tags:

views:

161

answers:

1
Q: 

null ClaimsResponse with DotNetOpenAuth in ASP.NET MVC 2 application

I'm trying to get DotNetOpenAuth (latest version) to work with ASP.NET MVC 2 website. I get the first part working, the action is invoked when user selects OpenID provider, I get correct identifier passed in, I then get correctly redirected to the provider website, I get redirected back to my website but here's the problem.

The claims I requested are null (see the code below).

public ActionResult TryAuth(string openid_identifier)
{
    var openid = new OpenIdRelyingParty();
    var response = openid.GetResponse();
    if(response== null)
    {
        var req = openid.CreateRequest(openid_identifier);
        req.AddExtension(new ClaimsRequest
                            {
                                Email = DemandLevel.Require,
                                Nickname = DemandLevel.Require
                            });
        return req.RedirectingResponse.AsActionResult();
    }
    switch(response.Status)
    {
        case AuthenticationStatus.Authenticated:
            {
                var data = response.GetExtension(typeof(ClaimsResponse)) as ClaimsResponse;
                // data is null <-----------------------------------------
                return View("Index");
            }
    }
    return View("Index");
}

I would greatly appreciate if anyone can point out the (not so) obvious mistake I'm making.

+2  A: 

Please look through all the similar questions at http://stackoverflow.com/search?q=claimsresponse+null

Your code looks fine. Make sure you activate the AXFetchAsSregTransform in your web.config file though to maximize the chance of you getting something back. It's up to the Provider to give you any attributes though. Some Providers like Yahoo require that your RP correctly implement RP Discovery, which the sample RPs that come with DotNetOpenAuth demonstrate.

Here is my blog post on getting RP Discovery done right. Do this, and try the sites you've been testing against again. Keep in mind as well that some Providers cache RP Discovery results, so you might apply all your RP Discovery fixes, and still have to wait an hour or a day before the Providers start giving you data.

Andrew Arnott  2010-08-27 07:25:39
Bah, StackOverflow search sucks (or I do) - suggestions it showed up contained none of the questions you linked. Thanks - I'll have a look
Krzysztof Koźmic  2010-08-27 07:27:48
I tried three providers - myopenid, google and technorati and none of them returned anything
Krzysztof Koźmic  2010-08-27 07:33:12
(I'm not too fond of StackOverflow's search feature myself. It needs a +keyword feature to force matches)
Andrew Arnott  2010-08-27 07:33:17
Do you have the AXFetchAsSregTransform wired up?
Andrew Arnott  2010-08-27 07:33:52
Just beefed up my answer to include a blog post on RP Discovery.
Andrew Arnott  2010-08-27 07:37:15
ok, doing the config trick seems to have helped
Krzysztof Koźmic  2010-08-27 07:38:29

related questions

how to get login credentials by openId?
OpenID Migration
PHP Tutorial for OpenId and OAuth
OpenID login workflow?
OpenID support for Ruby on Rails application
Using OpenID for both .NET/Windows and PHP/Linux/Apache web sites
What is the benefit of using ONLY OpenID authentication on a site?
Problems with migrating Cardspace cards between computers
secure way to authenticate administrator in ASP.NET site using OpenID with DotNetOpenID
How do I enable open id on a Java Webapp?
What would it take to make OpenID mainstream?
What's the best .NET library for OpenID and ASP.NET MVC?
Useful browser plugins for openid authentication?
How do I implement an OpenID server in Rails?
How do I implement OpenID in my web application?
Why is HTML form redirection used in OpenID 2?
How do you set up an OpenID provider (server) in Ubuntu?
OpenID as a Single Sign On option??
Should my website abandon username/password authentication in favor of OpenID?
OpenID authentication in ASP.NET?
Open ID - What happens when you decide you don't like your existing provider?
OpenID authentication in Ruby on Rails
OpenID Attribute Exchange - should I use it?
OpenID: which provider should I recommend to my users?
How do I use more than one OpenID?