问题
Can we customize the scope in GoogleAuthProvider to get more details like their phone number, address or calendar, profile picture?
Also can we view the details of the Identity and access token and parse and save those results in our database?
回答1:
You can register additional Scopes in the GoogleAuthProvider.Scopes collection which by default is populated with:
this.Scopes = new[] {
"https://www.googleapis.com/auth/userinfo.profile",
"https://www.googleapis.com/auth/userinfo.email"
};
The OAuth Info from all ServiceStack's OAuth Providers are populated in the registered Auth Repository in the UserAuthDetails table where the Access Token is stored in AccessTokenSecret.
You can retrieve additional info about the user using the Access Token and overriding CreateAuthInfo in a custom GoogleAuthProvider and overriding the CreateAuthInfo() implementation which by default retrieves basic info about the user from the UserProfileUrl (https://www.googleapis.com/oauth2/v2/userinfo):
protected override Dictionary<string, string> CreateAuthInfo(string accessToken)
{
var url = this.UserProfileUrl.AddQueryParam("access_token", accessToken);
var json = url.GetJsonFromUrl();
var obj = JsonObject.Parse(json);
obj.MoveKey("id", "user_id");
obj.MoveKey("given_name", "first_name");
obj.MoveKey("family_name", "last_name");
obj.MoveKey("picture", AuthMetadataProvider.ProfileUrlKey, profileUrl => profileUrl.SanitizeOAuthUrl());
return obj;
}
The returned dictionary populates all well-known properties on UserAuthDetails in the overridable LoadUserAuthInfo() (which can alternatively be intercepted with the LoadUserAuthFilter on each AuthProvider). All other non-matching properties in the dictionary are saved in the Items Dictionary on the UserAuthDetails table.
来源:https://stackoverflow.com/questions/61066809/can-we-add-authorization-scopes-for-external-logins-and-save-results-to-database