Extra Information from OAuth/OpenId Provider

Extra Information from OAuth/OpenId Provider

Rate This
  • Comments 7

 

When you authenticate a user using the OAuth/OpenId providers, you can request for some extra information about the user if you have granted access for these providers to send this information.

For eg if you login using Facebook, you can request information such as Gender, country etc.

Each provider has different set of data that you can retrieve. I am not going to into the details of these different sets of data. In this post I am going to cover what kind of information can you retrieve from the implementations of the providers that we shipped with templates  in VS2012 and how can you retrieve this information.

What kind of information can you retrieve

Google

  • email
  • firstname
  • lastname
  • country

https://developers.google.com/accounts/docs/OpenID is a good place to look for more information

Facebook

  • id
  • Name
  • link
  • gender
  • accesstoken

http://developers.facebook.com/docs/ is a good place to look for more information

    Twitter

    • name
    • location
    • description
    • url
    • accesstoken

    https://dev.twitter.com/docs/auth/oauth/faq is a good place to look for more information

    How to retrieve this information

    This data is available when you login using anyone of the providers. In specifics to the code you can access this data after the authentication has happened. The data is returned as a dictionary. Following image shows a snapshot of the data returned from facebook provider

    oauthextradata

     

    Web Forms

    • Create the ASP.NET WebForm template
    • Goto Account\RegisterExternalLogin.cs
    • In the AuthenticationResult type we have Extradata dictionary bag which has this data
    var authResult = OpenAuth.VerifyAuthentication(redirectUrl);

     

    MVC

    • Create the internet template in MVC4
    • Goto the account controller in ExternalLoginCallBack
    • In the AuthenticationResult type we have Extradata dictionary bag which has this data
     AuthenticationResult result = 
                    OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));

    Web Pages

    • Create the webpages2 template
    • Goto ExternalLoginCallBack
    • In the AuthenticationResult type we have Extradata dictionary bag which has this data

     

     AuthenticationResult result = 
                    OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));

     

    In the following posts I will be spending more time showing you how you can customize our OAuth/OpenId stack and how you can customize and plugin your own providers

    Leave a Comment
    • Please add 4 and 2 and type the answer here:
    • Post
    • Hi we're using 2012 and .net 4.5 and just started using oauth

      I was just wondering with the Roles table that is created is there any way to get the roles hooked up using the asp.net configuration tool or do you have to manually write an admin page to add roles and add users to roles?

      Cheers,

      Tom

    • Hello pranav, how to get facebook email ?

      Thanks

    • Hi I'm using asp.net mvc with dotnetopenauth but I cannot get more data from the open providers. The Extra data dictionary only contains email address for google. Is there something else that is required?

    • you need to plugin your own google provider. Follow this post on how to register your own provider blogs.msdn.com/.../plugging-custom-oauth-openid-providers.aspx

    • How do I get the email address from Live? We allow the user to log in via openid but their email address has to be "allowed" as well. For example, patient allow their relatives to see their status by providing their email address.

    • Excellent post pranav.

      I want to have a link to user's profile picuture thumbail to show it on my website.

      But it is not included in ExtractData dictionary.

      Can you explain how to retrieve it ?

    • Do you know if there is any update on fixing the bug where a google account's firstname, lastname and country are not retrieved in extradata?

      In a future library it would be nice if when you register a client (provider) you could specify what extra attributes you would like to receive, rather than having to write a custom provider to do this.

      Warm regards, Franz.

    Page 1 of 1 (7 items)