使用ASP.NET Web API 2.0和Ionic Cordova应用程序启用社交登录 [英] Enabling Social logins with ASP.NET Web API 2.0 and Ionic Cordova app
问题描述
我有一个ASP.NET Web API 2.0应用程序,已将其连接到一个使用我的API进行登录,注册等的Ionic应用程序.
I have an ASP.NET Web API 2.0 application which I have connected up to an Ionic app which uses my API for logon, registration and so on.
我正在使用基于令牌的身份验证,以便在用户注册帐户并登录时将被授予访问令牌,该访问令牌将在每个后续请求的标头中传递并用于验证用户.很好
I am using token-based authentication so that when a user registers an account and logs in they will be granted an access token which is passed in the header of each subsequent request and used to authenticate the user. That works fine.
现在,我想允许用户通过登录诸如Facebook或Google之类的社交帐户来注册帐户.
Now I want to allow a user to register an account by logging into a social account such as Facebook or Google.
就目前而言,我正在努力整合Google身份验证,因此在我的Startup.Auth.cs文件中,我已经启用了它,如下所示:
For now, I am taking a stab at integrating Google authentication, and so in my Startup.Auth.cs file I have enabled it like so:
app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions
{
ClientId = "###",
ClientSecret = "###",
});
我也有标准的AccountController方法,因此我可以从Ionic应用程序向"RegisterExternal"方法发出GET请求,该方法如下所示:
I also have the standard AccountController methods, so from my Ionic application I am able to make a GET request to the 'RegisterExternal' method which looks something like this:
/api/Account/ExternalLogin?provider=Google&response_type=token&client_id=self&redirect_uri=###
据我所知,此方法返回一个重定向URI,我应该在应用程序中导航到该重定向URI,以允许用户登录.我想我会在我的应用程序中打开一个新窗口,以允许用户输入他们的详细信息吗?
As I understand it, this method returns a redirect URI for which I should navigate to within my app to allow a user to login. I imagine I would open a new window in my app to allow a user to enter their details?
但是,我不认为这是我要采取的方法.对于如今的大多数应用程序,我只需按使用Google登录"按钮,它就可以实现所有功能,而无需任何重定向或输入任何信息.
However, I don't think this is the approach I want to take. For most apps these days I can simply press a 'Login with Google' button and it does all the magic under the hood without any redirects or entering any info.
我正在查看 Cordova GooglePlus插件,这似乎就是我需要,因为它允许用户登录客户端.成功回调还会返回以下内容:
I was taking a look at the Cordova GooglePlus plugin and this appears to be what I need, as it allow a user to login client-side. A success callback also returns the following:
obj.email // 'eddyverbruggen@gmail.com'
obj.userId // user id
obj.displayName // 'Eddy Verbruggen'
obj.familyName // 'Verbruggen'
obj.givenName // 'Eddy'
obj.imageUrl // 'http://link-to-my-profilepic.google.com'
obj.idToken // idToken that can be exchanged to verify user identity.
obj.serverAuthCode // Auth code that can be exchanged for an access token and refresh token for offline access
obj.accessToken // OAuth2 access token
所以我的问题是,我是否可以使用此信息将其传递给我的ASP.NET服务的帐户服务,以对用户进行身份验证并为他们创建一个帐户(如果他们还没有一个帐户的话)?
So my question is, can I use this information to pass to the account service of my ASP.NET service to authenticate the user and create an account for them if they don't have one already?
我在此处中了解到,如果您使用Google Sign-在与后端服务器通信的应用程序中,您可以通过将用户的ID令牌发送到我的服务器以对其进行验证,并在该用户尚未在我的数据库中的情况下创建一个帐户,从而在服务器上标识当前登录的用户.
I read here that if you use Google Sign-In with an app that communicates with a backend server, you can identify the currently signed-in user on the server by sending the user's ID token to my server to validate it and create an account if the user isn't already in my database.
这表明我应该能够使用此插件将所需的信息发送到服务器.如果可能的话,我需要打哪个端点,我需要做什么?
This suggests I should be able to use this plugin to send the information I need to my server. If this is possible, which endpoint do I need to hit and what do I need to do?
我有一个AccountController.cs,其中包含所有标准内容,例如
I have an AccountController.cs which has all the standard stuff, e.g.
- AddExternalLogin
- GetExternalLogin
- RegisterExternal
,依此类推.这些会帮助我吗?
and so on. Would any of these help me?
推荐答案
由于您已经拥有来自首选社交身份验证的访问令牌,因此可以将其传递给ASP.NET.但是,它没有处理该问题的方法,您可以按照以下> ="nofollow noreferrer">此处.
Since you already have the access token from your prefered social auth, you can pass that to ASP.NET. However, it does not have a way to process that, which you can add by following this answer also elaborated at the blog here.
这将返回一个身份验证令牌,您可以将其与auth header
Which will return an auth token you can use with auth header
P.S.不知道我是否也应该在这里复制所有代码?太大了.
这篇关于使用ASP.NET Web API 2.0和Ionic Cordova应用程序启用社交登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
