Free Information Technology Magazines and eBooks

Thursday, September 30, 2010

Use Google OpenID Authentication In Your ASP.NET With DotNetOpenAuth

Use Google OpenID Authentication In Your ASP.NET With DotNetOpenAuthTo secure websites, we usually create user database and develop a login page to authenticate the user. If you have several websites, creating separate user login for each site is time consuming and not favorable to your users because they have to login to each site separately. OpenID was developed to solved such authentication hassles. It is an open standard for developers that enables them to authenticate their users in a decentralized manner. For end-users, OpenID allows them to consolidate their digital identities. Major web services that supports OpenID are Google, Yahoo and Facebook. If you use OpenID with your website, you allow users to login to your site using their Google, Yahoo or Facebook accounts. The authentication will be hosted by the OpenID provider, so no need to maintain the user details on your side except the Identifier returned by the provider.


On this article, I will show you a ASP.NET sample code I made that use OpenID Authentication to verify Google Account. To accomplish the authentication, I used the C# library called DotNetOpenAuth. Here is the step-by-step procedure to implement it on your ASP.NET application.

1. Download the DotNetOpenAuth Libraries. Choose the most appropriate version for development platform.
2. Extract the downloaded compressed file on your hard drive.
3. On your project, Add Reference to "DotNetOpenAuth.dll"
4. On your login page's HTML Code, paste the following.


<form id="form1" runat="server">
<div id="loginform">
<div id="NotLoggedIn" runat="server">
Log in with <img src="http://www.google.com/favicon.ico" />
<asp:Button ID="btnLoginToGoogle" Runat="server" Text="Google" OnCommand="OpenLogin_Click"
CommandArgument="https://www.google.com/accounts/o8/id" />
<p /><asp:Label runat="server" ID="lblAlertMsg" />
</div>
</div>
</form>


Take note of the URL: https://www.google.com/accounts/o8/id - this is the unique OpenID URL of Google Account.

5. Include the following namespaces on your "Using" directive.


using DotNetOpenAuth.OpenId;
using DotNetOpenAuth.OpenId.RelyingParty;


6. On the Page_Load & OpenLogin_Click, use the following codes.



protected void Page_Load(object sender, EventArgs e)
{
OpenIdRelyingParty rp = new OpenIdRelyingParty();
var r = rp.GetResponse();
if (r != null)
{
switch (r.Status)
{
case AuthenticationStatus.Authenticated:
NotLoggedIn.Visible = false;
Session["GoogleIdentifier"] = r.ClaimedIdentifier.ToString();
Response.Redirect("Main.aspx"); //redirect to main page of your website
break;
case AuthenticationStatus.Canceled:
lblAlertMsg.Text = "Cancelled.";
break;
case AuthenticationStatus.Failed:
lblAlertMsg.Text = "Login Failed.";
break;
}
}

protected void OpenLogin_Click(object src, CommandEventArgs e)
{
string discoveryUri = e.CommandArgument.ToString();
OpenIdRelyingParty openid = new OpenIdRelyingParty();
var b = new UriBuilder(Request.Url) { Query = "" };
var req = openid.CreateRequest(discoveryUri, b.Uri, b.Uri);
req.RedirectToProvider();
}


7. Run the project. It should look like the following screens.

a. Login page

b. Main Page (showing the returned identifier by Google)


Download the complete sourcecode here.

For More Coding Tips & Tricks, subscribe now.

15 comments:

Anonymous said...

Nice post! Thank you!

niphyon said...

Hellow thank you so much
with love, hanif :D

Siva said...

Thank you for the article.

Anonymous said...

really good one

Anonymous said...

hi amrullah here,
usually i do not post any comment but your article is simply amazing

Anonymous said...

can anyone please send me the sample code. The link is not working.

My email id : suvasish.das@gmail.com

Raki said...

can you plz temme how to send email from gmail without displaying the users password..
with this idea..

Unknown said...

what is the unique OpenID URL of yahoo Account?

Hitesh said...

nice post.. really good one

Jeffrey Pan said...

Can anyone send me the sample code?

My email is jeffreypanzh@gmail.com

Jeffrey Pan said...

Can anyone kind enough to send me the source code?

My Email is jeffreypanzh@gmail.com

Abishek g said...

hi,
can i know how to get the details of users who login ,such as email,firstname,image etc

Abishek g said...

hi ,
i would like you to know ,how can i retrieve information such as email,fullname,image etc of the users

riyaz ahmed mansoori said...

Thanku so much its best short and sweet. can you tell me same for facebook user

Master said...

The link to project sample is dead , can you reupload it?
Thanks in advance