代码之家 › 专栏 › 技术社区 › Mike Sickler

为什么我的请求返回无效?

dotnetopenauth asp.net-mvc

Mike Sickler · 技术社区 · 16 年前

我刚刚开始试验DotNetOpenAuth项目。修改样本 OpenIdRelyingPartyMvc ClaimRequest 对于 电子邮件 与谷歌合作。

然而,当我试图将OpenID添加到我自己的项目中时,ClaimResponse总是返回空值。我想知道我是否缺少一个项目或环境设置?

Authenticate 方法:

public ActionResult Authenticate(string returnUrl)
{
    var response = openid.GetResponse();
    if (response == null)
    {
        // Stage 2: user submitting Identifier
        Identifier id;
        if (Identifier.TryParse(Request.Form["openid_identifier"], out id))
        {
            try
            {
                IAuthenticationRequest req = openid.CreateRequest(Request.Form["openid_identifier"]);
                req.AddExtension(new ClaimsRequest { Email = DemandLevel.Require });
                return req.RedirectingResponse.AsActionResult();
            }
            catch (ProtocolException ex)
            {
                ViewData["Message"] = ex.Message;
                return View("Login");
            }
        }
        else
        {
            ViewData["Message"] = "Invalid identifier";
            return View("Login");
        }
    }
    else
    {
        // Stage 3: OpenID Provider sending assertion response
        switch (response.Status)
        {
            case AuthenticationStatus.Authenticated:
                ClaimsResponse sreg = response.GetExtension<ClaimsResponse>();
                if (sreg != null)
                {
                    var email = sreg.Email;
                    Session["Email"] = email;
                }
                Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay;
                FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false);
                if (!string.IsNullOrEmpty(returnUrl))
                {
                    return Redirect(returnUrl);
                }
                else
                {
                    return RedirectToAction("Index", "Home");
                }
            case AuthenticationStatus.Canceled:
                ViewData["Message"] = "Canceled at provider";
                return View("Login");
            case AuthenticationStatus.Failed:
                ViewData["Message"] = response.Exception.Message;
                return View("Login");
        }
    }
    return new EmptyResult();
}

}

1 回复 | 直到 16 年前

LiamB 15 年前

<configuration>
       <configSections>
          <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection" requirePermission="false" allowLocation="true"/>
       </configSections>
       <dotNetOpenAuth>
          <openid>
             <relyingParty>
                <behaviors>
                   <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
                        with OPs that use Attribute Exchange (in various formats). -->
                   <add type="DotNetOpenAuth.OpenId.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth" />
                </behaviors>
             </relyingParty>
          </openid>
       </dotNetOpenAuth>
    </configuration>

http://dotnetopenauth.net:8000/wiki/CodeSnippets/OpenIDRP/AXFetchAsSregTransform

将配置信息添加到web.config。

谷歌有一个独特的特点,它忽略了所有标记为“可选”的属性请求。您必须根据“需要”请求用户的电子邮件地址,才能从谷歌获得电子邮件地址。不过,要小心,通过按要求标记属性,谷歌将拒绝对用户进行身份验证,除非用户愿意放弃他们的电子邮件地址。因此,如果您实际上不需要电子邮件地址,最好将其标记为可选,并放弃从您的谷歌用户那里获取电子邮件地址,以避免在用户不愿意的情况下强迫他们放弃电子邮件地址,从而将用户赶走。