.NET Zone is brought to you in partnership with:

I am a programmer, blogger and tech enthusiast and working mostly on Microsoft technologies. I love writing and spreading good code. Prashant is a DZone MVB and is not an employee of DZone and has posted 14 posts at DZone. You can read more from them at their website. View Full User Profile

Implementing Google Account Authentication in an ASP.NET application

02.18.2012
| 26330 views |
  • submit to reddit

Few years back I blogged about adding OpenID login support in ASP.NET application. This time I am blogging about adding Google login support in ASP.NET application. A friend of mine is trying to integrate multiple third party authentication support for one of the application he is developing for his client. He is using DotNetOpenAuth for Google authentication. the code I am using here is from my friend and I am sharing it with his explicit permission.

First, download the latest version of DotNetOpenAuth and add its reference in your web application and these two namespaces.

using DotNetOpenAuth.OpenId;
using DotNetOpenAuth.OpenId.RelyingParty;

After adding the reference, add a normal button with CommandArgument to point https://www.google.com/accounts/o8/id.

<asp:Button ID="btnGoogleLogin" runat="server" CommandArgument="https://www.google.com/accounts/o8/id" 
        OnCommand="btnGoogleLogin_Click" Text="Sign In with Google" />

On the button click event on the server side:

protected void btnGoogleLogin_Click(object sender, CommandEventArgs e)
{
    string discoveryUri = e.CommandArgument.ToString();
    OpenIdRelyingParty openid = new OpenIdRelyingParty();
    var URIbuilder = new UriBuilder(Request.Url) { Query = "" };
    var req = openid.CreateRequest(discoveryUri, URIbuilder.Uri, URIbuilder.Uri);
    req.RedirectToProvider();
}

Now when you click the button it will take you to Google login page which look something like this.

You can see on the right side of the screen with the information of the site requesting the authentication. Once you get successfully authenticated with your entered user name and password, you will then redirect to the confirmation page:

As I am using my local development server, you will see Locahost. Once you deploy the application in the production environment it will automatically get the name of the domain. Clicking on the Sign in button you will then be redirected to the main page, but before you get to the main page you need to check whether the authentication was successful or was it cancelled by the user or was failed. To make sure use the below code on the load event of the login page:

protected void Page_Load(object sender, EventArgs e)
{
    OpenIdRelyingParty rp = new OpenIdRelyingParty();
    var response = rp.GetResponse();
    if (response != null)
    {
        switch (response.Status)
        {
            case AuthenticationStatus.Authenticated:
                Session["GoogleIdentifier"] = response.ClaimedIdentifier.ToString();
                Response.Redirect("Default.aspx");
                break;
            case AuthenticationStatus.Canceled:
                Session["GoogleIdentifier"] = "Cancelled.";
                break;
            case AuthenticationStatus.Failed:
                Session["GoogleIdentifier"] = "Login Failed.";
                break;
        }
    }

}

On Default.aspx page I have set the ClaimedIdentifier:

The response/status returned from Google will be checked here and we will redirect the application to work the way accordingly. My friend sends me the above code to find out whether there is any way we can logout from the service. Well, unfortunately there isn't any specific way to log out using DotNetOpenAuth? But there is a workaround. I don't know if it is a good practice or bad but it worked out for me. To logout, I am just calling this logout URL used by Google.

http://accounts.google.com/logout

If you have some suggestions or you know a better way or approach of doing this then please drop a line in the comments sections.

References
Published at DZone with permission of Prashant Khandelwal, author and DZone MVB. (source)

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)

Comments

Reehana Davis replied on Mon, 2012/02/20 - 6:00am

Hi,

Thanks for bringing this to our notice. You article integrate only google account,

I would like to mention a tutorial which explain how to integrate openId with asp.net application:

http://bhaidar.net/post/2011/04/04/OpenID-Single-Sign-On-ASPNET-Web-Forms.aspx

http://danhounshell.com/blog/adding-openid-to-your-web-site-in-conjunction-with-asp-net-membership/

Check above link where Google, Yahoo, Facebook, Myspace etc ... are integrated. 

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.