Returning null on httpContextAccessor.HttpContext - asp.net-core

We override SaveChangesAsync() to update automatically for DateCreated, CreatedBy, LastDateModified and LastModifiedBy. With CreatedBy and LastModifiedBt, we need to the User Id of Identity.
In our constructor for ApplicationDbContext, we've added something like this:
_userName = httpContextAccessor.HttpContext.User.Identity.Name;
//_userID = userManager.GetUserId(httpContext.HttpContext.User);
.. and always get the null in this httpContextAccessor.HttpContext. Any ideas? We included the source below.
Environment:
.NET Core 2.1
SQL Server
ApplicationDBContext.cs:
using System;
using System.Collections.Generic;
using System.Text;
using Microsoft.AspNetCore.Identity.EntityFrameworkCore;
using Microsoft.EntityFrameworkCore;
using AthlosifyWebArchery.Models;
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
using System.Linq.Expressions;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
namespace AthlosifyWebArchery.Data
{
public class ApplicationDbContext : IdentityDbContext<ApplicationUser, ApplicationRole, string>
{
private readonly string _userID;
private readonly string _userName;
public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options,
IHttpContextAccessor httpContextAccessor
)
: base(options)
{
_userName = httpContextAccessor.HttpContext.User.Identity.Name;
//_userID = userManager.GetUserId(httpContext.HttpContext.User);
}
public DbSet<AthlosifyWebArchery.Models.TournamentBatchItem> TournamentBatchItem { get; set; }
public DbSet<AthlosifyWebArchery.Models.TournamentBatch> TournamentBatch { get; set; }
public virtual DbSet<AthlosifyWebArchery.Models.Host> Host { get; set; }
public DbSet<AthlosifyWebArchery.Models.HostApplicationUser> HostApplicationUser { get; set; }
protected override void OnModelCreating(ModelBuilder builder)
{
base.OnModelCreating(builder);
foreach (var entityType in builder.Model.GetEntityTypes())
{
// 1. Add the IsDeleted property
entityType.GetOrAddProperty("IsDeleted", typeof(bool));
// 2. Create the query filter
var parameter = Expression.Parameter(entityType.ClrType);
// EF.Property<bool>(post, "IsDeleted")
var propertyMethodInfo = typeof(EF).GetMethod("Property").MakeGenericMethod(typeof(bool));
var isDeletedProperty = Expression.Call(propertyMethodInfo, parameter, Expression.Constant("IsDeleted"));
// EF.Property<bool>(post, "IsDeleted") == false
BinaryExpression compareExpression = Expression.MakeBinary(ExpressionType.Equal, isDeletedProperty, Expression.Constant(false));
// post => EF.Property<bool>(post, "IsDeleted") == false
var lambda = Expression.Lambda(compareExpression, parameter);
builder.Entity(entityType.ClrType).HasQueryFilter(lambda);
}
// Many to Many relationship
builder.Entity<HostApplicationUser>()
.HasKey(bc => new { bc.HostID, bc.Id });
builder.Entity<HostApplicationUser>()
.HasOne(bc => bc.Host)
.WithMany(b => b.HostApplicationUsers)
.HasForeignKey(bc => bc.HostID);
builder.Entity<HostApplicationUser>()
.HasOne(bc => bc.ApplicationUser)
.WithMany(c => c.HostApplicationUsers)
.HasForeignKey(bc => bc.Id);
}
public override int SaveChanges(bool acceptAllChangesOnSuccess)
{
OnBeforeSaving();
return base.SaveChanges(acceptAllChangesOnSuccess);
}
public override Task<int> SaveChangesAsync(bool acceptAllChangesOnSuccess, CancellationToken cancellationToken = default(CancellationToken))
{
OnBeforeSaving();
return base.SaveChangesAsync(acceptAllChangesOnSuccess, cancellationToken);
}
private void OnBeforeSaving()
{
// Added
var added = ChangeTracker.Entries().Where(v => v.State == EntityState.Added && typeof(IBaseEntity).IsAssignableFrom(v.Entity.GetType())).ToList();
added.ForEach(entry =>
{
((IBaseEntity)entry.Entity).DateCreated = DateTime.UtcNow;
((IBaseEntity)entry.Entity).CreatedBy = _userID;
((IBaseEntity)entry.Entity).LastDateModified = DateTime.UtcNow;
((IBaseEntity)entry.Entity).LastModifiedBy = _userID;
});
// Modified
var modified = ChangeTracker.Entries().Where(v => v.State == EntityState.Modified &&
typeof(IBaseEntity).IsAssignableFrom(v.Entity.GetType())).ToList();
modified.ForEach(entry =>
{
((IBaseEntity)entry.Entity).LastDateModified = DateTime.UtcNow;
((IBaseEntity)entry.Entity).LastModifiedBy = _userID;
});
// Deleted
