Identityserver4: Redirect to MVC client using Google Authenticaiton not working

Created on 15 Feb 2017  ·  12Comments  ·  Source: IdentityServer/IdentityServer4

I am using Identity server 4 for authentication. When I use my IS4 login then after authentication of the user, user get redirected to the MVC client. But when the user uses Google Authentication for the same MVC client. Then after google authentication user don't get redirected to the MVC client, the user stays on the authentication server's login page?

google-redir-not-work

question
Source
picture gauravawr

Most helpful comment

I've being caught this error:

No authentication handler is configured to authenticate for the scheme: idsrv.external

When I used SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme in my UseGoogleAuthentication options.

So I just changed that to SignInScheme = "Identity.External", as in sample number 6. After that all just works.

picture kuncevic on 6 Mar 2017
👍2

All 12 comments

Did you debug into your code that triggers google logins?

brockallen picture brockallen on 16 Feb 2017

Yes, after authentication from google, google redirected me back to the url I registered(localhost:myport, this is my local identity server). But then identity server does not redirect back to the mvc client.

gauravawr picture gauravawr on 16 Feb 2017

When I looked info ExternalLoginCallback method in the account controller. The calls comes to this piece of code, where info is null, that's why I guess, it returns back to the login page again.

        var info = await _signInManager.GetExternalLoginInfoAsync();
        if (info == null)
        {
            return RedirectToAction(nameof(Login));
        }

Any suggestions why info can be null?

gauravawr picture gauravawr on 17 Feb 2017

Are you registering a temp cookie middleware for the external authentication? Is that scheme the same one the quickstarts uses?

brockallen picture brockallen on 17 Feb 2017

Yes I did same as the quickstart does (https://identityserver4.readthedocs.io/en/release/topics/signin_external_providers.html, now its TBD).

Here the code from starup.cs and assemblies from my Identity server:

google-redir-not-work-2

gauravawr picture gauravawr on 18 Feb 2017

Another thing is that if I use var info = await HttpContext.Authentication.GetAuthenticateInfoAsync(Identity‌​ServerConstants.Exte‌​rnalCookieAuthentica‌​tionScheme); to get the info, then it works.

google-redir-not-work-3

1.From image avove image, this is the flow is given in the MS default mvc core template for /Account/ExternalLoginCallback, are we suppose to use it still or it has been changed?

  1. And also the await _signInManager.GetExternalLoginInfoAsync(); is given in the MS default template. Does it not work anymore?
gauravawr picture gauravawr on 18 Feb 2017

I had the same problem (waste on it 3 days)
and for me the solution was :

var CookieScheme = app.ApplicationServices.GetRequiredService<IOptions<IdentityOptions>>().Value.Cookies.ExternalCookieAuthenticationScheme;
and change :
SignInScheme = CookieScheme,
like here:
https://github.com/IdentityServer/IdentityServer4.Samples/issues/122
and here
http://stackoverflow.com/questions/42176017/using-iprofileservice-when-sign-in-by-google-oauth

@brockallen , you should update the samples NOT to use:
"SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme" - NOT GOOD.

and now all 3 external providers are working - google, ,facebook , twitter.
Regards

zahik picture zahik on 3 Mar 2017

and change : SignInScheme = CookieScheme,

Perhaps I'm missing what you mean here, but if this is setting the social middleware, then this is wrong. You don't want the social middleware to go directly to the main login cookie. That's why we use a 2nd middleware for external logins.

@brockallen , you should update the samples NOT to use:
"SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme" - NOT GOOD.

So I still don't follow. What is not good about it and why is it breaking?

brockallen picture brockallen on 3 Mar 2017

And also the await _signInManager.GetExternalLoginInfoAsync(); is given in the MS default template. Does it not work anymore?

This is a feature of ASP.NET Identity, not the authentication system. Microsoft conflates the two without explaining how each layer works. Complain to them, as they need to be told to stop doing that.

brockallen picture brockallen on 3 Mar 2017

I've being caught this error:

No authentication handler is configured to authenticate for the scheme: idsrv.external

When I used SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme in my UseGoogleAuthentication options.

So I just changed that to SignInScheme = "Identity.External", as in sample number 6. After that all just works.

kuncevic picture kuncevic on 6 Mar 2017
👍2

I just hit this, when creating a vanilla asp.net core project that uses individual user accounts, with the scaffolded identity razor pages UI. The project worked out of the box, and it also worked when I added bitbucket external authentication, however when trying to bring identity server 4 into the mix, after looking at the samples and docs, I was unable to get it to work.

Note the samples provided for using identity server with asp.net core identity don't appear to use the standard scaffolded UI's, instead the samples have custom UI and controller implementations - so this left me thinking perhaps this scenario still needs to be worked through / ironed out.

dazinator picture dazinator on 6 Aug 2018

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

lock[bot] picture lock[bot] on 13 Jan 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

osudude picture osudude  ·  3Comments
createroftheearth picture createroftheearth  ·  3Comments
chrisrestall picture chrisrestall  ·  3Comments
agilenut picture agilenut  ·  3Comments
mackie1001 picture mackie1001  ·  3Comments