jnhaffey / identityserver4.contrib.cosmosdb Goto Github PK

I'm struggling to fix this exception. I actually deployed it to Azure and I have many token requests. If I restart the server it "sorts out" the issue temporarily but after an hour the exception comes back.

Hi,

I'm receiving the following exception on app start.

DocumentClientException: Message: {"Errors":["The indexing path '/expiration' could not be accepted, failed near position '11'. Please ensure that the path is a valid path. Common errors include invalid characters or absence of quotes around labels."]}
ActivityId: 8b0de663-959d-4b57-b75c-243db171ca81, Request URI: /apps/DocDbApp/services/DocDbMaster0/partitions/780e44f4-38c8-11e6-8106-8cdcd42c33be/replicas/1p/, RequestStats: , SDK: Microsoft.Azure.Documents.Common/1.22.0.0

It occurs during app.UseIdentityServer():

When using InMemoryPersistentGrants, ConfigurationStore seems to work fine :)

Hi,
Cheers for the good work.

Did u think of the using cosmosDB TTL feature to clean up the expired token instead of the current approach? Please share your thoughts on this.

https://docs.microsoft.com/en-us/azure/cosmos-db/time-to-live

Hi! Hopping on here to save some people some time who want to use this project as a launchboard for having cosmosDB with identityserver like moi.

This project does not actually store grants in cosmos DB in its current state. To persist them, you need to fix code in IdentityServer4.Contrib.CosmosDB.Stores.PersistedGrantStore.StoreAsync()

You should replace SingleOrDefault() on line 31 to:
var existing = _context.PersistedGrants().Where(x => x.Key == token.Key).Take(1).AsEnumerable().SingleOrDefault(); //or some equivalent statement you prefer, it might be more performant to do this on x.Id

This is micrososft's recommendation for their library's unimplemented SingleOrDefault() (see: https://feedback.azure.com/forums/263030-azure-cosmos-db/suggestions/6771773-add-support-for-single-entity-retrieval-instead-of). You've got to do this, because SingleOrDefault() will trigger an exception from their library (unsupported query).

For performance reasons, you also aught to change
var client = _context.Clients(clientId).FirstOrDefault(x => x.ClientId == clientId);

to

var clients = _context.Clients(clientId).Where(x => x.ClientId == clientId).Take(1).AsEnumerable();

in IdentityServer4.Contrib.CosmosDB.Stores.ClientStore.FindClientByIdAsync(), as this should be more performant than returning all documents and then doing a singleordefault

FindApiResourceAsync I also think has this issue with it too, I forget. I'll see if I can get this all working and put together some kind of a PR I guess. Even if it never gets incorporated it might get a real fix jumpstarted.

Hi, I'm getting this error.
Unable to resolve service for type 'System.String' while attempting to activate 'IdentityServer4.Contrib.CosmosDB.DbContext.PersistedGrantDbContext

seems it couldn't resolve the PersistedGrantDbContext service.
builder.Services.AddScoped<IPersistedGrantDbContext, PersistedGrantDbContext>();