Xamarin open id login with Google

openid-connect xamarin

I'm setting up an open id login for Google en Microsoft and use the IdentityModel.OidcClient. I've been able to make it work for Microsoft, but the Google login doesn't return any tokens (they are all null). I followed [this tutorial][1]. To make the Microsoft login work, I needed to add ProviderInformation.UserInfoEndpoint to the OidcClientOptions. This was not mentioned in the tutorial.

I hoped the same trick would arrange things for Google too, but it didn't. So now I'm stuck with the Google login and I don't see what's missing. I hope someone else can give me that last push in the back.

One thing I noticed and find quite strange: if I add the client secret to my OidcClientOptions, I don't get a token back for the Microsoft login. If I remove it, all tokens (identity token, acces token etc) are returned.

This is the code I used to create the OidcClient object with all the options:

private OidcClient CreateOidcClient(string authorityUrl, string clientId, string scope, string redirectUrl, string issuerName, string tokenEndpoint, string authorizeEndpoint, string userInfoEndPoint, string? clientSecret = null)
{
    var options = new OidcClientOptions
    {
        Authority = authorityUrl,
        ClientId = clientId,
        ClientSecret = clientSecret,
        Scope = scope,
        RedirectUri = redirectUrl,
        Browser = new WebAuthenticatorBrowser(),
        ProviderInformation = new ProviderInformation
        {
            IssuerName = issuerName,
            KeySet = new JsonWebKeySet(),
            TokenEndpoint = tokenEndpoint,
            AuthorizeEndpoint = authorizeEndpoint,
            UserInfoEndpoint = userInfoEndPoint,
        }
    };

    var oidcClient = new OidcClient(options);

    return oidcClient;
}

This is the code I use when you click the "Sign in with Google" button:

private async Task GoogleLogIn()
{
    OidcClient oidcClient = CreateOidcClient(
        GoogleConfiguration.AuthorizeUrl, 
        GoogleConfiguration.ClientId, 
        GoogleConfiguration.Scope, 
        GoogleConfiguration.RedirectUrl, 
        GoogleConfiguration.IssuerName, 
        GoogleConfiguration.TokenEndpoint, 
        GoogleConfiguration.AuthorizeEndpoint, 
        GoogleConfiguration.UserInfoEndpoint,
        GoogleConfiguration.ClientSecret
        );

    LoginResult loginResult = await oidcClient.LoginAsync(new LoginRequest());
}

And finally the GoogleConfiguration:

public static class GoogleConfiguration
{
    public static readonly string AuthorizeUrl = "https://accounts.google.com/o/oauth2/v2/auth";
    public static readonly string ClientId = "XXXXXXXXX";
    public static readonly string Scope = "openid profile email";
    public static readonly string RedirectUrl = "XXXXXXXXX:/oauth2redirect";
    public static readonly string IssuerName = "accounts.google.com";
    public static readonly string TokenEndpoint = "https://www.googleapis.com/oauth2/v3/certs";
    public static readonly string AuthorizeEndpoint = "https://accounts.google.com/o/oauth2/v2/auth";
    public static readonly string UserInfoEndpoint = "https://openidconnect.googleapis.com/v1/userinfo";
    public static readonly string ClientSecret = "XXXXXXXXX";
}

This is the WebAuthenticationCallbackActivity class:

[Activity(NoHistory = true, LaunchMode = LaunchMode.SingleTask)] // or SingleTop?
[IntentFilter(new[] { Intent.ActionView },
Categories = new[] { Intent.CategoryDefault, Intent.CategoryBrowsable },
DataScheme = "data_scheme_microsoft")]
[IntentFilter(new[] { Intent.ActionView },
Categories = new[] { Intent.CategoryDefault, Intent.CategoryBrowsable },
DataScheme = "data_scheme_google")]
public class WebAuthenticationCallbackActivity : Xamarin.Essentials.WebAuthenticatorCallbackActivity
{
}

I receive following unclear error when the loginResult gets returned:

Error redeeming code: Not Found / no description

Any help is very much appreciated! If you need additional information, just let me know. [1]: https://mallibone.com/post/xamarin-oidc


I am not an expert, but lately succeeded in making the same sample code work against Google.
Along the way, I have got:

Error redeeming code: Unauthorized / Unauthorized

But then I realised that I am setting client secret that I had got from a different identity provider but Google. Google does not give a client secret when you create a client ID, does it?

I fixed it and now am able to get tokens.

Related

React Native: Change color of navigation tab
Qt in Google colab
Symfony 4, get .env parameter from a controller, is it possible and how?
Grouping data by time intervals and adding missing rows
Concatenate multiple rows from multiple tables
Why does this function give me correct values up to a certain range of inputs only? [duplicate]
Why should I use Provider in Mobx Flutter?
Modify a measure tool in qgis2web - openlayers export - add area function
how to make circle under text in css and html [duplicate]
Snowflake write_pandas is not inserting dates correctly
Rename a Pandas DataFrame index names with an Array of names [duplicate]
While working with spring boot and reactive programming, I saw actor-tcp-nio in console. What does it mean?