Why MVC 5 Owin Oauth is not hitting /Account/ExternalLoginCallback action

Question

I am new to MVC 5 authentication. Currently I tried Google Authorization using Owin The code in startup.Auth.cs

var googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions
{
    ClientId = "Client-id",
    ClientSecret = "secret-key",
    CallbackPath = new PathString("/Account/ExternalLoginCallback"),
    Provider = new GoogleOAuth2AuthenticationProvider()
    {
        OnAuthenticated = async context =>
        {
            context.Identity.AddClaim(new Claim("picture", context.User.GetValue("picture").ToString()));
            context.Identity.AddClaim(new Claim("profile", context.User.GetValue("profile").ToString()));
        }
    }
};
googleOAuth2AuthenticationOptions.Scope.Add("email");

app.UseGoogleAuthentication(googleOAuth2AuthenticationOptions);

But it does not hit ExternalLoginCallback Action for debug.

[AllowAnonymous]
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)

It stop at /Account/ExternalLoginCallback?ReturnUrl=%2F with blank white screen. I won't find what is wrong with this. and find similar question Google Authentication using OWIN Oauth in MVC5 not hitting ExternalLoginCallback function, but it is not helpful in mine case.

Answer 1

This is similar to: Google Authentication using OWIN Oauth in MVC5 not hitting ExternalLoginCallback function

Basically, set your google App in the Developers dashboard to point to your */ExternalLoginCallback method.

Leave the GoogleProvider with the default callback path.

var googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions
    {
        ClientId = "MYCLIENTID",
        ClientSecret = "MYSECRET"
    };

Add a route to handle signin-google in RouteConfig:

routes.MapRoute(
            name: "signin-google",
            url: "signin-google",
            defaults: new { controller = "[YOURCONTROLLLER]", action = "ExternalLoginCallback"});

That should fix google provider and all the others too.

Answer 2

Try this it may work. Its works for my case

app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
                {
                    ClientId = "YourClintId",
                    ClientSecret = "YourSecretKey",
                    CallbackPath = new PathString("/Account/ExternalLoginCallback")
                });

Answer 3

I've been having issues with setting up Owin/Katana/Oath etc.

In short...

1. Clear your browser history
2. Leave the GoogleOAuth2AuthenticationOptions.CallbackPath as the default
3. There should be two entries in the Google "Authorised redirect URIs": https://domain[:port]/signin-google and https://domain[:port]/MVCController/MVCAction

In long...

Clear your browser history. I've been trying to learn OWIN/Katana etc for the past few days and have been making many configuration changes on the Google Developer Console and within my code. I was occasionally getting the "white screen" and unable to get the debugger to hit code within my ExternalLoginCallback() function. Clearing my browser history seems to fix this.

There is no need to set the GoogleOAuth2AuthenticationOptions.CallbackPath, leave it as the default signin-google.

I'm testing locally so I've set my the Google credentials to (replacing the port number with the one you're using!)

Authorised Javascript Origins : "https://localhost:44353"

Authorised redirect URIs: "https://localhost:44353/signin-google" and "https://localhost:44353/Account/ExternalLoginCallback"

Overly verbose code if anyone is interested

Startup.Auth.cs

public partial class Startup
{
    public void ConfigureAuth(IAppBuilder app)
    {
        var cookieAuthenticationProvider = new CookieAuthenticationProvider();

        var cookieAuthenticationOptions = new CookieAuthenticationOptions();
        cookieAuthenticationOptions.AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie;
        cookieAuthenticationOptions.LoginPath = new PathString("/Account/Login");
        cookieAuthenticationOptions.Provider = cookieAuthenticationProvider;

        app.UseCookieAuthentication(cookieAuthenticationOptions);

        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

        var googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions();
        googleOAuth2AuthenticationOptions.ClientId = "TODO : add client id";
        googleOAuth2AuthenticationOptions.ClientSecret = "TODO : add secret";

        app.UseGoogleAuthentication(googleOAuth2AuthenticationOptions);
    }
}

Function executed when user clicks my "Sign in with Google". provider will be "Google"

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public void ExternalLogin(string provider)
{
    var properties = new Microsoft.Owin.Security.AuthenticationProperties();

    properties.RedirectUri = Url.Action("ExternalLoginCallback", "Account");

    HttpContext.GetOwinContext().Authentication.Challenge(properties, provider);
}

Function that will be executed when user returns from Google.

[AllowAnonymous]
public async Task<ActionResult> ExternalLoginCallback()
{
    var loginInfo = await Microsoft.Owin.Security.AuthenticationManagerExtensions.GetExternalLoginInfoAsync(HttpContext.GetOwinContext().Authentication);

    if (loginInfo == null)
    {
        throw new NotImplementedException();
    }

    var signInResult = await this.SignInManager.ExternalSignInAsync(loginInfo, false);

    if (signInResult == Microsoft.AspNet.Identity.Owin.SignInStatus.Success)
    {
        return RedirectToAction("Index", "Home");
    }

    if (signInResult == Microsoft.AspNet.Identity.Owin.SignInStatus.RequiresVerification)
    {
        // ...
    }

    /// etc...
}