search

itccsro / auth-sso

Citizen Single Sign On (SSO)
Apache License 2.0
8 stars 8 forks source link

connectionstrings.json should be validated on new environments #41

Open tzapzoor opened 7 years ago

tzapzoor commented 7 years ago

One issue appears if the admin password configured in the file isn't strong enough.

Steps to reproduce:

  1. configure new database
  2. configure root organization 
    "RootOrganization": {
        "Name": "org",
        "Website": "website",
        "AdminUsername": "admin",
        "AdminPassword": "weakpassword"
    }
  3. dotnet run

=> no user is created and the following database insertions fail.

[LOG]

crit: GovITHub.Auth.Identity.Startup[0]
      Error initializing database. Reason : Microsoft.EntityFrameworkCore.DbUpdateException: An error occurred while updating the entries. See the inner exception for details. ---> MySql.Data.MySqlClient.MySqlException: Cannot add or update a child row: a foreign key constraint fails (`sso`.`organizationuser`, CONSTRAINT `FK_AppUser_OrgUser` FOREIGN KEY (`UserId`) REFERENCES `aspnetusers` (`Id`))
         at MySql.Data.MySqlClient.MySqlStream.ReadPacket()
         at MySql.Data.MySqlClient.NativeDriver.GetResult(Int32& affectedRow, Int64& insertedId)
         at MySql.Data.MySqlClient.Driver.NextResult(Int32 statementId, Boolean force)
         at MySql.Data.MySqlClient.MySqlDataReader.NextResult()
         at MySql.Data.MySqlClient.MySqlCommand.ExecuteReader(CommandBehavior behavior)
         at Microsoft.EntityFrameworkCore.Storage.Internal.RelationalCommand.Execute(IRelationalConnection connection, String executeMethod, IReadOnlyDictionary`2 parameterValues, Boolean closeConnection)
         at Microsoft.EntityFrameworkCore.Storage.Internal.RelationalCommand.ExecuteReader(IRelationalConnection connection, IReadOnlyDictionary`2 parameterValues)
         at Microsoft.EntityFrameworkCore.Update.ReaderModificationCommandBatch.Execute(IRelationalConnection connection)
         --- End of inner exception stack trace ---
         at Microsoft.EntityFrameworkCore.Update.ReaderModificationCommandBatch.Execute(IRelationalConnection connection)
         at Microsoft.EntityFrameworkCore.Update.Internal.BatchExecutor.Execute(Tuple`2 parameters)
         at Microsoft.EntityFrameworkCore.ChangeTracking.Internal.StateManager.SaveChanges(IReadOnlyList`1 entriesToSave)
         at Microsoft.EntityFrameworkCore.ChangeTracking.Internal.StateManager.SaveChanges(Boolean acceptAllChangesOnSuccess)
         at Microsoft.EntityFrameworkCore.DbContext.SaveChanges(Boolean acceptAllChangesOnSuccess)
         at GovITHub.Auth.Common.Data.ApplicationDataInitializer.AttachAdminUserToOrganization(Int64 organizationId, String adminUserId) in D:\projects\auth-sso\src\GovITHub.Auth.Common\Data\ApplicationDataInitializer.cs:line 172
         at GovITHub.Auth.Common.Data.ApplicationDataInitializer.<InitializeDataAsync>d__2.MoveNext() in D:\projects\auth-sso\src\GovITHub.Auth.Common\Data\ApplicationDataInitializer.cs:line 33
      --- End of stack trace from previous location where exception was thrown ---
         at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
         at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
         at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
         at GovITHub.Auth.Identity.Startup.<Configure>d__5.MoveNext() in D:\projects\auth-sso\src\GovITHub.Auth.Identity\Startup.cs:line 187