Update Thanks to a comment from @IvanL, it turns out that the problem is with Google. Since then, I have tried other providers, and for them everything works as expected. Google simply does not send requirements information. I have not yet been able to figure out why or what I need differently to send it to Google.
A wild blow in the dark says that this may be due to the fact that the default area does not match http: //: /, since I saw Andrew Arnott's answer that Google changes the declared identifier for the same account based on the transferred area with the request for authentication.
Another important information-related information: unlike many examples that can be found on the Internet for using dotnetopenauth, I do not use a βplainβ text field and do not create openIdIdentifier myself, but I use the openID selector and which passes the openIdIdentifier passed to ValidateAtOpenIdProvider . (According to Adding OpenID Validation to an ASP.NET MVC 4 Application )
Question: why does IAuthenticationResponse.GetExtension () always return null when using Google as an openId provider, if otherwise all relevant questions regarding Google were addressed (email requested, as required, AXFetchAsSregTransform, etc.)?
Original
I am struggling with getting DotNetOpenAuth to parse the response received from the provider. Follow the instructions Adding OpenID authentication to your ASP.NET MVC 4 application until the login should work, and the login result will return to the main page with the username (nobody) displayed in the upper right corner. (It depends on "The user should at this moment see the following:" a little more than half the path to the article).
I am using Visual Studio Web Developer 2010 Express with C #. DotNetOpenAuth version 4.0.3.12153 (according to the .config package, 4.0.3.12163 according to Windows Explorer).
My web.config was changed according to the instructions in Activating AXFetchAsSregTransform , which was the solution for DotNetOpenId - Open Id to get some data
Unfortunately, this was not enough to make it work for me.
The openid selector works fine and leads to the correct choice of the openid provider. An authentication request is created as follows:
public IAuthenticationRequest ValidateAtOpenIdProvider(string openIdIdentifier) { IAuthenticationRequest openIdRequest = openId.CreateRequest(Identifier.Parse(openIdIdentifier)); var fields = new ClaimsRequest() { Email = DemandLevel.Require, FullName = DemandLevel.Require, Nickname = DemandLevel.Require }; openIdRequest.AddExtension(fields); return openIdRequest; }
It all works. I can log in and authorize the page to get my information, which then leads to a GetUser call:
public OpenIdUser GetUser() { OpenIdUser user = null; IAuthenticationResponse openIdResponse = openId.GetResponse(); if (openIdResponse.IsSuccessful()) { user = ResponseIntoUser(openIdResponse); } return user; }
openIdResponse.IsSuccessful is implemented as an extension method (see related article):
return response != null && response.Status == AuthenticationStatus.Authenticated;
and always successful when the ResponseIntoUser method is introduced:
private OpenIdUser ResponseIntoUser(IAuthenticationResponse response) { OpenIdUser user = null; var claimResponseUntrusted = response.GetUntrustedExtension<ClaimsResponse>(); var claimResponse = response.GetExtension<ClaimsResponse>(); // For this to work with the newer/est version of DotNetOpenAuth, make sure web.config // file contains required settings. See link for more details. // http://www.dotnetopenauth.net/developers/help/the-axfetchassregtransform-behavior/ if (claimResponse != null) { user = new OpenIdUser(claimResponse, response.ClaimedIdentifier); } else if (claimResponseUntrusted != null) { user = new OpenIdUser(claimResponseUntrusted, response.ClaimedIdentifier); } else { user = new OpenIdUser(" ikke@gmail.com ;ikke van ikkenstein;ikke nick;ikkeclaimedid"); } return user; }
My version above differs from the code in the related article by adding the last else block, so that I always get the home page with the username and the displayed link (which helps when trying to do this several times in a row).
I tried both Google and Yahoo. Both authenticate the penalty, both return the identity registered by the WebDev server. However, GetUntrustedExtenstion and GetExtension always return null. I always see the "ikke nick" from the last, never the name that I actually used for authentication.
I am at a loss about how to keep trying and get it to work. This is probably some kind of oversight on my part (I am an experienced developer, but have just begun to dip my fingers in C # and the web interface), and I do not see it.
Any suggestions for continuing / debugging are very welcome.