Could not find details on what is the expected behaviour for ABP.IO out of the box.
We have setup Google as an external provider. In our Google Cloud we've created an OAuth Consent Screen service & client with available scopes:
/auth/userinfo.email /auth/userinfo.profile openid
During our testing of this feature, when we click the "Google" button on the registration/login screen, the user experiences:
- Redirect to Google consent screen
- After approval, redirect back to ABP application's registration page
- Name fields and email address are blank
Should these fields be pre-populated from the external provider or is this not implemented by ABP?
9 Answer(s)
-
0
- When using ABP Framework's Account Module with an external provider like Google, the expected out-of-the-box behavior is as follows:
- The user clicks the "Google" button and is redirected to the Google consent screen.
- After authentication and consent, the user is redirected back to the ABP application's registration page.
- The registration page should have the email and name fields pre-populated with the information received from Google, provided that the necessary scopes (
openid,email,profile) are configured and Google returns these claims.
If the fields are blank, this typically means that the external provider is not returning the expected claims, or the ABP application is not correctly mapping them. Ensure that:
- The Google OAuth client is configured to request the
openid,email, andprofilescopes. - The ABP application is correctly configured to map the external claims to the registration fields.
By default, ABP attempts to map standard claims like
emailandnamefrom the external provider to the registration form. If this is not happening, you may need to check your provider configuration or customize the claim mapping in your ABP application.Sources:
- ABP Account Module: External Logins
- ABP Community: Azure AD & External Authentication
- ABP Docs: CurrentUser
This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.
- When using ABP Framework's Account Module with an external provider like Google, the expected out-of-the-box behavior is as follows:
-
0
hi
Can you check the Access Token and claims from Google?
Please set a breakpoint to check the
accesstokenandclaims.context.Services.AddAuthentication() .AddGoogle(GoogleDefaults.AuthenticationScheme, options => { options.Events.OnCreatingTicket = ticketContext => { var accesstoken = ticketContext.AccessToken; var claims = ticketContext.Principal?.Claims.ToList(); return Task.CompletedTask; }; // options.ClaimActions.MapJsonKey(AbpClaimTypes.Email, "your_google_email_claim_key"); // options.ClaimActions.MapJsonKey(AbpClaimTypes.UserName, :"your_google_username_claim_key"); // options.ClaimActions.MapJsonKey(AbpClaimTypes.Name, "your_google_username_claim_key"); })Thanks.
-
0
The access token and claims are present, but I see you have commented out mappings (MapJsonKey) which aren't present in my code. Is that what I'm missing? I don't see it mentioned in the documentation.
-
0
hi
Can you share a demo app? I will try to login my google account to check the register page.
liming.ma@volosoft.com Thanks
-
0
hi
The
Register.cshtml.csfile: DELETED
-
0
Thank you. The example you provided got me what I needed. I removed the tenancy check (since we're not using multi-tenancy in our application) and ended up with this revised version (below).
A couple things I need:
- The shared file and screenshot contain client-identifying information (namespaces in code, name in screenshot) and I ask you to please edit your post and remove those.
- Can you help me understand why this edit is necessary? Since this is an override, I would expect the base class to already handle this.
protected override async Task TrySetEmailAsync() { if (IsExternalLogin) { var externalLoginInfo = await SignInManager.GetExternalLoginInfoAsync(); if (externalLoginInfo == null) { return; } if (!externalLoginInfo.Principal.Identities.Any()) { return; } var identity = externalLoginInfo.Principal.Identities.First(); var emailClaim = identity.FindFirst(AbpClaimTypes.Email) ?? identity.FindFirst(ClaimTypes.Email); var givenNameClaim = identity.FindFirst(AbpClaimTypes.Name) ?? identity.FindFirst(ClaimTypes.GivenName); var surnameClaim = identity.FindFirst(AbpClaimTypes.SurName) ?? identity.FindFirst(ClaimTypes.Surname); if (emailClaim == null) { return; } var userName = await UserManager.GetUserNameFromEmailAsync(emailClaim.Value); Input = new PostInput { EmailAddress = emailClaim.Value, FirstName = givenNameClaim?.Value ?? "", LastName = surnameClaim?.Value ?? "", }; } } -
0
hi
The shared file and screenshot contain client-identifying information (namespaces in code, name in screenshot) and I ask you to please edit your post and remove those.
Removed.
Can you help me understand why this edit is necessary? Since this is an override, I would expect the base class to already handle this.
Because you use the
newkeyword to override thePostInput, the base class can't access your new variable.Thanks.
-
0
Gotcha! Thanks for your help on this!
-
0
Great : )
