DNOA ライブラリを使用して、リクエストを認証し、ユーザー情報 (電子メール、名前など) を返すプロバイダーを作成しました。これをテストするために、Relying Party を作成しました。このシステムは、私のローカルホストでうまく機能します。サーバーにプロバイダーを配置すると、正常に機能しましたが、突然、失敗した応答が返され続けます。
応答 URL を見ると、電子メールの最初の名前がプロバイダーから返されていることがわかりますが、RP はそれを認識せず、「失敗」のケースに入ります。私のローカルホストでまったく同じコードが正常に動作します。
ここにサンプルの応答があります -
http://localhost:50952/Default.aspx?dnoa.userSuppliedIdentifier=http%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%2Fuser123&openid.claimed_id=http%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%2Fuser123&openid.identity=http%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%2Fuser123&openid.sig=1bCd7KJjvtBqEObuQccO9fIx9FMBDiz2zkl8FrIbguw%3D&openid.signed=claimed_id%2Cidentity%2Cassoc_handle%2Cop_endpoint%2Creturn_to%2Cresponse_nonce%2Cns.alias3%2Calias3.mode%2Calias3.type.alias1%2Calias3.value.alias1%2Calias3.type.alias2%2Calias3.value.alias2%2Calias3.type.alias3%2Calias3.value.alias3%2Calias3.type.alias4%2Calias3.value.alias4%2Calias3.type.alias5%2Calias3.value.alias5%2Calias3.type.alias6%2Calias3.value.alias6%2Calias3.type.alias7%2Calias3.value.alias7&openid.assoc_handle=Bw5H%21IAAAAHoxEw3Q_7vF6XVheBEr7uMn03oSJXmatbjAbWReLG7tQQAAAAGuW5aLeRJZRqnrlrT6CdzWGVtOEgD-4CuYOVcJZLopnig3xaAjzoJaVePTEhPigbL4dtWQqJzmSo7bgivW8815&openid.op_endpoint=http%3A%2F%2Fopenid.xyz.com%2Fserver.aspx&openid.return_to=http%3A%2F%2Flocalhost%3A50952%2FDefault.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttp%253A%252F%252Fopenid.xyz.com%252Fuser.aspx%252Fuser123&openid.response_nonce=2013-07-27T23%3A46%3A49ZFINSwMcn&openid.mode=id_res&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.alias3=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&openid.alias3.mode=fetch_response&openid.alias3.type.alias1=UserName&openid.alias3.value.aluser123&openid.alias3.type.alias2=FirstName&openid.alias3.value.alias2=N&openid.alias3.type.alias3=LastName&openid.alias3.value.alias3=Smith&openid.alias3.type.alias4=RemoteLogin&openid.alias3.value.alias4=1&openid.alias3.type.alias5=StaffType&openid.alias3.value.alias5=&openid.alias3.type.alias6=DEANumber&openid.alias3.value.alias6=&openid.alias3.type.alias7=StateNumber&openid.alias3.value.alias7=
個人情報を含むフィールドが存在することがわかります。RP がまだ「失敗」と表示されるのはなぜですか?
編集: したがって、プロバイダーが LocalHost からのものである場合、RP は適切な応答を取得しますが、プロバイダーがサーバー上にある場合は失敗します。Localhost プロバイダーを使用した RP の即時ウィンドウの値は次のとおりです。
WebDev.WebServer40.exe Information: 0 : HTTP GET http://localhost:58242/user.aspx/user123
WebDev.WebServer40.exe Information: 0 : An XRDS response was received from GET at user-supplied identifier.
WebDev.WebServer40.exe Information: 0 : Total services discovered in XRDS: 2
WebDev.WebServer40.exe Information: 0 : [{
ClaimedIdentifier: http://localhost:58242/user.aspx/user123
ProviderLocalIdentifier: http://localhost:58242/user.aspx/user123
ProviderEndpoint: http://localhost:58242/server.aspx
OpenID version: 2.0
Service Type URIs:
http://specs.openid.net/auth/2.0/signon
http://openid.net/extensions/sreg/1.1
}, {
ClaimedIdentifier: http://localhost:58242/user.aspx/user123
ProviderLocalIdentifier: http://localhost:58242/user.aspx/user123
ProviderEndpoint: http://localhost:58242/server.aspx
OpenID version: 1.0
Service Type URIs:
http://openid.net/signon/1.0
http://openid.net/extensions/sreg/1.1
},]
WebDev.WebServer40.exe Information: 0 : Skipping HTML discovery because XRDS contained service endpoints.
WebDev.WebServer40.exe Information: 0 : Received identity assertion for http://localhost:58242/user.aspx/user123 via http://localhost:58242/server.aspx.
そして、これはサーバー上のプロバイダーでの RP 即時ウィンドウです。
WebDev.WebServer40.exe Information: 0 : HTTP GET https://openid.xyz.com/user.aspx/user123
WebDev.WebServer40.exe Information: 0 : An XRDS response was received from GET at user-supplied identifier.
WebDev.WebServer40.exe Information: 0 : Total services discovered in XRDS: 2
WebDev.WebServer40.exe Information: 0 : [{
ClaimedIdentifier: https://openid.xyz.com/user.aspx/user123
ProviderLocalIdentifier: https://openid.xyz.com/user.aspx/user123
ProviderEndpoint: https://openid.xyz.com/server.aspx
OpenID version: 2.0
Service Type URIs:
http://specs.openid.net/auth/2.0/signon
http://openid.net/extensions/sreg/1.1
}, {
ClaimedIdentifier: https://openid.xyz.com/user.aspx/user123
ProviderLocalIdentifier: https://openid.xyz.com/user.aspx/user123
ProviderEndpoint: https://openid.xyz.com/server.aspx
OpenID version: 1.0
Service Type URIs:
http://openid.net/signon/1.0
http://openid.net/extensions/sreg/1.1
},]
WebDev.WebServer40.exe Information: 0 : Skipping HTML discovery because XRDS contained service endpoints.
