Facebook API 2.4 breaking changes ?

Hi guys, I think the latest change to the Facebook (Graph) API 2.4 made some breaking changes to the default FacebookAuthenticationHandler class (using Microsoft.Owin.Security.Facebook 3.0.1). ...

Id #417 | Release: None | Updated: Jul 29 at 7:03 PM by Tratcher | Created: Jul 29 at 6:19 PM by chrkell

ArgumentNullException for refresh token

When sending a request to the refresh token endpoint and specifying the grant_type to be refresh_token but providing no other parameters, an ArgumentNullException is raised in AuthenticationTokenRe...

Id #416 | Release: None | Updated: Jul 28 at 4:35 AM by codymack | Created: Jul 28 at 4:35 AM by codymack

Cookie auth middleware only uses first identity instead of all

The cookie authentication middleware uses AuthenticationResponseGrant.Identity when issuing the cookie. unfortunately this property only contains the first identity in the list of identities availa...

Id #415 | Release: None | Updated: Jun 25 at 3:27 PM by Tratcher | Created: Jun 25 at 2:38 PM by ZeroKoll

The type 'Microsoft.Owin.IOwinContext' is defined in an assembly that is not referenced. You must add a reference to assembly 'Microsoft.Owin, Version=2.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'

I was trying to debug a latest Angular JS app application with Katana Source (http://katanaproject.codeplex.com/SourceControl/latest#README) to learn underlying katana implementations, but keep fa...

Id #412 | Release: None | Updated: Jun 9 at 3:13 PM by Tratcher | Created: Jun 6 at 11:11 PM by HydTechie

ApplicationCanDisplayErrors does not work with ASP.NET MVC

I'm trying to setup an authorization server with the OAuthAuthorizationServer middleware on an ASP.NET MVC5 web application. I've set ApplicationCanDisplayErrors to true, but when validation of th...

Id #411 | Release: None | Updated: Jun 7 at 6:14 AM by barryhagan | Created: Jun 6 at 10:24 PM by barryhagan

Cookie Authentication Redirect URL is Absolute

When using Cookie Authentication, the redirect URL generated is absolute - it includes the protocol and hostname, rather than just being a relative URL. This works fine for "normal" scenarios, but...

Id #410 | Release: None | Updated: Jun 5 at 7:02 AM by rlawley | Created: Jun 4 at 10:01 AM by rlawley

Possible deadlock on AuthenticationHandler.OnSendingHeaderCallback

Hi, I'm observing what seems to be a deadlock on the AuthenticationHandler.OnSendingHeaderCallback method, due to the Wait() call on the task received from ApplyResponseAsync. I'm using the OID...

Id #409 | Release: None | Updated: Jul 8 at 5:05 PM by cbomkamp | Created: May 31 at 11:31 PM by pmhsfelix

OpenIdConnect: invalid nonce doesn't prevent user from signing in

This post was originaly posted on Thinktecture.IdentityServer3 bug tracker. https://github.com/IdentityServer/IdentityServer3/issues/1346 Guys said it's microsoft issue. Seems like even if nonce...

Id #408 | Release: None | Updated: Mon at 3:24 PM by remycook | Created: May 22 at 2:23 PM by balbelias

Upgrade invalidated tokens

In Nuget Manager, I recently upgraded all Owin packages: Microsoft.Owin : 3.0.0.0 to 3.0.0.1 Microsoft.Owin.Security 3.0.0.0 to 3.0.1.0 Microsoft.Owin.Secu...

Id #407 | Release: None | Updated: May 14 at 6:45 PM by cjrogala | Created: May 14 at 6:45 PM by cjrogala

Running OwinHost as daemon on Linux under mono exits prematurely

OwinHost starts up and then waits for enter to be pressed. On Linux/mono, when running as a daemon, a call to ReadLine() returns EOF immediately, causing OwinHost to exit prematurely. There shoul...

Id #405 | Release: None | Updated: Jun 18 at 1:35 PM by Tratcher | Created: Apr 16 at 5:19 PM by swish014