2

We have an ASP.NET MVC 5 app and need to authenticate users via an organization by using the following info:

Redirect Uri, Client Id, Secret Key, token_uri, resource_uri.

There are several tutorials explaining this e.g. How to implement oauth2 server in ASP.NET MVC 5 and WEB API 2 and Create an ASP.NET MVC 5 App with Facebook, Twitter, LinkedIn and Google OAuth2 Sign-on (C#) but most of them use Azure or Web API, but I do not want to use API or Azure. So, how can I implement this OAuth2 Authentication?

Update:

Here is my code using @WiktorZychla's tutorial. But id does not seem to work :(


web.config:

<system.web>
    <authentication mode="Forms">
      <forms name=".DemoAuthCookie" loginUrl="~/Account/Login" timeout="30" 
          slidingExpiration="true" protection="All" />
    </authentication>
</system.web>

View:

<button type="button" onclick="location.href='@Url.Action("Authorize", "Account")';
    return false;" />Login</button>

Controller:

public readonly GoogleClient gClient = new GoogleClient
{
    AuthorizationTracker = new MyAuthorizationTracker(),
    ClientIdentifier = "x...", //client id
    ClientCredentialApplicator = ClientCredentialApplicator.PostParameter("x...") //secret
};

[AllowAnonymous]
public ActionResult Authorize()
{
    IAuthorizationState authorization = gClient.ProcessUserAuthorization();

    // Is this a response from the Identity Provider
    if (authorization == null)
    {
        // no

        // Google will redirect back here
        Uri uri = new Uri("http://localhost:53105/Account/Login");

        // Kick off authorization request with OAuth2 scopes
        gClient.RequestUserAuthorization(returnTo: uri,
            scope: new[] { GoogleClient.OpenId, 
                GoogleClient.ProfileScope, GoogleClient.EmailScope });
    }
    else
    {
        // yes

        var request = WebRequest.Create(GoogleClient.ProfileEndpoint);

        // add an OAuth2 authorization header
        // if you get 403 here, turn ON Google+ API on your app settings page
        request.Headers.Add(
             HttpRequestHeader.Authorization,
             string.Format("Bearer {0}", Uri.EscapeDataString(authorization.AccessToken)));

        // Go to the profile API
        using (var response = request.GetResponse())
        {
            using (var responseStream = response.GetResponseStream())
            {
                var profile = GoogleProfileAPI.Deserialize(responseStream);
                if (profile != null &&
                    !string.IsNullOrEmpty(profile.email))
                    FormsAuthentication.RedirectFromLoginPage(profile.email, false);
            }
        }
    }

    return RedirectToAction("Index", "Home");
}
Improve this question
13
  • 1
    I wrote a tutorial years ago, it's still ok to do Oauth2 this way in a classic mvc5 app. Commented Jan 9, 2020 at 8:09
  • @WiktorZychla Thanks Wiktor, I also have seen some outdated tutorials. But if there is not any difference or update, I can use them. Is it good idea to use them or should I have a look at an updated version written for the last 1-2- years? Commented Jan 9, 2020 at 8:11
  • @WiktorZychla On the other hand, your code seems to be written for ASP.NET and I am not sure if it works for ASP.NET MVC. Any idea? Commented Jan 9, 2020 at 8:12
  • @DaImTo I think you directly voted down without reading the question title. I am looking for an implementation to the existing ASP.NET MVC project that may be a default MVC project given on the beginner tutorials. So, there is no need to post all of the unnecessary code here, right? Commented Jan 9, 2020 at 8:20
  • @WiktorZychla Any helps please? Commented Jan 9, 2020 at 8:23
Related questions
5
Custom oAuth client in ASP.NET MVC 5
5
OAuth v2.0 in combination with ASP.NET MVC 4 Web API
17
MVC 5 application - implement OAuth Authorization code flow
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.