Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

aspnet identity invalid token on confirmation email

I'm trying to confirm an account but I'm getting "invalid token." error.

Here's what I'm trying:

var code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
var callbackUrl = Url.Action("ConfirmacaoEmail", "Usuario", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);

await UserManager.SendEmailAsync(user.Id, "Ativação de Conta", user.GetEmailAtivacao(model.Nome, callbackUrl));

if I call UserManager.ConfirmEmailAsync after this code, I can confirm the account. However, if I open the link that it's inside the variable callbackUrl and try to confirm through that action, I'm getting the error.

I thought it could be something with OwinContext, so I've decided to call HttpContext.GetOwinContext().GetUserManager<MyCustomUserService> but I'm getting the same error.

Any clues?

like image 299
Thiago Custodio Avatar asked Dec 17 '14 21:12

Thiago Custodio


1 Answers

Most likely that the code in transit is modified by browser. Try doing UrlEncode on the token:

var code = await userManager.GenerateEmailConfirmationTokenAsync(userId);
code = System.Web.HttpUtility.UrlEncode(code);

Otherwise browser messes with the special symbols that can be present in the token.

like image 131
trailmax Avatar answered Sep 19 '22 07:09

trailmax