Menu
I am using DotNetOpenAuth to integrate openID in our web application. The code below requests the information to the provider.
try
{
var req = openid.CreateRequest(Request.Form["openid_identifier"]);
req.AddExtension(new DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.ClaimsRequest
{
Email = DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.DemandLevel.Require,
FullName = DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.DemandLevel.Require,
Nickname = DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.DemandLevel.Request,
PostalCode = DotNetOpenAuth.OpenId.Extensions.SimpleRegistration.DemandLevel.Request
});
return req.RedirectingResponse.AsActionResult();
}
For some reason the response from the openID provider never comes with the information I am requesting. Below is the code:
// Stage 3: OpenID Provider sending assertion response
switch (response.Status) {
case AuthenticationStatus.Authenticated:
Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay;
FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false);
if (!string.IsNullOrEmpty(returnUrl)) {
return Redirect(returnUrl);
} else {
return RedirectToAction("Index", "Home");
}
I have tried: response.ClaimedIdentifier in a million ways and it never has valuable information that I can do something with. Any ideas?
767
OpenID Connect is a simple identity protocol and open standard that is built using the OAuth 2.0 protocol. It enables client applications to rely on authentication that is performed by an OpenID Connect Provider to verify the identity of a user.
OpenID Connect (OIDC) is an open authentication protocol that works on top of the OAuth 2.0 framework.
The IAuthenticationResponse.ClaimedIdentifier property never contains these attributes that you're requesting. It only contains the "username" of the OpenID user.
You're sending the request perfectly. Just add a bit to your handling of the positive response:
// Stage 3: OpenID Provider sending assertion response
switch (response.Status) {
case AuthenticationStatus.Authenticated:
Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay;
FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false);
var sreg = response.GetExtension<ClaimsResponse>();
if (sreg != null) { // the Provider MAY not provide anything
// and even if it does, any of these attributes MAY be missing
var email = sreg.Email;
var fullName = sreg.FullName;
// get the rest of the attributes, and store them off somewhere.
}
if (!string.IsNullOrEmpty(returnUrl)) {
return Redirect(returnUrl);
} else {
return RedirectToAction("Index", "Home");
}
break;
// ...
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