WebDev.WebServer40.exe Information: 0 : Performing discovery on user-supplied identifier: https://openid.xyz.com/user.aspx/user123
WebDev.WebServer40.exe Information: 0 : Creating authentication request for user supplied Identifier: https://openid.xyz.com/user.aspx/user123
WebDev.WebServer40.exe Information: 0 : Preparing to send CheckIdRequest (2.0) message.
WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElementRelyingParty applied to message.
WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions did not apply to message.
WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did not apply to message.
WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySigningBindingElement did not apply to message.
WebDev.WebServer40.exe Information: 0 : Sending message: CheckIdRequest
WebDev.WebServer40.exe Information: 0 : Redirecting to https://openid.xyz.com/server.aspx?openid.claimed_id=https%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%user123&openid.identity=https%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%user123&openid.assoc_handle=woRX%21IAAAAI8Cn8mo2fHDzAFTyfYMZo7lsBbLcv5iKzliqwfmhxyjQQAAAAFNfXjeTdiwJif_mcgZSqkQOe1wQ79P1GaU1FZw1A4LonBK0rO2OjBpgr8uqCZ4VYYv2C9AJICbSDGN-z19OoqI&openid.return_to=http%3A%2F%2Flocalhost%3A50952%2FDefault.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fopenid.xyz.com%252Fuser.aspx%user123&openid.realm=http%3A%2F%2Flocalhost%3A50952%2F&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.alias3=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&openid.alias3.if_available=alias1%2Calias2%2Calias3%2Calias4%2Calias5%2Calias6%2Calias7&openid.alias3.mode=fetch_request&openid.alias3.type.alias1=UserName&openid.alias3.count.alias1=1&openid.alias3.type.alias2=FirstName&openid.alias3.count.alias2=1&openid.al
ias3.type.alias3=LastName&openid.alias3.count.alias3=1&openid.alias3.type.alias4=RemoteLogin&openid.alias3.count.alias4=1&openid.alias3.type.alias5=DEANumber&openid.alias3.count.alias5=1&openid.alias3.type.alias6=StateNumber&openid.alias3.count.alias6=1&openid.alias3.type.alias7=StaffType&openid.alias3.count.alias7=1
A first chance exception of type 'System.Threading.ThreadAbortException' occurred in mscorlib.dll
An exception of type 'System.Threading.ThreadAbortException' occurred in mscorlib.dll but was not handled in user code
WebDev.WebServer40.exe Information: 0 : Incoming HTTP request: GET http://localhost:50952/Default.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%user123&openid.claimed_id=https%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%user123&openid.identity=https%3A%2F%2Fopenid.xyz.com%2Fuser.aspx%user123&openid.sig=narSsDwDWz69GrdFNuz%2F57Gy%2BOO4%2BFDdNTIWM5BpJBE%3D&openid.signed=claimed_id%2Cidentity%2Cassoc_handle%2Cop_endpoint%2Creturn_to%2Cresponse_nonce%2Cns.alias3%2Calias3.mode%2Calias3.type.alias1%2Calias3.value.alias1%2Calias3.type.alias2%2Calias3.value.alias2%2Calias3.type.alias3%2Calias3.value.alias3%2Calias3.type.alias4%2Calias3.value.alias4%2Calias3.type.alias5%2Calias3.value.alias5%2Calias3.type.alias6%2Calias3.value.alias6%2Calias3.type.alias7%2Calias3.value.alias7&openid.assoc_handle=woRX%21IAAAAI8Cn8mo2fHDzAFTyfYMZo7lsBbLcv5iKzliqwfmhxyjQQAAAAFNfXjeTdiwJif_mcgZSqkQOe1wQ79P1GaU1FZw1A4LonBK0rO2OjBpgr8uqCZ4VYYv2C9AJICbSDGN-z19OoqI&openid.op_endpoint=https%3A
%2F%2Fopenid.xyz.com%2Fserver.aspx&openid.return_to=http%3A%2F%2Flocalhost%3A50952%2FDefault.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fopenid.xyz.com%252Fuser.aspx%user123&openid.response_nonce=2013-07-29T01%3A05%3A41ZNuPERYFm&openid.mode=id_res&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.alias3=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&openid.alias3.mode=fetch_response&openid.alias3.type.alias1=UserName&openid.alias3.value.alias1=user123&openid.alias3.type.alias2=FirstName&openid.alias3.value.alias2=N&openid.alias3.type.alias3=LastName&openid.alias3.value.alias3=Smith&openid.alias3.type.alias4=RemoteLogin&openid.alias3.value.alias4=1&openid.alias3.type.alias5=StaffType&openid.alias3.value.alias5=&openid.alias3.type.alias6=DEANumber&openid.alias3.value.alias6=&openid.alias3.type.alias7=StateNumber&openid.alias3.value.alias7=
WebDev.WebServer40.exe Information: 0 : Incoming request received: PositiveAssertionResponse
WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
WebDev.WebServer40.exe Information: 0 : Verifying incoming PositiveAssertionResponse message signature of: narSsDwDWz69GrdFNuz/57Gy+OO4+FDdNTIWM5BpJBE=
WebDev.WebServer40.exe Information: 0 : Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySigningBindingElement applied to message.
A first chance exception of type 'DotNetOpenAuth.Messaging.ProtocolException' occurred in DotNetOpenAuth.DLL
私が見る違いはReceived identity assertion、サーバー プロバイダーには存在しない行です。