locked
Social networks login RRS feed

  • Question

  • User1060253380 posted

    HI,

    I can see lots of articles regarding social networks login\signin.

    What i cant figure out is what identification does the social network return to the calling web site.

    If I want the social login to replace my user name + password login i need it to return an identifier for the user that i can keep in my users table and use to login the user 

    from now on

    is that correct ?

    thanks

    Sunday, August 26, 2018 6:02 PM

Answers

  • User1520731567 posted

    Hi liorgal100,

    From ASP.NET Site,

    "ASP.NET authentication is now based on OWIN middleware that can be used on any OWIN-based host. ASP.NET Identity does not have any dependency on System.Web. It is a fully compliant OWIN framework and can be used in any OWIN hosted application. ASP.NET Identity uses OWIN Authentication for log-in/log-out of users in the web site. This means that instead of using FormsAuthentication to generate the cookie, the application uses OWIN CookieAuthentication to do that."

    So you cannot use ASP.NET Identity without Owin, also, your app should not be self-hosted you can still use the IIS with OWIN configured, i suggest to dig deeper into the ASP.NET OWIN.

    Best Regrads.

    Yuki Tao

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, September 4, 2018 2:51 AM

All replies

  • User1520731567 posted

    Hi liorgal100,

    You could refer to:

    https://docs.microsoft.com/en-us/aspnet/mvc/overview/security/create-an-aspnet-mvc-5-app-with-facebook-and-google-oauth2-and-openid-sign-on

    https://docs.microsoft.com/en-us/aspnet/web-api/overview/security/external-authentication-services

    https://developer.okta.com/authentication-guide/social-login/

    For example:

    From the Google APIs API Manager, visit the Credentials tab to obtain the Client ID. Download to save a JSON file with application secrets. Copy and paste the ClientId and ClientSecret into the UseGoogleAuthentication method found in the Startup.Auth.cs file in the App_Start folder.

    public void ConfigureAuth(IAppBuilder app)
    {
        // Configure the db context and user manager to use a single instance per request
        app.CreatePerOwinContext(ApplicationDbContext.Create);
        app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
    
        // Enable the application to use a cookie to store information for the signed in user
        // and to use a cookie to temporarily store information about a user logging in with a third party login provider
        // Configure the sign in cookie
        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            Provider = new CookieAuthenticationProvider
            {
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                    validateInterval: TimeSpan.FromMinutes(30),
                    regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
            }
        });
        
        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
    
        // Uncomment the following lines to enable logging in with third party login providers
        //app.UseMicrosoftAccountAuthentication(
        //    clientId: "",
        //    clientSecret: "");
    
        //app.UseTwitterAuthentication(
        //   consumerKey: "",
        //   consumerSecret: "");
    
        //app.UseFacebookAuthentication(
        //   appId: "",
        //   appSecret: "");
    
        app.UseGoogleAuthentication(
             clientId: "000-000.apps.googleusercontent.com",
             clientSecret: "00000000000");
    }

    Best Regards.

    Yuki Tao

    Monday, August 27, 2018 10:01 AM
  • User1060253380 posted

    Thanks Yuki,

    This links are using MVC + Owin and i need example for a simple asp.net web application

    Monday, August 27, 2018 10:25 AM
  • User1520731567 posted

    Hi liorgal100,

    From ASP.NET Site,

    "ASP.NET authentication is now based on OWIN middleware that can be used on any OWIN-based host. ASP.NET Identity does not have any dependency on System.Web. It is a fully compliant OWIN framework and can be used in any OWIN hosted application. ASP.NET Identity uses OWIN Authentication for log-in/log-out of users in the web site. This means that instead of using FormsAuthentication to generate the cookie, the application uses OWIN CookieAuthentication to do that."

    So you cannot use ASP.NET Identity without Owin, also, your app should not be self-hosted you can still use the IIS with OWIN configured, i suggest to dig deeper into the ASP.NET OWIN.

    Best Regrads.

    Yuki Tao

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, September 4, 2018 2:51 AM