I have a service project (WCF) and MVC project which uses same database, to handle service part for Mobile and Interface part. I have to set up email confirmation on both.
I have used OWIN ASP.NET 2.0 library for authentication, and both projects have separate UserManagers.
For MVC
public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
{
  var dataProtectionProvider = options.DataProtectionProvider;
  if (dataProtectionProvider != null)
  {
    manager.UserTokenProvider = new DataProtectorTokenProvider<ApplicationUser>dataProtectionProvider.Create("ASP.NET"));
  }
}
For WCF
var provider = new Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider("ASP.NET");
UserManager.UserTokenProvider =new Microsoft.AspNet.Identity.Owin.DataProtectorTokenProvider<ApplicationUser>(
provider.Create("EmailConfirm"));
var code = idManager.UserManager.GenerateEmailConfirmationToken(appuser.Id);
The Problem The email confirmation token generated in MVC works fine.
In WCF when i create an email confirmation token, it needs to be verified from MVC website. Here it gives me "Invalid Token".
I think it is due to the Token Codes not matching, I tried to make them same as i can, but don't really know which one goes where between Wcf and MVC.
btw. I am testing on localhost from Visual studio.
I found the solution. The problem was the DataProtectionProvider.
On MVC, it was getting from:
public static ApplicationUserManager    
    Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
    {
      var dataProtectionProvider = **options.DataProtectionProvider**;
On WCF, it was from:
var provider = new Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider("ASP.NET");
So I used same as WCF in MVC:
var dataProtectionProvider = new Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider("ASP.NET");
Also, the key point is:
HttpUtility.UrlEncode to encode the token code.Example:
var code = UserManager.GenerateEmailConfirmationToken(appuser.Id);    
var callbackUrl = string.Format("http://MVCSite/Account/ConfirmEmail?userId={0}&code={1}",    HttpUtility.UrlEncode(appuser.Id), HttpUtility.UrlEncode(code));
Update
For anyone trying to host multiple projects, you need one of these two things to be the same to still be able to use the confirmation code:
Email Confirmation Error Invalid Token AspNet Identity
http://gunaatita.com/Blog/How-to-Generate-Machine-Key-using-IIS/1058
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With