Does ASP.Net MVC's OAuthWebSecurity for Google use Google's OAuth 2.0 for authentication? ASP.Net MVC's OAuthWebSecurity for Google does not have ability to enter key or secret like Facebook and Twitter clients. Likewise, no token is returned from a successful Google authentication. Why is Google client different from Facebook and Twitter clients?
Is ASP.Net MVC's OAuthWebSecurity for Google using Google Plus, or some other approach for Google authentication?
Thanks.
I've reflected over the OAuthWebSecurity class and it is using Google OpenID interface for authentication. It's not doing OAuth. Currently, i think you will have to bake your own DotNetOpenAuth.AspNet.IAuthentication implementation. I am actually embarking on the same adventure.
Related
We have an existing MVC angular application enabled with ADFS WS-Fed authentication. The application has many API's hosted as a part of the solution which is internally accessed by views. Now, We have a requirement for the API to be published to other developers.
I am thinking of enabling OAuth/OpenId for the endpoints and enable other developers to access. I need your inputs regarding my approach.
There is no support in ADFS 2.0 for OpenID Connect and OAuth.
The only API option you have is via WCF.
I am spiking a solution with Thinktecture IdentityServer V3. The setup of the project is an Asp.net MVC 5 site which uses forms authentication to authenticate the user, we also have a number of web api sites which are hosted seperately.
I would like to use IdentityServer to SSO into the web api sites. this is an internal solution and would like to somehow programatically login to the identity server instead of been shown the login screen.
Is this possible?
Many thanks
Check this link.
https://github.com/IdentityServer/IdentityServer3/issues/831.
You can sign in as resource owner, but SSO won't be possible.
We can always customize the login page provided on IdentityServer.
As per the topic above, I would like to know how to implement facebook invitation using OWIN in ASP.NET
Owin will allow you to authenticate the user at the external provider and give you the capability to get an access token in which you can store. As far as the invitation is concerned you most likely need to use the C# facebook api or write your own "Facebook" graph wrappers.
I am writing an ASP.Net WebApi application and I want to secure it using a combination of Custom Login (like ASP.NET Membership) and Social Logins (Google,Facebook,Twitter,LinkedIn and hopefully many more). User should be able to select any of them.
My client is pure HTML/JS SPA application and for that i will need to implement Implict grant flow of OAuth.
The options i see right now are
Use Thinktecture's Identity Server and Authorization Server.
Use DotNetOpenAuth library.
Can anyone point me in the right direction ? Which one of the above options can work for me?
Thanks
Why not follow the same pattern in MVC 5 SPA template, which already did exactly what you want to do:
It uses resource owner password login flow with ASP.NET Identity API
Support Social Login (Google, Facebook, Twitter, Microsoft Account)
Its client uses knockout and pure html/js
It uses implicit grant flow to convert social login to application access token
The template uses OWIN security middlewares, which can support:
Cookie auth
Bearer token auth
Social login auth
OAuth 2.0 Authorization Server flows and extension grant, which you can customize your own
You may need my blog to better understand the whole security story in the SPA template.
Iam developing a multi lingual application and planning to use google translator API. I was wondering if Google Translate API supports OAuth authentication or not, document is available for using key but no information is available regarding OAuth authentication.
Thanks