CODEWITHSUNDEEP
asp.net-identity
Chandan
Chandan

Reputation: 1504

What is the use of asp.net identity .GenerateUserToken()

I understand that token from userManager.GeneratePasswordResetToken() is used to add as a security identifier in the hyperlink to send to user on password reset request.

But I am not sure what the user of userManager.GenerateUserToken() . I am able to generate the token , but not sure if this can be converted to claims like SAML tokens and be used for authorization .

Please help me understand this as I was not able to find any good documentation regarding this .

Upvotes: 7

Views: 4433

Answers (2)

Chris Catignani
Chris Catignani

Reputation: 5306

Adding to trailmax's answer...

This line from the answer has the parameter swapped:

var token = userManager.GenerateUserToken(userId, "ConfirmJobOffer");

Will generate

System.InvalidOperationException: 'UserId not found.'

It Should read:

var token = userManager.GenerateUserToken("ConfirmJobOffer",userId);

I tried editing the post and it got rejected. I can see where it looks a little confusing...but TUser is the user supplied Key or "purpose" and TKey is the userId.

From the UserManagerExtensions class:

public static string GenerateUserToken<TUser, TKey>(this UserManager<TUser, TKey> manager, string purpose, TKey userId)
    where TUser : class, IUser<TKey>
    where TKey : IEquatable<TKey>;

Upvotes: 2

trailmax
trailmax

Reputation: 35106

GenerateUserToken() is used to create password-reset tokens and email-confirmation tokens. This method takes string parameter purpose that is describing what sort of operation is going to happen. Effectively this purpose is an encryption key that is used to decrypt the generated token.

So you can create your own tokens for your own purposes, for example you can have ConfirmJobOffer operation in recruitment application. And you can create token just for that operation and sent the link with this token to a user:

var token = userManager.GenerateUserToken(userId, "ConfirmJobOffer");
// now send this token as part of the link

Then in controller, once the token made back to you you can call:

var tokenCorrect = await userManager.VerifyUserTokenAsync(userId, "ConfirmJobOffer", token);
if (tokenCorrect)
{
    // do stuff if token is correct
}

Generally you would not use GenerateUserToken directly, unless you are doing custom tokens. You'd use GeneratePasswordResetTokenAsync and GenerateEmailConfirmationTokenAsync.

Please note: this is is not aimed to do SAML tokens or related authorization.

Upvotes: 19

Related Questions