asp.net-coreopenid-connectblazor-webassemblygoogle-identity

Blazor WASM OIDC authentication with Google fail


I've implemented a Blazor WASM application wiht Google authentication as described here.

If I select "Log in", I get redirected to Google and I can insert my username and password.
At that point Google redirect to the RedirectUri (/authentication/login-callback).
This cause the Blazor SPA to reload, which is expected.

At that point I can see (from Edge Dev Tools) the AuthenticationService.js library to issue a token request to Google, but the request fails.

enter image description here

My understanding so far:

Thank you.


Solution

  • Unfortunately, google oauth2 "web application" client doesn't really support code flow with PKCE even for now https://stackoverflow.com/a/63275535/20240963.

    But the "UWP" client support PKCE https://developers.google.com/identity/protocols/oauth2/native-app#step1-code-verifier. So there is a workaround that you create a "UWP" client, then the authentication will success.

    Credentials -> Create credentials -> OAuth client ID -> UWP enter image description here You could use this "UWP" client for Blazor WASM. And the store ID can be whatever.