The sample is fairly good... the only thing that is really missing is a
tutorial showing you were to go to modify all the customizable parts. The
key for me was the correct class on the resource server. Which was the
ResourceServerHost class (something like that)
> Hi Sam,
> I'm sorry that in three months you didn't get any answers to your
> questions. Did you try this mailing list before now?
> A great deal of care went into the code and security of the library.
> Documentation includes not just the link you mentioned, but also the
> samples which you get with the .zip download, and the xml docs<http://docs.dotnetopenauth.net/v4.1/>.
> Among those, most folks find what they need.
> Implementing a security protocol shouldn't be treated lightly. An HTTP
> server can be trivially implemented in a week too, but there is a reason
> that IIS and Apache have large codebases and have dozens of security fixes
> in their past. I recommend you check out the DNOA samples, ask your
> questions on this mailing list, and give a few days more to trying DNOA.
> DNOA may itself have security bugs (I can't promise there aren't any)
> after all IIS and Apache have them too. But the likelihood that DNOA has
> security bugs is probably much lower given its age and thorough use in the
> wild.
> --
> Andrew Arnott
> "I [may] not agree with what you have to say, but I'll defend to the death
> your right to say it." - S. G. Tallentyre
> On Mon, Aug 13, 2012 at 6:51 PM, Sam Naseri <naseri.mey...@gmail.com>wrote:
>> Hi,
>> Introduction:
>> I have been trying to understand DNOA source codes for a while. Even I
>> were unable to build the solution so far. The only official documentation I
>> found was http://www.dotnetopenauth.net/documentation/ which does not
>> cover even a very basic sample for OAuth 1 or 2. Actually the documentation
>> page only has content for contribution to project and also OpenID.
>> As the result of lack of documentation and not having my questions
>> answered in StackOverflow I failed in using DNOA. I went for other
>> libraries. And the situation for other libraries were worse.
>> So I decided to implement my own library for OAuth 1.0a and OAuth 2.0
>> according to specification. Despite reading DNOA sources codes to
>> understand them took 3 month of my time, I implement these two protocols in
>> only a week and now it is working for Microsoft, Facebook, Google, Twitter,
>> Yahoo, LinkedIn and Meetup.
>> My Questions:
>> What is the downsides of implementing OAuth 1.0a or 2? I dont know what
>> all those huge amount of code is doing in DNOA, am I missing something?
>> Having said that my implementation works fine, I am not sure it is secure
>> enough? Is there any security issue I should pay attention to? Does DNOA
>> take care of security like it did for documentation, or a better work is
>> done in that area?
>> Kind Regards,
>> Sam Naseri
>> --
>> You received this message because you are subscribed to the Google Groups
>> "DotNetOpenAuth" group.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msg/dotnetopenid/-/qre74BN_fM0J.
>> To post to this group, send email to dotnetopenid@googlegroups.com.
>> To unsubscribe from this group, send email to
>> dotnetopenid+unsubscribe@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/dotnetopenid?hl=en.
> --
> You received this message because you are subscribed to the Google Groups
> "DotNetOpenAuth" group.
> To post to this group, send email to dotnetopenid@googlegroups.com.
> To unsubscribe from this group, send email to
> dotnetopenid+unsubscribe@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/dotnetopenid?hl=en.
