Owin on Mono Crashes on empty POST/PUT

Here is a simple test case (compiled with VS2015): Program.cs: using System; using Microsoft.Owin.Hosting; namespace empty_post { internal static class Program { public static void Main(str...

Id #478 | Release: None | Updated: Nov 15 at 2:57 PM by mheuser | Created: Nov 15 at 2:57 PM by mheuser

DefaultFilesMiddleware: check for trailing slash does not work any more

The current implementation contains the check if (!Helpers.PathEndsInSlash(context.Request.Path)) { context.Response.StatusCode = 301; context.Response.Headers[Constants.Location] = context.Req...

Id #476 | Release: None | Updated: Nov 9 at 1:20 PM by Ritzlgrmft | Created: Nov 9 at 1:20 PM by Ritzlgrmft

ID4037 if multiple WSFederation authentication providers are used

I created a new project in VS2015, set up to authenticate against ADFS (using the default WS-Federation). I modified the project so that it also had an authentication provider for some dummy issu...

Id #475 | Release: None | Updated: Nov 20 at 3:25 AM by Rob263 | Created: Nov 2 at 8:58 PM by Rob263

Incognito nonce cookie problem

Hello, for some unknown reason (for me) when the openid connect middleware makes the request for the idsrv for the very first time in incognito mode (chrome and firefox tested) the nonce cookie i...

Id #474 | Release: None | Updated: Nov 15 at 4:48 PM by be4i | Created: Oct 17 at 1:45 PM by be4i

IAuthenticationTokenProvider has no docs

The IAuthenticationTokenProvider interface has no documentation on how it should be implemented.

Id #473 | Release: None | Updated: Oct 6 at 8:55 AM by bgever | Created: Oct 6 at 8:55 AM by bgever

Owin cannot detect Response.Headers has already been set.

If sliding expiration has been turned on or signing out/signing in a user in code cause owin to generate and try to send a new cookie to the client. It also generates an application error and in ev...

Id #472 | Release: None | Updated: Nov 19 at 10:14 PM by sanjogsharma | Created: Sep 29 at 8:25 PM by danw22

Microsoft.Owin.Host.HttpListener has no message field in Exception

Hi, Stumbled across this error. An exception (due I think to a client closing a connection early on a transfer) caused an exception. I log exceptions to Application Insights and AI does not perm...

Id #471 | Release: None | Updated: Sep 28 at 6:37 AM by MarkDavies | Created: Sep 28 at 6:37 AM by MarkDavies

CookieAuthenticationHandler, in case using SessionStore, cookieOptions.Expires is not set on renewal

I think I found an issue in Microsoft.Owin.Security.Cookies.CookieAuthenticationHandler class, method ApplyResponseGrantAsync. There is a line (within "else if (_shouldRenew)" block) of where cooki...

Id #470 | Release: None | Updated: Sep 15 at 10:28 AM by JaapMosselman | Created: Sep 15 at 10:28 AM by JaapMosselman

CorsMiddleware: CorsResult.ErrorMessages not used

Method HandleCorsRequestAsync in CorsMiddleware calls TryEvaluateCorsPolicy which if an origin is not allowed the CorsEngine will add an error to CorsResult.ErrorMessages collection which also make...

Id #469 | Release: None | Updated: Sep 15 at 10:12 PM by Tratcher | Created: Sep 12 at 9:46 PM by JoLu1977

OWIN Authentication issue while hitting some pages in Web Application

OWIN Pipeline throwing exception at Microsoft.IdentityModel.Protocols.AuthenticationProtocolMessage.SetParameter(String parameter, String value) at Microsoft.IdentityModel.Protocols.WsFederati...

Id #468 | Release: None | Updated: Sep 8 at 11:57 PM by Tratcher | Created: Aug 30 at 11:38 PM by bharatgupta486