Return more messages for `401 Unauthorized`.

framework/src/Volo.Abp.AspNetCore.Abstractions/Volo/Abp/AspNetCore/Authentication/AbpAspNetCoreTokenUnauthorizedErrorInfo.cs

@@ -0,0 +1,12 @@
+using Volo.Abp.DependencyInjection;
+
+namespace Volo.Abp.AspNetCore.Authentication;
+
+public class AbpAspNetCoreTokenUnauthorizedErrorInfo : IScopedDependency
+{
+    public string? Error { get; set; }
+
+    public string? ErrorDescription { get; set; }
+
+    public string? ErrorUri { get; set; }
+}

framework/src/Volo.Abp.AspNetCore.Authentication.JwtBearer/Microsoft/Extensions/DependencyInjection/AbpJwtBearerExtensions.cs

@@ -1,6 +1,7 @@
 using System;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Volo.Abp.AspNetCore.Authentication;
 using Volo.Abp.Security.Claims;
 
 namespace Microsoft.Extensions.DependencyInjection;
@@ -31,6 +32,33 @@ public static class AbpJwtBearerExtensions
         return builder.AddJwtBearer(authenticationScheme, displayName, options =>
         {
             configureOptions?.Invoke(options);
+
+            options.Events ??= new JwtBearerEvents();
+            var previousOnChallenge = options.Events.OnChallenge;
+            options.Events.OnChallenge = async eventContext =>
+            {
+                await previousOnChallenge(eventContext);
+
+                if (eventContext.Handled ||
+                    !string.IsNullOrEmpty(eventContext.Error) ||
+                    !string.IsNullOrEmpty(eventContext.ErrorDescription) ||
+                    !string.IsNullOrEmpty(eventContext.ErrorUri))
+                {
+                    return;
+                }
+
+                var tokenUnauthorizedErrorInfo = eventContext.HttpContext.RequestServices.GetRequiredService<AbpAspNetCoreTokenUnauthorizedErrorInfo>();
+                if (string.IsNullOrEmpty(tokenUnauthorizedErrorInfo.Error) &&
+                    string.IsNullOrEmpty(tokenUnauthorizedErrorInfo.ErrorDescription) &&
+                    string.IsNullOrEmpty(tokenUnauthorizedErrorInfo.ErrorUri))
+                {
+                    return;
+                }
+
+                eventContext.Error = tokenUnauthorizedErrorInfo.Error;
+                eventContext.ErrorDescription = tokenUnauthorizedErrorInfo.ErrorDescription;
+                eventContext.ErrorUri = tokenUnauthorizedErrorInfo.ErrorUri;
+            };
         });
     }
 }

framework/src/Volo.Abp.AspNetCore.Authentication.JwtBearer/Volo.Abp.AspNetCore.Authentication.JwtBearer.csproj

@@ -19,6 +19,7 @@
   <ItemGroup>
     <ProjectReference Include="..\Volo.Abp.Security\Volo.Abp.Security.csproj" />
     <ProjectReference Include="..\Volo.Abp.Caching\Volo.Abp.Caching.csproj" />
+    <ProjectReference Include="..\Volo.Abp.AspNetCore.Abstractions\Volo.Abp.AspNetCore.Abstractions.csproj" />
   </ItemGroup>
 
   <ItemGroup>

framework/src/Volo.Abp.AspNetCore.Authentication.JwtBearer/Volo/Abp/AspNetCore/Authentication/JwtBearer/AbpAspNetCoreAuthenticationJwtBearerModule.cs

@@ -7,7 +7,7 @@ using Volo.Abp.Security.Claims;
 
 namespace Volo.Abp.AspNetCore.Authentication.JwtBearer;
 
-[DependsOn(typeof(AbpSecurityModule), typeof(AbpCachingModule))]
+[DependsOn(typeof(AbpSecurityModule), typeof(AbpCachingModule), typeof(AbpAspNetCoreAbstractionsModule))]
 public class AbpAspNetCoreAuthenticationJwtBearerModule : AbpModule
 {
     public override void ConfigureServices(ServiceConfigurationContext context)
@@ -21,5 +21,6 @@ public class AbpAspNetCoreAuthenticationJwtBearerModule : AbpModule
             context.Services.AddTransient<WebRemoteDynamicClaimsPrincipalContributor>();
             context.Services.AddTransient<WebRemoteDynamicClaimsPrincipalContributorCache>();
         }
+
     }
 }

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/AspNetCore/ExceptionHandling/DefaultExceptionToErrorInfoConverter.cs

@@ -80,7 +80,16 @@ public class DefaultExceptionToErrorInfoConverter : IExceptionToErrorInfoConvert
 
         if (exception is AbpRemoteCallException remoteCallException && remoteCallException.Error != null)
         {
-            return remoteCallException.Error;
+            var remoteServiceErrorInfo = remoteCallException.Error;
+            if (remoteServiceErrorInfo.Message == AbpExceptionHandlingConsts.Unauthorized)
+            {
+                remoteServiceErrorInfo.Message = L[AbpExceptionHandlingConsts.Unauthorized];
+            }
+            if (remoteServiceErrorInfo.Details == AbpExceptionHandlingConsts.SessionExpired)
+            {
+                remoteServiceErrorInfo.Details = L[AbpExceptionHandlingConsts.SessionExpired];
+            }
+            return remoteServiceErrorInfo;
         }
 
         if (exception is AbpDbConcurrencyException)

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/AbpExceptionHandlingConsts.cs

@@ -0,0 +1,8 @@
+namespace Volo.Abp.ExceptionHandling;
+
+public static class AbpExceptionHandlingConsts
+{
+    public const string Unauthorized = "Unauthorized";
+    public const string InvalidToken = "invalid_token";
+    public const string SessionExpired = "The token is no longer valid because the user's session expired.";
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/ar.json

@@ -21,6 +21,9 @@
     "404Message": "الصفحة غير موجودة",
     "500Message": "خطأ في الخادم الداخلي",
     "403MessageDetail": "أنت غير مصرح لك لإجراء هذه العملية!",
-    "404MessageDetail": "عذرا ، لا يوجد شيء في هذا العنوان."
+    "404MessageDetail": "عذرا ، لا يوجد شيء في هذا العنوان.",
+    "Unauthorized": "غير مصرح",
+    "invalid_token": "الرمز غير صالح",
+    "The token is no longer valid because the user's session expired.": "الرمز لم يعد صالح لأن جلسة المستخدم انتهت."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/cs.json

@@ -21,6 +21,9 @@
     "404Message": "Stránka nenalezena",
     "500Message": "Interní chyba serveru",
     "403MessageDetail": "K provedení této operace nemáte oprávnění!",
-    "404MessageDetail": "Je nám líto, na této adrese nic není."
+    "404MessageDetail": "Je nám líto, na této adrese nic není.",
+    "Unauthorized": "Neoprávněno",
+    "invalid_token": "Neplatný token",
+    "The token is no longer valid because the user's session expired.": "Token již není platný, protože uživatelova relace vypršela."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/de.json

@@ -21,6 +21,9 @@
     "404Message": "Seite nicht gefunden",
     "500Message": "Interner Serverfehler",
     "403MessageDetail": "Sie sind nicht berechtigt, diesen Vorgang durchzuführen!",
-    "404MessageDetail": "Entschuldigung, unter dieser Adresse ist nichts."
+    "404MessageDetail": "Entschuldigung, unter dieser Adresse ist nichts.",
+    "Unauthorized": "Nicht autorisiert",
+    "invalid_token": "Ungültiges Token",
+    "The token is no longer valid because the user's session expired.": "Das Token ist nicht mehr gültig, weil die Sitzung des Benutzers abgelaufen ist."
   }
 }

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/el.json

@@ -21,6 +21,9 @@
     "404Message": "Η σελίδα δεν βρέθηκε",
     "500Message": "Εσωτερικό Σφάλμα Διακομιστή",
     "403MessageDetail": "Δεν είστε εξουσιοδοτημένοι να εκτελέσετε αυτήν τη λειτουργία!",
-    "404MessageDetail": "Λυπούμαστε, δεν υπάρχει τίποτα σε αυτή τη διεύθυνση."
+    "404MessageDetail": "Λυπούμαστε, δεν υπάρχει τίποτα σε αυτή τη διεύθυνση.",
+    "Unauthorized": "Μη εξουσιοδοτημένος",
+    "invalid_token": "Το token δ",
+    "The token is no longer valid because the user's session expired.": "Το token δεν είναι πλέον έγκυρο επειδή η συνεδρία του χρήστη έληξε."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/en-GB.json

