owin

I've just cloned a project to a new machine and I'm getting a hard-to-debug NullReferenceException on a MVC site with OWIN: [NullReferenceException: Object reference not set to an instance of an object.] Microsoft.Owin.Security.Cookies.<AuthenticateCoreAsync>d__0.MoveNext() +664 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +93 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +52 System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() +24 Microsoft.Owin.Security.Infrastructure.<BaseInitializeAsync>d__2.MoveNext() +860

I have a multi-tenant application where each tenant can define their own ClientID, Authority, etc for either WsFed or OpenIdConnect. All the tenants are registered in the OwinStartup as below: public void Configuration(IAppBuilder app) { List<WsFederationAuthenticationOptions> WsFedTenantOptions = BuildWsFedTenantOptionsList(); List<OpenIdConnectAuthenticationOptions> OpenIdConnectTenantOptions = BuildOpenIdConnectTenantOptionsList(); app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions() {

I have already gone through links here , here and here which are related to issue I am having. I have Silverlight application using IdentiServer3 for authentication and I started having this issue just now when I implemented log out functionality. Note that the issue has nothing to do with Silverlight because login and logout functionality is actually implemented on the server side which is a classic ASP.Net Web form. (.NET 4.5.1) The application never had logout functionality, so user just used to close the browser so we never encountered this issue before. We have now logout.aspx page and

Situation I have a Silverlight application that uses a WCF backend. Going forward we have moved to JS clients with WebAPI. I have a couple of WebAPI controllers that I would like to use from the Silverlight client and so have them loaded within the ASP.Net application that hosts the WCF services. This works fine from a "all services are available" point of view, however Authorization is being invoked multiple times for WCF calls; from OWIN and through WCF ServiceAuthorizationManager On the WCF side, my ServiceAuthorizationManager implementation validates the token in the AuthHeader and then

I am trying to setup my authentication using the authorization_code grant flow. I had it previously working with grant_type=password , so I kind of know how the stuff is supposed to work. But when using grant_type=authorization_code , I couldn't make it return anything other than invalid_grant Here is my setup: app.UseOAuthAuthorizationServer(new OAuthAuthorizationServerOptions { AllowInsecureHttp = true, TokenEndpointPath = new PathString("/auth/token"), AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(5), Provider = new SampleAuthProvider() }); app.UseOAuthBearerAuthentication(new

在 上篇文章 介绍了Web Api中使用令牌进行授权的后端实现方法，基于WebApi2和OWIN OAuth实现了获取access token，使用token访问需授权的资源信息。本文将介绍在Web Api中启用刷新令牌的后端实现。 本文要用到上篇文章所使用的代码，代码编写环境为VS 2017、.Net Framework 4.7.2，数据库为MS SQL 2008 R2. OAuth 刷新令牌 上文已经搞了一套Token授权访问，这里有多出来一个刷新令牌(Refresh Token),平白添加程序的复杂度，意义何在呢 刷新令牌在设置时，有几个选项，其中有一个AccessTokenExpireTimeSpan，即过期时间，针对不同的客户端 过期时间该设置为多久呢 ？ 而且令牌一旦生成即可在过期时间内一直使用，如果修改了用户的权限信息， 如何通知到客户端其权限的变更 ？ 还有就是访问令牌过期后，客户端调用 需要重新验证用户名密码 进行交互，这样是不是有点麻烦了？ 使用刷新令牌 刷新令牌(Refresh Token) 是用来从身份认证服务器交换获得新的访问令牌，允许在没有用户交互的情况下请求新的访问令牌。刷新令牌有几个好处： 可以无需用户交互情况下更新访问令牌： 可以设置一个较长时间的刷新令牌有效期，客户端一次身份验证后除非管理员撤销刷新令牌，否则在刷新令牌有效期内均不用再次身份验证

Refused to execute script from '.../signalr/abort?transport=webSockets&clientProtocol=1.5&callback=jQuery32109752453231046265_1507885522267&_=1507885522271' because its MIME type ('') is not executable, and strict MIME type checking is enabled. A part of url was removed for clarity. I have the last stable version of Microsoft.Owin.Host.SystemWeb (3.1.0) and jquery.signalR-2.2.2.js . I'm using CORS. /signalr/start is working just fine. Any ideas? 来源： https://stackoverflow.com/questions/46726457/signalr-signalr-abort-throws-error

I got an error when my GeneratePasswordResetTokenAsync() method is call. I configured autofac with owin identity. The error is : No IUserTokenProvider is registered when using dependency injection In my sample.web project there is a AutofacConfig.cs file where I register signinmanager and usermanager which I created in sample.repository project. AutofacConfig.cs public class AutofacConfig { public static Autofac.IContainer RegisterDependencies() { var containerBuilder = new ContainerBuilder(); // REGISTER DEPENDENCIES containerBuilder.RegisterType<SampleDataContext>() .As<DbContext>()