Databases
StackOverflow2013
Postsdbo
POOpenID Relying Party response status shows Failed even with Provider authenticates - DotNetOpenAuth
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POOpenID Relying Party response status shows Failed even with Provider authenticates - DotNetOpenAuth
    text
    copied!<p>Using the DNOA library, I created a Provider which authenticates a request and sends back the user information (like email, first name, etc). To test this, I created a Relying Party. This system works well on my localhost. When I put the Provider in my server, it worked fine but suddenly, I keep getting failed response. </p> <p>Looking at the response URL, I CAN see the email, first name being sent back from the Provider, but the RP is not recognizing it and goes into the 'Failed' case. The exact same code on my localhost works fine.</p> <p>Here is a sample respose - </p> <pre><code>http://localhost:50952/Default.aspx?dnoa.userSuppliedIdentifier=http%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%2Fuser123&amp;openid.claimed_id=http%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%2Fuser123&amp;openid.identity=http%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%2Fuser123&amp;openid.sig=1bCd7KJjvtBqEObuQccO9fIx9FMBDiz2zkl8FrIbguw%3D&amp;openid.signed=claimed_id%2Cidentity%2Cassoc_handle%2Cop_endpoint%2Creturn_to%2Cresponse_nonce%2Cns.alias3%2Calias3.mode%2Calias3.type.alias1%2Calias3.value.alias1%2Calias3.type.alias2%2Calias3.value.alias2%2Calias3.type.alias3%2Calias3.value.alias3%2Calias3.type.alias4%2Calias3.value.alias4%2Calias3.type.alias5%2Calias3.value.alias5%2Calias3.type.alias6%2Calias3.value.alias6%2Calias3.type.alias7%2Calias3.value.alias7&amp;openid.assoc_handle=Bw5H%21IAAAAHoxEw3Q_7vF6XVheBEr7uMn03oSJXmatbjAbWReLG7tQQAAAAGuW5aLeRJZRqnrlrT6CdzWGVtOEgD-4CuYOVcJZLopnig3xaAjzoJaVePTEhPigbL4dtWQqJzmSo7bgivW8815&amp;openid.op_endpoint=http%3A%2F%2Fopenid.xyz.com%2Fserver.aspx&amp;openid.return_to=http%3A%2F%2Flocalhost%3A50952%2FDefault.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttp%253A%252F%252Fopenid.xyz.com%252Fuser.aspx%252Fuser123&amp;openid.response_nonce=2013-07-27T23%3A46%3A49ZFINSwMcn&amp;openid.mode=id_res&amp;openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&amp;openid.ns.alias3=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&amp;openid.alias3.mode=fetch_response&amp;openid.alias3.type.alias1=UserName&amp;openid.alias3.value.aluser123&amp;openid.alias3.type.alias2=FirstName&amp;openid.alias3.value.alias2=N&amp;openid.alias3.type.alias3=LastName&amp;openid.alias3.value.alias3=Smith&amp;openid.alias3.type.alias4=RemoteLogin&amp;openid.alias3.value.alias4=1&amp;openid.alias3.type.alias5=StaffType&amp;openid.alias3.value.alias5=&amp;openid.alias3.type.alias6=DEANumber&amp;openid.alias3.value.alias6=&amp;openid.alias3.type.alias7=StateNumber&amp;openid.alias3.value.alias7= </code></pre> <p>You can see that the fields with personal information is present! why does the RP still show 'failed'?</p> <p><strong>EDIT</strong>: So the RP gets a proper response when Provider is from LocalHost but fails when Provider is on the server. Here the value of the immediate window of the RP with the Localhost provider:</p> <pre><code> WebDev.WebServer40.exe Information: 0 : HTTP GET http://localhost:58242/user.aspx/user123 WebDev.WebServer40.exe Information: 0 : An XRDS response was received from GET at user-supplied identifier. WebDev.WebServer40.exe Information: 0 : Total services discovered in XRDS: 2 WebDev.WebServer40.exe Information: 0 : [{ ClaimedIdentifier: http://localhost:58242/user.aspx/user123 ProviderLocalIdentifier: http://localhost:58242/user.aspx/user123 ProviderEndpoint: http://localhost:58242/server.aspx OpenID version: 2.0 Service Type URIs: http://specs.openid.net/auth/2.0/signon http://openid.net/extensions/sreg/1.1 }, { ClaimedIdentifier: http://localhost:58242/user.aspx/user123 ProviderLocalIdentifier: http://localhost:58242/user.aspx/user123 ProviderEndpoint: http://localhost:58242/server.aspx OpenID version: 1.0 Service Type URIs: http://openid.net/signon/1.0 http://openid.net/extensions/sreg/1.1 },] WebDev.WebServer40.exe Information: 0 : Skipping HTML discovery because XRDS contained service endpoints. WebDev.WebServer40.exe Information: 0 : Received identity assertion for http://localhost:58242/user.aspx/user123 via http://localhost:58242/server.aspx. </code></pre> <p>And here is the RP immediate window with the Provider on the server:</p> <pre><code>WebDev.WebServer40.exe Information: 0 : HTTP GET https://openid.xyz.com/user.aspx/user123 WebDev.WebServer40.exe Information: 0 : An XRDS response was received from GET at user-supplied identifier. WebDev.WebServer40.exe Information: 0 : Total services discovered in XRDS: 2 WebDev.WebServer40.exe Information: 0 : [{ ClaimedIdentifier: https://openid.xyz.com/user.aspx/user123 ProviderLocalIdentifier: https://openid.xyz.com/user.aspx/user123 ProviderEndpoint: https://openid.xyz.com/server.aspx OpenID version: 2.0 Service Type URIs: http://specs.openid.net/auth/2.0/signon http://openid.net/extensions/sreg/1.1 }, { ClaimedIdentifier: https://openid.xyz.com/user.aspx/user123 ProviderLocalIdentifier: https://openid.xyz.com/user.aspx/user123 ProviderEndpoint: https://openid.xyz.com/server.aspx OpenID version: 1.0 Service Type URIs: http://openid.net/signon/1.0 http://openid.net/extensions/sreg/1.1 },] WebDev.WebServer40.exe Information: 0 : Skipping HTML discovery because XRDS contained service endpoints. WebDev.WebServer40.exe Information: 0 : Performing discovery on user-supplied identifier: https://openid.xyz.com/user.aspx/user123 WebDev.WebServer40.exe Information: 0 : Creating authentication request for user supplied Identifier: https://openid.xyz.com/user.aspx/user123 WebDev.WebServer40.exe Information: 0 : Preparing to send CheckIdRequest (2.0) message. WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElementRelyingParty applied to message. WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions did not apply to message. WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message. WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did not apply to message. WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message. WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message. WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message. WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySigningBindingElement did not apply to message. WebDev.WebServer40.exe Information: 0 : Sending message: CheckIdRequest WebDev.WebServer40.exe Information: 0 : Redirecting to https://openid.xyz.com/server.aspx?openid.claimed_id=https%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%user123&amp;openid.identity=https%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%user123&amp;openid.assoc_handle=woRX%21IAAAAI8Cn8mo2fHDzAFTyfYMZo7lsBbLcv5iKzliqwfmhxyjQQAAAAFNfXjeTdiwJif_mcgZSqkQOe1wQ79P1GaU1FZw1A4LonBK0rO2OjBpgr8uqCZ4VYYv2C9AJICbSDGN-z19OoqI&amp;openid.return_to=http%3A%2F%2Flocalhost%3A50952%2FDefault.