CODEWITHSUNDEEP
asp.netfacebookopenid-connect
Rohit
Rohit

Reputation: 245

Using OpenIDConnect for Facebook

I am trying to build an MVC WebApp supporting multiple external providers using Google, Facebook, Microsoft and Twitter. So far with help from multiple online articles, I have succeeded in building a simple cookie based authentication scheme along with Google as authentication provider. Somehow the same logic for adding Facebook is not working. I am struggling with the FacebookOptions for Authority as I it keeps redirecting me to a Facebook page OAuth page which states "Sorry, something went wrong" Facebook Error

Here is how I defined my AddAuthentication method in Program.cs

    {
        options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
    })
    .AddCookie(options =>
    {
        options.LoginPath = new PathString("/login");
        options.AccessDeniedPath = new PathString("/denied");
    })
    .AddOpenIdConnect("google", googleOIDOptions =>
    {
        string gClientId = builder.Configuration.GetSection("Google:ClientId").Value;
        string gClientPwd = builder.Configuration.GetSection("Google:ClientSecret").Value;
        string gPath = builder.Configuration.GetSection("Google:CallbackPath").Value;
        
        googleOIDOptions.Authority = "https://accounts.google.com";
        googleOIDOptions.ClientId = gClientId;
        googleOIDOptions.ClientSecret = gClientPwd;
        googleOIDOptions.CallbackPath = gPath;
        googleOIDOptions.SignedOutCallbackPath = "/google-signout";
    })
    .AddOpenIdConnect("facebook", fbOIDOptions =>
    {
        string fbClientId = builder.Configuration.GetSection("Facebook:ClientId").Value;
        string fbClientPwd = builder.Configuration.GetSection("Facebook:ClientSecret").Value;
        string fbPath = builder.Configuration.GetSection("Facebook:CallbackPath").Value;

        fbOIDOptions.Authority = "https://www.facebook.com"; //"https://www.facebook.com/v16.0/dialog/oauth"; //;
        //fbOIDOptions.Authority = "https://www.facebook.com/dialog/oauth"; 
        fbOIDOptions.ClientId = fbClientId;
        fbOIDOptions.ClientSecret = fbClientPwd;
        fbOIDOptions.AccessDeniedPath = "/denied";
        //fbOIDOptions.CallbackPath = fbPath;
        //fbOIDOptions.SignedOutCallbackPath = "/facebook-signout";
        //fbOIDOptions.Scope.Add("email");
        //fbOIDOptions.ResponseType = OpenIdConnectResponseType.Code;
        //fbOIDOptions.SaveTokens = true; 
    });

In my HomeController.cs I defined a common method to intake multiple providers as follows,

[HttpGet("login/{provider}")]
    public IActionResult LoginExternal([FromRoute] string provider, [FromQuery] string returnUrl)
    {
        if (User != null && User.Identities.Any(identity => identity.IsAuthenticated))
        {
            RedirectToAction("", "Home");
        }

        returnUrl = string.IsNullOrEmpty(returnUrl) ? "/" : returnUrl;
        var authenticationProperties = new AuthenticationProperties { RedirectUri = returnUrl };

        return new ChallengeResult(provider, authenticationProperties);
    }

If you check the developer console I see page redirection as shown below as per the HTTP 302 code, Facebook login navigated to error page but when I try to investigate further with client_id information passed it seems page has been permanently redirected as per the HTTP 301 error code to https://facebook.com/dialog/oauth/?client_id=490605846573318&redirect_uri=https://localhost:7081/signin-oidc&response_type=id_token&scope=openid profile&response_mode=form_post&nonce=638109963739908338.ZWY0ZmM3NzMtNTM4Yy00YmVjLWJkOWEtYjY2NTMxZjRmYzNjZjg5NDRiYjQtNWU5Mi00NDI2LTg0NTQtYzVjZTAwM2FhMjdi&state=CfDJ8JX6wl_svOBCsCJLieG3tWwPbNfc9_vXYgF9hS8kM6eaFOb88LT-Baza9C3f5o-tn-7A5NYsI-rSTBiikzos3As_tkJxOrFzNGTWIgxmxdceVHim_mWudlhH-4fNCdCG2wZmWZPxHS7ES3FkoryXRSJ7wbVvIY3P4fDTpUsnJDfdl_z7i37VHkLighOHAfOXkKBAPYQTgibKJtd7WA0JC4V6j4_3xjNjeN12pBNtj0VGIeABxwwjQanAoiKb5yswfA73nr8ryEuF32Ikx4TE_s3_Mls7lIPrEWiRDEW5f7VhD246WhxKKEcinvUaMocGMA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.15.1.0

After the above step the encrypted_query_string page is showing HTTP 500 error I am not able to get what is causing this internal server error. Any clue or help is highly appreciated. Thanks in advance

Upvotes: 0

Views: 466

Answers (1)

Tore Nestenius
Tore Nestenius

Reputation: 19971

To access Facebook, a better approach is to replace AddOpenIdConnect with AddFaceBook(), that is more optimized for just Facebook authentication.

services.AddAuthentication().AddFacebook(facebookOptions =>
    {
        facebookOptions.AppId = configuration["Authentication:Facebook:AppId"];
        facebookOptions.AppSecret = configuration["Authentication:Facebook:AppSecret"];
    });

In theory AddOpenIDConnect should work, but AddFaceBook will make your life easier.

AddFaceBook is found in this NuGet package.

For more details, see Facebook external login setup in ASP.NET Core 7.0

Upvotes: 0

Related Questions