-
Notifications
You must be signed in to change notification settings - Fork 82
NancyFX Automatic Setup
Automated setup using the Nancy.SimpleAuthentication provider takes a lot of the effort out of having to setup OAuth in your project, by creating the Redirect and Callback for you, registering them in Nancy, and providing you with a simple interface to implement what you want to happen when the user has authenticated.
The Install and Setup process is the same as NancyFX Manual Setup, without the requirement of setting up Routes.
This post is similar in content to the blog posts http://www.philliphaydon.com/2013/01/oauth-with-nancyfx-and-world-domination-authentication
It is important to note that Routes are pre-defined in the Automated setup
Because routes are pre-defined, you will need to create your app keys for the URL format:
/authentication/authenticatecallback?providerkey=*provider*
So for the 3 providers, the urls will be:
/authentication/authenticatecallback?providerkey=twitter/authentication/authenticatecallback?providerkey=facebook/authentication/authenticatecallback?providerkey=google
It is important that you register Google as lowercase, Google is case sensitive and if you don't register it lowercase, it wont work!
First up, start by installing the package Nancy.SimpleAuthentication to your Nancy project.
PM> Install-Package Nancy.SimpleAuthentication
This will install the WorldDomination.Web.Authentication package along with it.
You can find the Nuget packages here:
- http://www.nuget.org/packages/SimpleAuthentication.Core/
- http://nuget.org/packages/Nancy.SimpleAuthentication/
To specify what to do once the user is authenticated simply create a class and inherit IAuthenticationCallbackProvider, we will pass you the AuthenticateCallbackData and the NancyModule, which will allow you to do your thing.
This is where you can Save the user to the Database, authenticate with your own system, create an authentication cookie. What ever you want. Consider using Nancy Forms Authentication to manage your cookies, it can be used without a login form if you prefer.
public class SampleAuthenticationCallbackProvider : IAuthenticationCallbackProvider
{
public dynamic Process(NancyModule nancyModule, AuthenticateCallbackData model)
{
return nancyModule.Negotiate.WithView("AuthenticateCallback").WithModel(model);
}
public dynamic OnRedirectToAuthenticationProviderError(NancyModule nancyModule, string errorMessage)
{
throw new System.NotImplementedException(); // Provider canceled auth or it failed for some reason e. g. user canceled it
}
}This is a very very basic scenario that we use in the Samples product, where we simply pass the data to the view and render it. JabbR has a more complex implementation that you can see here https://gist.github.com/4674109
There's two ways to configure the library, the web.config Configuration way is the same for both MVC and NancyFX. So this will be shown using the Bootstrapper.
In your Bootstrapper, override the ConfigureApplicationContainer, create an instance of Providers and configure them.
Also note that you have to add your newly created CallbackProvider to the container.
public class SampleBootstrapper : DefaultNancyBootstrapper
{
private const string TwitterConsumerKey = "*key*";
private const string TwitterConsumerSecret = "*secret*";
private const string FacebookAppId = "*key*";
private const string FacebookAppSecret = "*secret*";
private const string GoogleConsumerKey = "*key*";
private const string GoogleConsumerSecret = "*secret*";
protected override void ConfigureApplicationContainer(TinyIoCContainer container)
{
base.ConfigureApplicationContainer(container);
var twitterProvider = new TwitterProvider(new ProviderParams { PublicApiKey = TwitterConsumerKey, SecretApiKey = TwitterConsumerSecret });
var facebookProvider = new FacebookProvider(new ProviderParams { PublicApiKey = FacebookAppId, SecretApiKey = FacebookAppSecret });
var googleProvider = new GoogleProvider(new ProviderParams { PublicApiKey = GoogleConsumerKey, SecretApiKey = GoogleConsumerSecret });
var authenticationProviderFactory = new AuthenticationProviderFactory();
authenticationProviderFactory.AddProvider(twitterProvider);
authenticationProviderFactory.AddProvider(facebookProvider);
authenticationProviderFactory.AddProvider(googleProvider);
container.Register<IAuthenticationCallbackProvider>(new SampleAuthenticationCallbackProvider());
}
}Nancy.SimpleAuthentication doesn't have a magical UI for you to slap into your website, you need to do this yourself, and all it requires is some links, this means you get full control and flexibility over creating a UI and don't have to try accommodate to some crappy HTML we could have come up with.
In your UI you will want to create some anchor tags that link to your Redirect route.
Unlike the Manual setup, the routes are pre-defined in the automated setup. So you must ensure the urls are as defined below
The route format is
/authentication/redirect/{providerkey}
So create links in your webpage that link to the providers you wish to use like so
<a href="/authentication/redirect/twitter">Login with Twitter</a>
<a href="/authentication/redirect/facebook">Login with Facebook</a>
<a href="/authentication/redirect/google">Login with Google</a>You can use images, text, what ever you want, so long as you link the user to the correct route, everything will be fine.
That's all there is to it.
- NancyFX Manual Setup
- NancyFX Automatic Setup
- MVC Manual Setup
- MVC Automatic Setup
- web.config
- global.asax
- bootstrapper