MVCPostall/Postall/Controllers/LoginController.cs

using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Identity;
using System.Security.Claims;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication;
using Stripe;

namespace Postall.Controllers
{
	public class LoginController : Controller
	{
		private readonly ILogger<LoginController> logger;
		private readonly IHttpClientFactory httpClientFactory;
        private readonly StripeClient _stripeClient;

        public LoginController(ILogger<LoginController> logger, IHttpClientFactory httpClientFactory)
		{
			this.logger = logger;
			this.httpClientFactory = httpClientFactory;
        }

        public IActionResult Index()
		{
            return View("~/Views/Login/Index.cshtml");
		}

		[HttpPost]
		[ValidateAntiForgeryToken]
		public ActionResult ExternalLogin(string provider, string returnUrl)
		{
			var redirectUrl = Url.Action("ExternalLoginCallback", "Login", new { ReturnUrl = returnUrl });
			var properties = new AuthenticationProperties { RedirectUri = "http://localhost:5094" + redirectUrl };
			return Challenge(properties, "Microsoft");
		}

		[HttpPost]
		[ValidateAntiForgeryToken]
		public ActionResult ExternalLoginGoogle(string provider, string returnUrl)
		{
			var redirectUrl = $"{HttpContext.Request.Scheme}://{HttpContext.Request.Host}{Url.Action("ExternalLoginCallback", "Login")}";
            //var properties = new AuthenticationProperties { RedirectUri = "https://localhost:7078" + redirectUrl };
            var properties = new AuthenticationProperties { RedirectUri = redirectUrl };
            return Challenge(properties, "Google");
		}

        [AllowAnonymous]
        [HttpGet]
        public async Task<ActionResult> ExternalLoginCallback(string code = "")
        {
            var emailExist = HttpContext.User.FindFirst(ClaimTypes.Email).Value;
            if (emailExist != null)
            {
                var uniqueId = Convert.ToBase64String(
                    System.Text.Encoding.UTF8.GetBytes(emailExist)
                ).Replace("/", "_").Replace("+", "-").Replace("=", "");

                var claims = new List<Claim>
                {
                    // Adicionando o NameIdentifier que serve como userId
                    new Claim(ClaimTypes.NameIdentifier, uniqueId),
                
                    // Claims existentes
                    new Claim(ClaimTypes.Name, emailExist),
                    new Claim(ClaimTypes.Email, emailExist), // Garantindo que o email esteja nas claims
                    new Claim("FirstName", HttpContext.User.FindFirst(ClaimTypes.GivenName).Value),
                    new Claim("FullName", HttpContext.User.FindFirst(ClaimTypes.GivenName).Value + " " + HttpContext.User.FindFirst(ClaimTypes.Surname).Value),
                    new Claim(ClaimTypes.Role, "User"),
                
                    // Opcionalmente, adicionar informações do Google que serão úteis para o YouTube
                    new Claim("GoogleAccount", "true")
                };

                var claimsIdentity = new ClaimsIdentity(
                    claims,
                    CookieAuthenticationDefaults.AuthenticationScheme
                );

                var authProperties = new AuthenticationProperties
                {
                    //AllowRefresh = <bool>,
                    // Refreshing the authentication session should be allowed.
                    //ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(10),
                    // The time at which the authentication ticket expires. A 
                    // value set here overrides the ExpireTimeSpan option of 
                    // CookieAuthenticationOptions set with AddCookie.
                    //IsPersistent = true,
                    // Whether the authentication session is persisted across 
                    // multiple requests. When used with cookies, controls
                    // whether the cookie's lifetime is absolute (matching the
                    // lifetime of the authentication ticket) or session-based.
                    //IssuedUtc = <DateTimeOffset>,
                    // The time at which the authentication ticket was issued.
                    //RedirectUri = <string>
                    // The full path or absolute URI to be used as an http 
                    // redirect response value.
                };

                await HttpContext.SignInAsync(
                    CookieAuthenticationDefaults.AuthenticationScheme,
                    new ClaimsPrincipal(claimsIdentity),
                    authProperties);

                return RedirectToAction("Index", "Startup");
            }

            ViewBag.ErrorTitle = $"Email claim not received from: Microsoft";
            ViewBag.ErrorMessage = "Please contact support on info@dotnettutorials.net";
            return View("Error");
        }

        [HttpGet]
        public async Task<IActionResult> Logout()
        {
            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
            return RedirectToAction("Index", "Home");
        }
    }
}