I hope someone can help me with this problem - it drives me crazy! :)
I am trying to use an external login via QQ Connect (OAuth 2.0) using tinysnake QQ Connect: https://github.com/tinysnake/microsoft-owin-security-qq
Everything seems to be going well - I can log in through my QQ account and I will return back to my ExternalLoginCallBack method with the corresponding statements, etc. I use these values ββto sign the user through IAuthenticationManager - everything is going well. However - when I redirect the user to another page and checks if he is logged in - then I get a false value from the IsAuthenticated value ... and I can not read any of the statements that I installed earlier.
It might be a simple fix, but I just don't see it right now.
Some codes:
AuthConfig:
public static void ConfigureAuthentication(IAppBuilder app) { app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); // Normal cookie sign in app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, LoginPath = new PathString("/Account/Login"), AuthenticationMode = AuthenticationMode.Active }); // QQ CONNECT app.UseQQConnectAuthentication( appId: "XXXXXX", appSecret: "XXXXXXXXXXXXXXXXX"); }
AccountController:
// // POST: /Account/ExternalLogin [System.Web.Mvc.HttpPost] [System.Web.Mvc.AllowAnonymous] [ValidateAntiForgeryToken] public ActionResult ExternalLogin(string provider, string returnUrl) { // Request a redirect to the external login provider return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl })); } // // GET: /Account/ExternalLoginCallback [System.Web.Mvc.AllowAnonymous] [HostAuthentication(DefaultAuthenticationTypes.ExternalCookie)] public async Task<ActionResult> ExternalLoginCallback(string returnUrl) { var ctx = Request.GetOwinContext(); var result = ctx.Authentication.AuthenticateAsync(DefaultAuthenticationTypes.ExternalCookie).Result; var claims = result.Identity.Claims.ToList(); var name = claims.First(i => i.Type == "urn:qqconnect:name"); claims.Add(new Claim(ClaimTypes.AuthenticationMethod, "QQ")); claims.Add(new Claim(ClaimTypes.Name, name.Value)); var ci = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ExternalCookie); ctx.Authentication.SignIn(ci); // DO OTHER STUFF HERE return Redirect("~/"); }
Everything seems to be going well ...
HomeController:
public ActionResult Index() { var model = new HomeViewModel(); var ctx = Request.GetOwinContext(); if (ctx.Authentication.User.Identity.IsAuthenticated)
When I check ctx.Authentication.User.Identity.IsAuthenticated, I get a false value ... and I cannot receive any of the claims.
Am I missing something?
Any help would be greatly appreciated :)
UPDATE
I got my code by doing this in my AccountController:
public async Task<ActionResult> ExternalLoginCallback(string returnUrl) { var ctx = Request.GetOwinContext(); var result = ctx.Authentication.AuthenticateAsync(DefaultAuthenticationTypes.ExternalCookie).Result; if (result.Identity.IsAuthenticated) { // Signed in successfully var claims = result.Identity.Claims.ToList(); var name = claims.First(i => i.Type == "urn:qqconnect:name"); //claims.Add(new Claim(ClaimTypes.AuthenticationMethod, "QQ")); claims.Add(new Claim(ClaimTypes.Name, name.Value)); var id = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie); var authenticationManager = ctx.Authentication; authenticationManager.SignIn(id); } return Redirect("~/"); }
But the way I see it - here I use ApplicationCookie and not ExternalCookie to login ... or am I missing something? This solution works for me - but I would like to know if this is the right thing to do?