0

I have ASP.NET MVC 5 web app with different third-party auth providers (Facebook, Vkontakte aka VK, Odnoklassniki aka OK). I use Microsoft.Owin.Security.Facebook for Facebook authentication, and KatanaContrib.Security.VK and KatanaContrib.Security.Odnoklassniki for others (i've a bit customized VK and OK to meet my purposes)

3 days ago everything was fine, but since that some of my customers complaining that they can't login using third-party providers. I also able replicate the problem with some interesting points

  • it's not persisntent in Google Chrome (Version 71.0.3578.80) for me
  • it's persistent in Opera (Version:57.0.3098.91)
  • I can login when my web app running locally or on dev.site.ru (both Chrome and Opera)

I've added more logs in the auth workflow and found

  • AuthenticationManager.GetExternalLoginInfoAsync() always returns null in Opera
  • .AspNet.Correlation.* cookies removed in the end of login process in Chrome, but not in Opera

I have all Microsoft.Owin and Microsoft.Owin.Security.* version 4.0.0. I also upgraded API used by providers to latest. But it doesn't help me. I also add logs to VK auth handler, and found that AuthenticationTicket is not null, and contains relevant information in Identity

Any ideas what can be wrong? Maybe you can give me some direction for further investigation?

Adalyat Nazirov
  • 1,611
  • 2
  • 14
  • 28
  • See if it's the same *problem*: [AuthenticationManager.GetExternalLoginInfo() returns null always with linkedin](https://stackoverflow.com/questions/53560167/authenticationmanager-getexternallogininfo-returns-null-always-with-linkedin) – Jimi Dec 07 '18 at 07:47
  • @Jimi no, just tried to update Tls and deploy it. The main difference from that question is that i have problems for all providers. So I think it should be a common problem – Adalyat Nazirov Dec 07 '18 at 07:57
  • Maybe your app server IP blocked third party providers – Esat ARSLAN Dec 07 '18 at 08:00
  • @EsatARSLAN, i don't think so. As I mentioned, I added some logs and found that provider return all invormation without any errors. – Adalyat Nazirov Dec 07 '18 at 08:03
  • I guess this link can resolve your problem.https://stackoverflow.com/questions/19775321/owins-getexternallogininfoasync-always-returns-null – chandra prakash kabra Dec 07 '18 at 08:46

1 Answers1

0

After have all Microsoft.Owin.Security.* updated I found that login failed (GetExternalLoginInfoAsync returns null) in case ASP.Net_SessionId cookie haven't created yet, but can login if it exists. So putting code Session["logging"]=true on Login page loading solves the problem.

It's also mentioned here

Adalyat Nazirov
  • 1,611
  • 2
  • 14
  • 28