Menu
A few days ago I was notified via email that Google is deprecating its Google+ APIs:
On March 7, 2019, all Google+ APIs and Google+ Sign-in will be shut down completely. This will be a progressive shutdown beginning in late January, with calls to these APIs starting to intermittently fail as early as January 28, 2019.
I currently use Google+ Sign-in as an external login provider in my ASP.NET MVC project. Seemingly, the ASP.NET documentation has not yet been updated (at the time of writing) to take into account this deprecated API.
Is there any guide available on whether or not the AddGoogle() extension method can still be used in the AuthenticationBuilder middleware, if so, how? If not, where can I find guidance on how to migrate from Google+ to the Google Identity Platform?
381
replace the deprecated Platform Library with the Identity Services library, and. if using the API Client Library, remove the deprecated gapi. auth2 module, its methods and objects, replacing them with Identity Services equivalents.
Google handles the user authentication, session selection, and user consent. The result is an authorization code, which the application can exchange for an access token and a refresh token. The application should store the refresh token for future use and use the access token to access a Google API.
There is an open issue on this on the aspnet\docs Github page.
This seems to be a breaking change, as indicated by the following issues on Github:
aspnet\AspNetCore: Google+ shutdown will break OAuth provider
aspnet\AspNetKatana: Google+ shutdown impacts
Apparently the Google OAuth provider performs a call to https://www.googleapis.com/plus/v1/people/me, which is used to get profile information. As stated by ThoughtHopper, "[t]he current code works until it tries to retrieve the userinfo."
A temporary workaround was posted by Tratcher, which is claimed to work for ASP.NET 2.0 and later:
.AddGoogle(o =>
{
o.ClientId = Configuration["google:clientid"];
o.ClientSecret = Configuration["google:clientsecret"];
o.UserInformationEndpoint = "https://openidconnect.googleapis.com/v1/userinfo";
o.ClaimActions.Clear();
o.ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub");
o.ClaimActions.MapJsonKey(ClaimTypes.Name, "name");
o.ClaimActions.MapJsonKey(ClaimTypes.GivenName, "given_Name");
o.ClaimActions.MapJsonKey(ClaimTypes.Surname, "family_Name");
o.ClaimActions.MapJsonKey("urn:google:profile", "profile");
o.ClaimActions.MapJsonKey(ClaimTypes.Email, "email");
o.ClaimActions.MapJsonKey("urn:google:image", "picture");
})
This changes the endpoint from which information is retrieved (no longer relying on Google+) and changes the way user info is mapped since this has changed.
From the amount of attention these issues are receiving I expect an update to be pushed out by Microsoft in the near future. Until then, this fix should work with the Google+ API disabled.
139
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With