Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
201 views
in Technique[技术] by (71.8m points)

c# - AuthenticationResult.IsSuccessful started returning false for google

Today, without any change on my live site, logging in with the Google external login provider stopped working. This only happens to users that have a google login, other providers are fine. This also only happens on the live site, my dev machine running the debug version of the same code is fine.

My code is similar to the example MVC app with:

public ActionResult ExternalLoginCallback( string returnUrl )
{
    ...
    AuthenticationResult result = OAuthWebSecurity.VerifyAuthentication( Url.Action(   "ExternalLoginCallback", new { ReturnUrl = returnUrl } ) );
    if( !result.IsSuccessful )
    {
       return RedirectToAction( "ExternalLoginFailure" );
    }
}

I looked at result.error which is empty.

Has anything changed that I need to be aware of? I can see a similar question from January the 4th here. I imagine that it is something to do with my implementation rather than a google-wide problem because I am still able to log into SO which uses my google open ID.

I am using Log4Net and receiving the DotNetOpenAuth logs, but there are no errors in there, so it is different from this answer.

I tried upgrading from 4.3.0.13117 to the latest Nuget (4.3.4.13329), but that had no effect. I also can't seem to find a tag for the 4.3.4.13329 source in the repository. I will try downloading and building 4.3.0.13117 to see if I can find the cause. The only problem is that this works fine testing on my local computer and I am not sure I want to put debug DLLs on the live site.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Well, it has been a few weeks, so I thought I would document the steps I took to solve this in case it helps someone else. As background information, I am using Visual Studio 2012.

  1. Found that OpenID 2.0 + OAuth 1.0 was deprecated. See here. The service has not been discontinued, but I was concerned that I was seeing some degradation in service since this is now an obsolete approach.
  2. Upgraded from MVC4 to MVC5. See here.
  3. Used the DotNetOpenAuth.GoogleOAuth2 library. See here.
  4. Converted my site to https. See here and here.

Now that I have done that everything seems to be working fine.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...