August 22nd, 2012

Extra Information from OAuth/OpenId Provider

When you authenticate a user using the OAuth/OpenId providers, you can request for some extra information about the user if you have granted access for these providers to send this information.

For eg if you login using Facebook, you can request information such as Gender, country etc.

Each provider has different set of data that you can retrieve. I am not going to into the details of these different sets of data. In this post I am going to cover what kind of information can you retrieve from the implementations of the providers that we shipped with templates  in VS2012 and how can you retrieve this information.

What kind of information can you retrieve

Google

  • email
  • firstname
  • lastname
  • country

https://developers.google.com/accounts/docs/OpenID is a good place to look for more information

Facebook

  • id
  • Name
  • link
  • gender 
  • accesstoken

http://developers.facebook.com/docs/ is a good place to look for more information

    Twitter

    • name
    • location
    • description
    • url
    • accesstoken

    https://dev.twitter.com/docs/auth/oauth/faq is a good place to look for more information

    How to retrieve this information

    This data is available when you login using anyone of the providers. In specifics to the code you can access this data after the authentication has happened. The data is returned as a dictionary. Following image shows a snapshot of the data returned from facebook provider

    oauthextradata

     

    Web Forms

    • Create the ASP.NET WebForm template
    • Goto AccountRegisterExternalLogin.cs
    • In the AuthenticationResult type we have Extradata dictionary bag which has this data
    var authResult = OpenAuth.VerifyAuthentication(redirectUrl);

     

    MVC

    • Create the internet template in MVC4
    • Goto the account controller in ExternalLoginCallBack
    • In the AuthenticationResult type we have Extradata dictionary bag which has this data
     AuthenticationResult result = 
                    OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));

    Web Pages

    • Create the webpages2 template
    • Goto ExternalLoginCallBack
    • In the AuthenticationResult type we have Extradata dictionary bag which has this data

     

     AuthenticationResult result = 
                    OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));

     

    In the following posts I will be spending more time showing you how you can customize our OAuth/OpenId stack and how you can customize and plugin your own providers

    Cross posted to http://blogs.msdn.com/b/pranav_rastogi/archive/2012/08/22/extra-information-from-oauth-openid-provider.aspx

    Category
    ASP.NET

    0 comments

    Discussion are closed.

    '; block.insertAdjacentElement('beforebegin', codeheader); let button = codeheader.querySelector('.copy-button'); button.addEventListener("click", async () => { let blockToCopy = block; await copyCode(blockToCopy, button); }); } }); async function copyCode(blockToCopy, button) { let code = blockToCopy.querySelector("code"); let text = ''; if (code) { text = code.innerText; } else { text = blockToCopy.innerText; } try { await navigator.clipboard.writeText(text); } catch (err) { console.error('Failed to copy:', err); } button.innerText = "Copied"; setTimeout(() => { button.innerHTML = '' + svgCodeIcon + ' Copy'; }, 1400); }