[英]OAuthWebSecurity create account - how does it work?
I'm confused and concerned with the following line because it seems like the API for the OAuthWebSecurity has its own authentication store. 我很困惑并关注以下行,因为看起来OAuthWebSecurity的API有自己的身份验证存储。
// If the current user is logged in add the new account
OAuthWebSecurity.CreateOrUpdateAccount(result.Provider, result.ProviderUserId, User.Identity.Name);
If I'm reading the above correctly, it seems to indicate that the API saves relationship locally. 如果我正确阅读上述内容,似乎表明API在本地保存了关系。
Please tell me this is not the case, and explain what exactly does it do? 请告诉我事实并非如此,并解释它到底是做什么的? I need my web application to be as stateless as possible, I cannot have API storing local values like this. 我需要我的Web应用程序尽可能无状态,我不能让API存储像这样的本地值。
It uses the SimpleMembershipProvider
which is the default provider in ASP.NET MVC 4 to create or update the association between the public provider user id and a local user. 它使用SimpleMembershipProvider
,它是ASP.NET MVC 4中的默认提供程序,用于创建或更新公共提供程序用户标识与本地用户之间的关联。 Basically it will add a record to the webpages_OAuthMembership
table. 基本上它会在webpages_OAuthMembership
表中添加一条记录。
Here's the corresponding code from the WebSecurity.CreateOrUpdateOAuthAccount
that gets called: 以下是调用的WebSecurity.CreateOrUpdateOAuthAccount
中的相应代码:
public override void CreateOrUpdateOAuthAccount(string provider, string providerUserId, string userName)
{
this.VerifyInitialized();
if (userName.IsEmpty())
{
throw new MembershipCreateUserException(MembershipCreateStatus.ProviderError);
}
int userId = this.GetUserId(userName);
if (userId == -1)
{
throw new MembershipCreateUserException(MembershipCreateStatus.InvalidUserName);
}
int userIdFromOAuth = this.GetUserIdFromOAuth(provider, providerUserId);
using (IDatabase database = this.ConnectToDatabase())
{
if (userIdFromOAuth == -1)
{
if (database.Execute("INSERT INTO [" + OAuthMembershipTableName + "] (Provider, ProviderUserId, UserId) VALUES (@0, @1, @2)", new object[] { provider, providerUserId, userId }) != 1)
{
throw new MembershipCreateUserException(MembershipCreateStatus.ProviderError);
}
}
else if (database.Execute("UPDATE [" + OAuthMembershipTableName + "] SET UserId = @2 WHERE UPPER(Provider)=@0 AND UPPER(ProviderUserId)=@1", new object[] { provider, providerUserId, userId }) != 1)
{
throw new MembershipCreateUserException(MembershipCreateStatus.ProviderError);
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.