Search code examples
asp.net-mvcmobileasp.net-web-apioauth-2.0asp.net-identity

Login via social (facebook, google etc.) on MVC and native mobile (Web API) on the same project

I'm developing an MVC web application (Asp.net C# - using AngularJS in the front). Currently, the users can log in to the site using username & password or oauth providers (such as google and Facebook).

We have developed a native mobile application that uses our asp.net web-api.

We want the users will be able to login using the same credentials to the mobile app and the website.

In order to do so, both projects (web-api & web application) are using the same DB with ASP.Net Identity. For example, if the user has created an account using username & password, he can log in on both platforms.

The problem is with external providers (Facebook, google...), when a user create an account on the web view the identity saves the users on the DB with a specific provider key (on the AspNetUserLogins table). And when the user login (or register) using the mobile app I only have the user token, and I don't know how to log the user in.

Then I've found this post: WebApi ASP.NET Identity Facebook login

which explains exactly what I've needed, only now I have 2 problems:

  1. Using the user token (from the mobile login) I retrieve his user ID and save it on the AspNetUserLogins table, but when using the web application it saves a different user id, actually it calls that a Provider Key.
  2. (Minor problem) For some reason, using the above link code, I don't get the user email but only his Facebook token and Facebook user id.

Please note, * I want to use the native approach and can't use a web view on the mobile app because I want the app to use the user Facebook/google native application. * Also read this: ASP.NET Identity in Microservice Architecture it didn't work.

Thanks in advance! Shaul

Solution

  • OK, I figured out the answers:

    1. Turns out that the provider key is actually the app specific user id, i.e the user has a specific user id for each Facebook app.

    2. In order to get the Email you should add a specific request for it in the scope in the startup.auth.cs:

      var facebookAuthenticationOptions = new FacebookAuthenticationOptions()
{
    AppId = DEFINITIONS.FACEBOOK_ID,
    AppSecret = DEFINITIONS.FACEBOOK_SECRET,

    Provider = new Microsoft.Owin.Security.Facebook.FacebookAuthenticationProvider()
    {
        // This is for saving the data as user claims
        OnAuthenticated = (context) =>
        {
            context.Identity.AddClaim(new System.Security.Claims.Claim("urn:facebook:access_token", context.AccessToken, null, "Facebook"));
            context.Identity.AddClaim(new System.Security.Claims.Claim("urn:facebook:email", context.Email, null, "Facebook"));
            return Task.FromResult(0);
        }
    }

};
// This will help you get the Email
facebookAuthenticationOptions.Scope.Add("email"); 
    app.UseFacebookAuthentication(facebookAuthenticationOptions);