Search code examples
c#azureasp.net-identity

The data protection operation was unsuccessful on azure with autofac

I have been getting this error when trying to create or update a user. The full error is:

The data protection operation was unsuccessful. This may have been caused by not having the user profile loaded for the current thread's user context, which may be the case when the thread is impersonating.

We use autofac in our application, so I after reading this article I created my own IdentityFactoryOptions like this:

public class IdentityFactoryOptions: IdentityFactoryOptions<UserProvider>
{
    public IdentityFactoryOptions()
    {
        DataProtectionProvider = new DpapiDataProtectionProvider("ASP.NET Identity");
    }
}

and then I created my own DataProtectionTokenProvider like this:

public class DataProtectionTokenProvider : DataProtectorTokenProvider<User>
{
    public DataProtectionTokenProvider(IdentityFactoryOptions options) : base(options.DataProtectionProvider.Create("ASP.NET Identity"))
    {
        TokenLifespan = TimeSpan.FromHours(6);
    }
}

I registered both these as SingleInstances like this:

builder.RegisterType<IdentityFactoryOptions>().AsSelf().SingleInstance();
builder.RegisterType<DataProtectionTokenProvider>().AsSelf().SingleInstance();

and I injected the DataProtectionTokenProvider into my UserManager and assigned it in the managers constructor like this:

UserTokenProvider = dataProtectionTokenProvider;

But after doing all this, I still get the error. I also read this article and saw you have to update your web.config too, so I added this:

<system.identityModel>
    <identityConfiguration>
        <securityTokenHandlers>
            <add type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
            <remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
        </securityTokenHandlers>
    </identityConfiguration>
</system.identityModel>

But the error persists. Does anyone have any solution for this? It is driving me mad....

Solution

  • Ok, I managed to fix this. Using the first post I linked, I injected the IAppBuilder into my autofac module and removed my IdentityFactoryOptions class. So the registration now looks like this:

    builder.Register(m => new DataProtectorTokenProvider(_app.GetDataProtectionProvider())).AsSelf().SingleInstance();

    And the DataProtectorTokenProvider looks like this:

    public class DataProtectorTokenProvider : DataProtectorTokenProvider<User>
{
    public DataProtectorTokenProvider(IDataProtectionProvider dataProtectionProvider) : base(dataProtectionProvider.Create("ASP.NET Identity"))
    {
        TokenLifespan = TimeSpan.FromHours(6);
    }
}

    Everything else I kept the same. This solved the issue.