在过去几个月中,我们已经看到我们能够在Azure云托管环境中可靠地找到Google的OpenId端点。这曾经是一个仅在蓝色月亮中出现一次的问题,但在上个月,报告该问题的用户数量急剧增加。我还注意到,从部署到部署,问题可能或多或少都很普遍。暗示从特定的azure服务器到google端点有间歇性问题?
随着上升,我们为此添加了日志记录,结果如下:
DEBUG 13 03 2014 20:35:42,598 [89]: HTTP GET https://www.google.com/accounts/o8/id
DEBUG 13 03 2014 20:35:42,723 [89]: An Error event occurred in Test AuthenticationService at 3/13/2014 8:35:42 PM.
Client IP: 75.151.81.33
Client Host: NT AUTHORITY\SYSTEM
Server Host: 10.28.174.102:443
Details:
====================
Error in openid popup request authentication, DotNetOpenAuth.Messaging.ProtocolException: No OpenID endpoint found. ---> System.InvalidOperationException: Sequence contains no elements
at System.Linq.Enumerable.First[TSource](IEnumerable`1 source)
at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequest(Identifier userSuppliedIdentifier, Realm realm, Uri returnToUrl)
--- End of inner exception stack trace ---
at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.CreateRequest(Identifier userSuppliedIdentifier, Realm realm, Uri returnToUrl)
at Website.Controllers.OpenIdController.GetProviderRequest(OpenIdProvider provider, String platform, Boolean isNewAccount) in c:\src-r\Website\Controllers\OpenIdController.cs:line 152
ERROR 13 03 2014 20:35:42,723 [89]:
Error while performing discovery on: "https://www.google.com/accounts/o8/id": DotNetOpenAuth.Messaging.ProtocolException: Error occurred while sending a direct message or getting the response. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
--- End of inner exception stack trace ---
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetResponse()
at DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse(HttpWebRequest request, DirectWebRequestOptions options)
--- End of inner exception stack trace ---
at DotNetOpenAuth.Messaging.StandardWebRequestHandler.GetResponse(HttpWebRequest request, DirectWebRequestOptions options)
at DotNetOpenAuth.Messaging.UntrustedWebRequestHandler.GetResponse(HttpWebRequest request, DirectWebRequestOptions options)
at DotNetOpenAuth.Yadis.Yadis.Request(IDirectWebRequestHandler requestHandler, Uri uri, Boolean requireSsl, String[] acceptTypes)
at DotNetOpenAuth.Yadis.Yadis.Discover(IDirectWebRequestHandler requestHandler, UriIdentifier uri, Boolean requireSsl)
at DotNetOpenAuth.OpenId.UriDiscoveryService.Discover(Identifier identifier, IDirectWebRequestHandler requestHandler, Boolean& abortDiscoveryChain)
at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.Discover(Identifier identifier)
at DotNetOpenAuth.OpenId.RelyingParty.AuthenticationRequest.Create(Identifier userSuppliedIdentifier, OpenIdRelyingParty relyingParty, Realm realm, Uri returnToUrl, Boolean createNewAssociationsAsNeeded)
我认为可能是超时问题所以我尝试增加不受信任的WebRequest上的超时(没有效果)。
<untrustedWebRequest timeout="00:00:30" readWriteTimeout="00:00:15.000">
我们认为可能存在时间问题,所以我们将实例重新调整为time.nist.gov(没有效果)。
我确实在谷歌群组中讨论了这个问题: https://groups.google.com/forum/#!msg/dotnetopenid/SWw10f8MI_E/PXzb15jAFloJ
虽然尚未得出答案。