Unable to make work ExchangeUserCredentialForToken from DotNetOpenAuth

Question

I'm using DotNetOpenAuth to aunthenticate a user, and I'm unable to make it work. This is my code:

public string AuthenticateUser(
     string key, string secret, string user, string password,
     AuthorizationServerDescription serviceDescription)
{
    UserAgentClient agent = new UserAgentClient(
        serviceDescription,
        key,
        secret);

    IAuthorizationState authState = mConsumer.ExchangeUserCredentialForToken(
        user,
        password,
        GetScope());

    if (authState != null)
    {
        return authState.Token;
    }
}

I'm trying to authenticate against Google and WindowsLive, without sucess in both cases.

Google

These are the configuration parameters used to access the Google OAuth service:

        AuthorizationEndpoint = new Uri("https://accounts.google.com/o/oauth2/auth")
        TokenEndpoint = new Uri("https://accounts.google.com/o/oauth2/token")
        ProtocolVersion = ProtocolVersion.V20
        State = "/profile"
        Scope = "https://www.googleapis.com/auth/userinfo.email"

Error obtained:

---------------------------
Error
---------------------------
Error occurred while sending a direct message or getting the response.
---------------------------
OK   
---------------------------

Windows Live

These are the parameters used to acces the Windows Live Outh service:

        TokenEndpoint = new Uri("https://oauth.live.com/token"),
        AuthorizationEndpoint = new Uri("https://oauth.live.com/authorize")
        ProtocolVersion = ProtocolVersion.V20
        State = null
        Scope = "wl.signin"

Error obtained:

---------------------------
Error
---------------------------
Unexpected response Content-Type text/html
---------------------------
OK   
---------------------------

I also tested using the ClientCredentialApplicator in all ways:

• NetworkCredential
• NoSecret
• PostParameter

Am I doing something wrong? Someone could show me a working example of ExchangeUserCredentisForToken?

Thanks in avance.

Answer 1

The resource owner credential grant only works when allowed by the authorization server. I believe both Google and Microsoft deliberately do not support this, since they don't want 3rd party apps taking user credentials directly.