search

skoruba / Duende.IdentityServer.Admin

The administration for the Duende IdentityServer and Asp.Net Core Identity ⚡
Apache License 2.0
542 stars 188 forks source link

Delete user from admin panel of admin app returns an error #214

Open griff158 opened 2 months ago

griff158 commented 2 months ago

First of all thanks very much for making this available and possible. I'm not certain is it's bug or a misconfiguration, but the sub claim of the identity is missing

Describe the bug

When i'm trying to delete a user from the administration site i get an error page

image

To Reproduce

Steps to reproduce the behavior: Goto specific user and try to delete the user.

Relevant parts of the log file

2024-05-13 11:27:57.996 +00:00 [ERR] Exception at route /Identity/UserDelete/df864d37-4b93-43a1-8e15-c01f39a1d2e7 System.InvalidOperationException: sub claim is missing at Duende.IdentityServer.Extensions.PrincipalExtensions.GetSubjectId(IIdentity identity) in //src/IdentityServer/Extensions/PrincipalExtensions.cs:line 80 at Duende.IdentityServer.Extensions.PrincipalExtensions.GetSubjectId(IPrincipal principal) in //src/IdentityServer/Extensions/PrincipalExtensions.cs:line 65 at Skoruba.Duende.IdentityServer.Admin.UI.Areas.AdminUI.Controllers.IdentityController`20.UserDelete(TUserDto user) at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.

The error related to https://github.com/skoruba/Duende.IdentityServer.Admin/blob/main/src/Skoruba.Duende.IdentityServer.Admin.UI/Areas/AdminUI/Controllers/IdentityController.cs#L420 is callling var currentUserId = User.GetSubjectId();

Which is in: https://github.com/DuendeSoftware/IdentityServer/blob/main/src/IdentityServer/Extensions/PrincipalExtensions.cs

2024-05-13 11:27:57.996 +00:00 [ERR] Exception at route /Identity/UserDelete/df864d37-4b93-43a1-8e15-c01f39a1d2e7
System.InvalidOperationException: sub claim is missing
   at Duende.IdentityServer.Extensions.PrincipalExtensions.GetSubjectId(IIdentity identity) in /_/src/IdentityServer/Extensions/PrincipalExtensions.cs:line 80
   at Duende.IdentityServer.Extensions.PrincipalExtensions.GetSubjectId(IPrincipal principal) in /_/src/IdentityServer/Extensions/PrincipalExtensions.cs:line 65
   at Skoruba.Duende.IdentityServer.Admin.UI.Areas.AdminUI.Controllers.IdentityController`20.UserDelete(TUserDto user)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask`1 actionResultValueTask)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ExceptionContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeNextResourceFilter()
--- End of stack trace from previous location ---
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|20_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope)
   at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context)
   at NWebsec.AspNetCore.Middleware.Middleware.CspMiddleware.Invoke(HttpContext context)
   at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
   at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
   at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
   at NWebsec.AspNetCore.Middleware.Middleware.MiddlewareBase.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddlewareImpl.<Invoke>g__Awaited|10_0(ExceptionHandlerMiddlewareImpl middleware, HttpContext context, Task task)