This project is read-only.

Open authentication module Released to alpha!!

Topics: Announcements
Mar 1, 2011 at 7:14 PM

Hi all, I have jsut released an alpha release of my Open Authentication module for you to play around with. this module is available on the gallery at

Codeplex project

Open Authentication Project

The aim of this project is to provide multiple authentication mechanisms to the Orchard CMS project.

What is integrated so far?

  •     OpenId
  •     Twitter (OAuth)
  •     Facebook (OAuth2)

The project utilizes multiple open source projects.

Please let me know how you get on.. I knwo of a couple of bugs and if you hit any please log them for me :)

Cheers, Nick

Mar 11, 2011 at 11:17 PM

Updated!!! Version 0.2.0 is out there..

Microsoft Connect is in there.

It’s implementation is very different to the other types of implementation... as its all JavaScript which is rather upsetting.



 Let me know if you have any problems. I knocked this out quite quick so I am really hoping I haven’t missed anything.


Mar 13, 2011 at 3:27 PM

 I'm looking forward to use your module (especially Facebook part), Good job! 


Feb 14, 2013 at 2:07 PM
Will there be any updates? I read the this module is not suited for the current 1.6 version of Orchard.
Feb 14, 2013 at 2:17 PM
Edited Feb 14, 2013 at 2:17 PM
I will push an update in the next couple of days.

There will be some big changes - All for the better I promise.

On the other hand you could take the latest DEV branch from if you cant wait.

Feb 14, 2013 at 2:57 PM
That's good news Nick!! I've spend several days to figure out the authentication. But it is too complex for me yet.

I go straight for de DEV branch to see how it is working.

Thanks again.
Feb 15, 2013 at 10:03 AM
Hello Nick, is it working for Azure ? What about what Azure provides in ACS ?
Mar 29, 2013 at 12:54 AM
Hello, is there a minimal user guide for this module.
The original documentation is totally obsolete because there are no more separate modules.
I would appreciate to have dedicated buttons for Live, FB and Twitter.
I tried to create a provider, getting the keys from MS site, then should I use as the url ? What else ?

Thanks for help.
Mar 29, 2013 at 1:36 PM
Thanks for twitter support :)
Mar 29, 2013 at 7:39 PM
I will try to write some documentation over the weekend. Nick
Mar 31, 2013 at 10:10 AM
Wouldn't it be better to move the OAuth package to Orchard lib ?
Mar 31, 2013 at 12:38 PM
Hmmm OAuth is great, but its not for everyone, A separate module like this works, after all I support it :) (Surely that's all the support you need hehe)
Mar 31, 2013 at 9:30 PM
Yes, not everyone needs it, which is the main criterion for including things in core. It doesn't mean we don't find it awesomely useful :)
Mar 31, 2013 at 10:53 PM
Edited Mar 31, 2013 at 10:57 PM
No you missed my point, I was just asking to have the Oauth.aspnet package in the Orchard source, not asling to include Nick Package in Orchard core :), even if very useful and working nicelly.
I created a theme and had to redesign the logon.cshtml, this necessitates including all the Oauth libs (10+) in the theme references: somes are already in Orchard library, the main ones are provided with Nick module as a package folder. Not easy to manage.
Shouldn't we have all the packages (Gits) bring by modules stored in a common place.
Apr 1, 2013 at 3:50 AM
You seem to be implying that we should include in core references to all the libraries that useful modules are likely to use. That's of course not reasonable. Why does your theme need to reference anything? Seems like there may be a design flaw in Nick's module if it forces you to do that.
Apr 1, 2013 at 9:39 AM
Edited Apr 1, 2013 at 10:04 AM
1) What is reasonable depends on the one who decides: I know that I could create a suggestion in some lost page where nobody goes....
2) I have no idea of all these libraries in the lib folder delivered with Orchard, some of them seem not used by the Orchard code, some older ? Is it a reference where we find the 'actual' Orchard validated version ( as for JQuery which is v 1.4 there.....) ? On the begining I started adding my own externals here, it was looking as a good idea in order to have homogenous refrence path ?
3) There are for sure some code that are used by many people but not the core Orchard, why don't have the one working with Orchard proposed by users and included here ?
4) May be some code in the OpenAuthLogOn.cshtml may be moved inside the shape building....
Apr 1, 2013 at 10:09 AM
1: We do listen and suggestions are not fallen on deaf ears - Infact one of the things people really like about Orchard is the support.
2: Sorry I don't understand point 2, could you refrase?
3: What code is used by many people and not in the Core? Remember the Core modules are enablers.
4: You don't need the references within the Theme, You can override my view within your theme and leave it non-compiling. Orchard will take care of the rest.

BTW: have you seen my theme for Orchard? it takes in to account openauth
Apr 1, 2013 at 10:31 AM
Edited Apr 1, 2013 at 10:35 AM
Nick, my answer was mainly to Bertrand, and be sure I appreciate all support I get here and on twitter ( :) ) from all the Orchard people.
1) I know and this is an open exchange forum, some of us are less flexible in their communication, I am amongst them ( but I know it ), that's a widely spread default/quality in the technical people population....
2) have a look on what is inside the lib folder you get from codeplex, not totally uptodate.
So I was questionning about the usage of this folder.
Sorry for bad english.
3) We all know there are many open code libs that get used by Orchard users, for example all the javascript libraries or the OpenAuth (on my side I have been using a Money class from Git). I was suggesting that when somebody has a working version in its Orchard work, he could push it to lib in order to fix versioning compatibilities.
4) I get and exception on @using DotNetOpenAuth.AspNet and the quick and dirty way I found was including 10 assemblies reference in my theme.
Looking at your theme brings a better solution I will adapt ASAP. Thanks.

PS: I have still pbs with Live connection, do you know if testing with my localhost dev station is working with microsoft as it is with facebook ?
Apr 5, 2013 at 9:04 AM
  1. Feel free to consider me unreasonable. I've given my reasons, you're free not to accept them.
  2. Maybe, but that's entirely irrelevant. If there remains stuff that we've stopped using in there, please report them through a bug, and contribute the patch removing them.
  3. Please be specific. I have no idea what you're talking about.
  4. I don't understand.
You still haven't explained why you need a reference in your theme. Looks like something Nick should fix.
Apr 5, 2013 at 9:43 AM
1) Thanks :)
2) JQuery 1.4
3) , , etc.
4) For Nick and solved
Apr 6, 2013 at 1:57 AM
Please file a bug for removing that jQuery folder.

We are not going to add the whole contents of the NuGet gallery to Orchard core. Instead, we are going to continue to include the dependencies that are actually used by the features that we ship.
Apr 6, 2013 at 7:17 AM
But a compatibility product/version list would be nice.
For OAuth I milit for its inclusion, I am using it everyday often and often, identity is clearly one of the concept Orchard must be upgraded.
Nick's code based on an intelligent adaptation of the MS participation to this Open Source lib works great (even if I suffer from lack of doc when I am in a hurry :))
Apr 6, 2013 at 10:50 PM
Can you clarify what you mean by "compatibility product/version list"?
Apr 13, 2013 at 4:06 PM
Edited Apr 13, 2013 at 4:24 PM
@Bertrand, sorry very busy, but we continue ASAP
@Nick I passed my login page in https (Thanks Bertrand for updating the SSL module) and the
public ActionResult ExternalLogOn(string providerName, string returnUrl) 
send me back a 302 Object move with the Http url then browsers push a GET not a Post.
Is there an easy way to manage HTTP and HTTPS on a same controller action ?
On a temp action I rebuilt with [RequireHttps] but still 302.
Why Orchard pages can't accept either https AND http ? Let's spend some time on this ....
Apr 13, 2013 at 8:16 PM
Finally it works, my problem was I was not allowing users to register in the site settings, and the auto-register OAuth feature neeed this to work (shouldn't this option be grayed when users are not allowed to register ?)
It could also be interesting to have an option allowing to change the process generating the orchard user name.
May 10, 2013 at 2:17 PM
Hello @Nick, I have added one question for your module concerning the way we could display each user authentication provider.