简体   繁体   中英

Fetching oauth credentials after asp.net mvc Twitter OAuth2 login

After testing the build-in MVC 5 OAuth2/OpenID providers I was able to create a website which allowed me authenticate myself using my Twitter credentials.

The problem I now encounter is that I also want to store the tokens ( oauth_token & oauth_verifier ) Twitter posts back, in the url, after a user has been successfully authenticated. I need these tokens so I can allow users to post details directly from my website to their twitter account.

After setting up the TwitterAuthenticationOptions (see below) in the Startup.Auth.cs I did found that the tokens that I'm after can be found in the context (((context.Response.Context).Request).QueryString) but parsing this seems an ugly solution.

 var tw = new TwitterAuthenticationOptions {
       ConsumerKey = "SecretKey",
       ConsumerSecret = "SecretSecret",
       SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
       Provider = new TwitterAuthenticationProvider() {
            OnAuthenticated = (context) => {
                context.Identity.AddClaim(new System.Security.Claims.Claim("urn:twitter:access_token", context.AccessToken, XmlSchemaString, "Twitter"));
                return Task.FromResult(0);



How can this gracefully be implemented? For Facebook I found a solution which actually retrieves additional information, this feel similar...


You can use Query instead of QueryString and then use Get method to retrieve value from query string.

context.Response.Context.Request.Query.Get("oauth_token"); or context.AccessToken

Other thining to note is that you shouldn't need oauth_verifer to post data. Look here at required headers. I suggest you to use one of libraries listended here to interact with Twitter.

There is a good extension method in Request object. Add following lines in HomeController or controller wherever needed.

Request.GetOwinContext().Authentication.User.Claims // Lists all claims
// Filters by type

GetOwinContext will give you the Authentication object where you can find the user object and them the claims.

I found a useful post here How do I access Microsoft.Owin.Security.xyz OnAuthenticated context AddClaims values?

I modified as mentioned in the steps in the post.


private async Task SignInAsync(ApplicationUser user, bool isPersistent)
        var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
        //New method call made here to persist the claims from external cookie
        await SetExternalProperties(identity);
        AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, identity);

//New method added to persist identity info
private async Task SetExternalProperties(ClaimsIdentity identity)
        // get external claims captured in Startup.ConfigureAuth
        ClaimsIdentity ext = await AuthenticationManager.GetExternalIdentityAsync(DefaultAuthenticationTypes.ExternalCookie);

        if (ext != null)
            var ignoreClaim = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims";
            // add external claims to identity
            foreach (var c in ext.Claims)
                if (!c.Type.StartsWith(ignoreClaim))
                    if (!identity.HasClaim(c.Type, c.Value))

try this and let me know.

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

粤ICP备18138465号  © 2020-2024 STACKOOM.COM