Could not load file or assembly Microsoft.Owin.Security.OAuth, Version=2.0.0.0

Question

I have a MVC project with OAuth authentication, every time I try to debug the project i get a FileLoadException upon configuring the IAppBuilder. I have installed version 3.0.1 of Microsoft.Owin.Security.Oauth using the PMC but I guess somewhere still lies a reference to an older version of the package because...

This is the exception:

This is where it is thrown:

public partial class Startup
{
    public void Configuration(IAppBuilder app)
    {
        ConfigureAuth(app); //Exception is thrown here
    }
}

This is my packages.config:

<?xml version="1.0" encoding="utf-8"?>
<packages>
  <package id="Antlr" version="3.4.1.9004" targetFramework="net45" />
  <package id="CommonServiceLocator" version="1.3" targetFramework="net45" />
  <package id="EntityFramework" version="6.0.0" targetFramework="net45" />
  <package id="jQuery" version="1.10.2" targetFramework="net45" />
  <package id="jQuery.Validation" version="1.11.1" targetFramework="net45" />
  <package id="log4net" version="2.0.3" targetFramework="net45" />
  <package id="Microsoft.AspNet.Identity.Core" version="1.0.0" targetFramework="net45" />
  <package id="Microsoft.AspNet.Identity.EntityFramework" version="1.0.0" targetFramework="net45" />
  <package id="Microsoft.AspNet.Identity.Owin" version="1.0.0" targetFramework="net45" />
  <package id="Microsoft.AspNet.Mvc" version="5.0.0" targetFramework="net45" />
  <package id="Microsoft.AspNet.Razor" version="3.2.3" targetFramework="net45" />
  <package id="Microsoft.AspNet.Web.Optimization" version="1.1.1" targetFramework="net45" />
  <package id="Microsoft.AspNet.WebApi" version="5.0.0" targetFramework="net45" />
  <package id="Microsoft.AspNet.WebApi.Client" version="5.2.3" targetFramework="net45" />
  <package id="Microsoft.AspNet.WebApi.Core" version="5.2.3" targetFramework="net45" />
  <package id="Microsoft.AspNet.WebApi.HelpPage" version="5.0.0" targetFramework="net45" />
  <package id="Microsoft.AspNet.WebApi.Owin" version="5.0.0" targetFramework="net45" />
  <package id="Microsoft.AspNet.WebApi.WebHost" version="5.0.0" targetFramework="net45" />
  <package id="Microsoft.AspNet.WebPages" version="3.2.3" targetFramework="net45" />
  <package id="Microsoft.jQuery.Unobtrusive.Validation" version="3.0.0" targetFramework="net45" />
  <package id="Microsoft.Owin" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Host.SystemWeb" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Security" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Security.Cookies" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Security.Google" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Owin.Security.OAuth" version="3.0.1" targetFramework="net45" />
  <package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net45" />
  <package id="Modernizr" version="2.6.2" targetFramework="net45" />
  <package id="Newtonsoft.Json" version="7.0.1" targetFramework="net45" />
  <package id="Owin" version="1.0" targetFramework="net45" />
  <package id="Unity" version="3.5.1404.0" targetFramework="net45" />
  <package id="WebGrease" version="1.6.0" targetFramework="net45" />
</packages>

I tried adding binding redirect as such:

<dependentAssembly>
    <assemblyIdentity name="Microsoft.Owin.Security.OAuth" PublicKeyToken="31bf3856ad364e35"/>
    <bindingRedirect oldVersion="1.0.0.0-3.0.1.0" newVersion="3.0.1.0"/>
</dependentAssembly> 

Can´t understand why this doesn´t work, does Visual Studio make a difference between 3.0.1 and 3.0.1.0?

I tried removing obj and bin folders, cleaning projects and rebuilding them.

I tried deleting all nuget packages and restoring them.

I tried reinstalling all Owin packages.

I´ve used Agent Ransack to search my entire source directory for any file containing Microsoft.Owin.Security.OAuth but found no references to version 2.0.0.0 or any other version besides the correct 3.0.1.0.

I´m stuck, any ideas?

Answer 1

Ok, so just in case anyone else ends up with this problem;

The problem was that the Microsoft.AspNet.Identity.Owin package is depending on Microsoft.Owin.Security.OAuth and there was a mismatch in version.

  <package id="Microsoft.AspNet.Identity.Core" version="1.0.0" targetFramework="net45" />
  <package id="Microsoft.AspNet.Identity.EntityFramework" version="1.0.0" targetFramework="net45" />
  <package id="Microsoft.AspNet.Identity.Owin" version="1.0.0" targetFramework="net45" />

Apparently, even though Microsoft.AspNet.Identity.Owin requires >= v2.0 of Microsoft.Owin.Security.OAuth , having v3+ of Microsoft.Owin.Security.OAuth will break the compatibility (major version inconsistency).

After I had updated Microsoft.AspNet.Identity.Owin package and its adjacent family members Microsoft.AspNet.Identity.EntityFramework and Microsoft.AspNet.Identity.Core I removed all packages, bin and obj folders and rebuilt solution. Voila!

A tip to the VS2013+ Ultimate user is to use the NuGet Package Visualizer when exploring package dependencies.

Answer 2

Check your references. Remove the Microsoft.Owin.Security.OAuth from everywhere, then restore all nuget packages.