确认电子邮件上的 aspnet 身份无效令牌 [英] aspnet identity invalid token on confirmation email

问题描述

我正在尝试确认一个帐户，但收到无效令牌".错误.

I'm trying to confirm an account but I'm getting "invalid token." error.

这是我正在尝试的:

var code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
var callbackUrl = Url.Action("ConfirmacaoEmail", "Usuario", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);

await UserManager.SendEmailAsync(user.Id, "Ativação de Conta", user.GetEmailAtivacao(model.Nome, callbackUrl));

如果我在此代码后调用 UserManager.ConfirmEmailAsync，我可以确认帐户.但是，如果我打开它位于变量 callbackUrl 内的链接并尝试通过该操作进行确认，则会收到错误消息.

if I call UserManager.ConfirmEmailAsync after this code, I can confirm the account. However, if I open the link that it's inside the variable callbackUrl and try to confirm through that action, I'm getting the error.

我认为这可能与 OwinContext 有关，所以我决定调用 HttpContext.GetOwinContext().GetUserManager 但我遇到了同样的错误.

I thought it could be something with OwinContext, so I've decided to call HttpContext.GetOwinContext().GetUserManager<MyCustomUserService> but I'm getting the same error.

有什么线索吗?

推荐答案

很可能是浏览器修改了传输中的代码.尝试对令牌执行 UrlEncode:

Most likely that the code in transit is modified by browser. Try doing UrlEncode on the token:

var code = await userManager.GenerateEmailConfirmationTokenAsync(userId);
code = System.Web.HttpUtility.UrlEncode(code);

否则浏览器会弄乱令牌中可能出现的特殊符号.

Otherwise browser messes with the special symbols that can be present in the token.

这篇关于确认电子邮件上的 aspnet 身份无效令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！