Implementation of Google OAuth in MVC application:
Step 1: Create a Google OAuth application
To create it please follow the steps below:
- Go to https://console.developers.google.com, login with your Gmail id.
- Click on ‘Select a Project’ dropdown at left top of the page.
- Click on ‘Create project’ button,
- Enter project name and create project.
- Click Credentials on the left navigation.
- Click Create Credentials > OAuth ClientID, fill the form and submit.
- Client ID and Client Secrete will be created on successful creation of application.
- This will be used in Authorization process.
Step 2: Configuring your Google application
try
{
var url = Request.Url.Query;
if (url != "")
{
string queryString = url.ToString();
char[] delimiterChars = { '=' };
string[] words = queryString.Split(delimiterChars);
string code = words[1];
if (code != null)
{
//get the access token
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create("https://accounts.google.com/o/oauth2/token");
webRequest.Method = "POST";
Parameters = "code=" + code + "&client_id=" + client_id + "&client_secret=" + client_sceret + "&redirect_uri=" + redirect_url + "&grant_type=authorization_code";
byte[] byteArray = Encoding.UTF8.GetBytes(Parameters);
webRequest.ContentType = "application/x-www-form-urlencoded";
webRequest.ContentLength = byteArray.Length;
Stream postStream = webRequest.GetRequestStream();
// Add the post data to the web request
postStream.Write(byteArray, 0, byteArray.Length);
postStream.Close();
WebResponse response = webRequest.GetResponse();
postStream = response.GetResponseStream();
StreamReader reader = new StreamReader(postStream);
string responseFromServer = reader.ReadToEnd();
GoogleAccessToken serStatus = JsonConvert.DeserializeObject<GoogleAccessToken>(responseFromServer);
if (serStatus != null)
{
string accessToken = string.Empty;
accessToken = serStatus.access_token;
Session["Token"] = accessToken;
if (!string.IsNullOrEmpty(accessToken))
{
//call get user information function with access token as parameter
}
}
}
}
}
catch (Exception ex)
{
return RedirectToAction("Index","Home");
}
}
- To get user information add below function
try
{
HttpClient client = new HttpClient();
var urlProfile = "https://www.googleapis.com/oauth2/v1/userinfo?access_token=" + access_token;
client.CancelPendingRequests();
HttpResponseMessage output = client.GetAsync(urlProfile).Result;
if (output.IsSuccessStatusCode)
{
string outputData = output.Content.ReadAsStringAsync().Result;
serStatus = JsonConvert.DeserializeObject<GoogleUserOutputData>(outputData);
}
}
catch (Exception ex)
{
//catching the exception
}
return View(serStatus);
Note: we need to create following model to Deserialize the json into object:
public class GoogleAccessToken
{
public string access_token { get; set; }
public string token_type { get; set; }
public int expires_in { get; set; }
public string id_token { get; set; }
public string refresh_token { get; set; }
}
public class GoogleUserOutputData
{
public string id { get; set; }
public string name { get; set; }
public string given_name { get; set; }
public string email { get; set; }
public string picture { get; set; }
}
- Finally, we will add LogOff action to logoff user.
public ActionResult LogOff()
{
//Logout from application
FormsAuthentication.SignOut();
return Redirect(Url.Action("Index","Home"));
//Logout from google
return Redirect("https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=";
}
Conclusion:
We have discussed how to implement google oauth2 to secure our web application. The main advantage of google oauth2 is user no need to remember all of his/her account details, user can login using google credentials.