但是,当我尝试将OpenID添加到我自己的项目时,ClaimResponse总是返回null.我想知道是否存在我缺少的项目或环境设置?
这是我的Authenticate方法:
public ActionResult Authenticate(string returnUrl)
{
var response = openid.GetResponse();
if (response == null)
{
// Stage 2: user submitting Identifier
Identifier id;
if (Identifier.TryParse(Request.Form["openid_identifier"],out id))
{
try
{
IAuthenticationRequest req = openid.CreateRequest(Request.Form["openid_identifier"]);
req.AddExtension(new ClaimsRequest { Email = DemandLevel.Require });
return req.RedirectingResponse.AsActionResult();
}
catch (ProtocolException ex)
{
ViewData["Message"] = ex.Message;
return View("Login");
}
}
else
{
ViewData["Message"] = "Invalid identifier";
return View("Login");
}
}
else
{
// Stage 3: OpenID Provider sending assertion response
switch (response.Status)
{
case AuthenticationStatus.Authenticated:
ClaimsResponse sreg = response.GetExtension<ClaimsResponse>();
if (sreg != null)
{
var email = sreg.Email;
Session["Email"] = email;
}
Session["FriendlyIdentifier"] = response.FriendlyIdentifierFordisplay;
FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier,false);
if (!string.IsNullOrEmpty(returnUrl))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index","Home");
}
case AuthenticationStatus.Canceled:
ViewData["Message"] = "Canceled at provider";
return View("Login");
case AuthenticationStatus.Failed:
ViewData["Message"] = response.Exception.Message;
return View("Login");
}
}
return new EmptyResult();
}
}
解决方法
<configuration> <configSections> <section name="dotNetopenAuth" type="DotNetopenAuth.Configuration.DotNetopenAuthSection" requirePermission="false" allowLocation="true"/> </configSections> <dotNetopenAuth> <openid> <relyingParty> <behaviors> <!-- The following OPTIONAL behavior allows RPs to use SREG only,but be compatible with OPs that use Attribute Exchange (in varIoUs formats). --> <add type="DotNetopenAuth.OpenId.Behaviors.AXFetchAsSregTransform,DotNetopenAuth" /> </behaviors> </relyingParty> </openid> </dotNetopenAuth> </configuration>
http://dotnetopenauth.net:8000/wiki/CodeSnippets/OpenIDRP/AXFetchAsSregTransform
Google has one unique trait,in that it ignores all attribute requests marked as ‘optional’. You must request the user’s email address as ‘required’ in order to ever get an email address from Google. Be wary though,that by marking the attribute as required,Google will refuse to authenticate the user unless the user is willing to give up their email address. So if you don’t actually require the email address,it may be best to mark it as optional,and just forego getting it from your Google users in order to avoid chasing your users away by forcing them to give up their email address if they don’t want to.
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
