[英]ASP.NET Core API Facebook registration/login
I'm working on ASP.NET Core API and need to add option to register with social service, eg Facebook. 我正在使用ASP.NET Core API,需要添加选项来注册社交服务,例如Facebook。 Scenario should be eg Android App user should click "Sign up with Facebook" at startup, then Facebook app should open then user should click confirm and be registered in app.
场景应为:例如,Android应用程序用户应在启动时单击“使用Facebook注册”,然后Facebook应用程序应打开,然后用户应单击“确认”并在应用程序中注册。
Default Asp.net web example shows how to do it with web page on same host as APIs with return Challenge() response that basically returns HTML page as I understood. 默认的Asp.net网络示例展示了如何使用与return Challenge()响应基本相同的HTML页面返回与我理解的API相同的主机上的Web页面。
What is the correct flow here and is there any existing libraries to do that? 这里正确的流程是什么,是否有任何现有的库可以做到这一点? As I understand now flow is something like this: 1. API server has my AppId and AppSecret from Facebook 2. Android app should request "applciation token" from API server 3. Android app should call Facebook with that token and get "user confirmation token" 4. Android app should pass "user confirmation token" to API server 5. API server should call Facebook with "AppId/AppSecret token + user confrimation token" and get details about user and create local user in database.
据我所知,流程是这样的:1. API服务器从Facebook获得我的AppId和AppSecret 2. Android应用应从API服务器请求“ applciation令牌” 3. Android应用应使用该令牌调用Facebook并获取“用户确认令牌” “ 4. Android应用程序应将“用户确认令牌”传递给API服务器5. API服务器应使用“ AppId / AppSecret令牌+用户确认令牌”调用Facebook,并获取有关用户的详细信息并在数据库中创建本地用户。 6. API server should create "API token" for that user 7. Android app should use "API token"
6. API服务器应为该用户创建“ API令牌”。7. Android应用应使用“ API令牌”
So at least I want to understand what to replace this code from example with: 因此,至少我想了解如何用以下示例替换此代码:
public IActionResult ExternalLogin(string provider, string returnUrl = null) {
// Request a redirect to the external login provider.
var redirectUrl = Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl });
var properties = signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
return Challenge(properties, provider);
the thing to understand is the default web app template provided in VS 2015 uses ASP.NET Identity with cookie authentication. 需要了解的是,VS 2015中提供的默认Web应用程序模板使用带有Cookie身份验证的ASP.NET Identity。 cookie auth works for web browsers but for an android app to authenticate you would need something to issue jwt tokens in addition to or instead of cookies.
cookie auth适用于Web浏览器,但要使Android应用程序进行身份验证,除了cookie之外或代替cookie,您将需要一些发行jwt令牌的东西。 There is nothing built in provided by Microsoft for that in asp.net core, the recommendation is to use IdentityServer4
Microsoft在asp.net核心中没有为此提供任何内置功能,建议使用IdentityServer4。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.