Nice intro to using the OAuth stuff, exactly what I was looking for.

One thing that I had to do though was in the

I had to change

public DbSet UserProfiles { get; set; }

public DbSet ExternalUsers { get; set; }

to use the generic types. I take it that you have them in the source (just checked and you do) so obv these need encoding.

Cheers

Anthony

I can understand not allowing users to enter arbitrary OpenID's. I can even understand, only to a point, not supporting PPID. I can't understand why there's no way to populate ClaimsIdentity with the claims from Yahoo, Google, Facebook, Twitter since DotNetOpenAuth has code for getting a list of URI/value pairs.But, I will give you, this is 1000x better than u/p.

The blog post at blogs.msdn.com/ has an example of creating a custom client and a link to the source code for the clients.

AuthenticationResult result = OAuthWebSecurity.VerifyAuthentication(

Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));

Can anyone explain why adding the new fields to the Url.Action() isn't working? after the ReturnUrl = returnUrl I'm adding ,Id = id and it doesn't recognize the new fields.

After verifying your account, you should see an Apps tab on the Facebook Developers site <a rel="nofollow" target="_new" href="https://developers.facebook.com/" target="_blank">https://developers.facebook.com/</a> . From that page, you can create a new app.

Let me know if I have completely misunderstood your question.

The remote name could not be resolved: 'graph.facebook.com'

Thanks,

Ramesh Babu Kotha

Thanks for your excellent tutorial- usually tutorials of this complexity don't work- yours did perfectly.

Can you recommend a technique to manipulate the ExtraUserInformation table beyond this registration/login process? For instance, I'd like users to be able to manually submit their Phone Number to the the Extra User Information table. Besides modifying the model to accommodate this new field, what's the best way to select the current user from the db Context, add & save the data?

using (UsersContext db = new UsersContext())

{

UserProfile user = db.UserProfiles.FirstOrDefault(u => u.UserName == User.Identity.Name);

user.PhoneNumber = "xxx-xxx-xxxx";

db.SaveChanges();

}

ExternalUserInformation userinfo = db.ExternalUsers.FirstOrDefault(e => e.UserId == user.UserId);

dynamic response = client.Get("me", new { fields = "verified,email" });

You can use the value with:

response["email"]

First of all, thanks for this clear article.

Unfortunately I cannot get the Facebook login to work. I have followed your article step-by-step, but when I log into Facebook I get a time-out on the ExternalLoginCallback method: "A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 173.252.110.27:443".

Can you help?

Regards, Erwin

figured it out! It was the proxy server that caused my problem. Everything works great now. Thanks again for the great article.

Kind regards,

Erwin

Why not use OpenId for Google, as it is part of the template? Well the REAL LIFE challenge is two-fold. One: get this working for Google. Two: with the knowledge gained, implement another class for an arbitrary OAuth2 server. So challenge two is real life.

I am using as an example dotnetopenid / src / DotNetOpenAuth.AspNet / Clients / OAuth2 / MicrosoftClient.cs . But I am at the cusp of the difficult part.

So I created a new webform app in VS2012 and followed the instructions per the first article I found following the link in the application login page:

blogs.msdn.com/#comments

but after trying successfully to connect via Twitter I am a bit confused about an aspect of authenticating with external services (didn't try with Facebook, but I guess the question could apply the same):

if I have two different "physical" users (i.e. unrelated persons) visiting my site, user A registered yesterday with my site local registration form with username "dummyfoo" and a email/password; while today user B arrives and authenticates with twitter, where he has the "dummyfoo" username, he is redirected to my site and being logged in and welcomed as being the same person as User A.....!!!

Am I missing something or there is a flaw?

Thanks

It is possible to associate an external login to a logged-in account. Is there any chance that happened?

thanks for that great tutorial. helped me a lot.

i was wondering, why i can't find any complete information on how to integrate an asp.net mvc website with windows live. for example about oauth... why dont you explain live? I know ist realy easy to do that. but what about getting extra info?

and... maybe someone in your Team could make a tutorial on how to integrate all those cool live features like skydrive and so on. :-)

max