//var deleted = ChangeTracker.Entries().Where(v => v.State == EntityState.Deleted &&
//typeof(IBaseEntity).IsAssignableFrom(v.Entity.GetType())).ToList();
var deleted = ChangeTracker.Entries().Where(v => v.State == EntityState.Deleted).ToList();
deleted.ForEach(entry =>
{
((IBaseEntity)entry.Entity).DateDeleted = DateTime.UtcNow;
((IBaseEntity)entry.Entity).DeletedBy = _userID;
});
foreach (var entry in ChangeTracker.Entries()
.Where(e => e.State == EntityState.Deleted &&
e.Metadata.GetProperties().Any(x => x.Name == "IsDeleted")))
{
switch (entry.State)
{
case EntityState.Added:
entry.CurrentValues["IsDeleted"] = false;
break;
case EntityState.Deleted:
entry.State = EntityState.Modified;
entry.CurrentValues["IsDeleted"] = true;
break;
}
}
}
}
}
Startup.cs:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.HttpsPolicy;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using AthlosifyWebArchery.Data;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using AthlosifyWebArchery.Models;
using DinkToPdf.Contracts;
using DinkToPdf;
namespace AthlosifyWebArchery
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
//services.AddHttpContextAccessor();
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddSingleton(typeof(IConverter), new SynchronizedConverter(new PdfTools()));
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlServer(
Configuration.GetConnectionString("DefaultConnection")));
// Extended Application User from IdentityUser
// and ApplicationRole from IdentityRole
services.AddIdentity<ApplicationUser, ApplicationRole>(
options => options.Stores.MaxLengthForKeys = 128)
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultUI()
.AddDefaultTokenProviders();
services.AddMvc()
.AddRazorPagesOptions(options =>
{
options.Conventions.AuthorizeFolder("/Tournaments");
options.Conventions.AuthorizeFolder("/TournamentAtheletes");
options.Conventions.AuthorizeFolder("/TournamentBatches");
options.Conventions.AuthorizeFolder("/TournamentContingents");
options.Conventions.AuthorizeFolder("/Admin");
//options.Conventions.AuthorizeFolder("/Private");
//options.Conventions.AllowAnonymousToPage("/Private/PublicPage");
//options.Conventions.AllowAnonymousToFolder("/Private/PublicPages");
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env,
ApplicationDbContext context,
RoleManager<ApplicationRole> roleManager,
UserManager<ApplicationUser> userManager)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseMvc();
//UserManagerInitialData.Initialize(context, userManager, roleManager).Wait();
}
}
}

HttpContext is only valid during a request. When .NET Core creates an ApplicationDbContext class for the call to Configure there is no valid context.
You need to store a reference to the IHttpContextAccessor in your DbContext constructor and then you can use that variable to access the HttpContext property in your OnBeforeSaving() method.
For example:
public class ApplicationDbContext : IdentityDbContext<ApplicationUser, ApplicationRole, string>
{
private readonly IHttpContextAccessor _httpContextAccessor;
public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options,
IHttpContextAccessor httpContextAccessor
)
: base(options)
{
_httpContextAccessor = httpContextAccessor;
}
....
}
Then, in your OnBeforeSaving() method:
private void OnBeforeSaving()
{
var userName = _httpContextAccessor.HttpContext.User.Identity.Name;
...
}
Think of HttpContext as a telephone call. If you pick the phone up when no-one has called then there is no context i.e. it is null. When someone does call then you have a valid context. This is the same principal for a web call. The Configure method in Startup is not a web call and, as such, does not have a HttpContext.
From another site:
HttpContext object will hold information about the current http
request. In detail, HttpContext object will be constructed newly for
every request given to an ASP.Net application and this object will
hold current request specific informations like Request, Response,
Server, Session, Cache, User and etc. For every request, a new
HttpContext object will be created which the ASP.Net runtime will use
during the request processing. A new HttpContext object will be
created at the beginning of a request and destroyed when the request
is completed.

Above answer explain it well but i would like to highlight another scenario where it could be null as well. For ex:
public class SomeClass
{
SomeClass(IHttpContextAccessor accessor) {}
IActionResult SomeMethod()
{
_ = Task.Run(() =>
{
// use accessorHere
}
return Ok();
}
}
There is a chance that Api call is returned before Thread can access the IHttpContextAccessor and there is a chance that IHttpConextAccessor.HttpContext could be null.
So it is better if we can fetch the required values from the HttpContext for ex: userclaims and pass them as seperate object to the required function.

Related

Unable to resolve service for type 'Microsoft.AspNetCore.Identity.RoleManager

I hope that you are all doing well! I am getting the following error:
InvalidOperationException: Unable to resolve service for type 'Microsoft.AspNetCore.Identity.RoleManager`1[Microsoft.AspNetCore.Identity.IdentityUser]' while attempting to activate 'july_15_auth.Controllers.AccountController'
I have spent weeks trying to solve the error, reading the forums here, and other websites. The comments online have suggested to modify my Startup.cs file, but I have tried many different ways, yet I still cannot figure out why this is not work. Any suggestions would be greatly appreciated.
This is my AccountController file
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using july_15_auth.Models;
using july_15_auth.ViewModels;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
namespace july_15_auth.Controllers
{
public class AccountController : Controller
{
private readonly UserManager<IdentityUser> userManager;
private readonly SignInManager<IdentityUser> signInManager;
private readonly RoleManager<IdentityUser> roleManager;
public AccountController(UserManager<IdentityUser> userManager,
SignInManager<IdentityUser> signInManager, RoleManager<IdentityUser> roleManager)
{
this.userManager = userManager;
this.signInManager = signInManager;
this.roleManager = roleManager;
}
[AcceptVerbs("Get", "Post")]
public async Task<IActionResult> IsEmailInUse(string email)
{
var user = await userManager.FindByEmailAsync(email);
if(user == null) { return Json(true); }
else { return Json($"Email {email} is already in use"); }
}
[HttpGet]
public IActionResult Register()
{
return View();
}
[HttpPost]
public async Task<IActionResult> Register(RegisterViewModel model)
{
if (ModelState.IsValid)
{
// Copy data from RegisterViewModel to IdentityUser
var user = new IdentityUser
{
UserName = model.Email,
Email = model.Email
};
// Store user data in AspNetUsers database table
var result = await userManager.CreateAsync(user, model.Password);
// If user is successfully created, sign-in the user using
// SignInManager and redirect to index action of HomeController
if (result.Succeeded)
{
await signInManager.SignInAsync(user, isPersistent: false);
return RedirectToAction("index", "home");
}
// If there are any errors, add them to the ModelState object
// which will be displayed by the validation summary tag helper
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
return View(model);
}
[HttpPost]
public async Task<IActionResult> Logout()
{
await signInManager.SignOutAsync();
return RedirectToAction("index", "home");
}
[HttpGet]
public IActionResult Login()
{
return View();
}
// Redirect Vulnerability Fix
[HttpPost]
public async Task<IActionResult> Login(LoginViewModel model, string returnUrl)
{
if (ModelState.IsValid)
{
var result = await signInManager.PasswordSignInAsync(
model.Email, model.Password, model.RememberMe, false);
if (result.Succeeded)
{
if(!string.IsNullOrEmpty(returnUrl))
{
return LocalRedirect(returnUrl);
}
return RedirectToAction("index", "home");
}
ModelState.AddModelError(string.Empty, "Invalid Login Attempt");
}
return View(model);
}
}
}
This Is My Startup.cs file
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using july_15_auth.Models;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Identity;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
namespace july_15_auth
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews();
services.AddDbContext<AppDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("DevConnection")));
services.AddTransient<IEmployeeRepository, MockEmployeeRepository>();
services.AddIdentity<IdentityUser, IdentityRole>()
.AddEntityFrameworkStores<AppDbContext>();
services.Configure<IdentityOptions>(options =>
{
options.Password.RequiredLength = 7;
options.Password.RequiredUniqueChars = 2;
options.Password.RequireNonAlphanumeric = false;
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
}
}
'''
InvalidOperationException: Unable to resolve service for type 'Microsoft.AspNetCore.Identity.RoleManager`1[Microsoft.AspNetCore.Identity.IdentityUser]' while attempting to activate 'july_15_auth.Controllers.AccountController'
To fix above exception, please try to replace RoleManager<IdentityUser> with RoleManager<IdentityRole> while you inject an instance of RoleManager in your controller.
