Databases
StackOverflow2013
Postsdbo
POAnti-forgery token issue (MVC 5)
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POAnti-forgery token issue (MVC 5)
    primarykey
    data
    text
    <p>I am having an issue with the anti-forgery token :( I have created my own User class which worked fine but now I am getting an error whenever I go to the <strong>/Account/Register</strong> page. The error is:</p> <blockquote> <p>A claim of type '<a href="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier</a>' or '<a href="http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider">http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider</a>' was not present on the provided ClaimsIdentity. To enable anti-forgery token support with claims-based authentication, please verify that the configured claims provider is providing both of these claims on the ClaimsIdentity instances it generates. If the configured claims provider instead uses a different claim type as a unique identifier, it can be configured by setting the static property AntiForgeryConfig.UniqueClaimTypeIdentifier.</p> </blockquote> <p>I found this article:</p> <p><a href="http://stack247.wordpress.com/2013/02/22/antiforgerytoken-a-claim-of-type-nameidentifier-or-identityprovider-was-not-present-on-provided-claimsidentity/">http://stack247.wordpress.com/2013/02/22/antiforgerytoken-a-claim-of-type-nameidentifier-or-identityprovider-was-not-present-on-provided-claimsidentity/</a></p> <p>so I changed my <strong>Application_Start</strong> method to this:</p> <pre><code>protected void Application_Start() { AreaRegistration.RegisterAllAreas(); FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters); RouteConfig.RegisterRoutes(RouteTable.Routes); BundleConfig.RegisterBundles(BundleTable.Bundles); AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.Email; } </code></pre> <p>but when I do that, I get this error: </p> <blockquote> <p>A claim of type '<a href="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress</a>' was not present on the provided ClaimsIdentity.</p> </blockquote> <p>Has anyone come across this before? If so, do you know how to solve it? </p> <p>Cheers in advance,<br /> r3plica</p> <p><strong>Update 1</strong></p> <p>Here is my custom user class:</p> <pre><code>public class Profile : User, IProfile { public Profile() : base() { this.LastLoginDate = DateTime.UtcNow; this.DateCreated = DateTime.UtcNow; } public Profile(string userName) : base(userName) { this.CreatedBy = this.Id; this.LastLoginDate = DateTime.UtcNow; this.DateCreated = DateTime.UtcNow; this.IsApproved = true; } [NotMapped] public HttpPostedFileBase File { get; set; } [Required] public string CompanyId { get; set; } [Required] public string CreatedBy { get; set; } public string ModifiedBy { get; set; } public DateTime DateCreated { get; set; } public DateTime? DateModified { get; set; } public DateTime LastLoginDate { get; set; } [Required(ErrorMessageResourceType = typeof(Resources.Resources), ErrorMessageResourceName = "RequiredTitle")] public string Title { get; set; } [Required(ErrorMessageResourceType = typeof(Resources.Resources), ErrorMessageResourceName = "RequiredFirstName")] public string Forename { get; set; } [Required(ErrorMessageResourceType = typeof(Resources.Resources), ErrorMessageResourceName = "RequiredLastName")] public string Surname { get; set; } [Required(ErrorMessageResourceType = typeof(Resources.Resources), ErrorMessageResourceName = "RequiredEmail")] public string Email { get; set; } public string JobTitle { get; set; } public string Telephone { get; set; } public string Mobile { get; set; } public string Photo { get; set; } public string LinkedIn { get; set; } public string Twitter { get; set; } public string Facebook { get; set; } public string Google { get; set; } public string Bio { get; set; } public string CompanyName { get; set; } [Required(ErrorMessageResourceType = typeof(Resources.Resources), ErrorMessageResourceName = "RequiredCredentialId")] public string CredentialId { get; set; } [Required(ErrorMessageResourceType = typeof(Resources.Resources), ErrorMessageResourceName = "RequiredSecurityCode")] public bool IsLockedOut { get; set; } public bool IsApproved { get; set; } [Display(Name = "Can only edit own assets")] public bool CanEditOwn { get; set; } [Display(Name = "Can edit assets")] public bool CanEdit { get; set; } [Display(Name = "Can download assets")] public bool CanDownload { get; set; } [Display(Name = "Require approval to upload assets")] public bool RequiresApproval { get; set; } [Display(Name = "Can approve assets")] public bool CanApprove { get; set; } [Display(Name = "Can synchronise assets")] public bool CanSync { get; set; } public bool AgreedTerms { get; set; } public bool Deleted { get; set; } } public class ProfileContext : IdentityStoreContext { public ProfileContext(DbContext db) : base(db) { this.Users = new UserStore&lt;Profile&gt;(this.DbContext); } } public class ProfileDbContext : IdentityDbContext&lt;Profile, UserClaim, UserSecret, UserLogin, Role, UserRole&gt; { } </code></pre> <p>I profile is just simple for my repositories, looks like this:</p> <pre><code>public interface IProfile { string Id { get; set; } string CompanyId { get; set; } string UserName { get; set; } string Email { get; set; } string CredentialId { get; set; } } </code></pre> <p>and the <strong>User</strong> class is the <strong>Microsoft.AspNet.Identity.EntityFramework.User</strong> class. My <strong>AccountController</strong> looks like this:</p> <pre><code>[Authorize] public class AccountController : Controller { public IdentityStoreManager IdentityStore { get; private set; } public IdentityAuthenticationManager AuthenticationManager { get; private set; } public AccountController() { this.IdentityStore = new IdentityStoreManager(new ProfileContext(new ProfileDbContext())); this.AuthenticationManager = new IdentityAuthenticationManager(this.IdentityStore); } // // GET: /Account/Register [AllowAnonymous] public ActionResult Register() { return View(); } // // POST: /Account/Register [HttpPost] [AllowAnonymous] public async Task&lt;ActionResult&gt; Register(RegisterViewModel model) { if (ModelState.IsValid) { try { // Create a profile, password, and link the local login before signing in the user var companyId = Guid.NewGuid().ToString(); var user = new Profile(model.UserName) { CompanyId = companyId, Title = model.Title, Forename = model.Forename, Surname = model.Surname, Email = model.Email, CompanyName = model.CompanyName, CredentialId = model.CredentialId }; if (await IdentityStore.CreateLocalUser(user, model.Password)) { //Create our company var company = new Skipstone.Web.Models.Company() { Id = companyId, CreatedBy = user.Id, ModifiedBy = user.Id, Name = model.CompanyName }; using (var service = new CompanyService()) { service.Save(company); } await AuthenticationManager.SignIn(HttpContext, user.Id, isPersistent: false); return RedirectToAction("Setup", new { id = companyId }); } else { ModelState.AddModelError("", "Failed to register user name: " + model.UserName); } } catch (IdentityException e) { ModelState.AddModelError("", e.Message); } } // If we got this far, something failed, redisplay form return View(model); } // // POST: /Account/Setup public ActionResult Setup(string id) { var userId = User.Identity.GetUserId(); using (var service = new CompanyService()) { var company = service.Get(id); var profile = new Profile() { Id = userId, CompanyId = id }; service.Setup(profile); return View(company); } } } </code></pre> <p>It used to be decorated with the <strong>[ValidateAntiForgeryToken]</strong> attribute, but that is where it stopped working.</p> <p>I hope that is enough code :)</p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. USr3plica
    1. USr3plica
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POAnti-forgery token issue (MVC 5)
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. POAnti-forgery token issue (MVC 5)
      1. This table or related slice is empty.
      1. VTUpMod
    1. COCan you show us the custom User class and how you used it?
      singulars
      1. POAnti-forgery token issue (MVC 5)
      1. USLostInComputer
    2. COI have added the custom User class, plus how I am using it.
      singulars
      1. POAnti-forgery token issue (MVC 5)
      1. USr3plica
    3. COYou are using the beta version. I suggest that you upgrade to release version then see if the problem still occurs.
      singulars
      1. POAnti-forgery token issue (MVC 5)
      1. USLostInComputer
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload