CODEWITHSUNDEEP
asp.netauthentication
stuck
stuck

Reputation: 2291

how can I use a Microsoft Account to authenticate to my website

I have a website where a users identity is needed, I'd really prefer not to make them create yet another username/password combo that they have to remember

are there SDK's for allowing authentication from an Microsoft account?

Upvotes: 11

Views: 10760

Answers (6)

andrewb
andrewb

Reputation: 5339

The amount of changes / rebranding / deprecation / dead links from Microsoft drives me crazy. In any case, the latest version of this from what I've found is "Microsoft Account external login", which can be first set up on the Microsoft Developer Portal.

I found a guide that explains how to do this for .Net Core at https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/microsoft-logins, though the first half (e.g. setting the Redirect URI) isn't framework-specific.

I also found some relevant source code for .Net Core at https://github.com/aspnet/Security/blob/master/src/Microsoft.AspNetCore.Authentication.MicrosoftAccount/MicrosoftAccountOptions.cs, which shows some of the Claims (user details) that are retrieved:

ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
ClaimActions.MapJsonKey(ClaimTypes.Name, "displayName");
ClaimActions.MapJsonKey(ClaimTypes.GivenName, "givenName");
ClaimActions.MapJsonKey(ClaimTypes.Surname, "surname");
ClaimActions.MapCustomJson(ClaimTypes.Email,
    user => user.Value<string>("mail") ?? user.Value<string>("userPrincipalName"));

The support from the latest version of .Net Core suggests to me that this external login API still works. I haven't tested them out yet, I will update if I get to do this login integration.

Upvotes: 0

Johannes Mittendorfer
Johannes Mittendorfer

Reputation: 1252

Simply use "Live Connect" via Oauth 2.0:

http://msdn.microsoft.com/en-us/library/live/hh243647.aspx

or

https://dev.onedrive.com/

Upvotes: -1

Paul Turner
Paul Turner

Reputation: 39685

Microsoft provides the Live Connect SDK for integration Microsoft services into your applications, including the Microsoft Accounts identity provider.

There is a specific example on Server-Side Scenarios which should cover all you need to get integrated.

Upvotes: 1

Master Yoda
Master Yoda

Reputation: 4422

Do you mean from an active directory windows account? If so you could use windows authentication and just have the index page sign them in automatically.

http://msdn.microsoft.com/en-us/library/ff647405.aspx

Use the following commands in your code behind file to get the relevant information for signing in:

System.Security.Principal.WindowsIdentity.GetCurrent().Name
User.Identity.IsAuthenticated
User.Identity.AuthenticationType
User.Identity.Name

Upvotes: 0

C. Tewalt
C. Tewalt

Reputation: 2509

Check out the Principal Context class. You can create it using a localhost (Machine) or domain context and use the ValidateCrentials(string username, string password) method to authenticate using Windows credentials.

http://msdn.microsoft.com/en-us/library/bb154889.aspx

Here's how I've used it in my website. (Put this in a POST method of your authentication controller or something)

The code below will take a username say "bob" or "localhost\bob" or "DOMAIN\bob" etc., and get the right PrincipalContext for authenticating the user. NOTE: it's case insensitive here.

        public bool ValidateCredentials(string username, System.Security.SecureString password)
    {
        string domain = Environment.MachineName;
        if (username.Contains("\\"))
        {
            domain = username.Split('\\')[0];
            username = username.Split('\\')[1];
        }

        if (domain.Equals("localhost", StringComparison.CurrentCultureIgnoreCase))
            domain = Environment.MachineName;

        if (domain.Equals(Environment.MachineName, StringComparison.CurrentCultureIgnoreCase))
            using (PrincipalContext context = new PrincipalContext(ContextType.Machine))
            {
                return context.ValidateCredentials(username, password.ToUnsecureString());
            }
        else
            using(PrincipalContext context = new PrincipalContext(ContextType.Domain))
            {
                //return context.ValidateCredentials(domain + "\\" + username, password.ToUnsecureString());
                return context.ValidateCredentials(username, password.ToUnsecureString());
            }


    }

Upvotes: 2

Wiktor Zychla
Wiktor Zychla

Reputation: 48314

That's rather easy as a default empty template of an ASP.NET 4.5 website shows how to have OAuth2 authentication with google/facebook/liveid/twitter.

http://www.asp.net/aspnet/overview/aspnet-45/oauth-in-the-default-aspnet-45-templates

Upvotes: 3

Related Questions