Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Using Google.Apis.Auth in .NET 8 #2826

Closed
vanna798756 opened this issue Aug 29, 2024 · 8 comments
Closed

Using Google.Apis.Auth in .NET 8 #2826

vanna798756 opened this issue Aug 29, 2024 · 8 comments
Assignees
Labels
priority: p3 Desirable enhancement or fix. May not be included in next release. type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design.

Comments

@vanna798756
Copy link

vanna798756 commented Aug 29, 2024

We are trying to implement a Google Calendar sync function in our app. We have tried using the Google.Apis.Auth.AspNetCore3 packages but it doesn't seem for purpose as it hijacks the existing authentication in the system.

Is it possible to use the previous version Google.Apis.Auth in .NET 8 without trouble?

For example of our attempts to use Google.Apis.Auth.AspNetCore3 see https://stackoverflow.com/questions/78919223/combining-googleopenid-and-cookie-authentication-in-asp-net-core-8/78922674

@vanna798756 vanna798756 added priority: p3 Desirable enhancement or fix. May not be included in next release. type: question Request for information or clarification. Not an issue. labels Aug 29, 2024
@jskeet
Copy link
Collaborator

jskeet commented Aug 29, 2024

It's not clear what you mean by "hijacks the existing authentication". Both @amanda-tarafa and I are on vacation at the moment; Amanda knows a lot more about this than I do, and I'm sure she'll look at it when she's back at work next Tuesday.

@jskeet jskeet assigned amanda-tarafa and unassigned jskeet Aug 29, 2024
@vanna798756
Copy link
Author

vanna798756 commented Aug 29, 2024

Basically I have an application where people authenticate using standard cookie forms authentication. As part of this application there is a function where they need to be able to retrieve Google calendars. Using the Google.Apis.Auth.AspNetCore3 as soon as I do this it logs me out of the primary authentication and logs in as Google. I don't want to do this, I just want for them to log in and get the list of calendars.

What would really be ideal was if I could get it running in a service, but I still need the user to authenticate their own credentials before the service can call the Calendar API. This was all possible with the old API.

@jskeet
Copy link
Collaborator

jskeet commented Aug 29, 2024

I suspect this is more a question of "how do I use multiple forms of authentication in ASP.NET Core" than being specifically about Google auth - my guess is you'd have the same issue with any two auth mechanisms. That may be of some help in terms of research until Amanda and I are back at work.

@vanna798756
Copy link
Author

@amanda-tarafa amanda-tarafa added type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design. type: question Request for information or clarification. Not an issue. and removed type: question Request for information or clarification. Not an issue. type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design. labels Sep 5, 2024
@amanda-tarafa
Copy link
Contributor

As @jskeet and the Stack Overflow user replying to your question have said, this is not a Google Auth specific issue, this is because your application depends on two different sign in mechanisms at the same time, which both depend on cookie schemes and the out of the box capabilities from ASP.NET Core to keep track of a single signed user (HttpContext.User, etc.).

Google.Apis.Auth.AspNetCore3 is a helper package to make it easer for ASP.NET Core 3+ applications to support Google OpenID as the sign in mechanism, and that makes user's access tokens readily available to the application. Google.Apis.Auth.AspNetCore3 is not meant to be used alongside other sign in mechanisms that depend on cookie schemes. This is a use case that we are unlikely to consider at the moment for implementation (Note: an exception to that may be #2225 for integrating with .NET Identity, but that's also a particular use case that won't cover using any sing-on mechanism along side something like Google.Apis.Auth.AspNetCore3).

Is it possible to use the previous version Google.Apis.Auth in .NET 8 without trouble?
This was all possible with the old API.

It's not clear here what you mean with "the previous version Google.Apis.Auth" and "the old API".
Google.Apis.Auth.AspNetCore3 is not the successor of Google.Apis.Auth. Google.Apis.Auth.AspNetCore3 is just a helper package, built on top of Google.Apis.Auth, for integrating Google OpenID with ASP.NET Core 3+, covering some common use cases. Since your use case is more complex than what Google.Apis.Auth.AspNetCore3 supports, you can definetely use Google.Apis.Auth to build your own access token obtention mechanism without relying on cookies, so that you can continue using other sign-in mechanism that does.

@vanna798756
Copy link
Author

vanna798756 commented Sep 6, 2024

Thanks. Are there any examples of authentication with .NET Core 3+ without using the AspNetCore3 package, but using the Google.Apis.Auth package? Basically an example of using GoogleAuthorizationCodeFlow in a .NET Core 3+ app.

@amanda-tarafa
Copy link
Contributor

We don't have a sample, but you can use Google.Apis.Auth.OAuth2.Web.AuthorizationCodeWebApp which is a helper class that wraps a flow and implements the steps described in Using OAuth 2.0 for Web Server Applications.

You need to decide how to store user credentials and implement a Google.Apis.Util.Store.IDataStore that you pass to the flow on construction.

@amanda-tarafa
Copy link
Contributor

@vanna798756 I'll close this issue as I believe we've answered your questions. Feel free to leave a comment if you believe otherwise and of course, create new issues if you encounter problems when using Google.Apis.Auth.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
priority: p3 Desirable enhancement or fix. May not be included in next release. type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design.
Projects
None yet
Development

No branches or pull requests

3 participants