Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
299 views
in Technique[技术] by (71.8m points)

asp.net - How do I ignore the Identity Framework magic and just use the OWIN auth middleware to get the claims I seek?

The OWIN middleware stuff to integrate third-party logins to your ASP.NET app is very cool, but I can't seem to figure out how to tear it out from the new ID framework that replaces the crappy Membership API. I'm not interested in persisting the resulting claims and user info in that EF-based data persistence, I just want the claims info so I can apply it to my own user accounts in existing projects. I don't want to adopt the new ID framework just to take advantage of this stuff.

I've been browsing the code on CodePlex, but there's a whole lot of static magic. Can you offer any suggestions?

question from:https://stackoverflow.com/questions/18885569/how-do-i-ignore-the-identity-framework-magic-and-just-use-the-owin-auth-middlewa

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Use the following code to setup OWIN security middlewares:

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = "Application",
    AuthenticationMode = AuthenticationMode.Passive,
    LoginPath = new PathString("/Login"),
    LogoutPath = new PathString("/Logout"),
});

app.SetDefaultSignInAsAuthenticationType("External");

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = "External",
    AuthenticationMode = AuthenticationMode.Passive,
    CookieName = CookieAuthenticationDefaults.CookiePrefix + "External",
    ExpireTimeSpan = TimeSpan.FromMinutes(5),
});

app.UseGoogleAuthentication();

The code above sets up application cookie, external cookie and Google external login middlewares. External login middleware will convert external user login data as identity and set it to external cookie middleware. In your app, you need to get external cookie identity and convert it to external login data, then you can check it with your db user.

Here are some sample code.

Sign in with application cookie:

var authentication = System.Web.HttpContext.Current.GetOwinContext().Authentication;
var identity = new ClaimsIdentity("Application");
identity.AddClaim(new Claim(ClaimTypes.Name, "<user name>"));
authentication.AuthenticationResponseGrant = new AuthenticationResponseGrant(identity, new AuthenticationProperties() { 
    IsPersistent = false
});

Get application cookie identity:

var identity = System.Web.HttpContext.Current.User.Identity as ClaimsIdentity;

Get external cookie identity (Google):

var authentication = System.Web.HttpContext.Current.GetOwinContext().Authentication;
var result = await authentication.AuthenticateAsync("External");
var externalIdentity = result.Identity;

Extract external login data from identity:

public static ExternalLoginData FromIdentity(ClaimsIdentity identity)
{
    if (identity == null)
    {
        return null;
    }

    Claim providerKeyClaim = identity.FindFirst(ClaimTypes.NameIdentifier);

    if (providerKeyClaim == null || String.IsNullOrEmpty(providerKeyClaim.Issuer)
        || String.IsNullOrEmpty(providerKeyClaim.Value))
    {
        return null;
    }

    if (providerKeyClaim.Issuer == ClaimsIdentity.DefaultIssuer)
    {
        return null;
    }

    return new ExternalLoginData
    {
        LoginProvider = providerKeyClaim.Issuer,
        ProviderKey = providerKeyClaim.Value,
        UserName = identity.FindFirstValue(ClaimTypes.Name)
    };
}

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...