OAuth/OpenID Support for WebForms, MVC and WebPages

MSDN Blogs > .NET Web Development and Tools Blog > OAuth/OpenID Support for WebForms, MVC and WebPages
Server & Tools Blogs > Developer Tools Blogs > .NET Web Development and Tools Blog
Blog - Link List
ASP.NET Resources
Related Blogs
Pages

  • Jobs

    Available jobs
Menu
Recent Posts
Live Now on Developer Tools Blogs
Tags
More
Related resources
Archives
Archives
More

OAuth/OpenID Support for WebForms, MVC and WebPages

Rate This
15 Aug 2012 10:03 AM
  • Comments 44

[Update]

Adding relevant links at the bottom of the post

One of the coolest features in Visual Studio 2012 is the ability to login using your Microsoft, Facebook, Twitter or Google account. The project templates showcase a social way of logging in along with the usual way of logging in by creating a local account

This post highlights how you can turn on support for logging through these services in the project  templates. Head over the following video to get a quick glance on this feature http://www.asp.net/vnext/overview/videos/oauth-in-the-default-aspnet-45-templates

Enable OAuth login using Facebook, Twitter

Steps to get keys for Facebook

  • Go to the Facebook developers site (log in if you're not already logged in).
  • Choose the Create New App button, and then follow the prompts to name and create the new application.
  • In the section Select how your app will integrate with Facebook, choose the Website section.
  • Fill in the Site URL field with the URL of your site (for example, http://www.example.com). The Domain field is optional; you can use this to provide authentication for an entire domain (such as example.com).
    Note   If you are running a site on your local computer with a URL like http://localhost:12345 (where the number is a local port number), you can add this value to the Site URL field for testing your site. However, any time the port number of your local site changes, you will need to update the Site URL field of your application.
  • Choose the Save Changes button.
  • Choose the Apps tab again, and then view the start page for your application.
  • Copy the App ID and App Secret values for your application and paste them into a temporary text file. You will pass these values to the Facebook provider in your website code.
  • Exit the Facebook developer site.

Steps to get keys for Twitter

  • Browse to the Twitter developers site.
  • Choose the Create an App link and then log into the site.
  • On the Create an Application form, fill in the Name and Description fields.
  • In the WebSite field, enter the URL of your site (for example, http://www.example.com).
    Note   If you're testing your site locally (using a URL like http://localhost:12345), Twitter might not accept the URL. However, you might be able to use the local loopback IP address (for example http://127.0.0.1:12345). This simplifies the process of testing your application locally. However, every time the port number of your local site changes, you'll need to update the WebSite field of your application.
  • In the Callback URL field, enter a URL for the page in your website that you want users to return to after logging into Twitter. For example, to send users to the home page of the Starter Site (which will recognize their logged-in status), enter the same URL that you entered in the WebSite field.
  • Accept the terms and choose the Create your Twitter application button.
  • On the My Applications landing page, choose the application you created.
  • On the Details tab, scroll to the bottom and choose the Create My Access Token button.
  • On the Details tab, copy the Consumer Key and Consumer Secret values for your application and paste them into a temporary text file. You'll pass these values to the Twitter provider in your website code.
  • Exit the Twitter site.

Steps to enable OAuth support in WebForms

    • Create a new ASP.NET WebForms Application
    • Goto App_Start\AuthConfig.cs and uncomment the following lines of code
OpenAuth.AuthenticationClients.AddTwitter(
                 consumerKey: "your Twitter consumer key",
                 consumerSecret: "your Twitter consumer secret");
 
            OpenAuth.AuthenticationClients.AddFacebook(
                 appId: "your Facebook app id",
                 appSecret: "your Facebook app secret");

Steps to enable OAuth support in MVC

    • Create a new ASP.NET MVC Internet Application
    • Goto App_Start\AuthConfig.cs and uncomment the following lines of code
//OAuthWebSecurity.RegisterTwitterClient(
            // consumerKey: "",
            // consumerSecret: "");
 
            //OAuthWebSecurity.RegisterFacebookClient(
            // appId: "",
            //    appSecret: "");

Steps to enable OAuth support in WebPages

    • Create a new ASP.NET WebSite(Razor2)
    • Goto _AppStart.cshtml and uncomment the following lines of code
//OAuthWebSecurity.RegisterTwitterClient(
            // consumerKey: "",
            // consumerSecret: "");
 
