Wednesday, June 13, 2012
Open ID Authentication - C# ASP.NET: Getting Started
Open ID Authentication - C# ASP.NET: Getting Started: Welcome: onyangofred@gmail.com Session ID: AItOawkX3Tf3UbcZI0FvrmPlEIeY6WKjyLU0c54 The above is the result after running a simple aspx pa...
Monday, June 11, 2012
Getting Started
Welcome: onyangofred@gmail.com
Session ID: AItOawkX3Tf3UbcZI0FvrmPlEIeY6WKjyLU0c54
The above is the result after running a simple aspx page with very minimal coding. It gets your login credentials as supplied to google.
So, what is OpenID authentication?
This is a technique that allows you to share your login credentials across multiple internet sites without having to maintain a different username and password for each of the sites. Example, you can log into your g-mail account/facebook/yahoo/blogger sites/ and then share the credentials supplied across thousands of sites. Once you logout of one site, it automatically logs you out of all the other sites. It's more secure and easy to maintain, eg change your password once, and it's replicated across multiple other sites, say you have 3 million sites you regularly use on a DAILY BASIS. instead of changing your password 3 million times, you get to update all of them using a single change in the MASTER site. That in a nutshell is a dummy's definition of OpenID Authentication. You may also be interested in OpenAuth (Authorization equivalent of OpenID).
Now, get ready for HAPPY CODING, as it's time to get into a dummy's implementation of OpenID Authentication. Follow the following simple steps:
Open visual studio 2010 or any version you have
New aspx project
Add reference to "DotNetOpenAuth" class library (GOOGLE TO DOWNLOAD IT)
That's it, you're ready to start coding
//on the code for 1 of your pages, copy paste the code below:
//*****************************************************
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using DotNetOpenAuth.OpenId;
using DotNetOpenAuth.OpenId.Extensions.AttributeExchange;
using DotNetOpenAuth.OpenId.RelyingParty;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
OpenIdRelyingParty rp = new OpenIdRelyingParty();
var r = rp.GetResponse();
if (r != null)
{
switch (r.Status)
{
case AuthenticationStatus.Authenticated:
NotLoggedIn.Visible = false;
Session["GoogleIdentifier"] = r.ClaimedIdentifier.ToString();
Session["GoogleOther"] = r.Provider.Uri.ToString();
var fetch = r.GetExtension<FetchResponse>();
if (fetch != null)
Session["GoogleEmail"] = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email);
//*******************NOTE: USE A VALID URL/PAGE************************
Response.Redirect("My Main Page Here.aspx"); //redirect to main page of your website
//*******************NOTE: USE A VALID URL/PAGE************************
break;
case AuthenticationStatus.Canceled:
lblAlertMsg.Text = "Cancelled.";
break;
case AuthenticationStatus.Failed:
lblAlertMsg.Text = "Login Failed.";
break;
}
}
else
{
string discoveryUri = "https://www.google.com/accounts/o8/id";
OpenIdRelyingParty openid = new OpenIdRelyingParty();
var b = new UriBuilder(Request.Url) { Query = "" };
var req = openid.CreateRequest(discoveryUri, b.Uri, b.Uri);
var fetch = new FetchRequest();
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, true));
//fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName, true));
//fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.BirthDate.WholeBirthDate, true));
req.AddExtension(fetch);
req.RedirectToProvider(); }
}
}
//*****************************************************
You're done. Run your page to test it.
NB: Remember to redirect the page to a different page, as thats where google (OUR EXAMPLE) will redirect you to, so you just dont want to create that endless loop on a single page.
Session ID: AItOawkX3Tf3UbcZI0FvrmPlEIeY6WKjyLU0c54
The above is the result after running a simple aspx page with very minimal coding. It gets your login credentials as supplied to google.
So, what is OpenID authentication?
This is a technique that allows you to share your login credentials across multiple internet sites without having to maintain a different username and password for each of the sites. Example, you can log into your g-mail account/facebook/yahoo/blogger sites/ and then share the credentials supplied across thousands of sites. Once you logout of one site, it automatically logs you out of all the other sites. It's more secure and easy to maintain, eg change your password once, and it's replicated across multiple other sites, say you have 3 million sites you regularly use on a DAILY BASIS. instead of changing your password 3 million times, you get to update all of them using a single change in the MASTER site. That in a nutshell is a dummy's definition of OpenID Authentication. You may also be interested in OpenAuth (Authorization equivalent of OpenID).
Now, get ready for HAPPY CODING, as it's time to get into a dummy's implementation of OpenID Authentication. Follow the following simple steps:
Open visual studio 2010 or any version you have
New aspx project
Add reference to "DotNetOpenAuth" class library (GOOGLE TO DOWNLOAD IT)
That's it, you're ready to start coding
//on the code for 1 of your pages, copy paste the code below:
//*****************************************************
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using DotNetOpenAuth.OpenId;
using DotNetOpenAuth.OpenId.Extensions.AttributeExchange;
using DotNetOpenAuth.OpenId.RelyingParty;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
OpenIdRelyingParty rp = new OpenIdRelyingParty();
var r = rp.GetResponse();
if (r != null)
{
switch (r.Status)
{
case AuthenticationStatus.Authenticated:
NotLoggedIn.Visible = false;
Session["GoogleIdentifier"] = r.ClaimedIdentifier.ToString();
Session["GoogleOther"] = r.Provider.Uri.ToString();
var fetch = r.GetExtension<FetchResponse>();
if (fetch != null)
Session["GoogleEmail"] = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email);
//*******************NOTE: USE A VALID URL/PAGE************************
Response.Redirect("My Main Page Here.aspx"); //redirect to main page of your website
//*******************NOTE: USE A VALID URL/PAGE************************
break;
case AuthenticationStatus.Canceled:
lblAlertMsg.Text = "Cancelled.";
break;
case AuthenticationStatus.Failed:
lblAlertMsg.Text = "Login Failed.";
break;
}
}
else
{
string discoveryUri = "https://www.google.com/accounts/o8/id";
OpenIdRelyingParty openid = new OpenIdRelyingParty();
var b = new UriBuilder(Request.Url) { Query = "" };
var req = openid.CreateRequest(discoveryUri, b.Uri, b.Uri);
var fetch = new FetchRequest();
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, true));
//fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName, true));
//fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.BirthDate.WholeBirthDate, true));
req.AddExtension(fetch);
req.RedirectToProvider(); }
}
}
//*****************************************************
You're done. Run your page to test it.
NB: Remember to redirect the page to a different page, as thats where google (OUR EXAMPLE) will redirect you to, so you just dont want to create that endless loop on a single page.
Subscribe to:
Posts (Atom)