ASP.Net Identity提供者请求太多信息 [英] ASP.Net Identity provider requesting too much info

问题描述

我的asp.net身份正常.但是，当用户登录时，Google会询问用户是否可以提供以下信息:

I have asp.net indentity working fine. However when a user logs in, Google asks the user if it's OK to provide the following information:

-查看您的电子邮件地址
-查看有关您帐户的基本信息

- View your email address
- View basic information about your account

问题是我什至不想要这些信息.我只想要一种独特的方式来识别用户(它确实提供了).我不希望用户以为我会在他们登录时向他们发送垃圾邮件.

The problem is that I don't even want that information. I just want a unique way to identify the user (which it does provide). I don't want users thinking i'm going to spam them when they sign in.

在Startup.Auth.cs中，我使用了非常普通的Google设置:

In Startup.Auth.cs I use a very vanilla google setup:

app.UseGoogleAuthentication();

解决方案

Brock的回答使我找到了正确的解决方案.关键是在范围内添加"openid".

SOLUTION

Brock's answer led me to the correct solution. Key thing was adding "openid" to the scope.

    var googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions
        {
            ClientId = "XXXX",
            ClientSecret = "YYYY",
            CallbackPath = new PathString("/Account/LoginCallback/"),
        };

    googleOAuth2AuthenticationOptions.Scope.Add("openid"); //!Important

    app.UseGoogleAuthentication(googleOAuth2AuthenticationOptions);

推荐答案

在Katana v2中间件中，Google支持仅是Open ID，并且对请求电子邮件进行了硬编码.

In the Katana v2 middleware the Google support was only Open ID and it was hard coded to request email.

在v2.1中，它们现在具有OAuth2支持，这意味着GoogleAuthenticationOptions具有scopes属性，该属性使您可以控制向Google提出的要求.但这意味着您需要像其他OAuth2提供程序一样设置客户端应用程序(因此您需要注册并获取客户端ID/秘密).

In v2.1 they now have OAuth2 support, which means the GoogleAuthenticationOptions has a scopes property which allows you to control what you're asking from google. But this means you need to setup your client app like any other OAuth2 provider (so you need to register and get a client id/secret).

这篇关于ASP.Net Identity提供者请求太多信息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！