Would appreciate any advice or guidance you can give.
Attempting to authenticate with Google and Microsoft API. using nugets Microsoft.AspNetCore.Authentication.Google and Microsoft.AspNetCore.Authentication.MicrosoftAccount
As per documents:- Facebook, Google, and external provider authentication in ASP.NET Core Configure ASP.NET Core to work with proxy servers and load balancers
All works fine on my development PC but after uploading to the host site (IONOS windows hosting) I get the following error after a successful authentication:-
TaskCanceledException: A task was canceled. System.Threading.Tasks.TaskCompletionSourceWithCancellation.WaitWithCancellationAsync(CancellationToken cancellationToken)
TimeoutException: A task was canceled. System.Threading.Tasks.TaskCompletionSourceWithCancellation.WaitWithCancellationAsync(CancellationToken cancellationToken)
TaskCanceledException: The request was canceled due to the configured HttpClient.Timeout of 60 seconds elapsing. System.Net.Http.HttpClient.HandleFailure(Exception e, bool telemetryStarted, HttpResponseMessage response, CancellationTokenSource cts, CancellationToken cancellationToken, CancellationTokenSource pendingRequestsCts)
AuthenticationFailureException: An error was encountered while handling the remote login. Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler.HandleRequestAsync()
I get a similar response when authenticating with Microsoft as well.
Details:- I have a webapp in c# NET 8.0 core MVC style.
Program.cs has:-
builder.Services.AddAuthentication()
.AddCookie("social_login")
.AddMicrosoftAccount(microsoftOptions =>
{
microsoftOptions.ClientId = builder.Configuration["Authentication:Microsoft:ClientId"];
microsoftOptions.ClientSecret = builder.Configuration["Authentication:Microsoft:ClientSecret"];
})
.AddGoogle(googleOptions =>
{
IConfigurationSection googleAuthNSection =
builder.Configuration.GetSection("Authentication:Google");
googleOptions.ClientId = googleAuthNSection["ClientId"];
googleOptions.ClientSecret = googleAuthNSection["ClientSecret"];
});
builder.Services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.Lax;
});
builder.Services.AddControllersWithViews();
builder.Services.AddRazorPages();
builder.Services.AddCors();
builder.Services.AddAntiforgery(o => o.SuppressXFrameOptionsHeader = true);
builder.Services.Configure<ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders =
ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
});
var app = builder.Build();
app.UseForwardedHeaders();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseFileServer();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
endpoints.MapRazorPages();
});
//For x-frame-options errpr:-
app.UseCors(x => x.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod());
app.Run();
Google api:-
The Requested URL looks like this:- https://example.com/signin-google?state={removed}&code={removed}&scope=email+profile+openid+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&authuser=1&prompt=consent
As I'm aware that IONOS uses proxy servers I added:-
builder.Services.Configure<ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders =
ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
});
app.UseForwardedHeaders();
Also tried adding
app.Use((context, next) =>
{
context.Request.Scheme = "https";
return next();
});