8

This is a problem i am trying to solve for a month now. (tried any possible article/code out there).

In ExternalLoginCallback action, AuthenticationManager.GetExternalLoginInfoAsync() returns a valid object (with all the provider details) but email is null for certain Facebook users.

For the large majority of Facebook login email is presetnt. But for about 30% of logins I get an exception down the process because the email is null.

Luckily sometime ago I've created a Facebook user which reproduce the problem. I've created a sterile test environment in localhost and indeed email comes null for this user, and OK for other users.

*With this Facebook user I can log in just fine in any big commercial site (IMDB for example).

1) I've created a clean MVC 5 project with VS2013.

2) Updated all the packages concerning authentication:

<package id="Microsoft.AspNet.Identity.Core" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.AspNet.Identity.EntityFramework" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.AspNet.Identity.Owin" version="2.1.0" targetFramework="net45" />
<package id="Microsoft.Owin" version="3.0.0" targetFramework="net45" />
<package id="Microsoft.Owin.Host.SystemWeb" version="3.0.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security" version="3.0.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Cookies" version="3.0.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.Facebook" version="3.0.0" targetFramework="net45" />
<package id="Microsoft.Owin.Security.OAuth" version="3.0.0" targetFramework="net45" />
<package id="Owin" version="1.0" targetFramework="net45" />

3) Unmarked the facebook section in Startup.Auth.cs and added the following: 

var facebookAuthOptions = new FacebookAuthenticationOptions();
facebookAuthOptions.AppId = "***";
facebookAuthOptions.AppSecret = "***";
facebookAuthOptions.Scope.Add("email");
app.UseFacebookAuthentication(facebookAuthOptions);

Update

In the settings screen of that Facebook user, I tried to change the email to another email, and then change it back. Now the email comes just fine !! How could it be ?

Yaron Levi
  • 12,535
  • 16
  • 69
  • 118

2 Answers2

3

This could happen if there's no primary email address for this user. The affected user must remove the email, save settings, then re-add the address, re-confirm, then make it primary. The reason why this works on other sites such as IMDB could be explained by the fact that this site doesn't require the email address to be returned from FB. It just uses whatever information is provided.

Darin Dimitrov
  • 1,023,142
  • 271
  • 3,287
  • 2,928
  • But in the affected user's profile setting page in Facebook I can clearly see it has a primary email defined . – Yaron Levi Oct 26 '14 at 17:02
  • Did you try my suggested steps? I've had the same issue. Also it is possible that FB will simply not return the `email` address for some users without explaining the reasons why even if you requested the `email` scope. Unfortunately with FB you cannot be 100% guaranteed to get the user's email address. – Darin Dimitrov Oct 26 '14 at 17:03
  • I already did the steps you mentioned: I had an affected user which reproduces the problem in my hand. Entering it I can see a primary mail. Now, I removed the email and added it again. Now the user is not affected and email comes fine. The problem is I still see quite a large amount of users in my PROD website who gets an error in the process because their email comes null – Yaron Levi Oct 26 '14 at 17:12
  • Well, I am afraid that there's not much you could do from your client side ASP.NET MVC application code. Those users will need to fix their accounts as you did with the test account. For example if the email is missing you could print some message to the user explaining the steps he need to perform in order to be able to log into your website. – Darin Dimitrov Oct 26 '14 at 17:16
  • Ok thanks for the help. I'll let the bounty continue some more, maybe someone with a magic answer will appear.If not, I will hand the bounty to you. – Yaron Levi Oct 26 '14 at 17:20
1

Permission on login with facebook act differently on the way of creating there facebook profile.

Even if you request the email permission it is not guaranteed you will get an email address. For example, if someone signed up for Facebook with a phone number instead of an email address, the email field may be empty.

Furthermore, now users have more control and options what to include during the registration.

Source

DSR
  • 4,588
  • 29
  • 28