1
votes

Hi am trying to use OAuth authentication FacebookAuthProvider provided by servicestack

 var AppSettings = appHost.AppSettings;
            appHost.Plugins.Add(new AuthFeature(() => new CustomUserSession(),
                new IAuthProvider[] {
                    new CredentialsAuthProvider(AppSettings),
                    new FacebookAuthProvider(AppSettings),
                    new GoogleAuthProvider(AppSettings)
                }));

I have implement custom AuthEvents and I have access to authorized user data

enter image description here

but after RedirectUrl happens in endpoint session is empty and IsAuthenticated property is false enter image description here

In the same time from Controller I can see that created session successfully saved in Cache enter image description here

This scenario occurred only if user doesn't login in facebook in the browser yet, but for user that already logged in facebook, authentication works fine

What am I doing wrong ? Thanks in advance!

Updates:

Scenario for repsoducing:

  1. ensure that you didn't loged in facebook in browser (open facebook.com and log out if need)
  2. run web app (project which created with template mvcauth)
  3. try to login via facebook 3.1. for first attempt you will be redirected to https://www.facebook.com/login.php? page for specify your facebook account credentials
  4. after first attempt you will be returned to web app page /Account/Login#s=1 but User.Identity.IsAuthenticated = false in AccountController.Login and you still unauthorized.
  5. after second attempt you will finally successfully logged in

At the same time after first attempt Session with user data will be created and saved in Cache, it looks like after redirecting from page 'https://www.facebook.com/login.php' а new session being created without auth data, but for second attempt we successfully login, maybe the core of issue is redirection from 'https://www.facebook.com/login.php'

1
This sounds like the Auth wasn’t successful, is the redirect url suffixed with a #f or a #s? - mythz
The redirect url looks like Account/Login#s=1 - 3axap
What is your current Startup.cs? Have you placed app.UseAuthentication(); before app.UseMvc - Edward
Yes, in Startup.cs I have app.UseAuthentication(); before app.UseMvc Login with username/password works as expected If I logged in facebook on another tab of my browser and then again try authenticate from my web app via facebook I will successfully logged in. Also after first authentication attempt (that complete, as I described, with IsAuthenticated = false) when I press login via facebook button in my web app again I successfully loggin in (without need input my facebook credentials again). - 3axap
What project template did you start with? - mythz

1 Answers

0
votes

In order to be able to use ServiceStack.Auth in MVC and vice-versa you'll need to register the NetCoreIdentityAuthProvider which provides integration between ServiceStack Authenticated Sessions and ASP.NET Core's Claims Principal, e.g:

public void Configure(IAppHost appHost)
{
    var AppSettings = appHost.AppSettings;
    appHost.Plugins.Add(new AuthFeature(() => new CustomUserSession(),
        new IAuthProvider[] {
            new NetCoreIdentityAuthProvider(AppSettings), /* Use ServiceStack Auth in MVC */
            new CredentialsAuthProvider(AppSettings),     /* Sign In with Username / Password  */
            new FacebookAuthProvider(AppSettings),        
            new GoogleAuthProvider(AppSettings),          
            new MicrosoftGraphAuthProvider(AppSettings),  
        }));

    appHost.Plugins.Add(new RegistrationFeature()); //Enable /register Service

    //override the default registration validation with your own custom implementation
    appHost.RegisterAs<CustomRegistrationValidator, IValidator<Register>>();
}