Still struggling with grabbing user information from Relaying Party :(
39 views
Skip to first unread message
Justin
Jun 14, 2009, 2:17:33 AM6/14/09
to dotnetopenid
Hi folks,
Sorry to sound like a broken record but I'm having some more problems
getting the user information from a Relaying Party. I understand some
parties are not complying to the schema's/using their own (don't u
love standards?!). Some are not even giving any info out (eg. Yahoo).
With this in mind, I'm sure i'm pretty close to having the right code
to requesting my user info. It used to work before I tried asking for
AX also.
Anyways, here's my request code AND the logging information provided
by the dll (awesome work Andrew, btw). Please take note that there's
an exception in the middle of the logs .. i'm not sure if that is
important. (I think the code is told there's 2 schemas .. tries
version 2.0, fails, falls back to the next one, which is v1.1).
Relaying Party: myopenid.com
My Code: ASP.NET MVC c#
private const string MyOpenId_WellKnownAttributes_Contact_Email =
"http://schema.openid.net/contact/email";
private const string MyOpenId_WellKnownAttributes_Name_Alias = "http://
schema.openid.net/namePerson/friendly";
private const string MyOpenId_WellKnownAttributes_Preferences_Language
= "http://schema.openid.net/pref/language";
private const string MyOpenId_WellKnownAttributes_Preferences_TimeZone
= "http://schema.openid.net/pref/timezone";
private const string MyOpenId_WellKnownAttributes_Person_Gender =
"http://schema.openid.net/person/gender";
public static ActionResult CreateRequest(OpenIdRelyingParty
openId, Identifier identifier)
{
identifier.ThrowIfArgumentIsNull("identifier");
// Define the attributes we wish to be sent.
var fetch = new FetchRequest();
// Official Schema's.
fetch.Attributes.AddRequired
(WellKnownAttributes.Contact.Email);
fetch.Attributes.AddRequired
(WellKnownAttributes.Name.Alias);
fetch.Attributes.AddRequired
(WellKnownAttributes.Preferences.Language);
fetch.Attributes.AddRequired
(WellKnownAttributes.Preferences.TimeZone);
fetch.Attributes.AddRequired
(WellKnownAttributes.Person.Gender);
// MyOpenID.
fetch.Attributes.AddRequired
(MyOpenId_WellKnownAttributes_Contact_Email);
fetch.Attributes.AddRequired
(MyOpenId_WellKnownAttributes_Name_Alias);
fetch.Attributes.AddRequired
(MyOpenId_WellKnownAttributes_Preferences_Language);
fetch.Attributes.AddRequired
(MyOpenId_WellKnownAttributes_Preferences_TimeZone);
fetch.Attributes.AddRequired
(MyOpenId_WellKnownAttributes_Person_Gender);
var request = openId.CreateRequest(identifier.ToString());
request.AddExtension(fetch);
return request.RedirectingResponse.AsActionResult();
}
Logging information:
[Note: I've cleaned up the log info. "WS Info" was originally
"WebDev.WebServer.exe Information".
WS Info: 0 : DotNetOpenAuth, Version=3.1.0.9122, Culture=neutral,
PublicKeyToken=2780ccd10d57b246 (official)
WS Info: 0 : Incoming HTTP request: http://localhost:6969/Authentication/Authenticate
WS Info: 0 : HTTP GET http://foobar.myopenid.com/
WS Info: 0 : Total services discovered in HTML: 2
WS Info: 0 : [{
ClaimedIdentifier: http://foobar.myopenid.com/
ProviderLocalIdentifier: http://foobar.myopenid.com/
ProviderEndpoint: http://www.myopenid.com/server
OpenID version: 2.0
Service Type URIs:
http://specs.openid.net/auth/2.0/signon
}, {
ClaimedIdentifier: http://foobar.myopenid.com/
ProviderLocalIdentifier: http://foobar.myopenid.com/
ProviderEndpoint: http://www.myopenid.com/server
OpenID version: 1.1
Service Type URIs:
http://openid.net/signon/1.1
},]
WS Info: 0 : Performing discovery on user-supplied identifier:
http://foobar.myopenid.com/
WS Info: 0 : Creating authentication request for user supplied
Identifier: http://foobar.myopenid.com/
WS Info: 0 : Preparing to send AssociateDiffieHellmanRequest (2.0)
message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not
apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not
apply to message.
WS Info: 0 : Sending AssociateDiffieHellmanRequest request.
WS Info: 0 : HTTP POST http://www.myopenid.com/server
WebDev.WebServer.exe Error: 0 : An error occurred while trying to
create an association with http://www.myopenid.com/server.
DotNetOpenAuth.Messaging.ProtocolException: Error occurred while
sending a direct message or getting the response. --->
System.Net.WebException: The remote server returned an error: (417)
Expectation failed.
at System.Net.HttpWebRequest.GetResponse()
at DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse
(HttpWebRequest request, DirectWebRequestOptions options)
--- End of inner exception stack trace ---
at DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse
(HttpWebRequest request, DirectWebRequestOptions options)
at DotNetOpenAuth.Messaging.UntrustedWebRequestHandler.GetResponse
(HttpWebRequest request, DirectWebRequestOptions options)
at
DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel.GetDirectResponse
(HttpWebRequest webRequest)
at DotNetOpenAuth.Messaging.Channel.RequestCore
(IDirectedProtocolMessage request)
at DotNetOpenAuth.Messaging.Channel.Request
(IDirectedProtocolMessage requestMessage)
at
DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.CreateNewAssociation
(ProviderEndpointDescription provider, AssociateRequest
associateRequest, Int32 retriesRemaining)
WebDev.WebServer.exe Warning: 0 : Failed to create association with
http://www.myopenid.com/server. Skipping to next endpoint.
WS Info: 0 : Creating authentication request for user supplied
Identifier: http://foobar.myopenid.com/
WS Info: 0 : Preparing to send AssociateDiffieHellmanRequest (1.1)
message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not
apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not
apply to message.
WS Info: 0 : Sending AssociateDiffieHellmanRequest request.
WS Info: 0 : HTTP POST http://www.myopenid.com/server
WS Info: 0 : Received AssociateDiffieHellmanResponse response.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not
apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not
apply to message.
WS Info: 0 : Preparing to send CheckIdRequest (1.1) message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement applied
to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement
applied to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement
applied to message.
WS Info: 0 : ReturnTo signed data:
dnoi.claimed_id: http://foobar.myopenid.com/
dnoi.op_endpoint: http://www.myopenid.com/server
dnoi.request_nonce: Z8OzFMy6ywhwIS53RrH1Sey0NJF+MJoC
dnoi.return_to_sig_handle: {633805558259146666}{5BNwYQ==}
dnoi.userSuppliedIdentifier: http://foobar.myopenid.com/
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement
applied to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not
apply to message.
WS Info: 0 : Sending message: CheckIdRequest
WS Info: 0 : Redirecting to
http://www.myopenid.com/server?openid.identity=http%3a%2f%2ffoobar.myopenid.com%2f&openid.assoc_handle=%7bHMAC-SHA1%7d%7b4a34912b%7d%7brZb9LQ%3d%3d%7d&openid.return_to=http%3a%2f%2flocalhost%3a6969%2fAuthentication%2fAuthenticate%3fdnoi.userSuppliedIdentifier%3dhttp%253a%252f%252ffoobar.myopenid.com%252f%26dnoi.op_endpoint%3dhttp%253a%252f%252fwww.myopenid.com%252fserver%26dnoi.claimed_id%3dhttp%253a%252f%252ffoobar.myopenid.com%252f%26dnoi.request_nonce%3dZ8OzFMy6ywhwIS53RrH1Sey0NJF%252bMJoC%26dnoi.return_to_sig_handle%3d%257b633805558259146666%257d%257b5BNwYQ%253d%253d%257d%26dnoi.return_to_sig%3dO0Ow6ur7fy4eDP%252bFpYXTwOSbZkPJP6d3qOxmhG41s4pnaYos6tiHPjEecp