如何将OpenId与ASP.Net成员集成在MVC中

Question

我使用MVC Storefront中的以下代码在MVC中测试OpenId.如何将其与我的ASP.Net成员集成,以便我可以使用角色并在我的表中为用户保存用户名？我相信SO也在使用类似的东西.

    public ActionResult OpenIdLogin()
    {
        string returnUrl = VirtualPathUtility.ToAbsolute("~/");
        var openid = new OpenIdRelyingParty();
        var response = openid.GetResponse();
        if (response == null)
        {
            // Stage 2: user submitting Identifier
            Identifier id;
            if (Identifier.TryParse(Request["openid_identifier"], out id))
            {
                try
                {
                    IAuthenticationRequest req = openid.CreateRequest(Request["openid_identifier"]);

                    var fetch = new FetchRequest();
                    //ask for more info - the email address
                    var item = new AttributeRequest(WellKnownAttributes.Contact.Email);
                    item.IsRequired = true;
                    fetch.Attributes.Add(item);
                    req.AddExtension(fetch);

                    return req.RedirectingResponse.AsActionResult();
                }
                catch (ProtocolException ex)
                {
                    ViewData["Message"] = ex.Message;
                    return View("Logon");
                }
            }
            else
            {
                ViewData["Message"] = "Invalid identifier";
                return View("Logon");
            }
        }
        else
        {
            // Stage 3: OpenID Provider sending assertion response
            switch (response.Status)
            {
                case AuthenticationStatus.Authenticated:

                    var fetch = response.GetExtension<FetchResponse>();
                    string name = response.FriendlyIdentifierForDisplay;
                    if (fetch != null)
                    {
                        IList<string> emailAddresses = fetch.Attributes[WellKnownAttributes.Contact.Email].Values;
                        string email = emailAddresses.Count > 0 ? emailAddresses[0] : null;
                        //don't show the email - it's creepy. Just use the name of the email
                        name = email.Substring(0, email.IndexOf('@'));
                    }
                    else
                    {

                        name = name.Substring(0, name.IndexOf('.'));
                    }

                    //FormsAuthentication.SetAuthCookie(name, false);
                    SetCookies(name, name);
                    AuthAndRedirect(name, name);

                    if (!string.IsNullOrEmpty(returnUrl))
                    {
                        return Redirect(returnUrl);
                    }
                    else
                    {
                        return RedirectToAction("Index", "Home");
                    }
                case AuthenticationStatus.Canceled:
                    ViewData["Message"] = "Canceled at provider";
                    return View("Logon");
                case AuthenticationStatus.Failed:
                    ViewData["Message"] = response.Exception.Message;
                    return View("Logon");
            }
        }
        return new EmptyResult();

    }

    ActionResult AuthAndRedirect(string userName, string friendlyName)
    {
        string returnUrl = Request["ReturnUrl"];
        SetCookies(userName, friendlyName);

        if (!String.IsNullOrEmpty(returnUrl))
        {
            return Redirect(returnUrl);
        }
        else
        {
            return RedirectToAction("Index", "Home");
        }
    }

Answer 1

在StackOverflow上有几个像你这样的问题. 这个看起来特别相似.

如果你已经在为你的网站使用会员资格提供商并且只是添加了OpenID,那么我猜你现在已经被困在会员资格中并且可以使用我链接到的问题的答案之一来获得半正式可能适合您的会员提供商.

但是,如果您正在编写一个新站点并且只是想要"使用角色并在我的表中为用户保存用户名",那么请不要使用ASP.NET成员资格.这不值得!它不适合OpenID的无密码范例,只会导致比其他任何事情更悲伤.如果你不害怕自己的一点点数据库访问,那就这样做吧.您可以通过发布自己的FormsAuthentication.RedirectFromLoginPage或FormsAuthentication.SetAuthCookie调用并传入用户填充的角色来轻松获得角色行为.