问题描述
我在本地运行DotNetOpenAuth样本提供者,它似乎正确地处理通过Web浏览器请求。我可以通过处理程序在调试器授权步骤。
I have the DotNetOpenAuth sample provider running locally and it appears to correctly handle requests via the web browser. I can step through the handler for authorisation in the debugger.
我可以与谷歌和其他供应商的认证,但未能与样本提供者的项目。样本提供者不会看到一个请求都和依赖方抛出一个异常抱怨没有OpenID的端点上找到。
I have a project which can authenticate with Google and other providers but fails with the sample provider. The sample provider never sees a request at all and the relying party throws an exception complaining No OpenID endpoint found.
说我做的依赖方如下:
string providerURL = "http://localhost/openid/provider";
// Now try the openid relying party...
var openid = new OpenIdRelyingParty();
var response = openid.GetResponse();
if (response == null)
{
Identifier id;
if (Identifier.TryParse(providerURL, out id))
{
// The following line throws the exception without ever making
// a request to the server.
var req = openid.CreateRequest(providerURL);
// Would redirect here...
}
}
我注意到 UntrustedWebRequestHandler 类prevent连接到主机名称,例如本地主机,但将它作为一个列入白名单的主机,因为每个测试用例或手动,似乎并没有帮助。
I noticed that the UntrustedWebRequestHandler class prevent connections to hostnames such as localhost but adding it as a whitelisted host, as per the test cases or manually, doesn't seem to help.
我检查了主机是否可达下列要求:
I have checked the host is reachable with the following:
// Check to make sure the provider URL is reachable.
// These requests are handled by the provider.
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(providerURL);
HttpWebResponse httpRes = (HttpWebResponse)request.GetResponse();
思考?我在束手无策,为什么它从来没有发出请求的。
Thoughts? I am at wits end as to why it never makes a request at all.
编辑:本地主机被列入白名单,像这样:
localhost was whitelisted like so:
(openid.Channel.WebRequestHandler as UntrustedWebRequestHandler).WhitelistHosts.Add("localhost");
我也试过白名单是通过将其添加到的web.config 像这样:
<dotNetOpenAuth>
<messaging>
<untrustedWebRequest>
<whitelistHosts>
<add name="localhost"/>
</whitelistHosts>
</untrustedWebRequest>
</messaging>
</dotNetOpenAuth>
使用这两种方法,本地主机显示在列入白名单的主机的 UntrustedWebRequestHandler 的名单时,在调试器中检查。他们的供应商仍然没有收到任何请求。
Using either approach, localhost shows up in the UntrustedWebRequestHandler's list of whitelisted hosts when examined in the debugger. Their provider still doesn't receive any requests.
推荐答案
看起来你已经意识到有必要为了白名单本地主机为RP来得到它的工作。但别的东西我才知道最近是,从执行HTTP IIS块ASP.NET Web应用沾到自己。它适用于Visual Studio的个人Web服务器,但如果你的RP和OP都在本地主机 IIS上承载的,那么很可能它的IIS是的阻止它。您可以确认或使用您的手写的HttpWebRequest 测试从IIS托管RP与一个控制台应用程序否认这一点。
It looks like you're already aware of the need to whitelist localhost for an RP in order to get it to work. But something else I became aware of recently is that IIS blocks ASP.NET web apps from performing HTTP GETs on themselves. It works for the Visual Studio Personal Web Server, but if your RP and OP are both hosted on IIS under localhost, then likely it's IIS that's blocking it. You can confirm or deny this by using your hand-written HttpWebRequest test from your IIS-hosted RP vs. a console app.
如果他们都在IIS下,这就是问题,那么应该使用个人Web服务器的开发,或者分离在IIS中的两个站点在不同的应用程序池之类的东西,这将有助于。
If they're both under IIS and that's the problem, then you should either use the Personal Web Server for your development, or perhaps separating the two sites on IIS in different app pools or something like that will help.
这篇关于在本地主机与DotNetOpenAuth OpenID提供商的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!