@@ -20,6 +20,9 @@
     "404Message": "Page not found",
     "500Message": "Internal Server Error",
     "403MessageDetail": "You are not authorised to perform this operation!",
-    "404MessageDetail": "Sorry, there's nothing at this address."
+    "404MessageDetail": "Sorry, there's nothing at this address.",
+    "Unauthorized": "Unauthorized",
+    "invalid_token": "Invalid token",
+    "The token is no longer valid because the user's session expired.": "The token is no longer valid because the user's session expired."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/en.json

@@ -21,6 +21,9 @@
     "404Message": "Page not found",
     "500Message": "Internal Server Error",
     "403MessageDetail": "You are not authorized to perform this operation!",
-    "404MessageDetail": "Sorry, there's nothing at this address."
+    "404MessageDetail": "Sorry, there's nothing at this address.",
+    "Unauthorized": "Unauthorized",
+    "invalid_token": "Invalid token",
+    "The token is no longer valid because the user's session expired.": "The token is no longer valid because the user's session expired."
   }
 }

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/es.json

@@ -21,6 +21,9 @@
     "404Message": "Página no encontrada",
     "500Message": "Error interno de servidor",
     "403MessageDetail": "Tu no estás autorizado para realizar esta operación!",
-    "404MessageDetail": "Disculpa, no hay nada en esta dirección."
+    "404MessageDetail": "Disculpa, no hay nada en esta dirección.",
+    "Unauthorized": "No autorizado",
+    "invalid_token": "El token no es válido.",
+    "The token is no longer valid because the user's session expired.": "El token ya no es válido porque la sesión del usuario ha expirado."
   }
 }

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/fa.json

@@ -21,6 +21,9 @@
     "404Message": "صفحه موردنظر یافت نشد",
     "500Message": "خطای داخلی رخ داد",
     "403MessageDetail": "شما مجاز به انجام این عملیات نمی باشید!",
-    "404MessageDetail": "با عرض پورش، در این آدرس هیچ محتوایی وجود ندارد."
+    "404MessageDetail": "با عرض پورش، در این آدرس هیچ محتوایی وجود ندارد.",
+    "Unauthorized": "غیر مجاز",
+    "invalid_token": "توکن نامعتبر است",
+    "The token is no longer valid because the user's session expired.": "توکن دیگر نامعتبر نیست زیرا جلسه کاربر منقضی شده است."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/fi.json

@@ -21,6 +21,9 @@
     "404Message": "Sivua ei löydetty",
     "500Message": "Sisäinen palvelinvirhe",
     "403MessageDetail": "Sinulla ei ole oikeutta suorittaa tätä toimintoa!",
-    "404MessageDetail": "Valitettavasti tässä osoitteessa ei ole mitään."
+    "404MessageDetail": "Valitettavasti tässä osoitteessa ei ole mitään.",
+    "Unauthorized": "Sinulla ei ole oikeutta suorittaa tätä toimintoa!",
+    "invalid_token": "Virheellinen token",
+    "The token is no longer valid because the user's session expired.": "Token ei ole enää voimassa, koska käyttäjän istunto on vanhentunut."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/fr.json

@@ -21,6 +21,9 @@
     "404Message": "Page introuvable",
     "500Message": "Erreur Interne du Serveur",
     "403MessageDetail": "Vous n'êtes pas autorisé à effectuer cette opération!",
-    "404MessageDetail": "Désolé, il n'y a rien à cette adresse."
+    "404MessageDetail": "Désolé, il n'y a rien à cette adresse.",
+    "Unauthorized": "Non autorisé",
+    "invalid_token": "Le jeton n'est pas valide.",
+    "The token is no longer valid because the user's session expired.": "Le jeton n'est plus valide car la session de l'utilisateur a expiré."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/hi.json

