Search code examples
c#androidpostoauthgoogle-oauth

C# OAuthWebSecurity Google Provider URL?

I've got an existing C# project with the following POST method:

// POST: /Account/ExternalLogin
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult ExternalLogin(string provider, string returnUrl)
{
    return new ExternalLoginResult(provider, Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
}

Which uses:

OAuthWebSecurity.Login(provider, ...);

I'm kinda new to OAuth, and haven't done anything with it in this C# project. I do however implemented Google-authorization on an Android App, and I want to use the following class/method for the HttpPost:

public class TaskPostAPI extends AsyncTask<String, Void, String>
{   
    GoogleApiClient googleAPI;

    public TaskPostAPI(GoogleApiClient googleAPI){
        this.googleAPI = googleAPI;
    }

    @Override
    protected String doInBackground(String... urls){
        String response = "";
        for(String url : urls){
            DefaultHttpClient client = new DefaultHttpClient();
            HttpPost post = new HttpPost(url);
            try{
                List<NameValuePair> nvPairs = new ArrayList<NameValuePair>(2); //(3);
                //nvPairs.add(new BasicNameValuePair("personName", Plus.PeopleApi.getCurrentPerson(googleAPI).getDisplayName()));
                //nvPairs.add(new BasicNameValuePair("personGooglePlusProfile", Plus.PeopleApi.getCurrentPerson(googleAPI).getUrl()));
                //nvPairs.add(new BasicNameValuePair("personEmail", Plus.AccountApi.getAccountName(googleAPI)));

                nvPairs.add(new BasicNameValuePair("provider", ???));
                URL u = new URL(url);
                nvPairs.add(new BasicNameValuePair("returnUrl", u.getProtocol() + "://" + u.getHost()));

                post.setEntity(new UrlEncodedFormEntity(nvPairs));

                HttpResponse execute = client.execute(post);
                InputStream content = execute.getEntity().getContent();

                BufferedReader buffer = new BufferedReader(new InputStreamReader(content));
                String s = "";
                while((s = buffer.readLine()) != null)
                    response += s;
            }
            catch(Exception ex){
                ex.printStackTrace();
            }
        }
        return response;
    }
}

So my question: What should I put at the POST-method's ???. So what is the Provider? In my Android App I log in using Google, and got the GoogleApiClient and Person (com.google.android.gms.plus.model.people.Person).

At this website I see the following url: https://accounts.google.com/o/oauth2/auth. Is this the url I should use as provider? Or should I add parameters to this url? Or should I use a completely different string as provider?

PS: If someone can send me a link to a list of provider-urls (like Google's, Facebook's, Twitter's, etc.) and how to use them for the C# OAuthWebSecurity I would appreciate it.

Thanks in advance for the responses.

Solution

  • Ok it turns out it was very simple.. The provider is just "Google", nothing more, nothing less.. This provider name I found at the RegisterClient method in de C# project:

    OAuthWebSecurity.RegisterClient(client, "Google", extraData);

    Now the POST works, except for the message "The required anti-forgery cookie "__RequestVerificationToken" is not present.", but at least I can continue. And adding a Cookie to a HttpPost isn't that hard I believe when using a CookieManager.