谷歌openID问题令牌?

时间:2011-08-10 06:56:59

标签: openid token

我自己在我的应用程序中使用身份验证交换在c#中通过Dotnetopenauth实现SSO

我的怀疑如下,

  1. 关于我的AX请求的响应,我没有收到任何令牌。我应该发送任何参数吗?
  2. 在我的应用程序中,我需要用户每次登录提供商,但是如果用户点击“下次自动登录”复选框,它就不会在下次向用户询问ID和密码。
  3. 针对MyopenId的AX fetchResponse null。它只支持简单注册吗?

    4. 请求代码:

    IAuthenticationRequest request = openid.CreateRequest(txt_openid_identifier.Text);

    var fetchRequest = new FetchRequest();
    fetchRequest.Attributes.Clear();
    fetchRequest.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
    fetchRequest.Attributes.AddRequired(WellKnownAttributes.Name.First);
    fetchRequest.Attributes.AddRequired(WellKnownAttributes.Name.Last);                       fetchRequest.Attributes.AddRequired(WellKnownAttributes.Contact.HomeAddress.Country);                
            request.AddExtension(fetchRequest);

            // Issue request to OP
            request.RedirectToProvider();

    回应代码:

    using (var openid = new OpenIdRelyingParty())
        {
            var response = openid.GetResponse();

            if (response == null) return;

            switch (response.Status)
            {

                case AuthenticationStatus.Authenticated:
                    string emailID = string.Empty;
                    Session["email"] = string.Empty;
                    Session["name"] = string.Empty;
                    Session["country"] = string.Empty;
                    Session["Accesskey"] = string.Empty;
                    Session["SecretAccesskey"] = string.Empty;

                    var fetchResponse = response.GetExtension<FetchResponse>();

                    if (fetchResponse.Attributes.Contains(WellKnownAttributes.Contact.Email))
                    {
                        IList<string> emailAddresses =
                            fetchResponse.Attributes[WellKnownAttributes.Contact.Email].Values;
                        emailID = emailAddresses.Count > 0 ? emailAddresses[0] : null;
                    }
                    else
                        emailID = string.Empty;
            }
        }

1 个答案:

答案 0 :(得分:0)

我发现某些提供商(即myopenid.com)为FetchRequest返回null,同时返回ClaimsRequest的有效数据。看来不同的提供商支持不同的属性交换机制。在请求中:

var request = openid.CreateRequest(Request.Form["openid_identifier"]);

var sr = new ClaimsRequest
{
    Email = DemandLevel.Request, 
    FullName = DemandLevel.Request
};
request.AddExtension(sr);

var fetchRequest = new FetchRequest();
fetchRequest.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
fetchRequest.Attributes.AddOptional(WellKnownAttributes.Name.FullName);
request.AddExtension(fetchRequest);

return request.RedirectingResponse.AsActionResult();

并在收到回复时:

string email, fullName = String.Empty;
var fetch = response.GetExtension<FetchResponse>();
if (fetch != null)
{
    email = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email);
    fullName = fetch.GetAttributeValue(WellKnownAttributes.Name.FullName);
}
var claimResponse = response.GetExtension<ClaimsResponse>();
if (claimResponse != null)
{
    email = claimResponse.Email;
    fullName = claimResponse.FullName;
}

因此,我们尝试两种方式,并希望从至少一种方法中获取数据。

相关问题
最新问题