我以为我能找到关于这个主题的信息,但今天我的 google-fu 似乎很弱。我正在构建一个使用 Amazon.com 产品广告 API 的 Silverlight 应用程序。我想向我的应用程序添加身份验证,但我想实现 OpenId,而不是使用默认表单基本身份验证。我看到许多使用雅虎或谷歌作为他们的供应商的景点。我确实记得至少一个景象,但不记得是哪一个景象,它使用 Amazon.com 作为提供者。
如果有人可以为我指出正确的文档方向,那就太好了。
编辑:我现在记得是 Target.com 允许您使用 Amazon.com 登录。
我对 OpenID 了解不多,但您几乎必须编写自定义身份验证服务,这还不错。(顺便说一句,它仍然会利用实际上很方便的表单身份验证)
如果您知道如何通过代码进行验证......
在服务器端,您需要三个部分。一个保存您的用户数据的类,一个从表单身份验证继承的类.. 以及一个处理登录异常的类..
这是服务器代码的示例(抱歉减去打开的 ID 检查)
using System.ServiceModel.DomainServices.Server.ApplicationServices;
public class UserDTO : UserBase
{
public string Email { get; set; }
//Must be string since will be included in HTTP Headers
public string Id { get; set; }
public bool CanCreateSomething { get; set;}
}
使用系统;使用 System.Data.Objects;使用 System.ServiceModel.DomainServices.Hosting;
[EnableClientAccess]
public class CustomAuthenticationService : FormsAuthenticationService<UserDTO>
{
protected override UserDTO ValidateCredentials(string name, string password, string customData,
out string userData)
{
UserDTO user = null;
userData = null;
OpenIDUser OIDusr;
if OIDusr != null)
{
user = new UserDTO { Name = OIDusr.Description, Email = OIDusr.PrimaryEmail, Id= OIDusr.Id.ToString() };
}
if (user != null)
{
//Set custom data fields for HTTP session
userData = user.PartyId + ":" + user.Email;
}
return user;
}
}
[Serializable]
public class FormsAuthenticationLogonException : Exception
{
public FormsAuthenticationLogonException(string message) : base(message){}
}
public abstract class FormsAuthenticationService<TUser> : DomainService, IAuthentication<TUser>
where TUser : UserBase
{
#region IAuthentication<TUser> Members
public TUser GetUser()
{
var currentUser = ServiceContext.User;
if ((currentUser != null) && currentUser.Identity.IsAuthenticated)
{
var userIdentity = currentUser.Identity as FormsIdentity;
if (userIdentity != null)
{
var ticket = userIdentity.Ticket;
if (ticket != null)
{
return GetCurrentUser(currentUser.Identity.Name, ticket.UserData);
}
}
}
return GetDefaultUser();
}
public TUser Login(string userName, string password, bool isPersistent, string customData)
{
string userData;
TUser user = ValidateCredentials(userName, password, customData, out userData);
if (user != null)
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( /* version */
1, userName, DateTime.Now, DateTime.Now.AddMinutes(30),
isPersistent, userData, FormsAuthentication.FormsCookiePath);
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
HttpContextBase httpContext = (HttpContextBase) ServiceContext.GetService(typeof (HttpContextBase));
httpContext.Response.Cookies.Add(authCookie);
}
else
{
HttpContextBase httpContext = (HttpContextBase) ServiceContext.GetService(typeof (HttpContextBase));
httpContext.AddError(new FormsAuthenticationLogonException("Username or password is not correct."));
}
return user;
}
public TUser Logout()
{
FormsAuthentication.SignOut();
return GetDefaultUser();
}
public void UpdateUser(TUser user)
{
throw new NotImplementedException();
}
#endregion
protected abstract TUser GetCurrentUser(string name, string userData);
protected virtual TUser GetDefaultUser()
{
return null;
}
protected abstract TUser ValidateCredentials(string name, string password, string customData,
out string userData);
}
在客户端......
LoginParameters loginParameters = new LoginParameters(UserName, Password);
WebContextBase.Current.Authentication.Login(loginParameters,
delegate(LoginOperation operation)
{
if (operation.HasError)
{
App.IsBusy = false;
operation.MarkErrorAsHandled();
UserName = string.Empty;
Password = string.Empty;
MessageBox.Show("Username or Password is incorrect!");
return;
}
//Login Success
CustomAuthenticationContext authContext = new CustomAuthenticationContext();
authContext.Load(authContext.GetUserQuery(), UserLoaded, false);
}, null);