开发者

How to add other Open ID providers to OpenIdRelyingParty?

开发者 https://www.devze.com 2022-12-15 20:47 出处:网络
I\'m trying to implement a relying party (the web site I\'m working on) using DotNetOpenAuth on ASP.NET MVC.I\'m using the current version 3.3.1.

I'm trying to implement a relying party (the web site I'm working on) using DotNetOpenAuth on ASP.NET MVC. I'm using the current version 3.3.1.

Using the included MVC sample, I can see that the OpenIdRelyingParty class can automatically recognize and redirect to some open ID provi开发者_如何学运维ders such as myopenid.com and Yahoo based on the ID specified by the user.

How do I get OpenIdRelyingParty to do the same for Windows Live/Hotmail and Google Open IDs?

UPDATE

My problem could be that I'm not clear on what an Open ID is, here is what I'm doing, maybe someone could explain why my expectation is wrong:

  • When I enter a Yahoo email address as the Open ID, it redirects to the Yahoo login page. Cool.

  • When I enter my unique myopenid.com name, it redirects to myopenid.com login page. Cool.

  • But when I do the same for a Windows Live email address, Hotmail address or Gmail address, I get an error "No Open ID endpoint found".

If the Open ID must be a URL, then why does using a Yahoo email address work? I thought this was because the OpenIdRelyingParty class had some intelligence to map common email addresses to provider URLs... am I missing something here?


It works "automatically" for myopenid.com and many others because those are actual OpenID providers.

Email addresses are not OpenID identifiers, but because of the OpenID identifier parsing rules, email addresses happen to work if the domain part of the email address is an "OP identifier". "yahoo.com" itself is an OpenID identifier, so any email address ending with @yahoo.com works as well, which is what you're seeing.

The reason Gmail and Live ID emails and URLs don't work is because Live ID is not an OpenID provider (yet). And Gmail's OP Identifier isn't merely 'gmail.com' unfortunately. Rather, it's https://www.google.com/accounts/o8/id Seriously. It's a long URL. But if you type that in (or just tinyurl.com/googop) you'll get to log in using your Gmail (or any Google) account.


The URL that your users enter in the OpenID field is enough for redirection (for example http://blowdart.openid.example), assuming the OpenID provider is a complete OpenID provider. You shouldn't need to do anything special.

0

精彩评论

暂无评论...
验证码 换一张
取 消