This C# OpenID library adds OpenID 2.0 Provider and Relying Party support to your web site both programmatically and through convenient drop-in ASP.NET controls.
- Add support for your site visitors to login with their OpenIDs by just dropping an ASP.NET control onto your page. It’s that easy.
- Give your site members their own OpenIDs with the provider support included in this library.
- Sample relying party and provider web sites show you just how to do it.
- Works in partial trusted shared hosting environments.
- Support for web farms where state persistence, front-facing web servers and ASP.NET may not be standard or even available.
- 170+ unit tests to verify correctness.
Via dotnetopenid – Google Code
Again…Excellent Tutorial from Scott Mitchell
- Creating the Membership Schema in SQL Server [VB | C#] – explores the Membership framework and its goals. Looks at configuring and setting up the SqlMembershipProvider, which stores user account information in a Microsoft SQL Server database.
- Creating User Accounts [VB | C#] – examines creating user accounts using the CreateUserWizard control as well as using the Membership class’s CreateUser method.
- Validating User Credentials Against the Membership User Store [VB | C#] – shows how to validate a user’s supplied credentials and log them on (and off) the site. Looks at using both the Login Web control and the Membership.ValidateUser method.
- User-Based Authorization [VB | C#] – examines how to restrict access to pages or functionality within a page based on the logged in user.
- Storing Additional User Information [VB | C#] – the Membership framework only stores a handful of user attributes, but oftentimes additional, application-specific user information needs to be tracked. This tutorial looks at how to accomplish this.
Via Scott on Writing
An open protocol to allow secure API authentication in a simple and standard method from desktop and web applications.
What is it For?
Many luxury cars today come with a valet key. It is a special key you give the parking attendant and unlike your regular key, will not allow the car to drive more than a mile or two. Some valet keys will not open the trunk, while others will block access to your onboard cell phone address book. Regardless of what restrictions the valet key imposes, the idea is very clever. You give someone limited access to your car with a special key, while using your regular key to unlock everything.
Everyday new website offer services which tie together functionality from other sites. A photo lab printing your online photos, a social network using your address book to look for friends, and APIs to build your own desktop application version of a popular site. These are all great services – what is not so great about some of the implementations available today is their request for your username and password to the other site. When you agree to share your secret credentials, not only you expose your password to someone else (yes, that same password you also use for online banking), you also give them full access to do as they wish. They can do anything they wanted – even change your password and lock you out.
This is what OAuth does, it allows the you the User to grant access to your private resources on one site (which is called the Service Provider), to another site (called Consumer, not to be confused with you, the User). While OpenID is all about using a single identity to sign into many sites, OAuth is about giving access to your stuff without sharing your identity at all (or its secret parts).
Getting Started Part 1
Getting Started Part 2
Code in C#
OAuth — An open protocol to allow secure API authentication in a simple and standard method from desktop and web applications.