Discussion: Call for Code Samples / Real World Scenarios

[DotNetOpenAuth]

Hello everyone,

DotNetOpenAuth has been accompanied by code samples since early days and those samples have somewhat evolved alongside the evolution of the library and the standards we support. The purpose of the samples is to support the developer during their time learning and understanding DotNetOpenAuth, But we can do better.

Quite some time ago I extracted code samples out of the main code repository and gave them a home of their own (https://github.com/DotNetOpenAuth/DotNetOpenAuth.Samples). These samples were to be based on the most recent publicly available nuget distributions and were aimed to make exploring and learning DotNetOpenAuth a simple case of downloading the code, opening the solution and hitting 'F5'. What I am hoping to achieve is to further extend this 'keep it simple' approach along the idea of the following

• Refresh the current samples
  
• Transition all the samples to a standardised ASP.NET and .NET framework 
• Take on board any feedback you the community may have
  
  
• Provide example real world scenarios
  
• Extend the samples selection to cover more recent 'real-world' scenarios

So, DNOA community, I ask you -  

Got feedback on how to make the samples rock?

We are all ears, do share - let us know what.

 

Do the current samples 'grind your gears' ? 

Unawesome, Let us know what and why and help us make things better.

Do you have an idea for a scenario? 

Want to try it out and contribute it? Awesome! just let me know.

Thank you for your support,

David Christiansen

david @ dotnetopenauth.net

[Corey Perkins]

David,

One suggestion might be to inline some comments in the samples when you are doing something specific to one type of auth that would point a user along if they chose to go with another type. Or, you could possibly inline some code snippets.

For instance, in the AuthorizationServer sample the following line of code is used in the AccountController.

var request = rp.CreateRequest(model.UserSuppliedIdentifier, Realm.AutoDetect, new Uri(Request.Url, Url.Action("Authenticate"))); // rp is an OpenIdRelyingParty

However, in my case, I *think* I should be using WebServerClient.PrepareRequestUserAuthorization to generate my request before allowing the OAuthController.Authorize action to issue the authorization request to the server. 

Regardless of that, this project is quite fascinating and I hope I can find the time to help out.

Did I just answer your question with a question? :)

Thanks!

Corey

[Jammer Jamski]

I agree with Corey, more in-line comments would be great.

One of the issues I had was actually working out what components I did or didn't need for my particular scenario.  Some very obvious flow chart images included in the download would be a really big improvement I think.  Something visual to illustrate the OAuth vernacular.

Other than that I think the more self contained the samples can be the better imho.  No configuration required at all to get the samples running.

[Richard Collette]

David,

Would you have any interest in an example solution for OpenId unsolicited assertions?   My solution has

• The OP with an implementation of IOpenIdApplicationStore that connects to the localdb of an SSDT project.
• Is F5 runnable using the visual studio development server.
• The RP utilizes  an Xrds advertisement HTTP module which prevents extra redirects and is necessary when there are no publicly accessible pages on the RP site. (I wanted to add this in a pull request but never got around to it).
• I created a Visio sequence diagram of the protocol (which may need review of the terms used to describe the discovery calls).  
• I have example network packet captures
• I have example logs saved from the Provider and Relying party sites for successful completion of the protocol.
• I have a word document which instructs on setup and running of the example, describes the functional behavior, describes how to perform local fiddler captures for learning purposes, and describes requirements for deployment including logging configuration and utilization behind SSL load balancers.  The visio diagram is linked into this document.

The example is stripped down to just the necessary parts.  No images, no style sheets, etc. 

If so, I have the solution and the documentation zipped up and ready.  I just need to know where to put it.

Others, please do not request the example.  I have no intention of distributing this on a one by one basis.

Thank you,

Rich

[David Christiansen]

Thanks for making contact Rich,  I will ping you back directly.