Nedo.AspNet.Authentication.Google
2.0.9
dotnet add package Nedo.AspNet.Authentication.Google --version 2.0.9
NuGet\Install-Package Nedo.AspNet.Authentication.Google -Version 2.0.9
<PackageReference Include="Nedo.AspNet.Authentication.Google" Version="2.0.9" />
<PackageVersion Include="Nedo.AspNet.Authentication.Google" Version="2.0.9" />
<PackageReference Include="Nedo.AspNet.Authentication.Google" />
paket add Nedo.AspNet.Authentication.Google --version 2.0.9
#r "nuget: Nedo.AspNet.Authentication.Google, 2.0.9"
#:package Nedo.AspNet.Authentication.Google@2.0.9
#addin nuget:?package=Nedo.AspNet.Authentication.Google&version=2.0.9
#tool nuget:?package=Nedo.AspNet.Authentication.Google&version=2.0.9
Nedo.AspNet.Authentication.Google
"Sign in with Google" — your app mints its own JWTs after verifying a Google-issued ID token from Google Identity Services on the SPA side. Pairs with Nedo.AspNet.Authentication.Local for the user store, refresh-token families, and account linking.
Install
dotnet add package Nedo.AspNet.Authentication.Google
Quickstart
using Nedo.AspNet.Authentication.Google;
builder.Services.AddGoogle(opts =>
{
opts.ClientId = builder.Configuration["Google:ClientId"]!;
});
var app = builder.Build();
app.MapLocalAuth();
app.MapLocalAccount();
app.MapGoogleAuth(); // POST /auth/google { idToken, intent? }
Frontend (SPA)
Use Google Identity Services (https://accounts.google.com/gsi/client) to render the button and obtain an ID token, then POST it to your API:
google.accounts.id.initialize({
client_id: GOOGLE_CLIENT_ID,
callback: async ({ credential }) => {
const tokens = await fetch('/auth/google', {
method: 'POST',
headers: { 'content-type': 'application/json' },
body: JSON.stringify({ idToken: credential, intent: 'signin' }),
}).then(r => r.json());
},
});
google.accounts.id.renderButton(document.getElementById('google-btn'), { theme: 'filled_blue' });
Sign-in vs sign-up intent
The intent field controls account-creation behaviour:
| Intent | Behaviour |
|---|---|
"signin" |
Reject brand-new identities — must already have a linked local account. Returns AUTH-LOCAL-019 if none. |
"signup" (or omit) |
Create a new account if none exists. Returns AuthOutcome.PendingSignup (asks user to pick a username) when RequireUsernameOnSocialSignIn = true (default). |
Use this to make the "Sign in with Google" button on /login reject new accounts (rejecting the impostor flow where an attacker signs up under your domain) while the "Create account with Google" button on /register allows them.
Console setup
- Go to https://console.cloud.google.com/apis/credentials.
- Create credentials → OAuth client ID → Application type Web application.
- Add your SPA origin to Authorized JavaScript origins (
https://app.example.com,http://localhost:5173). - Copy the client ID into
appsettings.json→Google:ClientId.
Full walkthrough: docs/providers/social/google.md.
Related
| Package | Role |
|---|---|
Nedo.AspNet.Authentication.Local |
Required peer — provides the user store + token issuer + account linking. |
Nedo.AspNet.Authentication.Oidc |
Transitive — shared OIDC validation base class. |
License
MIT — see LICENSE.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net9.0 is compatible. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
-
net9.0
- Nedo.AspNet.Authentication (>= 2.0.9)
- Nedo.AspNet.Authentication.Local (>= 2.0.9)
- Nedo.AspNet.Authentication.Oidc (>= 2.0.9)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.