I am using following code I found from in the web to authenticate users for my website. But user has to click a button to login to the site even when they are logged in to gmail. What i want to do is automatically logged them in when they are logged in to gmail.
So how do i modify the following code to do this?
static string openidurl = "https://www.google.com/accounts/o8/id";
protected void Page_Load(object sender, EventArgs e)
{
//The Response
OpenIdRelyingParty openid = new OpenIdRelyingParty();
var response = openid.GetResponse();
if (response != null)
{
switch (response.Status)
{
case AuthenticationStatus.Authenticated:
var fetch = response.GetExtension<FetchResponse>();
string email = "";
if (fetch != null)
{
email = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email);
}
break;
}
}
}
private void CreateRequest()
{
using (OpenIdRelyingParty openid = new OpenIdRelyingParty())
{
IAuthenticationRequest request = openid.CreateRequest(openidurl);
var fetch = new FetchRequest();
fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
request.AddExtension(fetch);
// Send your visitor to their Provider for authentication.
request.RedirectToProvider();
}
}
protected void Button1_Click(object sender, EventArgs e)
{
CreateRequest();
}
You are conflating two things – Google being an OpenID provider, and a Google user being logged in to Google.
Using Google as an OpenId provider means that you can verify that a user is who they say they are.
This is different from a Google user being logged in to Google – this is not something that Google as an OpenId provider would expose, at it has no bearing on the identity of the user.
In short, you can’t do what you want, not through OpenId and DotNetOpenAuth.