Implementing Google account authentication in ASP.NET MVC - Blogs
X
10Aug

Implementing Google account authentication in ASP.NET MVC

Implementation of Google OAuth in MVC application:

 

Step 1: Create a Google OAuth application

          To create it please follow the steps below:

  • Go to https://console.developers.google.com, login with your Gmail id.
  • Click on ‘Select a Project’ dropdown at left top of the page.
  • Click on ‘Create project’ button,
  • Enter project name and create project.
  • Click Credentials on the left navigation.
  • Click Create Credentials > OAuth ClientID, fill the form and submit.
  • Client ID and Client Secrete will be created on successful creation of application.
  • This will be used in Authorization process.

Step 2: Configuring your Google application

  • Login to  https://console.developers.google.com
  • Select your created application and click on edit.
  • Enter the ‘Authorized redirect URL’.
  • Click on ‘Save button.

    Now your application created and configured.

    Step 3: Creating visual studio application

  • Create empty Asp.Net MVC application and add controller.
  • In ‘Home View’ create one action link like below
    • @Html.ActionLink("Login Using Google", "")
  • In action method add redirect url, there user redirect to Google login URL,
  • Add controller and create callback function and add below code
    • Here we need to collect the Authorization code and Access token.
    • Sample code:

                    try

                    {

                        var url = Request.Url.Query;

                        if (url != "")

                        {

                            string queryString = url.ToString();

                            char[] delimiterChars = { '=' };

                            string[] words = queryString.Split(delimiterChars);

                            string code = words[1];

 

                            if (code != null)

                            {

                                //get the access token

                                HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create("https://accounts.google.com/o/oauth2/token");

                                webRequest.Method = "POST";

                                Parameters = "code=" + code + "&client_id=" + client_id + "&client_secret=" + client_sceret + "&redirect_uri=" + redirect_url + "&grant_type=authorization_code";

                                byte[] byteArray = Encoding.UTF8.GetBytes(Parameters);

                                webRequest.ContentType = "application/x-www-form-urlencoded";

                                webRequest.ContentLength = byteArray.Length;

                                Stream postStream = webRequest.GetRequestStream();

                                // Add the post data to the web request

                                postStream.Write(byteArray, 0, byteArray.Length);

                                postStream.Close();

                                WebResponse response = webRequest.GetResponse();

                                postStream = response.GetResponseStream();

                                StreamReader reader = new StreamReader(postStream);

                                string responseFromServer = reader.ReadToEnd();

                                GoogleAccessToken serStatus = JsonConvert.DeserializeObject<GoogleAccessToken>(responseFromServer);

                                if (serStatus != null)

                                {

                                    string accessToken = string.Empty;

                                    accessToken = serStatus.access_token;

                                    Session["Token"] = accessToken;

                                    if (!string.IsNullOrEmpty(accessToken))

                                    {

                                      //call get user information function with access token as parameter

                                    }

                                }

                            }

                        }

                    }

                    catch (Exception ex)

                    {

                        return RedirectToAction("Index","Home");

                    }

            }

 

  • To get user information add below function

    try

                {

                    HttpClient client = new HttpClient();

                    var urlProfile = "https://www.googleapis.com/oauth2/v1/userinfo?access_token=" + access_token;

                    client.CancelPendingRequests();

                    HttpResponseMessage output = client.GetAsync(urlProfile).Result;

                    if (output.IsSuccessStatusCode)

                    {

                        string outputData = output.Content.ReadAsStringAsync().Result;

                        serStatus = JsonConvert.DeserializeObject<GoogleUserOutputData>(outputData);

                    }

                }

                catch (Exception ex)

                {

                    //catching the exception

                }

                return View(serStatus);

    Note: we need to create following model to Deserialize the json into object:

     

    public class GoogleAccessToken

           {

            public string access_token { get; set; }

            public string token_type { get; set; }

            public int expires_in { get; set; }

            public string id_token { get; set; }

            public string refresh_token { get; set; }

    }

     

    public class GoogleUserOutputData

           {

            public string id { get; set; }

            public string name { get; set; }

            public string given_name { get; set; }

            public string email { get; set; }

            public string picture { get; set; }

        }

     

  • Finally, we will add LogOff action to logoff user.

public ActionResult LogOff()
{

//Logout from application
    FormsAuthentication.SignOut();
    return Redirect(Url.Action("Index","Home"));

//Logout from google

            return Redirect("https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=";


}

 

Conclusion:     

We have discussed how to implement google oauth2 to secure our web application. The main advantage of google oauth2 is user no need to remember all of his/her account details, user can login using google credentials.

Related

Quality is Our Mantra – Successful Completion of the Surveillance Audit

Canarys has successfully completed the Surveillance Audit and has been certified for ISO 9001:2008. ...

Read More >

Base64 encoding in Objective c

When we have some binary data that need to send across network, we generally don't do it by just...

Read More >

New Tools in NAV 2013 (the less talked about ones) - Part 1

For some time now, I have been thinking about compiling on a list of new features and subtle tools i...

Read More >

Microsoft Dynamics ERP & CRM Solutions

Canarys has been a prominent Microsoft Dynamics NAV partner since the inception of the practice. We ...

Read More >

Create a Windows Server 2012 R2 VM using ARM in Azure PowerShell

Hi Folks,In this Blog Post we will learn how to create an Azure ARM Virtual Machine using Azure Powe...

Read More >

Upcoming Webinar - Plugging for Cloud, Right or Wrong?

Plugging for the Cloud, Right or Wrong?Cloud computing continues to be one of the most advertising t...

Read More >

Authoring custom release gates

Authoring custom release gates

Read More >

How to use Model Binding with ASP.NET Data Controls

IntroductionASP.NET 4.5 provides a flexible alternative to server data controls called as, Model Bin...

Read More >

Share

Try DevOpSmartBoard Ultimate complete Azure DevOps End-to end reporting tool

Sign Up

  • Recent
  • Popular
  • Tag
Tags
Monthly Archive
Subscribe
Name

Text/HTML
Contact Us
  • *
  • *