Yahoo OP regression causes interop failure with DotNetOpenAuth

[Andrew Arnott]

All DotNetOpenAuth v3.x users: (v2.x users are unaffected)

Yahoo updated their OpenID Provider yesterday, and unfortunately introduced a bug in their code that hits DNOA in such a way that DNOA throws an unhandled exception and fails to log any Yahoo user in.  DNOA was designed to withstand this kind of OP bug but there was a bug in DNOA's own interop bug-handling -- gah!  

Anyway, I'm working with Yahoo to get it corrected on their end.  In the meantime, I've fixed the bug in DNOA that causes the authentication to fail so that now notwithstanding Yahoo's bug, DNOA will log the user in, and DNOA will just drop the faulty PAPE extension that is attached to the response until Yahoo can fix it.

You can go snag a special build of DotNetOpenAuth v3.3.1 from TeamCity now if you have Yahoo users who can't log into your RP and you want the fix now.  This build is just v3.3 that released last night, but with the extra Yahoo fix.

--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre

[Andrew Arnott]

Also, if you're using DNOA v3.1 or v3.2, and aren't ready to jump to v3.3.1 to get the Yahoo fix, you can go to the TeamCity site and download the latest nightly build for the version you have to get the fix.

--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre