ASP.Net Identity GenerateEmailConfirmationTokenAsync fails

Question

I am working on a MVC project to separate identity stuff from the startup MVC project. On user registration when executes the line

UserManager.GenerateEmailConfirmationTokenAsync(userId)

it will throw System.ArgumentException with message

If a list of purposes is specified, the list cannot contain null entries or entries that are comprised solely of whitespace characters. Parameter name: purposes

Stack trace

at System.Web.Security.MachineKey.Protect(Byte[] userData, String[] purposes)
   at Microsoft.Owin.Host.SystemWeb.DataProtection.MachineKeyDataProtector.Protect(Byte[] userData)
   at Microsoft.Owin.Security.DataProtection.AppBuilderExtensions.CallDataProtectionProvider.CallDataProtection.Protect(Byte[] userData)
   at Microsoft.AspNet.Identity.Owin.DataProtectorTokenProvider`2.<GenerateAsync>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.AspNet.Identity.UserManager`2.<GenerateUserTokenAsync>d__fe.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
   at Robot.ACG.Web.Controllers.AccountController.<Register>d__15.MoveNext() in...

Any Ideas?

I create the user above this line and gets the created users id in to this. in my case this is an int. — Asiri Dissanayaka, Mar 07 '17 at 11:23
According to Microsoft, this method expects a `TKey` argument. Check out this thread, get a proper `user` object and pass its `id´ **property** instead: http://stackoverflow.com/questions/22755700/revoke-token-generated-by-usertokenprovider-in-asp-net-identity-2-0 — LocEngineer, Mar 07 '17 at 11:32
There is no problem with the user.Id. I've checked against the database. — Asiri Dissanayaka, Mar 07 '17 at 11:43

score 1 · Answer 1 · edited Feb 22 '19 at 12:47

1

GenerateEmailConfirmationTokenAsync generates a token. Problem might come from your different servers:

If your token was generated on one server, and then attempting to validate it on another. Reason for that is that the token is protected via MachineKey.Protect. That is configured on OWIN initialisation.

From Max Vasilyev, Trailmax Tech.

edited Feb 22 '19 at 12:47

Martijn Pieters

1,048,767
296
4,058
3,343

answered Mar 07 '17 at 11:03

Muhammad Saqlain

2,112
4
33
48

In my case I have both projects in same solution. So I hope the machine key will be the same. I tried with machinekey in web.config also. Still the same. – Asiri Dissanayaka Mar 07 '17 at 11:37
1

Its all about token. If you call ConfirmEmailAsync then the token is passed to VerifyUserTokenAsync(userId, "Confirmation", token) where “Confirmation” is a purpose. – Muhammad Saqlain Mar 07 '17 at 12:02
1

@AsiriDissa: Machine key has nothing to do with the solution. Machine keys, by default, are generated per site in IIS. If you need to share the machine key between sites, you need to generate one in IIS and then apply it in the Web.config of each site manually. – Chris Pratt Mar 07 '17 at 13:56

score 0 · Answer 2 · answered Apr 08 '17 at 18:39

0

I think your problem is that you should not pass an Id, but a user, at least when you are using asp.net Core:

UserManager.GenerateEmailConfirmationTokenAsync(user)

answered Apr 08 '17 at 18:39

Pieter van Kampen

1,957
17
21

ASP.Net Identity GenerateEmailConfirmationTokenAsync fails

2 Answers2