I'm having a weird problem with logging using owin oauth in my test environment. I create an account from my PC at the office using Google and I'm not able to use the same Google account to login from home or my mobile phone. That happens with Facebook as well.
Setup:
public partial class Startup
{
public void ConfigureAuth(IAppBuilder app)
{
/* Local login implementation */
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/login"),
ExpireTimeSpan = TimeSpan.FromDays(3),
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
/* Login with Google */
var googleOptions = new GoogleOAuth2AuthenticationOptions
{
ClientId = "",
ClientSecret = "",
};
googleOptions.Scope.Add("https://www.googleapis.com/auth/userinfo.profile");
googleOptions.Scope.Add("https://www.googleapis.com/auth/userinfo.email");
app.UseGoogleAuthentication(googleOptions);
AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier;
}
}
Oauth Controller
public class oauthcontroller : basecontroller
{
private readonly IUserService _userService;
// Google login button click
public ActionResult google()
{
return new ChallengeResult(LoginProviderEnum.Google.DisplayName, "/oauth/callback");
}
public ActionResult callback()
{
// context is not null
var context = HttpContext.GetOwinContext();
// auth is null
var auth = context.Authentication;
var loginInfo = auth.GetExternalLoginInfo();
//...
}
}
When using my PC at work this works fine and when logging from different machine HttpContext.GetOwinContext().Authentication is null.
UPDATE: I managed to reproduce it in localhost by removing cookie ASP.Net_SessionId
