4

I'm recieving the following error:

{"A claim of type 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier' or 'http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider' was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication, please verify that the configured claims provider is providing both of these claims on the ClaimsIdentity instances it generates. If the configured claims provider instead uses a different claim type as a unique identifier, it can be configured by setting the static property AntiForgeryConfig.UniqueClaimTypeIdentifier."}

I have tried Anti-forgery token issue (MVC 5) with no success.

Error is occuring on 

@Html.AntiForgeryToken()

Generic Startup.cs

public class Startup
{
    public void Configuration(IAppBuilder app)
    {
        AuthConfig.ConfigureAuth(app);
    }
}

Admin Controller Login Method

[HttpPost]
public ActionResult Login(Models.AdminUserLogin LoginModel)
{
    if (ModelState.IsValid)
    {
        if (isUserValid(LoginModel.EmailAddr, LoginModel.Password))
        {
            List<Claim> claims = new List<Claim>
            {
                new Claim(ClaimTypes.Email, LoginModel.EmailAddr),
               //some other claims
            };

            ClaimsIdentity identity = new ClaimsIdentity(claims, AuthConfig.DefaultAuthType);
            IAuthenticationManager authManager = Request.GetOwinContext().Authentication;
            authManager.SignIn(new AuthenticationProperties() { IsPersistent = true }, identity);

            return RedirectToAction("Manage");
        }
        else
        {
            ModelState.AddModelError("", "Username and/or password incorrect");
        }
    }
    return View(LoginModel);
}

Any ideas would be very appreciated.

Community
  • 1
  • 1
TobusBoulton
  • 181
  • 1
  • 14
  • try removing AuthConfig.ConfigureAuth(app); and see what happens – Scott Selby Aug 20 '15 at 06:21
  • @ScottSelby removing that makes all authorized pages display unauthorized error. – TobusBoulton Aug 20 '15 at 06:26
  • Could you show "ConfigureAuth" method? I create new basic project in VS2013, add standard OWIN ConfigureAuth with "app.UseCookieAuthentication(...) and add your post logic Login and everything is okey. I use packages: "Microsoft.Owin.Security", "Microsoft.Owin" and "Microsoft.Owin.Security.Cookies" – Adrian Tarnowski Aug 20 '15 at 07:40

1 Answers1

4

You need both this two claims in your ClaimsIdentity to anti forgery token works:

List<Claim> claims = new List<Claim>
{
    // adding following 2 claim just for supporting default antiforgery provider
    new Claim(ClaimTypes.NameIdentifier, LoginModel.EmailAddr),
    new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity", "http://www.w3.org/2001/XMLSchema#string"),

    // your other claimes
    new Claim(ClaimTypes.Email, LoginModel.EmailAddr),
    //some other claims
};
Sam FarajpourGhamari
  • 14,601
  • 4
  • 52
  • 56
  • I've added both those Claims but I get the following error. System.Web.Mvc.HttpAntiForgeryException: 'The provided anti-forgery token was meant for a different claims-based user than the current user.' Happens also If I added `DefaultNameClaimType` instead along with `AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimsIdentity.DefaultNameClaimType;` – DevEng Feb 21 '18 at 19:09