Asp .net core sample
See original GitHub issueOK i think its time we get together and create a sample for this. Mainly becouse there are a lot of questions on SO asking for help and we cant help them if we cant get it to work.
I will be working on it after work. So bare with me if response is slow.
Current Issues.
Login does appear to log me in and will save the user. However. When i try to navigate to the controller with the authorize in it. I get stuck in a login loop where it brings me back to the select user screen where i accept and im back there again.
The only thing i can see in the console is the following. Which makes no sence to me what so ever since i am not attempting to connect to YouTube in any way
configure services
public void ConfigureServices(IServiceCollection services)
{
services.AddDbContext<ApplicationDbContext>(options =>
options.UseSqlite(
Configuration.GetConnectionString("DefaultConnection")));
services.AddDefaultIdentity<IdentityUser>(options => options.SignIn.RequireConfirmedAccount = true)
.AddEntityFrameworkStores<ApplicationDbContext>();
services.AddControllersWithViews();
services.AddRazorPages();
services
.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = GoogleDefaults.AuthenticationScheme;
})
.AddCookie()
.AddGoogle(options =>
{
IConfigurationSection googleAuthSection = Configuration.GetSection("Authentication:Google");
options.ClientId = googleAuthSection["ClientId"];
options.ClientSecret = googleAuthSection["ClientSecret"];
options.Scope.Add(Google.Apis.Calendar.v3.CalendarService.Scope.Calendar);
});
}
A dummy controller with authorize
public class CalController : Controller
{
private readonly ILogger<CalController> _logger;
public CalController(ILogger<CalController> logger)
{
_logger = logger;
}
[Authorize]
public IActionResult Index()
{
return View();
}
[ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
public IActionResult Error()
{
return View(new ErrorViewModel {RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier});
}
}
I guess one of the first questions we should addreess is should we be using AddGoogle or should we be using AddGoogleOpenIdConnect? Considering that this should give Oauth2 access to a given api and not just openId connect login.
Using AddGoogleOpenIdConnect results in
InvalidOperationException: No authenticationScheme was specified, and there was no DefaultChallengeScheme found. The default schemes can be set using either AddAuthentication(string defaultScheme) or AddAuthentication(Action<AuthenticationOptions> configureOptions).
Using GoogleScopedAuthorize
[GoogleScopedAuthorize(CalendarService.ScopeConstants.Calendar)]
public async Task<IActionResult> Index([FromServices] IGoogleAuthProvider auth)
{
var cred = await auth.GetCredentialAsync();
var service = new CalendarService(new BaseClientService.Initializer
{
HttpClientInitializer = cred
});
var calendar = await service.Calendars.Get("primary").ExecuteAsync();
return View();
}
results in the following error
No webpage was found for the web address: https://localhost:5001/Account/AccessDenied?ReturnUrl=%2FCal
Considering the fact that i just consented to access its strange getting an access denied error
Issue Analytics
- State:
- Created 3 years ago
- Comments:35 (14 by maintainers)
Top GitHub Comments
Tracking progress here:
@pllamena , @LindaLawton I’ve updated the ASP.NET Core Google Auth packages so that they work with endpoints as well as MVC, which is what was stopping the Google.Apis.Auth.AspNetCore3 package from working properly. @pllamena once #1616 is merged and released, which will probably happen early next week, you can hopefully start using the libraries and skip your workaround. I’ve also updated the Google.Apis.Auth.AspNetCore*.IntegrationTests projects, mostly the one for ASP.NET Core 3 so that it now runs with recommended setup. @LindaLawton those are complete projects that you can use as samples, they not only show the basics but also how to achieve incremental auth, etc.
Once #1616 is merged, this issue will be closed, but please do add a comment or create a new issue if you find other problems.