search

OrchardCMS / OrchardCore

Orchard Core is an open-source modular and multi-tenant application framework built with ASP.NET Core, and a content management system (CMS) built on top of that framework.
https://orchardcore.net
BSD 3-Clause "New" or "Revised" License
7.42k stars 2.39k forks source link

Enabling authenticating features raise errors #13242

Open MZole opened 1 year ago

MZole commented 1 year ago

Describe the bug

This is in the 1.6 nightly version, enabling the authenticating features (like Facebook Login or GitHub/Google/Microsoft authentication) raises the following errors in the log file:

2023-02-11 15:42:43.2186|Default|00-9990e6fcf068f1dac4d3d081da64a809-1672468306c0441f-00||OrchardCore.Facebook.Login.Configuration.FacebookLoginConfiguration|ERROR|The Facebook secret key could not be decrypted. It may have been encrypted using a different key. 
2023-02-11 15:42:43.2186|Default|00-9990e6fcf068f1dac4d3d081da64a809-1672468306c0441f-00||OrchardCore.GitHub.Configuration.GitHubOptionsConfiguration|ERROR|The GitHub Consumer Secret could not be decrypted. It may have been encrypted using a different key. 
2023-02-11 15:42:43.2186|Default|00-9990e6fcf068f1dac4d3d081da64a809-1672468306c0441f-00||OrchardCore.Google.Authentication.Configuration.GoogleOptionsConfiguration|ERROR|The Consumer Secret could not be decrypted. It may have been encrypted using a different key. 
2023-02-11 15:42:43.2186|Default|00-9990e6fcf068f1dac4d3d081da64a809-1672468306c0441f-00||OrchardCore.Microsoft.Authentication.Configuration.MicrosoftAccountOptionsConfiguration|ERROR|The Microsoft Account secret key could not be decrypted. It may have been encrypted using a different key.

To Reproduce

Steps to reproduce the behavior:

  1. Set up a site
  2. Enable an authenticating feature

Expected behavior

Enabling these features shouldn't raise an error.

hishamco commented 1 year ago

@Piedone is it happening because we didn't encrypt or decrypt the secrets last time? @MZole do you have a test account that you could share in Gitter or email, we need to resolve this before 1.6.0

Piedone commented 1 year ago

This happens if you delete the data protection keyrings of the app, or if you take the DB snapshot of the app and try to run it without the keyrings also being available. I don't think there is a bug. (The whole secret storage story could be better to also prevent the necessity of managing the keyrings.)

Piedone commented 1 year ago

I misunderstood the bug report. Simply enabling these features should not cause the above errors, of course. @sebastienros did somebody fix this, or did you close because you also misunderstood it like me?

hishamco commented 1 year ago

@MZole is this happeing when you run the app LIVE, due using different DPK