I am trying to confirm a user email using Asp.net Identity 2.0. As suggested by several blogs, I put machineKey in a Web.Config file so that encryption and decryption work on the Azure website. Locally, I cannot create a token. When I try to confirm (the token generated by my web api) using the UserManager.ConfirmEmailAsync method, I get an "Invalid Token". I tried UrlEncoding my code, but it did not work. I can not find enough help to solve this problem.
The email generation code is as follows
code = HttpUtility.UrlEncode(UserManager.GenerateEmailConfirmationToken(identityUser.Id));
_logger.Info("Generate confiruation token: " + code);
string link = model.ConfirmUrl + string.Format("?userId={0}&code={1}", HttpUtility.UrlEncode(identityUser.Id), code);
Configuration.Services.GetTraceWriter().Info(Request, Category, "Account GenereatedLink: " + link);
UserManager.SendEmail(identityUser.Id, "Contactbook confirmation", link);
Confirm Email Code
IdentityResult idResult = await UserManager.ConfirmEmailAsync(userId, code);
IHttpActionResult result = GetErrorResult(idResult);
Launch Code .auth.cs
app.CreatePerOwinContext(CBIndentityDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
app.UseOAuthBearerTokens(OAuthOptions);
AuthorizationManager.cs
public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
{
var appDbContext = context.Get<CBIndentityDbContext>();
var appUserManager = new ApplicationUserManager(new UserStore<IdentityUser>(appDbContext));
appUserManager.UserValidator = new UserValidator<IdentityUser>(appUserManager)
{
AllowOnlyAlphanumericUserNames = true,
RequireUniqueEmail = true
};
appUserManager.PasswordValidator = new PasswordValidator
{
RequiredLength = 7,
RequireDigit = false
};
appUserManager.EmailService = new ContactbookEmailService();
var dataProtectionProvider = options.DataProtectionProvider;
if (dataProtectionProvider != null)
{
appUserManager.UserTokenProvider = new DataProtectorTokenProvider<IdentityUser>(dataProtectionProvider.Create("ASP.NET Identity"))
{
TokenLifespan = TimeSpan.FromHours(6)
};
}
return appUserManager;
}
Web.config
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5.2" />
<machineKey decryptionKey="6F7DEAA44E5E06B6B7480B055FF39960D69AD32BCBB178EB" validationKey="17D85F8147CF02697D16B05726B9D68E473A3BF79EB79AE4E7EF8E84DA6CCC46BFFB975741DA4D1F37F0EF41651422A2745296BA953CE0370D4337E2900C2A18" validation="SHA1" decryption="Auto" />
, machineKey. machinKey, EmailConfirmation Azure.
.