DotNetOpenAuth for previously authorized site

Question

I've had great luck with DotNetOpenAuth to do 3 legged authorization. Currently, I am connecting and pulling in some Google data.

My question is that apparently, if you have already auth'd my web application to your Google account, when I call

var accessTokenResponse = google.ProcessUserAuthorization();

It basically does nothing. How do I get the token for an account that has already auth'd my application? I see no callback of any kind.

I'm chocking this up to my ignorance about OAuth in general.

Answer 1

You must replace the sample InMemoryTokenManager that is included with DotNetOpenAuth with an implementation of IConsumerTokenManager of your own that stores the access tokens and secrets in your database. Then you pass your instance of that interface to the WebConsumer class and it will receive all incoming tokens and secrets.

Either when calling ProcessUserAuthorization or inside your token manager class, you must also associate the access tokens that you save with the user account of the user who is currently logged into your web site.

Then when the user next visits your site, you look up their user account in your database to get their access token. And you use it for future requests. Your IConsumerTokenManager will supply the associated token secret as required and life will be good.