openid

I am using IdentityServer4 . I want to add other custom claims to access token but I'm unable to do this. I have modified Quickstart5 and added ASP.NET Identity Core and the custom claims via ProfileService as suggested by Coemgen below . You can download my code here: [zip package][3]. (It is based on: Quickstart5 with ASP.NET Identity Core and added claims via ProfileService). Issue: GetProfileDataAsync does not executed. Blennouill You should implement your own ProfileService . Have a look in this post which I followed when I implemented the same: https://damienbod.com/2016/11/18/extending

I use Google Apps for my domain email, and I was wondering if I could use that account for OpenID instead of the regular Gmail account. I know I can delegate Openid to some other URL using this: <link rel="openid.server" href="http://www.myopenid.com/server" /> <link rel="openid.delegate" href="http://samruby.myopenid.com/" /> But I can't find the appropriate URLs for Google. Thanks -Mathieu Google recently (an hour or so ago) announced OpenID support for Google Apps customers. Check out the discovery protocol on Google Groups . Should be a good start. I believe the endpoint is ht tps://www

Are there any recommended resources for implementing a custom membership provider that uses oAuth? The goal would be to have users to log into my ASP.NET MVC application using their existing oAuth credentials. After the user is authenticated, I'd then like to leverage the built-in ASP.NET authorization features. Thanks. Bittercoder I'm not sure what you're looking for is OAuth. OAuth is for delegating authorization, through the use of tokens. Depending on what you're doing you have two scenarios either: Your application wants to use some of the users data, hosted by a provider (say twitter or

I am creating a web app that will use OpenID logins and OAuth tokens with Youtube. I am currently storing the OpenID identity and OAuth token/token secret in plain text in the database. Is it inappropriate to store these values as plain text? I could use a one-way encryption for the OpenID identifier but I don't know if that is necessary. For the OAuth tokens, I would need to use a two-way encryption as my app relies on getting the session token for some uses. Is it necessary to encrypt the OpenID identity? Could someone use it to gain access to a user's account? Feha First, there is a

I am starting to build a new web application that will require user accounts. Now that I have an OpenID that I am using for this site I thought it would be cool if I could use OpenID for authentication in my application. Are there any good tutorials on how to integrate OpenID with an ASP.NET site? See Scott Hanselman's post on using DotNetOpenID in ASP.NET. Andrew Arnott's blog is full of samples on using DotNetOpenID with ASP.NET, including ASP.NET MVC. I recently hooked up DotNetOpenID for the Subtext 2.0 release. It went really smoothly - the code samples included with the DotNetOpenID

What is the difference between OpenID and SAML? Original OpenID 2.0 vs SAML They are two different protocols of authentication and they differ at the technical level. From a distance, differences start when users initiate the authentication. With OpenID, a user login is usually an HTTP address of the resource which is responsible for the authentication. On the other hand, SAML is based on an explicit trust between your site and the identity provider so it's rather uncommon to accept credentials from an unknown site. OpenID identities are easy to get around the net. As a developer you could

Well im trying to implement Steam OpenID login to a website but im not quite sure how it's done and how does Steam validate users who are loged in with OpenID. As for now what i have found out is that steam only gives user id back and nothing else so for the rest of things i would have to use API to get other info of the user. But im not quite sure how does the users get validated on the website once someone is loged in via OpenID. Do i need to make a session or set cookie or store user into database once user is logedin from OpenID? try { # Change 'localhost' to your domain name. $openid =

I'm using the rails plugin open_id_authentication in my app. This works for MyOpenID, however authenticating with Google I can't get the email address as part of the required attributes. From what I understand, Google ignores sreg attribute requests, and only listens to the AX schema for email address. Here's my code: def open_id_authentication(openid_url) #google only responds to AX for email, so we must provide that also authenticate_with_open_id(openid_url, :required => [:nickname, :email, 'http://axschema.org/contact/email']) do |result, identity_url, registration| if result.successful?

i am trying to use php-openid library for implementing openID in my site. the basic consumer example inside its package doesn't work for Google and Yahoo. i found the Google solution here: Example usage of AX in PHP OpenID but it doesn't still work for Yahoo! . how can i made it works? wow it is solved now !!!!! i traced the functions and found the problem.and that is.... in "try_auth.php" file i used "$attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email',2,1, 'email');" for getting the user email from provider. it works fine in Google because Google ignore '2'