FedAuth Cookie Issue - Githubissues

We are facing an issue with decoding fedauth cookie.

When a user logs into Relyingparty, WS Federation creates a FedAuth cookie and based on the size of the claims the FedAuth cookie is chunked into multiple cookies.

The issue we are seeing is sporadic, and manifests with a FedAuth combined cookie value (after concatenating all the chunked cookie values) that ends in “Pg==Pg==”

Both FedAuth1 and FedAuth2 ends in “Pg==”.

Please find the error log below ERROR | The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. at System.Convert.FromBase64_ComputeResultLength(Char* inputPtr, Int32 inputLength) at System.Convert.FromBase64CharPtr(Char* inputPtr, Int32 inputLength) at System.Convert.FromBase64String(String s) at System.IdentityModel.Services.ChunkedCookieHandler.ReadInternal(String name, HttpCookieCollection requestCookies) at System.IdentityModel.Services.ChunkedCookieHandler.ReadCore(String name, HttpContext context) at System.IdentityModel.Services.CookieHandler.Read(String name, HttpContext context) at System.IdentityModel.Services.SessionAuthenticationModule.TryReadSessionTokenFromCookie(SessionSecurityToken& sessionToken) at System.IdentityModel.Services.SessionAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs eventArgs) at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Can you please help us in knowing the root cause that is raising this issue. I am also attaching the cookie payload with this. cookie.txt

IdentityServer / IdentityServer2

FedAuth Cookie Issue #869