使用外部身份验证提供程序从 MVC5 框架 OAuth/OWin 身份提供程序获取 ExtraData [英] Get ExtraData from MVC5 framework OAuth/OWin identity provider with external auth provider

问题描述

我正在尝试在 VS 2013 预览版中使用新的 MVC5 框架.

I'm trying to use the new MVC5 framework in VS 2013 preview.

会员身份验证框架已经过大修并替换为OWin.

The membership authentication framework has been overhauled and replaced with OWin.

特别是，我启用了外部身份验证提供商 Google 身份验证.

In particular, I turned on external authentication provider Google auth.

做起来很简单.

只需在新的默认 MVC 项目的 App_Start 目录中的 Startup.Auth.cs 文件中取消注释这一行:app.UseGoogleAuthentication();.

Simply uncomment this line: app.UseGoogleAuthentication(); in the Startup.Auth.cs file in the App_Start directory of the new default MVC project.

因此，我想访问来自身份验证提供程序的额外数据"，例如要在我的应用程序中显示的用户头像的 URL.

So, I want access the "Extra Data" that comes from the Authentication provider, such as a url to the user's avatar to display in my application.

在针对 asp.net Membership 提供程序的旧 OAuth 实现下，有一种方法可以使用此处找到的 ExtraData 字典来捕获它:ProviderDetail.ExtraData 属性.

Under the older OAuth implementation against asp.net Membership provider, there was a way to capture this using this ExtraData dictionary found here: ProviderDetail.ExtraData Property.

我找不到太多关于 OAuth 和 OWin 如何协同工作以及如何访问这些额外数据的文档.

I can't find much documentation about how OAuth and OWin work together and how to access this extra data.

谁能给我指点一下?

推荐答案

最近我也不得不访问 Google 个人资料的图片，这里是我解决它的方法...

Recently I had to get access to Google profile's picture as well and here is how I solve it...

如果您只在 Startup.Auth.cs 文件中启用代码 app.UseGoogleAuthentication(); 这还不够，因为在这种情况下，Google 根本不会返回有关个人资料图片的任何信息(或者我不知道如何获得它).

If you just enable the code app.UseGoogleAuthentication(); in the Startup.Auth.cs file it's not enough because in this case Google doesn't return any information about profile's picture at all (or I didn't figure out how to get it).

您真正需要的是使用 OAuth2 集成而不是默认启用的 Open ID.这就是我是如何做到的...

What you really need is using OAuth2 integration instead of Open ID that enabled by default. And here is how I did it...

首先，您必须在 Google 端注册您的应用并获得客户端 ID"和客户端密码".一旦完成，您就可以更进一步(稍后您将需要它).有关如何执行此操作的详细信息此处.

First of all you have to register your app on Google side and get "Client ID" and "Client secret". As soon as this done you can go further (you will need it later). Detailed information how to do this here.

将 app.UseGoogleAuthentication(); 替换为

    var googleOAuth2AuthenticationOptions = new GoogleOAuth2AuthenticationOptions
    {
        ClientId = "<<CLIENT ID FROM GOOGLE>>",
        ClientSecret = "<<CLIENT SECRET FROM GOOGLE>>",
        CallbackPath = new PathString("/Account/ExternalGoogleLoginCallback"),
        Provider = new GoogleOAuth2AuthenticationProvider() {
            OnAuthenticated = async context =>
            {
                context.Identity.AddClaim(new Claim("picture", context.User.GetValue("picture").ToString()));
                context.Identity.AddClaim(new Claim("profile", context.User.GetValue("profile").ToString()));
            }
        }
    };

    googleOAuth2AuthenticationOptions.Scope.Add("email");

    app.UseGoogleAuthentication(googleOAuth2AuthenticationOptions);

之后，您可以使用代码以与访问任何其他属性相同的方式访问个人资料的图片 URL

After that you can use the code to get access to the profile's picture URL same way as for any other properties

var externalIdentity = HttpContext.GetOwinContext().Authentication.GetExternalIdentityAsync(DefaultAuthenticationTypes.ExternalCookie);
var pictureClaim = externalIdentity.Result.Claims.FirstOrDefault(c => c.Type.Equals("picture"));
var pictureUrl = pictureClaim.Value;

这篇关于使用外部身份验证提供程序从 MVC5 框架 OAuth/OWin 身份提供程序获取 ExtraData的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！