Welcome: onyangofred@gmail.com
Session ID: AItOawkX3Tf3UbcZI0FvrmPlEIeY6WKjyLU0c54
The above is the result after running a simple aspx page with very minimal coding. It gets your login credentials as supplied to google.
So, what is OpenID authentication?
This is a technique that allows you to share your login credentials across multiple internet sites without having to maintain a different username and password for each of the sites. Example, you can log into your g-mail account/facebook/yahoo/blogger sites/ and then share the credentials supplied across thousands of sites. Once you logout of one site, it automatically logs you out of all the other sites. It's more secure and easy to maintain, eg change your password once, and it's replicated across multiple other sites, say you have 3 million sites you regularly use on a DAILY BASIS. instead of changing your password 3 million times, you get to update all of them using a single change in the MASTER site. That in a nutshell is a dummy's definition of OpenID Authentication. You may also be interested in OpenAuth (Authorization equivalent of OpenID).
Now, get ready for HAPPY CODING, as it's time to get into a dummy's implementation of OpenID Authentication. Follow the following simple steps:
Open visual studio 2010 or any version you have
New aspx project
Add reference to "DotNetOpenAuth" class library (GOOGLE TO DOWNLOAD IT)
That's it, you're ready to start coding
//on the code for 1 of your pages, copy paste the code below:
//*****************************************************
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using DotNetOpenAuth.OpenId;
using DotNetOpenAuth.OpenId.Extensions.AttributeExchange;
using DotNetOpenAuth.OpenId.RelyingParty;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
OpenIdRelyingParty rp = new OpenIdRelyingParty();
var r = rp.GetResponse();
if (r != null)
{
switch (r.Status)
{
case AuthenticationStatus.Authenticated:
NotLoggedIn.Visible = false;
Session["GoogleIdentifier"] = r.ClaimedIdentifier.ToString();
Session["GoogleOther"] = r.Provider.Uri.ToString();
var fetch = r.GetExtension<FetchResponse>();
if (fetch != null)
Session["GoogleEmail"] = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email);
//*******************NOTE: USE A VALID URL/PAGE************************
Response.Redirect("My Main Page Here.aspx"); //redirect to main page of your website
//*******************NOTE: USE A VALID URL/PAGE************************
break;
case AuthenticationStatus.Canceled:
lblAlertMsg.Text = "Cancelled.";
break;
case AuthenticationStatus.Failed:
lblAlertMsg.Text = "Login Failed.";
break;
}
}
else
{
string discoveryUri = "https://www.google.com/accounts/o8/id";
OpenIdRelyingParty openid = new OpenIdRelyingParty();
var b = new UriBuilder(Request.Url) { Query = "" };
var req = openid.CreateRequest(discoveryUri, b.Uri, b.Uri);
var fetch = new FetchRequest();
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, true));
//fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName, true));
//fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.BirthDate.WholeBirthDate, true));
req.AddExtension(fetch);
req.RedirectToProvider(); }
}
}
//*****************************************************
You're done. Run your page to test it.
NB: Remember to redirect the page to a different page, as thats where google (OUR EXAMPLE) will redirect you to, so you just dont want to create that endless loop on a single page.
Session ID: AItOawkX3Tf3UbcZI0FvrmPlEIeY6WKjyLU0c54
The above is the result after running a simple aspx page with very minimal coding. It gets your login credentials as supplied to google.
So, what is OpenID authentication?
This is a technique that allows you to share your login credentials across multiple internet sites without having to maintain a different username and password for each of the sites. Example, you can log into your g-mail account/facebook/yahoo/blogger sites/ and then share the credentials supplied across thousands of sites. Once you logout of one site, it automatically logs you out of all the other sites. It's more secure and easy to maintain, eg change your password once, and it's replicated across multiple other sites, say you have 3 million sites you regularly use on a DAILY BASIS. instead of changing your password 3 million times, you get to update all of them using a single change in the MASTER site. That in a nutshell is a dummy's definition of OpenID Authentication. You may also be interested in OpenAuth (Authorization equivalent of OpenID).
