Implement Google/Facebook token middleware auth logic

Question

0.00/5 (No votes)

See more:

, +

So first I will briefly explain what I'm trying to achieve.

Use case would be that user can from mobile app or SPA register using Google or Facebook on my app, and login later on and use all app has to offer.

I'm using .NET Core 2.2 as RESTful WEBAPI app with IdentityServer.
There's a mobile and SPA app to consume api.

From my view of understanding of REST based apis, client should send some token for every request to be authenticated?

I have implemented logic for Google acc registration/login using

Google.Apis.Auth

, but I cant wrap my head around middleware that will authenticate each request.

I'm also getting used to .NET Core, forgive my lack of knowledge.

P.S. I have feeling I'm doing something very wrong here.

What I have tried:

Here's my signin logic using google.

I'm sending idToken from client to api, where its being validated annd all client info saved if its not already.

C#

[AllowAnonymous]
[HttpPost]
[Route ("signin-google")]
public async Task<IActionResult> GoogleSignIn ([FromQuery] string token) {
    if (token == null) {
        return BadRequest (new { message = "Derp! You have to provide a token!" });
    }

    var settings = new GoogleJsonWebSignature.ValidationSettings () { Audience = new List<string> () { "XXXXXXXXXXXXXXXX.apps.googleusercontent.com" } };
    GoogleJsonWebSignature.Payload payload = await GoogleJsonWebSignature.ValidateAsync (token, settings);

    var result = await _signInManager.ExternalLoginSignInAsync (payload.Issuer, payload.JwtId, isPersistent : false);

    if (!result.Succeeded) {
        ApplicationUser user = new ApplicationUser () {
            Email = payload.Email,
            Firstname = payload.GivenName,
            Lastname = payload.FamilyName,
            PictureLink = payload.Picture,
            UserName = payload.Email,
        };

        UserLoginInfo userLogin = new UserLoginInfo (payload.Issuer, payload.JwtId, payload.Name);

        await _userManager.CreateAsync (user);
        await _userManager.AddLoginAsync (user, userLogin);
        await _signInManager.SignInAsync (user, isPersistent : false);
        return Ok (userLogin.ProviderKey);
    }
    return Ok (payload.JwtId);
}

Posted 2-Mar-19 2:54am

Faris Karcic

Updated 3-Mar-19 6:26am

v2

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

James Walsh Jr · Answer 1 · 2019-03-03T06:27:00

Here is the link to the documentation from IdentityServer on how to include Google Auth into your .Net Core middleware.

Code snippet below:

C#

<pre>services.AddAuthentication()
    .AddGoogle("Google", options =>
    {
        options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;

        options.ClientId = "<insert here>";
        options.ClientSecret = "<insert here>";
    });