Geek Answers Handbook

Getting oauth credentials after asp.net mvc Twitter OAuth2 login

After testing the embedded MVC 5 OAuth2 / OpenID providers, I was able to create a website that allowed me to authenticate myself using my Twitter credentials.

The problem that I am currently facing is that I also want to save the tokens (oauth_token and oauth_verifier) ​​on Twitter after the user has successfully authenticated. I need these tokens, so I can allow users to post data directly from my site to their Twitter account.

After setting TwitterAuthenticationOptions (see below) in Startup.Auth.cs, I found that the tokens that I follow can be found in the context (((context.Response.Context).Request).QueryString) , but parsing this seems ugly decision.

  var tw = new TwitterAuthenticationOptions { ConsumerKey = "SecretKey", ConsumerSecret = "SecretSecret", SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie, Provider = new TwitterAuthenticationProvider() { OnAuthenticated = (context) => { context.Identity.AddClaim(new System.Security.Claims.Claim("urn:twitter:access_token", context.AccessToken, XmlSchemaString, "Twitter")); return Task.FromResult(0); } } }; app.UseTwitterAuthentication(tw);

How can this be gracefully implemented? For Facebook, I found a solution that actually extracts additional information, this is similar to ...

get-more-information-from-social-providers-used-in-the-vs-2013-project-templates

+7
c # asp.net-mvc asp.net-mvc-5 twitter
source share
2 answers

You can use Query instead of QueryString, and then use the Get method to extract the value from the query string.

 context.Response.Context.Request.Query.Get("oauth_verifier"); context.Response.Context.Request.Query.Get("oauth_token"); or context.AccessToken

Another note - you do not need oauth_verifer to send data. Have a look here if you have the required headers. I suggest you use one of the libraries here to interact with Twitter.

0
source share

There is a good extension method in the Request object. Add the following lines to the HomeController or controller, where necessary.

 Request.GetOwinContext().Authentication.User.Claims // Lists all claims // Filters by type Request.GetOwinContext().Authentication.User.FindAll("urn:twitter:access_token")

GetOwinContext will provide you with an authentication object in which you can find the user object and its claims.

I found a helpful post here. How do I access the Microsoft.Owin.Security.xyz OnAuthenticated context values ​​of AddClaims?

I changed as indicated in the steps in the post.

AccountController.cs

 private async Task SignInAsync(ApplicationUser user, bool isPersistent) { AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie); var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie); //New method call made here to persist the claims from external cookie await SetExternalProperties(identity); AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, identity); } //New method added to persist identity info private async Task SetExternalProperties(ClaimsIdentity identity) { // get external claims captured in Startup.ConfigureAuth ClaimsIdentity ext = await AuthenticationManager.GetExternalIdentityAsync(DefaultAuthenticationTypes.ExternalCookie); if (ext != null) { var ignoreClaim = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims"; // add external claims to identity foreach (var c in ext.Claims) { if (!c.Type.StartsWith(ignoreClaim)) if (!identity.HasClaim(c.Type, c.Value)) identity.AddClaim(c); } } }

try this and let me know.

0
source share

More articles:


All Articles