Now, get ready for HAPPY CODING, as it's time to get into a dummy's implementation of OpenID Authentication. Follow the following simple steps:
Open visual studio 2010 or any version you have
New aspx project
Add reference to "DotNetOpenAuth" class library (GOOGLE TO DOWNLOAD IT)
That's it, you're ready to start coding
//on the code for 1 of your pages, copy paste the code below:
//*****************************************************
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using DotNetOpenAuth.OpenId;
using DotNetOpenAuth.OpenId.Extensions.AttributeExchange;
using DotNetOpenAuth.OpenId.RelyingParty;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
OpenIdRelyingParty rp = new OpenIdRelyingParty();
var r = rp.GetResponse();
if (r != null)
{
switch (r.Status)
{
case AuthenticationStatus.Authenticated:
NotLoggedIn.Visible = false;
Session["GoogleIdentifier"] = r.ClaimedIdentifier.ToString();
Session["GoogleOther"] = r.Provider.Uri.ToString();
var fetch = r.GetExtension<FetchResponse>();
if (fetch != null)
Session["GoogleEmail"] = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email);
//*******************NOTE: USE A VALID URL/PAGE************************
Response.Redirect("My Main Page Here.aspx"); //redirect to main page of your website
//*******************NOTE: USE A VALID URL/PAGE************************
break;
case AuthenticationStatus.Canceled:
lblAlertMsg.Text = "Cancelled.";
break;
case AuthenticationStatus.Failed:
lblAlertMsg.Text = "Login Failed.";
break;
}
}
else
{
string discoveryUri = "https://www.google.com/accounts/o8/id";
OpenIdRelyingParty openid = new OpenIdRelyingParty();
var b = new UriBuilder(Request.Url) { Query = "" };
var req = openid.CreateRequest(discoveryUri, b.Uri, b.Uri);
var fetch = new FetchRequest();
fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, true));
//fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName, true));
//fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.BirthDate.WholeBirthDate, true));
req.AddExtension(fetch);
req.RedirectToProvider(); }
}
}
//*****************************************************
You're done. Run your page to test it.
NB: Remember to redirect the page to a different page, as thats where google (OUR EXAMPLE) will redirect you to, so you just dont want to create that endless loop on a single page.
Remember to modify your web.config file to include the following, if using a proxy network, else nothing will work.
ReplyDeleteFor a list of sites supporting openID authentication, visit http://openid.net/get-an-openid/
ReplyDeleteBelow are urls oof openID providers
ReplyDeleteGoogle https://www.google.com/accounts/o8/id
Yahoo https://me.yahoo.com
Flickr http://www.flickr.com/username
AOL http://openid.aol.com/username
Blogspot https://www.blogspot.com/
LiveJournal http://username.livejournal.com/
Wordpress https://username.wordpress.com/
VerisignLabs https://pip.verisignlabs.com/
MyOpenID https://www.myopenid.com/
MyVidoop https://myvidoop.com/
ClaimID https://claimid.com/username
Technorati https://technorati.com/people/technorati/username/
Prefered .NET version 2010 and above i.e. framework 4.0 and above
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteOther Example Providers that have been tested include, but not limited to:
ReplyDeleteGoogle: https://www.google.com/accounts/o8/id * good
Yahoo: http://yahoo.com/ * good
MyOpenId: http://username.myopenid.com good
LiveJournal: http://username.livejournal.com good
AOL: http://openid.aol.com/username good
WordPress: http://username.wordpress.com good
Blogspot: http://username.blogspot.com must use blog url, blogspot = blogger
Verisign: http://username.pip.verisignlabs.com good
ClaimID: http://openid.claimid.com/username Signs in but nothing happens, appears to be broken on claimid end
clickpass: http://clickpass.com/public/username I was only able to signup with IE and then there was a weird login procedure but it ultimately worked
Google Profile: http://google.com/profiles/username good
Blogger: http://username.blogspot.com/ good
Flickr: http://flickr.com/username Couldn't get flickr to work
identity.net: http://username.identity.net/ Never got sign up confirmation e-mail to test
Bloglines: http://username.bloglines.com/ Didn't work
Technorati: http://technorati.com/people/technorati/username Didn't work, reports of brokenness as of November of last year
Vidoop: http://username.myvidoop.com/ good
Vox: http://username.vox.com/ good
MySpace: http://myspace.com/username Must make and use account url
Musicpictures: http://ww4.musicpictures.com/openid/username Works fine but there is 0 openid advertising on the site
Elgg: http://explode.elgg.org/username Tried registering two different places on elgg.org and neither worked.
explode.elgg.org no longer exists so I think openid providing went with it. However, there is still an explode.elgg.org option in their openid login so I may be wrong.
MyID: http://username.myid.net/ good - easiest sign up of any site I visited
IdProxy: http://username.idproxy.net/ good
Sxipper: http://username.sxipper.com/ Demo works with trainer id but it didn't work on the actual openid logins I tried.
Signon: http://username.signon.com/ good
TypekeyTypepad: http://profile.typekey.com/usernameblog url (form of blogname.typepad.com) Typekey is now part of typepad so I couldn't verify that typekey still works but typepad definitely does.
Smugmug: http://username.smugmug.com/ Couldn't get to work with trial account, possibly works after paid?
StartSSL: https://username.startssl.com/ This site is weird, I kept getting ssl errors when I went to sign up. I was told via e-mail however that startssl is an openid provider and their url is in the format listed here.
Beemba: http://username.beemba.com/ beemba.com forwards to cliqset which does allow openid logins but as far as I can tell does not provide logins.
Idtail: http://username.idtail.com Oriental site of some sort, couldn't get signed up but they do have openid login options
SOURCE NDIO HII: http://digitalenginesoftware.com/blog/archives/24-OpenID-Provider-URL-Formatting.html
I more VERY INTERESTING discovery about OpenID, Windows Version and .NET
ReplyDeleteIf your server runs a windows version less than windows 7 eg XP, Win 2003, etc, then the DotNetOpenAuth.dll will throw an error as follows
The specified path, file name, or both are too long. The fully qualified file name must be less than 260 characters, and the directory name must be less than 248 characters.
Stack Trace:
[PathTooLongException: The specified path, file name, or both are too long. The fully qualified file name must be less than 260 characters, and the directory name must be less than 248 characters.]
System.IO.PathHelper.Append(Char value) +9373170
System.IO.Path.NormalizePath(String path, Boolean fullCheck, Int32 maxPathLength) +543
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath) +370
System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy, Boolean useLongPath) +81
System.IO.IsolatedStorage.IsolatedStorageFileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, IsolatedStorageFile isf) +454
System.IO.IsolatedStorage.IsolatedStorageFileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, IsolatedStorageFile isf) +24
DotNetOpenAuth.PersistentCounter..ctor(IsolatedStorageFile storage, String fileName) in c:\BuildAgent\work\6fe1ab573d75f9ba\src\DotNetOpenAuth.Core\Reporting.cs:813
DotNetOpenAuth.Reporting.RecordEventOccurrence(String eventName, String category) in c:\BuildAgent\work\6fe1ab573d75f9ba\src\DotNetOpenAuth.Core\Reporting.cs:183
DotNetOpenAuth.Reporting.RecordEventOccurrence(Object eventNameByObjectType, String category) in c:\BuildAgent\work\6fe1ab573d75f9ba\src\DotNetOpenAuth.Core\Reporting.cs:207
DotNetOpenAuth.OpenId.RelyingParty.FailedAuthenticationResponse..ctor(Exception exception) in c:\BuildAgent\work\6fe1ab573d75f9ba\src\DotNetOpenAuth.OpenId.RelyingParty\OpenId\RelyingParty\FailedAuthenticationResponse.cs:45
DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse(HttpRequestBase httpRequestInfo) in c:\BuildAgent\work\6fe1ab573d75f9ba\src\DotNetOpenAuth.OpenId.RelyingParty\OpenId\RelyingParty\OpenIdRelyingParty.cs:587
DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse() in c:\BuildAgent\work\6fe1ab573d75f9ba\src\DotNetOpenAuth.OpenId.RelyingParty\OpenId\RelyingParty\OpenIdRelyingParty.cs:547
_Default.Page_Load(Object sender, EventArgs e) in h:\Online Registration\Web Template\Default.aspx.cs:26
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +14
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +35
System.Web.UI.Control.OnLoad(EventArgs e) +91
System.Web.UI.Control.LoadRecursive() +74
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2207
Cause of exception: Windows plus .NET framework throws the error, as .NET framework enforces the windows rule of maximum file name. Minus .NET framework, windows will violate it's own rules. But your clients will most probably be running an OS with .NET framework pre-installed.
ReplyDeleteSolution: Upgrade the OS to win2008/Win7 and above. The .net framework will be able to violate the maximum characters file name rule. HAPPY CODING!!!
When the economy starts to decline, the public is told, "to save the economy get out there and spend your money". Of course that's going to make the economy seem The Celeb Net Worth because money is being circulated, more taxes are being collected, public companies' quarterly incomes are increasing, investors are generating greater profits, and while the rich get richer, the working and financially uneducated Americans are getting back into debt. Then the whole process starts all over again.
ReplyDelete