我一直在研究Google身份验证API(AuthSub)...我的问题是,如何在身份验证通过后获取用户的帐户信息(至少是他们的Gmail地址)?
因为目前,我从身份验证过程中回来的只是一个令牌,授予我访问我在范围内指定的Google服务的权限,但是到目前为止甚至没有简单的方法来获取用户的登录ID(Gmail地址)我可以说...
如果是这样,Google服务允许我访问用户的信息?
答案 0 :(得分:4)
Google身份验证API是一种基于令牌的系统,用于对有效用户进行身份验证。它不会暴露任何其他允许将帐户持有者信息返回给授权人的界面。
答案 1 :(得分:2)
使用Google AppEngine GData服务,您可以请求用户授予您访问其Google Mail,日历,Picasa等的权限。请查看here。
答案 2 :(得分:2)
您可以通过OpenID API获取部分数据,并使用ax扩展名。如果您使用其他方法进行身份验证,我发现最好的是调用https://www-opensocial.googleusercontent.com/api/people/@me/@self,它会为您提供姓名,电子邮件和图片。在进行身份验证时,请务必在范围内设置http://www-opensocial.googleusercontent.com/api。
答案 3 :(得分:0)
[ValidateInput(false)]
public ActionResult Authenticate(string returnUrl)
{
try
{
logger.Info("" + returnUrl + "] LoginController : Authenticate method start ");
var response = openid.GetResponse();
if (response == null)
{
try
{
string discoveryuri = "https://www.google.com/accounts/o8/id";
//OpenIdRelyingParty openid = new OpenIdRelyingParty();
var fetch = new FetchRequest();// new
var b = new UriBuilder(Request.Url) { Query = "" };
var req = openid.CreateRequest(discoveryuri, b.Uri, b.Uri);
fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
fetch.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
req.AddExtension(fetch);
return req.RedirectingResponse.AsActionResult();
}
catch (ProtocolException ex)
{
logger.ErrorFormat(" LoginController : Authenticate method has error, Exception:" + ex.ToString());
ViewData["Message"] = ex.Message;
return View("Login");
}
}
else
{
logger.Info("" + returnUrl + "] LoginController : Authenticate method :when responce not null ");
switch (response.Status)
{
case AuthenticationStatus.Authenticated:
logger.Info("" + response.Status + "] LoginController : Authenticate method : responce status ");
var fetchResponse = response.GetExtension<FetchResponse>();
string email = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email);
string userIPAddress = HttpContext.Request.UserHostAddress;
SecurityManager manager = new SecurityManager();
int userID = manager.IsValidUser(email);
if (userID != 0)
{
ViewBag.IsFailed = "False";
logger.Info("" + userID + "] LoginController : Authenticate method : user id id not null ");
Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay;
Session["UserEmail"] = email;
FormsAuthentication.SetAuthCookie(email, false);
WebSession.UserEmail = email;
WebSession.UserID = userID;
UserManager userManager = new UserManager();
WebSession.AssignedSites = userManager.GetAssignedSites(userID);
if (!string.IsNullOrEmpty(returnUrl))
{
logger.Info("" + returnUrl + "] LoginController : Authenticate method : retutn url not null then return Redirect ");
return Redirect(returnUrl);
}
else
{
logger.Info("" + returnUrl + "] LoginController : Authenticate method : retutn url null then return RedirectToAction ");
//
return Redirect("/Home");
}
}
else
{
ViewBag.IsFailed = "True";
logger.Info("" + returnUrl + "] LoginController : Authenticate method :user id null ");
if (!string.IsNullOrEmpty(returnUrl))
{
logger.Info("" + returnUrl + "] LoginController : Authenticate method :and return Redirect ");
return Redirect(returnUrl);
}
else
{
logger.Info("" + returnUrl + "] LoginController : Authenticate method :and return RedirectToAction ");
return View("Index");
}
}
case AuthenticationStatus.Canceled:
logger.Info("" + response.Status + "] LoginController : Authenticate method : AuthenticationStatus.Canceled and return view ");
ViewData["Message"] = "Canceled at provider";
return View("Login");
case AuthenticationStatus.Failed:
logger.Info("" + response.Status + "] LoginController : Authenticate method : AuthenticationStatus.Failed and return view ");
logger.Error(response.Exception.Message);
ViewData["Message"] = response.Exception.Message;
return View("Login");
}
}
logger.Info("" + returnUrl + "] LoginController : Authenticate method end and return EmptyResult");
return new EmptyResult();
}
catch (Exception ex)
{
logger.Error(" LoginController : Authenticate method ", ex);
throw;
}
}