I had to setup Google Authentication for an application of mine and couldn’t find a definite source to do that. These are the steps I had to follow to do this for an ASP.NET Core RC1 application using VS 2015.
I assume you will have a Google account to test this with, any will do.
Create a new project
Start by creating a new “ASP.NET 5” project.
Once ready, launch it and take note of it’s URL on your browser. Alternatively, check the Project properties and use the URL under Debug -> Web Server Settings -> App URL.
You will use this for the next step.
Setup a new Google OAuth 2.0 client ID
Open a new browser tab and navigate to the Google Developers Console
You will now create a new Project for your application.
Type an appropriate name for it and click Create.
After this, click “Use Google APIs” and enable the “Google+ API”.
Now click “Go to Credentials”.
Choose “Google+ API” and that you’ll be calling it from a Web Server for accessing User Data.
Name your client ID and add a redirect URI.
This will be the URL you are using in your ASP.NET project with an additional path, “signin-google”.
Leave the rest blank.
Click “Create client ID”.
Now, type in a Product Name and click Continue.
That’s it created. Click Done.
Now, open the newly created credentials and take note of the ClientId and ClientSecret strings.
These will be used soon.
Install the Google authentication assembly
Let’s go back to our VS project now.
In order to use Google authentication, you first need to install the “Microsoft.AspNet.Authentication.Google” assembly.
At this point in time there’s only a pre-release version. On your package manager console, type:
Install the Secret Manager
Microsoft provides a command line tool to manage what they call “User Secrets”.
These are the sort of things you don’t want to check into your source control system but want to use whilst in development - connection strings, AWS keys… or, in this case, our Google OAuth ID and Secret.
Instead of putting this data next to the repository, these go into a file under your Users folder and ASP.NET Core will fetch them for you when starting up your project - the AddUserSecrets call you see on our ConfigurationBuilder instance of your Startup class registers the use of this configuration file.
Before you install this utility, you need to make sure your environment is setup properly.
Open a command line and type ‘dnx’.
If the command isn’t recognized, navigate to where your DXN runtime is installed and update your environment.
Please note that the path below applies to my system at this point in time, but in your machine please check the runtimes you have installed and ‘cd’ to the appropriate one.
Hopefully your environment should be OK and now you can install the user-secret tool. Type:
To give it a try, type ‘user-secret’. The command should be recognized and list the available options.
Configure your User Secret
From the command line, navigate to the /src folder of your new application - where your project.json file is located.
Using your Google ClientId and ClientSecret created above, run:
If all went well, you should now have a “secrets.json” file in a folder for your application under “%APPDATA%\microsoft\UserSecrets" containing the two keys above.
The remaining step now, then, is configuring the application to use this.
Enable Google Authentication in your application
Open your Startup.cs.
Just after the Identity middleware, place:
Notice how your code is not using the Id and Secret directly - these will be extracted from your “secrets.json” file and offered to the application from your Configuration instance.
Try it out
Launch your application and navigate to the Login page. You will notice a “Google” button under “Use another service to log in.”
Click on it and you should be taken to Google’s consent screen:
Allow the request - you’ve now been authenticated in your application using Google.