private readonly UserManager<IdentityUser> userManager;
private readonly SignInManager<IdentityUser> signInManager;
private readonly RoleManager<IdentityRole> roleManager;
public AccountController(UserManager<IdentityUser> userManager,
SignInManager<IdentityUser> signInManager, RoleManager<IdentityRole> roleManager)
{
this.userManager = userManager;
this.signInManager = signInManager;
this.roleManager = roleManager;
}
For more information about RoleManager<TRole>, please check: https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.identity.rolemanager-1?view=aspnetcore-3.1

Impossible to use dependency injection in an Hangfire job

Context
I use Hangfire (version 1.7.11) as a scheduler. But I can't use proper DI in my jobs.
What works so far
I have no problem scheduling something like this, given the fact SomeConcreteService have a parameterless constructor:
RecurringJob.AddOrUpdate<SomeConcreteService>(jobId, mc => Console.WriteLine(
$"Message from job: {mc.GetValue()}"), "1/2 * * * *");
What does not work
But I get an exception when I try to inject a service into a Hangfire job using what is recommended here: https://docs.hangfire.io/en/latest/background-methods/using-ioc-containers.html
When I try to add a new scheduled job using DI, I get the following exception:
Exception thrown: 'System.InvalidOperationException' in System.Linq.Expressions.dll: 'variable 'mc' of type 'TestHangfire.IMyContract' referenced from scope '', but it is not defined'
The exception occurs a this line:
RecurringJob.AddOrUpdate<IMyContract>(jobId, mc => Console.WriteLine(
$"Message from job {jobId} => {mc.GetValue()}"), "1/2 * * * *");
The problem is so trivial that I am sure I am missing something obvious.
Thanks for helping.
The (nearly) full code
Service:
public interface IMyContract
{
string GetValue();
}
public class MyContractImplementation : IMyContract
{
public string _label;
public MyContractImplementation(string label)
{
_label = label;
}
public string GetValue() => $"{_label}:{Guid.NewGuid()}";
}
2 kinds of activators:
public class ContainerJobActivator : JobActivator
{
private IServiceProvider _container;
public ContainerJobActivator(IServiceProvider serviceProvider) =>
_container = serviceProvider;
public override object ActivateJob(Type type) => _container.GetService(type);
}
public class ScopedContainerJobActivator : JobActivator
{
readonly IServiceScopeFactory _serviceScopeFactory;
public ScopedContainerJobActivator(IServiceProvider serviceProvider)
{
_serviceScopeFactory = serviceProvider.GetService<IServiceScopeFactory>();
}
public override JobActivatorScope BeginScope(JobActivatorContext context) =>
new ServiceJobActivatorScope(_serviceScopeFactory.CreateScope());
private class ServiceJobActivatorScope : JobActivatorScope
{
readonly IServiceScope _serviceScope;
public ServiceJobActivatorScope(IServiceScope serviceScope) =>
_serviceScope = serviceScope;
public override object Resolve(Type type) =>
_serviceScope.ServiceProvider.GetService(type);
}
}
Startup:
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddHangfire(configuration => configuration
.SetDataCompatibilityLevel(CompatibilityLevel.Version_170)
.UseSimpleAssemblyNameTypeSerializer()
.UseRecommendedSerializerSettings()
.UseSqlServerStorage("connection string", new SqlServerStorageOptions
{
CommandBatchMaxTimeout = TimeSpan.FromMinutes(5),
SlidingInvisibilityTimeout = TimeSpan.FromMinutes(5),
QueuePollInterval = TimeSpan.Zero,
UseRecommendedIsolationLevel = true,
UsePageLocksOnDequeue = true,
DisableGlobalLocks = true
}));
services.AddHangfireServer();
services.BuildServiceProvider();
services.AddScoped<IMyContract>(i => new MyContractImplementation("blabla"));
// doesn't work either
// services.AddSingleton<IMyContract>(i => new MyContractImplementation("blabla"));
// doesn't work either
// services.AddTransient<IMyContract>(i => new MyContractImplementation("blabla"));
}
public void Configure(
IApplicationBuilder app,
IWebHostEnvironment env,
IServiceProvider serviceProvider)
{
// Just to ensure the service is correctly injected...
