MVC – Authentication using OAuth

In this post I will show you how to integrate single sign on using OAuth 2.0 open source (http://oauth.net)

OAuth 2.0 LIB is open source for implement single sign by open ID like Facebook, Google, LinkedIn, Yahoo, Twitter etc...

Using OAuth LIB (http://oauth.net) we can implement single sign-in in our MVC application and provide facility for login using well known social media and OpenID.

For more details about Authentication and Authorization you can see my previous blog LINK

Okay, let’s start with OAuth 2.0 for implement single sign-in in MVC application.
We need to first create apps on FaceBook, LinkedIn, and Twitter for OAuth validation.

See Screens:

1. FaceBook

Use URL: http://developers.facebook.com
Create apps on facebook and get AppId and AppSecret



2. LinkedIn

Use URL: http://developer.linkedin.com/user/login
Create apps on LinkedIn and get APIKey and SecretKey





3. Twitter

Use URL: https://dev.twitter.com/apps
Create apps on twitter and get ConsumerKey and ConsumerSecret



Using that registration we get Consumer Key, Consumer Secrets, API key and API Secrets

Now, Second step is installing DotnetOpenAuth.AspNetfrom nugget packages using Package manager in VS by following command.

For more details check http://www.dotnetopenauth.net/developers/help/programmatic-openid-relying-party

I am using here MVC4 and OAuthWebSecurity class for demo. It is easiest way to implement OAuth, You can use only DotNetopenAuth dll and implement OAuth as per above link.

Okay, Now let's start with demo code..

Step1: Install Packages using Package Manager from NUGET

PM> Install-Package DotNetOpenAuth.AspNet
PM> Install-Package Microsoft.AspNet.WebPages.OAuth

Step1: Create class for register provider

            public static class OAuthReg
            {
                public static void RegisterOAuth()
                {
                    OAuthWebSecurity.RegisterLinkedInClient(
                         consumerKey: "111111",
                        consumerSecret: "11111111");

                    OAuthWebSecurity.RegisterTwitterClient(
                        consumerKey: "111111",
                        consumerSecret: "11111111");

                    OAuthWebSecurity.RegisterFacebookClient(
                        appId: "1111111",
                        appSecret: "11111111");

                    OAuthWebSecurity.RegisterGoogleClient();

                }
            }


            For register we need to add code in Global.asax file in Application Start Method 


            Models.OAuthReg.RegisterOAuth();
        

Step3: Add Controller and action method code

           public class HomeController : Controller
            {

                [HttpPost]
                public ActionResult Logon(string provider, string returnUrl)
                {
                    return new ExternerLoginResult(provider, 
                    Url.Action("LogonCallBack", new { returnUrl }));
                }

                [HttpPost]
                public ActionResult LogonCallBack(string returnUrl)
                {
                    AuthenticationResult result = 
                    OAuthWebSecurity.VerifyAuthentication(
                    Url.Action("LogonCallBack", new { ReturnUrl = returnUrl }));
                    if (!result.IsSuccessful)
                        return new EmptyResult();
                    ViewBag.UserName = result.UserName;
                    return View("LoginConfirm");
                }


                #region
                internal class ExternerLoginResult : ActionResult
                {
                    public ExternerLoginResult(string _provider,
                     string _returnUrl)
                    {
                        this.Provider = _provider;
                        this.ReturnUrl = _returnUrl;
                    }

                    public string Provider { get; set; }
                    public string ReturnUrl { get; set; }
                    public override void ExecuteResult(ControllerContext context)
                    {
                        OAuthWebSecurity.RequestAuthentication(this.Provider,
                         this.ReturnUrl);
                    }
                }
                #endregion
            }

        

Now, last step to add views

Step4: Add following views

           
            1: Logon
           
            @model ICollection
            @{
                ViewBag.Title = "Logon";
            }
            

                Logon
            @using (Html.BeginForm())
            {
                

                    @foreach (var item in Model)
                    {
                        
                    }
                
            }


            2: LoginConfirm

            @{
                ViewBag.Title = "LoginConfirm";
            }
            

                LoginConfirm
            @ViewBag.UserName

        

That's all we just done DotNetOpenAuth in MVC.

I hope its help!

Feel free to add comments!