DNOA and OAuthWebSecurity for ASP.Net MVC 4 ship with only an OpenId provider for Google. This is an OAuth2 client that you can use instead.
IMPORTANT - If you are using ASP.Net MVC 5, this package is not applicable. You should use Microsoft.Owin.Security.Google instead. (It also ships with the MVC 5 starter templates in VS 2013.) See also the tutorial here.
-
Setup your Google App using the Google APIs console. Detailed instructions here
-
Install this library from NuGet,
PM> Install-Package DotNetOpenAuth.GoogleOAuth2
... or download from the releases page and add a reference
... or compile from source and add a reference
- Register the client instead of the existing Google OpenId client.
var client = new GoogleOAuth2Client("yourClientId", "yourClientSecret");
var extraData = new Dictionary<string, object>();
OAuthWebSecurity.RegisterClient(client, "Google", extraData);Just like any other OAuthWebSecurity client, except you need one extra hook:
// add this line
GoogleOAuth2Client.RewriteRequest();
// it belongs right before your existing call to
OAuthWebSecurity.VerifyAuthentication(....)This is needed because Google requires that any extra querystring parameters for the
redirect be packed into a single parameter called state. Since OAuthWebSecurity needs
two parameters, __provider__ and __sid__ - we have to rewrite the url.
Note: The RewriteRequest method will unpack the state parameter and place its contents back into the regular querystring.
So if you are looking for a state value such as ReturnUrl, you will find it has been moved to Request.QueryString["ReturnUrl"].
This is released under the MIT licence. Do what you want with it.