1

I am relatively new to asp.net so sorry if the question sounds silly.

I have to build an Asp.net web application able to login on a OpenId custom server (i.e. not included in the DotNetOpenAuth library). I am using vs2010 and .net framework 4.0.

After many searches I found these posts where it is explained.

http://blogs.msdn.com/b/webdev/archive/2012/08/23/plugging-custom-oauth-openid-providers.aspx

How to use OpenID providers with unique identifier URLs in ASP.NET MVC4

http://blogs.msdn.com/b/webdev/archive/2012/08/15/oauth-openid-support-for-webforms-mvc-and-webpages.aspx

All of them refer to MVC and to a directory/file called /App_Start/AuthConfig.cs where you have to register your new provider in order to be able to use the client that comes built-in with the library.

From other searching I have understood this directory is not available in Asp.net web application.

Does exist a way/workaround for achieving the same results in Asp.net web application?

Do you have any suggestion/link on how to implements such custom client in my server?

Thank you stmod

thanks for your help. After your comment I was back to the provider for asking clarification, but so far, they cannot help me more than providing that link. So I tried to manage it working in Java and I did it using openid4java library and the following code:

URL u = new URL("https://logint2.idm.toon.sul.t-online.de/gcp-web/login/10000112/");

Identifier i = new MyIdentifier(); 
*//myIdentifier is my implementation of interface openid4java.discovery.Identifier and returns* "http://specs.openid.net/auth/2.0/identifier_select"

DiscoveryInformation discovered = new DiscoveryInformation(u,i);

AuthRequest authReq = manager.authenticate(discovered, returnToUrl);

With this code (and others for managing the response) I have it working.

I am trying now to apply the same to my dot.net solution.

Can you help me in writing the code for having the DotnethOpenauth working with this endpoint?

I think I have to override the Identifier class as I did in Java, but I am stuck.

Thanks stmod

Community
  • 1
  • 1
stmod
  • 11
  • 3

1 Answers1

0

Adding OpenID Relying Party support to your ASP.NET web application is actually quite easy, and does not require an AuthConfig.cs file. If you are using web forms, the easiest way to go is just drop an OpenIdLogin control onto your web form. If you are using MVC, it's just a few lines of code to write, and you can check out the OpenIdRelyingPartyMvc sample that is included in the dotnetopenauth .zip download from SourceForge to see how it can be done.

Andrew Arnott
  • 80,040
  • 26
  • 132
  • 171
  • Hi Andrew, you are right and I did it, but inside the asp.net relying party you find `request = openid.CreateRequest(openidIdentifier)` that supports only well known identifier such as google. I need to build a client for a custom relying party server (i.e. deutsch telekom), and in the procedure described in the link they say to use AuthConfig.cs for adding a new provider to the set of providers you can invoke via `openid.CreateRequest(openidIdentifier)` – stmod Jan 29 '13 at 10:10
  • Where do you get the idea that CreateRequest only accepts well known identifiers? On the contrary: it accepted any valid OpenID, so an OpenID Provider set up by the company just for this will work fine, so long as they follow the OpenID protocol. DNOA supports building Providers too, so if you build the Provider using ASP.NET I suggest using DNOA on both ends. – Andrew Arnott Jan 29 '13 at 14:18
  • First of all, thanks for helping. I got this idea from browsing around many posts, but as I said, I am relatively new. as matter of fact this url https://logint2.idm.toon.sul.t-online.de/gcp-web/login/10000112/?openid.ns=http://specs.openid.net/auth/2.0&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.return_to=http://myserver/image-archive-itinnov&openid.realm=myserver/image-archive-itinnov/&openid.mode=checkid_setup works if I use it as link, but does not work if I use it as identifier – stmod Jan 29 '13 at 14:28
  • and this is also true if you remove the queryparameter – stmod Jan 29 '13 at 14:32
  • I double checked and this is a really working URL [link](https://logint2.idm.toon.sul.t-online.de/gcp-web/login/10000112/?openid.ns=http://specs.openid.net/auth/2.0&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.return_to=http://127.0.0.1:41997&openid.realm=http://127.0.0.1:41997/&openid.mode=checkid_setup) – stmod Jan 29 '13 at 15:49
  • 1
    That's because your link *isn't* an OpenID Identifier. It's a (malformed) OpenID `checkid_setup` request. You can't pass that URL to any OpenID RP and have it work. Rather, you must find out what identifier led to the formation of that URL and enter that identifier into the RP, so the RP can formulate its own URL similar to that one. – Andrew Arnott Jan 30 '13 at 04:27