如何OpenID支持ASP.Net成员在MVC整合 [英] How to integrate OpenId with ASP.Net Membership in MVC
问题描述
我使用MVC从店面以下code在MVC测试的OpenID。 如何与我的ASP.Net会员整合,所以我可以用角色和保存的用户名在我的表用户?我相信,也是使用类似的东西。
公众的ActionResult OpenIdLogin()
{
串RETURNURL = VirtualPathUtility.ToAbsolute(〜/);
VAR的OpenID =新OpenIdRelyingParty();
变种响应= openid.GetResponse();
如果(响应== NULL)
{
//第2阶段:用户提交标识符
标识ID;
如果(Identifier.TryParse(请求[openid_identifier],掉id))
{
尝试
{
IAuthenticationRequest REQ = openid.CreateRequest(请求[openid_identifier]); VAR取=新FetchRequest();
//要求更多信息 - 电子邮件地址
VAR项目=新AttributeRequest(WellKnownAttributes.Contact.Email);
item.IsRequired = TRUE;
fetch.Attributes.Add(项目);
req.AddExtension(读取); 返回req.RedirectingResponse.AsActionResult();
}
赶上(前的ProtocolException)
{
计算机[消息] = ex.Message;
返回视图(登录);
}
}
其他
{
计算机[消息] =无效的标识符
返回视图(登录);
}
}
其他
{
//第3阶段:OpenID提供者发出声明响应
开关(response.Status)
{
案例AuthenticationStatus.Authenticated: VAR取= response.GetExtension< FetchResponse>();
字符串名称= response.FriendlyIdentifierForDisplay;
如果(取!= NULL)
{
IList的<串GT; emailAddresses = fetch.Attributes [WellKnownAttributes.Contact.Email] .Values;
字符串email = emailAddresses.Count> 0? emailAddresses [0]:空;
//不显示邮件 - 这是令人毛骨悚然。只需使用电子邮件的名字
名称= email.Substring(0,email.IndexOf('@'));
}
其他
{ 名称= name.Substring(0,name.IndexOf()'。');
} //FormsAuthentication.SetAuthCookie(name,FALSE);
SetCookies(姓名,名称);
AuthAndRedirect(姓名,名称); 如果(!string.IsNullOrEmpty(RETURNURL))
{
返回重定向(RETURNURL);
}
其他
{
返回RedirectToAction(指数,家);
}
案例AuthenticationStatus.Canceled:
计算机[消息] =在供应商取消;
返回视图(登录);
案例AuthenticationStatus.Failed:
计算机[消息] = response.Exception.Message;
返回视图(登录);
}
}
返回新EmptyResult(); } 的ActionResult AuthAndRedirect(用户名字符串,字符串的friendlyName)
{
字符串RETURNURL =请求[RETURNURL];
SetCookies(用户名,的friendlyName); 如果(!String.IsNullOrEmpty(RETURNURL))
{
返回重定向(RETURNURL);
}
其他
{
返回RedirectToAction(指数,家);
}
}
有几个问题像你已经在计算器上。 <一href=\"http://stackoverflow.com/questions/918156/implementing-openid-in-asp-net-properly-membership-or-authentication-provider\">This 之一似乎特别相似。
如果您已经使用您站点的会员提供者和刚刚添加的OpenID到它,那么我想你坚持为会员现在可以使用的答案之一,我挂拿到的问题半体面的成员资格提供程序可能为你工作。
但是,如果你正在写一个新的网站,只是想使用角色和保存的用户名在我的表用户如你所说,那么根本不使用ASP.NET成员资格。这太不值得了!它不适合的OpenID的无密码的范式和正义事业比什么都重要的悲伤。如果你不害怕的数据库访问自己一点点,这样做的。你可以通过只发出自己的 FormsAuthentication.RedirectFromLoginPage 或 FormsAuthentication.SetAuthCookie 呼叫,并传入得到角色的行为很容易角色的用户填写。
I am using the following code from MVC Storefront to test OpenId in MVC. How do I integrate it with my ASP.Net Membership so I can use roles and save a user name for the user in my tables? I believe that SO is also using something similar.
public ActionResult OpenIdLogin()
{
string returnUrl = VirtualPathUtility.ToAbsolute("~/");
var openid = new OpenIdRelyingParty();
var response = openid.GetResponse();
if (response == null)
{
// Stage 2: user submitting Identifier
Identifier id;
if (Identifier.TryParse(Request["openid_identifier"], out id))
{
try
{
IAuthenticationRequest req = openid.CreateRequest(Request["openid_identifier"]);
var fetch = new FetchRequest();
//ask for more info - the email address
var item = new AttributeRequest(WellKnownAttributes.Contact.Email);
item.IsRequired = true;
fetch.Attributes.Add(item);
req.AddExtension(fetch);
return req.RedirectingResponse.AsActionResult();
}
catch (ProtocolException ex)
{
ViewData["Message"] = ex.Message;
return View("Logon");
}
}
else
{
ViewData["Message"] = "Invalid identifier";
return View("Logon");
}
}
else
{
// Stage 3: OpenID Provider sending assertion response
switch (response.Status)
{
case AuthenticationStatus.Authenticated:
var fetch = response.GetExtension<FetchResponse>();
string name = response.FriendlyIdentifierForDisplay;
if (fetch != null)
{
IList<string> emailAddresses = fetch.Attributes[WellKnownAttributes.Contact.Email].Values;
string email = emailAddresses.Count > 0 ? emailAddresses[0] : null;
//don't show the email - it's creepy. Just use the name of the email
name = email.Substring(0, email.IndexOf('@'));
}
else
{
name = name.Substring(0, name.IndexOf('.'));
}
//FormsAuthentication.SetAuthCookie(name, false);
SetCookies(name, name);
AuthAndRedirect(name, name);
if (!string.IsNullOrEmpty(returnUrl))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
case AuthenticationStatus.Canceled:
ViewData["Message"] = "Canceled at provider";
return View("Logon");
case AuthenticationStatus.Failed:
ViewData["Message"] = response.Exception.Message;
return View("Logon");
}
}
return new EmptyResult();
}
ActionResult AuthAndRedirect(string userName, string friendlyName)
{
string returnUrl = Request["ReturnUrl"];
SetCookies(userName, friendlyName);
if (!String.IsNullOrEmpty(returnUrl))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
There are several questions like yours already on StackOverflow. This one seems particularly similar.
If you're already using the Membership provider for your site and are just adding OpenID to it, then I guess you're stuck with Membership for now and can use one of the answers to the question I linked to to get a semi-decent membership provider that MAY work for you.
But if you're writing a new site and just want "use roles and save a user name for the user in my tables" as you said, then DON'T use ASP.NET Membership at all. It's SO not worth it! It doesn't fit OpenID's password-less paradigm and just causes more grief than anything else. If you're not afraid of a little bit of database access yourself, do it that way. And you can get Roles behavior very easily by just issuing your own FormsAuthentication.RedirectFromLoginPage or FormsAuthentication.SetAuthCookie call and passing in the roles the user fills.
这篇关于如何OpenID支持ASP.Net成员在MVC整合的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
