I've been using Schourode's Canoncialize package to ensure all urls are lowercase. I find it really convenient and would like to continue using it.
https://github.com/schourode/canonicalize
But I hit a snag when using OAuthWebSecurity. The AuthorizationResult was failing. Removing the call to Canonicalize in route_config.cs made it work again.
I had originally thought it was rewriting to the request token to lowercase, but as Chandu pointed out I was mistaken. Now I'm thinking it might be encoding related. But I'm not sure why exactly it's happening or how to approach fixing it. :(
Successful Callback URL
http://localhost:54829/Account/ExternalLoginCallback?__provider__=google
& __sid__=fcb698f12ed04960927d4ac90e56e61e
& dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
& openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
& openid.mode=id_res
& openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud
& openid.response_nonce=2013-09-14T14%3A27%3A18Z6FEiPEQHHaoPbA
& openid.return_to=http%3A%2F%2Flocalhost%3A54829%2FAccount%2FExternalLoginCallback%3F__provider__%3Dgoogle%26__sid__%3Dfcb698f12ed04960927d4ac90e56e61e%26dnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252Fo8%252Fid
& openid.assoc_handle=1.AMlYA9UwBb4zH8OdmM32r_inWmnlZxOI5YYiDIyvZyYzWHSDOhrSr4BXyqr_o5hN
& openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle%2Cns.ext1%2Cext1.mode%2Cext1.type.alias1%2Cext1.value.alias1
& openid.sig=hnrnpAd6y%2FnNsZ%2F%2F%2FUxwF5y3fdQ%3D
& openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3DAItOawnOx9rmVJrEUZJ_Kw7O513sw1IE4I7kBhE
& openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3DAItOawnOx9rmVJrEUZJ_Kw7O513sw1IE4I7kBhE
& openid.ns.ext1=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0
& openid.ext1.mode=fetch_response
& openid.ext1.type.alias1=http%3A%2F%2Faxschema.org%2Fcontact%2Femail
& openid.ext1.value.alias1=myemail%40gmail.com
Failed Callback URL
http://localhost:54829/account/externallogincallback?__provider__=google
& __sid__=49c61b3f66404ec0bedfa36764d462cc
& dnoa.userSuppliedIdentifier=https://www.google.com/accounts/o8/id
& openid.ns=http://specs.openid.net/auth/2.0
& openid.mode=id_res
& openid.op_endpoint=https://www.google.com/accounts/o8/ud
& openid.response_nonce=2013-09-14T14:25:49ZRLQRLeenDyhw3A
& openid.return_to=http://localhost:54829/Account/ExternalLoginCallback?__provider__=google
& __sid__=49c61b3f66404ec0bedfa36764d462cc
& dnoa.userSuppliedIdentifier=https%253A%252F%252Fwww.google.com%252Faccounts%252Fo8%252Fid
& openid.assoc_handle=1.AMlYA9WrOftO7I7kuyIEwBrDNP-7SXGCRijUDbHG_7yNd_SuasIglPfyLWegbAD6
& openid.signed=op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle,ns.ext1,ext1.mode,ext1.type.alias1,ext1.value.alias1
& openid.sig=SMD+cRIfP3E3Y9lZ29tBFBmg2uE=
& openid.identity=https://www.google.com/accounts/o8/id?id=AItOawnOx9rmVJrEUZJ_Kw7O513sw1IE4I7kBhE
& openid.claimed_id=https://www.google.com/accounts/o8/id?id=AItOawnOx9rmVJrEUZJ_Kw7O513sw1IE4I7kBhE
& openid.ns.ext1=http://openid.net/srv/ax/1.0
& openid.ext1.mode=fetch_response
& openid.ext1.type.alias1=http://axschema.org/contact/email
& openid.ext1.value.alias1=myemail@gmail.com
Here's the call that makes or breaks it:
public class RouteConfig
{
public static void RegisterRoutes(RouteCollection routes)
{
// removing this causes oAuth to work ok
routes.Canonicalize().NoWww().Lowercase().NoTrailingSlash();
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapRoute(
"Default",
"{controller}/{action}/{id}",
new { controller = "Home", action = "Default", id = UrlParameter.Optional }
);
}
}
