Skip to content

OpenId

Jump to bottom Edit New page
Jannis edited this page Jan 10, 2014 · 16 revisions

.

#OpenId 2.0 Authentication Support

Contained in the ServiceStack.Authentication.OpenId NuGet package is ServiceStack's support of OpenId 2.0 Authentication. This allows ServiceStack-enabled ASP.NET / MVC sites and web services to authenticate and accept registration from any OpenId 2.0 Authentication provider. Like most .NET OpenId libraries, we leverage the de-facto and excellent DotNetOpenAuth library to enable our OpenId and OAuth2 support.

Install via NuGet

PM> Install-Package ServiceStack.Authentication.OpenId

Easy configuration, plugs into ServiceStack's Auth Provider model

As you might expect adding OpenId support works seamlessly with ServiceStack's existing Auth Providers where you can enable support for any Specific OpenId 2.0 provider with just 1-line of registration each. Below is the example taken from SocialBootstrapApi's AppHost showing how to extend their existing Auth Providers with new OpenId 2.0 options:

var appSettings = new AppSettings(); //Access Web.Config AppSettings
Plugins.Add(new AuthFeature(() => new CustomUserSession(), 
    //Add all the Auth Providers you want to allow registration with
    new IAuthProvider[] {
        //Existing Auth Providers
        new CredentialsAuthProvider(),              //HTML Form post of UserName/Password credentials
        new TwitterAuthProvider(appSettings),       //Sign-in with Twitter
        new FacebookAuthProvider(appSettings),      //Sign-in with Facebook
        new DigestAuthProvider(appSettings),        //Sign-in with Digest Auth
        new BasicAuthProvider(),                    //Sign-in with Basic Auth

        //Register new OpenId providers you want to allow authentication with
        new GoogleOpenIdOAuthProvider(appSettings), //Sign-in with Google OpenId
        new YahooOpenIdOAuthProvider(appSettings),  //Sign-in with Yahoo OpenId
        new OpenIdOAuthProvider(appSettings),       //Sign-in with any Custom OpenId Provider

        //Register new OAuth2 providers you want to allow authentication with
        new GoogleOAuth2Provider(appSettings),      //Sign-in with Google OAuth2        
        new LinkedInOAuth2Provider(appSettings),    //Sign-in with LinkedIn OAuth2        
    }));

AuthWebTests is a simple project that shows all Auth Providers configured and working in the same app. See the AppHost for an example of the code and the Web.config for an example of the configuration required to enable each Auth Provider.

Creating a Custom OpenId Provider

Creating a custom OpenId provider is trivially done by just inheriting from OpenIdOAuthProvider and providing a unique Id and Auth Realm Url for the provider. This is the source code for GoogleOpenIdOAuthProvider:

    public class GoogleOpenIdOAuthProvider : OpenIdOAuthProvider {
        public const string Name = "GoogleOpenId";
        public static string Realm = "https://www.google.com/accounts/o8/id";

        public GoogleOpenIdOAuthProvider(IResourceManager appSettings)
            : base(appSettings, Name, Realm) { }
    }

With just GoogleOpenIdOAuthProvider class and it's registration above we can now enable authentication for our websites by just adding a HTML Form to POST to the /auth/{AuthProviderName} AuthService, e.g:

    <form action="/api/auth/googleopenid" method="POST">
        <input type="image" src="/Content/img/sign-in-with-google.png" alt="Sign in with Google">
    </form>

Any other custom OpenId provider can be added in the same way, here is the HTML Form for Yahoo OpenId:

    <form action="/api/auth/yahooopenid" method="POST">
        <input type="image" src="/Content/img/sign-in-with-yahoo.png" alt="Sign in with Yahoo!">
    </form>

Finally you can allow registration of any other OpenId 2.0 provider at run-time by including their Url in the OpenIdUrl Form POST variable, e.g:

    <form action="/api/auth/openid" method="POST">
        <input type="text" name="OpenIdUrl" value="http://myopenid.com" />
        <input type="submit" class="btn" value="Sign In"/>
    </form>

The above sample markup from the Bootstrap Api project Index.cshtml page, which when rendered looks like:

ServiceStack OpenId 2.0 Providers

For a live demo of ServiceStack's Auth Providers in action check out the MVC + ServiceStack enabled Bootstrap API project.

Automatically Merges Registration and Authentication information from multiple Auth Providers

One of the benefits of using ServiceStack's Auth Providers is that it allows a single user to login via multiple Auth Providers and it takes care of merging authentication and registration info from multiple Authentication sources into the same UserAuth Account. It also automatically maintains updates of users latest registration information on each login and their session is automatically populated with all of their previously authenticated providers, e.g. If a user logs in the 2nd time with Facebook, their session is also populated with their earlier Twitter account information.

Add a custom footer

  1. Getting Started

    1. Creating your first project
    2. Create Service from scratch
    3. Your first webservice explained
    4. Example Projects Overview
    5. Learning Resources

  2. Designing APIs

    1. ServiceStack API Design
    2. Designing a REST-ful service with ServiceStack
    3. Simple Customer REST Example
    4. How to design a Message-Based API
    5. Software complexity and role of DTOs

  3. Reference

    1. Order of Operations
    2. The IoC container
    3. Configuration and AppSettings
    4. Metadata page
    5. Rest, SOAP & default endpoints
    6. SOAP support
    7. Routing
    8. Service return types
    9. Customize HTTP Responses
    10. Customize JSON Responses
    11. Plugins
    12. Validation
    13. Error Handling
    14. Security
    15. Debugging
    16. JavaScript Client Library (ss-utils.js)

  4. Clients

    1. Overview
    2. C#/.NET client
      1. .NET Core Clients
    3. Add ServiceStack Reference
      1. C# Add Reference
      2. F# Add Reference
      3. VB.NET Add Reference
      4. Swift Add Reference
      5. Java Add Reference
    4. Silverlight client
    5. JavaScript client
      1. Add TypeScript Reference
    6. Dart Client
    7. MQ Clients

  5. Formats

    1. Overview
    2. JSON/JSV and XML
    3. HTML5 Report Format
    4. CSV Format
    5. MessagePack Format
    6. ProtoBuf Format

  6. View Engines 4. Razor & Markdown Razor

    1. Markdown Razor

  7. Hosts

    1. IIS
    2. Self-hosting
    3. Messaging
    4. Mono

  8. Security

    1. Authentication
    2. Sessions
    3. Restricting Services
    4. Encrypted Messaging

  9. Advanced

    1. Configuration options
    2. Access HTTP specific features in services
    3. Logging
    4. Serialization/deserialization
    5. Request/response filters
    6. Filter attributes
    7. Concurrency Model
    8. Built-in profiling
    9. Form Hijacking Prevention
    10. Auto-Mapping
    11. HTTP Utils
    12. Dump Utils
    13. Virtual File System
    14. Config API
    15. Physical Project Structure
    16. Modularizing Services
    17. MVC Integration
    18. ServiceStack Integration
    19. Embedded Native Desktop Apps
    20. Auto Batched Requests
    21. Versioning
    22. Multitenancy

  10. Caching

  11. Caching Providers

  12. HTTP Caching 1. CacheResponse Attribute 2. Cache Aware Clients

  13. Auto Query

  14. Overview

  15. Why Not OData

  16. AutoQuery RDBMS

  17. AutoQuery Data 1. AutoQuery Memory 2. AutoQuery Service 3. AutoQuery DynamoDB

  18. Server Events

    1. Overview
    2. JavaScript Client
    3. C# Server Events Client
    4. Redis Server Events

  19. Service Gateway

    1. Overview
    2. Service Discovery

  20. Encrypted Messaging

    1. Overview
    2. Encrypted Client

  21. Plugins

    1. Auto Query
    2. Server Sent Events
    3. Swagger API
    4. Postman
    5. Request logger
    6. Sitemaps
    7. Cancellable Requests
    8. CorsFeature

  22. Tests

    1. Testing
    2. HowTo write unit/integration tests

  23. ServiceStackVS

    1. Install ServiceStackVS
    2. Add ServiceStack Reference
    3. TypeScript React Template
    4. React, Redux Chat App
    5. AngularJS App Template
    6. React Desktop Apps

  24. Other Languages

    1. FSharp
      1. Add ServiceStack Reference
    2. VB.NET
      1. Add ServiceStack Reference
    3. Swift
    4. Swift Add Reference
    5. Java
      1. Add ServiceStack Reference
      2. Android Studio & IntelliJ
      3. Eclipse

  25. Amazon Web Services

  26. ServiceStack.Aws

  27. PocoDynamo

  28. AWS Live Demos

  29. Getting Started with AWS

  30. Deployment

    1. Deploy Multiple Sites to single AWS Instance
      1. Simple Deployments to AWS with WebDeploy
    2. Advanced Deployments with OctopusDeploy

  31. Install 3rd Party Products

    1. Redis on Windows
    2. RabbitMQ on Windows

  32. Use Cases

    1. Single Page Apps
    2. HTML, CSS and JS Minifiers
    3. Azure
    4. Connecting to Azure Redis via SSL
    5. Logging
    6. Bundling and Minification
    7. NHibernate

  33. Performance

    1. Real world performance

  34. Other Products

    1. ServiceStack.Redis
    2. ServiceStack.OrmLite
    3. ServiceStack.Text

  35. Future

    1. Roadmap
Clone this wiki locally