Google has new api Google.Apis.
I have desktop application which authorize user by google account. Old API stop working.
How can I authorize user by new API, but WITHOUT webauthorizationBroker in C#? I do not want open webbroswer, I have own win form for enter login and password.
EDITED:
Here is old code:
string fullname = string.Empty;
UserService userService = new UserService("APPKEY");
userService.setUserCredentials(username, Encryptor.Decrypt(password));
try
{
string token = userService.QueryClientLoginToken();
GOAuthRequestFactory reqF = new GOAuthRequestFactory("apps", "APPKEY") { ConsumerKey = "KEY", ConsumerSecret = "SECRET" };
userService = new UserService("APPKEY") { RequestFactory = reqF };
UserQuery query = new UserQuery("DOMAIN", true);
UserFeed usersFeed = userService.Query(query);
UserEntry entry = (UserEntry)usersFeed.Entries.FirstOrDefault(f => (f as UserEntry).Login.UserName == userName);
fullname = string.Format("{0} {1}", entry.Name.GivenName, entry.Name.FamilyName);
}
catch (InvalidCredentialsException ex)
{
service.SendError(ex.Message);
return fullname;
}
return fullname;
Related
How can I create a Cognito user with the account status confirmed using c#? After a user is created the account status displays FORCE_CHANGE_PASSWORD. Another thing is I need to create user without email address.
AmazonCognitoIdentityProviderClient cognitoProvider =
new AmazonCognitoIdentityProviderClient(region);
string userName = "user";
string tempPassword = "Temp#3434";
string newPassword = "RealPass#2019";
AdminCreateUserRequest adminUserCreateRequest = new AdminCreateUserRequest()
{
UserPoolId = poolId,
Username = userName,
TemporaryPassword = tempPassword
};
AdminCreateUserResponse signUpResponse = await cognitoProvider.AdminCreateUserAsync(adminUserCreateRequest);
Admin InitiateRequest
Dictionary<string, string> initialParams = new Dictionary<string, string>();
initialParams.Add("USERNAME", userName);
initialParams.Add("PASSWORD", tempPassword);
AdminInitiateAuthRequest initialRequest = new AdminInitiateAuthRequest()
{
AuthFlow = AuthFlowType.ADMIN_NO_SRP_AUTH,
AuthParameters = initialParams,
ClientId = appClientId_tenantApi,
UserPoolId = poolId
};
AdminInitiateAuthResponse resInitAuth = await cognitoProvider.AdminInitiateAuthAsync(initialRequest);
InitiateAuthRresponse has email as a required attribute.
{[requiredAttributes, ["userAttributes.email"]]}
But the documentation doesn't say so.
For ADMIN_NO_SRP_AUTH: USERNAME (required), SECRET_HASH (if app client is configured with client secret), PASSWORD (required), DEVICE_KEY
Admin Respond to challenge
var authParameters = new Dictionary<string, string>();
authParameters.Add("USERNAME", userName);
authParameters.Add("NEW_PASSWORD", newPassword);
AdminRespondToAuthChallengeRequest adminAuthRequest = new AdminRespondToAuthChallengeRequest()
{
UserPoolId = poolId,
ClientId = appClientId_tenantApi,
ChallengeName = ChallengeNameType.NEW_PASSWORD_REQUIRED,
ChallengeResponses = authParameters,
Session = session
};
cognitoProvider.AdminRespondToAuthChallengeAsync(adminAuthRequest);
I am thinking I may missed some user settings in Cognito to avoid email. Any one have similar experience ? or is this not possible to create user without email ?
During the creation of the user pool, under general settings;attributes as in the photocognito creation on aws one is required to choose the attributes that must be present, i believe in your case the email was selected by default hence the challenge request response you got.
The admin create user request requires the client to confirm the email for purposes of verification that the user owns the email.
A hack for the same would be to allow users to sign themselves up on your cognito configuration, then sign someone up then follow with a username and password, then proceed to confirm them as an admin
var signup = await cognitoClient.SignUpAsync(new SignUpRequest
{
Username = person.Username,
ClientId = cognitoOptions.ClientId,
Password = person.IdNumber,
});
var confirm = await cognitoClient.AdminConfirmSignUpAsync(new AdminConfirmSignUpRequest
{
Username = person.Username,
UserPoolId = cognitoOptions.UserPoolId
});
In case if anyone still looking for answer
Initalize Provider.
AmazonCognitoIdentityProviderClient provider = new AmazonCognitoIdentityProviderClient("*************", "************", Amazon.RegionEndpoint.USWest);
Create user
AdminCreateUserResponse adminCreateUserResponse = await provider.AdminCreateUserAsync(new AdminCreateUserRequest
{
Username = "TestUser",
TemporaryPassword = "TempPassword#1",
UserPoolId = "us-west-**********"
});
Authenticate user
CognitoUserPool userPool = new CognitoUserPool("us-west-***", "***", provider);
CognitoUser user = new CognitoUser("TestUser", "******", userPool, provider, "**********");
InitiateSrpAuthRequest authRequest = new InitiateSrpAuthRequest()
{
Password = "TempPassword#1"
};
AuthFlowResponse authResponse = await user.StartWithSrpAuthAsync(authRequest).ConfigureAwait(false);
Vaidate user authentication result and get the user AccessToken
if (authResponse.AuthenticationResult == null)
{
if (authResponse.ChallengeName == ChallengeNameType.NEW_PASSWORD_REQUIRED)
{
//Console.WriteLine("Enter your desired new password:");
string newPassword = "NewPWD#1";// Console.ReadLine();
Dictionary<string, string> att = new Dictionary<string, string>();
att.Add("userAttributes.email", "testemail#xyz.com");
user.Attributes.Add("preferred_username", "TestUser1");
And update the new password using Accesstoken ( post update the User status will be confirmed)
authResponse = await user.RespondToNewPasswordRequiredAsync(new RespondToNewPasswordRequiredRequest()
{
SessionID = authResponse.SessionID,
NewPassword = newPassword,
},att);
accessToken = authResponse.AuthenticationResult.AccessToken;
}
There are two type of application in my solution
1)Web api application
2)MMC c# application
Here I created web api application which has facility of token authentication.
In this Application username and password validating from SQL server database.
i.e If any user request for web api token that user detail must be present in database table.(In user Table Id,Username,Password column are there with data).
So my web api application connected to database server.
Now I created MVC c# application which consume web api and access the data.
what I do here that when user put credential to mvc app login screen and that credential goes to api and validate them.
Api will give response of data If user credential are correct.
Here I got JSON response from web api and data like "access_token","Expire_time","refresh_token" etc
I stored all these detail in Session object.
So whenever I request for Getdata() from mvc app I passing 'access_token' to api and retuned result data.
I set web api token timeout 2 minutes.(token get deleted after 2 minutes)
So problem goes here that how I can maintain user login session in web api using refresh_token.I do not want to user again get login screen and come back to that screen.
Because every 2 minutes he will get login screen which is not correct solution.
I want some function when api get timeout access_token and mvc application again call refresh_token and continue data transaction.
Whenever your accesstoken is expired you can pass refresh token and can update the access token like this. Hope this will help you.
[AllowAnonymous]
[HttpPost]
public IHttpActionResult GetAccessToken(RefreshTokenModel getRefreshToken)
{
ApiResponse apiResponse = new ApiResponse();
apiResponse.Message = "Your session has expired. Kindly login again.";
try
{
var getHashToken = GenerateHash.GetHash(getRefreshToken.RefreshToken);
var getRefreshTokenDetails = tokenDetailBl.GetRefreshTokenDetail(getHashToken);
if (getRefreshTokenDetails != null && getRefreshTokenDetails.ExpiresUtc > DateTime.UtcNow && !string.IsNullOrEmpty(getRefreshTokenDetails.ProtectedTicket))
{
if (getRefreshTokenDetails.DeviceType == getRefreshToken.DeviceType)
{
var currentTime = DateTime.UtcNow;
var refreshTokenLifeTime = Convert.ToDouble(ConfigurationManager.AppSettings["RefreshTokenExpireTime"]);
var tokenExpiration = Convert.ToDouble(ConfigurationManager.AppSettings["AccessTokenExpireTime"]);
ApiIdentityManager apiIdentityManager = new ApiIdentityManager();
var tokenData = JsonConvert.SerializeObject(new { Ticket = getRefreshTokenDetails.ProtectedTicket, DeviceId = getRefreshTokenDetails.DeviceId });
var getIdentityToken = apiIdentityManager.GetRefreshToken(tokenData);
// Delete Old Tokens
tokenDetailBl.DeleteAccessTokenByDevice(getRefreshTokenDetails.DeviceId);
var refreshToken = new RefreshToken()
{
RefreshTokenId = GenerateHash.GetHash(getIdentityToken.RefreshToken),
DeviceId = getRefreshTokenDetails.DeviceId,
DeviceType = getRefreshToken.DeviceType,
UserId = getRefreshTokenDetails.UserId,
IssuedUtc = currentTime,
ExpiresUtc = currentTime.AddMinutes(Convert.ToDouble(refreshTokenLifeTime)),
ProtectedTicket = getIdentityToken.Ticket
};
//Save new tokens
tokenDetailBl.SaveAccessToken(new TokenDetail
{
AccessToken = getIdentityToken.AccessToken,
CreatedOn = DateTime.UtcNow,
UserId = getRefreshTokenDetails.UserId,
DeviceId = getRefreshTokenDetails.DeviceId,
DeviceType = getRefreshToken.DeviceType
});
tokenDetailBl.SaveRefreshToken(refreshToken);
//Get token cache.
CachedData cachedData = new CachedData(tokenDetailBl);
var getAllToken = cachedData.GetAccessTokens();
cachedData.UpdateTokenCache(getIdentityToken.AccessToken, getRefreshTokenDetails.UserId + ":" + DateTime.UtcNow.AddMinutes(tokenExpiration).ToFormateDateTimeString());
var getUserDetails = userBl.GetUserDetails(getRefreshToken.UserId);
getUserDetails.DeviceId = getRefreshTokenDetails.DeviceId;
getUserDetails.DeviceType = getRefreshTokenDetails.DeviceType;
getUserDetails.AccessToken = getIdentityToken.AccessToken;
getUserDetails.TokenType = "bearer";
getUserDetails.ExpiresIn = getIdentityToken.ExpiresIn;
getUserDetails.Issued = getIdentityToken.Issued;
getUserDetails.Expires = DateTime.UtcNow.Add(TimeSpan.FromMinutes(tokenExpiration)).ToString("R");
getUserDetails.RefreshToken = getIdentityToken.RefreshToken;
//Dictionary<string, string> tokenResponse = new Dictionary<string, string>();
//tokenResponse.Add("access_token", getIdentityToken.AccessToken);
//tokenResponse.Add("token_type", "bearer");
//tokenResponse.Add("expires_in", getIdentityToken.ExpiresIn);
//tokenResponse.Add("issued", getIdentityToken.Issued);
//tokenResponse.Add("expires", DateTime.UtcNow.Add(TimeSpan.FromMinutes(tokenExpiration)).ToString("R"));
//tokenResponse.Add("refresh_token", getIdentityToken.RefreshToken);
return ResponseMessage(Request.CreateResponse(HttpStatusCode.OK, getUserDetails));
}
else
{
apiResponse.Message = "Your session has expired. Kindly login again.";
}
}
}
catch (Exception ex)
{
Logger.Error(ex);
}
return ResponseMessage(Request.CreateResponse(HttpStatusCode.Gone, apiResponse));
}
You can use MVC filters to check that your access token is expired or not something like this.
[CacheAuthorize]
[HttpPost]
public IHttpActionResult GetUserList(SearchRequest searchRequest)
and after that code to check validation of access token
public class CacheAuthorizeAttribute : AuthorizeAttribute
{
public CacheAuthorizeAttribute(params string[] roles)
: base()
{
Roles = string.Join(",", roles);
}
public override void OnAuthorization(HttpActionContext actionContext)
{
Dictionary<HttpStatusCode, string> response;
if (SkipAuthorization(actionContext))
{
return;
}
var userSessionManager = new UserCacheManager();
if (userSessionManager.ReValidateSession(out response))
{
base.OnAuthorization(actionContext);
}
else
{
ApiResponse apiResponse = new ApiResponse(response.Values.FirstOrDefault());
actionContext.Response = actionContext.ControllerContext.Request.CreateResponse(response.Keys.FirstOrDefault(), apiResponse);
}
}
/// <summary>
/// Re-validates the user session. Usually called at each authorization request.
/// If the session is not expired, extends it lifetime and returns true.
/// If the session is expired or does not exist, return false.
/// </summary>
/// <returns>true if the session is valid</returns>
public bool ReValidateSession(out Dictionary<HttpStatusCode, string> errorResponse)
{
errorResponse = new Dictionary<HttpStatusCode, string>();
string authToken = this.GetCurrentBearerAuthrorizationToken();
ITokenDetailRepository tokenDetailRepository = new TokenDetailRepository();
ITokenDetailBL tokenDetailBl = new TokenDetailBL(tokenDetailRepository);
CachedData cachedData = new CachedData(tokenDetailBl);
if (!string.IsNullOrEmpty(authToken))
{
var currentUserId = this.GetCurrentUserId();
var getUserTokens = cachedData.GetAccessTokens();
if (!getUserTokens.ContainsKey(authToken))
{
//Get Data from DB
cachedData.GetAccessToken(authToken);
getUserTokens = cachedData.GetAccessTokens();
}
return CheckAccessToken(getUserTokens, authToken, out errorResponse);
}
else
{
errorResponse.Add(HttpStatusCode.Gone, "Access token not found.");
}
return false;
}
private bool CheckAccessToken(Dictionary<string, string> accessTokenDictionary, string authToken, out Dictionary<HttpStatusCode, string> errorResponse)
{
errorResponse = new Dictionary<HttpStatusCode, string>();
var hasToken = accessTokenDictionary.ContainsKey(authToken);
if (hasToken)
{
var getTokenValue = accessTokenDictionary[authToken];
var enCulture = new CultureInfo("en-US");
DateTime tokenAddedDate;
var isCorrectDate = DateTime.TryParseExact(getTokenValue.Split(new char[] { ':' }, 2)[1], "dd-MMM-yyyy,hh:mm tt", enCulture, DateTimeStyles.None, out tokenAddedDate);
if (isCorrectDate)
{
if (tokenAddedDate >= DateTime.UtcNow)
{
return true;
}
else
{
//Check Refresh token expired or not
errorResponse.Add(HttpStatusCode.Unauthorized, "Access token expired.");
}
}
else
{
errorResponse.Add(HttpStatusCode.Gone, "Invalid access token.");
}
}
else
{
errorResponse.Add(HttpStatusCode.Gone, "Invalid access token.");
}
return false;
}
I'm working on a bot using bot framework. With active directory authentication I managed to get the username . Now I want to get the phone number and logged in user Email ID after authenticated using active directory ?
Below is the code I'm working with.
Authentication
AuthenticationOptions options = new AuthenticationOptions()
{
UseMagicNumber = false,
Authority = Convert.ToString(ConfigurationManager.AppSettings["aad:Authority"]),
ClientId = Convert.ToString(ConfigurationManager.AppSettings["aad:ClientId"]),
ClientSecret = Convert.ToString(ConfigurationManager.AppSettings["aad:ClientSecret"]),
ResourceId = Convert.ToString(ConfigurationManager.AppSettings["aad:ResourceId"]),
RedirectUrl = Convert.ToString(ConfigurationManager.AppSettings["aad:Callback"])
};
await context.Forward(new AuthDialog(new ADALAuthProvider(), options), ResumeAfterLogin, message, context.CancellationToken);
Extracting the data
private async Task ResumeAfterLogin(IDialogContext authContext, IAwaitable<AuthResult> authResult)
{
string tokenstring = string.Empty;
string userName = string.Empty;
var resultToken = await authResult;
string email = string.Empty;
try
{
tokenstring = resultToken.AccessToken;
userName = resultToken.UserName;
MyGlobalVariables.EmailID = "";
MyGlobalVariables.username = userName;
if (null != tokenstring && string.Empty != tokenstring)
{
authContext.UserData.SetValue<string>("AccessToken", tokenstring);
authContext.UserData.SetValue<string>("userName", userName);
await authContext.PostAsync($"*info: you are logged in as {userName}*");
authContext.Call(new RootDialog(), this.ResumeAfterOptionDialog);
}
}
catch (Exception ex)
{
authContext.Wait(MessageReceivedAsync);
throw ex;
}
finally
{
}
}
You can get phone numbers and emails of logged in users by accessing the Microsoft AAD Graph API. For example:
public async Task<User> GetMe()
{
var graphClient = GetAuthenticatedClient();
var me = await graphClient.Me.Request().GetAsync();
return me;
}
A full sample can be found here.
I'm trying to upload Photos to Flickr thru ASP.NET file upload control and flickrnet. But the samples under flickrnet.codeplex.com are, redirecting the page to flickr for authorization and come back.
Is there a way to upload the files with out redirecting to authorization page in asp.net C#?
Yes. I'm able to. First you need FlickrManager Instance for that use below code for that
public class FlickrManager
{
public const string ApiKey = "get it from flickr website";
public const string SharedSecret = "get it from flickr website";
public static Flickr GetInstance()
{
return new Flickr(ApiKey, SharedSecret);
}
public static Flickr GetAuthInstance()
{
var f = new Flickr(ApiKey, SharedSecret);
if (OAuthToken != null)
{
f.OAuthAccessToken = OAuthToken.Token;
f.OAuthAccessTokenSecret = OAuthToken.TokenSecret;
}
return f;
}
public static OAuthAccessToken OAuthToken
{
get
{
if (HttpContext.Current.Request.Cookies["OAuthToken"] == null)
{
return null;
}
var values = HttpContext.Current.Request.Cookies["OAuthToken"].Values;
return new OAuthAccessToken
{
FullName = values["FullName"],
Token = values["Token"],
TokenSecret = values["TokenSecret"],
UserId = values["UserId"],
Username = values["Username"]
};
}
set
{
// Stores the authentication token in a cookie which will expire in 1 hour
var cookie = new HttpCookie("OAuthToken")
{
Expires = DateTime.UtcNow.AddHours(1),
};
cookie.Values["FullName"] = value.FullName;
cookie.Values["Token"] = value.Token;
cookie.Values["TokenSecret"] = value.TokenSecret;
cookie.Values["UserId"] = value.UserId;
cookie.Values["Username"] = value.Username;
HttpContext.Current.Response.AppendCookie(cookie);
}
}
}
Once above Class created, you can start using below method in anywhere in aspx page. Please let me know if you have challenge.
public string FilckerUpload(string url, string title, string description, string tags)
{
OAuthAccessToken accessToken = new OAuthAccessToken();
accessToken.FullName = "your app name";
accessToken.Token = "get it from Flickr Website for your login";
accessToken.TokenSecret = "get it from Flickr Website for your login";
accessToken.UserId = "get it from Flickr Website for your login";
accessToken.Username = "get it from Flickr Website for your login";
FlickrManager.OAuthToken = accessToken;
Flickr flickr = FlickrManager.GetAuthInstance();
string FileuploadedID = flickr.UploadPicture(#url, title, description, tags, true, false, false);
PhotoInfo oPhotoInfo = flickr.PhotosGetInfo(FileuploadedID);
return oPhotoInfo.Small320Url;
}
I want to make a Cordova phone app and a web application. Both the application and the app share the same database.
On the mobile app, the user actions send requests to a web service ( over https ) that writes to the database. On the mobile app, I use https://oauth.io to let the user register and log in with multiple open auth providers. Trying to make it work for facebook, for now.
I just can't figure how to use the Identity user management in that context. Most of the examples I find are in the context of a web app where the user clicks and it calls the account controller. In my case, the oauth.io lib calls facebook, returns an access token, which I pass to my service.
The cordova app passes the accessToken to this method to my server side web service.
var client = new FacebookClient(accessToken);
if (client != null)
{
dynamic fbresult = client.Get("me");
if (fbresult["id"] != null)
{
var fbid = fbresult["id"].ToString();
and where do we go from now ?
how do I insert a new user
I tried this:
var user = new ApplicationUser() { UserName = fbresult["id"] };
Backend.Controllers.AccountController ac = new Controllers.AccountController();
ac.UserManager.CreateAsync(user);
Doesn't work because the usermanagement object inside the account controller is null.
There is an overload of the AccountController constructor but I have a feeling I'm doing this whole thing the wrong way.
Let's say the server side receives a facebook access token. How do use OWIN and Identity user management system from there?
Ok.
