ASP.NET安全社交示例has two ways to interact with Google.
UseOAuthAuthentication
app.UseOAuthAuthentication(new OAuthOptions
{
AuthenticationScheme = "Google-AccessToken",
DisplayName = "Google-AccessToken",
ClientId = Configuration["google:clientid"],
ClientSecret = Configuration["google:clientsecret"],
CallbackPath = new PathString("/signin-google-token"),
AuthorizationEndpoint = GoogleDefaults.AuthorizationEndpoint,
TokenEndpoint = GoogleDefaults.TokenEndpoint,
Scope = { "openid", "profile", "email" },
SaveTokens = true
});
UseGoogleAuthentication
app.UseGoogleAuthentication(new GoogleOptions
{
ClientId = Configuration["google:clientid"],
ClientSecret = Configuration["google:clientsecret"],
SaveTokens = true,
Events = new OAuthEvents()
{
OnRemoteFailure = ctx =>
{
ctx.Response.Redirect("/error?FailureMessage="
+ UrlEncoder.Default.Encode(ctx.Failure.Message));
ctx.HandleResponse();
return Task.FromResult(0);
}
}
});
这两种身份验证和授权的标准名称是什么?即。是一个OAuth和另一个OpenID Connect?
选择UseOAuthAuthentication时,结果就是这样。
context
.User.Claims: []
.User.Identity.Name: null
.Authentication.GetTokenAsync("access_token"): ya29.CjAlAz3AcUnRD...
.Authentication.GetTokenAsync("refresh_token"): null
.Authentication.GetTokenAsync("token_type"): Bearer
.Authentication.GetTokenAsync("expires_at"): 2016-07-19T22:49:54...
选择UseGoogleAuthentication时,结果就是这样。
context
.User.Claims: [
nameidentifier: 10424487944...
givenname: Shaun
surname: Luttin
name: Shaun Luttin
emailaddress: admin@shaunl...
profile: https://plus.google.com/+ShaunLuttin
]
.User.Identity.Name: "Shaun Luttin"
.Authentication.GetTokenAsync("access_token"): ya29.CjAlAz3AcUnRD...
.Authentication.GetTokenAsync("refresh_token"): null
.Authentication.GetTokenAsync("token_type"): Bearer
.Authentication.GetTokenAsync("expires_at"): 2016-07-19T22:49:54...
答案 0 :(得分:0)
UseOAuthAuthentication和UseGoogleAuthentication都是OAuth。不同之处在于Google中间件设置了一些特定于Google的默认OAuth选项,并添加了GoogleHandler来获取用户个人资料信息。
换句话说,
UseOAuthAuthentication是检索和访问令牌的OAuth。
UseGoogleAuthentication是OAuth,其选项和流程已经过调优,可以从Google检索访问代码和用户个人资料信息。