Published: 11 November 2013
Update: 19 May 2015 - You can view an updated video version of this on my AspnetCasts YouTube channel. The updated version is targeted for use with ASP.NET MVC 5 and ASP.NET Identity.
Update: 1 April 2015 - The latest and most up to date version of this guide is available on the OAuth for ASP.NET website
A few months ago I wrote a blog post on how to add a Google+ sign in for ASP.NET MVC 4. With the release ASP.NET MVC 5 the whole authentication system has been overhauled and the ASP.NET team has introduced ASP.NET Identity, which has built-in support for external authentication providers. The list of external authentication providers which are included out of the box includes Google, but this is based on OpenID and not OAuth, which is fine if all you want to use it for is authentication. Sadly however this is problematic if you want to use the user’s authentication token to make calls to the Google+ API - for that you will need a Google+ OAuth provider. Since no one else seems to have taken up the call to develop a Google+ OAuth provider for ASP.NET Identity, I decided to see what I can do.
I like the path of least resistance, and do not suffer too badly from the “not invented here” syndrome. The code for the Google+ OAuth provider I wrote is almost an exact copy of the code developed by the OWIN team for the standard Facebook OAuth provider. I do not claim any level of cleverness or credit for this code, other than shamelessly copying it and adapting it to work with Google+
The original work from Microsoft is located at http://katanaproject.codeplex.com/. As it is open source I will see what I can do to integrate my work into theirs. For now I just wanted to get something out which people can use.
This blog post is actually a combination of a bunch of stuff I did in previous blog posts. As noted above there was absolutely no genius involved on my side as far as the development of the actual OWIN OAuth provider goes. I copied the work which Microsoft had done on the Facebook provider and adapted it for Google+. Having done a LOT of OAuth work over the past year I understand more or less how the whole OAuth process works (I think). I have walked through the Google+ OAuth sign in process in a previous blog post so if you have a need to understand that please go and read that blog post. Also have a look at Google’s own documentation on how the OAuth 2.0 flow works.
To give the button the Google+ look and feel, you can refer to my blog post on Pretty social login buttons for ASP.NET MVC 5.
Last month I wrote a blog post on how to access the Twitter OAuth token, and I used the same technique in the demo project to store and retrieve the Google+ OAuth token. I then use this token on the home page to extract the Google+ user information and do a raw dump of the JSON output. It is not pretty but it should give you a good enough idea of how to store and extract the OAuth token and then use that to call the Google+ API.
Well, to use it is pretty straight forward. Here are the steps:
Please note that you will need to register your Redirect URI in Google Cloud Console to point to the URL signin-googleplus, as displayed in the screenshot below:
app.UseGooglePlusAuthentication("YOUR CLIENT ID ", "YOUR CLIENT SECRET");
PS: If you found this content valuable and want to return the favour, then please feel free to ☕ buy me a coffee ☕
Are you struggling to stay up to date with all that is happening in the ASP.NET world?
I publish a weekly newsletter with all the best ASP.NET related news and blog posts of the previous week
Sign up with your email address below to get it delivered to your Inbox every Friday!