Obrigado por o projeto

I can't log into the user management. I get this error. I've checked everything but I can't find the reason why.

[05:20:47 Information] IdentityServer4.EntityFramework.TokenCleanup
Removing 0 grants

[05:20:52 Debug] IdentityServer4.Hosting.CorsPolicyProvider
CORS request made for path: /.well-known/openid-configuration from origin: https://localhost:5004

[05:20:52 Debug] IdentityServer4.EntityFramework.Services.CorsPolicyService
Origin https://localhost:5004 is allowed: True

[05:20:52 Debug] IdentityServer4.Hosting.CorsPolicyProvider
CorsPolicyService allowed origin: https://localhost:5004

[05:20:52 Debug] IdentityServer4.Hosting.EndpointRouter
Request path /.well-known/openid-configuration matched to endpoint type Discovery

[05:20:52 Debug] IdentityServer4.Hosting.EndpointRouter
Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryEndpoint

[05:20:52 Information] IdentityServer4.Hosting.IdentityServerMiddleware
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryEndpoint for /.well-known/openid-configuration

[05:20:52 Debug] IdentityServer4.Endpoints.DiscoveryEndpoint
Start discovery request

[05:20:53 Debug] IdentityServer4.EntityFramework.Stores.ResourceStore
Found ["openid", "profile", "email", "username", "roles", "is4-rights", "glnidsrv_api.user", "glnidsrv_api.is4"] as all scopes in database

[05:20:53 Debug] IdentityServer4.Hosting.CorsPolicyProvider
CORS request made for path: /.well-known/openid-configuration/jwks from origin: https://localhost:5004

[05:20:53 Debug] IdentityServer4.EntityFramework.Services.CorsPolicyService
Origin https://localhost:5004 is allowed: True

[05:20:53 Debug] IdentityServer4.Hosting.CorsPolicyProvider
CorsPolicyService allowed origin: https://localhost:5004

[05:20:53 Debug] IdentityServer4.Hosting.EndpointRouter
Request path /.well-known/openid-configuration/jwks matched to endpoint type Discovery

[05:20:53 Debug] IdentityServer4.Hosting.EndpointRouter
Endpoint enabled: Discovery, successfully created handler: IdentityServer4.Endpoints.DiscoveryKeyEndpoint

[05:20:53 Information] IdentityServer4.Hosting.IdentityServerMiddleware
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.DiscoveryKeyEndpoint for /.well-known/openid-configuration/jwks

[05:20:53 Debug] IdentityServer4.Endpoints.DiscoveryKeyEndpoint
Start key discovery request

[05:20:53 Debug] IdentityServer4.Hosting.EndpointRouter
Request path /connect/authorize matched to endpoint type Authorize

[05:20:53 Debug] IdentityServer4.Hosting.EndpointRouter
Endpoint enabled: Authorize, successfully created handler: IdentityServer4.Endpoints.AuthorizeEndpoint

[05:20:53 Information] IdentityServer4.Hosting.IdentityServerMiddleware
Invoking IdentityServer endpoint: IdentityServer4.Endpoints.AuthorizeEndpoint for /connect/authorize

[05:20:53 Debug] IdentityServer4.Endpoints.AuthorizeEndpoint
Start authorize request

[05:20:53 Debug] IdentityServer4.Endpoints.AuthorizeEndpoint
User in authorize request: 69a70b20-c962-4719-499d-08d6dd0ea5d6

[05:20:53 Debug] IdentityServer4.Validation.AuthorizeRequestValidator
Start authorize request protocol validation

[05:20:53 Debug] IdentityServer4.EntityFramework.Stores.ClientStore
UserManagementUI found in database: True

[05:20:53 Debug] IdentityServer4.Stores.ValidatingClientStore
client configuration validation for client UserManagementUI succeeded.