@@ -21,6 +21,9 @@
     "404Message": "पृष्ठ नहीं मिला",
     "500Message": "आंतरिक सर्वर त्रुटि",
     "403MessageDetail": "आप इस ऑपरेशन को करने के लिए अधिकृत नहीं हैं!",
-    "404MessageDetail": "क्षमा करें, इस पते पर कुछ भी नहीं है।"
+    "404MessageDetail": "क्षमा करें, इस पते पर कुछ भी नहीं है।",
+    "Unauthorized": "अनधिकृत",
+    "invalid_token": "टोकन अमान्य है",
+    "The token is no longer valid because the user's session expired.": "टोकन अमान्य है क्योंकि उपयोगकर्ता का सत्र समाप्त हो गया है।"
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/hr.json

@@ -21,6 +21,9 @@
     "404Message": "Stranica nije pronađena",
     "500Message": "Interna pogreška poslužitelja",
     "403MessageDetail": "Niste ovlašteni za izvođenje ove operacije!",
-    "404MessageDetail": "Nažalost, na ovoj adresi nema ničega."
+    "404MessageDetail": "Nažalost, na ovoj adresi nema ničega.",
+    "Unauthorized": "Niste ovlašteni za izvođenje ove operacije.",
+    "invalid_token": "Neispravan token",
+    "The token is no longer valid because the user's session expired.": "Token više nije valjan jer je korisnička sesija istekla."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/hu.json

@@ -21,6 +21,9 @@
     "404Message": "Az oldal nem található",
     "500Message": "Belső Szerverhiba",
     "403MessageDetail": "Ön nem jogosult ennek a műveletnek a végrehajtására!",
-    "404MessageDetail": "Sajnos ezen a címen nincs semmi."
+    "404MessageDetail": "Sajnos ezen a címen nincs semmi.",
+    "Unauthorized": "Nem jogosult",
+    "invalid_token": "A token érv",
+    "The token is no longer valid because the user's session expired.": "A token érvényessége lejárt, mert a felhasználó munkamenete lejárt."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/is.json

@@ -21,6 +21,9 @@
     "404Message": "Síðan fannst ekki",
     "500Message": "Villa í netþjóni",
     "403MessageDetail": "Þú hefur ekki heimild fyrir þessa aðgerð!",
-    "404MessageDetail": "Því miður, það er ekkert á þessu heimilisfangi."
+    "404MessageDetail": "Því miður, það er ekkert á þessu heimilisfangi.",
+    "Unauthorized": "Óheimilt",
+    "invalid_token": "Ógildur auðkenni",
+    "The token is no longer valid because the user's session expired.": "Auðkennið er ekki lengur gildið því að notandinn er ekki lengur innskráður."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/it.json

@@ -21,6 +21,9 @@
     "404Message": "pagina non trovata",
     "500Message": "Errore interno del server",
     "403MessageDetail": "Non sei autorizzato a eseguire questa operazione!",
-    "404MessageDetail": "Spiacenti, non c'è niente a questo indirizzo."
+    "404MessageDetail": "Spiacenti, non c'è niente a questo indirizzo.",
+    "Unauthorized": "Non autorizzato",
+    "invalid_token": "Token non valido",
+    "The token is no longer valid because the user's session expired.": "Il token non è più valido perché la sessione dell'utente è scaduta."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/nl.json

@@ -21,6 +21,9 @@
     "404Message": "Pagina niet gevonden",
     "500Message": "Interne Server Fout",
     "403MessageDetail": "U bent niet bevoegd om deze handeling uit te voeren!",
-    "404MessageDetail": "Sorry, op dit adres is niks gevonden."
+    "404MessageDetail": "Sorry, op dit adres is niks gevonden.",
+    "Unauthorized": "Niet geautoriseerd",
+    "invalid_token": "Ongeldig token",
+    "The token is no longer valid because the user's session expired.": "Het token is niet langer geldig omdat de sessie van de gebruiker is verlopen."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/pl-PL.json

@@ -21,6 +21,9 @@
     "404Message": "Strona nie znaleziona",
     "500Message": "Wewnętrzny błąd serwera",
     "403MessageDetail": "Nie masz uprawnień do wykonania tej operacji!",
-    "404MessageDetail": "Przepraszamy, pod tym adresem nic nie ma."
+    "404MessageDetail": "Przepraszamy, pod tym adresem nic nie ma.",
+    "Unauthorized": "Nieautoryzowany",
+    "invalid_token": "Nieprawidłowy token",
+    "The token is no longer valid because the user's session expired.": "Token jest nieprawidłowy, ponieważ sesja użytkownika wygasła."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/pt-BR.json

