I'm trying to use a single HTTPHandler to authenticate a user's open id and receive a claimresponse. The initial authentication works, but the claimresponse does not. The error I receive is "This webpage has a redirect loop." What am I doing wrong?
public class OpenIdLogin : IHttpHandler
{
private HttpContext _context = null;
public void ProcessRequest(HttpContext context)
{
_context = context;
var openid = new OpenIdRelyingParty();
var response = openid.GetResponse();
if (response == null)
{
// Stage 2: user submitting Identifier
openid.CreateRequest(context.Request.Form["openid_identifier"]).RedirectToProvider();
}
else
{
// Stage 3: OpenID Provider sending assertion response
switch (response.Status)
{
case AuthenticationStatus.Authenticated:
//FormsAuthentication.RedirectFromLoginPage(response.ClaimedIdentifier, false);
string identifier = response.ClaimedIdentifier;
//****** TODO only proceed if we don't have the user's extended info in the database **************
ClaimsResponse claim = response.GetExtension<ClaimsResponse>();
if (claim == null)
{
//IAuthenticationRequest req = openid.CreateRequest(identifier);
IAuthenticationRequest req = openid.CreateRequest(Identifier.Parse(identifier));
var fields = new ClaimsRequest();
fields.Email = DemandLevel.Request;
req.AddExtension(fields);
req.RedirectingResponse.Send(); //Is this correct?
}
else
{
context.Response.ContentType = "text/plain";
context.Response.Write(claim.Email); //claim.FullName;
}
break;
case AuthenticationStatus.Canceled:
//TODO
break;
case AuthenticationStatus.Failed:
//TODO
break;
}
}
}