tags:

views:

394

answers:

2
+1  Q: 

Why is my ClaimsRequest coming back null?

I have just begun experimenting with the DotNetOpenAuth project. Modifying the sample OpenIdRelyingPartyMvc project, I was able to get a ClaimRequest for Email to work with Google.

However, when I tried to add OpenID to my own project, the ClaimResponse always comes back null. I'm wondering if there is a project or environment setting that I'm missing?

Here's my Authenticate method:

public ActionResult Authenticate(string returnUrl)
{
    var response = openid.GetResponse();
    if (response == null)
    {
        // Stage 2: user submitting Identifier
        Identifier id;
        if (Identifier.TryParse(Request.Form["openid_identifier"], out id))
        {
            try
            {
                IAuthenticationRequest req = openid.CreateRequest(Request.Form["openid_identifier"]);
                req.AddExtension(new ClaimsRequest { Email = DemandLevel.Require });
                return req.RedirectingResponse.AsActionResult();
            }
            catch (ProtocolException ex)
            {
                ViewData["Message"] = ex.Message;
                return View("Login");
            }
        }
        else
        {
            ViewData["Message"] = "Invalid identifier";
            return View("Login");
        }
    }
    else
    {
        // Stage 3: OpenID Provider sending assertion response
        switch (response.Status)
        {
            case AuthenticationStatus.Authenticated:
                ClaimsResponse sreg = response.GetExtension<ClaimsResponse>();
                if (sreg != null)
                {
                    var email = sreg.Email;
                    Session["Email"] = email;
                }
                Session["FriendlyIdentifier"] = response.FriendlyIdentifierForDisplay;
                FormsAuthentication.SetAuthCookie(response.ClaimedIdentifier, false);
                if (!string.IsNullOrEmpty(returnUrl))
                {
                    return Redirect(returnUrl);
                }
                else
                {
                    return RedirectToAction("Index", "Home");
                }
            case AuthenticationStatus.Canceled:
                ViewData["Message"] = "Canceled at provider";
                return View("Login");
            case AuthenticationStatus.Failed:
                ViewData["Message"] = response.Exception.Message;
                return View("Login");
        }
    }
    return new EmptyResult();
}

}

+6  A:  
<configuration>
       <configSections>
          <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection" requirePermission="false" allowLocation="true"/>
       </configSections>
       <dotNetOpenAuth>
          <openid>
             <relyingParty>
                <behaviors>
                   <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
                        with OPs that use Attribute Exchange (in various formats). -->
                   <add type="DotNetOpenAuth.OpenId.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth" />
                </behaviors>
             </relyingParty>
          </openid>
       </dotNetOpenAuth>
    </configuration>

http://dotnetopenauth.net:8000/wiki/CodeSnippets/OpenIDRP/AXFetchAsSregTransform

Add the config info to your web.config.

Google has one unique trait, in that it ignores all attribute requests marked as 'optional'. You must request the user's email address as 'required' in order to ever get an email address from Google. Be wary though, that by marking the attribute as required, Google will refuse to authenticate the user unless the user is willing to give up their email address. So if you don't actually require the email address, it may be best to mark it as optional, and just forego getting it from your Google users in order to avoid chasing your users away by forcing them to give up their email address if they don't want to.

Pino  2009-10-20 10:16:50
A: 

Hi,

I have a same problem that you had.

I modified the mvc sample project and I would like to get some profile informations.

I use my google account.

I set the config file like in the previous post.

But it doesn't help me :(

The ClaimResponse always comes back null.

Do you have any idea why?

l.

 2010-07-16 15:06:03

related questions

What's the best way to implement field validation using ASP.NET MVC?
How do I handle page flow in MVC (particularly asp.net)
Entity diagrams in ASP.NET MVC
How do I get rid of Home in ASP.Net MVC?
Can I generate ASP.NET MVC routes from a Sitemap?
ASP.NET Model-view-controller (MVC) - where do I start from?
user controls and asp.net mvc
ASP.Net MVC route mapping
RSS Feeds in ASP.NET MVC
Open Source Licensing Options for ASP.NET MVC Application?
Does the OutputCacheFilter in the Microsoft MVC Preview 4 actually save on action invocations?
MVC Learning Resources
Validating posted form data in the ASP.NET MVC framework
Best mock framework that can do both WebForms and MVC?
Use the routing engine for form submissions in ASP.NET MVC Preview 4
How do you get a custom id to render using HtmlHelper in MVC
MVC Preview 4 - No route in the route table matches the supplied values.
Is there a way to include a fragment identifier when using Asp.Net MVC ActionLink, RedirectToAction, etc. ?
In ASP.NET MVC I encounter an incorrect type error when rendering a user control with the correct typed object
ASP.NET MVC - Is it worth it yet?
Multiple languages in an ASP.NET MVC application?
Is it better to create Model classes, or just stick with generic database utility class?
ASP.NET MVC Without Visual Studio
ASP.NET MVC "CRUD" Database Sample
How to RedirectToAction in ASP.NET MVC without losing request data