[05:20:53 Error] IdentityServer4.Validation.AuthorizeRequestValidator
Invalid redirect_uri: http://localhost:5004/login-callback
{"ClientId": "UserManagementUI", "ClientName": "User Management UI", "RedirectUri": null, "AllowedRedirectUris": ["https://localhost:5004/login-callback"], "SubjectId": "69a70b20-c962-4719-499d-08d6dd0ea5d6", "ResponseType": null, "ResponseMode": null, "GrantType": null, "RequestedScopes": "", "State": null, "UiLocales": null, "Nonce": null, "AuthenticationContextReferenceClasses": null, "DisplayMode": null, "PromptMode": null, "MaxAge": null, "LoginHint": null, "SessionId": null, "Raw": {"response_type": "id_token token", "client_id": "UserManagementUI", "state": "Er0Na9Tm9kRSyQvekbRQKtmkVhypxdjrxutUnJGq", "redirect_uri": "http://localhost:5004/login-callback", "scope": "openid profile email glnidsrv_api.user", "nonce": "Er0Na9Tm9kRSyQvekbRQKtmkVhypxdjrxutUnJGq"}, "$type": "AuthorizeRequestValidationLog"}

[05:20:53 Error] IdentityServer4.Endpoints.AuthorizeEndpoint
Request validation failed

[05:20:53 Information] IdentityServer4.Endpoints.AuthorizeEndpoint
{"ClientId": "UserManagementUI", "ClientName": "User Management UI", "RedirectUri": null, "AllowedRedirectUris": ["https://localhost:5004/login-callback"], "SubjectId": "69a70b20-c962-4719-499d-08d6dd0ea5d6", "ResponseType": null, "ResponseMode": null, "GrantType": null, "RequestedScopes": "", "State": null, "UiLocales": null, "Nonce": null, "AuthenticationContextReferenceClasses": null, "DisplayMode": null, "PromptMode": null, "MaxAge": null, "LoginHint": null, "SessionId": null, "Raw": {"response_type": "id_token token", "client_id": "UserManagementUI", "state": "Er0Na9Tm9kRSyQvekbRQKtmkVhypxdjrxutUnJGq", "redirect_uri": "http://localhost:5004/login-callback", "scope": "openid profile email glnidsrv_api.user", "nonce": "Er0Na9Tm9kRSyQvekbRQKtmkVhypxdjrxutUnJGq"}, "$type": "AuthorizeRequestValidationLog"}

[05:20:53 Information] IdentityServer4.Events.DefaultEventService
{"ClientId": "UserManagementUI", "ClientName": "User Management UI", "RedirectUri": null, "Endpoint": "Authorize", "SubjectId": "69a70b20-c962-4719-499d-08d6dd0ea5d6", "Scopes": "", "GrantType": null, "Error": "unauthorized_client", "ErrorDescription": "Invalid redirect_uri", "Category": "Token", "Name": "Token Issued Failure", "EventType": "Failure", "Id": 2001, "Message": null, "ActivityId": "0HLMT1T5FSR97:00000001", "TimeStamp": "2019-05-20T12:20:53.0000000Z", "ProcessId": 2958, "LocalIpAddress": "::1:5001", "RemoteIpAddress": "::1", "$type": "TokenIssuedFailureEvent"}

[05:21:02 Information] IdentityServer4.EntityFramework.TokenCleanup
Removing 0 grants

The dependency sweetalert2 was updated from 8.14.0 to 8.14.1.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

sweetalert2 is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴

The dependency @kolkov/angular-editor was updated from 1.0.2 to 1.0.3.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

@kolkov/angular-editor is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴

Is your feature request related to a problem? Please describe.
We are a german company who think about using this project.. would be great to have a german translation for the frontend :)

Describe the solution you'd like
Just an extra de.json in the i18n folder ^^

Describe alternatives you've considered
uhm..... ok..?

Additional context
I'd just fork & PR if that's ok? ^^

• Operating system and version Mac OS X
• Browser and version Chrome
  I ran the jpproject on my local machine but when try to open user/list on JpAdmin.UI getting and error below. I know it's related with ssl issue but I coudn't figure out how to solve it. many thanks bruno...

2019-05-29 22:11:28.011 +03:00 [ERR] An unhandled exception has occurred while executing the request.
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://localhost:5001/.well-known/openid-configuration'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'https://localhost:5001/.well-known/openid-configuration'. ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
   at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
--- End of stack trace from previous location where exception was thrown ---
   at System.Net.Security.SslState.ThrowIfExceptional()
   at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
   at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
   at System.Net.Security.SslStream.<>c.<AuthenticateAsClientAsync>b__47_1(IAsyncResult iar)
   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
   at System.Threading.Tasks.ValueTask`1.get_Result()
   at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Threading.Tasks.ValueTask`1.get_Result()
   at System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask`1 creationTask)
   at System.Threading.Tasks.ValueTask`1.get_Result()
   at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Net.Http.DiagnosticsHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
   at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel)
   at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel)
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler.HandleAuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
   at IdentityServer4.AccessTokenValidation.IdentityServerAuthenticationHandler.HandleAuthenticateAsync() in C:\local\identity\server4\AccessTokenValidation\src\IdentityServerAuthenticationHandler.cs:line 61
   at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.AuthenticateAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationService.AuthenticateAsync(HttpContext context, String scheme)
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
2019-05-29 22:11:28.030 +03:00 [INF] Request finished in 77.0565ms 500 text/html; charset=utf-8

The dependency ngx-mask was updated from 8.0.9 to 8.1.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

ngx-mask is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴

When update an IdentityResource at AdminUI a 404 Occurs.

hello

Sounds good

How about using cosmosdb instead of mysql or sql

The dependency angular-tree-component was updated from 8.5.2 to 8.5.4.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

angular-tree-component is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴

Upgrade to ASP.NET Core 3

Would be nice to have SQLite support. It'd be a great option for small or test/qa environments. For docker-compose would only need to use a named volume instead of the jpdatabase container.

docker-compose.sqlite.yml

volumes:
  data-store:
    driver: local
services:
  jpproject:
    ...
    volumes:
      - data-store:/var/lib/identityserver/data
    environment:
      ...
      CUSTOMCONNSTR_SSOConnection: "Filename=/var/lib/identityserver/data/identityserver.sqlite"
...

🚨 You need to enable Continuous Integration on Greenkeeper branches of this repository. 🚨

To enable Greenkeeper, you need to make sure that a commit status is reported on all branches. This is required by Greenkeeper because it uses your CI build statuses to figure out when to notify you about breaking changes.

Since we didn’t receive a CI status on the greenkeeper/initial branch, it’s possible that you don’t have CI set up yet.
We recommend using:

• CircleCI
• Travis CI
• Buildkite
• CodeShip
• Azure Pipelines
• TeamCity
• Buddy
• AppVeyor
  But Greenkeeper will work with every other CI service as well.

If you have already set up a CI for this repository, you might need to check how it’s configured. Make sure it is set to run on all new branches. If you don’t want it to run on absolutely every branch, you can whitelist branches starting with greenkeeper/.

Once you have installed and configured CI on this repository correctly, you’ll need to re-trigger Greenkeeper’s initial pull request. To do this, please click the 'fix repo' button on account.greenkeeper.io.

Is it possible to decouple User management form IS4 Admin UI. Would love to use it on an existing project that has its own user management but just want to use your project for IdentityServer Admin management only such as Client, APi, Identity, Resources, Persistent Grants etc

• A simple SDK for management user

The devDependency @angular/cli was updated from 8.3.24 to 8.3.25.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

@angular/cli is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Release Notes for v8.3.25

Commits

Misc
Commit	Description	Notes
	remove alias for ng doc command
@angular-devkit/build-angular (0.803.25)
Commit	Description	Notes
	provide supported browsers to babel
	add crossorigin attribute to lazy chunks	[Closes #16801]

---

---

Special Thanks

Alan Agius, Charles Lyding, Minko Gechev

Your Greenkeeper Bot 🌴

The dependency ng2-tooltip-directive was updated from 2.4.12 to 2.5.13.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

ng2-tooltip-directive is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴

I am attempting to create a Kubernetes template from the master branch, will be happy to create a PR when I complete it. I am coming across an issue that does not appear on the local docker-swarm version.

Whenever I click the login button for local login, I receive a 400 error from https://sso.mydomain.com

My Setup:

• Running in a cloud setup
• Nginx acting as a reverse-proxy to the project. - forces HTTPS
• sso -reachable-at-> https://sso.mydomain.com
• api -reachable-at-> https://sso.mydomain.com/api
• user-ui-managment -reachable-at-> https://user-ui.mydomain.com
• admin-ui -reachable-at-> https://admin-ui.mydomain.com
• database accessible from inside the kube cluster - also updated the clients to use new urls instead of localhost

I have compared the post request message differences between docker-swarm and kube deployment. Differences I have noticed are:

• I'm running everything remote from each other
• I'm using HTTPS
• I also have the following headers on my request: Sec-Fetch-Mode: navigate, Sec-Fetch-Site: same-origin, Sec-Fetch-User: ?1

I have tried to attempt to capture the 400 Post by using OnActionExecuting on the Account Controller and logging it. Sadly, the action is never selected, so it never runs on the POST.

Any thoughts on why this is occurring would be appreciated.

The dependency flag-icon-css was updated from 3.3.0 to 3.4.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

flag-icon-css is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴

It just a clarification question not a bug instead.

Will JPProject or IdentityServer4 will work out of the box for PostGreSQL

For our project, we want to use PostGreSQL rather than MSSQL as it involves license cost.

i think maybe you need add localization for other languages (chinese?)

I was unable to get it working on my local docker in windows

No Grants have been persisted

Hi,

Could you please share how can we handle onTokenReceived, OAuthSuccessEvent or any other events in this?

Currently running the docker compose file, via the listed link... saved as docker-compose.prod.yml. On the latest Docker Desktop on Windows

Version: 2.0.5.0 (35318)
Channel: Edge
Engine: 19.03.0-rc2
Compose: 1.24.0

docker-compose.prod.yml

docker-compose -f docker-compose.prod.yml up

Getting the following error:

jpproject_1      | [23:52:58 Debug] IdentityServer4.Startup
jpproject_1      | Error Id Parameter: errorId
jpproject_1      |
jpproject_1      | [23:53:16 Information] Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler
jpproject_1      | AuthenticationScheme: Identity.Application was challenged.
jpproject_1      |
jpproject_1      | [23:53:16 Error] Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgery
jpproject_1      | An exception was thrown while deserializing the token.
jpproject_1      | Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted. ---> System.Security.Cryptography.CryptographicException: The key {25c2ca98-93f7-44b8-9e45-de60cdcad3d1} was not found in the key ring.
jpproject_1      |    at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.UnprotectCore(Byte[] protectedData, Boolean allowOperationsOnRevokedKeys, UnprotectStatus& status)
jpproject_1      |    at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.DangerousUnprotect(Byte[] protectedData, Boolean ignoreRevocationErrors, Boolean&
requiresMigration, Boolean& wasRevoked)
jpproject_1      |    at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Unprotect(Byte[] protectedData)
jpproject_1      |    at Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
jpproject_1      |    --- End of inner exception stack trace ---
jpproject_1      |    at Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgeryTokenSerializer.Deserialize(String serializedToken)
jpproject_1      |    at Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgery.GetCookieTokenDoesNotThrow(HttpContext httpContext)
jpproject_1      |
jpproject_1      | [23:53:32 Debug] IdentityServer4.Hosting.CorsPolicyProvider
jpproject_1      | CORS request made for path: /Account/Login from origin: null but was ignored because path was not for an allowed IdentityServer CORS endpoint
jpproject_1      |
jpproject_1      | [23:53:32 Warning] Microsoft.AspNetCore.Identity.UserManager
jpproject_1      | Invalid password for user 08d7097d-6b71-de76-6b6c-b29852be12fb.
jpproject_1      |
jpproject_1      | [23:53:32 Warning] Microsoft.AspNetCore.Identity.SignInManager
jpproject_1      | User 08d7097d-6b71-de76-6b6c-b29852be12fb failed to provide the correct password.
jpproject_1      |
jpproject_1      | [23:53:32 Information] IdentityServer4.Events.DefaultEventService
jpproject_1      | {"Username": "bruno", "Endpoint": "UI", "Category": "Authentication", "Name": "User Login Failure", "EventType": "Failure", "Id": 1001, "Message": "invalid credentials", "ActivityId": "0HLO9FU85GPAB:00000006", "TimeStamp": "2019-07-15T23:53:32.0000000Z", "ProcessId": 1, "LocalIpAddress": "::ffff:172.19.0.4:5000", "RemoteIpAddress": "::ffff:172.19.0.1", "$type": "UserLoginFailureEvent"}

When I tried the latest via the master branch, it was giving me a credential error...
docker-compose.yml

jpproject_1      | [23:45:27 Warning] Microsoft.AspNetCore.Identity.SignInManager
jpproject_1      | User 08d7097d-6b71-de76-6b6c-b29852be12fb is currently locked out.
jpproject_1      |
jpproject_1      | [23:45:27 Information] IdentityServer4.Events.DefaultEventService
jpproject_1      | {"Username": "bruno", "Endpoint": "UI", "Category": "Authentication", "Name": "User Login Failure", "EventType": "Failure", "Id": 1001, "Message": "invalid credentials", "ActivityId": "0HLO9FQ1HTKB1:00000001", "TimeStamp": "2019-07-15T23:45:27.0000000Z", "ProcessId": 1, "LocalIpAddress": "::ffff:172.19.0.3:5000", "RemoteIpAddress": "::ffff:172.19.0.1", "$type": "UserLoginFailureEvent"}

The devDependency @types/jasmine was updated from 3.5.2 to 3.5.3.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

@types/jasmine is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Your Greenkeeper Bot 🌴

Hi everyone.

First of all, thanks to all people involved on JpProject development. Keep up the great job!

Not sure if this is something wrong on my end, but I am facing a situation where the "UserViewModel.LockoutEnd" (of type DateTimeOffset?) was sent to the angular client with the default value from DateTimeOffset (something like 01.01.0001 00:00:00 +00:00) instead of null (as it is stored in Database).

This ends up creating some trouble because if the user saves the changes, then "01.01.0001 00:00:00 +00:00" will be stored on the database, and later I start getting further errors (The UTC representation of the date '1/1/0001' falls outside the year range 1-9999.) when calling the Details(admin/users/{username}). Automapper.

For now I made an solution that is not so nice, but did the job... Basically when the Automapper configuration is set, I added the following ValueTransformer(to set as null when the Value is the default value of DateTimeOffset.

configurationExpression.ValueTransformers.Add<DateTimeOffset?>(value => value.HasValue && value.Value == default(DateTimeOffset)?null:value);

It is a minor issue, but maybe someone already stumble at it, or it might be even something I added myself when I am playing with it.

BR
Pedro

Describe the bug
All tooltips from AdminUI isn't showing.

To Reproduce
Steps to reproduce the behavior:

1. Go to AdminUI
2. Click on Clients
3. Put mouse over Comment Icon

Expected behavior
Show tooltip with information from Official docs.

Screenshots

Desktop (please complete the following information):

• Browser: Chrome

The devDependency @angular/cli was updated from 8.3.4 to 8.3.5.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

@angular/cli is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Release Notes for v8.3.5

Commits

@angular/cli (8.3.5)
Commit	Description	Notes
	ensure analytics postinstall script is ES5 (#15620)

---

---

Special Thanks

mgechev, Charles Lyding

Your Greenkeeper Bot 🌴

Running into trouble with Light Install. Error trying to connect to MySQL running in another container. Connection string has been modified in docker-compose.yml in JPProject.IdentityServer4.AdminUI as follows:

CUSTOMCONNSTR_SSOConnection: "server=172.17.0.3; port=3306; database=IdpDb; uid=root; password=xyz"

Relevant log snippet from running docker-compose:

jpproject-light-api_1  | [19:03:59 INF] Entity Framework Core 3.1.0 initialized 'JPProjectAdminUIContext' using provider 'Pomelo.EntityFrameworkCore.MySql' with options: MigrationsAssembly=JPProject.Admin.EntityFrameworkCore.MySql
jpproject-light-api_1  | [19:04:15 ERR] An error occurred using the connection to database '' on server '172.17.0.3'.
...........
...........
jpproject-light-api_1  | Unhandled exception. System.AggregateException: One or more errors occurred. (Error wating database. Check ConnectionString and ensure database exist)

Not sure why db name is not getting picked up. Any ideas?

Need Help to configurate JP Project Light Install

• I'm trying to connect my IdentityServer4 project with the Light Admin UI and I faced some issues in order to access to the end points that solution provides.

• On the other hand the JPProject.Admin.Api doesn't provide the whole controller that are visualized in the front end part, in others words the front end present 6 options to be used and the light backend only implement 4.

The error faced is
Steps to reproduce the behavior:

1. Access to the Admin portal
2. Click on Clients option
3. In the JPProject.Admin.Api console appears this:

[12:45:42 INF] Request starting HTTP/2 OPTIONS https://localhost:5103/clients
[12:45:42 INF] CORS policy execution successful.
[12:45:42 INF] Request finished in 47.9461ms 204
[12:45:42 INF] Request starting HTTP/2 GET https://localhost:5103/clients
[12:45:42 INF] CORS policy execution successful.
[12:45:42 INF] Successfully validated the token.
[12:45:42 DBG] AuthenticationScheme: Bearer was successfully authenticated.
[12:45:42 INF] Authorization was successful.
[12:45:42 INF] Executing endpoint 'JPProject.Admin.Api.Controllers.ClientsController.ListClients (JPProject.Admin.Api)'
[12:45:42 INF] Route matched with {action = "ListClients", controller = "Clients"}. Executing controller action with signature System.Threading.Tasks.Task1[Microsoft.AspNetCore.Mvc.ActionResult1[System.Collections.Generic.IEnumerable1[JPProject.Admin.Application.ViewModels.ClientsViewModels.ClientListViewModel]]] ListClients() on controller JPProject.Admin.Api.Controllers.ClientsController (JPProject.Admin.Api). [12:45:42 INF] Executed action JPProject.Admin.Api.Controllers.ClientsController.ListClients (JPProject.Admin.Api) in 4.1798ms [12:45:42 INF] Executed endpoint 'JPProject.Admin.Api.Controllers.ClientsController.ListClients (JPProject.Admin.Api)' [12:45:43 ERR] An unhandled exception has occurred while executing the request. System.InvalidOperationException: Unable to resolve service for type 'MediatR.INotificationHandler1[JPProject.Domain.Core.Notifications.DomainNotification]' while attempting to activate 'JPProject.Admin.Api.Controllers.ClientsController'.
at Microsoft.Extensions.DependencyInjection.ActivatorUtilities.GetService(IServiceProvider sp, Type type, Type requiredBy, Boolean isDefaultParameterRequired)
at lambda_method(Closure , IServiceProvider , Object[] )
at Microsoft.AspNetCore.Mvc.Controllers.ControllerActivatorProvider.<>c__DisplayClass4_0.b__0(ControllerContext controllerContext)
at Microsoft.AspNetCore.Mvc.Controllers.ControllerFactoryProvider.<>c__DisplayClass5_0.g__CreateController|0(ControllerContext controllerContext)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.g__Awaited|19_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.g__Logged|17_1(ResourceInvoker invoker)
at Microsoft.AspNetCore.Routing.EndpointMiddleware.g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger)
at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)
at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)
at Hellang.Middleware.ProblemDetails.ProblemDetailsMiddleware.Invoke(HttpContext context)
[12:45:43 INF] Executing ObjectResult, writing value of type 'Hellang.Middleware.ProblemDetails.DeveloperProblemDetails'.
[12:45:43 INF] Request finished in 313.6046ms 500 application/problem+json; charset=utf-8

Additional consideration
If you need some configuration I made please let me know in order to add it

Hope you can help me.
Thanks
Leo

The dependency core-js was updated from 3.2.0 to 3.2.1.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

core-js is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴

The dependency @ng-bootstrap/ng-bootstrap was updated from 5.2.1 to 5.2.2.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

@ng-bootstrap/ng-bootstrap is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴

Hi,

Thank you building this project!
Could I ask if you can add more functionality examples like maybe project management system where a admin can add products and user (staff) can maintain the product example update product price :)

that would be great feature for more db support.

Hi,

I was trying the admin ui. I could see the response from the api-resource/list i.e, "{"Success":true,"Data":[{"Name":"xxx","Description":"OAuth2 Server Management Api"}],"Errors":null}"

But the same is not rendering on the html page. The page is showing loader whereas the call to get the data has finished. Any idea?

I'm always frustrated when needs to change default e-mail layout after a new user or when need to recover password.

Describe the solution you'd like
A place to change the e-mail layout

Question that is exactly opposite to #110 :) Currently Light Install only allows to manage resources (clients, grants, etc.) for the existing IdP. As such UI links for user management are broken in the admin panel.

If I wanted to include user management functionality, would it be as simple as copying UserControler and UserManagementController from JPProject.IdentityServer4.SSO/src/Backend/Jp.Api.Management/Controllers into JPProject.IdentityServer4.AdminUI/src/Backend/JPProject.Admin.Api/Controllers? I have an existing IdP that uses ASP.NET Core Identity.

Thank you!

🚨 You need to enable Continuous Integration on Greenkeeper branches of this repository. 🚨

To enable Greenkeeper, you need to make sure that a commit status is reported on all branches. This is required by Greenkeeper because it uses your CI build statuses to figure out when to notify you about breaking changes.

Since we didn’t receive a CI status on the greenkeeper/initial branch, it’s possible that you don’t have CI set up yet.
We recommend using:

• CircleCI
• Travis CI
• Buildkite
• CodeShip
• Azure Pipelines
• TeamCity
• Buddy
• AppVeyor
  But Greenkeeper will work with every other CI service as well.

If you have already set up a CI for this repository, you might need to check how it’s configured. Make sure it is set to run on all new branches. If you don’t want it to run on absolutely every branch, you can whitelist branches starting with greenkeeper/.

Once you have installed and configured CI on this repository correctly, you’ll need to re-trigger Greenkeeper’s initial pull request. To do this, please click the 'fix repo' button on account.greenkeeper.io.

The dependency ngx-chips was updated from 2.0.2 to 2.1.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

ngx-chips is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴

The browser return 404 while trying to reset password

Describe the bug
Cannot get email in id_token in hybrid flow.

To Reproduce
Steps to reproduce the behavior:

1. Ensure that IdentityResource has "email" with claim types "email" and "email_verified"
2. Ensure that Client requests scope "email"
3. Ensure that "Always include user claims in Id tokens" is checked.
4. Generate id_token. id_token will not have email.

Expected behavior
email is returned in id_token

🚨 You need to enable Continuous Integration on Greenkeeper branches of this repository. 🚨

To enable Greenkeeper, you need to make sure that a commit status is reported on all branches. This is required by Greenkeeper because it uses your CI build statuses to figure out when to notify you about breaking changes.

Since we didn’t receive a CI status on the greenkeeper/initial branch, it’s possible that you don’t have CI set up yet.
We recommend using:

• CircleCI
• Travis CI
• Buildkite
• CodeShip
• Azure Pipelines
• TeamCity
• Buddy
• AppVeyor
  But Greenkeeper will work with every other CI service as well.

If you have already set up a CI for this repository, you might need to check how it’s configured. Make sure it is set to run on all new branches. If you don’t want it to run on absolutely every branch, you can whitelist branches starting with greenkeeper/.

Once you have installed and configured CI on this repository correctly, you’ll need to re-trigger Greenkeeper’s initial pull request. To do this, please click the 'fix repo' button on account.greenkeeper.io.

Hi , first at all thanks for the project.

I run the demo in mysql on my local machine and Azure for mysql too and everything was ok, but when i try to run it in an RDS instance (Aurora Mysql), I had some problems with the migrations, the tables were created correctly, the problems were with the data migration, i got an exception:

Value cannot be null.
Parameter name: key

if (!context.Clients.Any())
                {
                    foreach (var client in Clients.GetAdminClient(configuration).ToList())
                    {
//The problem is here when it tries to insert the client data
                        await context.Clients.AddAsync(client.ToEntity());
                    }

                    await context.SaveChangesAsync();
                }

                if (!context.IdentityResources.Any())
                {
                    var identityResources = ClientResources.GetIdentityResources().ToList();

                    foreach (var resource in identityResources)
                    {
                        await context.IdentityResources.AddAsync(resource.ToEntity());
                    }

                    await context.SaveChangesAsync();
                }

                if (!context.ApiResources.Any())
                {
                    foreach (var resource in ClientResources.GetApiResources().ToList())
                    {
                        await context.ApiResources.AddAsync(resource.ToEntity());
                    }

                    await context.SaveChangesAsync();
                }

What is the easiest way of extending the user entity to add more columns.