7BugDySaTZiUdajNy%252frVoKubLgoA%253d%253d&openid.trust_root=http%3a%2f%2flocalhost%3a6969%2f&openid.mode=checkid_setup&openid.ns.alias3=http%3a%2f%2fopenid.net%2fsrv%2fax%2f1.0&openid.alias3.required=alias1%2calias2%2calias3%2calias4%2calias5%2calias6%2calias7%2calias8%2calias9%2calias10&openid.alias3.mode=fetch_request&openid.alias3.type.alias1=http%3a%2f%2faxschema.org%2fcontact%2femail&openid.alias3.count.alias1=1&openid.alias3.type.alias2=http%3a%2f%2faxschema.org%2fnamePerson%2ffriendly&openid.alias3.count.alias2=1&openid.alias3.type.alias3=http%3a%2f%2faxschema.org%2fpref%2flanguage&openid.alias3.count.alias3=1&openid.alias3.type.alias4=http%3a%2f%2faxschema.org%2fpref%2ftimezone&openid.alias3.count.alias4=1&openid.alias3.type.alias5=http%3a%2f%2faxschema.org%2fperson%2fgender&openid.alias3.count.alias5=1&openid.alias3.type.alias6=http%3a%2f%2fschema.openid.net%2fcontact%2femail&openid.alias3.count.alias6=1&openid.alias3.type.alias7=http%3a%2f%2fschema.openid.net%2fnamePerson%2ffriendly&openid.alias3.count.alias7=1&openid.alias3.type.alias8=http%3a%2f%2fschema.openid.net%2fpref%2flanguage&openid.alias3.count.alias8=1&openid.alias3.type.alias9=http%3a%2f%2fschema.openid.net%2fpref%2ftimezone&openid.alias3.count.alias9=1&openid.alias3.type.alias10=http%3a%2f%2fschema.openid.net%2fperson%2fgender&openid.alias3.count.alias10=1
The thread 0xeb0 has exited with code 0 (0x0).
----------
Should i be ditching this code and doing some sreg instead? (I'm
trying to have some request code that sorta handles most main RP's).
Thanks for any help or suggestions.
-Justin-
Sorry to sound like a broken record but I'm having some more problems
getting the user information from a Relaying Party. I understand some
parties are not complying to the schema's/using their own (don't u
love standards?!). Some are not even giving any info out (eg. Yahoo).
With this in mind, I'm sure i'm pretty close to having the right code
to requesting my user info. It used to work before I tried asking for
AX also.
Anyways, here's my request code AND the logging information provided
by the dll (awesome work Andrew, btw). Please take note that there's
an exception in the middle of the logs .. i'm not sure if that is
important. (I think the code is told there's 2 schemas .. tries
version 2.0, fails, falls back to the next one, which is v1.1).
Relaying Party: myopenid.com
My Code: ASP.NET MVC c#
private const string MyOpenId_WellKnownAttributes_Contact_Email =
"http://schema.openid.net/contact/email";
private const string MyOpenId_WellKnownAttributes_Name_Alias = "http://
schema.openid.net/namePerson/friendly";
private const string MyOpenId_WellKnownAttributes_Preferences_Language
= "http://schema.openid.net/pref/language";
private const string MyOpenId_WellKnownAttributes_Preferences_TimeZone
= "http://schema.openid.net/pref/timezone";
private const string MyOpenId_WellKnownAttributes_Person_Gender =
"http://schema.openid.net/person/gender";
public static ActionResult CreateRequest(OpenIdRelyingParty
openId, Identifier identifier)
{
identifier.ThrowIfArgumentIsNull("identifier");
// Define the attributes we wish to be sent.
var fetch = new FetchRequest();
// Official Schema's.
fetch.Attributes.AddRequired
(WellKnownAttributes.Contact.Email);
fetch.Attributes.AddRequired
(WellKnownAttributes.Name.Alias);
fetch.Attributes.AddRequired
(WellKnownAttributes.Preferences.Language);
fetch.Attributes.AddRequired
(WellKnownAttributes.Preferences.TimeZone);
fetch.Attributes.AddRequired
(WellKnownAttributes.Person.Gender);
// MyOpenID.
