Considered making the loader lazy when using CreatePerOwinContext ?

Feb 17, 2014 at 11:09 AM
When working with AspNet Identity, is there any reason to that CreatePerOwinContext have to create an instance for each request and not just lazy load it when it actually is needed?

At least that the behaviour I am seeing and I am just wondering if its indented, and if so, why. If this is not the case, sorry for the inconvenience.
Feb 18, 2014 at 6:32 PM
Edited Feb 18, 2014 at 6:32 PM
All this code is not IOC friendly, I tried using autofac but not very easy and not clear especially concerning the various Options containing handlers which must be set on startup AND EF DbContext....any feed back concerning an implentation of autofac for this highly appreciated.
Feb 18, 2014 at 6:43 PM
I assume the idea is that you should not use IOC / autofac for this?

Register it with CreatePerOwinContext and get it again with the Get method on IOwinContext.

I have not tried autofac as I normaly just go with Unity. But what is causing your problems with IOC? You could register the UserManager with your DI framework and use it as normal with a factory of the create method that the CreatePerOwinContext also uses.

If its IdentityFactoryOptions that is giving you problems, its simply a
            IdentityFactoryOptions<T> options = new IdentityFactoryOptions<T> {
                DataProtectionProvider = app.GetDataProtectionProvider()
Feb 18, 2014 at 9:14 PM
Edited Feb 18, 2014 at 9:18 PM
Yes but it is dommage when 98% of a code already uses IOC !

Yes part of pb is in UserMAnager but also in code like this sample
        static Startup()
            PublicClientId      = "self";

            OAuthOptions        = new OAuthAuthorizationServerOptions
                TokenEndpointPath           = new PathString("/api/v1/Token"),
                Provider                            = newMyOAuthProvider(PublicClientId),
                AuthorizeEndpointPath       = new PathString("/api/v1/Account/ExternalLogin"),
                AccessTokenExpireTimeSpan   = TimeSpan.FromDays(14),
                AllowInsecureHttp           = true, // to remove in prod
                ApplicationCanDisplayErrors = true,
                AllowInsecureHttp           = false, 
                ApplicationCanDisplayErrors = false,

                AuthorizationCodeProvider   = new MyAuthenticationTokenProvider(TokenType.Code),
                AccessTokenProvider         = new MyAuthenticationTokenProvider(TokenType.Access),
                RefreshTokenProvider        = new MyAuthenticationTokenProvider(TokenType.Refresh),
                AuthorizationCodeFormat     = new TicketFormatProvider(),
                AccessTokenFormat           = new TicketFormatProvider(),
                RefreshTokenFormat          = new TicketFormatProvider()


        public static OAuthAuthorizationServerOptions OAuthOptions { get; private set; }

        public static string PublicClientId { get; private set; }

        // For more information on configuring authentication, please visit
        public void ConfigureAuth(IAppBuilder app)
            // Configure the UserManager

            // Enable the application to use a cookie to store information for the signed in user
            // and to use a cookie to temporarily store information about a user logging in with a third party login provider
            // Configure the sign in cookie
            app.UseCookieAuthentication(new CookieAuthenticationOptions {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                Provider = new CookieAuthenticationProvider {
                        OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<MyUserManager, MyUser, int>(
                        validateInterval: TimeSpan.FromMinutes(20), 
                        regenerateIdentityCallback: (manager, user) => user.GenerateUserIdentityAsync(manager),


            // Enable the application to use bearer tokens to authenticate users
Suppose your ticketFormatProvider has some dependency alreday managed by IOC....
And idem for ConnectorDbContext.Create, if it contains some services normally bought by Ioc....
This is the reason why I say this is not easy to integrate in an already Ioc project.
Feb 18, 2014 at 9:42 PM
But you dont have to use the CreatePerOwinContext. Correct me if I am wrong, but its not used internal to get the UserManager, but used in the samples like this:
        public RolesAdminController(ApplicationUserManager userManager,
            RoleManager<IdentityRole> roleManager)
            UserManager = userManager;
            RoleManager = roleManager;

        private ApplicationUserManager _userManager;
        public ApplicationUserManager UserManager
                return _userManager ?? HttpContext.GetOwinContext().GetUserManager<ApplicationUserManager>();
                _userManager = value;
So if you use your own IOC to put the UserManager into the controller, the one from the owin context wont be used and you dont need to register it. But I am just speculating here.
Feb 19, 2014 at 8:29 AM
But you dont have to use the CreatePerOwinContext. Correct me if I am wrong, but its not used internal to get the UserManager, but used in the samples like this:
Who knows ? No code available ?
Apr 17, 2014 at 12:03 AM
Yep pksorensen is correct, you are free to retrieve/manage UserManager instances however you like. We only introduced PerOwinContext since we don't have any IOC we can depend on, so we chose to stash it in the OwinContext. You are free to remove that and use whatever IOC you like to get the UserManager out.
Apr 17, 2014 at 9:00 AM
Ok, thanks for the confirmation.
What is the Status of project now that the 2.0 is out ? I see some work still goes on, is it bug fixing or new implementation.
What about going Open ?
May 3, 2014 at 10:19 AM
Edited May 3, 2014 at 10:23 AM
I tried to use unity and PerRequestLifetimeManager to instanciate UserManager but I don't figure out how to send this line of code in UnityConfig.cs
IdentityFactoryOptions<T> options = new IdentityFactoryOptions<T> {
                DataProtectionProvider = app.GetDataProtectionProvider()
since app is not accessible in UnityConfig.RegisterTypes method.

In this method I have that :
                .RegisterType<IDbContextAsync, AppDbContext>(new PerRequestLifetimeManager())               
                .RegisterType<IUnitOfWorkAsync, UnitOfWork>(new PerRequestLifetimeManager())
                .RegisterType<AppUserManager>(new PerRequestLifetimeManager())
                .RegisterType<IUserStore<AppUser, string>, UserStoreRepository>(new PerRequestLifetimeManager())
Anyone know how to do ?