I am using dotnetopenauth and I am wondering what should I be storing from claimedIdentifier. I thought it would be just an id but it seems to have a url too.
When I do something like
Identifier claimedIdentifier = openIdRelayingParty.ClaimedIdentifier;
I get
//yahoo
https://me.yahoo.com/a/2RCv_bQ7341PA3v4irf5tzu_9K_fF1414afa414
https://www.google.com/accounts/o8/id?id=AItOawmMvmoomT7lOO5jwEaAd1414dfafaf241VUI
So do I store this whole thing or just the long string? If I should store the the long string then how to I extract it out? It seems like each provider formatting is a bit different.
You should store the entire URL, including the fragment part. The fragment part is the #fragment at the end of some URLs. For example, I think every Yahoo ClaimedIdentifier actually includes a fragment like this:
https://me.yahoo.com/a/2RCv_bQ7341PA3v4irf5tzu_9K_fF1414afa414#aHd88
It is vitally important that the entire ClaimedIdentifier be stored, and later used to identify the same person. Also, be sure your identity check is case sensitive. Do not use the
System.Uri.Equalsmethod to verify that two ClaimedIds are equivalent. It would returntruein cases where only the #fragment is different, which is not correct. You should useIdentifier.Equalsor the simpleString.Equals(string, string, StringComparison.Ordinal)method.Or if you’re looking up the user from your users table in a database, be certain that your users table is configured to be case sensitive for the ClaimedId column.