Open Closed

Refresh_Token Timeout Resulting In Stuck Angular Client #1117


User avatar
0
riley.trevillion created
  • ABP Framework version: v4.2.2 / v4.3-preview
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): No
  • Exception message and stack trace:

Hello

I've been looking for a way to expire a users login session after X period of time has passed which automatically redirects them to the Identity Server login page.

As a starting point for this task, I have followed the advice provided on https://support.abp.io/QA/Questions/957/Force-users-to-re-login-if-they-are-inactive-in-30-minutes and set, in the IdentityServerClients DB table, the

  • AbsoluteRefreshTokenLifetime value to 30min
  • SlidingRefreshTokenLifetime to 15min
  • AccessTokenLifetime to 6.5mins

As expected, the access_tokenis renewed using the refresh_token at the correct time and continues to do so up until the 30 min mark when the refresh_token expires. This is all fine and works as expected.

Where I'm having trouble is when the refresh_token expires, instead of the ABP / Angular client redirecting to the Identity Server login screen for re-authentication, the application becomes stuck when refreshing the browser page and is unusable until the user clears all their cookies / cache. A 400 error is given which makes me think the application is trying to use the expired refresh_token to get more access_tokens after the 30 minute mark.

<br>

log.js:24 [HMR] Waiting for update signal from WDS...
ngxs-store.js:1965 RECOMMENDATION: Set developmentMode to true on the NgxsModule when Angular is running in development mode.
angular-oauth2-oidc.js:1551 Error refreshing token HttpErrorResponse {headers: HttpHeaders, status: 400, statusText: "OK", url: "https://localhost:44362/connect/token", ok: false, …}
core.js:5980 ERROR HttpErrorResponse {headers: HttpHeaders, status: 400, statusText: "OK", url: "https://localhost:44362/connect/token", ok: false, …}
main.ts:14 HttpErrorResponse {headers: HttpHeaders, status: 400, statusText: "OK", url: "https://localhost:44362/connect/token", ok: false, …}
(anonymous) @ main.ts:14
invoke @ zone-evergreen.js:364
run @ zone-evergreen.js:123
(anonymous) @ zone-evergreen.js:857
invokeTask @ zone-evergreen.js:399
runTask @ zone-evergreen.js:167
drainMicroTaskQueue @ zone-evergreen.js:569
invokeTask @ zone-evergreen.js:484
invokeTask @ zone-evergreen.js:1621
globalZoneAwareCallback @ zone-evergreen.js:1658
load (async)
customScheduleGlobal @ zone-evergreen.js:1773
scheduleTask @ zone-evergreen.js:385
onScheduleTask @ zone-evergreen.js:272
scheduleTask @ zone-evergreen.js:378
scheduleTask @ zone-evergreen.js:210
scheduleEventTask @ zone-evergreen.js:236
(anonymous) @ zone-evergreen.js:1928
(anonymous) @ http.js:1773
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ finalize.js:11
subscribe @ Observable.js:23
innerSubscribe @ innerSubscribe.js:67
_innerSub @ mergeMap.js:57
_tryNext @ mergeMap.js:51
_next @ mergeMap.js:34
next @ Subscriber.js:49
(anonymous) @ subscribeToArray.js:3
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ mergeMap.js:19
subscribe @ Observable.js:23
call @ filter.js:13
subscribe @ Observable.js:23
call @ map.js:16
