How to code my own ExternalAuth documentation?

7 years ago
hi,

woul be great if there was some "How to code my own ExternalAuth" documentation, just like:

https://www.nopcommerce.com/docs/76/how-to-code-my-own-payment-method.aspx

For example, I want to be able to share users/logins between a DotNetNuke website and a nopCommerce shop.

Would this be possible using a custom ExternalAuth plugin? (or is that just suited for OAuth based verification methods?)

Thanks!
7 years ago
rudgr wrote:
hi,

woul be great if there was some "How to code my own ExternalAuth" documentation, just like:

https://www.nopcommerce.com/docs/76/how-to-code-my-own-payment-method.aspx

For example, I want to be able to share users/logins between a DotNetNuke website and a nopCommerce shop.

Would this be possible using a custom ExternalAuth plugin? (or is that just suited for OAuth based verification methods?)

Thanks!


The best documentation is the source code! Have you had a look at the one of the External Auth plugins?
7 years ago
yeah, you're absolutely right! I looked in source code, just wanted to check if I could use ExternalAuth also for non-oAuth based authentication methods.
7 years ago
rudgr wrote:
yeah, you're absolutely right! I looked in source code, just wanted to check if I could use ExternalAuth also for non-oAuth based authentication methods.


If you have a look at the Nop.Plugin.ExternalAuth.OpenId plugin, you'll see that 'IExternalAuthenticationMethod' actually does nothing more than assigning an Action for the external login button. Then if we look at the 'PublicInfo' Action method (in ExternalAuthOpenIdController), there is this line:

_openIdProviderAuthorizer.Authorize(returnUrl);


Then if we look at OpenIdProviderAuthorizer.Authorize() method, you can see there is a call to '_authorizer.Authorize()' which then brings us to ExternalAuthorizer.Authorize() method. In that method, we can see there is these lines:

            //migrate shopping cart
            _shoppingCartService.MigrateShoppingCart(_workContext.CurrentCustomer, userFound ?? userLoggedIn);
            //authenticate
            _authenticationService.SignIn(userFound ?? userLoggedIn, false);
            //activity log
            _customerActivityService.InsertActivity("PublicStore.Login", _localizationService.GetResource("ActivityLog.PublicStore.Login"),
                userFound ?? userLoggedIn);


Which means the method that actually log your user in is the _authenticationService.SignIn() method.

In other words, we can safely say that, whatever the case is, as long as we call AuthenticationService.SignIn(), we'll be able to actually sign a user in. The ExternalAuth plugin is just a helper method to do the verification on the 3rd party side (to verify user existence in the 3rd party side). But once the identity is confirmed on the 3rd party side, the method that actually logs the user in is AuthenticationService.SignIn(). Knowing this allows us to do anything we want to do! :D
7 years ago
Great, thanks!!!!! :)
7 years ago
Did you make a NOP plugin for this?
7 years ago
work in progress ;-)
7 years ago
Cool... Keep us updated... I'm interested in this :)
6 years ago
Following your indication, I've successfully implemented my own external authentication plugin.
I've written (quickly, sorry for my bad english) an article about how to do it. source code is also available.

you can find it on my blog: http://predicatet.blogspot.fr/2014/01/nopcommerce-how-to-code-my-own.html
2 years ago
Thanks a lot ,I'm trying to write one of my own external authorize plugin, and your topic and replies above helps me a lot.

Oh, also sorry for my poor English :)