Web API and Owin Oauth - redirect to another domain (redirect_uri)

Question

Web API and Owin Oauth - redirect to another domain (redirect_uri)

Asked 8 years, 1 month ago

Viewed 356 times

8

Good afternoon, I’m having a problem implementing external login on a project I’m working on.

ASP.NET Web API + Owin + Oauth.

Ambience: Work with two Server1 and Server2 servers.

Server1: Server published on the WEB. It houses files (HTML, CSS, JS). In addition, it works as a proxy. All incoming calls (which are not called from files) are redirected to Server2.

Server2: Unpublished server. Receives calls only in Server1. This server houses a WEB API and is where the user must be authenticated.

Problem: When logging into Server2, Owin returns as redirect_uri the following parameter:

&redirect_uri=http://server2/signin-google

Since the parameter I need to return would be:

&redirect_uri=http://server1/signin-google

The only configuration I found was Callbackpath:

googleAuthOptions = new GoogleOAuth2AuthenticationOptions() {
    ClientId = "xxxxxxx",
    ClientSecret = "xxxxxxx",
    CallbackPath = new PathString("/path"),    
    Provider = new GoogleAuthProvider()
};

But this setting does not work once new PathString("http://server1/signin-google") is not a valid value.

Does anyone know how I solve this problem?

1 answer

Browser other questions tagged c# asp.net-mvc asp.net-web-api oauth owin

You are not signed in. Login or sign up in order to post.

by Almeida • **498** points · Answer 1 · 2016-10-15T21:26:07+00:00

I had a difficulty with Web API and Owin Oauth, follows below the structure and as I resolved, maybe I can help you.

1) I have a web site in Asp.net mvc that login via Identity and Owin Oauth normally: facebook and google;

2) I have an Asp.net web api to serve 3 apps (android, Ios and windows phone);

3) Apps need Identity or social authentication (facebook or google) to access the web api;

Initially I tried to make the web api to provide the social authentication options to the apps and had some difficulties, I gave up because I had urgency in the implementation. Dai decided to request, confirm and receive the token via Oauth web, in case of social login. With the token I register in Identity and I will have them authenticated in Identity normally.