Why BinaryFormatter cannot deserialize his own result

Question

I need help to figure out why BinaryFormatter cannot deserialize identity:

var identities = new[]
                     {
                         new ClaimsIdentity("Bug")
                             {
                                 Actor = new ClaimsIdentity("Bootstrap Context as a string")
                                         {
                                             BootstrapContext = "this causes issue"
                                         },

                                 BootstrapContext = new BootstrapContext("this raw token")
                             }
                     };

var sessionToken = new SessionSecurityToken(new ClaimsPrincipal(identities));
byte[] buffer;
using (var ms = new MemoryStream())
{
    var formatter = new BinaryFormatter();
    formatter.Serialize(ms, sessionToken);
    buffer = ms.ToArray();
}

using (var ms = new MemoryStream(buffer))
{
    var formatter = new BinaryFormatter();
    sessionToken = (SessionSecurityToken)formatter.Deserialize(ms);
}

This causes an exception TargetInvocationException with internal message:

"Unable to cast object of type 'System.String' to type 'System.IdentityModel.Tokens.BootstrapContext'." I am not able to debug Framework to figure out it by myself, so I asks yours help to find out a root of this unexpected behaviour.

Answer 1

The BootstrapContext property in the ClaimsIdentity is of the type Object. This means that you can assign a string to it (as you did). However, reading the documentation you can see that it should in fact be a BootstrapContext object, which is probably expected during deserialization.