asp.net-mvc – DotNetOpenAuth：消息签名不正确

尝试使用MyOpenID和Yahoo进行身份验证时,我会收到一条“消息签名不正确”异常.

我几乎使用了DotNetopenAuth 3.4.2附带的ASP.NET MVC示例代码

public ActionResult Authenticate(string openid)
{
    var openIdRelyingParty = new OpenIdRelyingParty();
    var authenticationResponse = openIdRelyingParty.GetResponse();

    if (authenticationResponse == null)
    {
        // Stage 2: User submitting identifier
        Identifier identifier;

        if (Identifier.TryParse(openid,out identifier))
        {
            var realm = new Realm(Request.Url.Root() + "openid");
            var authenticationRequest = openIdRelyingParty.CreateRequest(openid,realm);
            authenticationRequest.RedirectToProvider();
        }
        else
        {
            return RedirectToAction("login","home");
        }
    }
    else
    {
        // Stage 3: OpenID provider sending assertion response
        switch (authenticationResponse.Status)
        {
            case AuthenticationStatus.Authenticated:
            {
                // Todo
            }
            case AuthenticationStatus.Failed:
            {
                throw authenticationResponse.Exception;
            }
        }
    }

    return new EmptyResult();
}

与Google,AOL等人合作.但是,雅虎和MyOpenID属于AuthenticationStatus.Failed案例,但出现以下异常：

DotNetopenAuth.Messaging.Bindings.InvalidSignatureException: Message signature was incorrect.
   at DotNetopenAuth.OpenId.ChannelElements.SigningBindingElement.ProcessIncomingMessage(IProtocolMessage message) in c:\Users\andarno\git\dotnetopenid\src\DotNetopenAuth\OpenId\ChannelElements\SigningBindingElement.cs:line 139
   at DotNetopenAuth.Messaging.Channel.ProcessIncomingMessage(IProtocolMessage message) in c:\Users\andarno\git\dotnetopenid\src\DotNetopenAuth\Messaging\Channel.cs:line 992
   at DotNetopenAuth.OpenId.ChannelElements.OpenIdChannel.ProcessIncomingMessage(IProtocolMessage message) in c:\Users\andarno\git\dotnetopenid\src\DotNetopenAuth\OpenId\ChannelElements\OpenIdChannel.cs:line 172
   at DotNetopenAuth.Messaging.Channel.ReadFromrequest(HttpRequestInfo httpRequest) in c:\Users\andarno\git\dotnetopenid\src\DotNetopenAuth\Messaging\Channel.cs:line 386
   at DotNetopenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse(HttpRequestInfo httpRequestInfo) in c:\Users\andarno\git\dotnetopenid\src\DotNetopenAuth\OpenId\RelyingParty\OpenIdRelyingParty.cs:line 540

显示其他人有同样的问题：http://trac.dotnetopenauth.net:8000/ticket/172

有没有人有解决方法？

解决方法

事实证明,这是在Web场环境中使用DotNetopenAuth的问题.

当您创建OpenIdRelyingParty时,请确保在构造函数中传递null.

这将使您的网站进入OpenID无状态或“哑”模式.用户登录稍慢一些(如果您注意到),但您避免不必编写一个IRelyingPartyApplicationStore来允许DotNetopenAuth在您的农场中工作;

var openIdRelyingParty = new OpenIdRelyingParty(null);

asp.net-mvc – DotNetOpenAuth：消息签名不正确

解决方法

相关推荐