我想我能找到有關此主題的信息,但似乎我的google-fu今天很虛弱。我正在構建一個消耗Amazon.com產品廣告API的Silverlight應用程序。我想爲我的應用程序添加身份驗證,但我想實現OpenId,而不是使用默認表單基本身份驗證。我看到很多使用雅虎或Google的供應商。我確實記得至少有一個視線,但不記得它是哪個視線,而是使用Amazon.com作爲提供者。是否有可能使用Amazon.com作爲身份驗證提供商
如果有人能指出我在這方面的文檔正確的方向,這將是偉大的。
編輯:我現在記得它是允許您使用Amazon.com登錄的Target.com。
我對OpenID瞭解不多,但你幾乎不得不寫一個自定義的authenticatin服務,這並沒有那麼糟糕。 (順便說一下它仍然會利用窗體身份驗證這實際上是convienent)
如果你知道如何通過代碼驗證.....
在服務器端,你需要三件。一個類來保存用戶數據,從窗體身份驗證繼承的類..並處理該異常登錄一類..
這裏是服務器代碼的例子(對不起減去公開識別碼校驗)
using System.ServiceModel.DomainServices.Server.ApplicationServices;
public class UserDTO : UserBase
{
public string Email { get; set; }
//Must be string since will be included in HTTP Headers
public string Id { get; set; }
public bool CanCreateSomething { get; set;}
}
using System; using System.Data.Objects; using System.ServiceModel.DomainServices.Hosting;
[EnableClientAccess]
public class CustomAuthenticationService : FormsAuthenticationService<UserDTO>
{
protected override UserDTO ValidateCredentials(string name, string password, string customData,
out string userData)
{
UserDTO user = null;
userData = null;
OpenIDUser OIDusr;
if OIDusr != null)
{
user = new UserDTO { Name = OIDusr.Description, Email = OIDusr.PrimaryEmail, Id= OIDusr.Id.ToString() };
}
if (user != null)
{
//Set custom data fields for HTTP session
userData = user.PartyId + ":" + user.Email;
}
return user;
}
}
[Serializable]
public class FormsAuthenticationLogonException : Exception
{
public FormsAuthenticationLogonException(string message) : base(message){}
}
public abstract class FormsAuthenticationService<TUser> : DomainService, IAuthentication<TUser>
where TUser : UserBase
{
#region IAuthentication<TUser> Members
public TUser GetUser()
{
var currentUser = ServiceContext.User;
if ((currentUser != null) && currentUser.Identity.IsAuthenticated)
{
var userIdentity = currentUser.Identity as FormsIdentity;
if (userIdentity != null)
{
var ticket = userIdentity.Ticket;
if (ticket != null)
{
return GetCurrentUser(currentUser.Identity.Name, ticket.UserData);
}
}
}
return GetDefaultUser();
}
public TUser Login(string userName, string password, bool isPersistent, string customData)
{
string userData;
TUser user = ValidateCredentials(userName, password, customData, out userData);
if (user != null)
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(/* version */
1, userName, DateTime.Now, DateTime.Now.AddMinutes(30),
isPersistent, userData, FormsAuthentication.FormsCookiePath);
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
HttpContextBase httpContext = (HttpContextBase) ServiceContext.GetService(typeof (HttpContextBase));
httpContext.Response.Cookies.Add(authCookie);
}
else
{
HttpContextBase httpContext = (HttpContextBase) ServiceContext.GetService(typeof (HttpContextBase));
httpContext.AddError(new FormsAuthenticationLogonException("Username or password is not correct."));
}
return user;
}
public TUser Logout()
{
FormsAuthentication.SignOut();
return GetDefaultUser();
}
public void UpdateUser(TUser user)
{
throw new NotImplementedException();
}
#endregion
protected abstract TUser GetCurrentUser(string name, string userData);
protected virtual TUser GetDefaultUser()
{
return null;
}
protected abstract TUser ValidateCredentials(string name, string password, string customData,
out string userData);
}
在客戶端.....
LoginParameters loginParameters = new LoginParameters(UserName, Password);
WebContextBase.Current.Authentication.Login(loginParameters,
delegate(LoginOperation operation)
{
if (operation.HasError)
{
App.IsBusy = false;
operation.MarkErrorAsHandled();
UserName = string.Empty;
Password = string.Empty;
MessageBox.Show("Username or Password is incorrect!");
return;
}
//Login Success
CustomAuthenticationContext authContext = new CustomAuthenticationContext();
authContext.Load(authContext.GetUserQuery(), UserLoaded, false);
}, null);
僅供參考,Target.com開始實施,並通過亞馬遜服務數年舉辦,因此中共享賬戶。我認爲Target幾個月前就已經實施了自己的實施。 – fmr 2011-11-02 00:45:19