umbracoidentity how to get the email from twitter - Using Umbraco And Getting Started

AbsolutelyN 85 posts 433 karma points

Jan 14, 2022 @ 14:22

UmbracoIdentity - how to get the email from Twitter?

Using Umbraco And Getting Started

Umbraco 8

Hi

I've been looking at UmbracoIdentity for a future project and tested it on Twitter. The Twittter app is set to provide the email and you can see it asks for permissions for email via the oauth dialog.

However it always fails because in the UmbracoIdentityAccountController the ExternalLoginCallback method fails to find the email address.

        if (loginInfo.Email.IsNullOrWhiteSpace())
        {
            ViewBag.Description = "No email address found in the claims, ensure your OAuth provider is configured to return the Email address";
            return View("ExternalLoginFailure");
        }

Anyone know why the email is missing and how you get the email address?

Many thanks!

Copy Link

AbsolutelyN 85 posts 433 karma points

Jan 14, 2022 @ 15:12

Done it though I'm not certain this is the best way so if anyone knows better please let me know.

https://www.tanasuk.com/blog/Get%20users%20email%20from%20Twitter%20API

        app.UseTwitterAuthentication(new Microsoft.Owin.Security.Twitter.TwitterAuthenticationOptions() {
              ConsumerKey = consumerKey,
              ConsumerSecret = consumerSecret, 
              CallbackPath = new PathString("/umbraco/surface/UmbracoIdentityAccount/ExternalLoginConfirmation"),
                Provider = new TwitterAuthenticationProvider
                {
                    OnAuthenticated = context =>
                    {
                        TwitterDto response = oauthLogin(context.AccessToken, context.AccessTokenSecret,  consumerKey, consumerSecret);
                        context.Identity.AddClaim(new System.Security.Claims.Claim("urn:twitter:access_token",context.AccessToken ));
                        context.Identity.AddClaim(new System.Security.Claims.Claim("urn:twitter:access_secret", context.AccessTokenSecret));
                        context.Identity.AddClaim(new System.Security.Claims.Claim(ClaimTypes.Email, response.email));
                        return Task.CompletedTask;
                    },
                    OnReturnEndpoint = (context) =>
                    {
                        return Task.CompletedTask;
                    }
                }
        });


    public static TwitterDto oauthLogin(string oauth_token, string oauth_token_secret, string oauth_consumer_key, string oauth_consumer_secret)
    {
        // oauth implementation details
        var oauth_version = "1.0";
        var oauth_signature_method = "HMAC-SHA1";

        // unique request details
        var oauth_nonce = Convert.ToBase64String(new ASCIIEncoding().GetBytes(DateTime.Now.Ticks.ToString()));
        var nowUtc = DateTime.UtcNow;
        var timeSpan = nowUtc - new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
        var oauth_timestamp = Convert.ToInt64(timeSpan.TotalSeconds).ToString();

        var resource_url = "https://api.twitter.com/1.1/account/verify_credentials.json";
        var request_query = "include_email=true";
        // create oauth signature
        var baseFormat = "oauth_consumer_key={0}&oauth_nonce={1}&oauth_signature_method={2}" +
                        "&oauth_timestamp={3}&oauth_token={4}&oauth_version={5}";

        var baseString = string.Format(baseFormat,
                                    oauth_consumer_key,
                                    oauth_nonce,
                                    oauth_signature_method,
                                    oauth_timestamp,
                                    oauth_token,
                                    oauth_version
                                    );

        baseString = string.Concat("GET&", Uri.EscapeDataString(resource_url) + "&" + Uri.EscapeDataString(request_query), "%26", Uri.EscapeDataString(baseString));

        var compositeKey = string.Concat(Uri.EscapeDataString(oauth_consumer_secret),
                                "&", Uri.EscapeDataString(oauth_token_secret));


        string oauth_signature;
        using (var hasher = new HMACSHA1(Encoding.ASCII.GetBytes(compositeKey)))
        {
            oauth_signature = Convert.ToBase64String(
                hasher.ComputeHash(Encoding.ASCII.GetBytes(baseString)));
        }

        const string headerFormat = "OAuth oauth_nonce=\"{0}\",oauth_signature_method =\"{1}\", " +
                                     "oauth_timestamp=\"{2}\",oauth_consumer_key =\"{3}\", " +
                                     "oauth_token=\"{4}\",oauth_signature =\"{5}\", " +
                                     "oauth_version=\"{6}\"";

        var authHeader = string.Format(headerFormat,
                                       Uri.EscapeDataString(oauth_nonce),
                                       Uri.EscapeDataString(oauth_signature_method),
                                       Uri.EscapeDataString(oauth_timestamp),
                                       Uri.EscapeDataString(oauth_consumer_key),
                                       Uri.EscapeDataString(oauth_token),
                                       Uri.EscapeDataString(oauth_signature),
                                       Uri.EscapeDataString(oauth_version)
            );


        ServicePointManager.Expect100Continue = false;
        resource_url += "?include_email=true";
        HttpWebRequest request = (HttpWebRequest)WebRequest.Create(resource_url);
        request.Headers.Add("Authorization", authHeader);
        request.Method = "GET";
        var response = request.GetResponse();
        return JsonConvert.DeserializeObject<TwitterDto>(new StreamReader(response.GetResponseStream()).ReadToEnd());
    }


public class TwitterDto
{
    public string name { get; set; }
    public string email { get; set; }
}

Copy Link

is working on a reply...

Flag this post as spam?

UmbracoIdentity - how to get the email from Twitter?