I am using Microsoft.Web.WebPages.OAuth
. I was able to register Google
, Facebook
, Twitter
, Stack Exchange
, MyOpenID
...
Now I am trying to add Microsoft Live
, so I registered:
OAuthWebSecurity.RegisterMicrosoftClient("applicationID", "key");
and called
OAuthWebSecurity.RequestAuthentication("microsoft", Url.Action("Authorization", new { returnUrl = "/" }));
To this point everything is working fine, I get redirected to the login page. The problem is when I come back to
OAuthWebSecurity.VerifyAuthentication();
It says:
The remote server returned an error: (400) Bad Request.
What do I have to do?
I had the same problem. After a lot of research, I came across this bit of source code with the comment:
// Only OAuth2 requires the return url value for the verify authenticaiton step
This means that when you call VerifyAuthentication
, you must use the overload that passes the return url for validation by the oauth2 provider (the Microsoft Live ID provider in this case).
Sure enough, when I dig through the walkthrough on the asp.net website, I find that they are indeed passing back the return url, as the url from the action of the callback.
So instead of:
OAuthWebSecurity.VerifyAuthentication();
You need:
var returnUrl = Url.Action("Authorization", new { returnUrl = "/" })
OAuthWebSecurity.VerifyAuthentication(returnUrl);
The return url should match exactly the same as you specified earlier in the RequestAuthentication
method.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With