DotNetOpenAuth与ServiceStack身份验证

时间:2013-04-19 07:57:36

标签: servicestack dotnetopenauth

我对ServiceStack很陌生,所以如果我问任何看似显而易见的问题,请原谅我的无知。

我有一个网站已经使用dotnetopenauth使用在线提供的常规示例对用户进行身份验证。有一个登录按钮,发布到这个方法:

Public Sub ExecuteGoogleLogin()
    Dim Url As String = "https://www.google.com/accounts/o8/id"
    Dim OpenID As New OpenIdRelyingParty
    Dim HostedMeta As New HostMetaDiscoveryService() With {.UseGoogleHostedHostMeta = True}
    Dim ReturnUrl As String = Request.Url.ToString

    OpenID.DiscoveryServices.Insert(0, HostedMeta)

    Dim builder As New UriBuilder(ReturnUrl)
    Dim fetch As New FetchRequest()


    Dim Req = OpenID.CreateRequest(Url, Realm.AutoDetect, builder.Uri)

    fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email)
    fetch.Attributes.AddRequired(WellKnownAttributes.Name.First)
    fetch.Attributes.AddRequired(WellKnownAttributes.Name.Last)

    Req.AddExtension(fetch)

    Req.RedirectToProvider()
End Sub

然后将重定向回检查响应的页面,例如

  Private Sub CheckOpenIDResponse()
    Dim Rp As New OpenIdRelyingParty
    Dim Resp = Rp.GetResponse()
    Dim Subsc As Subscriber

Select Case Resp.Status
            Case AuthenticationStatus.Authenticated
                Dim Fetch = Resp.GetExtension(Of FetchResponse)()

                Email = Fetch.GetAttributeValue(WellKnownAttributes.Contact.Email)
....

Prettly标准和工作正常(现在只支持谷歌),但它的工作原理。我已经让我的AppHost工作了,得到了一些测试Dto的工作按预期现在只需要实现身份验证。所以我的问题是:

  1. 如何将此准系统代码转换为使用servicestack的身份验证类(GoogleOpenIdOAuthProvider等)?并彻底摆脱dotnetopenauth。或...
  2. 在ServiceStack中,找到一种方法来使用dotnetopenauth(或上面的代码)来实现身份验证。

    3. 也许SS文档中有一些显而易见的东西,但对于我的生活,我似乎无法弄清楚如何将它们放在一起。

    为了从调用页面获取会话,我将我的用户对象(称为订阅者)包装在CustomUserSession中。

        Dim Ahost = ServiceStack.WebHost.Endpoints.EndpointHost.AppHost
    Dim Key = ServiceStack.ServiceInterface.SessionFeature.GetSessionKey()
    Dim Sess As CustomUserSession = Ahost.TryResolve(Of ServiceStack.CacheAccess.ICacheClient)().[Get](Of CustomUserSession)(Key)

    然后从这里我按照自己的意愿使用会话。

1 个答案:

答案 0 :(得分:3)

不确定上面的代码如何与ServiceStack集成。略有偏见,但我会让ServiceStack使用GoogleOpenIdOAuthProvider来处理这个问题。此外,SocialBootstrapApi项目应该是一个很好的参考。

下面的设置/配置为您提供了处理身份验证的网址'{servicestack path}/auth/googleopenid

假设您安装了ServiceStack ......

Nuget安装(或只是引用ServiceStack.Authention.OpenId.dll)如果您执行Nuget安装,它应该使用下面的大部分配置修改您的Web.Config(认为您没有获取appSettings配置)

在AppHost中添加带有GoogleOpenIdOAuthProvider的AuthFeature插件 

public override void Configure(Funq.Container container)
{
    Plugins.Add(new AuthFeature(() => new AuthUserSession(), new IAuthProvider[] { new GoogleOpenIdOAuthProvider(new AppSettings())}));     
}

为GoogleOpenIdOAuthProvider添加一些特定网址 

<appSettings>
<add key="oauth.GoogleOpenId.RedirectUrl" value="http://localhost" />
<add key="oauth.GoogleOpenId.CallbackUrl" value="http://localhost/api/auth/GoogleOpenId" /> 
</appSettings>

Web.config中的一堆配置。应该添加NuStet安装ServiceStack.Authentication.OpenId 

<configsections>
    <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth">
      <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
      <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
      <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
      <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true" />
    </sectionGroup>
  </configSections>


  <dotNetOpenAuth>
    <!-- This is an optional configuration section where aspects of dotnetopenauth can be customized. -->
    <!-- For a complete set of configuration options see http://www.dotnetopenauth.net/developers/code-snippets/configuration-options/ -->
    <openid>
      <relyingParty>
        <security requireSsl="false">
          <!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. -->
          <!--<trustedProviders rejectAssertionsFromUntrustedProviders="true">
                        <add endpoint="https://www.google.com/accounts/o8/ud" />
                    </trustedProviders>-->
        </security>
        <behaviors>
          <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
                         with OPs that use Attribute Exchange (in various formats). -->
          <add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth" />
        </behaviors>
      </relyingParty>
    </openid>
    <messaging>
      <untrustedWebRequest>
        <whitelistHosts>
          <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
          <!--<add name="localhost" />-->
        </whitelistHosts>
      </untrustedWebRequest>
    </messaging>
    <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
    <reporting enabled="true" />
  </dotNetOpenAuth>

访问AuthUserSession数据

在ServiceStack服务(继承自Service的类)中,您可以使用:

var sess = this.GetSession();

在ServiceStack之外,您可以执行以下操作:

var key = SessionFeature.GetSessionKey();
var sess = appHost.TryResolve<ICacheClient>().Get<AuthUserSession>(key);
相关问题
最新问题