stackoom
  简体   繁体   中英

Issue with Asp.net identity Email Confirmation Token: “Invalid Token”

 原文  2017-10-08 03:40:04       c#/ asp.net/ asp.net-mvc/ asp.net-identity/ asp.net-identity-2

Question

I am using asp.net identity and have the following partial code in my Account/Register method:

string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);

string codeHtmlVersion = HttpUtility.UrlEncode(code);

var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = codeHtmlVersion }, protocol: Request.Url.Scheme);

I then send the callbackUrl to the user in an email. When I debug the code, I see the following values:

code: "GE2HDQSSjAboLqEBdBv5rTjyksC09o110uqa4Dh+02TK4R+lhwgfjEaFiZkOc9GfQBKKryTTIgeITlgDgtvnDtVvk6SJyAjw7iuSPdNe+9tfUhcReAn50YqZp0aYbHy2QyHLc7EAUSyd/SJpCHdlgRsaAdOqpBPlI4zcd3FlbuMxiRdjHJq3q2K12YdQWcCF"

codeHtmlVersion: "GE2HDQSSjAboLqEBdBv5rTjyksC09o110uqa4Dh%2b02TK4R%2blhwgfjEaFiZkOc9GfQBKKryTTIgeITlgDgtvnDtVvk6SJyAjw7iuSPdNe%2b9tfUhcReAn50YqZp0aYbHy2QyHLc7EAUSyd%2fSJpCHdlgRsaAdOqpBPlI4zcd3FlbuMxiRdjHJq3q2K12YdQWcCF"

Then in my ConfirmEmail method, I reverse the values (or so I intend to):

public async Task<ActionResult> ConfirmEmail(string userId, string code)
{
  string codeHtmlVersion = HttpUtility.UrlEncode(code);

  var result = await UserManager.ConfirmEmailAsync(userId, codeHtmlVersion);
  ....
}

When the user clicks on the confirmation link from his email, in my debug session, I see the following values:

code: "GE2HDQSSjAboLqEBdBv5rTjyksC09o110uqa4Dh%2b02TK4R%2blhwgfjEaFiZkOc9GfQBKKryTTIgeITlgDgtvnDtVvk6SJyAjw7iuSPdNe%2b9tfUhcReAn50YqZp0aYbHy2QyHLc7EAUSyd%2fSJpCHdlgRsaAdOqpBPlI4zcd3FlbuMxiRdjHJq3q2K12YdQWcCF"

codeHtmlVersion: "GE2HDQSSjAboLqEBdBv5rTjyksC09o110uqa4Dh%252b02TK4R%252blhwgfjEaFiZkOc9GfQBKKryTTIgeITlgDgtvnDtVvk6SJyAjw7iuSPdNe%252b9tfUhcReAn50YqZp0aYbHy2QyHLc7EAUSyd%252fSJpCHdlgRsaAdOqpBPlI4zcd3FlbuMxiRdjHJq3q2K12YdQWcCF"

So as it can be seen my code is changing somehow and so the user receives the "Invalid Token" error message. Can someone help me figure out what I'm doing wrong here? Much appreciated.

2 answers

solution1
 4 ACCPTED  2017-10-08 05:12:19

You are encoding a second time when you want to be decoding in ConfirmEmail

string codeHtmlVersion = HttpUtility.UrlDecode(code);

Analyzing how your token is getting changed:

  1. + becomes %2b after encoding for the first time
  2. %2b becomes %252b after encoding the second time (it encodes the % symbol to %25)

solution2
 0  2020-02-09 14:21:02

以下代码对我有用:

 HttpUtility.HtmlDecode(code);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ASP.NET Identity Email Confirmation Invalid Token ASP.NET Identity 2 Email Confirmation Invalid Token Email Confirmation Error Invalid Token AspNet Identity ASP.NET Identity - Token Email Confirmation with MVC 5 and Asp.net Identity ASP.Net Identity “Invalid token” on password reset with * in password Asp.NET - Identity 2 - Invalid Token Error - Php ASP.NET Identity WebAPI invalid password reset token ASP.NET Identity 2.0 Invalid Token Randomly Asp.NET Identity 2 giving "Invalid Token" error
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM