Google social login with HttpClient in .NET Core C# console app?
Question
I developed an ASP.NET Core C# Web API project for learning purposes. I want to integrate the Google External Login/Authentication for my Web API. As an exercise, I want to authenticate a user with google from a console application using HttpClient, retrieve a token, and then use this token with every request to my Web API endpoints. I can't find any useful tutorial(s) that explain how to do this, both in the console app and setting up the Web API. How can I accomplish this? Thanks.
2 answers
solution1
1 2021-06-11 11:49:29
There is a great sample by google for .net console app in this repo, take a look at the code
https://github.com/googlesamples/oauth-apps-for-windows/tree/master/OAuthConsoleApp
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Net;
using System.Net.Sockets;
using System.Runtime.InteropServices;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace OAuthConsoleApp
{
class Program
{
const string AuthorizationEndpoint = "https://accounts.google.com/o/oauth2/v2/auth";
static async Task<int> Main(string[] args)
{
if (args.Length != 2)
{
Console.WriteLine("Required command line arguments: client-id client-secret");
return 1;
}
string clientId = args[0];
string clientSecret = args[1];
Console.WriteLine("+-----------------------+");
Console.WriteLine("| Sign in with Google |");
Console.WriteLine("+-----------------------+");
Console.WriteLine("");
Console.WriteLine("Press any key to sign in...");
Console.ReadKey();
Program p = new Program();
await p.DoOAuthAsync(clientId, clientSecret);
Console.WriteLine("Press any key to exit...");
Console.ReadKey();
return 0;
}
// ref http://stackoverflow.com/a/3978040
public static int GetRandomUnusedPort()
{
var listener = new TcpListener(IPAddress.Loopback, 0);
listener.Start();
var port = ((IPEndPoint)listener.LocalEndpoint).Port;
listener.Stop();
return port;
}
private async Task DoOAuthAsync(string clientId, string clientSecret)
{
// Generates state and PKCE values.
string state = GenerateRandomDataBase64url(32);
string codeVerifier = GenerateRandomDataBase64url(32);
string codeChallenge = Base64UrlEncodeNoPadding(Sha256Ascii(codeVerifier));
const string codeChallengeMethod = "S256";
// Creates a redirect URI using an available port on the loopback address.
string redirectUri = $"http://{IPAddress.Loopback}:{GetRandomUnusedPort()}/";
Log("redirect URI: " + redirectUri);
// Creates an HttpListener to listen for requests on that redirect URI.
var http = new HttpListener();
http.Prefixes.Add(redirectUri);
Log("Listening..");
http.Start();
// Creates the OAuth 2.0 authorization request.
string authorizationRequest = string.Format("{0}?response_type=code&scope=openid%20profile&redirect_uri={1}&client_id={2}&state={3}&code_challenge={4}&code_challenge_method={5}",
AuthorizationEndpoint,
Uri.EscapeDataString(redirectUri),
clientId,
state,
codeChallenge,
codeChallengeMethod);
// Opens request in the browser.
Process.Start(authorizationRequest);
// Waits for the OAuth authorization response.
var context = await http.GetContextAsync();
// Brings the Console to Focus.
BringConsoleToFront();
// Sends an HTTP response to the browser.
var response = context.Response;
string responseString = "<html><head><meta http-equiv='refresh' content='10;url=https://google.com'></head><body>Please return to the app.</body></html>";
byte[] buffer = Encoding.UTF8.GetBytes(responseString);
response.ContentLength64 = buffer.Length;
var responseOutput = response.OutputStream;
await responseOutput.WriteAsync(buffer, 0, buffer.Length);
responseOutput.Close();
http.Stop();
Log("HTTP server stopped.");
// Checks for errors.
string error = context.Request.QueryString.Get("error");
if (error is object)
{
Log($"OAuth authorization error: {error}.");
return;
}
if (context.Request.QueryString.Get("code") is null
|| context.Request.QueryString.Get("state") is null)
{
Log($"Malformed authorization response. {context.Request.QueryString}");
return;
}
// extracts the code
var code = context.Request.QueryString.Get("code");
var incomingState = context.Request.QueryString.Get("state");
// Compares the receieved state to the expected value, to ensure that
// this app made the request which resulted in authorization.
if (incomingState != state)
{
Log($"Received request with invalid state ({incomingState})");
return;
}
Log("Authorization code: " + code);
// Starts the code exchange at the Token Endpoint.
