UseOAuthAuthentication和UseGoogleAuthentication背后的协议的标准名称是什么?

时间:2016-07-19 21:45:24

标签: oauth oauth-2.0 asp.net-core openid openid-connect

ASP.NET安全社交示例has two ways to interact with Google.

UseOAuthAuthentication

app.UseOAuthAuthentication(new OAuthOptions
{
    AuthenticationScheme = "Google-AccessToken",
    DisplayName = "Google-AccessToken",
    ClientId = Configuration["google:clientid"],
    ClientSecret = Configuration["google:clientsecret"],
    CallbackPath = new PathString("/signin-google-token"),
    AuthorizationEndpoint = GoogleDefaults.AuthorizationEndpoint,
    TokenEndpoint = GoogleDefaults.TokenEndpoint,
    Scope = { "openid", "profile", "email" },
    SaveTokens = true
});

UseGoogleAuthentication

app.UseGoogleAuthentication(new GoogleOptions
{
    ClientId = Configuration["google:clientid"],
    ClientSecret = Configuration["google:clientsecret"],
    SaveTokens = true,
    Events = new OAuthEvents()
    {
        OnRemoteFailure = ctx =>
        {
            ctx.Response.Redirect("/error?FailureMessage=" 
                + UrlEncoder.Default.Encode(ctx.Failure.Message));
            ctx.HandleResponse();
            return Task.FromResult(0);
        }
    }
});

这两种身份验证和授权的标准名称是什么?即。是一个OAuth和另一个OpenID Connect?

选择UseOAuthAuthentication时,结果就是这样。

context
    .User.Claims: []
    .User.Identity.Name: null
    .Authentication.GetTokenAsync("access_token"): ya29.CjAlAz3AcUnRD...
    .Authentication.GetTokenAsync("refresh_token"): null
    .Authentication.GetTokenAsync("token_type"): Bearer
    .Authentication.GetTokenAsync("expires_at"): 2016-07-19T22:49:54...

选择UseGoogleAuthentication时,结果就是这样。

context
    .User.Claims: [
        nameidentifier: 10424487944...
        givenname: Shaun
        surname: Luttin
        name: Shaun Luttin
        emailaddress: admin@shaunl...
        profile: https://plus.google.com/+ShaunLuttin        
    ]
    .User.Identity.Name: "Shaun Luttin"
    .Authentication.GetTokenAsync("access_token"): ya29.CjAlAz3AcUnRD...
    .Authentication.GetTokenAsync("refresh_token"): null
    .Authentication.GetTokenAsync("token_type"): Bearer
    .Authentication.GetTokenAsync("expires_at"): 2016-07-19T22:49:54...

1 个答案:

答案 0 :(得分:0)

UseOAuthAuthenticationUseGoogleAuthentication都是OAuth。不同之处在于Google中间件设置了一些特定于Google的默认OAuth选项,并添加了GoogleHandler来获取用户个人资料信息。

换句话说,

  • UseOAuthAuthentication是检索和访问令牌的OAuth。

  • UseGoogleAuthentication是OAuth,其选项和流程已经过调优,可以从Google检索访问代码和用户个人资料信息。