I've got an existing C# project with the following POST
method:
// POST: /Account/ExternalLogin
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult ExternalLogin(string provider, string returnUrl)
{
return new ExternalLoginResult(provider, Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
}
Which uses:
OAuthWebSecurity.Login(provider, ...);
I'm kinda new to OAuth, and haven't done anything with it in this C# project. I do however implemented Google-authorization on an Android App, and I want to use the following class/method for the HttpPost:
public class TaskPostAPI extends AsyncTask<String, Void, String>
{
GoogleApiClient googleAPI;
public TaskPostAPI(GoogleApiClient googleAPI){
this.googleAPI = googleAPI;
}
@Override
protected String doInBackground(String... urls){
String response = "";
for(String url : urls){
DefaultHttpClient client = new DefaultHttpClient();
HttpPost post = new HttpPost(url);
try{
List<NameValuePair> nvPairs = new ArrayList<NameValuePair>(2); //(3);
//nvPairs.add(new BasicNameValuePair("personName", Plus.PeopleApi.getCurrentPerson(googleAPI).getDisplayName()));
//nvPairs.add(new BasicNameValuePair("personGooglePlusProfile", Plus.PeopleApi.getCurrentPerson(googleAPI).getUrl()));
//nvPairs.add(new BasicNameValuePair("personEmail", Plus.AccountApi.getAccountName(googleAPI)));
nvPairs.add(new BasicNameValuePair("provider", ???));
URL u = new URL(url);
nvPairs.add(new BasicNameValuePair("returnUrl", u.getProtocol() + "://" + u.getHost()));
post.setEntity(new UrlEncodedFormEntity(nvPairs));
HttpResponse execute = client.execute(post);
InputStream content = execute.getEntity().getContent();
BufferedReader buffer = new BufferedReader(new InputStreamReader(content));
String s = "";
while((s = buffer.readLine()) != null)
response += s;
}
catch(Exception ex){
ex.printStackTrace();
}
}
return response;
}
}
So my question: What should I put at the POST-method's
???. So what is the Provider
? In my Android App I log in using Google
, and got the GoogleApiClient
and Person
(com.google.android.gms.plus.model.people.Person
).
At this website I see the following url: https://accounts.google.com/o/oauth2/auth
. Is this the url I should use as provider
? Or should I add parameters
to this url? Or should I use a completely different string as provider
?
PS: If someone can send me a link to a list of provider-urls
(like Google's
, Facebook's
, Twitter's
, etc.) and how to use them for the C# OAuthWebSecurity
I would appreciate it.
Thanks in advance for the responses.
Ok it turns out it was very simple.. The provider
is just "Google", nothing more, nothing less.. This provider name
I found at the RegisterClient
method in de C# project:
OAuthWebSecurity.RegisterClient(client, "Google", extraData);
Now the POST
works, except for the message "The required anti-forgery cookie "__RequestVerificationToken" is not present."
, but at least I can continue. And adding a Cookie
to a HttpPost
isn't that hard I believe when using a CookieManager
.