Your official information source from the .NET Web Development and Tools group at Microsoft.
When you authenticate a user using the OAuth/OpenId providers, you can request for some extra information about the user if you have granted access for these providers to send this information.
For eg if you login using Facebook, you can request information such as Gender, country etc.
Each provider has different set of data that you can retrieve. I am not going to into the details of these different sets of data. In this post I am going to cover what kind of information can you retrieve from the implementations of the providers that we shipped with templates in VS2012 and how can you retrieve this information.
Google
https://developers.google.com/accounts/docs/OpenID is a good place to look for more information
Facebook
http://developers.facebook.com/docs/ is a good place to look for more information
Twitter
This data is available when you login using anyone of the providers. In specifics to the code you can access this data after the authentication has happened. The data is returned as a dictionary. Following image shows a snapshot of the data returned from facebook provider
Web Forms
var authResult = OpenAuth.VerifyAuthentication(redirectUrl);
MVC
AuthenticationResult result =
OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
Web Pages
In the following posts I will be spending more time showing you how you can customize our OAuth/OpenId stack and how you can customize and plugin your own providers
Cross posted to http://blogs.msdn.com/b/pranav_rastogi/archive/2012/08/22/extra-information-from-oauth-openid-provider.aspx
I was aware of this functionality with regards to having the ExtraData dictionary, but it doesn't seem to be working the way I would expect it to with regards to the GoogleOpenIdClient. I noticed in the code on Github, Name.First and Name.Last are added as AddOptional, but not coming back. If I write my own client and add those attributes through the AddRequired, I get back a first and last name. Is this the expected behavior? If this is the case, I would be forced to write my own GoogleOpenIdClient and then also write a custom OAuthWebSecurity class to use my client instead of the one from DotNetOpenAuth.AspNet, correct? I know you said you were going to cover this later so I don't mean to be jumping the gun, was just wondering if I was missing something with the current implementation of the Google client.
You have correctly identified the bug with our google provider. It's something we know and will blog about and fix it in the recent future. To workaround this you can write your own provider as you mentioned and you can register your own custom provider in AuthConfig.cs instead of our default google provider
OAuthWebSecurity.RegisterClient(new YourCustomGoogleCustomClient());
// OAuthWebSecurity.RegisterGoogleClient();
this was exactly what I was going to do :)
Thanks for the blog post. Very useful.
Hi we're using 2012 and .net 4.5 and just started using oauth
I was just wondering with the Roles table that is created is there any way to get the roles hooked up using the asp.net configuration tool or do you have to manually write an admin page to add roles and add users to roles?
Cheers,
Tom
@Tom, if you are using universal providers then you can hook up roles with the users tables using the webadmin tool as you were doing it before. if you are using simplemembership then you will have to manually write an admin page to add roles and add users to roles
Basic understanding of OAuth 2.0 can be picked up from architecture-soa-bpm-eai.blogspot.com/.../oauth-20-for-my-ninth-grader.html
Hi,
Thanks for the Post.
I'm trying to get a handle on the OAuth. Is the extra data persisted after the authentication, e.g. as part of Membership, do we need to implement this ourselves?
Thanks
Chris
The extra data is not persisted. You will have to do it yourself
I'd really like to see a sample FacebookClient that retrieved the email. I've seen a lot of discussions on how to work around DotNetOpenAuth to do this, but none on how to integrate with Microsoft.AspNet.WebPages.Oauth. The scope parameter is ignored. I'd like to be able to use the VS 2012 templates and not have to start over from scratch, but it's looking like starting from scratch may be less painful than trying to tweak what you've provided to return a Facebook email.
Thanks for the post. Very useful.
Hello, can you give a quick example of how to register a new client in the web forms example?
I'm planning on writing a custom Facebook client because I can't figure out how to request permissions for the FB app/connection.
Thanks!