Need Help with .NET OpenId HttpHandler

Posted by Mark E on Stack Overflow See other posts from Stack Overflow or by Mark E
Published on 2010-03-26T19:58:55Z Indexed on 2010/03/26 20:03 UTC
Read the original article Hit count: 225

Filed under:
|
|
|

I'm trying to use a single HTTPHandler to authenticate a user's open id and receive a claimresponse. The initial authentication works, but the claimresponse does not. The error I receive is "This webpage has a redirect loop." What am I doing wrong?

public class OpenIdLogin : IHttpHandler
{
    private HttpContext _context = null;

    public void ProcessRequest(HttpContext context)
    {
        _context = context;
        var openid = new OpenIdRelyingParty();
        var response = openid.GetResponse();
        if (response == null)
        {
            // Stage 2: user submitting Identifier
            openid.CreateRequest(context.Request.Form["openid_identifier"]).RedirectToProvider();
        }
        else
        {
            // Stage 3: OpenID Provider sending assertion response
            switch (response.Status)
            {
                case AuthenticationStatus.Authenticated:
                    //FormsAuthentication.RedirectFromLoginPage(response.ClaimedIdentifier, false);
                    string identifier = response.ClaimedIdentifier;

                    //****** TODO only proceed if we don't have the user's extended info in the database **************

                    ClaimsResponse claim = response.GetExtension<ClaimsResponse>();
                    if (claim == null)
                    {
                        //IAuthenticationRequest req = openid.CreateRequest(identifier);
                        IAuthenticationRequest req = openid.CreateRequest(Identifier.Parse(identifier));

                        var fields = new ClaimsRequest();
                        fields.Email = DemandLevel.Request;
                        req.AddExtension(fields);
                        req.RedirectingResponse.Send(); //Is this correct?
                    }
                    else
                    {
                        context.Response.ContentType = "text/plain";
                        context.Response.Write(claim.Email); //claim.FullName;
                    }
                    break;
                case AuthenticationStatus.Canceled:
       //TODO   
                    break;
                case AuthenticationStatus.Failed:
       //TODO   
                    break;
            }
        }
    }

© Stack Overflow or respective owner

Related posts about openid

Related posts about httphandler