Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Ruby Con 7 posts 98 karma points
    Feb 11, 2022 @ 17:09
    Ruby Con
    0

    Storing external login data

    According to this help topic https://our.umbraco.com/documentation/reference/security/auto-linking/#storing-external-login-provider-data we are meant to persist data like access tokens using IExternalLoginWithKeyService by storing it during auto-linking and then persisting it once the user is linked and created. Is there an example of the best practice for this?

  • Jeroen Breuer 4908 posts 12265 karma points MVP 5x admin c-trib
    Sep 01, 2022 @ 11:46
  • Liam Dilley 156 posts 382 karma points
    Dec 19, 2023 @ 00:27
    Liam Dilley
    0

    Hi Jeroen, Your work on this is awesome. I am trying to use a very bad 3rd party system where you have to login on the service, it redirects to its own thing and then can return to your callback with only a refreshtoken. It is not openID and using OAuth based on your awesome doc its functionality has different URL parameters.

    I can create a custom link with parameters to the 3rd party login page, it logs in and redirects to its "SSO" functionality and then back to the callbackURL with refresh token.

    I can then use that to a URL to obtain a full accesstoken which contains "UserName" along with tokentype, expiry, expires_in and so on.

    What do you recommend is the best way to use that to then properly login/create the Umbraco member.

    Basically the Umbraco extension is awesome and I would have no issues doing google, github etc but this solution has not been updated in 4/5 years and I have to use it.

  • Jeroen Breuer 4908 posts 12265 karma points MVP 5x admin c-trib
    Dec 19, 2023 @ 15:07
    Jeroen Breuer
    0

    Hi Liam,

    Sorry I only have experience with OpenID Connect. I'm not sure if you can use external login providers for what you are trying.

    Jeroen

  • Liam Dilley 156 posts 382 karma points
    Dec 19, 2023 @ 23:25
    Liam Dilley
    0

    The steps I have got with it have been:

    • Login link that provides the URL parameters for the platform and direct to login page.
    • User logs into the platform login. It has a redirect set to another page into its system which has its "SSO" functionality. It is not true SSO really.
    • It returns a refresh token specific to the user
    • You use the refresh token and make a request to a /token URL
    • You get JSON data baskc with a full access_token along with data like when it expires etc.
    • You actually get the UserName.

    From there I am working on checking if the member exists. If they do not exist then I create the member and return a member object. If they do not exist to create the member. With the member object then log them in.

    Does anyone have any advise for the best way to log in / make the account member without the password etc?

Please Sign in or register to post replies

Write your reply to:

Draft