asp.net mvc 5 - aspnet identity invalid token on confirmation email

Question

I'm trying to confirm an account but I'm getting "invalid token." error.

Here's what I'm trying:

var code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
var callbackUrl = Url.Action("ConfirmacaoEmail", "Usuario", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);

await UserManager.SendEmailAsync(user.Id, "Ativa??o de Conta", user.GetEmailAtivacao(model.Nome, callbackUrl));

if I call UserManager.ConfirmEmailAsync after this code, I can confirm the account. However, if I open the link that it's inside the variable callbackUrl and try to confirm through that action, I'm getting the error.

I thought it could be something with OwinContext, so I've decided to call HttpContext.GetOwinContext().GetUserManager<MyCustomUserService> but I'm getting the same error.

Any clues?

Answer 1

Most likely that the code in transit is modified by browser. Try doing UrlEncode on the token:

var code = await userManager.GenerateEmailConfirmationTokenAsync(userId);
code = System.Web.HttpUtility.UrlEncode(code);

Otherwise browser messes with the special symbols that can be present in the token.