Google身份验证API:如何获取用户的Gmail地址

时间:2021-09-14 15:25:10

I've been studying the Google authentication API (AuthSub)... My question is, how do I get the user's account information (at least their Gmail address) after the authentication has passed?

我一直在研究Google身份验证API(AuthSub)...我的问题是,如何在身份验证通过后获取用户的帐户信息(至少是他们的Gmail地址)?

Because currently, all I get back from the authentication process is a token granting me access to which ever Google service I have specified in the scope, but there's no easy way to even get the user's login id (Gmail address) as far as I can tell...

因为目前,我从验证过程中获得的所有内容都是一个令牌,授予我访问我在范围内指定的Google服务的权限,但是我没有简单的方法来获取用户的登录ID(Gmail地址)。告诉...


If so, what Google service allows me to access the user's information?

如果是这样,Google服务允许我访问用户的信息?

4 个解决方案

#1


2  

Using the Google AppEngine GData services, you can request the user to give you access to their Google Mail, Calendar, Picasa, etc. Check it out here.

使用Google AppEngine GData服务,您可以要求用户授予您访问其Google Mail,日历,Picasa等的权限。请在此处查看。

#2


4  

Google Authentication API is a token based system to authenticate a valid user. It does not expose any of other interface that allows to get account holder information back to authorizer.

Google Authentication API是一种基于令牌的系统,用于对有效用户进行身份验证。它不会暴露任何其他允许将帐户持有者信息返回给授权人的界面。

#3


2  

You can get some of the data through the OpenID API, with the ax extension. If you are authenticating with other methods, best I found is calling https://www-opensocial.googleusercontent.com/api/people/@me/@self and it will get you name, email and picture. Be sure to have http://www-opensocial.googleusercontent.com/api in scopes when authenticating.

您可以通过OpenID API获取一些数据,使用ax扩展。如果您使用其他方法进行身份验证,我发现最好的是调用https://www-opensocial.googleusercontent.com/api/people/@me/@self,它会为您提供姓名,电子邮件和图片。在进行身份验证时,请确保在范围内包含http://www-opensocial.googleusercontent.com/api。

#4


0  

    [ValidateInput(false)]
    public ActionResult Authenticate(string returnUrl)
    {
        try
        {
            logger.Info("" + returnUrl + "] LoginController : Authenticate method start  ");
            var response = openid.GetResponse();
            if (response == null)
            {
                try
                {
                    string discoveryuri = "https://www.google.com/accounts/o8/id";
                    //OpenIdRelyingParty openid = new OpenIdRelyingParty();
                    var fetch = new FetchRequest();// new 
                    var b = new UriBuilder(Request.Url) { Query = "" };
                    var req = openid.CreateRequest(discoveryuri, b.Uri, b.Uri);
                    fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
                    fetch.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
                    req.AddExtension(fetch);
                    return req.RedirectingResponse.AsActionResult();
                }
                catch (ProtocolException ex)
                {
                    logger.ErrorFormat(" LoginController : Authenticate method has error, Exception:" + ex.ToString());
                    ViewData["Message"] = ex.Message;
                    return View("Login");
                }
            }
            else
            {
                logger.Info("" + returnUrl + "] LoginController : Authenticate method :when responce not  null  ");
                switch (response.Status)
                {
                    case AuthenticationStatus.Authenticated:
                        logger.Info("" + response.Status + "] LoginController : Authenticate method : responce status  ");
                        var fetchResponse = response.GetExtension<FetchResponse>();
                        string email = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email);
                        string userIPAddress = HttpContext.Request.UserHostAddress;
                        SecurityManager manager = new SecurityManager();                            
                        int userID = manager.IsValidUser(email);

                        if (userID != 0)
                        {
                            ViewBag.IsFailed = "False";
                            logger.Info("" + userID + "] LoginController : Authenticate method : user id id not null  ");
                            Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay;
                            Session["UserEmail"] = email;

                            FormsAuthentication.SetAuthCookie(email, false);

                            WebSession.UserEmail = email;
                            WebSession.UserID = userID;

                            UserManager userManager = new UserManager();
                            WebSession.AssignedSites = userManager.GetAssignedSites(userID);



                            if (!string.IsNullOrEmpty(returnUrl))
                            {
                                logger.Info("" + returnUrl + "] LoginController : Authenticate method : retutn url not null then return Redirect   ");
                                return Redirect(returnUrl);
                            }
                            else
                            {
                                logger.Info("" + returnUrl + "] LoginController : Authenticate method : retutn url null then return RedirectToAction   ");
                                //
                                return Redirect("/Home");
                            }
                        }
                        else
                        {
                            ViewBag.IsFailed = "True";
                            logger.Info("" + returnUrl + "] LoginController : Authenticate method :user id null   ");
                            if (!string.IsNullOrEmpty(returnUrl))
                            {
                                logger.Info("" + returnUrl + "] LoginController : Authenticate method :and return Redirect   ");
                                return Redirect(returnUrl);
                            }
                            else
                            {
                                logger.Info("" + returnUrl + "] LoginController : Authenticate method :and return RedirectToAction   ");

                                return View("Index");

                            }
                        }

                    case AuthenticationStatus.Canceled:
                        logger.Info("" + response.Status + "] LoginController : Authenticate method : AuthenticationStatus.Canceled  and return view  ");
                        ViewData["Message"] = "Canceled at provider";
                        return View("Login");
                    case AuthenticationStatus.Failed:
                        logger.Info("" + response.Status + "] LoginController : Authenticate method : AuthenticationStatus.Failed and return view   ");
                        logger.Error(response.Exception.Message);
                        ViewData["Message"] = response.Exception.Message;
                        return View("Login");
                }

            }
            logger.Info("" + returnUrl + "] LoginController : Authenticate method end and return  EmptyResult");
            return new EmptyResult();
        }
        catch (Exception ex)
        {
            logger.Error(" LoginController : Authenticate method ", ex);
            throw;
        }
    }

#1


2  

Using the Google AppEngine GData services, you can request the user to give you access to their Google Mail, Calendar, Picasa, etc. Check it out here.

