Geek Answers Handbook

GetExternalLoginInfoAsync () loginInfo returns null - but only after a few hours

I use Strava as my external login provider (I assume this is not related to Strava, maybe google or facebook). After running for several hours / days or even weeks, GetExternalLoginInfoAsync returns null. I read a bunch of other questions with the same problem, but could not find a solution. I am sending my entire ConfigureAuth method, in case I do something wrong with the order.

If you have a strava account, you may have encountered this problem here: fartslek.no/Account/Login

public void ConfigureAuth(IAppBuilder app) { // Configure the db context, user manager and signin manager to use a single instance per request app.CreatePerOwinContext(ApplicationDbContext.Create); app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create); app.CreatePerOwinContext<ApplicationSignInManager>(ApplicationSignInManager.Create); // Enable the application to use a cookie to store information for the signed in user // and to use a cookie to temporarily store information about a user logging in with a third party login provider // Configure the sign in cookie app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString("/Account/Login"), Provider = new CookieAuthenticationProvider { // Enables the application to validate the security stamp when the user logs in. // This is a security feature which is used when you change a password or add an external login to your account. OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>( validateInterval: TimeSpan.FromMinutes(30), regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)) }, CookieManager = new SystemWebCookieManager() }); app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5)); app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie); app.UseStravaAuthentication( new StravaAuthenticationOptions{ ClientId="XXX", ClientSecret= "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", }); }

I use this https://github.com/Johnny2Shoes/Owin.Security.Strava to get StravaAuth.

When it stops working, azure reset is not enough, but if I create a new deployment, everything works for a while.

I am using Owin 3.0.1 and Mvc 5.2.3

+6
source share
1 answer

I had the same problem. After a short search, I found this to be a known bug in Owin because they process cookies.

This problem was sent to the Katana team, but it looks like they won’t fix it at all. There are many workarounds for this, but this was the simplest thing I could find:

  [HttpPost] [AllowAnonymous] [ValidateAntiForgeryToken] public ActionResult ExternalLogin(string provider, string returnUrl) { ControllerContext.HttpContext.Session.RemoveAll(); // Request a redirect to the external login provider return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl })); }

See this question for more information about this error, and let me know if this is good for you.

+8
source

More articles:


All Articles