fetch.Attributes.AddRequired
(MyOpenId_WellKnownAttributes_Contact_Email);
fetch.Attributes.AddRequired
(MyOpenId_WellKnownAttributes_Name_Alias);
fetch.Attributes.AddRequired
(MyOpenId_WellKnownAttributes_Preferences_Language);
fetch.Attributes.AddRequired
(MyOpenId_WellKnownAttributes_Preferences_TimeZone);
fetch.Attributes.AddRequired
(MyOpenId_WellKnownAttributes_Person_Gender);
var request = openId.CreateRequest(identifier.ToString());
request.AddExtension(fetch);
return request.RedirectingResponse.AsActionResult();
}
Logging information:
[Note: I've cleaned up the log info. "WS Info" was originally
"WebDev.WebServer.exe Information".
WS Info: 0 : DotNetOpenAuth, Version=3.1.0.9122, Culture=neutral,
PublicKeyToken=2780ccd10d57b246 (official)
WS Info: 0 : Incoming HTTP request: http://localhost:6969/Authentication/Authenticate
WS Info: 0 : HTTP GET http://foobar.myopenid.com/
WS Info: 0 : Total services discovered in HTML: 2
WS Info: 0 : [{
ClaimedIdentifier: http://foobar.myopenid.com/
ProviderLocalIdentifier: http://foobar.myopenid.com/
ProviderEndpoint: http://www.myopenid.com/server
OpenID version: 2.0
Service Type URIs:
http://specs.openid.net/auth/2.0/signon
}, {
ClaimedIdentifier: http://foobar.myopenid.com/
ProviderLocalIdentifier: http://foobar.myopenid.com/
ProviderEndpoint: http://www.myopenid.com/server
OpenID version: 1.1
Service Type URIs:
http://openid.net/signon/1.1
},]
WS Info: 0 : Performing discovery on user-supplied identifier:
http://foobar.myopenid.com/
WS Info: 0 : Creating authentication request for user supplied
Identifier: http://foobar.myopenid.com/
WS Info: 0 : Preparing to send AssociateDiffieHellmanRequest (2.0)
message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not
apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not
apply to message.
WS Info: 0 : Sending AssociateDiffieHellmanRequest request.
WS Info: 0 : HTTP POST http://www.myopenid.com/server
WebDev.WebServer.exe Error: 0 : An error occurred while trying to
create an association with http://www.myopenid.com/server.
DotNetOpenAuth.Messaging.ProtocolException: Error occurred while
sending a direct message or getting the response. --->
System.Net.WebException: The remote server returned an error: (417)
Expectation failed.
at System.Net.HttpWebRequest.GetResponse()
at DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse
(HttpWebRequest request, DirectWebRequestOptions options)
--- End of inner exception stack trace ---
at DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse
(HttpWebRequest request, DirectWebRequestOptions options)
at DotNetOpenAuth.Messaging.UntrustedWebRequestHandler.GetResponse
(HttpWebRequest request, DirectWebRequestOptions options)
at
DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel.GetDirectResponse
(HttpWebRequest webRequest)
at DotNetOpenAuth.Messaging.Channel.RequestCore
(IDirectedProtocolMessage request)
at DotNetOpenAuth.Messaging.Channel.Request
(IDirectedProtocolMessage requestMessage)
at
DotNetOpenAuth.OpenId.RelyingParty.AssociationManager.CreateNewAssociation
(ProviderEndpointDescription provider, AssociateRequest
associateRequest, Int32 retriesRemaining)
WebDev.WebServer.exe Warning: 0 : Failed to create association with
http://www.myopenid.com/server. Skipping to next endpoint.
WS Info: 0 : Creating authentication request for user supplied
Identifier: http://foobar.myopenid.com/
WS Info: 0 : Preparing to send AssociateDiffieHellmanRequest (1.1)
message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not
apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not
apply to message.
WS Info: 0 : Sending AssociateDiffieHellmanRequest request.
WS Info: 0 : HTTP POST http://www.myopenid.com/server
WS Info: 0 : Received AssociateDiffieHellmanResponse response.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not
apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not
apply to message.
