infinite loop going back to authentication page when using OAuth in MVC5

问题

I have written a webpage that takes advantage of Google/Facebook auth using MVC5 and OAuth

sometimes, I'm able to auth very well using either Facebook or Google. It works quite well.

However often what happens is

1. Navigate to the login page
2. Choose either google or facebook
3. provide the account info, getting the necessary redirects
4. redirect back to login page, but not logged in

I'm not receiving (or not looking in the right place) any errors that clue me in - I am using SSL on Azure for hosting

Does anyone have tips for why it sometimes works, and sometimes does not? this feels like it could be a cookie thing, or maybe a server side configuration problem? I cant figure out why it would sometimes work and sometimes wouldnt work.

I've tried

• using a second machine, one that has never logged in before (to rule out cookies), same problem
• clearing my cookie cache, same problem

How I'm configured:

        public void ConfigureAuth(IAppBuilder app)
        {
            // Enable the application to use a cookie to store information for the signed in user
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Account/Login")
            });
            // Use a cookie to temporarily store information about a user logging in with a third party login provider
            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

            // Uncomment the following lines to enable logging in with third party login providers
            //app.UseMicrosoftAccountAuthentication(
            //    clientId: "",
            //    clientSecret: "");

            //app.UseTwitterAuthentication(
            //   consumerKey: "",
            //   consumerSecret: "");

            app.UseFacebookAuthentication(
               appId: "abc",
               appSecret: "123");

            app.UseGoogleAuthentication();
        }

I've followed this tutorial to use OAuth in MVC5 (http://www.asp.net/mvc/tutorials/mvc-5/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on)j

回答1:

this is a major issue where randomly your application will start going into an infinite loop and some times redeploying the application makes it work but only temporary. the quick way i found to address this issue is using nuget package kentor.owincookiesaver as commented by @cooper. you should make a call to this class before cookieauthentication call in the owin startup class as shown below

app.UseKentorOwinCookieSaver();

app.UseCookieAuthentication(new CookieAuthenticationOptions());

Apparently there is a bug in owin and katana where your cookie just disappear and this fixes it.

来源：https://stackoverflow.com/questions/21168686/infinite-loop-going-back-to-authentication-page-when-using-oauth-in-mvc5