In the Host where my application is hosted, it uses ARR to redirect all pages to Https .
The problem is that in the way that the code for asp.net mvc is configured, it means that the request is http , even though it is https .
When I see the URL that goes to Google authentication it looks like this:
&redirect_uri=http%3A%2F%mydomain.com\signing-google
So I'm trying to redirect to Google by changing "on hand" to https .
I've tried this:
public class ChallengeResult : HttpUnauthorizedResult
{
...
public override void ExecuteResult(ControllerContext context)
{
var properties = new AuthenticationProperties { RedirectUri = RedirectUri };
if (UserId != null)
properties.Dictionary[XsrfKey] = UserId;
var owin = context.HttpContext.GetOwinContext();
owin.Request.Scheme = "https"; //hotfix
owin.Authentication.Challenge(properties, LoginProvider);
}
}
and this:
app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
{
ClientId = Secrets.GoogleClientId,
ClientSecret = Secrets.GoogleClientSecret,
Provider = new GoogleOAuth2AuthenticationProvider()
{
OnApplyRedirect = async context =>
{
string redirect = context.RedirectUri;
redirect = redirect.Replace("redirect_uri=http", "redirect_uri=https");
context.Response.Redirect(redirect);
}
}
});
The two forms work and Google can redirect to my application again, however by the time I get the user data it returns null .
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
{
if (string.IsNullOrEmpty(returnUrl))
returnUrl = "~/";
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
//sempre retorna null se eu mudo de http para https "na mão"
}
I tried to see the implementation of the GetExternalLoginInfoAsync() method, but I did not find out why I always return null when I do this workaround .