WS Info: 0 : Preparing to send CheckIdRequest (1.1) message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement applied
to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement
applied to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement
applied to message.
WS Info: 0 : ReturnTo signed data:
dnoi.claimed_id: http://foobar.myopenid.com/
dnoi.op_endpoint: http://www.myopenid.com/server
dnoi.request_nonce: Z8OzFMy6ywhwIS53RrH1Sey0NJF+MJoC
dnoi.return_to_sig_handle: {633805558259146666}{5BNwYQ==}
dnoi.userSuppliedIdentifier: http://foobar.myopenid.com/
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement
applied to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement
did not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did
not apply to message.
WS Info: 0 : Binding element
DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not
apply to message.
WS Info: 0 : Sending message: CheckIdRequest
WS Info: 0 : Redirecting to
http://www.myopenid.com/server?openid.identity=http%3a%2f%2ffoobar.myopenid.com%2f&openid.assoc_handle=%7bHMAC-SHA1%7d%7b4a34912b%7d%7brZb9LQ%3d%3d%7d&openid.return_to=http%3a%2f%2flocalhost%3a6969%2fAuthentication%2fAuthenticate%3fdnoi.userSuppliedIdentifier%3dhttp%253a%252f%252ffoobar.myopenid.com%252f%26dnoi.op_endpoint%3dhttp%253a%252f%252fwww.myopenid.com%252fserver%26dnoi.claimed_id%3dhttp%253a%252f%252ffoobar.myopenid.com%252f%26dnoi.request_nonce%3dZ8OzFMy6ywhwIS53RrH1Sey0NJF%252bMJoC%26dnoi.return_to_sig_handle%3d%257b633805558259146666%257d%257b5BNwYQ%253d%253d%257d%26dnoi.return_to_sig%3dO0Ow6ur7fy4eDP%252bFpYXTwOSbZkPJP6d3qOxmhG41s4pnaYos6tiHPjEecp7BugDySaTZiUdajNy%252frVoKubLgoA%253d%253d&openid.trust_root=http%3a%2f%2flocalhost%3a6969%2f&openid.mode=checkid_setup&openid.ns.alias3=http%3a%2f%2fopenid.net%2fsrv%2fax%2f1.0&openid.alias3.required=alias1%2calias2%2calias3%2calias4%2calias5%2calias6%2calias7%2calias8%2calias9%2calias10&openid.alias3.mode=fetch_request&openid.alias3.type.alias1=http%3a%2f%2faxschema.org%2fcontact%2femail&openid.alias3.count.alias1=1&openid.alias3.type.alias2=http%3a%2f%2faxschema.org%2fnamePerson%2ffriendly&openid.alias3.count.alias2=1&openid.alias3.type.alias3=http%3a%2f%2faxschema.org%2fpref%2flanguage&openid.alias3.count.alias3=1&openid.alias3.type.alias4=http%3a%2f%2faxschema.org%2fpref%2ftimezone&openid.alias3.count.alias4=1&openid.alias3.type.alias5=http%3a%2f%2faxschema.org%2fperson%2fgender&openid.alias3.count.alias5=1&openid.alias3.type.alias6=http%3a%2f%2fschema.openid.net%2fcontact%2femail&openid.alias3.count.alias6=1&openid.alias3.type.alias7=http%3a%2f%2fschema.openid.net%2fnamePerson%2ffriendly&openid.alias3.count.alias7=1&openid.alias3.type.alias8=http%3a%2f%2fschema.openid.net%2fpref%2flanguage&openid.alias3.count.alias8=1&openid.alias3.type.alias9=http%3a%2f%2fschema.openid.net%2fpref%2ftimezone&openid.alias3.count.alias9=1&openid.alias3.type.alias10=http%3a%2f%2fschema.openid.net%2fperson%2fgender&openid.alias3.count.alias10=1
The thread 0xeb0 has exited with code 0 (0x0).
----------
Should i be ditching this code and doing some sreg instead? (I'm
trying to have some request code that sorta handles most main RP's).
Thanks for any help or suggestions.
