locked
External Login functionality AuthenticationManager.GetExternalLoginInfoAsync() returns null RRS feed

  • Question

  • User214405565 posted

    External login implementation worked fine for more than a year and all of a sudden it stopped working (without changing anything in that implementation). AuthenticationManager.GetExternalLoginInfoAsync() method always returns null. For all three external login providers that I have implemented. Strange thing is that it is working perfectly fine locally for: https://localhost:44335 , but not working on a real domain on production. I've read that there is some issue with owin cookies conflicting with the general cookies. Don't know if that is the reason for my code to suddenly stop working, but any help will be appreciated. Here is the ConfigureAuth code:

    public void ConfigureAuth(IAppBuilder app)
            {
                // Configure the db context, user manager and signin manager to use a single instance per request
                app.CreatePerOwinContext(ApplicationDbContext.Create);
                app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
                app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create);
    
                app.UseKentorOwinCookieSaver();
                // Enable the application to use a cookie to store information for the signed in user
                // and to use a cookie to temporarily store information about a user logging in with a third party login provider
                // Configure the sign in cookie
                app.UseCookieAuthentication(new CookieAuthenticationOptions
                {
                    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                    LoginPath = new PathString("/Account/Login"),
                    Provider = new CookieAuthenticationProvider
                    {
                        // Enables the application to validate the security stamp when the user logs in.
                        // This is a security feature which is used when you change a password or add an external login to your account.  
                        OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                            validateInterval: TimeSpan.FromMinutes(30),
                            regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
                    }
                });            
                app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
    
                // Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
                app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
    
                // Enables the application to remember the second login verification factor such as phone or email.
                // Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from.
                // This is similar to the RememberMe option when you log in.
                app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
    
                // Uncomment the following lines to enable logging in with third party login providers
                app.UseMicrosoftAccountAuthentication(
                    clientId: "8d7558fe-6cff-434b-b7b8-40059e663650",
                    clientSecret: "***");
    
                //app.UseTwitterAuthentication(
                //   consumerKey: "",
                //   consumerSecret: "");
    
                app.UseFacebookAuthentication(
                   appId: "2631206010277443",
                   appSecret: "***");
                
    
                app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
                {                
                    ClientId = "130184419104-1iprjvi1nraj4h3ia7ehit0vmcuhrgpe.apps.googleusercontent.com",
                    ClientSecret = "***"
                });
            } 

    and this is from AccountController 

    // POST: /Account/ExternalLogin
            [HttpPost]
            [AllowAnonymous]
            [ValidateAntiForgeryToken]
            public ActionResult ExternalLogin(string provider, string returnUrl)
            {           
                // Request a redirect to the external login provider
                return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl }));
            }
    
    
    
    
    [AllowAnonymous]
            public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
            {
                var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
    
                if (loginInfo == null)
                {               
                    DAL.Helper.Log("loginInfo is null", "Register");
                    return RedirectToAction("Login");
                }
    
                // Sign in the user with this external login provider if the user already has a login
                var result = await SignInManager.ExternalSignInAsync(loginInfo, isPersistent: true);
                switch (result)
                {
                    case SignInStatus.Success:
                        return RedirectToAction("SpellChecker", "Home"); //RedirectToLocal(returnUrl);
                    case SignInStatus.LockedOut:
                        return View("Lockout");
                    case SignInStatus.RequiresVerification:
                        return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = false });
                    case SignInStatus.Failure:
                    default:
                        // If the user does not have an account, then prompt the user to create an account
                        ViewBag.ReturnUrl = returnUrl;
                        ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
                        return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { Email = loginInfo.Email });
                }
            }

     If any additional code is needed to understand the problem, please let me know.

    Thanks in advance

    Tuesday, March 16, 2021 7:17 AM

Answers

  • User214405565 posted

    Never mind answering. I figured it out. I accidentally changed the environment on the production server (blocked outbound traffic). So, that was the reason.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, March 16, 2021 9:58 AM