Security - How to add OAuth2 authentication to a WinForms app

UPDATE:
XAF WinForms UI v23.2+ natively supports OAuth2 providers such as Microsoft Entra ID, Google, etc. - Documentation. The custom solution below is no longer required.

----

This is another example of how flexible the security module and our framework are. My colleague Michael has recently published an example on how to use the Microsoft, Google, Facebook or any compatible authentication provider within an XAF WinForms app:
https://www.devexpress.com/kb=T567978

This implementation is based on public community resources like StackOverFlow, so research the links in code comments for more details.

If you are looking for an ASP.NET example, do not miss the article we published earlier:
How to: Use Google, Facebook and Microsoft accounts in ASP.NET XAF applications (OAuth2 authentication demo)

Your feedback is needed!
Originally, we were not going to make a WinForms counterpart, because there were only a couple of requests for it + the whole scenario looked rare for desktop apps.
What is your own experience with it? Have you ever had such integration requests from your end-users? What providers do they need to cover most? Please let us know.

How To: Use Google, Facebook and Microsoft accounts in ASP.NET XAF applications (OAuth2 authentication)

XAF security team has prepared a small demo illustrating the use of  OWIN OAuth 2.0 Authorization Server. Users can log in with their Google, Facebook or Microsoft accounts.

You can download the demo source code from DevExpress Support Center:
https://www.devexpress.com/Support/Center/Example/Details/T535280/

Technical details and instructions on how to use this approach in your existing applications are available in the example description in Support Center.


Your feedback is welcome!
We would greatly appreciate it if you try this example and share your feedback here in comments.

Redirecting from an external hyperlink to a View in an XAF Web app with the ASP.NET Forms Authentication - YOUR FEEDBACK IS NEEDED

I wanted to ask the XAF community members interested in this functionality to test a simpler solution to the problem described in this thread. Long story short, you have a hyperlink to an XAF Web application form like this: 

http://localhost:50292/Default.aspx#ShortcutViewID=Department_DetailView&ShortcutObjectKey=782f7cc7-123a-4145-be2d-5dd95f59f80f&ShortcutObjectClassName=MainDemo.Module.BusinessObjects.Department&Shortcutmode=View

and want to include it in an email and send it to a user so that he or she is able to navigate to that view on your web site (e.g., open a user profile or changed order details). If that app has a security system  with a logon form enabled, then the URL fragment after # is cut after a successful authentication, which makes navigation to the required app screen not possible by default. Instead, the URL fragment before the hash symbol is opened (see similar threads on StackOverFlow for more details: one, two, three).

There was a tricky solution to work around the default ASP.NET request processing mechanism in the original Support Center thread, but today I wanted to share a simpler solution for our users.

Here it comes:

1. In the Solution Explorer, right-click the YourSolutionName.Web/Login.aspx file and invoke the View Markup command from the context menu.

2. Paste the <script/> element with the JavaScript code below before the </body> element, as follows: