0

I have a web server with secured api endpoints - one must have been authenticated with Google prior to using them. I implemented Challenge and Callback endpoints for that.

This works well from a browser with my SPA web front-end. The user gets redirected to the Google website to sign-in and then gets redirected back to my webapp and it can use the endpoints to update its state.

I also have a WPF application that will communicate with the web server. I want the WPF application to do the same as the web front-end: Use the web api endpoints after being authenticated with Google. The connection between the WPF application and my web server is done through an HttpClient.

My problem is I don't know how to authenticate that HttpClient connection between the WPF app and the web server.

I tried using the same Challenge endpoint but the response I get is of course the HTML from the Google Sign-In page, so I guess I can't use that with an HttpClient...

I also tried authenticating with GoogleApis from the WPF app and use the authenticated token to set cookies in the HttpClient but apparently this is not compatible.

How to authenticate an HttpClient connection to a web api with an external provider such as Google?

Bruno
  • 4,685
  • 7
  • 54
  • 105
  • You can use `WebBrowser` or `WebView` control to display an html content from the Google Sign-In page – Pavel Anikhouski Oct 27 '19 at 18:38
  • @PavelAnikhouski Thanks, I tried that also but got stuck when trying to transfer the authentication cookies from the `WebBrowser` to the `HttpClient`. Do you know how to do this? – Bruno Oct 27 '19 at 18:39
  • you can try to manage the authentication in WPF application using `WebBrowser` only, without `HttpClient`. `WebBrowser` will manage all cookies internally, since it has the usual IE under the hood – Pavel Anikhouski Oct 27 '19 at 18:43
  • @PavelAnikhouski Yes but I cannot (should not?) use the WebBrowser to do the web api requests in order to maintain the state inside the WPF ViewModels...can(should) I? – Bruno Oct 27 '19 at 18:46
  • With `WebBrowser` control you can access DOM (through COM interface) and maintain the state. Another option is to use p/invoke to manage cookies between `WebBrowser` and `HttpClient` as it's written in this [thread](https://stackoverflow.com/questions/1975576/managing-cookies-in-a-wpf-webbrowser-control) – Pavel Anikhouski Oct 27 '19 at 18:53
  • @PavelAnikhouski That seems hackish to me...there must be a way to do the authentication in a programmatic manner for a web api connection? :S – Bruno Oct 27 '19 at 19:14
  • Have a look at this [thread](https://stackoverflow.com/questions/48321034/wpf-application-authentication-with-google), it might be helpful – Pavel Anikhouski Oct 27 '19 at 19:42

0 Answers0