using GoogleOAuth2AuthenticationOptions got a redirect_uri_mismatch error

Question

I'm trying to implement a Google authentication in a MVC 5 web app. Authentication is working fine, but I would retrieve profile and picture informations.

To do this, I added a GoogleOAuth2AuthenticationOptions object to specify additional claims :

var googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions
{
    ClientId = "xxxxxxxxxxxxxxxx",
    ClientSecret = "xxxxxxxxxxxxxxxxx",
    CallbackPath = new PathString("/Account/LoginCallback"),
    Provider = new GoogleOAuth2AuthenticationProvider()
    {
        OnAuthenticated = async context =>
        {
            context.Identity.AddClaim(new Claim("picture", context.User.GetValue("picture").ToString()));
            context.Identity.AddClaim(new Claim("profile", context.User.GetValue("profile").ToString()));
        }
    }
};

app.UseGoogleAuthentication(googleOAuth2AuthenticationOptions);

But it causes that a wrong URL is generated :

http://admin.localhost.com/Account/LoginCallback&state=Gs-otJmI79bgWA3_qJzDcGziWnkRCOf7JRoCUDCIz0jv4IIvDdoZlZzVSq2kZxfaPFDmv9hbZGp5q1Aq8mpLPguKnCF31twHj8NQCMv_NrgZzvKwaelmZr_HwY_bdj8h1ICFrkGTKLJ1saEYDbFJ2CJxvDkyBL2iygQmTXQTs-aUiL4yWe5_7dZQOjP_mDUSW-GXns3wr7Okwkoj8VEITJTUz9nAbrBd_N_7puTMlHU&client_id=xxxxxxxxxxxxxxxx

There is no '?' before parameters, that's cause a redirect_uri_mismatch.

However, when I use simply :

app.UseGoogleAuthentication(
    clientId : "xxxxxxxxxxxxxxxxxxx",
    clientSecret : "xxxxxxxxxxxxxxxxx");

It's working.

Any idea ?

Answer 1

Use only this much.

var googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions
            {
                ClientId = "MYCLIENTID",
                ClientSecret = "MYSECRET",
            };
    app.UseGoogleAuthentication(googleOAuth2AuthenticationOptions);

This method seems to automatically use the signin-google request in the address.To fix this change google callback location in the google console to point to this address.

Add RouteConfig file

 routes.MapRoute( name: "signin-google", url: "signin-google", defaults: new { controller = "Account", action = "LoginCallback" } ); 

Answer 2

Use this Below Code Snippet which is working fine just replace ClientID and ClientSecret will work for you.

     var googleOptions = new GoogleOAuth2AuthenticationOptions()
        {
            ClientId = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
            ClientSecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
            Provider = new GoogleOAuth2AuthenticationProvider()
            {
                OnAuthenticated = (context) =>
                {
                    context.Identity.AddClaim(new Claim("urn:google:name", context.Identity.FindFirstValue(ClaimTypes.Name)));
                    context.Identity.AddClaim(new Claim("urn:google:email", context.Identity.FindFirstValue(ClaimTypes.Email)));
                    //This following line is need to retrieve the profile image
                    context.Identity.AddClaim(new System.Security.Claims.Claim("urn:google:accesstoken", context.AccessToken, ClaimValueTypes.String, "Google"));

                    return Task.FromResult(0);
                }
            }
        };

        app.UseGoogleAuthentication(googleOptions);

if still error exists

Assume if your application URI is as shown below

http://localhost:2625/

Then at console.developers.google.com the URI you have registered need to be changed as show below.

Just add [signin-google] in URI at end

http://localhost:2625/signin-google

And finally save it.