MVC – Authentication using OAuth

In this post I will show you how to integrate single sign on using OAuth 2.0 open source (http://oauth.net)

OAuth 2.0 LIB is open source for implement single sign by open ID like Facebook, Google, LinkedIn, Yahoo, Twitter etc...

Using OAuth LIB (http://oauth.net) we can implement single sign-in in our MVC application and provide facility for login using well known social media and OpenID.

For more details about Authentication and Authorization you can see my previous blog LINK

Okay, let’s start with OAuth 2.0 for implement single sign-in in MVC application.
We need to first create apps on FaceBook, LinkedIn, and Twitter for OAuth validation.

See Screens:

1. FaceBook

Use URL: http://developers.facebook.com
Create apps on facebook and get AppId and AppSecret



2. LinkedIn

Use URL: http://developer.linkedin.com/user/login
Create apps on LinkedIn and get APIKey and SecretKey





3. Twitter

Use URL: https://dev.twitter.com/apps
Create apps on twitter and get ConsumerKey and ConsumerSecret



Using that registration we get Consumer Key, Consumer Secrets, API key and API Secrets

Now, Second step is installing DotnetOpenAuth.AspNetfrom nugget packages using Package manager in VS by following command.

For more details check http://www.dotnetopenauth.net/developers/help/programmatic-openid-relying-party

I am using here MVC4 and OAuthWebSecurity class for demo. It is easiest way to implement OAuth, You can use only DotNetopenAuth dll and implement OAuth as per above link.

Okay, Now let's start with demo code..

Step1: Install Packages using Package Manager from NUGET

PM> Install-Package DotNetOpenAuth.AspNet
PM> Install-Package Microsoft.AspNet.WebPages.OAuth

Step1: Create class for register provider

            public static class OAuthReg
            {
                public static void RegisterOAuth()
                {
                    OAuthWebSecurity.RegisterLinkedInClient(
                         consumerKey: "111111",
                        consumerSecret: "11111111");

                    OAuthWebSecurity.RegisterTwitterClient(
                        consumerKey: "111111",
                        consumerSecret: "11111111");

                    OAuthWebSecurity.RegisterFacebookClient(
                        appId: "1111111",
                        appSecret: "11111111");

                    OAuthWebSecurity.RegisterGoogleClient();

                }
            }


            For register we need to add code in Global.asax file in Application Start Method 


            Models.OAuthReg.RegisterOAuth();
        

Step3: Add Controller and action method code

           public class HomeController : Controller
            {

                [HttpPost]
                public ActionResult Logon(string provider, string returnUrl)
                {
                    return new ExternerLoginResult(provider, 
                    Url.Action("LogonCallBack", new { returnUrl }));
                }

                [HttpPost]
                public ActionResult LogonCallBack(string returnUrl)
                {
                    AuthenticationResult result = 
                    OAuthWebSecurity.VerifyAuthentication(
                    Url.Action("LogonCallBack", new { ReturnUrl = returnUrl }));
                    if (!result.IsSuccessful)
                        return new EmptyResult();
                    ViewBag.UserName = result.UserName;
                    return View("LoginConfirm");
                }


                #region
                internal class ExternerLoginResult : ActionResult
                {
                    public ExternerLoginResult(string _provider,
                     string _returnUrl)
                    {
                        this.Provider = _provider;
                        this.ReturnUrl = _returnUrl;
                    }

                    public string Provider { get; set; }
                    public string ReturnUrl { get; set; }
                    public override void ExecuteResult(ControllerContext context)
                    {
                        OAuthWebSecurity.RequestAuthentication(this.Provider,
                         this.ReturnUrl);
                    }
                }
                #endregion
            }

        

Now, last step to add views

Step4: Add following views

           
            1: Logon
           
            @model ICollection
            @{
                ViewBag.Title = "Logon";
            }
            

                Logon
            @using (Html.BeginForm())
            {
                

                    @foreach (var item in Model)
                    {
                        
                    }
                
            }


            2: LoginConfirm

            @{
                ViewBag.Title = "LoginConfirm";
            }
            

                LoginConfirm
            @ViewBag.UserName

        

That's all we just done DotNetOpenAuth in MVC.

I hope its help!

Feel free to add comments!

MVC- Authentication/Authorization

Hello again! Today, I came with authentication and authorization in MVC.

Authentication and Authorization are common term in development cycle.
Authentication:It is a process to identify the user. System will check for user is valid or not base on user credentialed.

Authorization: It is a process to check what rights and roles of valid user for access system resources. System will check user rights and roles and decide what resources are accessible by user.

Type of authentication

1.Forms:It is custom authentication type. We can use our custom code for that auth. We can use membership provide for authentication. You can check my previous post LINK about custom membership provider in MVC for more details. We need to set In web.config file.

2.Windows:In this web pages will use local windows users and groups to authenticate and authorize resources. We set windows authentication by set In web.config file.

3.Passport:Passport authentication is based on the passport website provided by the Microsoft .So when user logins with credentials it will be reached to the passport website where authentication will happen. If Authentication is successful it will return a token to your website.

4.Anonymous Access:If there is none of above authentication then you will be anonymous access.

After authentication using authorization system will check and verify user has what rights and roles to access system.

In MVC we can verify user by Authorize attribute. We can set Authorize attribute on action method or controller for verify user.

            //
            // GET: /Index/
            [Authorize]
            public ActionResult Index()
            {
                return View();
            }
        

Above code will check for validate user before access Index action method.

            [Authorize]
            public class IndexController : Controller
            {
                //
                // GET: /Index/
                public ActionResult Index()
                {
                    return View();
                }

            }
        

For apply authorization to all action method in controller we can use above code block. We can set Authorize attribute on controller. It will validate user before access any action methods in particular controller.

For check user roles we can use same attribute and add roles in attribute in constructor of attribute. See following code.

            For Controller:

            [Authorize(Roles="Administrator, User")]
            public class IndexController : Controller
            {
                //
                // GET: /Index/

                public ActionResult Index()
                {
                    return View();
                }

            }

            For Action Method:

            //
            // GET: /Index/
            [Authorize(Roles = "Administrator, User")]
            public ActionResult Index()
            {
                return View();
            }

            [Authorize(Roles = "User")]
            public ActionResult User()
            {
                return View();
            }

        

In above code block user can access code base on assigned roles.

That all above code will check users and roles using default Membership Provider and Role Provider.

We can customize that authorize attribute to make custom code for validate user and set initialize all data at validation time.

MVC provide OnAuthorization override method, We can override this method and add our custom code on that override method.

For create custom authorize attribute create one class and inherit that class from AuthorizeAttribute class and override OnAuthorization method and add custom code.

See code:

            public class CustomAuth : AuthorizeAttribute
            {
                 public override void OnAuthorization(
                            AuthorizationContext filterContext)
                   {
                    base.OnAuthorization(filterContext);
                    if (filterContext.RequestContext.
                            HttpContext.User.Identity.IsAuthenticated)
                    {
                        //TODO: Add code for validate user
                    }
          }
      }


            For use this atherization code see below code block.


            [CustomAuth]
            public ActionResult Index1()
            {
                return View();
            }

        

That’s all for authorization and authentication in MVC.

See the final code more improve and flexible for authorization and authentication.

            public class CustomAuth : AuthorizeAttribute
            {
                public string[] _roles;
                public CustomAuth()
                {
                    _roles = new string[] { "Administrator" };
                }

                public CustomAuth(string[] roles)
                {
                    _roles = roles;
                }

                public override void OnAuthorization(
                        AuthorizationContext filterContext)
                {
                    base.OnAuthorization(filterContext);
                    if (filterContext.RequestContext.
                            HttpContext.User.Identity.IsAuthenticated)
                    {
                        //TODO: Add code for validate user
                        //TODO: Check Roles
                    }
                }
            }



            [CustomAuth(new [] { "Administrator", "User" })]
            public ActionResult Index2()
            {
                return View();
            }

        

I hope its help!

Feel free to add comments!

At End of year 2012

Happy New Year to all…

Finally 21-Dec-2012 is passed and we still alive 

At end of 2012 I would like to thanks all viewer of blog and I hope somehow it is helpful in your coding life.

I am sure all of you have done some new in 2012 and achieved your all goal which decided at start of the year. Of course, some are not finished yet and forwarded for 2013 and now time to make new list for 2013.

I did lot’s of thing in 2012. I enjoy 2012 a lot and looking forward for more fun.

In 2012 is very good for me. I learn MVC , Windows Azure, XTSL , HTML 5, CSS 3, VS 2012, Windows 8, SharePoint, Windows Phone and lot of others things…

I started 2012 with Windows Azure. I worked approx more than 1 year with windows azure and asp.net. I enjoyed windows azure and it was exciting for me to work in cloud platform.

After that for three month I started learn SharePoint. In SharePoint I tried all basic component, workflow and external data binding and so on… It was good experience to work with SharePoint. I am looking forward to work with DNN and SharePoint in coming year.

Then I moved again MVC and mysql with my new assignment. In this assignment all are very good and supportive peoples. We all are working remotely for this project. It is good experience for me.

2012 was good for all guys who love Microsoft. Microsoft released Windows 8 and Visual studio 2012. I tried both and I love it; Thanks to Microsoft.

At same time I did others fun stuff also. I saw most of video of build event and read MVC 4 and design pattern books.

Apart from technology I saw all know movies in 2012; I also seen Big Bang and Game of Thrones TV series with all episodes in this year. It was great fun!!
I am looking forward for Game of Thrones new season.

I read some great books also like The Monk Who Sold His Ferrari it is very good book for self help. Others fantasy books like Lord of The Rings and all books of Game of Thrones both are very good book full to time pass, worth to spend time.

That all for 2012 and yes most important thing is I started my blog and get chance to share my views.

So basically I did lots of code, read, music and video.

For 2013 I have lost of expectation and lots to learn with fun!!

I have set some points for 2013 and I am putting hear.

1) Learn Windows Azure more closely with all features
2) Want to work on SharePoint and DNN
3) Learn windows phone
4) Lear MVC mobile and Windows Azure
5) Learn project management and documentation
6) Want to learn async programming
7) More coding, architectures and design pattern
8) Honestly try to post one blog in week
9) Read some great books
10) Try to lots of new things
11) Want to do thing what I actually wanted
12) See some movies

I hope, I get better in 2013 then what I am right now and learn new way to think and way of happiness!!


Now Days, life is too fast; All people are consider life as a competition and all trying to win competition and end of the day just getting frustration and depressions. All peoples are running to win and no one have time for others; All are running; Some are with others, Some are for others, Some are behind some one. We need to think differently and try to make happy our self that is most important in life. So stop looking life as a competition, stop running enjoy life and help others; because life is too short.

Imagination is most powerful thing then any others.

Do thing what you actually wanted.

And at last Happy New Year!!! Take care.

Feel free to add comments