tags:

views:

180

answers:

1
Q: 

DotNetOpenAuth Login Fails, But receiving data in querystring

I am trying to set up OpenID on an ASP.Net 2 website that I am making right now, and using DotNetOpenAuth. But it seems I've run into a brick wall that won't budge no matter how many things I try.

While trying to sign-in with Google I am getting "Web request to 'https://www.google.com/accounts/o8/ud' failed." as response.

The weird thing is that Google displays the sign-in screen correctly which asks me to confirm whether I want to give the site access.

Additionally the sign-in data from Google is correctly being appended to the querystring.

So why isn't OpenID.GetResponse able to fetch me the correct data?

I can potentially get the sign-in data from the querystring myself. But is that a good idea?

Thank you for replying!

Edit: Just want to clarify here that the behaviour is on Localhost.

+1  A: 

If your web server is behind a firewall or requires a proxy to make outbound HTTP requests, make sure your web.config file includes a snippet to use the system default proxy (or a specifically named one.

<system.net>
    <defaultProxy enabled="true" />
</system.net>

And no don't just retrieve the sign-in data from the query string yourself. There's lots of validation that has to be done on that string to avoid anyone being able to log in as anyone just by writing up the query string themselves. In fact it sounds like DotNetOpenAuth is failing during verification, so you're not likely to be able to do it yourself either until this outbound HTTP request problem is solved.

The tricky part here is why DNOA was able to send you to Google, but unable to contact Google later to verify the positive assertion. Can you enable logging and add the logs to your question if what I've shown above doesn't work?

Andrew Arnott  2010-01-28 13:40:41
Hi Andrew. I was hoping for a reply from you. The default proxy is already enabled. Yes, I will enable logging and post a log.
Cyril Gupta  2010-01-29 01:31:20
Additionally the DotNetOpenAuth MVC sample project is working fine and receiving data correctly on my machine. Is DNOA using Sessions to keep information between requests? I think the problem could also be in my web.config.
Cyril Gupta  2010-01-29 01:35:51
DNOA does *not* use sessions. Just a shot: try adding `<trust level="Medium" originUrl=".*"/>` to your web.config file. Otherwise, we'll need to see the logs.
Andrew Arnott  2010-01-29 01:49:59
I haven't been able to solve this issue yet.
Cyril Gupta  2010-03-19 10:50:42
Include logs, please.
Andrew Arnott  2010-03-19 12:42:33

related questions

What's the best way to implement field validation using ASP.NET MVC?
How do I handle page flow in MVC (particularly asp.net)
Entity diagrams in ASP.NET MVC
How do I get rid of Home in ASP.Net MVC?
Can I generate ASP.NET MVC routes from a Sitemap?
ASP.NET Model-view-controller (MVC) - where do I start from?
user controls and asp.net mvc
ASP.Net MVC route mapping
RSS Feeds in ASP.NET MVC
Open Source Licensing Options for ASP.NET MVC Application?
Does the OutputCacheFilter in the Microsoft MVC Preview 4 actually save on action invocations?
MVC Learning Resources
Validating posted form data in the ASP.NET MVC framework
Best mock framework that can do both WebForms and MVC?
Use the routing engine for form submissions in ASP.NET MVC Preview 4
How do you get a custom id to render using HtmlHelper in MVC
MVC Preview 4 - No route in the route table matches the supplied values.
Is there a way to include a fragment identifier when using Asp.Net MVC ActionLink, RedirectToAction, etc. ?
In ASP.NET MVC I encounter an incorrect type error when rendering a user control with the correct typed object
ASP.NET MVC - Is it worth it yet?
Multiple languages in an ASP.NET MVC application?
Is it better to create Model classes, or just stick with generic database utility class?
ASP.NET MVC Without Visual Studio
ASP.NET MVC "CRUD" Database Sample
How to RedirectToAction in ASP.NET MVC without losing request data