OnValidateIdentity disables the MVC OWIN remember me option

Question

When I activate the OWIN logout-everywhere feature via security stamps and use the OnValidateIdentity-Callback of the CookieAuthenticationProvider

Answer 1

I have found the following code in the disassembly of SecurityStampValidator.OnValidateIdentity:

// .. some other code
// ...
ClaimsIdentity claimsIdentity = await regenerateIdentityCallback(userManager, tUser);
if (claimsIdentity != null){
context.get_OwinContext().get_Authentication().SignIn(new ClaimsIdentity[]
    {
       claimsIdentity
    });
}

It seems to me, that the SignIn-operation is incomplete and should set the remember-me option? Therefore I assume that the implementation of SecurityStampValidator is buggy.