User4653787 posted
Hi, I need some input. I am testing Identity authentication. I needed a way to get the expiration of the identity authentication cookie so i borrowed code from
this forum:
I'm now getting an error in ClaimsIdentity GenerateUserIdentity(ApplicationUserManager manager) in the ApplicationUser:IdentityUser class.
--' The ObjectContext instance has been disposed and can no longer be used for operations that require a connection.'--
Here is my application cookie in Startup.Auth:
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
ExpireTimeSpan = TimeSpan.FromMinutes(1),
LoginPath = new PathString("/Account/Login"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = CustomValidation
///OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
/// validateInterval: TimeSpan.FromMinutes(30),
/// regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
Here is my Validation Code:
protected Task CustomValidation(CookieValidateIdentityContext context)
{
// Validate every .5 minutes, set regenerate to null if you donot want token recreated
var stampValidator = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromSeconds(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager));
stampValidator.Invoke(context);
// identity expiration time
var expires = context.Properties.ExpiresUtc;
// Remove the current Expiration claim from the token
var claimType = "Expiration";
var identity = context.Identity;
if (identity.HasClaim(c => c.Type == claimType))
{
var existingClaim = identity.FindFirst(claimType);
identity.RemoveClaim(existingClaim);
}
// Add the new Expiration claim to the Identity token
var newClaim = new Claim(claimType, expires.Value.UtcTicks.ToString());
context.Identity.AddClaim(newClaim);
return Task.FromResult(0);
}
I use JS to click a button just for a postback where I access the expiration ticket to make sure it is extending the cookie time.
Notice the Timeout is set to 1 minute, the time to validate is set to 30secs, and just to let you know the js does a postback every 30secs.
I'm thinking that perhaps there is an issue between the actual time the postback occurs and the timeout. But if that were an issue I would want the app just to redirect to the Login page. Users will not know if they are posting back at the exact time a cookie
is expiring or being regenerated. Also, I read that it could be the SQL connection could not be made. Again the users would not know or care about that. This error happens after 4 to 7 postbacks. Which makes me wonder if its a timing issue, or a resource issue
with the server.
How do you figure out what is happening and code around that? I am going to put a try catch in the erring function, but MS did not feel it was needed, so I am looking for advice or explanation, or best coding practices for these kinds of issues. Of
course if there is something obviously wrong with my code please let me know.
If anyone can help I would appreciate it!
