Friday, December 7, 2012

Introduction to DotNetAuth

Recently I have been working on implementation of OAuth protocol. The outcome was not that much bad, so I decided to make it available for others to use it free. Although I am still working on its features, it is fully functional. I have used it in several of my projects.

OAuth protocol is a protocol which is implemented by a lot of famous social networks and is the fundamental key to working with most of their APIs, specially to access to methods which requires some of identity of the requester. So if you want to integrate your website with Facebaook or Google Plus or LinkedIn etc probably your first step would be to handle OAuth protocol.

Also it is a common practice to use OAuth for authenticating user's in your website. Instead of the classic set of username/password credentials, you can simply deliver the user identification to these social networks and ask for user's primary set of information like name, date of birth, gender etc through their API.

OAuth protocol is a complete protocol as it considers all the parties(one which needs to authorize, one which need to make an authorized request, end user who authorizes) and all common scenarios in ways of communication between parties.

DotNetAuth is a an implementation of the OAuth protocol which only supports the consumption of protocol, and it is only for server side flow. So if you are the developing a website which wants to makes user-authorized requests to social network sites like Facebook or Google API this library is for. Also this library helps you take advantage of the OAuth protcol to identify users of your website and use OAuth for user membership(sign up, sign in features).

Source Code:
https://bitbucket.org/samnaseri/dotnetauth

Nuget Packages:

Install-Package DotNetAuth
Install-Package DotNetAuth.Profiles


Asp.Net MVC Sample:
This is just a sample to show what it would look like.
Just add above packages and then you can have the following methods in your ProfileController:

public class ProfileController : Controller
{
    ProfileProperty[] requiredProperties = new[] { ProfileProperty.Email, ProfileProperty.DisplayName, ProfileProperty.UniqueID, ProfileProperty.DisplayName };
    // GET: /Profile/
    [HttpGet]
    public ActionResult Index()
    {
        return View();
    }
    public RedirectResult Login()
    {
        var userProcessUri = Url.Action("Callback""Profile"null, protocol: Request.Url.Scheme);
        var provider = LoginProvider.Get(LoginProviderRegistry.Facebook.Fullname);
        var authorizationUrl = DotNetAuth.Profiles.Login.GetAuthenticationUri(provider, new Uri(userProcessUri), new DefaultLoginStateManager(Session), requiredProperties);
        authorizationUrl.Wait();
        return Redirect(authorizationUrl.Result.AbsoluteUri);
    }
    // GET: /Process
    [HttpGet]
    public ActionResult Callback(string providerName)
    {
        var userProcessUri = Url.Action("Callback""Profile"null, protocol: Request.Url.Scheme);
        var provider = LoginProvider.Get(LoginProviderRegistry.Facebook.Fullname);
        var profile = DotNetAuth.Profiles.Login.GetProfile(provider, Request.Url, userProcessUri, new DefaultLoginStateManager(Session), requiredProperties);
        profile.Wait();
        return Content(profile.Result.ToString());
    }
}

And that's it.

13 comments:

  1. could we have sample code for asp.net web forms ?

    ReplyDelete
  2. A sample code will be provided for Web Forms very soon.

    ReplyDelete
  3. It is not working for me. and it is not clear to implement.

    ReplyDelete
  4. Does this support Windows Phone 8?

    ReplyDelete
  5. Have you worked on the Web Forms example yet?

    ReplyDelete
  6. Are there any examples anywhere of how to implement this?

    ReplyDelete
  7. Hello Sam,

    Have you been able to post the Web Forms example?

    ReplyDelete
  8. Web Form? Nice and simple .ASPX so that we can authenticate an end-user from Google?

    ReplyDelete
  9. Hi Sam!

    Under what license is this released? MIT license?

    ReplyDelete
  10. Hi Sam,

    Can we use this library to do Single Sign on using ADFS 3.0?

    ReplyDelete
  11. Hi Sam,

    Can we use this library to do Single Sign on using ADFS Windows 2012 R2

    ReplyDelete