OAuth is one of the popular Authentication protocols that is used to provides a layer of security to your web applications using login/password. One of the main uses of OAuth is to allow access to one website using Authentication with another.
For instance, let us say you have a custom website with its own login and password (As a side note, the infrastructure for Authentication is referred to as membership in ASP .NET. You will also find information about it here among many other places on the web. Here is another video talking about it.).
Back on the topic, now let us say you would like to give access to a user of this website using the user’s facebook login. You can do it using OAuth. i.e., you can let users login to your website with their facebook account. Under the hood, your facebook account is associated with the users local membership account.
How difficult is this to implement? With ASP .NET 4.5, it is ridiculously easy. If you want to authenticate your ASP .NET application with users’ Facebook, Twitter, Microsoft or Google accounts have. Here is a video about using it with ASP .NET Forms application and here is a codeproject article about using it with MVC. It is as simple as calling a single method for each of the services:
OAuthWebSecurity.RegisterMicrosoftClient(
clientId: "123456789123456",
clientSecret: "1234567892188a3456bq44535pk34rg1");
OAuthWebSecurity.RegisterTwitterClient(
consumerKey: "123456789123456",
consumerSecret: "1234567892188a3456bq44535pk34rg1");
OAuthWebSecurity.RegisterFacebookClient(
appId: "123456789123456",
appSecret: "1234567892188a3456bq44535pk34rg1");
OAuthWebSecurity.RegisterGoogleClient();
What if you want to authenticate your web application with a provider other than facebook, twitter etc? You can still do it but it needs a little more work. Here is an article that shows how to do this.
Comments
You can follow this conversation by subscribing to the comment feed for this post.