7

I have some problem while google redirects to a callback method it throws Exception: The oauth state was missing or invalid.

Startup.cs

public void ConfigureServices(IServiceCollection services)
    {
        services.AddDbContext<Conte>(config =>
            config.UseSqlServer(Configuration.GetConnectionString("Identity")));
        services.AddIdentity<IdentityUser, IdentityRole>()
            .AddEntityFrameworkStores<Conte>()
            .AddDefaultTokenProviders();

        services.AddAuthentication()
                .AddCookie("Cook")
                .AddGoogle(config =>
                {
                    config.SignInScheme = "Cook";
                    config.ClientId = Configuration["Authentication:Google:Client_Id"];
                    config.ClientSecret = Configuration["Authentication:Google:Client_Secret"];

                    config.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "UserId");
                    config.ClaimActions.MapJsonKey(ClaimTypes.Email, "EmailAddress", ClaimValueTypes.Email);
                    config.ClaimActions.MapJsonKey(ClaimTypes.Name, "Name");

                });

                    services.AddMvc();
    }

AccountController.cs

[AllowAnonymous]
    [HttpGet]
    [Route("/api/google-login")]
    public async Task LoginGoogle()
    {
        await HttpContext.ChallengeAsync("Google", new AuthenticationProperties() { RedirectUri = "/signin-google" });
    }

    [AllowAnonymous]
    [HttpGet]
    [Route("/signin-google")]
    public async Task<IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null)
    {   
        var info = await _signInManager.GetExternalLoginInfoAsync();

        // Sign in the user with this external login provider if the user already has a login.
        var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, isPersistent: false, bypassTwoFactor: true);
        if (result.Succeeded)
        {
            return Redirect(returnUrl);
        }
        return BadRequest();
    }

It go to Google Account

And when I tying to authorize i throws an exception

Improve this question

1 Answer 1

Reset to default
7

According to the tutorial from MS:

The Google authentication configured later in this tutorial will automatically handle requests at /signin-google route to implement the OAuth flow.

The /signin-google route is handled by the middleware, not by your MVC controller. Your external login should route to something like /ExternalLoginCallback

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

It really was one of the problem. Thanks, but anyway _signInManager.GetExternalLoginInfoAsync(); returns always null.
Hard to say anything without additional info. Try to examine your traffic using dev console. Try to call and see HttpContext?.Request?.Cookies?.Select(x => $"{x.Key}:{x.Value};"); directly.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.