2

Q: How to retrieve the "code" returned by Google OAuth authentication from the HTTP header in ASP.Net MVC Account Controller? And is this the right approach to retrieve a user's Google profile photo?

I am trying to access the Google People API to retrieve an authenticated user's cover photo. I am using ASP.Net MVC 5 with the Owin Identity 'Account Controller'. I can authenticate OK with Google and register a new user in my ASP.net Users table (LocalDB).

But in order to retrieve the user's cover photo during the ExternalLoginConfirmation, I am trying (and failing) to retrieve the "code" querystring that is returned to my callback - see Chrome Dev Tools snapshot below.

Google Auth Code in header

I had assumed that it would be found in the QueryStrings property within the HttpContext of the AccountController but I can't find the "code" key or value when debugging the following Controller properties in breakpoints in the ExternalLoginCallback and ExternalLoginConfirmation actions:

var httpContext = HttpContext;
var modelState = ModelState;
var request = Request;
var response = Response;
var routeData = RouteData;
var session = Session;
var owinContext = HttpContext.GetOwinContext();

I'm still feeling out how the flow works - so I could be coming at this from the wrong angle so open to suggestions. I hope to use this code directly in a call to the Google People API (as the "key=" in the query string). Or perhaps I send the code to the Google authentication API to get an access token which I can then use as above. Or I could be misunderstanding entirely.

My intended URI to hit the Google People API for the user's cover photo looks like this:

string uri = $@"https://people.googleapis.com/v1/people/{UserId}?personFields=coverPhotos&fields=coverPhotos&key={token}";

(Where token is either the code returned when the user is authenticated by Google or a subsequent access token from an additional call, which uses the initial authentication code).

Tim Tyler
  • 2,380
  • 2
  • 16
  • 13
  • what type of Google credentials did you create? have you considered using the Google.net client library which would handle all this for you – Linda Lawton - DaImTo Mar 04 '18 at 09:22
  • btw code is the authorization code which you will need to exchange for an access token it's not an access token that can be used to call the api using &access_token= – Linda Lawton - DaImTo Mar 04 '18 at 09:24
  • Thanks for commenting. I've created the ClientId and ClientSecret for a web application. Gotcha re: auth code. Yes I am leaning towards just following the Google API, but I've gone around in circles with the redirect_mismatch error (where IIS uses a random port). Do you have any experience with that? And should I be using a Service Account Key, instead of a web app key? – Tim Tyler Mar 04 '18 at 09:47
  • 1
    @DalmTo Just found your answer to this post, I've not been using local IIS, so I'll try to set that up now :) https://stackoverflow.com/questions/42732706/error-redirect-uri-mismatch-in-google-login-in-mvc-application – Tim Tyler Mar 04 '18 at 10:05
  • you need to setup visual studio so the it doesn't use a random port as the redirect URI needs to match – Linda Lawton - DaImTo Mar 04 '18 at 12:11
  • Hi @DaImTo, running IIS locally has resolved the redirect mismatch issue, thanks for the tip. I've had a read through your website and the Google API and it looks like I really don't want to be manually interogating the HTTP packets and instead troubleshoot using the API. Using the API, I had the issue described here https://github.com/google/google-api-dotnet-client/issues/888, where the request for a token hangs - so I've followed their suggestion to use the FlowMetaData approach in my ExternalLoginConfirmation method. I'll need to ask another question as my credential returns null. – Tim Tyler Mar 06 '18 at 10:45

0 Answers0