sreg Yahoo problems

Question

Hello

May you please look at the issue:

You may test Yahoo sreg at "https://test-id.org/OP/Sreg.aspx"

ID : "https://me.yahoo.com/" username: [email protected] password: paranoid

Now the problem

This code work with Google but not with Yahoo sreg, becase response.GetUntrustedExtension() alwase returns null values for properties for Yahoo

  var opUrl = LoginCore.GetProviderUrl(provider, openId);
  var openIdRelyingParty = new OpenIdRelyingParty(null);
  var response = openIdRelyingParty.GetResponse();
  Identifier id;

  if (response == null)
  {
      if (Identifier.TryParse(opUrl, out id))
      {
          try
          {
              var claim = new ClaimsRequest();
              claim.Email = DemandLevel.Require;
              claim.FullName = DemandLevel.Request;
              claim.Gender = DemandLevel.Request;
              claim.Nickname = DemandLevel.Require;
              var request = openIdRelyingParty.CreateRequest(opUrl);

              request.AddExtension(claim);
              return request.RedirectingResponse.AsActionResult();
          }
          catch (Exception ex)
          {
          }
      }
      else
      {
          Model.Errors.Add(GeneralErrors.Unexpected());
          return View("SignupUnTrustedOpenId");
      }
  }
  else
  {
      switch (response.Status)
      {
          case AuthenticationStatus.Authenticated:
             var claimsData = response.GetUntrustedExtension<ClaimsResponse>();
     if (claimsData != null)
     {
      email = claimsData.Email;

I am using folowing configuration:

<dotNetOpenAuth>
 <openid>
  <relyingParty>
   <security requireSsl="false" ignoreUnsignedExtensions="false" maximumHashBitLength="256" minimumHashBitLength="160" rejectDelegatingIdentifiers="true" rejectUnsolicitedAssertions="false" requireAssociation="false" requireDirectedIdentity="false" />
   <behaviors>
    <add type="DotNetOpenAuth.OpenId.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth" />
   </behaviors>
  </relyingParty>
 </openid>
 <messaging>
  <untrustedWebRequest>
   <whitelistHosts>
    <add name="localhost" />
   </whitelistHosts>
  </untrustedWebRequest>
 </messaging>
</dotNetOpenAuth>

I am using the latiest version 3.2.0.9177

Thank you very much for help

Vitaly

Answer 1

Yahoo's SREG extension support is currently only in beta. Yahoo is only willing to expose SREG support to whitelisted RPs. See here.

I went through the test-id.org test with my own Yahoo account and it worked. Your code to adding the sreg extension looks fine. So I suspect the only problem is that you're not on Yahoo's whitelist yet.

Answer 2

Thank you for quick response. Another problem:

The library does not work with AOL. AOL uses openid version 1.0 and I think it is due to this. I have tried extremeswank - works with AOL - no problems, and sreg works with AOL too.

May you please check support for version 1.0 ?

Thank you Bye

Vitaly