subscribe @ Observable.js:23
call @ switchMap.js:15
subscribe @ Observable.js:23
(anonymous) @ angular-oauth2-oidc.js:1543
ZoneAwarePromise @ zone-evergreen.js:960
refreshToken @ angular-oauth2-oidc.js:1512
(anonymous) @ abp-ng.core.js:2411
invoke @ zone-evergreen.js:364
onInvoke @ core.js:28301
invoke @ zone-evergreen.js:363
run @ zone-evergreen.js:123
(anonymous) @ zone-evergreen.js:857
invokeTask @ zone-evergreen.js:399
onInvokeTask @ core.js:28289
invokeTask @ zone-evergreen.js:398
runTask @ zone-evergreen.js:167
drainMicroTaskQueue @ zone-evergreen.js:569
invokeTask @ zone-evergreen.js:484
invokeTask @ zone-evergreen.js:1621
globalZoneAwareCallback @ zone-evergreen.js:1658
load (async)
customScheduleGlobal @ zone-evergreen.js:1773
scheduleTask @ zone-evergreen.js:385
onScheduleTask @ zone-evergreen.js:272
scheduleTask @ zone-evergreen.js:378
scheduleTask @ zone-evergreen.js:210
scheduleEventTask @ zone-evergreen.js:236
(anonymous) @ zone-evergreen.js:1928
(anonymous) @ http.js:1773
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ finalize.js:11
subscribe @ Observable.js:23
innerSubscribe @ innerSubscribe.js:67
_innerSub @ mergeMap.js:57
_tryNext @ mergeMap.js:51
_next @ mergeMap.js:34
next @ Subscriber.js:49
(anonymous) @ subscribeToArray.js:3
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ mergeMap.js:19
subscribe @ Observable.js:23
call @ filter.js:13
subscribe @ Observable.js:23
call @ map.js:16
subscribe @ Observable.js:23
(anonymous) @ angular-oauth2-oidc.js:1339
ZoneAwarePromise @ zone-evergreen.js:960
loadJwks @ angular-oauth2-oidc.js:1337
(anonymous) @ angular-oauth2-oidc.js:1313
__tryOrUnsub @ Subscriber.js:183
next @ Subscriber.js:122
_next @ Subscriber.js:72
next @ Subscriber.js:49
_next @ map.js:35
next @ Subscriber.js:49
_next @ filter.js:33
next @ Subscriber.js:49
notifyNext @ mergeMap.js:70
_next @ innerSubscribe.js:10
next @ Subscriber.js:49
_next @ Subscriber.js:72
next @ Subscriber.js:49
onLoad @ http.js:1687
invokeTask @ zone-evergreen.js:399
onInvokeTask @ core.js:28289
invokeTask @ zone-evergreen.js:398
runTask @ zone-evergreen.js:167
invokeTask @ zone-evergreen.js:480
invokeTask @ zone-evergreen.js:1621
globalZoneAwareCallback @ zone-evergreen.js:1658
load (async)
customScheduleGlobal @ zone-evergreen.js:1773
scheduleTask @ zone-evergreen.js:385
onScheduleTask @ zone-evergreen.js:272
scheduleTask @ zone-evergreen.js:378
scheduleTask @ zone-evergreen.js:210
scheduleEventTask @ zone-evergreen.js:236
(anonymous) @ zone-evergreen.js:1928
(anonymous) @ http.js:1773
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ finalize.js:11
subscribe @ Observable.js:23
innerSubscribe @ innerSubscribe.js:67
_innerSub @ mergeMap.js:57
_tryNext @ mergeMap.js:51
_next @ mergeMap.js:34
next @ Subscriber.js:49
(anonymous) @ subscribeToArray.js:3
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ mergeMap.js:19
subscribe @ Observable.js:23
call @ filter.js:13
subscribe @ Observable.js:23
call @ map.js:16
subscribe @ Observable.js:23
(anonymous) @ angular-oauth2-oidc.js:1291
ZoneAwarePromise @ zone-evergreen.js:960
loadDiscoveryDocument @ angular-oauth2-oidc.js:1279
(anonymous) @ abp-ng.core.js:2391
(anonymous) @ tslib.es6.js:76
