尝试通过MyOpenID和Yahoo进行身份验证时,出现“消息签名不正确”异常。
我几乎使用了DotNetOpenAuth 3.4.2随附的ASP.NET MVC示例代码
public ActionResult Authenticate(string openid)
{
var openIdRelyingParty = new OpenIdRelyingParty();
var authenticationResponse = openIdRelyingParty.GetResponse();
if (authenticationResponse == null)
{
// Stage 2: User submitting identifier
Identifier identifier;
if (Identifier.TryParse(openid, out identifier))
{
var realm = new Realm(Request.Url.Root() + "openid");
var authenticationRequest = openIdRelyingParty.CreateRequest(openid, realm);
authenticationRequest.RedirectToProvider();
}
else
{
return RedirectToAction("login", "home");
}
}
else
{
// Stage 3: OpenID provider sending assertion response
switch (authenticationResponse.Status)
{
case AuthenticationStatus.Authenticated:
{
// TODO
}
case AuthenticationStatus.Failed:
{
throw authenticationResponse.Exception;
}
}
}
return new EmptyResult();
}
与Google,AOL和其他公司合作良好。但是,Yahoo和MyOpenID属于AuthenticationStatus.Failed情况,但以下情况除外:
DotNetOpenAuth.Messaging.Bindings.InvalidSignatureException: Message signature was incorrect.
at DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement.ProcessIncomingMessage(IProtocolMessage message) in c:\Users\andarno\git\dotnetopenid\src\DotNetOpenAuth\OpenId\ChannelElements\SigningBindingElement.cs:line 139
at DotNetOpenAuth.Messaging.Channel.ProcessIncomingMessage(IProtocolMessage message) in c:\Users\andarno\git\dotnetopenid\src\DotNetOpenAuth\Messaging\Channel.cs:line 992
at DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel.ProcessIncomingMessage(IProtocolMessage message) in c:\Users\andarno\git\dotnetopenid\src\DotNetOpenAuth\OpenId\ChannelElements\OpenIdChannel.cs:line 172
at DotNetOpenAuth.Messaging.Channel.ReadFromRequest(HttpRequestInfo httpRequest) in c:\Users\andarno\git\dotnetopenid\src\DotNetOpenAuth\Messaging\Channel.cs:line 386
at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse(HttpRequestInfo httpRequestInfo) in c:\Users\andarno\git\dotnetopenid\src\DotNetOpenAuth\OpenId\RelyingParty\OpenIdRelyingParty.cs:line 540
似乎其他人也有相同的问题:http://trac.dotnetopenauth.net:8000/ticket/172
有人有解决方法吗?
最佳答案
原来这是在Web场环境中使用DotNetOpenAuth的问题。
创建OpenIdRelyingParty时,请确保在构造函数中传递null。
这会使您的网站进入OpenID无状态或“哑”模式。用户登录的速度稍慢(如果您甚至注意到的话),但是避免了编写IRelyingPartyApplicationStore来允许DotNetOpenAuth在整个服务器场中工作;
var openIdRelyingParty = new OpenIdRelyingParty(null);
关于asp.net-mvc - DotNetOpenAuth:邮件签名不正确,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/2505565/