stackoom
  简体   繁体   中英

Google Hybrid OpenID+OAuth with dotnetopenauth

 原文  2012-10-18 22:57:21       c#/ dotnetopenauth/ google-openid/ google-oauth

Question

I have spent probably more than 10 hours in the last two days trying to understand how to implement user login with Google Hybrid OpenID+OAuth ( Federated Login )

To trigger the authorization request I use: 

InMemoryOAuthTokenManager tm = new InMemoryOAuthTokenManager( ConfigurationManager.AppSettings["googleConsumerKey"], ConfigurationManager.AppSettings["googleConsumerSecret"]);
using (OpenIdRelyingParty openid = new OpenIdRelyingParty())
{
  Realm realm = HttpContext.Current.Request.Url.Scheme + Uri.SchemeDelimiter + ConfigurationManager.AppSettings["googleConsumerKey"] + "/";
  IAuthenticationRequest request = openid.CreateRequest(identifier, Realm.AutoDetect, new Uri(HttpContext.Current.Request.Url.Scheme + "://" + HttpContext.Current.Request.Url.Authority + "/OAuth/google"));

  var authorizationRequest = new AuthorizationRequest
  {
    Consumer = ConfigurationManager.AppSettings["googleConsumerKey"],
    Scope = "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/plus.me",
  };

  request.AddExtension(authorizationRequest);

  request.AddExtension(new ClaimsRequest
  {
    Email = DemandLevel.Request,
    Gender = DemandLevel.Require
  });

  request.RedirectToProvider();
}

To retrieve the accesstoken I use: 

using (OpenIdRelyingParty openid = new OpenIdRelyingParty())
{
  IAuthenticationResponse authResponse = openid.GetResponse();
  if (authResponse != null)
  {
    switch (authResponse.Status)
    {
      case AuthenticationStatus.Authenticated:
        HttpContext.Current.Trace.Write("AuthenticationStatus", "Authenticated");
        FetchResponse fr = authResponse.GetExtension<FetchResponse>();

        InMemoryOAuthTokenManager tm = new InMemoryOAuthTokenManager(ConfigurationManager.AppSettings["googleConsumerKey"], ConfigurationManager.AppSettings["googleConsumerSecret"]);

        ServiceProviderDescription spd = new ServiceProviderDescription {
          spd.RequestTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/token", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest);
          spd.AccessTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/token", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest);
          spd.UserAuthorizationEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/auth?access_type=offline", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest);
          spd.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() };

        WebConsumer wc = new WebConsumer(spd, tm);
        AuthorizedTokenResponse accessToken = wc.ProcessUserAuthorization();

        if (accessToken != null)
        {
          HttpContext.Current.Trace.Write("accessToken", accessToken.ToString());
        }
        else
        {
        }
        break;
      case AuthenticationStatus.Canceled:
        HttpContext.Current.Trace.Write("AuthenticationStatus", "Canceled");
        break;
      case AuthenticationStatus.Failed:
        HttpContext.Current.Trace.Write("AuthenticationStatus", "Failed");
        break;
      default:
        break;
    }
  }
}

Unfortunatelly I get AuthenticationStatus.Authenticated but wc.ProcessUserAuthorization() is null .

What am I doing wrong?

Thanks a lot for any help.

1 answers

solution1
 1  2012-10-25 05:45:08

Instead of using WebConsumer , use the WebConsumerOpenIdRelyingParty class, which is available in the DotNetOpenAuth.OpenIdOAuth NuGet package. This class provides the helper methods for attaching the OAuth request as an OpenID extension (which you did pretty well for yourself anyway) and for extracting the OpenID extension response on the way back.

Looking at the source code for the above mentioned class may help inspire you. There is also a sample specifically of Google OpenID login plus OAuth extension in DotNetOpenAuth. Get the samples from SourceForge , then look in the OpenIdRelyingPartyWebForms sample project's loginPlusOAuth.aspx page (and code-behind, and supporting classes).

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Missing DotNetOpenAuth.ApplicationBlock in OpenID+OAuth DNOA OpenID+OAuth to Google from localhost and public site fail DotNetOpenAuth Oauth Google Calendar Alternatives to Google Libraries/DotNetOpenAuth for Google OAuth2 Troubleshooting intermittent “No OpenID endpoint found” messages with Google and DotNetOpenAuth OAuth with DotNetOpenAuth? Oauth2 response from Google gives DotNetOpenAuth 400 bad request DotNetOpenAuth Sample OpenID Error: No OpenID endpoint found Implementing OpenID-selector + dotnetopenauth DotNetOpenAuth and Google
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM