I am trying to set up Google Auth on ASP.NET Core 3 and I get this error:
The oauth state was missing or invalid. Unknown location
My Startup.cs file looks like this:
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services
.AddControllersWithViews()
.AddRazorRuntimeCompilation();
services.AddHttpContextAccessor();
services.TryAddSingleton<IActionContextAccessor, ActionContextAccessor>();
services.AddSingleton<IPaddleSettingsService, PaddleSettingsService>();
services.AddScoped<IPaymentProviderService, PaddlePaymentProviderService>();
services.Configure<AppConstants>(Configuration);
services
.AddAuthentication(o =>
{
o.DefaultScheme = "Application";
o.DefaultSignInScheme = "External";
})
.AddCookie("Application")
.AddCookie("External")
.AddGoogle(o =>
{
o.ClientId = Configuration["GoogleClientId"];
o.ClientSecret = Configuration["GoogleClientSecret"];
o.CallbackPath = new PathString("/a/signin-callback");
o.ReturnUrlParameter = new PathString("/");
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseDefaultFiles();
app.UseStaticFiles();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseHttpsRedirection();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
}
}
The Controller:
[Route("a")]
/*[Route("Account")]*/ //Adding additional Account route to controller solves the problem. Why?
public class AccountController : Controller
{
private readonly IOptions<AppConstants> _appConstants;
private readonly IPaymentProviderService _paymentProvider;
public AccountController(IOptions<AppConstants> appConstants, IPaymentProviderService paymentProvider)
{
_appConstants = appConstants;
_paymentProvider = paymentProvider;
}
[Route("signin-google")]
public IActionResult Signin(string returnUrl)
{
return new ChallengeResult(
GoogleDefaults.AuthenticationScheme,
new AuthenticationProperties
{
RedirectUri = Url.Action(nameof(GoogleCallback), new { returnUrl })
});
}
[Route("signin-callback")]
public async Task<IActionResult> GoogleCallback(string returnUrl)
{
var authenticateResult = await HttpContext.AuthenticateAsync("External");
if (!authenticateResult.Succeeded) return LocalRedirect("/#signinerr");
var emailClaim = authenticateResult.Principal.FindFirst(ClaimTypes.Email);
var activeSubscriptions = await _paymentProvider.GetUserActiveSubscriptions(emailClaim.Value);
if (activeSubscriptions.Length != 0)
{
var activeSubscription = activeSubscriptions.First(a => a.State == "active");
SetCookies(emailClaim.Value, activeSubscription.UserId, activeSubscription.SubscriptionId);
return LocalRedirect("/");
}
ClearCookies();
return LocalRedirect("/#signinerr");
}
}
The authorization url in google is below, it matches my local URL perfectly:
http://localhost:5000/a/signin-callback
When I select an account to authorize form google I get the error, but if I add
[Route("Account")]
the route to the controller then everything works fine. I can't understand why adding the Account route makes different? Any idea what is going on under the hood?
See Question&Answers more detail:os