ZoneAwarePromise @ zone-evergreen.js:960
__awaiter @ tslib.es6.js:72
init @ abp-ng.core.js:2386
(anonymous) @ abp-ng.core.js:2405
(anonymous) @ tslib.es6.js:76
ZoneAwarePromise @ zone-evergreen.js:960
__awaiter @ tslib.es6.js:72
init @ abp-ng.core.js:2404
(anonymous) @ abp-ng.core.js:2492
(anonymous) @ tslib.es6.js:76
ZoneAwarePromise @ zone-evergreen.js:960
__awaiter @ tslib.es6.js:72
init @ abp-ng.core.js:2491
(anonymous) @ abp-ng.core.js:2654
fulfilled @ tslib.es6.js:73
invoke @ zone-evergreen.js:364
onInvoke @ core.js:28301
invoke @ zone-evergreen.js:363
run @ zone-evergreen.js:123
(anonymous) @ zone-evergreen.js:857
invokeTask @ zone-evergreen.js:399
onInvokeTask @ core.js:28289
invokeTask @ zone-evergreen.js:398
runTask @ zone-evergreen.js:167
drainMicroTaskQueue @ zone-evergreen.js:569
invokeTask @ zone-evergreen.js:484
invokeTask @ zone-evergreen.js:1621
globalZoneAwareCallback @ zone-evergreen.js:1658
load (async)
customScheduleGlobal @ zone-evergreen.js:1773
scheduleTask @ zone-evergreen.js:385
onScheduleTask @ zone-evergreen.js:272
scheduleTask @ zone-evergreen.js:378
scheduleTask @ zone-evergreen.js:210
scheduleEventTask @ zone-evergreen.js:236
(anonymous) @ zone-evergreen.js:1928
(anonymous) @ http.js:1773
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ finalize.js:11
subscribe @ Observable.js:23
innerSubscribe @ innerSubscribe.js:67
_innerSub @ mergeMap.js:57
_tryNext @ mergeMap.js:51
_next @ mergeMap.js:34
next @ Subscriber.js:49
(anonymous) @ subscribeToArray.js:3
_trySubscribe @ Observable.js:42
subscribe @ Observable.js:28
call @ mergeMap.js:19
subscribe @ Observable.js:23
call @ filter.js:13
subscribe @ Observable.js:23
call @ map.js:16
subscribe @ Observable.js:23
call @ catchError.js:14
subscribe @ Observable.js:23
call @ tap.js:16
subscribe @ Observable.js:23
(anonymous) @ Observable.js:91
ZoneAwarePromise @ zone-evergreen.js:960
toPromise @ Observable.js:89
getRemoteEnv @ abp-ng.core.js:2521
(anonymous) @ abp-ng.core.js:2652
(anonymous) @ tslib.es6.js:76
ZoneAwarePromise @ zone-evergreen.js:960
__awaiter @ tslib.es6.js:72
fn @ abp-ng.core.js:2646
runInitializers @ core.js:27596
(anonymous) @ core.js:28911
_callAndReportToErrorHandler @ core.js:29012
(anonymous) @ core.js:28909
invoke @ zone-evergreen.js:364
onInvoke @ core.js:28301
invoke @ zone-evergreen.js:363
run @ zone-evergreen.js:123
run @ core.js:28184
bootstrapModuleFactory @ core.js:28891
(anonymous) @ core.js:28943
invoke @ zone-evergreen.js:364
run @ zone-evergreen.js:123
(anonymous) @ zone-evergreen.js:857
invokeTask @ zone-evergreen.js:399
runTask @ zone-evergreen.js:167
drainMicroTaskQueue @ zone-evergreen.js:569
Promise.then (async)
scheduleMicroTask @ zone-evergreen.js:552
scheduleTask @ zone-evergreen.js:388
scheduleTask @ zone-evergreen.js:210
scheduleMicroTask @ zone-evergreen.js:230
scheduleResolveOrReject @ zone-evergreen.js:847
then @ zone-evergreen.js:979
bootstrapModule @ core.js:28943
(anonymous) @ main.ts:13
zUnb @ main.ts:14
__webpack_require__ @ bootstrap:853
fn @ bootstrap:150
9 @ main.js:2507
__webpack_require__ @ bootstrap:853
checkDeferredModules @ bootstrap:45
webpackJsonpCallback @ bootstrap:32
(anonymous) @ main.js:1
Show 191 more frames

<br> I have tried to handle this error in my top level component and redirect the user to the login page manually by subscribing to the OAuthService events Observable, but the 400 error seems to be happening much earlier in the application startup process so it never reaches my handling code. It seems to be happening in the @abp/ng.core module (in this file I think - https://github.com/abpframework/abp/blob/b183a24cfe56ad8263aaefcf4939b9cd0c18b1c7/npm/ng-packs/packages/core/src/lib/strategies/auth-flow.strategy.ts#L23).

Are you able to confirm if this is a bug? If it is not a bug or is intended behaviour, do you know how I can correctly handle this 400 error before the @abp/ng.core module attempts to get a new access_token with an expired refresh_token (if that is indeed the issue)?

Thankyou


4 Answer(s)
  • User Avatar
    0
    riley.trevillion created
    API / Identity Server Log

    I've removed some of the repeating successful token refresh lines to fit within forum text limit

    [23:27:53 INF] Request starting HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - -
    [23:27:53 INF] CORS policy execution successful.
    [23:27:53 INF] Request finished HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - - - 204 - - 0.2743ms
    [23:27:53 INF] Request starting HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160
    [23:27:53 INF] CORS policy execution successful.
    [23:27:53 INF] Successfully validated the token.
    [23:27:53 DBG] CORS request made for path: /connect/token from origin: [http://localhost:4200](http://localhost:4200)
    [23:27:53 DBG] CorsPolicyService allowed origin: [http://localhost:4200](http://localhost:4200)
    [23:27:53 INF] CORS policy execution successful.
    [23:27:53 DBG] Request path /connect/token matched to endpoint type Token
    [23:27:53 DBG] Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint
    [23:27:53 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
    [23:27:53 DBG] Start token request.
    [23:27:53 DBG] Start client validation
    [23:27:53 DBG] Start parsing Basic Authentication secret
    [23:27:53 DBG] Start parsing for secret in post body
    [23:27:53 DBG] client id without secret found
    [23:27:53 DBG] Parser found secret: PostBodySecretParser
    [23:27:53 DBG] Secret id found: Client_App
    [23:27:53 DBG] client configuration validation for client Client_App succeeded.
    [23:27:53 DBG] Public Client - skipping secret validation success
    [23:27:53 DBG] Client validation success
    [23:27:53 INF] {"ClientId": "Client_App", "AuthenticationMethod": "NoSecret", "Category": "Authentication", "Name": "Client Authentication Success", "EventType": "Success", "Id": 1010, "Message": null, "ActivityId": "80000182-0003-f700-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:27:53.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "ClientAuthenticationSuccessEvent"}
    [23:27:53 DBG] Start token request validation
    [23:27:53 DBG] Start validation of refresh token request
    [23:27:53 DBG] Validation of refresh token request success
    [23:27:53 INF] Token request validation success, {"ClientId": "Client_App", "ClientName": "Client_App", "GrantType": "refresh_token", "Scopes": null, "AuthorizationCode": "********", "RefreshToken": "****ED42", "UserName": null, "AuthenticationContextReferenceClasses": null, "Tenant": null, "IdP": null, "Raw": {"grant_type": "refresh_token", "scope": "offline_access Client", "refresh_token": "***REDACTED***", "client_id": "Client_App"}, "$type": "TokenRequestValidationLog"}
    [23:27:53 DBG] Updating refresh token
    [23:27:53 DBG] Token usage is one-time only. Setting current handle as consumed, and generating new handle
    [23:27:53 DBG] Created refresh token in store
    [23:27:53 DBG] Getting claims for identity token for subject: 39fb0cd8-5993-8e42-b1a5-e791f73d1e9f and client: Client_App
    [23:27:53 INF] {"ClientId": "Client_App", "ClientName": "Client_App", "RedirectUri": null, "Endpoint": "Token", "SubjectId": "39fb0cd8-5993-8e42-b1a5-e791f73d1e9f", "Scopes": "openid Client offline_access", "GrantType": "refresh_token", "Tokens": [{"TokenType": "id_token", "TokenValue": "****4Wmw", "$type": "Token"}, {"TokenType": "refresh_token", "TokenValue": "****62BC", "$type": "Token"}, {"TokenType": "access_token", "TokenValue": "****l3yQ", "$type": "Token"}], "Category": "Token", "Name": "Token Issued Success", "EventType": "Success", "Id": 2000, "Message": null, "ActivityId": "80000182-0003-f700-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:27:53.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "TokenIssuedSuccessEvent"}
    [23:27:53 DBG] Token request success.
    [23:27:53 INF] Request finished HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160 - 200 - application/json;+charset=UTF-8 123.8776ms
    
    [REMOVED MULTIPLE REPEATING TOEKN REFRESH SUCCESS BLOCKS]
    
