YARR and External Authentication Providers

After enabling Google and Microsoft authentication providers for YARR I had an issue: On Chrome I was able to login just fine, but Safari was causing issues.

On Safari after I selected Google or Microsoft for authentication from login page after entering my account and password I was redirected back to login page.

image

Under the hood this turned out to be this part in code that failed:

[AllowAnonymous]
        public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
        {
            var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
            if (loginInfo == null)
            {
                return RedirectToAction("Login");
            }

So on Safari loginInfo was always null when using external authentication, but on local accounts everything worked just fine.

After lots of searching and trying out different things this turned out to be client side issue. When using external authentication on Safari cookie settings need to be set like this:

Safari Privacy

So key in above is to ‘Allow from websites I visit’. Originally I had selected ‘Allow from current website only’, but that was a bit too strict setting.

This is a bit different from what I was used to see in Chrome:

image

With these browser settings YARR is able to authenticate using Google and Microsoft accounts.