I see that there are some questions about this already but none that i found goes into any details.
I have using my own code from DotNetOpenAuth before but now i decided to switch over to the Microsoft Wrapper for Authentication. Anyways i found this really good OAuth Client:
https://github.com/mj1856/DotNetOpenAuth.GoogleOAuth2
It seems to work fine but now it come to the migration part. In my current login system i save the full OpenID URL that Google returns that are in the form of:
https://www.google.com/accounts/o8/id?id=????????????????????????????????????
According to the documentation here https://developers.google.com/accounts/docs/OpenID i should be able to get that value in some way via the new OAuth system.
I have included the "openid.realm" paramater in the Auth request.
return BuildUri(AuthorizationEndpoint, new NameValueCollection
{
{ "response_type", "code" },
{ "client_id", _clientId },
{ "scope", string.Join(" ", scopes) },
{ "redirect_uri", returnUrl.GetLeftPart(UriPartial.Path) },
{ "state", state },
{ "openid.realm", "http://myoldopenidrealm" }
});
And as far as i understand the documentation that should be all i need to do. I have made sure that the Realm i used for my OpenID 2 authentication is the same and it's also the same as my return URL.
After I've done that i do that token request and as i understand it it's here that i should see a "open_id" field but i cannot understand how to get it.
protected override string QueryAccessToken(Uri returnUrl, string authorizationCode) {
var postData = HttpUtility.ParseQueryString(string.Empty);
postData.Add(new NameValueCollection
{
{ "grant_type", "authorization_code" },
{ "code", authorizationCode },
{ "client_id", _clientId },
{ "client_secret", _clientSecret },
{ "redirect_uri", returnUrl.GetLeftPart(UriPartial.Path) },
});
var webRequest = (HttpWebRequest)WebRequest.Create(TokenEndpoint);
webRequest.Method = "POST";
webRequest.ContentType = "application/x-www-form-urlencoded";
using (var s = webRequest.GetRequestStream())
using (var sw = new StreamWriter(s))
sw.Write(postData.ToString());
using (var webResponse = webRequest.GetResponse()) {
var responseStream = webResponse.GetResponseStream();
if (responseStream == null)
return null;
using (var reader = new StreamReader(responseStream)) {
var response = reader.ReadToEnd();
var json = JObject.Parse(response);
var accessToken = json.Value<string>("access_token");
return accessToken;
}
}
}
This is what the documentation says, and i can't see either the "sub" or the "openid_id" field.
*The response from that token request includes the usual fields (access_token, etc.), plus an openid_id field and the standard OpenID Connect sub field. The fields you need in this context are openid_id and sub:*
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 放荡不羁爱自由 的文章《Migrating from Google OpenID to new OAuth 2》','https://www.manongdao.com/article-403942.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}