OAuth/OpenID Support for WebForms, MVC and WebPages

OAuth/OpenID Support for WebForms, MVC and WebPages

Rate This
  • Comments 45

[Update]

Adding relevant links at the bottom of the post

One of the coolest features in Visual Studio 2012 is the ability to login using your Microsoft, Facebook, Twitter or Google account. The project templates showcase a social way of logging in along with the usual way of logging in by creating a local account

This post highlights how you can turn on support for logging through these services in the project  templates. Head over the following video to get a quick glance on this feature http://www.asp.net/vnext/overview/videos/oauth-in-the-default-aspnet-45-templates

Enable OAuth login using Facebook, Twitter

Steps to get keys for Facebook

  • Go to the Facebook developers site (log in if you're not already logged in).
  • Choose the Create New App button, and then follow the prompts to name and create the new application.
  • In the section Select how your app will integrate with Facebook, choose the Website section.
  • Fill in the Site URL field with the URL of your site (for example, http://www.example.com). The Domain field is optional; you can use this to provide authentication for an entire domain (such as example.com).
    Note   If you are running a site on your local computer with a URL like http://localhost:12345 (where the number is a local port number), you can add this value to the Site URL field for testing your site. However, any time the port number of your local site changes, you will need to update the Site URL field of your application.
  • Choose the Save Changes button.
  • Choose the Apps tab again, and then view the start page for your application.
  • Copy the App ID and App Secret values for your application and paste them into a temporary text file. You will pass these values to the Facebook provider in your website code.
  • Exit the Facebook developer site.

Steps to get keys for Twitter

  • Browse to the Twitter developers site.
  • Choose the Create an App link and then log into the site.
  • On the Create an Application form, fill in the Name and Description fields.
  • In the WebSite field, enter the URL of your site (for example, http://www.example.com).
    Note   If you're testing your site locally (using a URL like http://localhost:12345), Twitter might not accept the URL. However, you might be able to use the local loopback IP address (for example http://127.0.0.1:12345). This simplifies the process of testing your application locally. However, every time the port number of your local site changes, you'll need to update the WebSite field of your application.
  • In the Callback URL field, enter a URL for the page in your website that you want users to return to after logging into Twitter. For example, to send users to the home page of the Starter Site (which will recognize their logged-in status), enter the same URL that you entered in the WebSite field.
  • Accept the terms and choose the Create your Twitter application button.
  • On the My Applications landing page, choose the application you created.
  • On the Details tab, scroll to the bottom and choose the Create My Access Token button.
  • On the Details tab, copy the Consumer Key and Consumer Secret values for your application and paste them into a temporary text file. You'll pass these values to the Twitter provider in your website code.
  • Exit the Twitter site.

Steps to enable OAuth support in WebForms

    • Create a new ASP.NET WebForms Application
    • Goto App_Start\AuthConfig.cs and uncomment the following lines of code
OpenAuth.AuthenticationClients.AddTwitter(
                 consumerKey: "your Twitter consumer key",
                 consumerSecret: "your Twitter consumer secret");
 
            OpenAuth.AuthenticationClients.AddFacebook(
                 appId: "your Facebook app id",
                 appSecret: "your Facebook app secret");

Steps to enable OAuth support in MVC

    • Create a new ASP.NET MVC Internet Application
    • Goto App_Start\AuthConfig.cs and uncomment the following lines of code
//OAuthWebSecurity.RegisterTwitterClient(
            // consumerKey: "",
            // consumerSecret: "");
 
            //OAuthWebSecurity.RegisterFacebookClient(
            // appId: "",
            //    appSecret: "");

Steps to enable OAuth support in WebPages

    • Create a new ASP.NET WebSite(Razor2)
    • Goto _AppStart.cshtml and uncomment the following lines of code
//OAuthWebSecurity.RegisterTwitterClient(
            // consumerKey: "",
            // consumerSecret: "");
 
            //OAuthWebSecurity.RegisterFacebookClient(
            // appId: "",
            //    appSecret: "");

OpenID services such as Google

Steps to enable OpenID support in WebForms

  • Create a new ASP.NET WebForms Application
  • Goto App_Start\AuthConfig.cs and uncomment the following lines of code
OpenAuth.AuthenticationClients.AddGoogle();

 

Steps to enable OpenID support in MVC

  • Create a new ASP.NET MVC Internet Application
  • Goto App_Start\AuthConfig.cs and uncomment the following lines of code

OAuthWebSecurity.RegisterGoogleClient();

Steps to enable OpenID support in WebPages

  • Create a new ASP.NET WebSite(Razor2)
  • Goto _AppStart.cshtml and uncomment the following lines of code

OAuthWebSecurity.RegisterGoogleClient();

Links to relevant posts

http://blogs.msdn.com/b/webdev/archive/2012/08/22/extra-information-from-oauth-openid-provider.aspx

http://blogs.msdn.com/b/pranav_rastogi/archive/2012/08/23/plugging-custom-oauth-openid-providers.aspx

http://blogs.msdn.com/b/webdev/archive/2012/08/24/customizing-the-login-ui-when-using-oauth-openid.aspx

http://blogs.msdn.com/b/webdev/archive/2012/09/12/integrate-openauth-openid-with-your-existing-asp-net-application-using-universal-providers.aspx

http://blogs.msdn.com/b/webdev/archive/2012/09/19/configuring-your-asp-net-application-for-microsoft-oauth-account.aspx

http://www.asp.net/mvc/overview/getting-started/using-oauth-providers-with-mvc 

Happy Logging in a social way!!!

Leave a Comment
  • Please add 3 and 8 and type the answer here:
  • Post
  • Hi there great news.

    Can you please tell me can I use same functionality in ASP.NET Web API ?

  • @Radenko yes you can. We will post a sample in a few weeks on how to do it as well

  • Hi,

    This feature is really cool. Is it possible to change the default provider endpoint with another?

  • How do you get your secrets/keys to use a Microsoft Account?

  • @jimspo goto https://manage.dev.live.com

    @plamikcho can you please explain more. You can use any provider and the endpoint

  • This is great. Is there a way to request extra data such as email address? Also is there any additional documentation?

    Thanks.

  • @Stephen you have access to the email address when you authenticate with the provider. We will have more documentation coming soon on asp.net site

  • This is indeed one of the coolest features! Very impressed. Thank you!

  • Nice, but how does this tie in and work seamlessly with WIF and claims-based identity architecture? What if ADFS and WS-Trust/Federation is desired to bring AD users aboard as well?

  • @icelava this is something we are working on for the future

  • Like Stephen asked, I know that the e-mail address comes back when you authenticate, but is there a way to request firstName and lastName or other information when using these providers? I know that Google can return this data, but I am not sure how to request this extra information using this API.

  • what about membership and role provider?

  • @Andrea the current implementation of openAuth integrated with the existing roles/membership/profile universal providers

  • Hi,

    This is a great feature, but when i try the and access the manage page(by clicking on the username) I get this error: Method not found: 'Boolean WebMatrix.WebData.ExtendedMembershipProvider.HasLocalAccount(Int32)'.

    What am i doing wrong?

    Cheers!

  • @iJunkie can you please post the full stack trace? Did you start with a ASP.NET MVC4 Internet application?

    Also it would be a good idea if you can post your problem on stack overflow forums and tag it with "openauth" There are a lot of people watching and answering questions on this forum and it will help resolve your issue faster

Page 1 of 3 (45 items) 123