-Justin-
Andrew Arnott
Jun 14, 2009, 10:43:47 AM6/14/09
to dotnet...@googlegroups.com
Hi Justin,
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
Don't worry about sounding like a broken record. This is a real problem for RPs and I hope future versions of the extension specs solve it. In the meantime, I'm sorely tempted to write an interop helper class that will do some of this heavy lifting for you.
You probably should include sreg in your request as well. Including two AX schemas in your request is a good way to get most/all the OPs that support AX, but even more OPs support sreg so you can get information from more OPs by doing sreg as well. Google is one OP that does not do sreg but does do AX, so sreg alone isn't great either.
I'm puzzled that the logs don't include the message content about to be sent or just received. And without the response message that carries the positive assertion from myopenid.com that I don't see included in your logs (it seems to be truncated before that step), I can't tell you what's wrong with the AX response.
I can however tell you what that exception is all about. MyOpenID advertises two service endpoints: an openid 2.0 and a 1.1 one. DNOA tries the first one, and it is during that attempt that DNOA "learns" that myopenid.com is a server that can't handle the "Expect: 100 Continue" HTTP header. It marks this down so that forever after (for the life of the .NET appdomain) all HTTP requests to myopenid.com omit that header. But in the meantime it is considered a failed attempt, and so DNOA moves on to the second service endpoint. This also means that it's using OpenID 1.1 instead of 2.0. If you had tried this scenario a second time (before restarting the web server), OpenID 2.0 would most likely be used and succeed since the Expect 100 Continue wouldn't be a problem the second time around. I don't know if myopenid.com has a problem reading AX requests when the carrier is OpenID 1.1 as opposed to 2.0.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
John Bradley
Jun 14, 2009, 11:13:38 AM6/14/09
to dotnet...@googlegroups.com
One other thing to watch out for with Google and AX is that they ignore if_available and will only prompt the user to return attributes if they are requested as required. They also will not return them on subsequent requests if the user elects to remember the RP.
If you are testing AX with Google remember never to allow it to remember the RP.
MyOpenID should be rejecting AX with openID 1.1 because it isn't a valid 1.1 extension. On the other hand I haven't tested it so almost anything could happen.
Welcome to the world of attributes in openID.
SREG is not a standard. (at-least not one that has been adopted)
AX is a standard, but there is no standard for the attributes themselves, and different OP's treat requests quite differently.
John B.
Andrew Arnott
Jun 14, 2009, 3:59:04 PM6/14/09
to dotnet...@googlegroups.com
One other key difference that makes the Google OP unique: attributes given in if_required will block authentication from succeeding if the user is unwilling to provide those attributes when Google asks for permission. Frankly I like Google's interpretation of required being required, but it's the only OP to do this, which makes interop with it and other OPs tricky.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
Justin
Jun 14, 2009, 8:58:47 PM6/14/09
to dotnetopenid
On Jun 15, 12:43 am, Andrew Arnott <andrewarn...@gmail.com> wrote:
> Hi Justin,
> Don't worry about sounding like a broken record. This is a real problem for
> RPs and I hope future versions of the extension specs solve it. In the
> meantime, I'm sorely tempted to write an interop helper class that will do
> some of this heavy lifting for you.
attempting this :) But with my lack of understanding, I'm missing big
parts :)
Side Note on abstraction/heavy lifting:
This is a bit of a side note, but I've been adding DNOA on various R&D
projects and have found that I'm copying/pasting _a lot_ of common
code in my ASP.NET AuthenticationController, etc. Would it be OK if i
start a new discussion about how we could abstract the ASP.NET MVC
authentication programatically to save a lot of copy/pasting code?
>
> You probably should include sreg in your request as well. Including two AX
> schemas in your request is a good way to get most/all the OPs that support
> AX, but even more OPs support sreg so you can get information from more OPs
> AX, so sreg alone isn't great either.
Ok. Is it possible to add both SREG and AX requests in the same fetch
object? After all, isn't it just namespace text strings?
> I'm puzzled that the logs don't include the message content about to be sent
> or just received. And without the response message that carries the
> positive assertion from myopenid.com that I don't see included in your logs
> (it seems to be truncated before that step), I can't tell you what's wrong
> with the AX response.
in my ASP.NET MVC project) which bounced me to myopenid.com. I didn't
authenticate at that point. I just copied the log info and started
this thread. Would u like me to also authenticate and dump any extra
log information?
> I can however tell you what that exception is all about.
Cheers! That makes sence. Is it possible to maybe change the code to
catch for any "Expect: 100 Continue" errors. If found, instead of
skippng that step, repeat that step. This time, it will be doing it
without the header --- which is what you said happens from the 2nd
time and onwards.
Speaking of myopenid, is there anyone on these forums who works for
them OR has a contact in their company? It would be great to hear some
answers from their side of things. Eg. can they turn on 100-continue?
if not, why? etc.
Side Note #2:
I wonder if it would be nice to have a simple excel chart of which RP
handles which extensions or standards, etc. Y axis = the RP, X axis =
the service. That way we could get a picture of what is support and
what isn't? Because anyone can be an RP, the chart will only include
the big boys (myopenid, google, etc). Start with maybe 10 RP's?
Ok - so from here i need to add some SREG code. see if that helps, and
if anyone else suggests, the log info from AFTER i authenticate.
-Justin-
Andrew Arnott
Jun 14, 2009, 11:09:28 PM6/14/09
to dotnet...@googlegroups.com
Hi Justin... responses inline...
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
On Sun, Jun 14, 2009 at 5:58 PM, Justin <mm11...@spamcorptastic.com> wrote:
That would be lovely. As you can see (in my sample code above), I was
On Jun 15, 12:43 am, Andrew Arnott <andrewarn...@gmail.com> wrote:
> Hi Justin,
> Don't worry about sounding like a broken record. This is a real problem for
> RPs and I hope future versions of the extension specs solve it. In the
> meantime, I'm sorely tempted to write an interop helper class that will do
> some of this heavy lifting for you.
attempting this :) But with my lack of understanding, I'm missing big
parts :)
I've filed a ticket on a related issue, and added a comment to mention the way we could do this to make it easy for everyone, whether they use the ASP.NET controls or not.
Side Note on abstraction/heavy lifting:
This is a bit of a side note, but I've been adding DNOA on various R&D
projects and have found that I'm copying/pasting _a lot_ of common
code in my ASP.NET AuthenticationController, etc. Would it be OK if i
start a new discussion about how we could abstract the ASP.NET MVC
authentication programatically to save a lot of copy/pasting code?
Absolutely. This is what the ApplicationBlock project is all about. See what you can come up with that fits a pattern that other MVC sites can fit and we'll get it into there. Depending on how generally applicable it is, we might get it into the library itself as well.
Ok. Is it possible to add both SREG and AX requests in the same fetch
>
> You probably should include sreg in your request as well. Including two AX
> schemas in your request is a good way to get most/all the OPs that support
> AX, but even more OPs support sreg so you can get information from more OPs
> by doing sreg as well. Google is one OP that does *not* do sreg but does do
> AX, so sreg alone isn't great either.
object? After all, isn't it just namespace text strings?
You can stick as many extensions as you want into the same auth request. But the FetchRequest is the AX extension. In addition to what you do with AX, you should new up a ClaimsRequest for the sreg extension and then request.AddExtension(claimsRequest) on that as well.
Hmm. What i did was click my log in button (i'm using my own c# code
> I'm puzzled that the logs don't include the message content about to be sent
> or just received. And without the response message that carries the
> positive assertion from myopenid.com that I don't see included in your logs
> (it seems to be truncated before that step), I can't tell you what's wrong
> with the AX response.
in my ASP.NET MVC project) which bounced me to myopenid.com. I didn't
authenticate at that point. I just copied the log info and started
this thread. Would u like me to also authenticate and dump any extra
log information?
Hmmm... well, if you were basing success off of the fact that myopenid.com wasn't showing you that it would be sharing your profile data, then I guess that's all I need to know and seeing more of the logs probably won't tell me anything more. However, based on what John Bradley said (something I'd forgotten), AX doesn't work in OpenID 1.1, so it was probably a combination of the 100 Expect Continue problem and OpenID 1.1 that made your AX request fail. In any case, adding sreg to it will avoid that problem. And a future release of DNOA will improve the 417 error story as well.
