❔ Adding Google External Login to ABP Framework 6

Hello, I am new to security and currently working on an app built on ABP Framework 6 (React Native, .NET 6 Web API). The app already has a default setup for JWT token authentication provided by ABP Framework 6. Now, I want to add Google external login functionality to the app. After some research, I have come up with the following solution:

public async Task<string> CreateGoogleExternalUserAsync([Required] string accessToken)
{
    try
    {
        var validationSettings = new GoogleJsonWebSignature.ValidationSettings
        {
            Audience = new List<string> { _configuration["Authentication:Google:ClientId"] }
        };
        var payload = await GoogleJsonWebSignature.ValidateAsync(accessToken, validationSettings);
        var email = payload.Email;

        // Create an account in your app using the retrieved information

        // Generate JWT token
        
        // Return the generated JWT token
    }
    catch (InvalidJwtException)
    {
        // Handle invalid access token
        throw new AbpAuthorizationException();
    }
}

public async Task<string> CreateGoogleExternalUserAsync([Required] string accessToken)
{
    try
    {
        var validationSettings = new GoogleJsonWebSignature.ValidationSettings
        {
            Audience = new List<string> { _configuration["Authentication:Google:ClientId"] }
        };
        var payload = await GoogleJsonWebSignature.ValidateAsync(accessToken, validationSettings);
        var email = payload.Email;

        // Create an account in your app using the retrieved information

        // Generate JWT token
        
        // Return the generated JWT token
    }
    catch (InvalidJwtException)
    {
        // Handle invalid access token
        throw new AbpAuthorizationException();
    }
}

I have a couple of problems with this approach and would appreciate your help in addressing them:

1. JWT Generation: In the given code snippet, I need assistance in understanding whether I should generate a JWT token in this method or if there is a different approach I should follow.
2. Usage of ABP Framework 6 Tables: While exploring the database schema used by ABP Framework 6, I noticed the existence of tables like AbpUserLogins with a column named LoginProvider. I'm unsure whether I need to utilize any of these tables for the external login functionality.
3. Authentication Flow: I'm not sure if the reactive should initiate the authentication flow, get the access token, and send it to the backend, or if it should be the other way around.
Could you please clarify the recommended approach for handling the authentication flow in this scenario?

public async Task<string> CreateGoogleExternalUserAsync([Required] string accessToken)
{
    try
    {
        var validationSettings = new GoogleJsonWebSignature.ValidationSettings
        {
            Audience = new List<string> { _configuration["Authentication:Google:ClientId"] }
        };
        var payload = await GoogleJsonWebSignature.ValidateAsync(accessToken, validationSettings);
        var email = payload.Email;

        // Create an account in your app using the retrieved information

        // Generate JWT token
        
        // Return the generated JWT token
    }
    catch (InvalidJwtException)
    {
        // Handle invalid access token
        throw new AbpAuthorizationException();
    }
}

public async Task<string> CreateGoogleExternalUserAsync([Required] string accessToken)
{
    try
    {
        var validationSettings = new GoogleJsonWebSignature.ValidationSettings
        {
            Audience = new List<string> { _configuration["Authentication:Google:ClientId"] }
        };
        var payload = await GoogleJsonWebSignature.ValidateAsync(accessToken, validationSettings);
        var email = payload.Email;

        // Create an account in your app using the retrieved information

        // Generate JWT token
        
        // Return the generated JWT token
    }
    catch (InvalidJwtException)
    {
        // Handle invalid access token
        throw new AbpAuthorizationException();
    }
}

❔ Adding Google External Login to ABP Framework 6

❔ Adding Google External Login to ABP Framework 6

Similar Threads

Similar Threads

Similar Threads