Facebook API Question posted in
The official documentation for the Facebook APIs can be found here.

External Login without using identity asp.net core 2.0 – Facebook api

I’m trying to create an external login scheme for facebook, google and linkedin without using identity framework. I have an api that stores all users and do some authentication stuffs. Right now I’m kind of lost on how to get the information from the external login.

I’m issuing a challenge like this.

[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult ExternalLogin(string provider)
{
    //Issue a challenge to external login middleware to trigger sign in process
    return new ChallengeResult(provider);
}

This works well, it redirects me to either google, facebook or linkedinn authentication.

Now on this part:

public async Task<IActionResult> ExternalLoginCallback()
{
    //Extract info from externa; login

    return Redirect("/");
}

All I want is to get the information that was provided by the external login.

I have tried what I found from my research,

 var result = await HttpContext.AuthenticateAsync(provider);
 if (result?.Succeeded != true)
 {
     return Redirect("/");
 }
 var externalUser = result.Principal;
 var claims = externalUser.Claims.ToList();

First of all I I’m not sure if a simple ?provider=Google on my callback string will pass the provider name I specify so it can be used to check the sign in scheme. I guess this is incorrect. Secondly, I tried hard coding await HttpContext.AuthenticateAsync("Google") and when it reach this code, the debug stops. I’m not sure why.

I’ve seen the generated code when creating a project with single authentication.

var info = await _signInManager.GetExternalLoginInfoAsync();

Sadly, I’m won’t be able to use identity since I don’t have a user store and my application will be consuming an API.

Tags:

2

Answers


  1. 0

    I too had this issue and see if the below code works for you.
    I wanted to extract the full name after Google/FB authentication.

    var info = await _signInManager.GetExternalLoginInfoAsync();

TempData["fullname"] = info.Principal.FindFirstValue(ClaimTypes.Name);
    Login or Signup to reply.
  2. 0

    First you need to create a custom cookie handler. I myself had problems with:

    No IAuthenticationSignInHandler is configured to handle sign in for
    the scheme: Bearer

    I had to add a cookie handler that will temporarily store the outcome of the external authentication, e.g. the claims that got sent by the external provider. This is necessary, since there are typically a couple of redirects involved until you are done with the external authentication process.

    Startup

    services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(o =>
{
    o.TokenValidationParameters = tokenValidationParameters;
})
.AddCookie("YourCustomScheme")
.AddGoogle(googleOptions =>
{
    googleOptions.SignInScheme = "YourCustomScheme";
    googleOptions.ClientId = "x";//Configuration["Authentication:Google:ClientId"];
    googleOptions.ClientSecret = "x";//Configuration["Authentication:Google:ClientSecret"];
    //googleOptions.CallbackPath = "/api/authentication/externalauthentication/signin-google";
});

    The important part here is “YourCustomScheme”.

    Now it’s time to retrieve the user information from the claims provided by the external authentication in the callback action.

    Controller

    [AllowAnonymous]
[HttpPost(nameof(ExternalLogin))]
public IActionResult ExternalLogin(ExternalLoginModel model)
{
    if (model == null || !ModelState.IsValid)
    {
        return null;
    }

    var properties = new AuthenticationProperties { RedirectUri = _authenticationAppSettings.External.RedirectUri };

    return Challenge(properties, model.Provider);
}

[AllowAnonymous]
[HttpGet(nameof(ExternalLoginCallback))]
public async Task<IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null)
{
    //Here we can retrieve the claims
    var result = await HttpContext.AuthenticateAsync("YourCustomScheme");

    return null;
}

    Voilà! We now have some user information to work with!

    enter image description here

    Helpful link

    http://docs.identityserver.io/en/release/topics/signin_external_providers.html

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search