Search code examples
c#asp.net-coreasp.net-identityproviderdata-protection

Set UserTokenProvider In .Net Core

I am converting an existing Mvc application into .Net Core, The issue is to initialize

DataProtectorTokenProvider

In Mvc application it belongs to

Microsoft.Owin.Security.DataProtection.IDataProtector

Below code is used to generate UserTokenProvider in Mvc

public void ConfigureAuth(IAppBuilder app)
{
    app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
}

public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context) 
{
    var manager = new ApplicationUserManager(new MySqlUserStore<ApplicationUser>());
    //var manager = new ApplicationUserManager(new UserStore<ApplicationUser>(context.Get<ApplicationDbContext>()));
    // Configure validation logic for usernames
    manager.UserValidator = new UserValidator<ApplicationUser>(manager)
    {
        AllowOnlyAlphanumericUserNames = false,
        // RequireUniqueEmail = false
    };

    // Configure validation logic for passwords
    manager.PasswordValidator = new PasswordValidator
    {
        RequiredLength = 2,
        RequireNonLetterOrDigit = false,
        RequireDigit = false,
        RequireLowercase = false,
        RequireUppercase = false
    };

    // Configure user lockout defaults
    manager.UserLockoutEnabledByDefault = true;
    manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(50);
    manager.MaxFailedAccessAttemptsBeforeLockout = 5;

    // Register two factor authentication providers. This application uses Phone and Emails as a step of receiving a code for verifying the user
    // You can write your own provider and plug it in here.
    manager.RegisterTwoFactorProvider("Phone Code", new PhoneNumberTokenProvider<ApplicationUser>
    {
        MessageFormat = "Your security code is {0}"
    });
    manager.RegisterTwoFactorProvider("Email Code", new EmailTokenProvider<ApplicationUser>
    {
        Subject = "Security Code",
        BodyFormat = "Your security code is {0}"
    });
    manager.EmailService = new EmailService();
    manager.SmsService = new SmsService();
    var dataProtectionProvider = options.DataProtectionProvider;
    if (dataProtectionProvider != null)
    {
        manager.UserTokenProvider = 
            new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("ASP.NET Identity"));
    }
    return manager;
}

this auto initialize the DataProtectorTokenProvider

enter image description here

enter image description here but In .Net Core Owin is no longer being used.

Now please let me know how can I initialize

UserTokenProvider

in .net Core without using Owin?

Solution

  • You have to use the TokenOptions.ProviderMap Property and use your own TokenProvider and register it like so.

    services.AddIdentity<User, Role>(options => {
options.Tokens.ProviderMap.Add("ASP.NET Identity", new TokenProviderDescriptor(typeof(MyTokenProvider)));
})
.AddTokenProvider<MyTokenProvider>(nameof(MyTokenProvider));

    And the optional configuration in ConfigureServices:

    services.Configure<DataProtectionTokenProviderOptions>(o =>
    {
        o.Name = "ASP.NET Identity";
        o.TokenLifespan = TimeSpan.FromHours(1);
    });

    Check this thread for more info:

    However someone also commented out that adding the .AddDefaultTokenProviders() also might solve the issue so you can try that first.

     services.AddIdentity<User, UserRole>()
            .AddEntityFrameworkStores<ApplicationDbContext>()
            .AddDefaultTokenProviders();