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fopenid.xyz.com%252Fuser.aspx%user123&amp;openid.realm=http%3A%2F%2Flocalhost%3A50952%2F&amp;openid.mode=checkid_setup&amp;openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&amp;openid.ns.alias3=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&amp;openid.alias3.if_available=alias1%2Calias2%2Calias3%2Calias4%2Calias5%2Calias6%2Calias7&amp;openid.alias3.mode=fetch_request&amp;openid.alias3.type.alias1=UserName&amp;openid.alias3.count.alias1=1&amp;openid.alias3.type.alias2=FirstName&amp;openid.alias3.count.alias2=1&amp;openid.al ias3.type.alias3=LastName&amp;openid.alias3.count.alias3=1&amp;openid.alias3.type.alias4=RemoteLogin&amp;openid.alias3.count.alias4=1&amp;openid.alias3.type.alias5=DEANumber&amp;openid.alias3.count.alias5=1&amp;openid.alias3.type.alias6=StateNumber&amp;openid.alias3.count.alias6=1&amp;openid.alias3.type.alias7=StaffType&amp;openid.alias3.count.alias7=1 A first chance exception of type 'System.Threading.ThreadAbortException' occurred in mscorlib.dll An exception of type 'System.Threading.ThreadAbortException' occurred in mscorlib.dll but was not handled in user code WebDev.WebServer40.exe Information: 0 : Incoming HTTP request: GET http://localhost:50952/Default.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%user123&amp;openid.claimed_id=https%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%user123&amp;openid.identity=https%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%user123&amp;openid.sig=narSsDwDWz69GrdFNuz%2F57Gy%2BOO4%2BFDdNTIWM5BpJBE%3D&amp;openid.signed=claimed_id%2Cidentity%2Cassoc_handle%2Cop_endpoint%2Creturn_to%2Cresponse_nonce%2Cns.alias3%2Calias3.mode%2Calias3.type.alias1%2Calias3.value.alias1%2Calias3.type.alias2%2Calias3.value.alias2%2Calias3.type.alias3%2Calias3.value.alias3%2Calias3.type.alias4%2Calias3.value.alias4%2Calias3.type.alias5%2Calias3.value.alias5%2Calias3.type.alias6%2Calias3.value.alias6%2Calias3.type.alias7%2Calias3.value.alias7&amp;openid.assoc_handle=woRX%21IAAAAI8Cn8mo2fHDzAFTyfYMZo7lsBbLcv5iKzliqwfmhxyjQQAAAAFNfXjeTdiwJif_mcgZSqkQOe1wQ79P1GaU1FZw1A4LonBK0rO2OjBpgr8uqCZ4VYYv2C9AJICbSDGN-z19OoqI&amp;openid.op_endpoint=https%3A %2F%2Fopenid.xyz.com%2Fserver.aspx&amp;openid.return_to=http%3A%2F%2Flocalhost%3A50952%2FDefault.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fopenid.xyz.com%252Fuser.aspx%user123&amp;openid.response_nonce=2013-07-29T01%3A05%3A41ZNuPERYFm&amp;openid.mode=id_res&amp;openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&amp;openid.ns.alias3=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&amp;openid.alias3.mode=fetch_response&amp;openid.alias3.type.alias1=UserName&amp;openid.alias3.value.alias1=user123&amp;openid.alias3.type.alias2=FirstName&amp;openid.alias3.value.alias2=N&amp;openid.alias3.type.alias3=LastName&amp;openid.alias3.value.alias3=Smith&amp;openid.alias3.type.alias4=RemoteLogin&amp;openid.alias3.value.alias4=1&amp;openid.alias3.type.alias5=StaffType&amp;openid.alias3.value.alias5=&amp;openid.alias3.type.alias6=DEANumber&amp;openid.alias3.value.alias6=&amp;openid.alias3.type.alias7=StateNumber&amp;openid.alias3.value.alias7= WebDev.WebServer40.exe Information: 0 : Incoming request received: PositiveAssertionResponse WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message. WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message. WebDev.WebServer40.exe Information: 0 : Verifying incoming PositiveAssertionResponse message signature of: narSsDwDWz69GrdFNuz/57Gy+OO4+FDdNTIWM5BpJBE= WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySigningBindingElement applied to message. A first chance exception of type 'DotNetOpenAuth.Messaging.ProtocolException' occurred in DotNetOpenAuth.DLL </code></pre> <p>The difference that I see is the line <code>Received identity assertion</code> which is not present for the server provider.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload