HTTP 500 error (OSOE-633)

[DemeSzabolcs]

The Privacy module sometimes throws the error below:

2023-05-04 21:20:31.6287|Redacted|Redacted||Microsoft.AspNetCore.Server.IIS.Core.IISHttpServer|ERROR|Connection ID "Redacted", Request ID "Redacted": An unhandled exception was thrown by the application. System.NullReferenceException: Object reference not set to an instance of an object.
   at Lombiq.Privacy.Startup.IsConsentNeededAsync(HttpContext httpContext) in E:\Projects\Redacted\Redacted\Redacted\src\Modules\Lombiq.Privacy\Lombiq.Privacy\Startup.cs:line 53
   at Lombiq.Privacy.Startup.<>c.<ConfigureServices>b__1_1(HttpContext context) in E:\Projects\Redacted\Redacted\Redacted\src\Modules\Lombiq.Privacy\Lombiq.Privacy\Startup.cs:line 42
   at Microsoft.AspNetCore.CookiePolicy.ResponseCookiesWrapper.get_IsConsentNeeded()
   at Microsoft.AspNetCore.CookiePolicy.ResponseCookiesWrapper.ApplyAppendPolicy(String& key, String& value, CookieOptions options)
   at Microsoft.AspNetCore.CookiePolicy.ResponseCookiesWrapper.Append(String key, String value, CookieOptions options)
   at Microsoft.AspNetCore.CookiePolicy.ResponseCookiesWrapper.Append(String key, String value, CookieOptions options)
   at Microsoft.AspNetCore.Authentication.Cookies.ChunkingCookieManager.AppendResponseCookie(HttpContext context, String key, String value, CookieOptions options)
   at Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler.FinishResponseAsync()
   at Microsoft.AspNetCore.Server.IIS.Core.IISHttpContext.FireOnStarting()    at Lombiq.Privacy.Startup.IsConsentNeededAsync(HttpContext httpContext) in E:\Projects\Redacted\Redacted\Redacted\src\Modules\Lombiq.Privacy\Lombiq.Privacy\Startup.cs:line 53
   at Lombiq.Privacy.Startup.<>c.<ConfigureServices>b__1_1(HttpContext context) in E:\Projects\Redacted\Redacted\Redacted\src\Modules\Lombiq.Privacy\Lombiq.Privacy\Startup.cs:line 42
   at Microsoft.AspNetCore.CookiePolicy.ResponseCookiesWrapper.get_IsConsentNeeded()
   at Microsoft.AspNetCore.CookiePolicy.ResponseCookiesWrapper.ApplyAppendPolicy(String& key, String& value, CookieOptions options)
   at Microsoft.AspNetCore.CookiePolicy.ResponseCookiesWrapper.Append(String key, String value, CookieOptions options)
   at Microsoft.AspNetCore.CookiePolicy.ResponseCookiesWrapper.Append(String key, String value, CookieOptions options)
   at Microsoft.AspNetCore.Authentication.Cookies.ChunkingCookieManager.AppendResponseCookie(HttpContext context, String key, String value, CookieOptions options)
   at Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler.FinishResponseAsync()
   at Microsoft.AspNetCore.Server.IIS.Core.IISHttpContext.FireOnStarting()

The error seems to be happening after some time passing, 30-40 minutes.

There is a quick fix implemented for it (#60). The fix just requests consent consentService is null which would result in a new cookie popup, but it results in the following:

Now I tried logged in, unauthenticated too, and no repro (didn’t get a new cookie popup either though).

Guess:
The above mentioned fix, would make a new cookie popup appear when the error happens. Which didn't happen, so my guess is that the app enters Privacy's Startup.cs multiple times, consentService would be null (now it returns true with the above mentioned fix), but since it no longer fails, it enters again, and for some reason this time it loads the service, so it can get the saved value (this is why no new popup appears).

Jira issue

[Piedone]

This is here only if we see it happening again, can repro it reliably and thus need to implement a more proper fix.

[Piedone]

We didn't see this since then.