Auth2Provider - After redirecting back no session

I made a simple oath2provider that works fine, creates the userauth and details when directing back but I want the user to have an authenticated session when they are redirected to the success url: return authService.Redirect(redirectUrl); The redirect URL in my case is an authenticated service.

For some reason when being redirected from the oauth flow and landing on that page (localhost/me) there is no authenticated session. I’m not sure if this is related to localhost or if there is something missing. Any ideas where to look?

After validating the Access Token your OAuth Provider should call OnAuthenticated() to setup the session, here’s FacebookAuthProvider for reference:


protected virtual object AuthenticateWithAccessToken(IServiceBase authService, IAuthSession session, IAuthTokens tokens, string accessToken)
    tokens.AccessTokenSecret = accessToken;

    var json = AuthHttpGateway.DownloadFacebookUserInfo(accessToken, Fields);
    var authInfo = JsonObject.Parse(json);

    session.IsAuthenticated = true;

    return OnAuthenticated(authService, session, tokens, authInfo);

Failing that you should check that the same Session Cookies are being used before/after redirect.

Thanks, it turned out to be the UseSecureCookies needed to be set to false on localhost:

 SetConfig(new HostConfig
            DebugMode = AppSettings.Get("DebugMode", false),
            WebHostPhysicalPath = MapProjectPath("~/wwwroot"),
            UseCamelCase = true,
            ReturnsInnerException = true,
            AllowFileExtensions = { { "png" }, { "jpg" }, { "jpeg" } },
            UseSecureCookies = false