> <snip>
> I can however tell you what that exception is all about.
Cheers! That makes sence. Is it possible to maybe change the code to
catch for any "Expect: 100 Continue" errors. If found, instead of
skippng that step, repeat that step. This time, it will be doing it
without the header --- which is what you said happens from the 2nd
time and onwards.
I agree. After your first email I filed http://dotnetopenauth.net:8000/ticket/82 to get that done.
Speaking of myopenid, is there anyone on these forums who works for
them OR has a contact in their company? It would be great to hear some
answers from their side of things. Eg. can they turn on 100-continue?
if not, why? etc.
Yes, I have a few contacts at Janrain. I'll fire off an email to them and see what they say.
Side Note #2:
I wonder if it would be nice to have a simple excel chart of which RP
handles which extensions or standards, etc. Y axis = the RP, X axis =
the service. That way we could get a picture of what is support and
what isn't? Because anyone can be an RP, the chart will only include
the big boys (myopenid, google, etc). Start with maybe 10 RP's?
I think you mean OPs rather than RPs. RPs accept OpenIDs whereas OPs issue them, so myopenid and google are OPs. Anyway, the grid you describe already exists. :)
Justin
Jun 14, 2009, 11:31:12 PM6/14/09
to dotnetopenid
Thanks Andrew for the reply.
1. Great news about the two new support tickets :) that will make
things a lot easier :)
2. RE: new thread & some of the copy-paste code i've been doing. I'm
not very good at all these patterns and practices, so i'm not going to
pretend I know what is best practice, etc. What i will do is i'll
create a new sample ASP.NET MVC solution, exactly like you have in
your downloadcode. Actually, i'll start with your code. And i'll mix
in my library code and post up a download. I'll include some
documentation about what i've tried to abstract. From here, hopefully
some folks (such as yourself Andrew, but hopefully others in the
community .. so we can get various forms of feedback) can digest it
and see where I'm going, what works and what doesn't and hopefully
mature it further .... assuming my initial idea has some legs. Or it
could all be a moot point :) So i'll post something in a few days,
etc.
3. RP/OP/so many ackronyms :) Appologies ... hopefully one day I'll
get my thick head around all this.
Sincerly appreciate all your work Andrew and the rest of the quiet
workers around here.
-Justin-
1. Great news about the two new support tickets :) that will make
things a lot easier :)
2. RE: new thread & some of the copy-paste code i've been doing. I'm
not very good at all these patterns and practices, so i'm not going to
pretend I know what is best practice, etc. What i will do is i'll
create a new sample ASP.NET MVC solution, exactly like you have in
your downloadcode. Actually, i'll start with your code. And i'll mix
in my library code and post up a download. I'll include some
documentation about what i've tried to abstract. From here, hopefully
some folks (such as yourself Andrew, but hopefully others in the
community .. so we can get various forms of feedback) can digest it
and see where I'm going, what works and what doesn't and hopefully
mature it further .... assuming my initial idea has some legs. Or it
could all be a moot point :) So i'll post something in a few days,
etc.
3. RP/OP/so many ackronyms :) Appologies ... hopefully one day I'll
get my thick head around all this.
Sincerly appreciate all your work Andrew and the rest of the quiet
workers around here.
-Justin-
Andrew Arnott
Jun 14, 2009, 11:50:44 PM6/14/09
to dotnet...@googlegroups.com
Thanks, Justin. Just a heads up for you and others, there are tickets tracking some major enhancements to the RP UX story that will probably arrive in the library and its samples in a month or two. So if you're planning to work up the ideal MVC RP, I just wanted to warn you that while your work may be very good, it might be best to wait until the renovated versions are available so you can start your work on that.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
I definitely don't want to stagnate a desire to work toward an improvement though, so please feel free to work on it in the meantime anyway if you so choose.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
Reply all
Reply to author
Forward
0 new messages