Has anyone actually got ASP.NET MVC 5 Identity Facebook logins to work out of the box? (loginInfo always returns null)

Question

Using Visual Studio 2013 Update 5, I have created a boilerplate MVC 5 application with Individual User Accounts auth option selected, and I have been trying to implement social logins using the template code, but have been unsuccessful.

I have ensured all NuGet packages are up to date, and the code is using MVC 5.2.3; Owin 3.0.1; AspNet.Identity 2.0.0.

I can get everything working fine, including authenticator apps using OtpSharp, but the Facebook login is just not working whatever I try.

I have created the Facebook App, set all the relevant options on that and set the AppId and AppSecret in my Startup.Auth.cs file.

When I try to login with Facebook, the MVC site redirects me to Facebook, which prompts me with the auth screen for the app. I click OK and accept this then I am redirected back to the MVC app. If I check the authorised apps under my Facebook account, my app is listed and shows that it has granted permission to the app to retrieve email address.

The callback works fine but when it hits ExternalLoginCallback and in particular:

var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync()

loginInfo always returns null.

Looking at the Request it shows an error of access_denied:

https://localhost:44301/Account/ExternalLoginCallback?ReturnUrl=%2Fmanage&error=access_denied

I have read pretty much every blog post and SO question on this error and whilst most of them are helpful, most are also out of date and not relevant.

It would seem that something is missing from the templated project, or something has changed elsewhere as no matter which tutorial I read, and options I set, the result is the same.

I have tried this internally on a dev machine running IIS Express and externally on a hosted machine running IIS 7.5 too and the results are the same.

I've even decompiled the Microsoft.Owin.Security.Facebook library to see where that particular section of the querystring is set to no help.

If I had any hair I'd have pulled it all out by now.

I'll take any suggestions. Can anyone help?

Answer 1

Facebook loves to make things difficult. Access_denied sounds like they are blocking you on purpose. Check your developer dashboard and the accounts authorized to test your app while its in development mode. The email permission is approved by default, so that isn't your issue.

Make sure the account you are testing with is added here:

If that doesnt solve it, make sure you have the correct app domains (testing and live) listed in the domain section here:

Answer 2

I had the exact same issue. No matter what I did the facebook would show the login, get permissions and then return back to the Login page instead of the Email confirmation page.

Using Fiddler Facebook would invoke "http://localhost:1234/signin-facebook&code=SOME_SECRET_CODE_HERE", and then my application's controller would invoke "http://localhost:1234/ExternalLoginCallback?error=access_denied". I was sure Facebook is refusing the access. It was only after implementing a Facebook Javascript SDK Sample, I realised I could successfully login and also view FB scopes!

My Dev environment

• MVC 5 application
• Visual Studio 2013 Community edition Update 5
• Microsoft.OWIN v2.2.1
• Microsoft.OWIN.Security.Facebook v3.0.1

Finally I found a YouTube Video by ProCoder which mentioned to put the correct path in the Valid OAuth redirect URIs as http://localhost:1234/signin-facebook and it worked. If you haven't already added, you will need to add Facebook Login product to your Facebook app.

I also set App Domain to localhost and Site URL to http://localhost:1234/

I have added 127.0.0.1 and MY.EXTERNAL.PUBLIC.IP to the Server IP Whitelist Under Security in the Advanced Settings option of the Facebook app.

All these settings I replicated in a new MVC 5 application and it worked like a charm.

Answer 3

update the package Owin.Security.Facebook 3.0.1 to 3.1.0

It works for me