Click here to Skip to main content
15,885,546 members
Search within:


Getting Invalid Token from Browser
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
C#
ASP.NET
Identity
I am generating a EmailConfirmationToken for email confirmation. The generated token looks like this:

C#
AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA48Afnm/pyU6UZrt2VXGfHAAAAAACAAAAAAADZgAAwAAAABAAAABa10013CpPZN7NSwTZYu03AAAAAASAAACgAAAAEAAAAHFDDmUWdvgFz4QCqe0ML/1gAAAAN7hpoCFiW8NcTaMNCGMLALUYL0gcfXbPjXQddI5w68mm4FfbVhMkJPbL+JTA8RXZ7mb6VgNmxS/cxdMzy5BQdIdVUIWzQYPwBlX6Oimx+zESVcCSpUSVpwI05+ls79nmFAAAAPTqCR7RSVR5zQT3UaJlcd1BokRr


I am sending that token via email as a hyperlink to the user.
When the user clicks on the link he will redirect to my confirmation function.

This is how I implemented the function:

C#
[Route("Register/ConfirmEmail")]
[HttpGet]
public async Task<IHttpActionResult> ConfirmEmail(string userId, string code)
{
    string errorMessage = null;
    if (userId == null || code == null)
    {
        errorMessage = "Die Benutzeridentifikation oder der Aktivierungscode sind beschädigt";
        return RenderEmailConfirmedPage(userId, errorMessage);
    }
    var registerContext = new RegisterContext
    {
        UserId = userId,
        ActivationCode = code
    };
    var result = await userService.ConfirmEmailAsync(registerContext);



The problem is the code which I get as string is invalid. Look at the following token:

C#
AQAAANCMnd8BFdERjHoAwE/Cl sBAAAA48Afnm/pyU6UZrt2VXGfHAAAAAACAAAAAAADZgAAwAAAABAAAABa10013CpPZN7NSwTZYu03AAAAAASAAACgAAAAEAAAAHFDDmUWdvgFz4QCqe0ML/1gAAAAN7hpoCFiW8NcTaMNCGMLALUYL0gcfXbPjXQddI5w68mm4FfbVhMkJPbL JTA8RXZ7mb6VgNmxS/cxdMzy5BQdIdVUIWzQYPwBlX6Oimx zESVcCSpUSVpwI05 ls79nmFAAAAPTqCR7RSVR5zQT3UaJlcd1BokRr


Do you know why all + are replaces with a space " " ?
Posted
Updated 6-Oct-15 0:14am
v2
Add a Solution

1 solution

It looks like you've forgotten to URL-encode the code when you created the confirmation URL. For backwards-compatibility, browsers treat a + in the query-string as an encoded space.

When you generate the URL, you need to use the HttpUtility.UrlEncode method[^] to encode the parameters.

For example:
C#
string url = string.Format("yoursite/controller/action?userId={0}&code={1}",
    HttpUtility.UrlEncode(userId),
    HttpUtility.UrlEncode(code));


Or, using the code from the tutorial on the ASP.NET site[^]:
C#
var callbackUrl = Url.Action(
    "ConfirmEmail", "Account", 
    new { userId = user.Id, code = code }, 
    protocol: Request.Url.Scheme);
 
Share this answer
 
Posted
Updated 6-Oct-15 2:31am
v2
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Uncaught syntaxerror: invalid or unexpected token
Paypal Recurrent payments - invalid token
How to rectify the issue "invalid viewstate" while doing csrf token validation in ASP.NET with C#?
Schema has invalid token in Biztalk 2013
JWT bearer token not authorizing
Error while loading dwg image system.badimageformatexception: 'invalid token.'
Trying to do linkedin authorization code flow (3-legged oauth) but I keep getting this error 'unable to retrieve access token
How to get FCM token in cordova ?
ANTLR lexer analysis: is there a way to get a token for invalid input without disturbing the already existing token
Invalid JSON data $.get() method - uncaught syntaxerror: unexpected token <

Advertise
Privacy
Cookies
Terms of Use
Last Updated 6 Oct 2015
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web01 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900