Console.WriteLine(serviceProvider.GetService<IMyContract>().GetValue());
// I face the problem for both activators: ScopedContainerJobActivator or ContainerJobActivator
GlobalConfiguration.Configuration.UseActivator(new ContainerJobActivator(serviceProvider));
// GlobalConfiguration.Configuration.UseActivator(new ScopedContainerJobActivator(serviceProvider));
app.UseRouting();
app.UseHangfireDashboard();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseEndpoints(endpoints =>
{
endpoints.MapGet("/", async context =>
{
await context.Response.WriteAsync(
JsonSerializer.Serialize(
Hangfire.JobStorage.Current.GetConnection().GetRecurringJobs()
.Select(i => new { i.Id, i.CreatedAt, i.Cron }).ToList()));
});
endpoints.MapGet("/add", async context =>
{
var manager = new RecurringJobManager();
var jobId = $"{Guid.NewGuid()}";
// I GET AN EXCEPTION HERE:
// Exception thrown: 'System.InvalidOperationException' in System.Linq.Expressions.dll: 'variable 'mc' of type 'TestHangfire.IMyContract' referenced from scope '', but it is not defined'
manager.AddOrUpdate<IMyContract>(jobId, mc => Console.WriteLine(
$"Message from job {jobId} => {mc.GetValue()}"), "1/2 * * * *");
// doesn't work either: it's normal, it is just a wrapper of what is above
// RecurringJob.AddOrUpdate<IMyContract>(jobId, mc => Console.WriteLine($"Message from job {jobId} => {mc.GetValue()}"), "1/2 * * * *");
await context.Response.WriteAsync($"Schedule added: {jobId}");
});
});
}
}
I found the issue.
As it was actually the expression that seemed to cause an issue, and given the fact that the other way to add a recurring job is to transmit a type, and a method info, it seemed to me that the problem was caused by an expression that was too evolved. So I changed the approach to have a method of my service that make the whole job by being given a parameter.
Here is the new code that works:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Hangfire;
using Hangfire.SqlServer;
using Hangfire.Storage;
using System.Text.Json;
namespace TestHangfire
{
#region Service
public interface IMyContract
{
void MakeAction(string someText);
}
public class MyContractImplementation : IMyContract
{
public string _label;
public MyContractImplementation(string label)
{
_label = label;
}
public void MakeAction(string someText) => Console.WriteLine($"{_label}:{someText}");
}
#endregion
#region 2 kinds of activators
public class ContainerJobActivator : JobActivator
{
private IServiceProvider _container;
public ContainerJobActivator(IServiceProvider serviceProvider)
{
_container = serviceProvider;
}
public override object ActivateJob(Type type)
{
return _container.GetService(type);
}
}
#endregion
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddHangfire(configuration => configuration
.SetDataCompatibilityLevel(CompatibilityLevel.Version_170)
.UseSimpleAssemblyNameTypeSerializer()
.UseRecommendedSerializerSettings()
.UseSqlServerStorage("Server=localhost,1433;Database=HangfireTest;user=sa;password=xxxxxx;MultipleActiveResultSets=True", new SqlServerStorageOptions
{
CommandBatchMaxTimeout = TimeSpan.FromMinutes(5),
SlidingInvisibilityTimeout = TimeSpan.FromMinutes(5),
QueuePollInterval = TimeSpan.Zero,
UseRecommendedIsolationLevel = true,
UsePageLocksOnDequeue = true,
DisableGlobalLocks = true
}));
services.AddHangfireServer();
services.BuildServiceProvider();
services.AddTransient<IMyContract>(i => new MyContractImplementation("blabla"));
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IServiceProvider serviceProvider)
{
GlobalConfiguration.Configuration.UseActivator(new ContainerJobActivator(serviceProvider));
app.UseRouting();
app.UseHangfireDashboard();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseEndpoints(endpoints =>
{
endpoints.MapGet("/", async context =>
{
await context.Response.WriteAsync(JsonSerializer.Serialize(Hangfire.JobStorage.Current.GetConnection().GetRecurringJobs()
.Select(i => new { i.Id, i.CreatedAt, i.Cron }).ToList()));
});
endpoints.MapGet("/add", async context =>
{
var manager = new RecurringJobManager();
var jobId = $"{Guid.NewGuid()}";
manager.AddOrUpdate<IMyContract>(jobId, (IMyContract mc) => mc.MakeAction(jobId), "1/2 * * * *");
await context.Response.WriteAsync($"Schedule added: {jobId}");
});
});
}
}
}

What this error is complaining about while running test on RepositoryController Asp.Net Core?

I'm trying to run test on the repository Controller 'PeoppleRepositoryController.cs.
I get the below error and I couldn't figure out what exactly it is complaining about.
Can anyone please explain what I need to do to fix this issue?
Microsoft.Extensions.DependencyInjection.ActivatorUtilities.GetService(IServiceProvider sp, Type type, Type requiredBy, bool isDefaultParameterRequired)
The full stack trace can be seen on the image below:
The controller is:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Personkartotek.DAL;
using Personkartotek.Models;
using Personkartotek.Persistence;
namespace Personkartotek.Controllers
{
[Route("api/[controller]")]
[ApiController]
public class PeopleRepositoryController : ControllerBase
{
private readonly IUnitOfWork _uoWork;
public PeopleRepositoryController(IUnitOfWork uoWork)
{
_uoWork = uoWork;
}
// GET: api/PeopleRepository
[HttpGet]
public IEnumerable<Person> GetPersons()
{
return _uoWork._People.GetAll();
}
// GET: api/PeopleRepository/5
[HttpGet("{id}")]
public async Task<IActionResult> GetPerson([FromRoute] int id)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var person = _uoWork._People.Get(id);
if (person == null)
{
return NotFound();
}
return Ok(person);
}
//GET: api/PeopleRepository/
[HttpGet("AtAdr/{id}")]
public IActionResult GetPersonsResidingAtAddress([FromRoute] int AddressId)
{
var ResidingPersons = _uoWork._People.GetAllPersonsById(AddressId);
return Ok(ResidingPersons);
}
// PUT: api/PeopleRepository/5
[HttpPut("{id}")]
public async Task<IActionResult> PutPerson([FromRoute] int id, [FromBody] Person person)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
if (id != person.PersonId)
{
return BadRequest();
}
if (!PersonExists(id))
{
return NotFound();
}
_uoWork._People.Put(person);
return NoContent();
}
// POST: api/PeopleRepository
[HttpPost]
public async Task<IActionResult> PostPerson([FromBody] Person person)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
_uoWork._People.Add(person);
_uoWork.Complete();
return CreatedAtAction("GetPerson", new { id = person.PersonId }, person);
}
// DELETE: api/PeopleRepository/5
[HttpDelete("{id}")]
public async Task<IActionResult> DeletePerson([FromRoute] int id)
{
if (!ModelState.IsValid) {
return BadRequest(ModelState);
}
var person = _uoWork._People.Get(id);
if (person == null) {
return NotFound();
}
_uoWork._People.Remove(person);
_uoWork.Complete();
return Ok(person);
}
private bool PersonExists(int id)
{
return _uoWork.Exist(id);
}
}
}
IUnitOfWork file:
using Personkartotek.DAL.IRepositories;
namespace Personkartotek.DAL
{
public interface IUnitOfWork : IDisposable
{
IPeopleRepository _People { get; }
int Complete();
bool Exist(int id);
}
}
My Startup.cs file set ups:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Personkartotek.DAL;
using Personkartotek.Models.Context;
using Personkartotek.Persistence;
using Swashbuckle.AspNetCore.Swagger;
namespace Personkartotek
{
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddDbContext<ModelsContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("PersonkartotekDB")));
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
}
It complaints because it doesn't know how to create an object of IUnitOfWork which is a dependency on your controller.
So to resolve the issue you need to instruct the framework on what implementation of IUnitOfWork you want to use. Typically you are doing it in your Startup.ConfigureServices method. For exmaple:
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddTransient<IUnitOfWork, UnitOfWorkImplementation>();
}
}
Where UnitOfWorkImplementation is a class that implement IUnitOfWork

GraphQL authentication with Asp.net core using JWT

I am using for GraphQL for .NET package for graphql. But I couldn't understand how can I authentication with JWT in graphql query or mutation.
I read the guide about authorization but I couldn't accomplish.
I need help with GraphQL for .NET authentication.
