✅ Anyone good with ClaimsPrincipal? Trying to print the User's email
So i'm trying to set up the SSO for Google and i've managed to get a working response and i've converted it to a JWT Token. However i need to get the User's Email address so i can map it to the User in the Database.
But i can't seem to figure it out.
36 Replies
It's an ASP.NET Project and the relevant code looks like this
BlazeBin - efjmobmpapzn
A tool for sharing your source code with the world!
I get the JWT Token as per usual, however the Email is always null in the Json
are you sure
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress is the right claim type? look through the whole collection of claims to see what's thereJust go through claims
There should even be
ClaimTypes.Email enum valueI'll check, hold on 😮
claimsPrincipal.FindFirstValue(ClaimTypes.Email) should do it
Something like thatDo i need any implementation in my program.cs for this as well?
I cant seem to get it to work o_o
here's how i tried to implement it; Now it's throwing a huge exception
I guess principal is null here, huh
doesn't AuthenticateAsync need you to pass an identity to it for it to actually have one?
O_O i just started taking this, so im a little out of the loop
As a side note, it looks to be a very... manual implementation. I'd think getting login with Google is just telling Identity to use the Google provider
it seems like you're missing the code that actually gets the authentication information from the google login and uses it to build an identity for your user
if someone does
GET /googleresponse they get automatically logged into your app whether they actually logged in with google or notHmm; Do you have any examples that could put me on the right track? The documentation from Microsoft is a little vague
i have a manual oauth example in a personal project, i can share it when i get home
it's been like a week since we started with it
I appreciate that 🙂
It's strictly for learning purposes
basically, google should be redirecting the user to that endpoint with a code or some other information in the query string that you then use to request a token from the google API
and that token will contain the user details assuming they logged in successfully
hmmm i see, thats different from the Jwt token that i actually got?
you didn't get a JWT anywhere, you're making one yourself
with no actual info in it
Isnt that relevant in this process? Or is that JWT token wrong?
oh
if you want to use a JWT you'll make one for your app like you have now, but you have to actually put some claims in it
they don't appear from nothing, you have to complete your end of the oauth process
I see 😮 i had hardcoded 4 claims previously
var claims = result.Principal.Identities.FirstOrDefault().Claims.Select(claim => new
{
claim.Issuer,
claim.OriginalIssuer,
claim.Type,
claim.Value
});
i believe they were these
I imagined it was the same but there's very little documentation on how this would work in practice.
These things we havent touched on it with school; But we have a personal project in my group where we figured it would be fun to implement it on our own time in our project.
So im just trying to learn.
my code is kind of messy with app specific stuff, but these are the google docs on using oauth https://developers.google.com/identity/protocols/oauth2/web-server
Google for Developers
Using OAuth 2.0 for Web Server Applications | Authorization | G...
tl;dr
1. redirect user to google login
2. google redirects user to your callback url with a code
3. you use the code to make a call to google's auth to get an access token
4. read the claims in the token and use them to build yours
How do you know which Claims you need? Other than the Email one?
We have set up Microsoft Identity; I just dont know how to connect Google SSO OAuth to it
If that route is simpler
Thanks btw 🙂
if you're using identity there should be a plug and play provider for google auth
Google external login setup in ASP.NET Core
This tutorial demonstrates the integration of Google account user authentication into an existing ASP.NET Core app.
Thats the exact documentation i've been following, however it didnt work for me in the end 😮
re: which claims, whichever claims you need to get the information you need about the user
there's no specific list, it's up to you
I just feel like the documentation is very vague on all of this
and its hard to find a way to tackle this; ChatGPT is also pretty useless hahaha
Any chance you could walk me through it? I assume its not a lot of code; And the next thing is to explain it further to my peers at school. As we're all stuck with this (its not a homework kind of thing or anything)
maybe the general oauth docs will help? https://oauth.net/2/
I can give that an honest try, thanks again 🙂
I think i solved it now 😄
Thanks a lot @Jimmacle @ZZZZZZZZZZZZZZZZZZZZZZZZZ 🙂
:Ok: