I get an "The remote name could not be resolved: 'mine.com'"
When using this open ID identifier: https://www.google.com/accounts/o8/site-xrds?hd=mine.com
And it's true, that the mine.com DNS record doesn't exist. But I'm wondering why it goes to look there in the first place. All I want to be doing is to check if the user can login to our hosted domain. Is that really so hard?
I'm using DotNetOpenAuth and this is what I was missing...
relyingParty.DiscoveryServices.Insert(0, new DotNetOpenAuth.OpenId.HostMetaDiscoveryService { UseGoogleHostedHostMeta = true, });
By putting the HostMetaDiscoveryService first and allowing UseGoogleHostedHostMeta the request will work as expected.
Ends up something like this:
var relyingParty = new OpenIdRelyingParty();
relyingParty.DiscoveryServices.Insert(0, new DotNetOpenAuth.OpenId.HostMetaDiscoveryService { UseGoogleHostedHostMeta = true, });
var response = relyingParty.GetResponse();
if (response == null)
{
var googleID = "https://www.google.com/accounts/o8/site-xrds?hd=my.domain";
var request = relyingParty.CreateRequest(googleID);
request.RedirectToProvider();
}
else
{
switch (response.Status)
{
case AuthenticationStatus.Authenticated:
break;
default:
break;
}
}