Home/ Questions/Q 7654951
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T12:23:17+00:00

I use DNOA for authentication + authorization with google in my website. http://ugi-2.apphb.com/Authentication.htm When

  • 0

I use DNOA for authentication + authorization with google in my website.

http://ugi-2.apphb.com/Authentication.htm

When I run on local host I get this error

return_to 'http://localhost:8976/Register/Login' not under realm 'http://anonymous/'.

from this piece of code:

 private void HandleAuthNullResponse(IAuthenticationResponse authResponse)
        {
            // Google requires that the realm and consumer key be equal,
            // so we constrain the realm to match the realm in the web.config file.
            // This does mean that the return_to URL must also fall under the key,
            // which means this sample will only work on a public web site
            // that is properly registered with Google.
            // We will customize the realm to use http or https based on what the
            // return_to URL will be (which will be this page).

            var consumer = new WebConsumer(GoogleConsumerHelper.ServiceDescription, mConsumerTokenManager);

            //Realm realm = "http://localhost:8976/";
            Realm realm = System.Web.HttpContext.Current.Request.Url.Scheme + Uri.SchemeDelimiter + consumer.ConsumerKey + "/";
            IAuthenticationRequest authReq = GoogleConsumerHelper.RelyingParty.CreateRequest(GoogleConsumerHelper.GoogleOPIdentifier, realm);

the error fits somehow what is commented by DNOA

It was strange as I saw other code that works for localhost but is much less structured.

I then turned to google site and saw:

Registering your web application

There are three levels of registration:

  1. Unregistered: Application is not recognized by Google. The Access
    Request page, which prompts your users to either grant or deny access
    for your application, displays this caution highlighted in yellow:
    “This website has not registered with Google. We recommend that you
    continue the process only if you trust this destination.”

  2. Registered: …

  3. Registered with enhanced security: …

Registration is optional but recommended. …

I even tried to publish on appHarbor and that didn’t help (don’t have logs there yet)

How can I work this out?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The error message your seeing is because the OpenID spec requires that the return_to URL be a derivative of the realm URL, and obviously in your case it isn’t. http://localhost/ doesn’t fall anywhere under http://anonymous/. If you set your realm to your site’s actual root URL so that return_to is under it, this error should go away.

    I’d be interested in seeing the documentation from Google that says it accepts a realm of http://anonymous/ and a return_to any something other than anonymous.

    • 0