identityserver-token-exchange
identityserver-token-exchange copied to clipboard
waqaskhan540
Error 500 when trying to refresh refresh token
Hi,
Thanks for the work you have done!
I am facing an issue, you might be able to resolve (a lot) better than I currently can: I am using this project through its nuget package. I can provide a facebook access token and get an identity server refresh token and access token back... However, when I try to refresh the refresh token, I get a 500 error back with the top of the stack-trace:
System.NullReferenceException: Object reference not set to an instance of an object.
at IdentityServer.External.TokenExchange.Services.TokenExchangeProfileService.<IsActiveAsync>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Validation.TokenValidator.<ValidateRefreshTokenAsync>d__16.MoveNext() in C:\local\identity\server4\IdentityServer4\src\IdentityServer4\Validation\TokenValidator.cs:line 425
Do you have any idea as to what might be going wrong? I suspect its something with the users being created through the external auth flow, but the refresh tokens is in the database, based on what I can see... The example project (https://github.com/waqaskhan540/IdentityServerExternalAuth/tree/master/Sample) fails with a 500 error as well, when attempting a refresh token refresh.
Thanks!
@opolo Hi, I am really sorry for very delayed response, as I was busy with other stuff and couldn't get to see your issue.
Given your issue I tried with refresh_tokens with my code and it worked perfectly fine. Could you please send me the request parameters you sent to refresh your token .. ??
I agree this is a fantastic package! But I am seeing the same problem...
grant_type=external request:
POST connect/token
client_id = [my_client_id]
client_secret = [my_client_secret]
scopes = offline_access
grant_type = external
provider = facebook
external_token = [my_facebook_access_token]
grant_type=external response:
{
"access_token": [my_access_token],
"expires_in": 3600,
"token_type": "Bearer",
"refresh_token": [my_refresh_token]
}
grant_type=refresh_token request:
POST connect/token
client_id = [my_client_id]
client_secret = [my_client_secret]
grant_type = refresh_token
refresh_token = [my_refresh_token]
This is causing an internal server error:
Exception":"System.NullReferenceException: Object reference not set to an instance of an object.
at IdentityServer.External.TokenExchange.Services.TokenExchangeProfileService.<IsActiveAsync>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Validation.TokenValidator.<ValidateRefreshTokenAsync>d__16.MoveNext() in C:\\local\\identity\\server4\\IdentityServer4\\src\\IdentityServer4\\Validation\\TokenValidator.cs:line 425
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Validation.TokenRequestValidator.<ValidateRefreshTokenRequestAsync>d__18.MoveNext() in C:\\local\\identity\\server4\\IdentityServer4\\src\\IdentityServer4\\Validation\\TokenRequestValidator.cs:line 478
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Validation.TokenRequestValidator.<RunValidationAsync>d__14.MoveNext() in C:\\local\\identity\\server4\\IdentityServer4\\src\\IdentityServer4\\Validation\\TokenRequestValidator.cs:line 142
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Validation.TokenRequestValidator.<ValidateRequestAsync>d__13.MoveNext() in C:\\local\\identity\\server4\\IdentityServer4\\src\\IdentityServer4\\Validation\\TokenRequestValidator.cs:line 133
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Endpoints.TokenEndpoint.<ProcessTokenRequestAsync>d__7.MoveNext() in C:\\local\\identity\\server4\\IdentityServer4\\src\\IdentityServer4\\Endpoints\\TokenEndpoint.cs:line 88
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Endpoints.TokenEndpoint.<ProcessAsync>d__6.MoveNext() in C:\\local\\identity\\server4\\IdentityServer4\\src\\IdentityServer4\\Endpoints\\TokenEndpoint.cs:line 70
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at IdentityServer4.Hosting.IdentityServerMiddleware.<Invoke>d__3.MoveNext() in C:\\local\\identity\\server4\\IdentityServer4\\src\\IdentityServer4\\Hosting\\IdentityServerMiddleware.cs:line 54
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at IdentityServer4.Hosting.IdentityServerMiddleware.<Invoke>d__3.MoveNext() in C:\\local\\identity\\server4\\IdentityServer4\\src\\IdentityServer4\\Hosting\\IdentityServerMiddleware.cs:line 72
--- End of stack trace from previous location where exception was thrown
I figured out the problem, I simply had to create a custom user store that used my identity server database instead of the default in memory store.
services.AddIdentityServer()
/** identity server configs **/
.AddDeveloperSigningCredential()
.AddInMemoryClients(IdentityServerConfig.GetClients())
.AddInMemoryIdentityResources(IdentityServerConfig.GetIdentityResources())
.AddInMemoryApiResources(IdentityServerConfig.GetApiResources())
.AddTestUsers(IdentityServerConfig.GetUsers())
/** token exchange configs **/
.AddTokenExchangeForExternalProviders() //registers an extension grant
.AddDefaultTokenExchangeProviderStore() //registers default in-memory store for providers info
.AddDefaultExternalTokenProviders() //registers providers auth implementations
.AddDefaultTokenExchangeProfileService() //registers default profile service
.AddCustomExternalUserStore<CustomUserStore>(); // ** Custom external user store that uses Identity Server database **
Hi @bpred754 .
Glad for you .. sorry i have been into lots of other stuff due to which i couldn't help you much.