3

As i read here, it is possible to add scopes to the facebook authentication method (How to access Facebook private information by using ASP.NET Identity (OWIN)?).

My requirement is to request additional scopes from google (e.g. "https://www.googleapis.com/auth/userinfo.email").

In my current MVC4 App this is realized with a custom OAuth2Client and the SimpleMembership Provider (custom Nhibernate implementation).

Futhermore, is it possible to create a custom ASP.NET Identity implementation without Entity Framework? Im not very confident with two different technologies (Nhibernate, EF) accessing my database.

Community
  • 1
  • 1
david
  • 33
  • 1
  • 4
  • I'm also looking to switch from EF to NHibernate with MVC 5's Identity... Did you figure out how to do it? – David Sulpy Nov 18 '13 at 19:51
  • It's eminently possible with the RTM build - it was much harder with the beta builds. I prototyped a library to do it, but it's not ready for prime-time yet and I don't have time to work on it right now. There's another implementation here - https://github.com/milesibastos/NHibernate.AspNet.Identity - it's also available as a NuGet package. I haven't tried it myself but it looks simple enough to use. – Neil Hewitt Jan 03 '14 at 12:13

1 Answers1

3

I've been looking into this and it doesn't seem to me that there is anyway to handle this from the existing nuget package Microsoft.Owin.Security.Google.

I was able to get scope crudely working by downloading the source from Codeplex, http://katanaproject.codeplex.com/SourceControl/latest#src/Microsoft.Owin.Security.Google/GoogleAuthenticationHandler.cs, and recompiling it. I added three lines in to the authorization endpoint in GoogleAuthenticationHanlder:

"&openid.ns.ext2=" + 
Uri.EscapeDataString("http://specs.openid.net/extensions/oauth/1.0") +
"&openid.ext2.consumer=" + 
Uri.EscapeDataString(requestPrefix.Replace("https://", "").Replace("http://", "")) +
"&openid.ext2.scope=" +
Uri.EscapeDataString("https://www.googleapis.com/auth/glass.timeline https://www.googleapis.com/auth/userinfo.profile")  
                    ;

The third line is the scopes, and really should be added as a property on the GoogleAuthenticationOptions, and the concatenated into a space delimited list of scopes.

In any case, the addition above was working for me. Hopefully someone will put this together into a more comprehensive nuget package (handling refresh tokens, etc.). I might try myself if no one else does.

Gene Reddick
  • 4,655
  • 4
  • 34
  • 35