问题
I'm setting up OAuth using the Owin libraries including Google and Facebook.
The Owin startup class is registering fine by the looks of it. What I'm finding is that rather than being redirected to the appropriate sign in page at Facebook or Google, I'm being redirected to a default 'login.aspx' page. There is no login.aspx page in my solution.
The flow is triggered in a view like so:
@{
// Get list of configured external authentication middleware
var loginProviders = Context.GetOwinContext().Authentication.GetExternalAuthenticationTypes();
if (!loginProviders.Any())
{
<div>
<p>There are no external authentication services configured</p>
</div>
}
else
{
using (Html.BeginForm("ExternalLogin", "OAuth"))
{
@Html.AntiForgeryToken()
<div>
<p>
@foreach (AuthenticationDescription p in loginProviders)
{
<button type="submit" class="btn btn-default" id="@p.AuthenticationType" name="provider" value="@p.AuthenticationType" title="Log in using your @p.Caption account">@p.AuthenticationType</button>
}
</p>
</div>
}
}
}
This triggers the challenge result, however the challenge result simply causes a redirect to login.aspx (which again does not exist)
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult ExternalLogin(string provider)
{
string redirectUri = Url.Action("ExternalLoginCallback");
// Request a redirect to the external login provider
return new ChallengeResult(provider, redirectUri);
}
What could I be missing?
I've included the Startup.cs class for good measure:
public void Configuration(IAppBuilder app)
{
app.UseCookieAuthentication(
new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseFacebookAuthentication(new FacebookAuthenticationOptions
{
AppId = Config.OAuthFacebookAppId,
AppSecret = Config.OAuthFacebookAppSecret,
Scope = { "email" }, // "email", also "publish_actions" can be included if post to facebook authorization is required
Provider = new FacebookAuthenticationProvider
{
OnAuthenticated = context =>
{
context.Identity.AddClaim(new System.Security.Claims.Claim("FacebookAccessToken", context.AccessToken));
return Task.FromResult(true);
}
}
});
app.UseGoogleAuthentication(
clientId: Config.OAuthGoogleClientId,
clientSecret: Config.OAuthGoogleClientSecret
);
}
回答1:
The key modification was to add the code:
// Stop execution of the current page/method - the 401 forces OWIN to kick-in and do its thing
Response.StatusCode = 401;
Response.End();
AuthenticationProperties.RedirectUri is not passed to Google in Challenge()
Other issues were that the Google+ API was not enabled
OWIN's GetExternalLoginInfoAsync Always Returns null
... and for Facebook, an upgrade of the Owin libs to 3.1.0 was required
MVC5 Null Reference with facebook login
So full ExternalLogin method:
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public void ExternalLogin(string provider)
{
string redirectUri = Url.Action("ExternalLoginCallback");
var properties = new AuthenticationProperties() { RedirectUri = redirectUri };
HttpContext.GetOwinContext().Authentication.Challenge(properties, provider);
// Stop execution of the current page/method - the 401 forces OWIN to kick-in and do its thing
Response.StatusCode = 401;
Response.End();
}
来源:https://stackoverflow.com/questions/47458095/asp-net-owin-oauth-google-facebook-is-redirecting-to-default-login-aspx-inse