From 821e60bd9e13808ec20101c8659ded98bbcfdb81 Mon Sep 17 00:00:00 2001
From: Paul Schneider <paul@pschneider.fr>
Date: Thu, 13 Dec 2018 09:38:28 +0000
Subject: [PATCH] Fixes Google Login

---
 Yavsc/AuthorizationServer/GoogleHandler.cs | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/Yavsc/AuthorizationServer/GoogleHandler.cs b/Yavsc/AuthorizationServer/GoogleHandler.cs
index 22dbc868..af6ee9a1 100644
--- a/Yavsc/AuthorizationServer/GoogleHandler.cs
+++ b/Yavsc/AuthorizationServer/GoogleHandler.cs
@@ -26,6 +26,7 @@ namespace Yavsc.Auth
         AuthenticationProperties properties, OAuthTokenResponse tokens
 )
         {
+            _logger.LogInformation("Getting user info from Google ...");
             // Get the Google user
             var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
@@ -80,16 +81,30 @@ namespace Yavsc.Auth
 
             return ticket;
         }
+        protected override Task<OAuthTokenResponse> ExchangeCodeAsync(string code, string ruri)
+        {
+            var redirectUri =  $"https://{Startup.Authority}{Options.CallbackPath}";
+            return base.ExchangeCodeAsync(code,redirectUri);
+        }
 
         // TODO: Abstract this properties override pattern into the base class?
         protected override string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri)
         {
+            
             var scope = FormatScope();
             var queryStrings = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase);
             queryStrings.Add("response_type", "code");
             queryStrings.Add("client_id", Options.ClientId);
+            // this runtime may not known this value, 
+            // it should be get from config,
+            // And always be using a secure sheme ... since Google won't support anymore insecure ones.
+            _logger.LogInformation ($"Redirect uri was : {redirectUri}");
+            
+            redirectUri = $"https://{Startup.Authority}{Options.CallbackPath}";
             queryStrings.Add("redirect_uri", redirectUri);
 
+            _logger.LogInformation ($"Using redirect uri {redirectUri}");
+            
             AddQueryString(queryStrings, properties, "scope", scope);
 
             AddQueryString(queryStrings, properties, "access_type", Options.AccessType);
@@ -103,6 +118,8 @@ namespace Yavsc.Auth
             return authorizationEndpoint;
         }
 
+        
+
         private static void AddQueryString(IDictionary<string, string> queryStrings, AuthenticationProperties properties,
             string name, string defaultValue = null)
         {