@@ -21,6 +21,9 @@
     "404Message": "Página não encontrada",
     "500Message": "Erro interno do servidor",
     "403MessageDetail": "Você não está autorizado a realizar esta operação!",
-    "404MessageDetail": "Desculpe, não há nada neste endereço."
+    "404MessageDetail": "Desculpe, não há nada neste endereço.",
+    "Unauthorized": "Não autorizado",
+    "invalid_token": "Token inválido",
+    "The token is no longer valid because the user's session expired.": "O token não é mais válido porque a sessão do usuário expirou."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/ro-RO.json

@@ -21,6 +21,9 @@
     "404Message": "Pagina nu a fost găsită",
     "500Message": "Eroare internă a serverului",
     "403MessageDetail": "Nu sunteţi autorizat să efectuaţi această operaţie!",
-    "404MessageDetail": "Ne cerem scuze, nu este nimic la această adresă."
+    "404MessageDetail": "Ne cerem scuze, nu este nimic la această adresă.",
+    "Unauthorized": "Nu sunteţi autorizat să efectuaţi această operaţie.",
+    "invalid_token": "Tokenul nu este valid sau a expirat.",
+    "The token is no longer valid because the user's session expired.": "Tokenul nu mai este valid deoarece sesiunea utilizatorului a expirat."
   }
 }

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/ru.json

@@ -21,6 +21,9 @@
     "404Message": "Страница не найдена",
     "500Message": "Внутренняя ошибка сервера",
     "403MessageDetail": "У вас нет прав на выполнение этой операции!",
-    "404MessageDetail": "Извините, по этому адресу ничего нет."
+    "404MessageDetail": "Извините, по этому адресу ничего нет.",
+    "Unauthorized": "Неавторизованный",
+    "invalid_token": "Неверный токен",
+    "The token is no longer valid because the user's session expired.": "Токен больше не действителен, потому что сеанс пользователя"
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/sk.json

@@ -21,6 +21,9 @@
     "404Message": "Stránka nebola nájdená",
     "500Message": "Interná chyba servera",
     "403MessageDetail": "Nie ste oprávnený vykonávať túto operáciu!",
-    "404MessageDetail": "Je nám ľúto, ale na tejto adrese sa nič nenachádza."
+    "404MessageDetail": "Je nám ľúto, ale na tejto adrese sa nič nenachádza.",
+    "Unauthorized": "Neoprávnený",
+    "invalid_token": "Neplatný token",
+    "The token is no longer valid because the user's session expired.": "Token je neplatný, pretože platnosť relácie používateľa vypršala."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/sl.json

@@ -21,6 +21,9 @@
     "404Message": "Strani ni mogoče najti",
     "500Message": "Napaka na strani strežnika",
     "403MessageDetail": "Niste pooblaščeni za izvajanje te operacije!",
-    "404MessageDetail": "Oprostite, na tem naslovu ni ničesar."
+    "404MessageDetail": "Oprostite, na tem naslovu ni ničesar.",
+    "Unauthorized": "Niste prijavljeni!",
+    "invalid_token": "Neveljaven žeton",
+    "The token is no longer valid because the user's session expired.": "Žeton ni več veljaven, ker je uporabnikova seja potekla."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/tr.json

@@ -21,6 +21,9 @@
     "404Message": "Sayfa bulunamadı",
     "500Message": "Sunucu tarafında hata",
     "403MessageDetail": "Bu işlemi gerçekleştirmek için gereken yetkiye sahip değilsiniz!",
-    "404MessageDetail": "Üzgünüz, bu adreste bir şey yok."
+    "404MessageDetail": "Üzgünüz, bu adreste bir şey yok.",
+    "Unauthorized": "Yetkisiz",
+    "invalid_token": "Geçersiz token",
+    "The token is no longer valid because the user's session expired.": "Kullanıcının oturumu sona erdiği için token artık geçerli değil."
   }
 }