If you take a look skoruba admin for entity Framework it generates nuget packages and then anyone can extend the user entity

https://github.com/skoruba/IdentityServer4.Admin

🚨 You need to enable Continuous Integration on Greenkeeper branches of this repository. 🚨

To enable Greenkeeper, you need to make sure that a commit status is reported on all branches. This is required by Greenkeeper because it uses your CI build statuses to figure out when to notify you about breaking changes.

Since we didn’t receive a CI status on the greenkeeper/initial branch, it’s possible that you don’t have CI set up yet.
We recommend using:

• CircleCI
• Travis CI
• Buildkite
• CodeShip
• Azure Pipelines
• TeamCity
• Buddy
• AppVeyor
  But Greenkeeper will work with every other CI service as well.

If you have already set up a CI for this repository, you might need to check how it’s configured. Make sure it is set to run on all new branches. If you don’t want it to run on absolutely every branch, you can whitelist branches starting with greenkeeper/.

Once you have installed and configured CI on this repository correctly, you’ll need to re-trigger Greenkeeper’s initial pull request. To do this, please click the 'fix repo' button on account.greenkeeper.io.

We are at a crossroad:

Stay simple, keep going

For the future, add these features to admin panel:

• manager federation Gateway
• New user e-mail template
• Reset password e-mail template
• Change e-mail configuration

Doing it in actual state the project will be highly coupled, and won't be just a Admin UI for IS4, but a SSO instead.

Modular

The new scenario will split Admin UI from SSO, creating two or more separated github projects.

The Admin UI will finally receive it's independency from this SSO. The new version will have capabilities to run for an existing IdentityServer4 database.

The new github project will be a SSO with features like:

• Add Federation Gateway from an admin panel.
• Configure custom e-mail settings.
• Change blob settings to store user pictures.

The default version configuration:

• ASP.NET Identity & SQL User Database
• IdentityServer4 & SQL Database
• Stored Event & SQL Database

As you can see, everything could change. ASP.NET Identity with a MongoDB, Stored Events in Kafka and IdentityServer4 with a Postgre.

The cost? A more complex scenario to configure.
The good? The default version will have a docker-compose with nginx and instructions for Load Balance and Docker Swarm

Your opinion matter:
Be a single SSO, keep the project small, simple, highly coupled ?

Separated projects to meet more and complex scenarios.

could you please provide a Admin account in the demo site ? so i can had a quick look ? i created the new account but the account is normal usuer so i guess i do not had permision to view to the Admin UI. Thanks

The dependency codemirror was updated from 5.48.2 to 5.48.4.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

codemirror is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴

The devDependency @types/node was updated from 12.7.4 to 12.7.5.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

@types/node is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Your Greenkeeper Bot 🌴

🚨 You need to enable Continuous Integration on Greenkeeper branches of this repository. 🚨

To enable Greenkeeper, you need to make sure that a commit status is reported on all branches. This is required by Greenkeeper because it uses your CI build statuses to figure out when to notify you about breaking changes.

Since we didn’t receive a CI status on the greenkeeper/initial branch, it’s possible that you don’t have CI set up yet.
We recommend using:

• CircleCI
• Travis CI
• Buildkite
• CodeShip
• Azure Pipelines
• TeamCity
• Buddy
• AppVeyor
  But Greenkeeper will work with every other CI service as well.

If you have already set up a CI for this repository, you might need to check how it’s configured. Make sure it is set to run on all new branches. If you don’t want it to run on absolutely every branch, you can whitelist branches starting with greenkeeper/.

Once you have installed and configured CI on this repository correctly, you’ll need to re-trigger Greenkeeper’s initial pull request. To do this, please click the 'fix repo' button on account.greenkeeper.io.

The dependency @fortawesome/fontawesome-free was updated from 5.12.0 to 5.12.1.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

@fortawesome/fontawesome-free is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Your Greenkeeper Bot 🌴