Any help will be appreciated.
Thanks
The guide is around authorization. The step you're looking for is the authentication and since graphql can be implemented using a ASP.Net API controller, you can implement JWT authentication as you would with any controller.
Here is a sample grapql controller using an Authorize attribute. You could, however, implement this using filter or if you want full control, custom middleware.
[Route("api/[controller]")]
[ApiController]
[Authorize]
public class GraphQLController : ControllerBase
{
private readonly IDocumentExecuter executer;
private readonly ISchema schema;
public GraphQLController(IDocumentExecuter executer, ISchema schema)
{
this.executer = executer;
this.schema = schema;
}
[HttpPost]
public async Task<ActionResult<object>> PostAsync([FromBody]GraphQLQuery query)
{
var inputs = query.Variables.ToInputs();
var queryToExecute = query.Query;
var result = await executer.ExecuteAsync(o => {
o.Schema = schema;
o.Query = queryToExecute;
o.OperationName = query.OperationName;
o.Inputs = inputs;
o.ComplexityConfiguration = new GraphQL.Validation.Complexity.ComplexityConfiguration { MaxDepth = 15};
o.FieldMiddleware.Use<InstrumentFieldsMiddleware>();
}).ConfigureAwait(false);
return this.Ok(result);
}
}
public class GraphQLQuery
{
public string OperationName { get; set; }
public string Query { get; set; }
public Newtonsoft.Json.Linq.JObject Variables { get; set; }
}
In the Startup.cs I have configured JWT bearer token authentication.
Hope this helps.
I myself struggled for two days as well. I'm using https://github.com/graphql-dotnet/authorization now with the setup from this comment (from me): https://github.com/graphql-dotnet/authorization/issues/63#issuecomment-553877731
In a nutshell, you have to set the UserContext for the AuthorizationValidationRule correctly, like so:
public class Startup
{
public virtual void ConfigureServices(IServiceCollection services)
{
...
services.AddGraphQLAuth(_ =>
{
_.AddPolicy("AdminPolicy", p => p.RequireClaim("Role", "Admin"));
});
services.AddScoped<IDependencyResolver>(x => new FuncDependencyResolver(x.GetRequiredService));
services.AddScoped<MySchema>();
services
.AddGraphQL(options => { options.ExposeExceptions = true; })
.AddGraphTypes(ServiceLifetime.Scoped);
...
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, IServiceProvider serviceProvider)
{
...
app.UseMiddleware<MapRolesForGraphQLMiddleware>(); // optional, only when you don't have a "Role" claim in your token
app.UseGraphQL<MySchema>();
...
}
}
public static class GraphQLAuthExtensions
{
public static void AddGraphQLAuth(this IServiceCollection services, Action<AuthorizationSettings> configure)
{
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddSingleton<IAuthorizationEvaluator, AuthorizationEvaluator>();
services.AddTransient<IValidationRule, AuthorizationValidationRule>();
services.AddTransient<IUserContextBuilder>(s => new UserContextBuilder<GraphQLUserContext>(context =>
{
var userContext = new GraphQLUserContext
{
User = context.User
};
return Task.FromResult(userContext);
}));
services.AddSingleton(s =>
{
var authSettings = new AuthorizationSettings();
configure(authSettings);
return authSettings;
});
}
}
public class GraphQLUserContext : IProvideClaimsPrincipal
{
public ClaimsPrincipal User { get; set; }
}
public class MapRolesForGraphQLMiddleware
{
private readonly RequestDelegate _next;
public MapRolesForGraphQLMiddleware(RequestDelegate next)
{
_next = next;
}
public async Task Invoke(HttpContext context)
{
// custom mapping code to end up with a "Role" claim
var metadata = context.User.Claims.SingleOrDefault(x => x.Type.Equals("metadata"));
if (metadata != null)
{
var roleContainer = JsonConvert.DeserializeObject<RoleContainer>(metadata.Value);
(context.User.Identity as ClaimsIdentity).AddClaim(new Claim("Role", string.Join(", ", roleContainer.Roles)));
}
await _next(context);
}
}
public class RoleContainer
{
public String[] Roles { get; set; }
}

Populate custom claim from SQL with Windows Authenticated app in .Net Core

Scenario - .Net Core Intranet Application within Active Directory using SQL Server to manage application specific permissions and extended user identity.
