I went into the source code but I can't see where it's wired to the handler. In the GoogleExtensions.cs file, I see the
=> builder.AddOAuth<GoogleOptions, GoogleHandler>(authenticationScheme,
displayName, configureOptions);
But I don't understand how the route "/signin-google" calls the handler.
How signin-google in asp.net core authentication is linked to the google handler?
The question can be divided into two small questions .
/signin-google
GoogleHandler
process the request on /signin-google
signin-google
Initially, when user clicks the Google
button to login with Google Authentication, the browser will post a request to the following url:
https://your-server/Identity/Account/ExternalLogin?returnUrl=%2F
Your server simply redirects the user to Google.com and asks Google to authenticate the current user :
https://accounts.google.com/o/oauth2/v2/auth?
response_type=code
&client_id=xxx
&scope=openid%20profile%20email
&redirect_uri=https%3A%2F%2Fyour-server%2Fsignin-google
&state=xxx
When Google has authenticated the user successfully, it will redirect the user to your website with a parameter of code
according to redirect_uri
above.
https://your-server/signin-google?
state=xxx
&code=yyy
&scope=zzz
&authuser=0
&session_state=abc
&prompt=none
Note the path here equals /signin-google
. That's the first key point.
GoogleHandler
process the signin-google
Before we talk about how GoogleHandler
goes , we should take a look at how AuthenticationMiddleware
and AuthenticationHandler
work:
When there's an incoming request, the AuthenticationMiddleware
(which is registered by UseAuthentication()
in your Configure()
method of Startup.cs
), will inspect every request and try to authenticate user.
Since you've configured authentication services to use google authentication , the AuthenticationMiddleware
will invoke the GoogleHandler.HandleRequestAsync()
method
If needed, the GoogleHandler.HandleRequestAsync()
then handle remote authentication with OAuth2.0 protocol , and get the user's identity.
Here the GoogleHandler
inherits from RemoteAuthenticationHandler<TOptions>
, and its HandleRequestAsync()
method will be used by AuthenticationMiddleware
to determine if need to handle the request. . When it returns true
, that means the current request has been already processed by the authentication handler and there's no further process will be executed.
So how does the HandleRequestAsync()
determine whether the request should be processed by itself ?
The HandleRequestAsync()
method just checks the current path against the Options.CallbackPath
. See source code below :
public abstract class RemoteAuthenticationHandler<TOptions> : AuthenticationHandler<TOptions>, IAuthenticationRequestHandler
where TOptions : RemoteAuthenticationOptions, new()
{
// ...
public virtual Task<bool> ShouldHandleRequestAsync()
=> Task.FromResult(Options.CallbackPath == Request.Path);
public virtual async Task<bool> HandleRequestAsync()
{
if (!await ShouldHandleRequestAsync())
{
return false;
}
// ... handle remote authentication , such as exchange code from google
}
}
The whole workflow will be :
/signin-google
signin-google
, the middleware will use HandleRequestAsync()
to proecess current request, and exchange code with google.If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With