I develop an ASP.NET WebForms application and I need that if the user has authenticated in the browser with a Google account he can access the page otherwise.
I develop an ASP.NET WebForms application and I need that if the user has authenticated in the browser with a Google account he can access the page otherwise.
public void GoogleAutentificacion()
{
GoogleConnect.ClientId = Valor.GoogleClientId ();
GoogleConnect.ClientSecret = Valor.GoogleClientSecret ();
GoogleConnect.RedirectUri = Request.Url.AbsoluteUri.Split('?')[0];
if (!String.IsNullOrEmpty(Request.QueryString["code"]))
{
String code = Request.QueryString["code"];
String json = GoogleConnect.Fetch("me", code);
Controller.DataGoogle.GoogleProfile perfil = new JavaScriptSerializer().Deserialize<Controller.DataGoogle.GoogleProfile>(json);
Session["PerfilID"] = perfil.Id;
Session["PerfilNombre"] = perfil.DisplayName;
Session["PerfilEmail"] = perfil.Emails.Find(email => email.Type == "account").Value;
Session["PerfilSexo"] = perfil.Gender;
Session["PerfilTipo"] = perfil.ObjectType;
Session["PerfilImagen"] = perfil.Image.Url.ToString();
}
if (Session["PerfilEmail"] != null)
{
if (Sub.ValidarMail(Session["PerfilEmail"].ToString().ToLower()))
{
Response.Redirect("~/View/StaGemaList/MenuPrincipal.aspx");
}
else
{
String ScriptAct = "<script language='javascript'>" + "NoAutenticadoStaGema();" + "</script>";
ClientScript.RegisterStartupScript(this.GetType(), "NoAutenticadoStaGema();", ScriptAct);
}
}
}
You can use the google credentials in your application, but you must specifically implement the login that requests the credentials, there is no automatic auto-login.
You'll have to use OAuth
Google API Client Libraries OAuth 2.0
As you will see, you need the call to an api that uses a Client ID to authorize the authentication and return a token that you will use in your development.
Maybe if another application has already been authenticated previously the credentials data is persisted and the new authentication is something direct, but you also need to implement the OAuth infrastructure and make the call.
Strictly what you ask for I do not think it can be done.
Google is quite strict with its security policy, so you can not simply use browser authentication to use it in your application. That would give you access, for example, to the user's email address which is strictly forbidden by Google. (counter-example, your application could be an email capturer without users knowing)
What you can do is log in to your application with the google account, but the user must admit the strict permissions of what you are using in the application.
For this you must use the OAuth 2.0 protocol to login. You can find more information on the official google page: link
If you have doubts about how to use OAuth you should ask a new question as it will have nothing to do with it.