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/vi.json

@@ -21,6 +21,9 @@
     "404Message": "Không tìm thấy trang",
     "500Message": "Lỗi máy chủ nội bộ",
     "403MessageDetail": "Bạn không được phép thực hiện thao tác này!",
-    "404MessageDetail": "Xin lỗi, không có gì ở địa chỉ này."
+    "404MessageDetail": "Xin lỗi, không có gì ở địa chỉ này.",
+    "Unauthorized": "Không được phép",
+    "invalid_token": "Token không hợp lệ",
+    "The token is no longer valid because the user's session expired.": "Token không còn hợp lệ vì phiên làm việc của người dùng đã hết hạn."
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/zh-Hans.json

@@ -21,6 +21,9 @@
     "404Message": "未找到页面",
     "500Message": "内部服务器错误",
     "403MessageDetail": "您无权执行此操作！",
-    "404MessageDetail": "抱歉，这个地址没有任何信息。"
+    "404MessageDetail": "抱歉，这个地址没有任何信息。",
+    "Unauthorized": "未经授权",
+    "invalid_token": "无效的令牌",
+    "The token is no longer valid because the user's session expired.": "由于用户会话已过期，令牌不再有效。"
   }
-}
+}

framework/src/Volo.Abp.ExceptionHandling/Volo/Abp/ExceptionHandling/Localization/zh-Hant.json

@@ -21,6 +21,9 @@
     "404Message": "網頁未找到",
     "500Message": "內部伺服器錯誤",
     "403MessageDetail": "你不被授權執行此操作",
-    "404MessageDetail": "對不起，地址是空的"
+    "404MessageDetail": "對不起，地址是空的",
+    "Unauthorized": "未授權",
+    "invalid_token": "無效的令牌",
+    "The token is no longer valid because the user's session expired.": "由於使用者的會話已過期，令牌不再有效。"
   }
 }

framework/src/Volo.Abp.Http.Abstractions/Volo/Abp/Http/ClientProxyExceptionEventData.cs

@@ -5,4 +5,10 @@ public class ClientProxyExceptionEventData
     public int? StatusCode { get; set; }
 
     public string? ReasonPhrase { get; set; }
+
+    public string? Error { get; set; }
+
+    public string? ErrorDescription { get; set; }
+
+    public string? ErrorUri { get; set; }
 }

framework/src/Volo.Abp.Http.Client/Volo/Abp/Http/Client/ClientProxying/ClientProxyBase.cs

@@ -4,8 +4,10 @@ using System.Globalization;
 using System.Linq;
 using System.Net.Http;
 using System.Net.Http.Headers;
+using System.Text.RegularExpressions;
 using System.Threading;
 using System.Threading.Tasks;
+using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Microsoft.Extensions.Primitives;
 using Volo.Abp.Content;
@@ -218,10 +220,21 @@ public class ClientProxyBase<TService> : ITransientDependency
 
     protected virtual async Task ThrowExceptionForResponseAsync(HttpResponseMessage response)
     {
+        var wwwAuthenticate = response.Headers.WwwAuthenticate.ToString() ?? string.Empty;
+        var errorMatch = Regex.Match(wwwAuthenticate, "error=\"([^\"]+)\"");
+        var errorDescriptionMatch = Regex.Match(wwwAuthenticate, "error_description=\"([^\"]+)\"");
+        var errorUriMatch = Regex.Match(wwwAuthenticate, "error_uri=\"([^\"]+)\"");
+        var error = errorMatch.Success ? errorMatch.Groups.Count == 2 ? errorMatch.Groups[1].Value : null : null;
+        var errorDescription = errorDescriptionMatch.Success ? errorDescriptionMatch.Groups.Count == 2 ? errorDescriptionMatch.Groups[1].Value : null : null;
+        var errorUri = errorUriMatch.Success ? errorUriMatch.Groups.Count == 2 ? errorUriMatch.Groups[1].Value : null : null;
+
         await LocalEventBus.PublishAsync(new ClientProxyExceptionEventData()
         {
             StatusCode = (int?)response.StatusCode,
-            ReasonPhrase = response.ReasonPhrase
+            ReasonPhrase = response.ReasonPhrase,
+            Error = error,
+            ErrorDescription = errorDescription,
+            ErrorUri = errorUri,
         });
 
         if (response.Headers.Contains(AbpHttpConsts.AbpErrorFormat))
@@ -239,7 +252,8 @@ public class ClientProxyBase<TService> : ITransientDependency
                     new RemoteServiceErrorInfo
                     {
                         Message = response.ReasonPhrase,
-                        Code = response.StatusCode.ToString()
+                        Code = response.StatusCode.ToString(),
+                        Details = errorDescription
                     },
                     ex
                 )
@@ -259,7 +273,8 @@ public class ClientProxyBase<TService> : ITransientDependency
                 new RemoteServiceErrorInfo
                 {
                     Message = response.ReasonPhrase,
-                    Code = response.StatusCode.ToString()
+                    Code = response.StatusCode.ToString(),
+                    Details = errorDescription
                 }
             )
             {

framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/AbpClaimsPrincipalFactory.cs

@@ -1,4 +1,5 @@
-using System.Security.Claims;
+using System;
+using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Options;
@@ -10,14 +11,14 @@ public class AbpClaimsPrincipalFactory : IAbpClaimsPrincipalFactory, ITransientD
 {
     public static string AuthenticationType => "Abp.Application";
 
-    protected IServiceScopeFactory ServiceScopeFactory { get; }
+    protected IServiceProvider ServiceProvider { get; }
     protected AbpClaimsPrincipalFactoryOptions Options { get; }
 
     public AbpClaimsPrincipalFactory(
-        IServiceScopeFactory serviceScopeFactory,
+        IServiceProvider serviceProvider,
         IOptions<AbpClaimsPrincipalFactoryOptions> abpClaimOptions)
     {
-        ServiceScopeFactory = serviceScopeFactory;
+        ServiceProvider = serviceProvider;
         Options = abpClaimOptions.Value;
     }
 
@@ -33,33 +34,30 @@ public class AbpClaimsPrincipalFactory : IAbpClaimsPrincipalFactory, ITransientD
 
     public virtual async Task<ClaimsPrincipal> InternalCreateAsync(AbpClaimsPrincipalFactoryOptions options, ClaimsPrincipal? existsClaimsPrincipal = null, bool isDynamic = false)
     {
-        using (var scope = ServiceScopeFactory.CreateScope())
-        {
-            var claimsPrincipal = existsClaimsPrincipal ?? new ClaimsPrincipal(new ClaimsIdentity(
-                AuthenticationType,
-                AbpClaimTypes.UserName,
-                AbpClaimTypes.Role));
+        var claimsPrincipal = existsClaimsPrincipal ?? new ClaimsPrincipal(new ClaimsIdentity(
+            AuthenticationType,
+            AbpClaimTypes.UserName,
+            AbpClaimTypes.Role));
 
-            var context = new AbpClaimsPrincipalContributorContext(claimsPrincipal, scope.ServiceProvider);
+        var context = new AbpClaimsPrincipalContributorContext(claimsPrincipal, ServiceProvider);
 
-            if (!isDynamic)
+        if (!isDynamic)
+        {
+            foreach (var contributorType in options.Contributors)
             {
-                foreach (var contributorType in options.Contributors)
-                {
-                    var contributor = (IAbpClaimsPrincipalContributor)scope.ServiceProvider.GetRequiredService(contributorType);
-                    await contributor.ContributeAsync(context);
-                }
+                var contributor = (IAbpClaimsPrincipalContributor)ServiceProvider.GetRequiredService(contributorType);
+                await contributor.ContributeAsync(context);
             }
-            else
+        }
+        else
+        {
+            foreach (var contributorType in options.DynamicContributors)
             {
-                foreach (var contributorType in options.DynamicContributors)
-                {
-                    var contributor = (IAbpDynamicClaimsPrincipalContributor)scope.ServiceProvider.GetRequiredService(contributorType);
-                    await contributor.ContributeAsync(context);
-                }
+                var contributor = (IAbpDynamicClaimsPrincipalContributor)ServiceProvider.GetRequiredService(contributorType);
+                await contributor.ContributeAsync(context);
             }
-
-            return context.ClaimsPrincipal;
         }
+
+        return context.ClaimsPrincipal;
     }
 }