Comments (12)
I am periodically able to reproduce the StackOverflowException. While it was happening, I can confirm it has to do with the SignoutAsync method.
The actual override is not needed, so I am working on a PR to remove this code altogether. No ETA yet but it should be shortly.
from aws-aspnet-cognito-identity-provider.
@andyfurniss4 Yes,
I have just release a new version 0.9.02 that should solve the issue:
https://www.nuget.org/packages/Amazon.AspNetCore.Identity.Cognito/0.9.0.2
Please let me know how that works for you!
Hamza
from aws-aspnet-cognito-identity-provider.
The update seem to have rectified this, but Im waiting a bit more longer as it takes time for it to appear. It also fixed my SignOut async issue I opened earlier this week as that is now functioning correctly as well.
from aws-aspnet-cognito-identity-provider.
I am having the same issue. I am just running the Sample project from here[1] in visual studio 2017 with .netcore 2.2. It runs for while but after a sometime, if i start a new instance from VS i get the stackoverflow exception. Then i have to kill my iis express instance, close the browser instance and restart VS to get it to work again.
@aussiearef where you able to resolve this issue?
[1] https://github.com/aws/aws-aspnet-cognito-identity-provider/tree/master/samples/Samples
from aws-aspnet-cognito-identity-provider.
I too get this error periodically and it is is the cookie as I also delete the cookie and can continue, its a bug in the library cookie combination that needs to be fixed and I haven't quite zeroed in on the exact process for recreating it, but it has to do with the the Signout routine somehow as that is the only time when I experience it. I already have a ticket in that the signout is failing for me when the username is configured as the email address in Cognito
from aws-aspnet-cognito-identity-provider.
Thanks for reporting this, I'm working on narrowing down the issue.
from aws-aspnet-cognito-identity-provider.
Hello,
I suspect that this happens at security stamp validation.
The following code is a part of asp.net. In some reason, VerifySecurityStamp() returns null, then enters loop of ValidateAsync() -> SignOutAsync() -> AuthenticateAsync() -> ValidateAsync()...
if (validate)
{
var user = await VerifySecurityStamp(context.Principal);
if (user != null)
{
await SecurityStampVerified(user, context);
}
else
{
context.RejectPrincipal();
await SignInManager.SignOutAsync();
}
}
from aws-aspnet-cognito-identity-provider.
I am also experiencing Stack Overflow Exceptions. So far this is limited to localhost as I have not deployed my Cognito implementation yet but I imagine it'll happen in production too.
I implemented Cognito Identity yesterday and when I came back to it this morning and ran the project locally I started getting the exception. It was occurring somewhere between the Configure method in Startup.cs and the construction of my controller is all I can contribute at the moment. I can confirm that clearing cookies gets rid of the issue but I have so far been unable to recreate it.
I will add more info if I can come up with anything more helpful with regards to recreation or cause.
from aws-aspnet-cognito-identity-provider.
Though I'm not quite sure whether this can be a permanent solution.
After some investigation, I found ASP.NET Core attempts to get a user by ClaimTypes.NameIdentifier
. The following code is from asp.net core source.
https://github.com/aspnet/Identity/blob/d18de6b00e13f06bae43c621f17e39ed2bec4069/src/Core/UserManager.cs#L418 (from 2.1.1)
/// <summary>
/// Returns the User ID claim value if present otherwise returns null.
/// </summary>
/// <param name="principal">The <see cref="ClaimsPrincipal"/> instance.</param>
/// <returns>The User ID claim value, or null if the claim is not present.</returns>
/// <remarks>The User ID claim is identified by <see cref="ClaimTypes.NameIdentifier"/>.</remarks>
public virtual string GetUserId(ClaimsPrincipal principal)
{
if (principal == null)
{
throw new ArgumentNullException(nameof(principal));
}
return principal.FindFirstValue(Options.ClaimsIdentity.UserIdClaimType);
}
However Congnito user claims unlikely contains ClaimTypes.NameIdentifier
, then GetUserId() returns null, eventually GetUserAsync() returns null.
In order to solve it, I attached ClaimTypes.NameIdentifier
at https://github.com/aws/aws-aspnet-cognito-identity-provider/blob/master/src/Amazon.AspNetCore.Identity.Cognito/CognitoUserClaimsPrincipalFactory.cs#L59
public async Task<ClaimsPrincipal> CreateAsync(TUser user)
{
var claims = await _userManager.GetClaimsAsync(user).ConfigureAwait(false) as List<Claim>;
claimToAttributesMapping.ToList().ForEach(claim => MapClaimTypesToCognito(claims, claim.Key, claim.Value));
var userNameClaimType = _identityOptions.ClaimsIdentity.UserNameClaimType;
claims.Add(new Claim(userNameClaimType, user.Username));
claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Username)); // HERE
var roles = await _userManager.GetRolesAsync(user).ConfigureAwait(false);
var roleClaimType = _identityOptions.ClaimsIdentity.RoleClaimType;
// Roles are claims with a specific schema uri
roles.ToList().ForEach(role => claims.Add(new Claim(roleClaimType, role)));
var claimsIdentity = new ClaimsIdentity(claims, IdentityConstants.ApplicationScheme);
return new ClaimsPrincipal(claimsIdentity);
}
Then in my case, it works fine.
I'm using e-mail address as user id, but I haven't checked the other sign-in option.
from aws-aspnet-cognito-identity-provider.
After spending a day working on my application identity, I can say that I receive the Stack Overflow Exception periodically also and each time I have to clear my cookie. It's as if the cookie has expired (not sure what the timeout is?) and this then screws something up. Is this related to the Signout method you're talking about?
from aws-aspnet-cognito-identity-provider.
Hello,
Thank you. It works fine now!!
from aws-aspnet-cognito-identity-provider.
After upgrading and a day of work, I have not experienced any stack overflow exceptions.
Thank you!
from aws-aspnet-cognito-identity-provider.
Related Issues (20)
- Ways of supporting social login HOT 2
- Security: Defaults require secrets be published in unencrypted configuration files. HOT 6
- Sample App is nonfunctional for core common use cases and actively misleads users, seems abandoned. HOT 6
- Getting error "Unable to get IAM security credentials from EC2 Instance Metadata Service." while trying to login HOT 4
- AWSCognitoClientOptions doesn't contain a Region property (which is required by AWS) HOT 5
- Use inclusive pronouns in documentation. HOT 2
- Any plans to support .NET 5.0? HOT 4
- Implementing MFA suppression via remembered devices, getting 'Invalid device key given.' exception HOT 6
- Sample not working properly - Unable to get IAM security credentials from EC2 Instance Metadata Service. HOT 3
- Unable to retrieve UserPoolClientId and UserPoolClientSecret form AWS Parameter Store HOT 4
- Ability to reload AWSOptions after ASP.NET Core Lambda Startup HOT 19
- How to retrieve the list of all roles (groups) HOT 3
- AmazonCognitoIdentityProviderClient Usage HOT 6
- RemovePasswordAsync() fails for an unconfirmed user HOT 4
- Sign Out from all "active sessions" HOT 4
- RevokeToken behavior for multiple logins
- Support for External Providers HOT 4
- Check Password for unconfirmed user. HOT 5
- PasswordSignInAsync or CheckPasswordSignInAsync and SignInAsync are not persisting auth cookie User.Identity.IsAuthenticated is false HOT 6
- We can no longer search or find users with this sdk HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aws-aspnet-cognito-identity-provider.