    [23:53:08 INF] Request starting HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - -
    [23:53:08 INF] CORS policy execution successful.
    [23:53:08 INF] Request finished HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - - - 204 - - 0.3562ms
    [23:53:08 INF] Request starting HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160
    [23:53:08 INF] CORS policy execution successful.
    [23:53:08 INF] Successfully validated the token.
    [23:53:08 DBG] CORS request made for path: /connect/token from origin: [http://localhost:4200](http://localhost:4200)
    [23:53:08 DBG] CorsPolicyService allowed origin: [http://localhost:4200](http://localhost:4200)
    [23:53:08 INF] CORS policy execution successful.
    [23:53:08 DBG] Request path /connect/token matched to endpoint type Token
    [23:53:08 DBG] Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint
    [23:53:08 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
    [23:53:08 DBG] Start token request.
    [23:53:08 DBG] Start client validation
    [23:53:08 DBG] Start parsing Basic Authentication secret
    [23:53:08 DBG] Start parsing for secret in post body
    [23:53:08 DBG] client id without secret found
    [23:53:08 DBG] Parser found secret: PostBodySecretParser
    [23:53:08 DBG] Secret id found: Client_App
    [23:53:08 DBG] client configuration validation for client Client_App succeeded.
    [23:53:08 DBG] Public Client - skipping secret validation success
    [23:53:08 DBG] Client validation success
    [23:53:08 INF] {"ClientId": "Client_App", "AuthenticationMethod": "NoSecret", "Category": "Authentication", "Name": "Client Authentication Success", "EventType": "Success", "Id": 1010, "Message": null, "ActivityId": "800001f6-0004-ea00-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:53:08.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "ClientAuthenticationSuccessEvent"}
    [23:53:08 DBG] Start token request validation
    [23:53:08 DBG] Start validation of refresh token request
    [23:53:08 WRN] Refresh token has expired.
    [23:53:08 WRN] Refresh token validation failed. aborting, {"ClientId": "Client_App", "ClientName": "Client_App", "GrantType": "refresh_token", "Scopes": null, "AuthorizationCode": "********", "RefreshToken": "********", "UserName": null, "AuthenticationContextReferenceClasses": null, "Tenant": null, "IdP": null, "Raw": {"grant_type": "refresh_token", "scope": "offline_access Client", "refresh_token": "***REDACTED***", "client_id": "Client_App"}, "$type": "TokenRequestValidationLog"}
    [23:53:08 INF] {"ClientId": "Client_App", "ClientName": "Client_App", "RedirectUri": null, "Endpoint": "Token", "SubjectId": null, "Scopes": null, "GrantType": "refresh_token", "Error": "invalid_grant", "ErrorDescription": null, "Category": "Token", "Name": "Token Issued Failure", "EventType": "Failure", "Id": 2001, "Message": null, "ActivityId": "800001f6-0004-ea00-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:53:08.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "TokenIssuedFailureEvent"}
    [23:53:08 INF] Request finished HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160 - 400 - application/json;+charset=UTF-8 41.7969ms
    [23:56:04 INF] Request starting HTTP/2 OPTIONS [https://localhost:44362/.well-known/openid-configuration](https://localhost:44362/.well-known/openid-configuration) - -
    [23:56:04 INF] CORS policy execution successful.
    [23:56:04 INF] Request finished HTTP/2 OPTIONS [https://localhost:44362/.well-known/openid-configuration](https://localhost:44362/.well-known/openid-configuration) - - - 204 - - 0.9833ms
    [23:56:04 INF] Request starting HTTP/2 GET [https://localhost:44362/.well-known/openid-configuration](https://localhost:44362/.well-known/openid-configuration) - -
    [23:56:04 INF] CORS policy execution successful.
    [23:56:04 INF] Successfully validated the token.
    [23:56:04 DBG] CORS request made for path: /.well-known/openid-configuration from origin: [http://localhost:4200](http://localhost:4200)
    [23:56:04 DBG] CorsPolicyService allowed origin: [http://localhost:4200](http://localhost:4200)
    [23:56:04 INF] CORS policy execution successful.
    [23:56:04 DBG] Request path /.well-known/openid-configuration matched to endpoint type Discovery
    [23:56:04 DBG] Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryEndpoint
    [23:56:04 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryEndpoint for /.well-known/openid-configuration
    [23:56:04 DBG] Start discovery request
    [23:56:04 INF] Request finished HTTP/2 GET [https://localhost:44362/.well-known/openid-configuration](https://localhost:44362/.well-known/openid-configuration) - - - 200 - application/json;+charset=UTF-8 29.5408ms
    [23:56:04 INF] Request starting HTTP/2 OPTIONS [https://localhost:44362/.well-known/openid-configuration/jwks](https://localhost:44362/.well-known/openid-configuration/jwks) - -
