Well, I've spent quite a bit of time trying to migrate my site to Open ID Connect in my WebMatrix ASP.NET (C#) WebPages environment, but all of the online documentation says nothing for the code I'm supposed to use.
I've been to the sites they recommend reviewing (https://developers.google.com/identity/protocols/OpenID2Migration#shutdown-timetable), (https://developers.google.com/identity/sign-in/auth-migration#oid2), and (https://developers.google.com/identity/protocols/OpenID2Migration#openid-connect).
After reading them I am left still as lost as I was before, for the most part.
Bottom line is that this is the C# server-side code that I have for OAuth login now (in two files: External login.cshtml & RegisterService.cshtml):
OAuthWebSecurity.RequestAuthentication("Google", Href("~/Account/RegisterService.cshtml", new { returnUrl })); //Requests the specified provider to start the authentication by directing users to an external website, and directs
the provider to redirect the user to the specified URL when authentication is successful.
}
**RegisterService.cshtml**
@{
WebSecurity.Logout();
string email = "";
string loginData = "";
string providerDisplayName = "";
var errorMessage = "";
var db = Database.Open("Accounts");
var returnUrl = Request.QueryString["ReturnUrl"];
if (returnUrl.IsEmpty())
{
returnUrl = Href("~/CMS Interface/AdminLogin.cshtml");
}
if (WebSecurity.IsAuthenticated || !OAuthWebSecurity.TryDeserializeProviderUserId(loginData, out provider, out providerUserId))
{
Context.RedirectLocal("~/");
return;
}
Context.RedirectLocal(returnUrl);
return;
}
else
{
var result = OAuthWebSecurity.VerifyAuthentication(Href("~/Account/RegisterService", new { returnUrl }));
if (result.IsSuccessful)
{
bool registered = OAuthWebSecurity.Login(result.Provider, result.ProviderUserId, createPersistentCookie: false);
if (registered)
{
Context.RedirectLocal(returnUrl);
return;
}
email = result.UserName;
if (!EmailValidator.IsEmailAdress(email))
{
errorMessage = "The email address supplied was not a valid email address. ";
errorMessage += "Please return to the main page and try again. If the problem ";
errorMessage += "persists, please notify a site administrator for help.<br/><br/>";
errorMessage += "<a class=\"retreatLink\" href=\"/\">Main Page</a>";
}
if (!email.EndsWith("@okmcity.net"))
{
errorMessage = "Your email address was valid, however, it seems that it's ";
errorMessage += "not a \"City of Okmulgee\" email address. Please ensure that ";
errorMessage += "your email address is part of the \"@okmcity.net\" domain.<br/><br/>";
errorMessage += "If you are having trouble changing your email address ";
errorMessage += "try visiting Google's <a href=\"https://mail.google.com\">Gmail</a> ";
errorMessage += "page and logging out. After you have logged out of gmail, revisit ";
errorMessage += "the <a href=\"/\">main page</a> and click the ";
errorMessage += "\"Log-in!\" button again. Then, when prompted by Gmail services, ";
errorMessage += "log back in using a valid \"okmcity.net\" email address.<br/><br/>";
errorMessage += "For more help visit <a href=\"https://support.google.com/mail/answer/8154?hl=en\">";
errorMessage += "Gmail Help</a> for quick steps on how to log-out of your Gmail account.";
}
if (errorMessage == "")
{
email = email.Substring(0, email.IndexOf("@"));
}
var user = db.QuerySingle("SELECT Email FROM UserProfile WHERE LOWER(Email) = LOWER(@0)", email);
if (user != null)
{
errorMessage = "The user " + email + " already exists. You cannot register twice. ";
errorMessage += "Please revisit the <a href=\"/\">main page</a> and click the \"Log-in!\" ";
errorMessage += "button again. If this problem persists, please notify a site administrator ";
errorMessage += "for help.";
}