I wanted to connect an Umbraco instance to a Gitlab instance as an external LoginProvider. I therefore used Jeroen Breuer's OpenIdConnect Example and then adapted it to GitLab using the AspNet.Security.OAuth.GitLab package. The Umbraco documentation doesn't provide much insights about the implementation.
I managed to get the Gitlab login dialog to appear and if I'm already logged in there, the dialog doesn't appear, but returns immedeately to the callback page /umbraco/signin-gitlab. So far the solution works. But instead of showing the protected page, the login dialog keeps appearing. I see a welcome back message, but no cookie appears to be created.
It works so far that the login automatically creates a new member (=>AutoLink works). And because I don't want to use the email address as login name, I had to create my own implementation of IMemberSignInManager. I derived a class from MemberSignInManager with overridden ExternalLoginSignInAsync method. To do this, I copied ExternalLoginSignInAsync and a few private methods from the Umbraco sources until the whole thing compiled. This code works as expected and gave me the opportunity to set breakpoints and debug the SignIn process.
I stepped through the SignInOrTwoFactorAsync method with the debugger. After zillions of calls to SignIn methods in different classes, I ended up in the SignInAsync method in Microsoft's AuthenticationService class. The following happens there:
if (!(authenticationHandler is IAuthenticationSignInHandler authenticationSignInHandler))
{
throw await CreateMismatchedSignInHandlerException(scheme, authenticationHandler);
}
await authenticationSignInHandler.SignInAsync(principal, properties);
The test, if authenticationHandler implements IAuthenticationSignInHandler, fails. The authenticationHandler is of type Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler. That looks reasonable at first. But this handler does not implement IAuthenticationSignInHandler, so the exception is thrown at that point.
Now the question is: How can I persuade the system to do a SignIn? I suspect that I keep getting the login page because the auth cookie is missing. And that's missing because the exception is thrown when signing in.
Is there somebody who can help? Have you ever used an external login provider from the AspNet.Security.OAuth sources? Did you manage to get the SignIn to work?
Umbraco 13 with external LoginProvider (OAuth) throws during SignIn
I wanted to connect an Umbraco instance to a Gitlab instance as an external LoginProvider. I therefore used Jeroen Breuer's OpenIdConnect Example and then adapted it to GitLab using the AspNet.Security.OAuth.GitLab package. The Umbraco documentation doesn't provide much insights about the implementation.
I managed to get the Gitlab login dialog to appear and if I'm already logged in there, the dialog doesn't appear, but returns immedeately to the callback page /umbraco/signin-gitlab. So far the solution works. But instead of showing the protected page, the login dialog keeps appearing. I see a welcome back message, but no cookie appears to be created.
It works so far that the login automatically creates a new member (=>AutoLink works). And because I don't want to use the email address as login name, I had to create my own implementation of IMemberSignInManager. I derived a class from MemberSignInManager with overridden ExternalLoginSignInAsync method. To do this, I copied ExternalLoginSignInAsync and a few private methods from the Umbraco sources until the whole thing compiled. This code works as expected and gave me the opportunity to set breakpoints and debug the SignIn process.
I stepped through the SignInOrTwoFactorAsync method with the debugger. After zillions of calls to SignIn methods in different classes, I ended up in the SignInAsync method in Microsoft's AuthenticationService class. The following happens there:
The test, if authenticationHandler implements IAuthenticationSignInHandler, fails. The authenticationHandler is of type Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationHandler. That looks reasonable at first. But this handler does not implement IAuthenticationSignInHandler, so the exception is thrown at that point.
Now the question is: How can I persuade the system to do a SignIn? I suspect that I keep getting the login page because the auth cookie is missing. And that's missing because the exception is thrown when signing in.
Is there somebody who can help? Have you ever used an external login provider from the AspNet.Security.OAuth sources? Did you manage to get the SignIn to work?
If anybody searches for a solution, just follow the example code for gitlab auth, but add the following in the GitlabAuthExtension class:
In my case no defaultMemberGroup was defined.
is working on a reply...