    [23:56:04 INF] CORS policy execution successful.
    [23:56:04 INF] Request finished HTTP/2 OPTIONS [https://localhost:44362/.well-known/openid-configuration/jwks](https://localhost:44362/.well-known/openid-configuration/jwks) - - - 204 - - 0.2289ms
    [23:56:04 INF] Request starting HTTP/2 GET [https://localhost:44362/.well-known/openid-configuration/jwks](https://localhost:44362/.well-known/openid-configuration/jwks) - -
    [23:56:04 INF] CORS policy execution successful.
    [23:56:04 INF] Successfully validated the token.
    [23:56:04 DBG] CORS request made for path: /.well-known/openid-configuration/jwks from origin: [http://localhost:4200](http://localhost:4200)
    [23:56:04 DBG] CorsPolicyService allowed origin: [http://localhost:4200](http://localhost:4200)
    [23:56:04 INF] CORS policy execution successful.
    [23:56:04 DBG] Request path /.well-known/openid-configuration/jwks matched to endpoint type Discovery
    [23:56:04 DBG] Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryKeyEndpoint
    [23:56:04 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryKeyEndpoint for /.well-known/openid-configuration/jwks
    [23:56:04 DBG] Start key discovery request
    [23:56:04 INF] Request finished HTTP/2 GET [https://localhost:44362/.well-known/openid-configuration/jwks](https://localhost:44362/.well-known/openid-configuration/jwks) - - - 200 - application/json;+charset=UTF-8 10.8135ms
    [23:56:04 INF] Request starting HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - -
    [23:56:04 INF] CORS policy execution successful.
    [23:56:04 INF] Request finished HTTP/2 OPTIONS [https://localhost:44362/connect/token](https://localhost:44362/connect/token) - - - 204 - - 0.2310ms
    [23:56:04 INF] Request starting HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160
    [23:56:04 INF] CORS policy execution successful.
    [23:56:04 INF] Successfully validated the token.
    [23:56:04 DBG] CORS request made for path: /connect/token from origin: [http://localhost:4200](http://localhost:4200)
    [23:56:04 DBG] CorsPolicyService allowed origin: [http://localhost:4200](http://localhost:4200)
    [23:56:04 INF] CORS policy execution successful.
    [23:56:04 DBG] Request path /connect/token matched to endpoint type Token
    [23:56:04 DBG] Endpoint enabled: Token, successfully created handler: IdentityServer4.Endpoints.TokenEndpoint
    [23:56:04 INF] Invoking IdentityServer endpoint: IdentityServer4.Endpoints.TokenEndpoint for /connect/token
    [23:56:04 DBG] Start token request.
    [23:56:04 DBG] Start client validation
    [23:56:04 DBG] Start parsing Basic Authentication secret
    [23:56:04 DBG] Start parsing for secret in post body
    [23:56:04 DBG] client id without secret found
    [23:56:04 DBG] Parser found secret: PostBodySecretParser
    [23:56:04 DBG] Secret id found: Client_App
    [23:56:04 DBG] client configuration validation for client Client_App succeeded.
    [23:56:04 DBG] Public Client - skipping secret validation success
    [23:56:04 DBG] Client validation success
    [23:56:04 INF] {"ClientId": "Client_App", "AuthenticationMethod": "NoSecret", "Category": "Authentication", "Name": "Client Authentication Success", "EventType": "Success", "Id": 1010, "Message": null, "ActivityId": "8000053f-0005-e500-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:56:04.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "ClientAuthenticationSuccessEvent"}
    [23:56:04 DBG] Start token request validation
    [23:56:04 DBG] Start validation of refresh token request
    [23:56:04 WRN] Refresh token has expired.
    [23:56:04 WRN] Refresh token validation failed. aborting, {"ClientId": "Client_App", "ClientName": "Client_App", "GrantType": "refresh_token", "Scopes": null, "AuthorizationCode": "********", "RefreshToken": "********", "UserName": null, "AuthenticationContextReferenceClasses": null, "Tenant": null, "IdP": null, "Raw": {"grant_type": "refresh_token", "scope": "offline_access Client", "refresh_token": "***REDACTED***", "client_id": "Client_App"}, "$type": "TokenRequestValidationLog"}
    [23:56:04 INF] {"ClientId": "Client_App", "ClientName": "Client_App", "RedirectUri": null, "Endpoint": "Token", "SubjectId": null, "Scopes": null, "GrantType": "refresh_token", "Error": "invalid_grant", "ErrorDescription": null, "Category": "Token", "Name": "Token Issued Failure", "EventType": "Failure", "Id": 2001, "Message": null, "ActivityId": "8000053f-0005-e500-b63f-84710c7967bb", "TimeStamp": "2021-03-31T12:56:04.0000000Z", "ProcessId": 10416, "LocalIpAddress": "127.0.0.1:44362", "RemoteIpAddress": "127.0.0.1", "$type": "TokenIssuedFailureEvent"}
    [23:56:04 INF] Request finished HTTP/2 POST [https://localhost:44362/connect/token](https://localhost:44362/connect/token) application/x-www-form-urlencoded 160 - 400 - application/json;+charset=UTF-8 31.2436ms
    
