WebApi 2 OAuth External Login Access Token Issue

3
votes

I've been following a tutorial on webapi oauth login here;

http://bitoftech.net/2014/08/11/asp-net-web-api-2-external-logins-social-logins-facebook-google-angularjs-app/

It all runs smoothly but I am having difficulty with retrieving the token sent back from the external provider (in this test case Google).

So after the user authenticates and confirms the login the "ExternalLogin" end point for the second time on the webapi with the authentication data.

in this method it calls the following to extract all the data to a class

ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);

Its here that it seems to be falling over. As when it call the FromIdentity method;

   public static ExternalLoginData FromIdentity(ClaimsIdentity identity)
    {
        if (identity == null)
        {
            return null;
        }

        Claim providerKeyClaim = identity.FindFirst(ClaimTypes.NameIdentifier);

        if (providerKeyClaim == null || String.IsNullOrEmpty(providerKeyClaim.Issuer) || String.IsNullOrEmpty(providerKeyClaim.Value))
        {
            return null;
        }

        if (providerKeyClaim.Issuer == ClaimsIdentity.DefaultIssuer)
        {
            return null;
        }

        return new ExternalLoginData
        {
            LoginProvider = providerKeyClaim.Issuer,
            ProviderKey = providerKeyClaim.Value,
            UserName = identity.FindFirstValue(ClaimTypes.Name),
            ExternalAccessToken = identity.FindFirstValue("ExternalAccessToken"),
        };
    }

the line;

ExternalAccessToken = identity.FindFirstValue("ExternalAccessToken")

is returning as null? I can't see this token being returned in any of the claims?

1
c#asp.netangularjsasp.net-web-apioauth
So in class "GoogleAuthProvider" which implements "IGoogleOAuth2AuthenticationProvider" and if you sent break-point in the Authenticated event, were you able to check the value of "context.AccessToken"? If not what version of MS.Owin.Security are you using? Can you try to fall back and use the same versions used in this post, if it worked try to upgrade the packages and monitor the results. - Taiseer Joudeh
Hi Taiseer, thanks for the reply. Yes it appears it may have been down to a bad install on the nuget packages. Thanks for pointing out where the token was being assigned. The 'Authenticated' method was not firing and setting the external access token. I performed a reinstall of the nuget package with the following version; Google.Apis.Oauth2.v2 Client Library 1.10.0.1000 - Matthew Flynn

1 Answers

1
votes

The ExternalAccessToken is custom claim added. Please check the following code which is extend from the default providers.

For Google

 public class GoogleAuthProvider : IGoogleOAuth2AuthenticationProvider
    {
        public void ApplyRedirect(GoogleOAuth2ApplyRedirectContext context)
        {
            context.Response.Redirect(context.RedirectUri);
        }

        public Task Authenticated(GoogleOAuth2AuthenticatedContext context)
        {
            context.Identity.AddClaim(new Claim("ExternalAccessToken", context.AccessToken));
            return Task.FromResult<object>(null);
        }

        public Task ReturnEndpoint(GoogleOAuth2ReturnEndpointContext context)
        {
            return Task.FromResult<object>(null);
        }
    }

For Facebook

public class FacebookAuthProvider : FacebookAuthenticationProvider
    {
        public override Task Authenticated(FacebookAuthenticatedContext context)
        {
            context.Identity.AddClaim(new Claim("ExternalAccessToken", context.AccessToken));
            return Task.FromResult<object>(null);
        }
    }

In these classes added the claim using the following line;

context.Identity.AddClaim(new Claim("ExternalAccessToken", context.AccessToken));