Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
I want to implement OAuth/OpenID for Website One and use it in Website Two.
 
I create Sign Up, Sign In, Sign Out, Profile functionality/Pages for Website One and want to use authentication in Website Two like Facebook or Twitter authentication.
 
As an additional information if you got interest you can visit trial websites of Website One and Website Two. Please do not expect full or correct functionality because as I said above they are just trials yet.
Posted 26-Jan-13 8:42am

1 solution

Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

Hi there,
 
Why not Google oAuth and research/read about how oAuth works? I mean really, what are you expecting us to do?
I suggest you spend a while researching how oAuth works and particularly why the authentication/security works. Your website isn't running over HTTPS - it should be! And for oAuth, as far as I'm aware, it HAS to be for the data to be secure! This is too much work for one question and we don't have access to your source code, so we couldn't write anything for you anyway.
 
Ed
  Permalink  
Comments
TIKSN Int at 28-Jan-13 13:33pm
   
First thanks for response. I know OAuth concept but I was wondering which classes I have to overload or rewrite? I want to use DotNetOpenAuth lib.
Ed Nutting at 28-Jan-13 13:54pm
   
That is a somewhat different question which perhaps you should have asked in the first place. Anyway, so far as my limited knowledge on the oAuth protocol in particular lets me, I shall try and suggest what you should do.
 
1. You need to be able to receive/respond to web requests with url params & input/output streams.
2. This is, essentially, the same as a page.
3. You (presumably) have different types of data you want to respond with and different sets of requests for these types of data (else your API is a one-type API but you should still follow this method so you can expand later - expansion is inevitable).
4. On this basis, you want one generic oAuth page class that can be used for multiple types of data.
5. Therefore, create yourself a class called oAuthPage which inherits from Page (see any *.aspx.cs file class declaration for what I mean).
6. In this class, add (static?) methods for handling oAuth authentication etc. and then implement those in a virtual override of the Page_Load event.
7. Add variables to the oAuthPage class for setting the response.
8. In oAuthPage class, override the Page_Unload to clear the response output stream and write the data in the response variables (that you added to the class in step 7).
9. For each request type (data-type in your API), add a new aspx page to a folder called something like "API"
10. Edit the aspx.cs file and change the inheritance from "Page" to "oAuthPage" in each of the new files.
11. You now have a generic oAuth class for any oAuth request and pages that can implement it.
 
In each oAuth Request Page, simply override the Page_Load event, call the parent classes Page_Load event (base.Page_Load() or something) and then immediately check that the authentication was OK. If it was, process the request. Otherwise, ignore - do not pass back error messages that reveal how your system works!
 
Hope this helps,
Ed

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 OriginalGriff 515
1 Maciej Los 349
2 Richard MacCutchan 220
3 BillWoodruff 209
4 Mathew Soji 160
0 OriginalGriff 8,654
1 Sergey Alexandrovich Kryukov 7,407
2 DamithSL 5,639
3 Maciej Los 5,229
4 Manas Bhardwaj 4,986


Advertise | Privacy | Mobile
Web01 | 2.8.1411023.1 | Last Updated 27 Jan 2013
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100