This is a problem i am trying to solve for a month now. (tried any possible article/code out there).
In ExternalLoginCallback action, AuthenticationManager.GetExternalLoginInfoAsync() returns a valid object (with all the provider details) but email is null for certain Facebook users.
For the large majority of Facebook login email is presetnt. But for about 30% of logins I get an exception down the process because the email is null.
Luckily sometime ago I've created a Facebook user which reproduce the problem. I've created a sterile test environment in localhost and indeed email comes null for this user, and OK for other users.
*With this Facebook user I can log in just fine in any big commercial site (IMDB for example).
1) I've created a clean MVC 5 project with VS2013.
2) Updated all the packages concerning authentication:
<package id="Microsoft.AspNet.Identity.Core" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.AspNet.Identity.EntityFramework" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.AspNet.Identity.Owin" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin" version="3.0.0" targetFramework="net45" />
<package id="Microsoft.Owin.Host.SystemWeb" version="3.0.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security" version="3.0.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Cookies" version="3.0.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Facebook" version="3.0.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.OAuth" version="3.0.0" targetFramework="net45" />
<package id="Owin" version="1.0" targetFramework="net45" />
3) Unmarked the facebook section in Startup.Auth.cs and added the following:
var facebookAuthOptions = new FacebookAuthenticationOptions();
facebookAuthOptions.AppId = "***";
facebookAuthOptions.AppSecret = "***";
facebookAuthOptions.Scope.Add("email");
app.UseFacebookAuthentication(facebookAuthOptions);
In the settings screen of that Facebook user, I tried to change the email to another email, and then change it back. Now the email comes just fine !! How could it be ?
This could happen if there's no primary email address for this user. The affected user must remove the email, save settings, then re-add the address, re-confirm, then make it primary. The reason why this works on other sites such as IMDB could be explained by the fact that this site doesn't require the email
address to be returned from FB. It just uses whatever information is provided.
Permission on login with facebook act differently on the way of creating there facebook profile.
Even if you request the email permission it is not guaranteed you will get an email address. For example, if someone signed up for Facebook with a phone number instead of an email address, the email field may be empty.
Furthermore, now users have more control and options what to include during the registration.
Source
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With