OWIN's GetExternalLoginInfoAsync Always Returns null
Solution 1
To get OWIN Google login to work properly on a standard Visual Studio 2013, ASP.Net MVC5 site, I had to:
Setup a Google OpenId account at https://console.developers.google.com/project
-
Set the callback URL there to
blah/signin-google
.
Important notes on things you don't need to do:You don't need to use HTTPS for Google to redirect back; you can even redirect back to plain http://localhost, no problem.
You don't need to setup anything for the redirect URL - no routes, Controller Actions or special permissions in Web.Config. The redirect URL is always /signin-google and OWIN handles this behind the scenes for you.
As an example, if your site was me.com, you might have these 3 callback URLs in the Google Developer Console:
http://localhost:53859/signin-google
http://test.me.com/signin-google
https://me.com/signin-google
The first one including whatever port number VS gave you for your project.
-
Enable the Google+ API. This is one hidden b**** of a gotcha and is the root cause of the problem in the question here - if you don't do this, it's easy to miss that the Request to
/account/ExternalLoginCallback
includes&error=access_denied
, and that's because Google said no to a permissions request OWIN made for the user's Google+ basic profile. I can't tell whose fault this is, Google's or Microsoft's.
To enable the Google+ API in the Developers Console, click APIs on the left, hunt for Google+, click that and hit Enable. Yes you really do need to do that. You're hosed if you don't do that.
-
Add the ClientId and ClientSecret Google gave you in the Developers Console to Startup.Auth, but improve the code in the process to explicitly use OAuth2, and explicitly ask for the user's email address:
var google = new GoogleOAuth2AuthenticationOptions() { ClientId = "123abc.apps.googleusercontent.com", ClientSecret = "456xyz", Provider = new GoogleOAuth2AuthenticationProvider() }; google.Scope.Add("email"); app.UseGoogleAuthentication(google);
That's it. That finally got it working.
Just want to reiterate one more time, there are a LOT of answers about this and issues like it where OWIN/Google isn't working, and nearly all of them are wrong for the current VS2013/MVC5/OWIN template.
You don't need to modify Web.Config at all.
You don't need to create any special Routes whatsoever.
You should not attempt to point /signin-google
to a different place, or use a different callback URL, and you definitely shouldn't attempt to tie it directly to /account/externallogincallback
or externalloginconfirmation
, because those are both separate from /signin-google
and necessary steps in the OWIN/Google process.
Solution 2
OK, I found out why it's null. You have to enable Google + API in the Google console. Also make sure the secret key is not concatenated with a space at the end after you paste it to your code. Why can't they return a normal error? I don't know.
Solution 3
It seems that Nuget package Microsoft.Owin.Security.Facebook version 3.0.1 no longer works with Facebook Login.
Update this package to the pre-release 3.1.0 version, you can use the following:
Install-Package Microsoft.Owin.Security.Facebook -Pre
Solution 4
As others correctly mentioned, most of the time that's because you do not have permission to the Google+ API so here is how to get permission for a project in Google API Manager to Google+ API
Step 1. Select You Project from the top combobox and go to Dashboard > Enable API
Step 2: Search for Google plus and select it
if you return to dashboard for that project you can see the list of enabled API's for that project at the bottom
Solution 5
I got it to work by simply updating all the nugget package in the application and it worked.
VineetYadav
Updated on July 05, 2022Comments
-
VineetYadav almost 2 years
I've created a new MVC5 Web Application, and when I try to login with Google or Facebook, the
ExternalLoginCallback
Action in theAccountController
is called, butGetExternalLoginInfoAsync()
always returns null:var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync(); if (loginInfo == null) { return RedirectToAction("Login"); }
Because it's always null, it just redirects back to the login page and the process starts over. How can I fix this?
-
James Mauldin over 9 yearsThis immediately solved the problem. Good find, thanks.
-
James Mauldin over 9 yearsNow that I look carefully, I see that this step is clearly indicated in the instructions on asp.net.
-
Ronen Festinger over 9 yearsYes, but I thought it's not obligatory. Anyway the connection between that and the error that is shown is not clear.
-
Papa Burgundy about 9 yearsYes, I've seen all kinds of crazy answers but this is the correct one for me.
-
roboto1986 almost 9 yearsNumber three did it for me. Sadly, I knew this to be the problem in the past but had forgotten it... and yes, totally agree this is a b**** . Many thanks for the list.
-
Pawel Cioch almost 9 yearsThank you, Thank you, Thank You! Worked, yes ENABLE Google+ API, it worked even without "code improvement". Great detailed answer!
-
Patrick over 8 yearsSame here but the problem returned after a while (days). It worked fine for some time then all of a sudden it just stops and a refresh of the app pool solves it again. Very weird.
-
Patrick over 8 yearsThis solved the issue for me. Hopefully it will keep working now. stackoverflow.com/a/20948631/155758
-
Giovanni Galbo over 8 yearsIf I could upvote you 1000 times, I would. Thank you!
-
tutiplain almost 8 yearsDoesn't work for me. It is actually impossible to create an appID and appSecret without enabling Google+ API. I have enabled it and was able to create the secret and id, but I am still being redirected back to the login page.
-
Chris Moschini almost 8 years@tutiplain Reread the answer; you need to enable the Google+ API.
-
tutiplain almost 8 yearsI have it enabled, but it still doesn't work. I am considering manually doing the Oauth flow, since this seems to be a bug in either Owin or the project templates in Visual Studio.
-
Ashish Shukla over 7 yearsI have enable the Google + API and following the same steps, but it's not working for me. I am using Visual Studio 2015 MVC 5 Template. I am getting the user info null.
-
Kris about 7 yearsYou sir, are a god!
-
Chris Searles about 7 yearsJust came across this out of nowhere today as well and updating to the RC of 3.1.0 worked for me too.
-
Luke about 7 yearsGlad to have helped :)
-
Richard about 7 yearsCrikey, hope they fix this soon spent all night reconfiguring URLs trying to work out what I'd inadvertently changed since it was working last time I was playing around. Your suggestion worked. Still no updated version later that 3.0.1 to install according to NuGet
-
torylor about 7 years^^ what Richard said
-
Dan Cook about 7 yearsAfter trying pretty much everything on stack overflow and wasting about 3 hours, this was the final solution for me. Thanks :)
-
Luke almost 7 yearsIt looks like it's no longer a pre-release, it's a real version now
-
johnnyRose almost 7 yearsUpgrading to 3.1 fixed my problem. Thanks for saving me many painful hours debugging this!
-
Martin over 6 yearsEnable Google+ API... That's what I was missing. Thanks!
-
Jeff D over 6 yearsI can't understand why Google has not mentioned this in their documentation to enable google plus api to use "sign in with google button".. really bad.. if this post wasn't there I would have been lost for days..
-
Samuel Moshie about 5 yearsThanks this solved my problem Microsoft need to look at this bug
-
christiaantober over 4 yearsThis worked for me too, after trying everything else mentioned here. I updated the OWIN packages from v4.0.0 to v4.0.1 and then it started working.