When two authorization attempts are made, the web server refuses to authorize the second one due to the HttpClient being disposed. The only fix is to restart the API (which then only allows one authorization through). To reproduce on local, login on otr-web (locally), clear cookies for localhost, then login again. This could be due to the RequestLoggingMiddleware but I have no idea.
The following error is displayed:
[2024-10-12 15:40:59.247 ERR] Connection id "0HN7AF06L13BC", Request id "0HN7AF06L13BC:00000002": An unhandled exception was thrown by the application.
System.ObjectDisposedException: Cannot access a disposed object.
Object name: 'System.Net.Http.HttpClient'.
at System.Net.Http.HttpClient.CheckRequestBeforeSend(HttpRequestMessage request)
at System.Net.Http.HttpClient.SendAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken)
at OsuApiClient.Net.Requests.RequestHandler.DefaultRequestHandler.SendRequestAsync(IApiRequest request, CancellationToken cancellationToken) in /src/OsuApiClient/Net/Requests/RequestHandler/DefaultRequestHandler.cs:line 110
at OsuApiClient.Net.Requests.RequestHandler.DefaultRequestHandler.FetchAsync[TJsonModel](IApiRequest request, CancellationToken cancellationToken) in /src/OsuApiClient/Net/Requests/RequestHandler/DefaultRequestHandler.cs:line 71
at OsuApiClient.Net.Requests.RequestHandler.DefaultRequestHandler.FetchAsync[TModel,TJsonModel](IApiRequest request, CancellationToken cancellationToken) in /src/OsuApiClient/Net/Requests/RequestHandler/DefaultRequestHandler.cs:line 81
at OsuApiClient.OsuClient.AuthorizeUserWithCodeAsync(String authorizationCode, CancellationToken cancellationToken) in /src/OsuApiClient/OsuClient.cs:line 130
at API.Handlers.Implementations.OAuthHandler.AuthorizeOsuUserAsync(String osuCode) in /src/API/Handlers/Implementations/OAuthHandler.cs:line 164
at API.Handlers.Implementations.OAuthHandler.AuthorizeAsync(String osuAuthCode) in /src/API/Handlers/Implementations/OAuthHandler.cs:line 39
at API.Controllers.OAuthController.AuthorizeAsync(String code) in /src/API/Controllers/OAuthController.cs:line 29
at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
--- End of stack trace from previous location ---
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|20_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
at Microsoft.AspNetCore.RateLimiting.RateLimitingMiddleware.InvokeInternal(HttpContext context, EnableRateLimitingAttribute enableRateLimitingAttribute)
at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
at API.Middlewares.WhitelistEnforcementMiddleware.Invoke(HttpContext context) in /src/API/Middlewares/WhitelistEnforcementMiddleware.cs:line 16
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at API.Middlewares.RequestLoggingMiddleware.Invoke(HttpContext context) in /src/API/Middlewares/RequestLoggingMiddleware.cs:line 28
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
When two authorization attempts are made, the web server refuses to authorize the second one due to the
HttpClientbeing disposed. The only fix is to restart the API (which then only allows one authorization through). To reproduce on local, login on otr-web (locally), clear cookies forlocalhost, then login again. This could be due to theRequestLoggingMiddlewarebut I have no idea.The following error is displayed: