I've been looking into connecting the OpenIdPortableArea to the ASP.Net Membership provider. The goal is to have the user authenticate via OpenId, then check if an associated MembershipUser exists. If it exists, set a FormsAuthenticationTicket
as the MembershipUser using the Membership API. If not, pass the user to a registration page to capture the rest of the registration data (except password obviously).
Do you think this is of value to add to this project? Or should it be a separate project which depends upon OpenIdPortableArea?
In order to implement this, we need a cross reference between the Claimed Identifier and the MembershipUser.ProviderUserKey (or possibly UserName). I considered storing this in the user's MembershipProfile, so that no new tables would
be introduced. However, the ProfileManager does not allow a search based on a property value. It may be possible to create an extension to the ProfileManager to do the search, but it becomes dependent on the underlying
provider implementation (SQL, Azure, etc...). An alternative is to create a cross reference table, but then the solution again becomes specific to the underlying data store.
Any thoughts on how to make this generic enough to be part of a Portable Area, but flexible enough for the different provider implementations? Perhaps just provide an interface with a default SQL Server implementation which can be replaced
with other custom implementations if needed.