I think I found an issue in Microsoft.Owin.Security.Cookies.CookieAuthenticationHandler class, method ApplyResponseGrantAsync. There is a line (within "else if (_shouldRenew)" block) of where cooki...
Id #470 | Release:
| Updated: Sep 15 at 9:28 AM by JaapMosselman | Created: Sep 15 at 9:28 AM by JaapMosselman
Method HandleCorsRequestAsync in CorsMiddleware calls TryEvaluateCorsPolicy which if an origin is not allowed the CorsEngine will add an error to CorsResult.ErrorMessages collection which also make...
Id #469 | Release:
| Updated: Sep 15 at 9:12 PM by Tratcher | Created: Sep 12 at 8:46 PM by JoLu1977
OWIN Pipeline throwing exception
at Microsoft.IdentityModel.Protocols.AuthenticationProtocolMessage.SetParameter(String parameter, String value)
Id #468 | Release:
| Updated: Sep 8 at 10:57 PM by Tratcher | Created: Aug 30 at 10:38 PM by bharatgupta486
UseFacebookAuthentication() supports option includling email scope:
var opt = new Microsoft.Owin.Security.Facebook.FacebookAuthenticationOptions()
AppId = System.Confi...
Id #467 | Release:
| Updated: Aug 29 at 5:22 PM by Tratcher | Created: Aug 28 at 4:02 AM by darkthread
JwtSecuritTokenHandler has a ValidateToken(...) method which performs all of the core token validation - signature, issuer, replay detection, lifetime, audience. If validation fails you get an exce...
Id #466 | Release:
| Updated: Aug 7 at 9:14 PM by philco | Created: Aug 7 at 9:12 PM by philco
The misbehavior (and some workarounds) has been discussed on Stackoverflow already:
A TraceListener, that was regis...
Id #465 | Release:
| Updated: Jul 13 at 1:35 PM by ML8448 | Created: Jul 13 at 1:35 PM by ML8448
(Moved from https://katanaproject.codeplex.com/discussions/656132)
This was originally posted on Github at https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issu...
Id #464 | Release:
| Updated: Aug 23 at 3:32 PM by MattOl | Created: Jul 6 at 7:25 PM by Tratcher
I'm trying to find out what is the max value for a two factor authentication code expiry in a cookie from ASP.NET Identity 2.1, and if I can set it higher than 5 minutes.
I have tried setting the...
Id #463 | Release:
| Updated: Jul 18 at 12:03 PM by chriscollins442 | Created: Jul 6 at 3:21 PM by chriscollins442
There is a bug in how Katana handles encoding when building a Uri in OwinRequest. The resource path delimiters "(" and ")" are encoded which violates RFC 3986. Please see section 3.3. This...
Id #462 | Release:
| Updated: Jun 28 at 6:37 AM by jstachowiak | Created: Jun 26 at 10:59 PM by jstachowiak
I have written the following code to update the user's security stamp value to the database after signout. But It is not updated in the database and see the old value.
Did I miss anything o...
Id #461 | Release:
| Updated: Jun 24 at 6:46 PM by Tratcher | Created: Jun 22 at 9:20 AM by dpmragu