我以为我能够找到有关这个主题的信息,但看起来我的google-fu今天很弱。我正在构建一个使用Amazon.com产品广告API的Silverlight应用程序。我想在我的应用程序中添加身份验证,但是我想实现OpenId,而不是使用默认的表单基本身份验证。我看到很多景点都使用雅虎或谷歌作为他们的提供商。而且我确实记得至少有一个景象,但不记得是哪个景点,使用Amazon.com作为提供商。
如果有人可以为我指出正确的文档方向,那就太棒了。
编辑:我现在记得Target.com允许您使用Amazon.com登录。答案 0 :(得分:0)
我对OpenID了解不多,但你几乎不得不写一个自定义的authenticatin服务,这并不是那么糟糕。 (顺便说一句,它仍然会利用实际上是快速的表单身份验证)
如果您知道如何通过代码验证.....
在服务器端,您需要三件。用于保存用户数据的类,从表单auth ...继承的类以及处理登录异常的类。
这是服务器代码的示例(抱歉减去开放ID检查)
using System.ServiceModel.DomainServices.Server.ApplicationServices;
public class UserDTO : UserBase
{
public string Email { get; set; }
//Must be string since will be included in HTTP Headers
public string Id { get; set; }
public bool CanCreateSomething { get; set;}
}
使用System; 使用System.Data.Objects; 使用System.ServiceModel.DomainServices.Hosting;
[EnableClientAccess]
public class CustomAuthenticationService : FormsAuthenticationService<UserDTO>
{
protected override UserDTO ValidateCredentials(string name, string password, string customData,
out string userData)
{
UserDTO user = null;
userData = null;
OpenIDUser OIDusr;
if OIDusr != null)
{
user = new UserDTO { Name = OIDusr.Description, Email = OIDusr.PrimaryEmail, Id= OIDusr.Id.ToString() };
}
if (user != null)
{
//Set custom data fields for HTTP session
userData = user.PartyId + ":" + user.Email;
}
return user;
}
}
[Serializable]
public class FormsAuthenticationLogonException : Exception
{
public FormsAuthenticationLogonException(string message) : base(message){}
}
public abstract class FormsAuthenticationService<TUser> : DomainService, IAuthentication<TUser>
where TUser : UserBase
{
#region IAuthentication<TUser> Members
public TUser GetUser()
{
var currentUser = ServiceContext.User;
if ((currentUser != null) && currentUser.Identity.IsAuthenticated)
{
var userIdentity = currentUser.Identity as FormsIdentity;
if (userIdentity != null)
{
var ticket = userIdentity.Ticket;
if (ticket != null)
{
return GetCurrentUser(currentUser.Identity.Name, ticket.UserData);
}
}
}
return GetDefaultUser();
}
public TUser Login(string userName, string password, bool isPersistent, string customData)
{
string userData;
TUser user = ValidateCredentials(userName, password, customData, out userData);
if (user != null)
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( /* version */
1, userName, DateTime.Now, DateTime.Now.AddMinutes(30),
isPersistent, userData, FormsAuthentication.FormsCookiePath);
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
HttpContextBase httpContext = (HttpContextBase) ServiceContext.GetService(typeof (HttpContextBase));
httpContext.Response.Cookies.Add(authCookie);
}
else
{
HttpContextBase httpContext = (HttpContextBase) ServiceContext.GetService(typeof (HttpContextBase));
httpContext.AddError(new FormsAuthenticationLogonException("Username or password is not correct."));
}
return user;
}
public TUser Logout()
{
FormsAuthentication.SignOut();
return GetDefaultUser();
}
public void UpdateUser(TUser user)
{
throw new NotImplementedException();
}
#endregion
protected abstract TUser GetCurrentUser(string name, string userData);
protected virtual TUser GetDefaultUser()
{
return null;
}
protected abstract TUser ValidateCredentials(string name, string password, string customData,
out string userData);
}
在客户端.....
LoginParameters loginParameters = new LoginParameters(UserName, Password);
WebContextBase.Current.Authentication.Login(loginParameters,
delegate(LoginOperation operation)
{
if (operation.HasError)
{
App.IsBusy = false;
operation.MarkErrorAsHandled();
UserName = string.Empty;
Password = string.Empty;
MessageBox.Show("Username or Password is incorrect!");
return;
}
//Login Success
CustomAuthenticationContext authContext = new CustomAuthenticationContext();
authContext.Load(authContext.GetUserQuery(), UserLoaded, false);
}, null);