Request starting HTTP/2 GET https://localhost:44308/api/app/invoices?AccountCode=GPXYZ824&CreatedDateTimeMin=2022-09-01&CreatedDateTimeMax=2022-12-31 - - [23:06:21 DBG] PermissionStore.GetCacheItemAsync: pn:C,pk:ClientDemo,n:Titan.Invoices [23:06:21 DBG] Found in the cache: pn:C,pk:ClientDemo,n:Titan.Invoices [23:06:21 INF] Authorization failed. These requirements were not met: PermissionRequirement: Titan.Invoices [23:06:21 INF] AuthenticationScheme: Bearer was forbidden. [23:06:21 INF] Request finished HTTP/2 GET https://localhost:44308/api/app/invoices?AccountCode=GPXYZ824&CreatedDateTimeMin=2022-09-01&CreatedDateTimeMax=2022-12-31 - - - 403 - - 4.2358ms

Hi, we are attempting to authenticate an external system using the client_credentials grant type.

We have setup the client through the Identity Server UI and granted permission. We are able to retrieve a token from /connect/token that includes a scope and the audience however when we use the token to access any API we receive the above error stating that permissions are not granted.

If we create a regular user and authenticate through the password grant type we are able to access the API however this is not what we want as the credentials could be used to access the frontend.

I have aligned the settings (incl permissions) for the new client with the default ProjectName_App client. If I use ProjectName_App as the client_id the API calls complete successfully. if I use the test client it fails due to permissions.

The tokens received back are near identical, only difference is the client_id

What am I missing?

Looks like that did the trick thank you! I will run some more testing over the coming days

Created a fresh 5.2.1 Blazor Server project using the suite, getting "type or namespace AbpUowHubFilter not found"

This wasn't an issue on < 5.2 of ABP

  • ABP Framework version: v5.2.1
  • UI type: Blazor Server
  • DB provider: EF Core
  • Exception message and stack trace:
  • Steps to reproduce the issue: Create a Blazor Server project using the suite. Create a basic crud entity and enable auditing by adding the [Audited] tag to the class. Entity changes through swagger will log correctly. Changes through the Blazor UI do not.

As per the title and information above, a core feature of the ABP Commercial does not work. There seems to be very little priority to resolve this.

Showing 1 to 6 of 6 entries
Made with ❤️ on ABP v9.2.0-preview. Updated on January 22, 2025, 06:31