5.5 > 5.8 upgrade with Credentials

Hi, I am upgrading from 5.5 to 5.8. We use CredentialsAuthProvider, with a custom RoleBasedAuthRepository which derives from OrmLiteAuthRepositoryMultiTenancy.

After upgrading, I get the following stack trace when POSTing to /api/auth/credentials. I have looked in OnAuthenticated, and the only call I can see to GetAuthProvider is when it loops through the AuthTokens, and this is null or empty. Any ideas?

	"responseStatus": {
		"errorCode": "ArgumentNullException",
		"message": "Value cannot be null.\r\nParameter name: provider",
		"stackTrace": "[Authenticate: 05/02/2020 14:54:15]:\n[REQUEST: {provider:credentials,userName:xxxxxx,password:xxxxx,rememberMe:True}]\nSystem.ArgumentNullException: Value cannot be null.\r\nParameter name: provider\r\n   at 
		ServiceStack.Auth.AuthenticateService.GetAuthProvider(String provider)\r\n   at 
		ServiceStack.Auth.CredentialsAuthProvider.OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary`2 authInfo)\r\n   at ServiceStack.Auth.CredentialsAuthProvider.Authenticate(IServiceBase authService, IAuthSession session, String userName, String password, String referrerUrl)\r\n   at ServiceStack.Auth.CredentialsAuthProvider.Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)\r\n   at 
		ServiceStack.Auth.AuthenticateService.Post(Authenticate request)\r\n   at ServiceStack.Host.ServiceRunner`1.<ExecuteAsync>d__15.MoveNext()",
		"errors": [
				"errorCode": "ArgumentNullException",
				"fieldName": "provider",
				"message": "Value cannot be null.\r\n"

Can you inspect your session to see if session.ProviderOAuthAccess is populated and one of the IAuthTokens entries has a null Provider?

Afraid not - I can’t see how the code is being called.

Ignore me yes - this is populated with a load of user objects for some reason - the provider field is not populated. I can ensure this is populated, but is this the right behaviour i.e. have a load of user records?

Yeah the provider field should be populated with the oAuth provider used to populate it.