I’m using DotNetOpenAuth to login to my site using Google OpenId. Simple code, discussed many times before:
protected static readonly string ENDPOINT = "https://www.google.com/accounts/o8/id";
public void RequestAuthentication(string realm, Uri returnUrl) {
using (OpenIdRelyingParty openid = new OpenIdRelyingParty()) {
IAuthenticationRequest openRequest = openid.CreateRequest(ENDPOINT, realm, returnUrl);
var fr = new FetchRequest();
fr.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, true));
fr.Attributes.Add(new AttributeRequest(WellKnownAttributes.Preferences.TimeZone, false));
fr.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName, true));
fr.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.Alias, false));
fr.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.Last, true));
fr.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.First, true));
openRequest.AddExtension(fr);
openRequest.RedirectToProvider();
}
}
This works, but every time Google asks confirmation to pass users’ email to my web site, ignoring ‘Remember my decision’ checkbox!
I already tried to replace FetchRequest with ClaimsRequest (with AXFetchAsSregTransform) – no difference.
What I’m doing wrong?
Seems this is Google-side problem.
In my Google account under ‘Безопасность’ > ‘Авторизация приложений и сайтов’ (‘Security’ > ‘Authorized sites and apps’ ?) settings I removed my site’s tokens (all repeating items), on next logon I again checked ‘remember’ on confirmation page and viola – all future logon to my site does not require confirmation.