OWIN's GetExternalLoginInfoAsync Always Returns null

c# .net asp.net-mvc owin google-openid
25,694

Solution 1

To get OWIN Google login to work properly on a standard Visual Studio 2013, ASP.Net MVC5 site, I had to:

  1. Setup a Google OpenId account at https://console.developers.google.com/project

  2. Set the callback URL there to blah/signin-google.
    Important notes on things you don't need to do:

    • You don't need to use HTTPS for Google to redirect back; you can even redirect back to plain http://localhost, no problem.

    • You don't need to setup anything for the redirect URL - no routes, Controller Actions or special permissions in Web.Config. The redirect URL is always /signin-google and OWIN handles this behind the scenes for you.

As an example, if your site was me.com, you might have these 3 callback URLs in the Google Developer Console:

http://localhost:53859/signin-google
http://test.me.com/signin-google
https://me.com/signin-google

The first one including whatever port number VS gave you for your project.

  1. Enable the Google+ API. This is one hidden b**** of a gotcha and is the root cause of the problem in the question here - if you don't do this, it's easy to miss that the Request to /account/ExternalLoginCallback includes &error=access_denied, and that's because Google said no to a permissions request OWIN made for the user's Google+ basic profile. I can't tell whose fault this is, Google's or Microsoft's.

To enable the Google+ API in the Developers Console, click APIs on the left, hunt for Google+, click that and hit Enable. Yes you really do need to do that. You're hosed if you don't do that.

  1. Add the ClientId and ClientSecret Google gave you in the Developers Console to Startup.Auth, but improve the code in the process to explicitly use OAuth2, and explicitly ask for the user's email address:

    var google = new GoogleOAuth2AuthenticationOptions()
{
    ClientId = "123abc.apps.googleusercontent.com",
    ClientSecret = "456xyz",
    Provider = new GoogleOAuth2AuthenticationProvider()
};
google.Scope.Add("email");
app.UseGoogleAuthentication(google);

That's it. That finally got it working.

Just want to reiterate one more time, there are a LOT of answers about this and issues like it where OWIN/Google isn't working, and nearly all of them are wrong for the current VS2013/MVC5/OWIN template.
You don't need to modify Web.Config at all.
You don't need to create any special Routes whatsoever.
You should not attempt to point /signin-google to a different place, or use a different callback URL, and you definitely shouldn't attempt to tie it directly to /account/externallogincallback or externalloginconfirmation, because those are both separate from /signin-google and necessary steps in the OWIN/Google process.

Solution 2

OK, I found out why it's null. You have to enable Google + API in the Google console. Also make sure the secret key is not concatenated with a space at the end after you paste it to your code. Why can't they return a normal error? I don't know.

Solution 3

It seems that Nuget package Microsoft.Owin.Security.Facebook version 3.0.1 no longer works with Facebook Login.

Update this package to the pre-release 3.1.0 version, you can use the following:

Install-Package Microsoft.Owin.Security.Facebook -Pre

Solution 4

As others correctly mentioned, most of the time that's because you do not have permission to the Google+ API so here is how to get permission for a project in Google API Manager to Google+ API

Step 1. Select You Project from the top combobox and go to Dashboard > Enable API enter image description here

Step 2: Search for Google plus and select it enter image description here

Step 3: Enable it! enter image description here

if you return to dashboard for that project you can see the list of enabled API's for that project at the bottom enter image description here

Solution 5

I got it to work by simply updating all the nugget package in the application and it worked.

Share:
25,694
VineetYadav
Author by

VineetYadav

Updated on July 05, 2022

Comments

  • VineetYadav
    VineetYadav almost 2 years

    I've created a new MVC5 Web Application, and when I try to login with Google or Facebook, the ExternalLoginCallback Action in the AccountController is called, but GetExternalLoginInfoAsync() always returns null:

    var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
    return RedirectToAction("Login");
}

    Because it's always null, it just redirects back to the login page and the process starts over. How can I fix this?

  • James Mauldin
    James Mauldin over 9 years
    This immediately solved the problem. Good find, thanks.
  • James Mauldin
    James Mauldin over 9 years
    Now that I look carefully, I see that this step is clearly indicated in the instructions on asp.net.
  • Ronen Festinger
    Ronen Festinger over 9 years
    Yes, but I thought it's not obligatory. Anyway the connection between that and the error that is shown is not clear.
  • Papa Burgundy
    Papa Burgundy about 9 years
    Yes, I've seen all kinds of crazy answers but this is the correct one for me.
  • roboto1986
    roboto1986 almost 9 years
    Number three did it for me. Sadly, I knew this to be the problem in the past but had forgotten it... and yes, totally agree this is a b**** . Many thanks for the list.
  • Pawel Cioch
    Pawel Cioch almost 9 years
    Thank you, Thank you, Thank You! Worked, yes ENABLE Google+ API, it worked even without "code improvement". Great detailed answer!
  • Patrick
    Patrick over 8 years
    Same here but the problem returned after a while (days). It worked fine for some time then all of a sudden it just stops and a refresh of the app pool solves it again. Very weird.
  • Patrick
    Patrick over 8 years
    This solved the issue for me. Hopefully it will keep working now. stackoverflow.com/a/20948631/155758
  • Giovanni Galbo
    Giovanni Galbo over 8 years
    If I could upvote you 1000 times, I would. Thank you!
  • tutiplain
    tutiplain almost 8 years
    Doesn't work for me. It is actually impossible to create an appID and appSecret without enabling Google+ API. I have enabled it and was able to create the secret and id, but I am still being redirected back to the login page.
  • Chris Moschini
    Chris Moschini almost 8 years
    @tutiplain Reread the answer; you need to enable the Google+ API.
  • tutiplain
    tutiplain almost 8 years
    I have it enabled, but it still doesn't work. I am considering manually doing the Oauth flow, since this seems to be a bug in either Owin or the project templates in Visual Studio.
  • Ashish Shukla
    Ashish Shukla over 7 years
    I have enable the Google + API and following the same steps, but it's not working for me. I am using Visual Studio 2015 MVC 5 Template. I am getting the user info null.
  • Kris
    Kris about 7 years
    You sir, are a god!
  • Chris Searles
    Chris Searles about 7 years
    Just came across this out of nowhere today as well and updating to the RC of 3.1.0 worked for me too.
  • Luke
    Luke about 7 years
    Glad to have helped :)
  • Richard
    Richard about 7 years
    Crikey, hope they fix this soon spent all night reconfiguring URLs trying to work out what I'd inadvertently changed since it was working last time I was playing around. Your suggestion worked. Still no updated version later that 3.0.1 to install according to NuGet
  • torylor
    torylor about 7 years
    ^^ what Richard said
  • Dan Cook
    Dan Cook about 7 years
    After trying pretty much everything on stack overflow and wasting about 3 hours, this was the final solution for me. Thanks :)
  • Luke
    Luke almost 7 years
    It looks like it's no longer a pre-release, it's a real version now
  • johnnyRose
    johnnyRose almost 7 years
    Upgrading to 3.1 fixed my problem. Thanks for saving me many painful hours debugging this!
  • Martin
    Martin over 6 years
    Enable Google+ API... That's what I was missing. Thanks!
  • Jeff D
    Jeff D over 6 years
    I can't understand why Google has not mentioned this in their documentation to enable google plus api to use "sign in with google button".. really bad.. if this post wasn't there I would have been lost for days..
  • Samuel Moshie
    Samuel Moshie about 5 years
    Thanks this solved my problem Microsoft need to look at this bug
  • christiaantober
    christiaantober over 4 years
    This worked for me too, after trying everything else mentioned here. I updated the OWIN packages from v4.0.0 to v4.0.1 and then it started working.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Could not load file or assembly Microsoft.Owin.Security.OAuth, Version=2.0.0.0
MVC 5, Web API And Owin
Asp MVC: How get roles from ApplicationUser
The type 'IEnumerable<>' is defined in an assembly that is not referenced
Entity Framework: Check all relationships of an entity for foreign key use
FileExtensions attribute of DataAnnotations not working in MVC
MVC 4 Razor - Creating a dynamic DropDownList
MVC - IoC Unity - Make sure that the controller has a parameterless public constructor
maintaning drop down selected state after post back in MVC razor?
Visual Studio Database Project Generate Script