使用Google AppEngine GData服务,您可以要求用户授予您访问其Google Mail,日历,Picasa等的权限。请在此处查看。

#2


4  

Google Authentication API is a token based system to authenticate a valid user. It does not expose any of other interface that allows to get account holder information back to authorizer.

Google Authentication API是一种基于令牌的系统,用于对有效用户进行身份验证。它不会暴露任何其他允许将帐户持有者信息返回给授权人的界面。

#3


2  

You can get some of the data through the OpenID API, with the ax extension. If you are authenticating with other methods, best I found is calling https://www-opensocial.googleusercontent.com/api/people/@me/@self and it will get you name, email and picture. Be sure to have http://www-opensocial.googleusercontent.com/api in scopes when authenticating.

您可以通过OpenID API获取一些数据,使用ax扩展。如果您使用其他方法进行身份验证,我发现最好的是调用https://www-opensocial.googleusercontent.com/api/people/@me/@self,它会为您提供姓名,电子邮件和图片。在进行身份验证时,请确保在范围内包含http://www-opensocial.googleusercontent.com/api。

#4


0  

    [ValidateInput(false)]
    public ActionResult Authenticate(string returnUrl)
    {
        try
        {
            logger.Info("" + returnUrl + "] LoginController : Authenticate method start  ");
            var response = openid.GetResponse();
            if (response == null)
            {
                try
                {
                    string discoveryuri = "https://www.google.com/accounts/o8/id";
                    //OpenIdRelyingParty openid = new OpenIdRelyingParty();
                    var fetch = new FetchRequest();// new 
                    var b = new UriBuilder(Request.Url) { Query = "" };
                    var req = openid.CreateRequest(discoveryuri, b.Uri, b.Uri);
                    fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
                    fetch.Attributes.AddRequired(WellKnownAttributes.Name.FullName);
                    req.AddExtension(fetch);
                    return req.RedirectingResponse.AsActionResult();
                }
                catch (ProtocolException ex)
                {
                    logger.ErrorFormat(" LoginController : Authenticate method has error, Exception:" + ex.ToString());
                    ViewData["Message"] = ex.Message;
                    return View("Login");
                }
            }
            else
            {
                logger.Info("" + returnUrl + "] LoginController : Authenticate method :when responce not  null  ");
                switch (response.Status)
                {
                    case AuthenticationStatus.Authenticated:
                        logger.Info("" + response.Status + "] LoginController : Authenticate method : responce status  ");
                        var fetchResponse = response.GetExtension<FetchResponse>();
                        string email = fetchResponse.GetAttributeValue(WellKnownAttributes.Contact.Email);
                        string userIPAddress = HttpContext.Request.UserHostAddress;
                        SecurityManager manager = new SecurityManager();                            
                        int userID = manager.IsValidUser(email);

                        if (userID != 0)
                        {
                            ViewBag.IsFailed = "False";
                            logger.Info("" + userID + "] LoginController : Authenticate method : user id id not null  ");
                            Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay;
                            Session["UserEmail"] = email;

                            FormsAuthentication.SetAuthCookie(email, false);

                            WebSession.UserEmail = email;
                            WebSession.UserID = userID;

                            UserManager userManager = new UserManager();
                            WebSession.AssignedSites = userManager.GetAssignedSites(userID);



                            if (!string.IsNullOrEmpty(returnUrl))
                            {
                                logger.Info("" + returnUrl + "] LoginController : Authenticate method : retutn url not null then return Redirect   ");
                                return Redirect(returnUrl);
                            }
                            else
                            {
                                logger.Info("" + returnUrl + "] LoginController : Authenticate method : retutn url null then return RedirectToAction   ");
                                //
                                return Redirect("/Home");
                            }
                        }
                        else
                        {
                            ViewBag.IsFailed = "True";
                            logger.Info("" + returnUrl + "] LoginController : Authenticate method :user id null   ");
                            if (!string.IsNullOrEmpty(returnUrl))
                            {
                                logger.Info("" + returnUrl + "] LoginController : Authenticate method :and return Redirect   ");
                                return Redirect(returnUrl);
                            }
                            else
                            {
                                logger.Info("" + returnUrl + "] LoginController : Authenticate method :and return RedirectToAction   ");

                                return View("Index");

                            }
                        }

                    case AuthenticationStatus.Canceled:
                        logger.Info("" + response.Status + "] LoginController : Authenticate method : AuthenticationStatus.Canceled  and return view  ");
                        ViewData["Message"] = "Canceled at provider";
                        return View("Login");
                    case AuthenticationStatus.Failed:
                        logger.Info("" + response.Status + "] LoginController : Authenticate method : AuthenticationStatus.Failed and return view   ");
                        logger.Error(response.Exception.Message);
                        ViewData["Message"] = response.Exception.Message;
                        return View("Login");
                }

            }
            logger.Info("" + returnUrl + "] LoginController : Authenticate method end and return  EmptyResult");
            return new EmptyResult();
        }
        catch (Exception ex)
        {
            logger.Error(" LoginController : Authenticate method ", ex);
            throw;
        }
    }