await ExchangeCodeForTokensAsync(code, codeVerifier, redirectUri, clientId, clientSecret);
}
async Task ExchangeCodeForTokensAsync(string code, string codeVerifier, string redirectUri, string clientId, string clientSecret)
{
Log("Exchanging code for tokens...");
// builds the request
string tokenRequestUri = "https://www.googleapis.com/oauth2/v4/token";
string tokenRequestBody = string.Format("code={0}&redirect_uri={1}&client_id={2}&code_verifier={3}&client_secret={4}&scope=&grant_type=authorization_code",
code,
Uri.EscapeDataString(redirectUri),
clientId,
codeVerifier,
clientSecret
);
// sends the request
HttpWebRequest tokenRequest = (HttpWebRequest)WebRequest.Create(tokenRequestUri);
tokenRequest.Method = "POST";
tokenRequest.ContentType = "application/x-www-form-urlencoded";
tokenRequest.Accept = "Accept=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
byte[] tokenRequestBodyBytes = Encoding.ASCII.GetBytes(tokenRequestBody);
tokenRequest.ContentLength = tokenRequestBodyBytes.Length;
using (Stream requestStream = tokenRequest.GetRequestStream())
{
await requestStream.WriteAsync(tokenRequestBodyBytes, 0, tokenRequestBodyBytes.Length);
}
try
{
// gets the response
WebResponse tokenResponse = await tokenRequest.GetResponseAsync();
using (StreamReader reader = new StreamReader(tokenResponse.GetResponseStream()))
{
// reads response body
string responseText = await reader.ReadToEndAsync();
Console.WriteLine(responseText);
// converts to dictionary
Dictionary<string, string> tokenEndpointDecoded = JsonConvert.DeserializeObject<Dictionary<string, string>>(responseText);
string accessToken = tokenEndpointDecoded["access_token"];
await RequestUserInfoAsync(accessToken);
}
}
catch (WebException ex)
{
if (ex.Status == WebExceptionStatus.ProtocolError)
{
var response = ex.Response as HttpWebResponse;
if (response != null)
{
Log("HTTP: " + response.StatusCode);
using (StreamReader reader = new StreamReader(response.GetResponseStream()))
{
// reads response body
string responseText = await reader.ReadToEndAsync();
Log(responseText);
}
}
}
}
}
private async Task RequestUserInfoAsync(string accessToken)
{
Log("Making API Call to Userinfo...");
// builds the request
string userinfoRequestUri = "https://www.googleapis.com/oauth2/v3/userinfo";
// sends the request
HttpWebRequest userinfoRequest = (HttpWebRequest)WebRequest.Create(userinfoRequestUri);
userinfoRequest.Method = "GET";
userinfoRequest.Headers.Add(string.Format("Authorization: Bearer {0}", accessToken));
userinfoRequest.ContentType = "application/x-www-form-urlencoded";
userinfoRequest.Accept = "Accept=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
// gets the response
WebResponse userinfoResponse = await userinfoRequest.GetResponseAsync();
using (StreamReader userinfoResponseReader = new StreamReader(userinfoResponse.GetResponseStream()))
{
// reads response body
string userinfoResponseText = await userinfoResponseReader.ReadToEndAsync();
Log(userinfoResponseText);
}
}
/// <summary>
/// Appends the given string to the on-screen log, and the debug console.
/// </summary>
/// <param name="output">String to be logged</param>
private void Log(string output)
{
Console.WriteLine(output);
}
/// <summary>
/// Returns URI-safe data with a given input length.
/// </summary>
/// <param name="length">Input length (nb. output will be longer)</param>
/// <returns></returns>
private static string GenerateRandomDataBase64url(uint length)
{
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
byte[] bytes = new byte[length];
rng.GetBytes(bytes);
return Base64UrlEncodeNoPadding(bytes);
}
/// <summary>
/// Returns the SHA256 hash of the input string, which is assumed to be ASCII.
/// </summary>
private static byte[] Sha256Ascii(string text)
{
byte[] bytes = Encoding.ASCII.GetBytes(text);
using (SHA256Managed sha256 = new SHA256Managed())
{
return sha256.ComputeHash(bytes);
}
}
/// <summary>
/// Base64url no-padding encodes the given input buffer.
/// </summary>
/// <param name="buffer"></param>
/// <returns></returns>
private static string Base64UrlEncodeNoPadding(byte[] buffer)
{
string base64 = Convert.ToBase64String(buffer);
// Converts base64 to base64url.
base64 = base64.Replace("+", "-");
base64 = base64.Replace("/", "_");
// Strips padding.
base64 = base64.Replace("=", "");
return base64;
}
// Hack to bring the Console window to front.
// ref: http://stackoverflow.com/a/12066376
[DllImport("kernel32.dll", ExactSpelling = true)]
public static extern IntPtr GetConsoleWindow();
[DllImport("user32.dll")]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool SetForegroundWindow(IntPtr hWnd);
public void BringConsoleToFront()
{
SetForegroundWindow(GetConsoleWindow());
}
}
}
solution2
0 2021-02-07 12:37:51
It sounds like an interesting project. I've not done this before, but here's how I would approach it...
The default template in Visual Studio for an ASP .NET Core Web Application is already a console application. Just check the Output Type field in the Application tab of the project's Properties window and it will show you the value Console .
So I would start with that project template. In the project creation wizard, change the Authentication to Individual User Accounts and you'll get an ASP .NET Core Web Application pretty much ready to implement your external login logic.
Then rip out all the files and code related to web applications. Change the Startup class so that it looks like a Startup for a normal console project and boom! You should have a bare-bones console app with external logins!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Visual Studio C# Console App (.NET Core) Template Different
Playing Audio in .NET Core Console App C#
ARSoft.tools.net dns resolve issue C# .NET Console App (core or .net)
Httpclient consume web api via console app C#
Coinbase API Invalid SIgnature. C# .net core and httpClient
C#, .Net Core Private key authentication httpClient
Using HttpClient with .NET Core Console application
Register .Net Core Console App on MacOS in Login Items Programmatically
Bulk update row values ASP.NET Core C# Console App
Run two dotnet processes in parallel C# with Console app .NET Core
Related Tags