Success to date - User is authenticated and windows claims are available (Name and Groups). Identity.Name can be used to return a domain user model from the database with the extended properties.
Issue and Question - I am trying to then populate one custom claim property "Id" and have that globally available via the ClaimsPrincipal. I have looked into ClaimsTransformation without much success to date. In other articles I have read that you MUST add claims prior to Sign In but can that really be true? That would mean total reliance on AD to fulfil all claims, is that really the case?
Below is my simple code at this point in the HomeController. I am hitting the database and then trying to populate the ClaimsPrincipal but then return the domain user model. I think this could be where my problem lies but I am new to Authorisation in .net and struggling to get my head around claims.
Many thanks for all help received
Current Code:
public IActionResult Index()
{
var user = GetExtendedUserDetails();
User.Claims.ToList();
return View(user);
}
private Models.User GetExtendedUserDetails()
{
var user = _context.User.SingleOrDefault(m => m.Username == User.Identity.Name.Remove(0, 6));
var claims = new List<Claim>();
claims.Add(new Claim("Id", Convert.ToString(user.Id), ClaimValueTypes.String));
var userIdentity = new ClaimsIdentity("Intranet");
userIdentity.AddClaims(claims);
var userPrincipal = new ClaimsPrincipal(userIdentity);
return user;
}
UPDATE:
I have registered ClaimsTransformation
app.UseClaimsTransformation(o => new ClaimsTransformer().TransformAsync(o));
and built ClaimsTransformer as below in line with this github query
https://github.com/aspnet/Security/issues/863
public class ClaimsTransformer : IClaimsTransformer
{
private readonly TimesheetContext _context;
public async Task<ClaimsPrincipal> TransformAsync(ClaimsTransformationContext context)
{
System.Security.Principal.WindowsIdentity windowsIdentity = null;
foreach (var i in context.Principal.Identities)
{
//windows token
if (i.GetType() == typeof(System.Security.Principal.WindowsIdentity))
{
windowsIdentity = (System.Security.Principal.WindowsIdentity)i;
}
}
if (windowsIdentity != null)
{
//find user in database
var username = windowsIdentity.Name.Remove(0, 6);
var appUser = _context.User.FirstOrDefaultAsync(m => m.Username == username);
if (appUser != null)
{
((ClaimsIdentity)context.Principal.Identity).AddClaim(new Claim("Id", Convert.ToString(appUser.Id)));
/*//add all claims from security profile
foreach (var p in appUser.Id)
{
((ClaimsIdentity)context.Principal.Identity).AddClaim(new Claim(p.Permission, "true"));
}*/
}
}
return await System.Threading.Tasks.Task.FromResult(context.Principal);
}
}
But am getting NullReferenceException: Object reference not set to an instance of an object error despite having returned the domain model previously.
WITH STARTUP.CS
using System;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Birch.Intranet.Models;
using Microsoft.EntityFrameworkCore;
namespace Birch.Intranet
{
public class Startup
{
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
.AddEnvironmentVariables();
Configuration = builder.Build();
}
public IConfigurationRoot Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthorization();
// Add framework services.
services.AddMvc();
// Add database
var connection = #"Data Source=****;Initial Catalog=Timesheet;Integrated Security=True;Encrypt=False;TrustServerCertificate=True;ApplicationIntent=ReadWrite;MultiSubnetFailover=False";
services.AddDbContext<TimesheetContext>(options => options.UseSqlServer(connection));
// Add session
services.AddSession(options => {
options.IdleTimeout = TimeSpan.FromMinutes(60);
options.CookieName = ".Intranet";
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseClaimsTransformation(o => new ClaimsTransformer().TransformAsync(o));
app.UseSession();
app.UseDefaultFiles();
app.UseStaticFiles();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
}
You need to use IClaimsTransformer with dependency injection.
app.UseClaimsTransformation(async (context) =>
{
IClaimsTransformer transformer = context.Context.RequestServices.GetRequiredService<IClaimsTransformer>();
return await transformer.TransformAsync(context);
});
// Register
services.AddScoped<IClaimsTransformer, ClaimsTransformer>();
And need to inject DbContext in ClaimsTransformer
public class ClaimsTransformer : IClaimsTransformer
{
private readonly TimesheetContext _context;
public ClaimsTransformer(TimesheetContext dbContext)
{
_context = dbContext;
}
// ....
}