User-881099725 posted
I have been struggling with this for quite a while and I am no newbie. I use Visual Studio 2003 Professional to create ASP.NET MVC 5 web applications. In the application setup I enabled the Identity 2.0 functionality. I am able to perform all operations
with a LOCAL account. Now, my site does not have an SSL certificate so my return URLs are not https.
My domain is configured so that I can enter mydomain.com/ or
www.mydomain.com/ in the URL. I am not (obviously) created the apps using "mydomain.com" textually. In this post all ocurrences of mydomain.com should be read as my own domain where I have my web application and that I have configured in the apps.
I need functionality to accept logins from Google, Facebook, Twitter, Microsoft and LinkedIn. I proceeded to
register as a developer in all those sites. I created the apps and configured them to use
http://www.mydomain.com/Account/ExternalLoginCallback as
callback. In addition to that I enabled all those external providers in Start.Auth.cs with their respective client IDs and client Secrets.
But the boiler plate Account Controller methods do not seem to work for external authentication. When I try to login with an external provider I am first redirected to the App Authorization dialog, enter my credentials for the external provider, then I see
the App confirmation, and after than it redirects back to my site but I am NEVER logged in.
- With Twitter I get a blank page with /Account/ExternalLoginCallback
- With LinkedIn I get a page saying "Cannot display page" with URL /Account/ExternalLogin in it
- With Facebook I get a blank page with an URL of ~/Account/ExternalLoginCallback?error=access-denied
- With Microsoft I get a page saying "We are unable to complete your request, Microsoft account is experiencing technical problems" and no further information
- With Google, after entering my credentials I get a Google 400 page with Error: redirect_uri_mismatch and the details say the redirect_uri is http://mydomain.com/Account/ExternalLoginCallback
I wonder what should be the correct URL to put in the "Redirect URI" of the apps configured at the respective developers sites? should it be /Account/ExternalLoginCallback (does not work), /Account/signin-providername or what?
The ExternalLoginCallback action on the Account Controller looks like this:
[AllowAnonymous]
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
{
log.Debug(string.Format("ExternalLoginCallback -> {0}", returnUrl));
ExternalLoginInfo loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
log.Debug(string.Format("username: {0} email {1} identity {2} login {3}", loginInfo.DefaultUserName, loginInfo.Email, loginInfo.ExternalIdentity, loginInfo.Login));
if (loginInfo == null)
{
return RedirectToAction("Login");
}
// Sign in the user with this external login provider if the user already has a login
var user = await UserManager.FindAsync(loginInfo.Login);
if (user != null)
{
// DEGT Store (LInkedIn) access tokens
var claimsIdentity = await AuthenticationManager.GetExternalIdentityAsync(DefaultAuthenticationTypes.ExternalCookie);
if (claimsIdentity != null)
{
var currentClaims = await UserManager.GetClaimsAsync(user.Id);
//var accessToken = claimsIdentity.FindAll(loginProvider)
}
await SignInAsync(user, isPersistent: false);
return RedirectToLocal(returnUrl);
}
else
{
// If the user does not have an account, then prompt the user to create an account
// unless local registrations are disabled
if (!My.Default.AllowRegistration)
return RedirectToAction("Index", MyController.Name); // TODO pop up some message or take to special page
else
{
ViewBag.ReturnUrl = returnUrl;
ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { Email = loginInfo.Email });
}
}
}