  • User Avatar
    0
    riley.trevillion created
    IdentityServerClients DBTable

    <br> <br>

    Id,ClientId,ClientName,Description,ClientUri,LogoUri,Enabled,ProtocolType,RequireClientSecret,RequireConsent,AllowRememberConsent,AlwaysIncludeUserClaimsInIdToken,RequirePkce,AllowPlainTextPkce,RequireRequestObject,AllowAccessTokensViaBrowser,FrontChannelLogoutUri,FrontChannelLogoutSessionRequired,BackChannelLogoutUri,BackChannelLogoutSessionRequired,AllowOfflineAccess,IdentityTokenLifetime,AllowedIdentityTokenSigningAlgorithms,AccessTokenLifetime,AuthorizationCodeLifetime,ConsentLifetime,AbsoluteRefreshTokenLifetime,SlidingRefreshTokenLifetime,RefreshTokenUsage,UpdateAccessTokenClaimsOnRefresh,RefreshTokenExpiration,AccessTokenType,EnableLocalLogin,IncludeJwtId,AlwaysSendClientClaims,ClientClaimsPrefix,PairWiseSubjectSalt,UserSsoLifetime,UserCodeType,DeviceCodeLifetime,ExtraProperties,ConcurrencyStamp,CreationTime,CreatorId,LastModificationTime,LastModifierId,IsDeleted,DeleterId,DeletionTime
    39fb0cd8-5ebd-d891-7227-41d8bdb599c4,Client_Swagger,Client_Swagger,Client_Swagger,,,t,oidc,f,f,t,t,f,f,f,f,,t,,t,t,300,,31536000,300,,31536000,1296000,1,f,1,0,t,f,f,client_,,,,300,{},d17f0620c203454b9a9aec1fffacd6e2,38:01.2,,38:01.2,,f,,
    39fb0cd8-5e77-c65d-6d9b-b4a467324d69,Client_App,Client_App,Client_App,,,t,oidc,f,f,t,t,f,f,f,f,,t,,t,t,300,,400,300,,1800,900,1,f,1,0,t,f,f,client_,,,,300,{},2577c8202df3412db530849fa91dc765,38:01.1,,15:01.1,39fb0cd8-5993-8e42-b1a5-e791f73d1e9f,f,,
    
  • User Avatar
    0
    Mehmet created
    Support Team

    Hi

    I've created an issue: https://github.com/abpframework/abp/issues/8580

    It will be fixed in v4.3 stable version. Thanks for the reporting.

  • User Avatar
    0
    ServiceBot created
    Support Team

    This question has been automatically marked as stale because it has not had recent activity.

Made with ❤️ on ABP v9.1.0-rc.1. Updated on January 17, 2025, 14:13