MiniAuth
MiniAuth copied to clipboard
Published
20 hours ago •
mini-software
mini-software
Support change to identity JwtBearer
System.InvalidOperationException: Each parameter in the deserialization constructor on type 'Microsoft.AspNetCore.Identity.SignInManager`1[Microsoft.AspNetCore.Identity.IdentityUser]' must bind to an object property or field on deserialization. Each parameter name must match with a property or field on the object. Fields are only considered when 'JsonSerializerOptions.IncludeFields' is enabled. The match can be case-insensitive.
at System.Text.Json.ThrowHelper.ThrowInvalidOperationException_ConstructorParameterIncompleteBinding(Type parentType)
at System.Text.Json.Serialization.Converters.ObjectWithParameterizedConstructorConverter`1.OnTryRead(Utf8JsonReader& reader, Type typeToConvert, JsonSerializerOptions options, ReadStack& state, T& value)
at System.Text.Json.Serialization.JsonConverter`1.TryRead(Utf8JsonReader& reader, Type typeToConvert, JsonSerializerOptions options, ReadStack& state, T& value, Boolean& isPopulatedValue)
at System.Text.Json.Serialization.JsonConverter`1.ReadCore(Utf8JsonReader& reader, JsonSerializerOptions options, ReadStack& state)
at System.Text.Json.Serialization.Metadata.JsonTypeInfo`1.ContinueDeserialize(ReadBufferState& bufferState, JsonReaderState& jsonReaderState, ReadStack& readStack)
at System.Text.Json.Serialization.Metadata.JsonTypeInfo`1.DeserializeAsync(Stream utf8Json, CancellationToken cancellationToken)
at System.Text.Json.Serialization.Metadata.JsonTypeInfo`1.DeserializeAsObjectAsync(Stream utf8Json, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Http.HttpRequestJsonExtensions.ReadFromJsonAsync(HttpRequest request, JsonTypeInfo jsonTypeInfo, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Http.HttpRequestJsonExtensions.ReadFromJsonAsync(HttpRequest request, JsonTypeInfo jsonTypeInfo, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Http.RequestDelegateFactory.<HandleRequestBodyAndCompileRequestDelegateForJson>g__TryReadBodyAsync|102_0(HttpContext httpContext, Type bodyType, String parameterTypeName, String parameterName, Boolean allowEmptyRequestBody, Boolean throwOnBadRequest, JsonTypeInfo jsonTypeInfo)
at Microsoft.AspNetCore.Http.RequestDelegateFactory.<>c__DisplayClass102_2.<<HandleRequestBodyAndCompileRequestDelegateForJson>b__2>d.MoveNext()
--- End of stack trace from previous location ---
at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
at MiniAuth.MiniAuthIdentityMiddleware.Invoke(HttpContext context) in D:\git\MiniAuth\src\MiniAuth.IdentityAuth\MiniAuthIdentityMiddleware.cs:line 44
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddlewareImpl.Invoke(HttpContext context)
HEADERS
=======
Accept: */*
Connection: keep-alive
Host: localhost:5566
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en,zh-TW;q=0.9,zh;q=0.8,en-US;q=0.7,zh-CN;q=0.6,ru;q=0.5,hr;q=0.4
Content-Type: application/json
Cookie: SECKEY_ABVK=08ETeTAkbhaW9LonL5L4AYCLEqGqz03LjktIlDWQH8E%3D; BMAP_SECKEY=r-oXIEYkzEtJvglQ5vs2abcnI0dBUPDPQoQVJrqT-a4oC56Owp07sSSFZCbVHWZhy4l7d6XPh14JiWnqQoD_S5aDAQXIk4e6HVTdk9Qk-FhrIv7zgc9D_MhM5c5Ghq6y6qRpauHZJZy6-qyrd3fVDKrOmvmz8Fc_jOWCpJ39x38N_LZSJWnE7YeCHzD_iGqseB0RMG1wwfm5DK79vrLOA2jsybCIrOmZpj9myDf2O6A; .AspNetCore.Identity.Application=CfDJ8JQ6UejBIoRIkUpEJR_892eIuTN-0ZdHW989aSWJy4hIBh3G2hKJ6kxSJG2pfv4N0XXNt3xbM5Lp95MVxvJWJlWZELECaS6daldwW0mOxfgMI6TkHOQJBHlSIGJTC8p4kdJ21YHspLEAYekfyZAD0iMxMmsMCs8YiPq1Cjo1lPEIGM_lD5NtMNGc65V7wXZOD7NPIvpJ25aW5TWN0KrD0VsQxpzvn-kvW6MkmAuRa9X4SXEI8WQAob6LKATClL_knJaZg3ULz7YGqVqxFGkCY3RQF1jrhBGCn0ffKBsvuj8_QomEw_t9DgolCxnotQOrlb7ENpJnY0_X_DNjC-VOWh6flS-5VNXfnXdpfyV5eSwmSdgVRpXfepjR_Z9Oa3VlXLl-cCUDR6PNdvNIEQM21YnYxVXxRa4rYsor2xyltkXwwdh_fuM__jOj554gQ2q6HOQoii0ZzstAZOAkKmAPF3KZP2VoYmSNao7MX10qLMykVssPljGgs5JMiuCozutIi1fD9LkNQipocthdxaGlJHIKlaG-zNCSs5MakKV8dR7ijcFsjrwLwHP6PI17phftIP5NCOoMUo4zBQKKqN-qbTfqSQg5vIHDP9m54IWu4A7075tUgHLxU6It2YnZvnkwAm3SWWgtnYnG-Ql6AfN9qFLV6vmurZKolFDDes3FzZd-1IvXvq4teeAziLXfvxiq0eTce3si7hi0zfacQrZu8As
Origin: http://localhost:5566
Referer: http://localhost:5566/miniauth/login.html
Content-Length: 90
sec-ch-ua: "Chromium";v="124", "Google Chrome";v="124", "Not-A.Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
/// <summary>
/// Attempts a password sign in for a user.
/// </summary>
/// <param name="user">The user to sign in.</param>
/// <param name="password">The password to attempt to sign in with.</param>
/// <param name="lockoutOnFailure">Flag indicating if the user account should be locked if the sign in fails.</param>
/// <returns>The task object representing the asynchronous operation containing the <see name="SignInResult"/>
/// for the sign-in attempt.</returns>
/// <returns></returns>
public virtual async Task<SignInResult> CheckPasswordSignInAsync(TUser user, string password, bool lockoutOnFailure)
{
ArgumentNullException.ThrowIfNull(user);
var error = await PreSignInCheck(user);
if (error != null)
{
return error;
}
if (await UserManager.CheckPasswordAsync(user, password))
{
var alwaysLockout = AppContext.TryGetSwitch("Microsoft.AspNetCore.Identity.CheckPasswordSignInAlwaysResetLockoutOnSuccess", out var enabled) && enabled;
// Only reset the lockout when not in quirks mode if either TFA is not enabled or the client is remembered for TFA.
if (alwaysLockout || !await IsTwoFactorEnabledAsync(user) || await IsTwoFactorClientRememberedAsync(user))
{
var resetLockoutResult = await ResetLockoutWithResult(user);
if (!resetLockoutResult.Succeeded)
{
// ResetLockout got an unsuccessful result that could be caused by concurrency failures indicating an
// attacker could be trying to bypass the MaxFailedAccessAttempts limit. Return the same failure we do
// when failing to increment the lockout to avoid giving an attacker extra guesses at the password.
return SignInResult.Failed;
}
}
return SignInResult.Success;
}
Logger.LogDebug(EventIds.InvalidPassword, "User failed to provide the correct password.");
if (UserManager.SupportsUserLockout && lockoutOnFailure)
{
// If lockout is requested, increment access failed count which might lock out the user
var incrementLockoutResult = await UserManager.AccessFailedAsync(user) ?? IdentityResult.Success;
if (!incrementLockoutResult.Succeeded)
{
// Return the same failure we do when resetting the lockout fails after a correct password.
return SignInResult.Failed;
}
if (await UserManager.IsLockedOutAsync(user))
{
return await LockedOut(user);
}
}
return SignInResult.Failed;
}
protected virtual async Task<SignInResult> SignInOrTwoFactorAsync(TUser user, bool isPersistent, string? loginProvider = null, bool bypassTwoFactor = false)
{
if (!bypassTwoFactor && await IsTwoFactorEnabledAsync(user))
{
if (!await IsTwoFactorClientRememberedAsync(user))
{
// Allow the two-factor flow to continue later within the same request with or without a TwoFactorUserIdScheme in
// the event that the two-factor code or recovery code has already been provided as is the case for MapIdentityApi.
_twoFactorInfo = new()
{
User = user,
LoginProvider = loginProvider,
};
if (await _schemes.GetSchemeAsync(IdentityConstants.TwoFactorUserIdScheme) != null)
{
// Store the userId for use after two factor check
var userId = await UserManager.GetUserIdAsync(user);
await Context.SignInAsync(IdentityConstants.TwoFactorUserIdScheme, StoreTwoFactorInfo(userId, loginProvider));
}
return SignInResult.TwoFactorRequired;
}
}
// Cleanup external cookie
if (loginProvider != null)
{
await Context.SignOutAsync(IdentityConstants.ExternalScheme);
}
if (loginProvider == null)
{
await SignInWithClaimsAsync(user, isPersistent, new Claim[] { new Claim("amr", "pwd") });
}
else
{
await SignInAsync(user, isPersistent, loginProvider);
}
return SignInResult.Success;
}