Hello!

I want to add external login capabilities to my Umbraco 7.2.1 website, namely Twitter and Facebook login. I am using DotNetOpenAuth and Microsoft WebPages OAuth library NuGet packages. OAuth providers are configured correctly.

I have created a Surface Controller with the following method:

[HttpPost]
public void Login(string provider, string returnUrl)
{
    OAuthWebSecurity.RequestAuthentication(provider, returnUrl);
}

The method gets executed with the correct parameters, however, the response is not redirected to the external login page. Instead I get the following error in my browser's (Chrome) developer console:

XMLHttpRequest cannot load https://www.facebook.com/dialog/oauth?client_id=... . No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:50832' is therefore not allowed access.

I tried using Response.Redirect:

Response.Redirect("http://www.google.com");

Same error:

XMLHttpRequest cannot load http://www.google.com/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:50832' is therefore not allowed access.

I'm not sure what can be causing this. I have another website (ASP.NET MVC 4, not Umbraco) that uses the same OAuth setup and does not have this problem. From what I've found, the error usually occurs when accessing external sites using JS. I'm not using JS.

The same problem appears when using a Generic Handler instead of a Surface Controller.

Please, help!

Thank you!