0

I'm using .net. 4.5.2 and latest version on Identity in my application. There are cases I get strange error from external login ".AspNet.Correlation.Google cookie not found."

In the logs I see the the I see the url "/signin-google?state=STATE FROM GOOGLE (I got it)" but "AuthenticationManager.GetExternalLoginInfoAsync" returns NULL and my logs showing the error I mentioned. This is my configurations:

var cookieOptions = new CookieAuthenticationOptions
        {
            AuthenticationType =  DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            CookieName = ".myApp",
            CookieDomain = ".myApp.com"
            CookieHttpOnly = true,
            SlidingExpiration = false,
            Provider = new CookieAuthenticationProvider
            {
                OnResponseSignOut = (context) =>
                {
                    //remove user cache
                },
                OnResponseSignIn = context =>
                {
                    //add token to claims

                },

                OnException = (context) =>
                {
                    //prevent exception display
                },
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<UserManager, User, int>(
                    validateInterval: TimeSpan.FromMinutes(IdentityExpiresIn),
                    regenerateIdentityCallback: (manager, user) =>
                    {
                        var identity = manager.CreateIdentityAsync(user,
                            DefaultAuthenticationTypes.ApplicationCookie);
                        return identity;
                    },
                    getUserIdCallback: (id) => (id.GetUserId<int>()))
            }
        };

     app.UseCookieAuthentication(cookieOptions);
     app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

     var googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions()
        {
            ClientId = AppSettings.Get<string>("GoogleAppID"),
            ClientSecret = AppSettings.Get<string>("GoogleAppSecret"),
            SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie,

        };

        googleOAuth2AuthenticationOptions.Scope.Add("email,profile");
        app.UseGoogleAuthentication(googleOAuth2AuthenticationOptions);

The issue happens usually when using mobile devices and Chrome (cookies are supported) and also with Facebook connect

Arnold
  • 89
  • 1
  • 11
  • update the packages and add packages that are related to google,Microsoft and others – KhawajaAtteeq Aug 23 '15 at 07:44
  • The packages are updated to latest version – Arnold Aug 23 '15 at 11:34
  • I noticed that this issue happening mostly on mobile devices – Arnold Aug 31 '15 at 12:41
  • 1
    I've had this happen to me in my most recent implementation of a lightweight oauth2 middleware. It will work fine, for a time, then all of a sudden the correlation cookie will fail to validate. When it is working, that cookie doesn't show up in the chrome:developer tools:resources:cookies area but when it fails, the aspnet.correlation cookie persists, thus not validating and the login fails. I have not found the reason for this yet but I have found a few posts about it. – Josh Oct 28 '15 at 06:43
  • 1
    take a look at this, as it appears that it may be an actual bug in OWIN. http://stackoverflow.com/questions/24878604/multiple-cookies-issue-in-owin-security-authenticationhandler – Josh Oct 28 '15 at 06:51
  • I hope that they will fix it :) – Arnold Oct 28 '15 at 22:07

0 Answers0