As suggested by a friend, I replaced the controllers etc from the original web api template for the ones in the Identity Sample Project
Here is the method called by the mobile app, with a angular jsonp
[OperationContract]
[WebGet(ResponseFormat = WebMessageFormat.Json)]
public string StartSession(string accessToken)
{
if (!HttpContext.Current.Request.IsAuthenticated)
{
var client = new FacebookClient(accessToken);
if (client != null)
{
dynamic fbresult = client.Get("me");
if (fbresult["id"] != null)
{
string fbid = fbresult["id"].ToString();
ApplicationUser user = null;
using (var context = new ApplicationDbContext())
{
user = context.Users.FirstOrDefault(u => u.UserName.ToString() == fbid);
}
if (user == null)
{
CreateUserAsync(fbid);
return "user created. ";
}
else
{
HttpContext.Current.Session["user"] = "holy fuck";
return "user logged in. ";
}
}
}
return "ok";
}
else
{
return "already auth !";
}
}
here is the CreateUserAsync I made
public async System.Threading.Tasks.Task<bool> CreateUserAsync(string fbid)
{
using (var context = new ApplicationDbContext())
{
var newUser = new ApplicationUser() { UserName = fbid, Email = "xxx#gmail.com" };
var userManager = new ApplicationUserManager(new UserStore<ApplicationUser>(context));
try
{
var result = await userManager.CreateAsync(newUser, "Admin#123456");
var test = await context.SaveChangesAsync();
return result.Succeeded;
}
catch (Exception ex)
{
throw ex;
}
}
}
And then, when the mobile app calls back my web service, I can check if the session exists like so:
[OperationContract]
[WebGet(ResponseFormat = WebMessageFormat.Json)]
public async Task<string> TestLogin(int id, string callback)
{
if (HttpContext.Current.Session["user"] != null)
{
return new JavaScriptSerializer().Serialize(new word() { Name = "woot" });
}
else
return new JavaScriptSerializer().Serialize(new word() { Name = "not logged" });
}
Yea, that's right. A if and a session. Just like I was doin' 13 years ago.
Also, while doing this abomination, I stumbled upon a hangin' problem in the IdentityConfig.cs file.
Apparantly, the problem is known by Microsoft and I guess it is probably fixed in the version 3 of Owin ? But I didn't know about that version 3 at that time, so I followed Program hangs during database initialization .
For some reason, some of the method posted in his solution didn't exist for me. I ended up fixing the code the best I could:
public static void InitializeIdentityForEF(ApplicationDbContext db)
{
//ApplicationUserManager userManager = HttpContext.Current.GetOwinContext().GetUserManager<ApplicationUserManager>();
RoleManager<IdentityRole> roleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(db));
const string name = "admin#example.com";
const string password = "Admin#123456";
const string roleName = "Admin";
IdentityRole adminRole = new IdentityRole(roleName);
//Create Role Admin if it does not exist
if (!roleManager.RoleExists(roleName))
{
roleManager.Create(adminRole);
PasswordHasher hasher = new PasswordHasher();
ApplicationUser adminUser = new ApplicationUser { UserName = name, Email = name, PasswordHash = hasher.HashPassword(password), LockoutEnabled = false };
db.Users.Add(adminUser);
IdentityUserRole userRole = new IdentityUserRole() { RoleId = adminRole.Id, UserId = adminUser.Id };
adminUser.Roles.Add(userRole);
var x = db.SaveChanges();
}
}
Also just in case someone is wondering how to call the svc service from the mobile, here is the code.
(it's a little bit messy, but the important parts are there.)
(keep in mind I am using https://oauth.io/ )
$scope.refresh = function () {
$http.jsonp("https://10.0.100.38:6443/Service1.svc/helloworld?id=1&callback=JSON_CALLBACK").success(function JSON_CALLBACK(result) {
OAuth.popup('facebook')
.done(function (oauthResult) {
oauthResult.me() // standardise lesfield firstname, first-name etc
.done(function (response) {
alert("3");
$http.jsonp("https://10.0.100.38:6443/Service1.svc/StartSession?accessToken=" +oauthResult.access_token + "&callback=JSON_CALLBACK").success(function JSON_CALLBACK(result) {
alert("done " +result); // StartSession serverside success ");
}).error(function (data, status, headers, config) {
alert("icierror2" +data + " " +status + " " +headers + " " + config);
$scope.status = status;
});
}).fail(function (error) {
alert("icierror3 " +error);
});
})
.fail(function (error) {
console.log(error);
});
alert(result.Name); // result de la svc request over https
}).error(function (data, status, headers, config) {
alert("icierror" +data + " " +status + " " + headers + " " +config);
$scope.status = status;
});
Problems
As of now, I am not creating a Login, only a user is created.
Also, the project's OWIN version is 2.0, and apparantly, a 3.0 exists.
To be honest, the more I read online the more I feel like everything I've done is a big hack around the right way to do it. I just couldn't figure it out. This is thing is incredibly huge, confusing, chaothic and broken. Yea, I've added an opinion to my answer.