Sso I’ve been trying to get facebook and twitter login via oauth working in a simple webforms application with no success, there is virtually no usable documentation or tutorials online so i figured it would be time for me to show you the easiest 3 – 5 line authentication system you could implement in .net that supports facebook and twitter
Firstly you’ll need to open up NuGet Package Manager and find “Microsoft WebPages OAuth Library” install this and your ready to go
Head over to https://dev.twitter.com/ and https://developers.facebook.com/ to register your application both websites will provide you with an Application ID and a Secret Key once you have these proceed to setting up your application
Begin by adding a Global.asax file to your application and in Application_Start add the following replacing TwitterAppID, FacebookAppID with the AppID’s provided by each website and the same for TwitterSecretID and FacebookSecretID
'Copyright rm2kdev, free for use by anyone. Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs) OAuthWebSecurity.RegisterTwitterClient("TwitterAppID", "TwitterAppSecretID") OAuthWebSecurity.RegisterFacebookClient("FacebookAppID", "FacebookAppSecretID") End Sub
Once you’ve done this create a login.aspx page and add two buttons “Login With Twitter” and “Login with Facebook” then under each button’s onclick event add this
'Copyright rm2kdev, free for use by anyone. Protected Sub btnTwitter_Click(sender As Object, e As EventArgs) Handles btnTwitter.Click OAuthWebSecurity.RequestAuthentication("twitter") End Sub Protected Sub btnFacebook_Click(sender As Object, e As EventArgs) Handles btnFacebook.Click OAuthWebSecurity.RequestAuthentication("facebook") End Sub
Now you’re almost ready to go the last step is simply to add in your page_load event of login.aspx something to handle what will happen when facebook or twitter returns a valid or invalid login so
'Copyright rm2kdev, free for use by anyone. Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load Dim LoginResult = OAuthWebSecurity.VerifyAuthentication If LoginResult.IsSuccessful = True Then Response.Write("Login Sucess : " & LoginResult.UserName & ", " & LoginResult.ProviderUserId & ", " & LoginResult.Provider) 'Do something here like store this information in a database or in the session to remember the active login End If End Sub
And voila ignoring the .net boilerplate in under 6 lines of code we have successfully implemented facebook and twitter oauth logins how you handle these is up to you now facebook and twitter will return you if the login is valid from here you could store that information in a database or setup a session giving the user access to whatever features of your website are restricted the LoginResult variable also holds “Provider” and “ProviderUserID” these are the unique identifiers that represent the users account on the providers website so if you were tracking users visits to the website or setting up an ecommerce sales platform you would store that with a link to “ProviderUserID” as this will be unique for each user and let you look back and see what information is stored against their account on your website later.