Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • AbsolutelyN 89 posts 437 karma points
    Jan 14, 2022 @ 14:22
    AbsolutelyN
    0

    UmbracoIdentity - how to get the email from Twitter?

    Hi

    I've been looking at UmbracoIdentity for a future project and tested it on Twitter. The Twittter app is set to provide the email and you can see it asks for permissions for email via the oauth dialog.

    enter image description here

    However it always fails because in the UmbracoIdentityAccountController the ExternalLoginCallback method fails to find the email address.

            if (loginInfo.Email.IsNullOrWhiteSpace())
            {
                ViewBag.Description = "No email address found in the claims, ensure your OAuth provider is configured to return the Email address";
                return View("ExternalLoginFailure");
            }
    

    Anyone know why the email is missing and how you get the email address?

    Many thanks!

  • AbsolutelyN 89 posts 437 karma points
    Jan 14, 2022 @ 15:12
    AbsolutelyN
    0

    Done it though I'm not certain this is the best way so if anyone knows better please let me know.

    https://www.tanasuk.com/blog/Get%20users%20email%20from%20Twitter%20API

            app.UseTwitterAuthentication(new Microsoft.Owin.Security.Twitter.TwitterAuthenticationOptions() {
                  ConsumerKey = consumerKey,
                  ConsumerSecret = consumerSecret, 
                  CallbackPath = new PathString("/umbraco/surface/UmbracoIdentityAccount/ExternalLoginConfirmation"),
                    Provider = new TwitterAuthenticationProvider
                    {
                        OnAuthenticated = context =>
                        {
                            TwitterDto response = oauthLogin(context.AccessToken, context.AccessTokenSecret,  consumerKey, consumerSecret);
                            context.Identity.AddClaim(new System.Security.Claims.Claim("urn:twitter:access_token",context.AccessToken ));
                            context.Identity.AddClaim(new System.Security.Claims.Claim("urn:twitter:access_secret", context.AccessTokenSecret));
                            context.Identity.AddClaim(new System.Security.Claims.Claim(ClaimTypes.Email, response.email));
                            return Task.CompletedTask;
                        },
                        OnReturnEndpoint = (context) =>
                        {
                            return Task.CompletedTask;
                        }
                    }
            });
    
    
        public static TwitterDto oauthLogin(string oauth_token, string oauth_token_secret, string oauth_consumer_key, string oauth_consumer_secret)
        {
            // oauth implementation details
            var oauth_version = "1.0";
            var oauth_signature_method = "HMAC-SHA1";
    
            // unique request details
            var oauth_nonce = Convert.ToBase64String(new ASCIIEncoding().GetBytes(DateTime.Now.Ticks.ToString()));
            var nowUtc = DateTime.UtcNow;
            var timeSpan = nowUtc - new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
            var oauth_timestamp = Convert.ToInt64(timeSpan.TotalSeconds).ToString();
    
            var resource_url = "https://api.twitter.com/1.1/account/verify_credentials.json";
            var request_query = "include_email=true";
            // create oauth signature
            var baseFormat = "oauth_consumer_key={0}&oauth_nonce={1}&oauth_signature_method={2}" +
                            "&oauth_timestamp={3}&oauth_token={4}&oauth_version={5}";
    
            var baseString = string.Format(baseFormat,
                                        oauth_consumer_key,
                                        oauth_nonce,
                                        oauth_signature_method,
                                        oauth_timestamp,
                                        oauth_token,
                                        oauth_version
                                        );
    
            baseString = string.Concat("GET&", Uri.EscapeDataString(resource_url) + "&" + Uri.EscapeDataString(request_query), "%26", Uri.EscapeDataString(baseString));
    
            var compositeKey = string.Concat(Uri.EscapeDataString(oauth_consumer_secret),
                                    "&", Uri.EscapeDataString(oauth_token_secret));
    
    
            string oauth_signature;
            using (var hasher = new HMACSHA1(Encoding.ASCII.GetBytes(compositeKey)))
            {
                oauth_signature = Convert.ToBase64String(
                    hasher.ComputeHash(Encoding.ASCII.GetBytes(baseString)));
            }
    
            const string headerFormat = "OAuth oauth_nonce=\"{0}\",oauth_signature_method =\"{1}\", " +
                                         "oauth_timestamp=\"{2}\",oauth_consumer_key =\"{3}\", " +
                                         "oauth_token=\"{4}\",oauth_signature =\"{5}\", " +
                                         "oauth_version=\"{6}\"";
    
            var authHeader = string.Format(headerFormat,
                                           Uri.EscapeDataString(oauth_nonce),
                                           Uri.EscapeDataString(oauth_signature_method),
                                           Uri.EscapeDataString(oauth_timestamp),
                                           Uri.EscapeDataString(oauth_consumer_key),
                                           Uri.EscapeDataString(oauth_token),
                                           Uri.EscapeDataString(oauth_signature),
                                           Uri.EscapeDataString(oauth_version)
                );
    
    
            ServicePointManager.Expect100Continue = false;
            resource_url += "?include_email=true";
            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(resource_url);
            request.Headers.Add("Authorization", authHeader);
            request.Method = "GET";
            var response = request.GetResponse();
            return JsonConvert.DeserializeObject<TwitterDto>(new StreamReader(response.GetResponseStream()).ReadToEnd());
        }
    
    
    public class TwitterDto
    {
        public string name { get; set; }
        public string email { get; set; }
    }
    
Please Sign in or register to post replies

Write your reply to:

Draft