            //OAuthWebSecurity.RegisterFacebookClient(
            // appId: "",
            //    appSecret: "");

OpenID services such as Google

Steps to enable OpenID support in WebForms

  • Create a new ASP.NET WebForms Application
  • Goto App_Start\AuthConfig.cs and uncomment the following lines of code
OpenAuth.AuthenticationClients.AddGoogle();

 

Steps to enable OpenID support in MVC

  • Create a new ASP.NET MVC Internet Application
  • Goto App_Start\AuthConfig.cs and uncomment the following lines of code

OAuthWebSecurity.RegisterGoogleClient();

Steps to enable OpenID support in WebPages

  • Create a new ASP.NET WebSite(Razor2)
  • Goto _AppStart.cshtml and uncomment the following lines of code

OAuthWebSecurity.RegisterGoogleClient();

Links to relevant posts

http://blogs.msdn.com/b/webdev/archive/2012/08/22/extra-information-from-oauth-openid-provider.aspx

http://blogs.msdn.com/b/pranav_rastogi/archive/2012/08/23/plugging-custom-oauth-openid-providers.aspx

http://blogs.msdn.com/b/webdev/archive/2012/08/24/customizing-the-login-ui-when-using-oauth-openid.aspx

http://blogs.msdn.com/b/webdev/archive/2012/09/12/integrate-openauth-openid-with-your-existing-asp-net-application-using-universal-providers.aspx

http://blogs.msdn.com/b/webdev/archive/2012/09/19/configuring-your-asp-net-application-for-microsoft-oauth-account.aspx

http://www.asp.net/mvc/overview/getting-started/using-oauth-providers-with-mvc 

Happy Logging in a social way!!!

Comments
  • Radenko Zec
    16 Aug 2012 4:27 AM

    Hi there great news.

    Can you please tell me can I use same functionality in ASP.NET Web API ?

  • 16 Aug 2012 10:02 AM

    @Radenko yes you can. We will post a sample in a few weeks on how to do it as well

  • plamikcho
    16 Aug 2012 2:02 PM

    Hi,

    This feature is really cool. Is it possible to change the default provider endpoint with another?

  • jimspo
    16 Aug 2012 6:06 PM

    How do you get your secrets/keys to use a Microsoft Account?

  • 17 Aug 2012 10:25 AM

    @jimspo goto https://manage.dev.live.com

    @plamikcho can you please explain more. You can use any provider and the endpoint

  • Stephen
    18 Aug 2012 1:25 AM

    This is great. Is there a way to request extra data such as email address? Also is there any additional documentation?

    Thanks.

  • 18 Aug 2012 1:05 PM

    @Stephen you have access to the email address when you authenticate with the provider. We will have more documentation coming soon on asp.net site

  • Krishna Gupta
    18 Aug 2012 7:13 PM

    This is indeed one of the coolest features! Very impressed. Thank you!

  • 19 Aug 2012 7:54 AM

    Nice, but how does this tie in and work seamlessly with WIF and claims-based identity architecture? What if ADFS and WS-Trust/Federation is desired to bring AD users aboard as well?

  • 19 Aug 2012 1:29 PM

    @icelava this is something we are working on for the future

  • Michael Stokesbary
    19 Aug 2012 10:19 PM

    Like Stephen asked, I know that the e-mail address comes back when you authenticate, but is there a way to request firstName and lastName or other information when using these providers? I know that Google can return this data, but I am not sure how to request this extra information using this API.

  • Andrea Valla
    20 Aug 2012 1:07 PM

    what about membership and role provider?

  • 20 Aug 2012 1:17 PM

    @Andrea the current implementation of openAuth integrated with the existing roles/membership/profile universal providers

  • iJunkie
    21 Aug 2012 4:43 AM

    Hi,

    This is a great feature, but when i try the and access the manage page(by clicking on the username) I get this error: Method not found: 'Boolean WebMatrix.WebData.ExtendedMembershipProvider.HasLocalAccount(Int32)'.

    What am i doing wrong?

    Cheers!

  • 21 Aug 2012 9:31 AM

    @iJunkie can you please post the full stack trace? Did you start with a ASP.NET MVC4 Internet application?

    Also it would be a good idea if you can post your problem on stack overflow forums and tag it with "openauth" There are a lot of people watching and answering questions on this forum and it will help resolve your issue faster

Page 1 of 3 (44 items) 123