ASP.Net WebAPI OWIN: Why would Request.GetOwinContext() return null?

Question

In my production code we're having a problem where Request.GetOwinContext() always returns null.

I setup a small test WebAPI controller to try and isolate the problem:

    public class TestController : ApiController
{
    [HttpGet]
    public async Task<IHttpActionResult> GetAsyncContext(string provider)
    {
        if (HttpContext.Current.GetOwinContext() == null)
            return this.BadRequest("No HttpContext.Current Owin Context");

        if (Request.GetOwinContext() == null)
            return this.BadRequest("No Owin Context");

        return this.Ok();
    }

    [HttpGet]
    public IHttpActionResult GetContext(string provider)
    {
        if (HttpContext.Current.GetOwinContext() == null)
            return this.BadRequest("No HttpContext.Current Owin Context");

        if (Request.GetOwinContext() == null)
            return this.BadRequest("No Owin Context");

        return this.Ok();
    }
}

At first I thought it might have something to do with the action method running asynchronously, but after running the above, it turns out that in both versions, Request.GetOwinContext() returns null.

I am using Microsoft.AspNet.WebApi.Owin.5.1.1 (which is where it seems the GetOwinContext() extension method is defined).

Any ideas on what's happening here???

Answer 1

Another cause (especially after upgrading form ASP.NET MVC4 and / or Empty WebApi Template) is missing Startup.cs file in the root of WebAPI project.

Also, make sure that you have installed Microsoft.Owin.Host.SystemWeb package.

using System;
using System.Collections.Generic;
using System.Linq;
using Microsoft.Owin;
using Owin;

[assembly: OwinStartup(typeof(TestMVC5.Startup))]

namespace TestMVC5
{
    public partial class Startup
    {
        public void Configuration(IAppBuilder app)
        {
            ConfigureAuth(app);
        }
    }
}

Answer 2

I encountered similar issue. To fix this make sure below lines (with call to method CreatePerOwinContext) are there in your Startup.Auth.cs file in ConfigureAuth

method.

Your method may look like

    public void ConfigureAuth(IAppBuilder app)
    {
        // Configure the db context, user manager and role manager to use a single instance per request
        app.CreatePerOwinContext(ApplicationDbContext.Create);
        app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
        app.CreatePerOwinContext<ApplicationRoleManager>(ApplicationRoleManager.Create);
        app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);

        // Enable the application to use a cookie to store information for the signed in user
        // and to use a cookie to temporarily store information about a user logging in with a third party login provider
        // Configure the sign in cookie
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            Provider = new CookieAuthenticationProvider
            {
                // Enables the application to validate the security stamp when the user logs in.
                // This is a security feature which is used when you change a password or add an external login to your account.  
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                    validateInterval: TimeSpan.FromMinutes(30),
                    regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
            }
        });
        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

        // Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
        app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));

        // Enables the application to remember the second login verification factor such as phone or email.
        // Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from.
        // This is similar to the RememberMe option when you log in.
        app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);

        // Uncomment the following lines to enable logging in with third party login providers
        //app.UseMicrosoftAccountAuthentication(
        //    clientId: "",
        //    clientSecret: "");

        //app.UseTwitterAuthentication(
        //   consumerKey: "",
        //   consumerSecret: "");

        //app.UseFacebookAuthentication(
        //   appId: "",
        //   appSecret: "");

        //app.UseGoogleAuthentication(
        //    clientId: "",
        //    clientSecret: "");
    }