I’m trying to get SSO openid working with dotnetopenauth.
I have two separate projects, being debugged separately (both on localhost but two different ports), one acting as the provider and one as the relying party.
The relying party is running on localhost:1903.
The provider is running on localhost:3314.
Relying party code:
public ActionResult Authenticate()
{
UriBuilder returnToBuilder = new UriBuilder(Request.Url);
returnToBuilder.Path = "/OpenId/";
returnToBuilder.Query = null;
returnToBuilder.Fragment = null;
Uri returnTo = returnToBuilder.Uri;
returnToBuilder.Path = "/";
Realm realm = returnToBuilder.Uri;
realm = "http://localhost:3314/OpenId/";
returnTo = new Uri("http://localhost:3314/OpenId/");
var response = openid.GetResponse();
if (response == null) {
if (Request.QueryString["ReturnUrl"] != null && User.Identity.IsAuthenticated) {
} else {
string strIdentifier = "testidentifier";
var request = openid.CreateRequest(
strIdentifier,
realm,
returnTo);
var fetchRequest = new FetchRequest();
request.AddExtension(fetchRequest);
request.RedirectToProvider();
}
} else {
switch (response.Status) {
case AuthenticationStatus.Canceled:
//stuff got cancelled for some reason
break;
case AuthenticationStatus.Failed:
//response.Exception.Message;
break;
case AuthenticationStatus.Authenticated:
//a bunch of applying roles that i don't think we care about
break;
}
}
return new EmptyResult();
}
Provider code:
public ActionResult Index()
{
IAuthenticationRequest iR = (IAuthenticationRequest)Request;
if (iR.IsReturnUrlDiscoverable(ProviderEndpoint.Provider.Channel.WebRequestHandler) != RelyingPartyDiscoveryResult.Success) {
iR.IsAuthenticated = false;
return new EmptyResult();
}
if (iR.IsDirectedIdentity) {
if (User.Identity.IsAuthenticated) {
iR.LocalIdentifier = BuildIdentityUrl();
iR.IsAuthenticated = true;
} else {
if (iR.Immediate || ImplicitAuth) {
iR.IsAuthenticated = false;
} else {
if (!Request.Path.EndsWith("Login", StringComparison.OrdinalIgnoreCase)) {
return RedirectToAction("Login", "User");
}
}
}
} else {
string userOwningOpenIdUrl = ExtractUserName(iR.LocalIdentifier);
iR.IsAuthenticated = userOwningOpenIdUrl == User.Identity.Name;
if (!iR.IsAuthenticated.Value && !ImplicitAuth && !iR.Immediate) {
if (!Request.Path.EndsWith("Login", StringComparison.OrdinalIgnoreCase)) {
return RedirectToAction("Login", "User");
}
}
}
if (iR.IsAuthenticated.Value) {
var fetchRequest = iR.GetExtension<FetchRequest>();
if (fetchRequest != null) {
var fetchResponse = new FetchResponse();
//roles and stuff
iR.AddResponseExtension(fetchResponse);
}
}
return new EmptyResult();
}
I get the error when I run the relying party code, on the openid.CreateRequest method. I enabled debugging on my provider code and it never gets hit.
Researching the error, I found a lot of suggestions about proxy problems but that shouldn’t be an issue for me as I’m only going to localhost.
Perhaps it’s something fairly obvious but I’m at a loss as to what I’m doing wrong.
Thanks in advance for the help!
EDIT: FYI, I got this code from the DotNetOpenAuth samples.
Well, I ended up stepping through the source manually and somewhat figured out the problem.
Turns out dumdum was somewhat correct – my first issue was that it did want a URI as a the identifier, so once I changed my identifier to
http://localhost:3314/OpenId/(even though that’s not valid, per se) I got over that exception.The second problem was that I forgot to add information to web.config – so
localhostwas not whitelisted andCreateRequestfailed there.After I fixed those two issues my provider code got hit fine – I’m running into other errors there but that’s for a separate question I imagine.
Web.Config: