Search code examples
asp.net-mvcauthenticationoauth-2.0linkedin-apiasp.net-identity

LinkedIn Authentication via Oauth2 returns null result (error=access_denied)

I moved my ASP.NET MVC web application from membership to Identity authentication and since that I cannot authenticate on LinkedIn anymore.

The Facebook authentication is still working fine but the LinkedIn is always returning a null loginInfo after the GetExternalLoginInfo call.

For the LinkedIn I'm using the Owin LinkedIn provider: LinkedIn APIs for .NET. I also unsuccessful tried to follow this post from Jerrie Pelser.

The Application calls the ExternalLogin Action that executes the ExecuteResult method and calls back the ExternalLoginCallback (after I allow access to the application). As I stated before, the method AuthenticationManager.GetExternalLoginInfoAsync() always returns a null loginInfo.

I checked the application settings in the LinkedIn and everything seems to be OK.

Ops! I almost forgot to say that the LinkedIn is returning back the URL with a generic error message: "GET /Account/ExternalLoginCallback?error=access_denied HTTP/1.1"

I can Authenticate using the DotNetOpenAuth.Clients (hosted github) but I'd like to just use the Identity.

Startup.Auth.cs

var linkedInOptions = new LinkedInAuthenticationOptions();
        linkedInOptions.ClientId = "Xxxxx";
        linkedInOptions.ClientSecret = "Yyyyyyy";

        linkedInOptions.Scope.Add("r_fullprofile");

        linkedInOptions.Provider = new LinkedInAuthenticationProvider()
        {
            OnAuthenticated = async context =>
            {
                context.Identity.AddClaim(new System.Security.Claims.Claim("LinkedIn_AccessToken", context.AccessToken));
            }
        };

        linkedInOptions.SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie;

        app.UseLinkedInAuthentication(linkedInOptions);

ExternalLogin

public ActionResult ExternalLogin(string provider, string returnUrl)
    {
        // Request a redirect to the external login provider
        return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl }));
    }

CallBack Action 

var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
    return RedirectToAction("Login");
}

LinkedIn CallBack URI

http://localhost:3279/signin-linkedin
Solution

  • After some researches and a visit the NuGet package repository I found a prerelease version of Owin.Security.Providers that worked like a charm. I just had to install it from package manager console and the issue with the null return from the LinkedIn External Login has gone.

    Install-Package Owin.Security.Providers -Pre

    Caution: Please be aware that the use of pre release packages may cause unexpected problems.