Well, I've spent quite a bit of time trying to migrate my site to Open ID Connect in my WebMatrix ASP.NET (C#) WebPages environment, but all of the online documentation says nothing for the code I'm supposed to use.
I've been to the sites they recommend reviewing (https://developers.google.com/identity/protocols/OpenID2Migration#shutdown-timetable), (https://developers.google.com/identity/sign-in/auth-migration#oid2), and (https://developers.google.com/identity/protocols/OpenID2Migration#openid-connect).
After reading them I am left still as lost as I was before, for the most part.
Bottom line is that this is the C# server-side code that I have for OAuth login now (in two files: External login.cshtml & RegisterService.cshtml):
**ExternalLogin.cshtml**
@{
var returnUrl = "";
if (String.IsNullOrWhiteSpace(Request["myReturnUrl"]))
{
returnUrl = Href("~/CMS Interface/AdminLogin.cshtml");
}
else
{
returnUrl = Href(Request["myReturnUrl"]);
}
OAuthWebSecurity.RequestAuthentication("Google", Href("~/Account/RegisterService.cshtml", new { returnUrl })); //Requests the specified provider to start the authentication by directing users to an external website, and directs
the provider to redirect the user to the specified URL when authentication is successful.
}
**RegisterService.cshtml**
@{
WebSecurity.Logout();
string email = "";
string loginData = "";
string providerDisplayName = "";
var errorMessage = "";
var db = Database.Open("Accounts");
var returnUrl = Request.QueryString["ReturnUrl"];
if (returnUrl.IsEmpty())
{
returnUrl = Href("~/CMS Interface/AdminLogin.cshtml");
}
if (IsPost && Request.Form["newAccount"].AsBool())
{
email = Request.Form["userName"];
loginData = Request.Form["loginData"];
string provider = "";
string providerUserId = "";
if (WebSecurity.IsAuthenticated || !OAuthWebSecurity.TryDeserializeProviderUserId(loginData, out provider, out providerUserId))
{
Context.RedirectLocal("~/");
return;
}
providerDisplayName = OAuthWebSecurity.GetOAuthClientData(provider).DisplayName;
db.Execute("INSERT INTO UserProfile (Email, IPAddress) VALUES (@0, @1)", email, Request.UserHostAddress);
Roles.AddUserToRole(email, "Locked");
OAuthWebSecurity.CreateOrUpdateAccount(providerDisplayName, providerUserId, email);
OAuthWebSecurity.Login(provider, providerUserId, createPersistentCookie: false);
Context.RedirectLocal(returnUrl);
return;
}
else
{
var result = OAuthWebSecurity.VerifyAuthentication(Href("~/Account/RegisterService", new { returnUrl }));
if (result.IsSuccessful)
{
bool registered = OAuthWebSecurity.Login(result.Provider, result.ProviderUserId, createPersistentCookie: false);
if (registered)
{
Context.RedirectLocal(returnUrl);
return;
}
email = result.UserName;
if (!EmailValidator.IsEmailAdress(email))
{
errorMessage = "The email address supplied was not a valid email address. ";
errorMessage += "Please return to the main page and try again. If the problem ";
errorMessage += "persists, please notify a site administrator for help.<br/><br/>";
errorMessage += "<a class=\"retreatLink\" href=\"/\">Main Page</a>";
}
if (!email.EndsWith("@okmcity.net"))
{
errorMessage = "Your email address was valid, however, it seems that it's ";
errorMessage += "not a \"City of Okmulgee\" email address. Please ensure that ";
errorMessage += "your email address is part of the \"@okmcity.net\" domain.<br/><br/>";
errorMessage += "If you are having trouble changing your email address ";
errorMessage += "try visiting Google's <a href=\"https://mail.google.com\">Gmail</a> ";
errorMessage += "page and logging out. After you have logged out of gmail, revisit ";
errorMessage += "the <a href=\"/\">main page</a> and click the ";
errorMessage += "\"Log-in!\" button again. Then, when prompted by Gmail services, ";
errorMessage += "log back in using a valid \"okmcity.net\" email address.<br/><br/>";
errorMessage += "For more help visit <a href=\"https://support.google.com/mail/answer/8154?hl=en\">";
errorMessage += "Gmail Help</a> for quick steps on how to log-out of your Gmail account.";
}
if (errorMessage == "")
{
email = email.Substring(0, email.IndexOf("@"));
}
var user = db.QuerySingle("SELECT Email FROM UserProfile WHERE LOWER(Email) = LOWER(@0)", email);
if (user != null)
{
errorMessage = "The user " + email + " already exists. You cannot register twice. ";
errorMessage += "Please revisit the <a href=\"/\">main page</a> and click the \"Log-in!\" ";
errorMessage += "button again. If this problem persists, please notify a site administrator ";
errorMessage += "for help.";
}
loginData = OAuthWebSecurity.SerializeProviderUserId(result.Provider, result.ProviderUserId);
providerDisplayName = OAuthWebSecurity.GetOAuthClientData(result.Provider).DisplayName;
}
else
{
Context.RedirectLocal("~/Account/ExternalLoginFailure");
return;
}
}
}
<div class="subWrapper">
<h2>Associate your @providerDisplayName account.</h2>
<form method="post">
<input type="hidden" name="loginData" value="@loginData" />
<fieldset class="regBox">
<legend class="regBox">Registration</legend>
@if (errorMessage == "")
{
<p>
You've successfully authenticated with <strong>@providerDisplayName</strong>. Please
click the "Confirm" button to log-in and finish registering.
</p>
<div>
<span>
<label for="userName">Your User Name:</label>
<input type="text" id="userName" name="userName" readonly="true" value="@email" />
</span>
</div><br/>
<button type="submit" class="loginBtn" name="newAccount" value="true">Confirm</button>
}
else
{
<p class="errorMessage">
@Html.Raw(errorMessage)
</p>
}
</fieldset>
</form>
</div>
What code should get replaced, and by what other code? Every site I try to investigate says nothing of the coding I should use.
