asp.net mvc - Google Authentication using OWIN Oauth in MVC5 not hitting ExternalLoginCallback function

Question

I am currently upgrading my login process for Google to use OAuth before they depricate their OpenID login method.

The steps I have Identified so far is that I have upgraded the package Microsoft.Owin.Security.Google to version 2.1.0 as this version includes the ability to include options in the UseGoogleAuthentication method.

I have tried to use Alex Wheat's Solution in the link: Get ExtraData from MVC5 framework OAuth/OWin identity provider with external auth provider

The code in Startup.Auth.cs (which also includes Facebook authentication) goes from this:

    var facebookAuthenticationOptions = new FacebookAuthenticationOptions()
        {
            AppId = "MYAPPID",
            AppSecret = "MYSECRET"
        };
        facebookAuthenticationOptions.Scope.Add("email");
        app.UseFacebookAuthentication(facebookAuthenticationOptions);

        app.UseGoogleAuthentication();

To this:

var facebookAuthenticationOptions = new FacebookAuthenticationOptions()
        {
            AppId = "MYAPPID",
            AppSecret = "MYSECRET"
        };
        facebookAuthenticationOptions.Scope.Add("email");
        app.UseFacebookAuthentication(facebookAuthenticationOptions);


        var googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions
        {
            ClientId = "MYCLIENTID",
            ClientSecret = "MYSECRET",
            CallbackPath = new PathString("/en/Account/ExternalLoginCallback"),
            Provider = new GoogleOAuth2AuthenticationProvider()
            {

            }
        };

        app.UseGoogleAuthentication(googleOAuth2AuthenticationOptions);

After I add options to the Google Authentication, my app does not allow the ExternalLoginCallback action to be called for either google or facebook (no changes to facebook code but the issue still affects it).

On the front end, after clicking the external login buttons, the page redirects me to the link below and returns an empty white screen

https....../en/Account/ExternalLoginCallback#__=_ (There is actually only a single underscore before the = sign, SO syntax removes it if I have it as it appears on my address bar).

for facebook and

https....../en/Account/ExternalLoginCallback

for google. It does not hit the controller method below as it normally does (I have tried to place debug breakpoints within this function and it never gets stopped when there are google authentication options.

    // GET: /Account/ExternalLoginCallback
    [AllowAnonymous]
    public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
    {

If I remove the authentication options from Google Authentication, it just reverts back to the old OpenID login and works fine again.

Am I missing something simple here? or is there something bad happening inside the Owin.Security.Google Library that is causing the problem?

Answer 1

I'm using the default ASP.NET MVC 5 template with Identity Authentication for simplicity, but hopefully this can be modified for different use cases.

StartupAuth.cs

Do not customize the redirect path. It gets replaced by /signin-google anyways and my attempts at getting around that caused "silent" (not in the debugger) Internal Server 500 errors.

app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
{
    ClientId = "whatevs.apps.googleusercontent.com",
    ClientSecret = "whatevs_secrut",
    Provider = new GoogleOAuth2AuthenticationProvider()
});

Make sure to add http://whatever.com/signin-google to https://console.developers.google.com/ in your APIs & auth > Credentials > Redirect URIs section.

RouteConfig.cs

Add a route to a permanent redirect controller action to your routes. Permanent redirects are the only thing that will suffice here. It is not enough to simply direct directly to the Callback URL.

public static void RegisterRoutes(RouteCollection routes)
{
    routes.IgnoreRoute("{resource}.axd/{*pathInfo}");

    routes.MapRoute(
        name: "Google API Sign-in",
        url: "signin-google",
        defaults: new { controller = "Account", action = "ExternalLoginCallbackRedirect" }
    );

    routes.MapRoute(
        name: "Default",
        url: "{controller}/{action}/{id}",
        defaults: new { controller = "Home", action = "Index", id = UrlParameter.Optional }
    );
}

AccountController.cs

Permanent redirect to the built-in callback method and you should be fine.

[AllowAnonymous]
public ActionResult ExternalLoginCallbackRedirect(string returnUrl)
{
    return RedirectPermanent("/Account/ExternalLoginCallback");
}

A template project has been posted on GitHub for reference: https://github.com/Pritchard/Test-AspNetGoogleOAuth2Authentication