Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

External Authentication not redirecting to external site

Have a weird thing happening here.

I have built an ASP.NET MVC5 website, and have local accounts working fine via ASP.NET Identity.

I am now trying to enable external authentication, but have some weirdness happening.

I'm certain I've followed the right steps. I have this in my Startup.Auth.cs:

    public void ConfigureAuth(IAppBuilder app)
    {
        // Enable the application to use a cookie to store information for the signed in user
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login")
        });
        // Use a cookie to temporarily store information about a user logging in with a third party login provider
        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

        // Uncomment the following lines to enable logging in with third party login providers
        //app.UseMicrosoftAccountAuthentication(
        //    clientId: "",
        //    clientSecret: "");

        //app.UseTwitterAuthentication(
        //   consumerKey: "",
        //   consumerSecret: "");

        //app.UseFacebookAuthentication(
        //   appId: "",
        //   appSecret: "");

        app.UseGoogleAuthentication();
    }

When the user clicks on the link to logon with Google, the ExternalLogin method is called:

    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult ExternalLogin(string provider, string returnUrl)
    {
        // Request a redirect to the external login provider
        return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl }));
    }

Which I have verified via debugging gets into the ExecuteResult method of the ChallengeResult class:

        public override void ExecuteResult(ControllerContext context)
        {
            var properties = new AuthenticationProperties() { RedirectUri = RedirectUri };
            if (UserId != null)
            {
                properties.Dictionary[XsrfKey] = UserId;
            }
            context.HttpContext.GetOwinContext().Authentication.Challenge(properties, LoginProvider);
        }

However, in the browser, nothing happens. I just get a blank page where I would expect a redirect to the Google signin page.

There are no errors reported at all.

The other funny thing is that I tried to create another MVC5 application, but I get a "Object reference not set to an instance of an object" popup in VS2013, and the resultant project is missing the Account controller that is usually there by default.

I've repaired the installation of VS2013, I have re-installed Update 1, and I've also updated all Nuget packages in the solution.

I've run out of ideas of where to go next.

Update 1 Thinking that this may be related to my PC, I've deployed the website to Azure, and the problem still persists. Does this mean it could be related to a missing assembly, and it's not being reported correctly? I've run fusionlog, but I see no binding failures.

Spinning up a new VM with a clean install of Windows 8 and VS2013 to see if I can get a new project working there.

Update 2 Ok, just ran another round of "network" capturing, and when the user selects the external provider, it DOES post to the ExternalLogin action, but the response is a 401 Unauthorized. What could be causing this?

like image 288
Brendan Green Avatar asked Apr 12 '14 12:04

Brendan Green


1 Answers

Ok,

I figured out what (the important part) of the issue was.

Firstly, I still don't known why when I create an MVC project I don't get a scaffold'ed AccountController class.

However, it seems my issue is that my login button was passing "google" instead of "Google" as the provider.

Seriously!? I am a little surprised that casing would matter with the name of the provider, but there you go.

like image 125
Brendan Green Avatar answered Oct 30 '22 00:10

Brendan Green