12

我正在尝试将 DotNetOpenAuth 示例设置为具有自定义提供程序的有效 SSO 解决方案。我正在使用似乎工作正常的 OpenIdProviderMvc 示例项目。

我的问题是设置“消费者”,在本例中是 OpenIdRelyingPartyMvc 示例项目,我无法将其配置为使用 OpenIdProvider。

我试图在消费者的 web.config 上设置一个端点,如下所示:

<trustedProviders rejectAssertionsFromUntrustedProviders="true">
    <add endpoint="http://localhost:4864/OpenID/Provider" />
</trustedProviders>

但我得到的只是“未找到 OpenID 端点”。错误(实际上,我不太确定在 OpenID 框上放什么...)

这个项目实际上是无证的。有人可以指出我正确的方向吗?

至少让提供者和消费者互相工作和交谈?

4

1 回答 1

7

让我们开始吧:

1- 打开 Visual Studio 2010 转到文件 > 新建 > 项目 > Web > ASP.NET MVC 3 应用程序:

在此处输入图像描述

然后选择 Internet 应用程序,确保将 Razor 作为您的视图引擎,然后单击确定:

在此处输入图像描述

2-下载 Assets 文件夹,它包含我们将使用的DotNetOpenAuth dll 和 OpenID-Selector 文件,

如果你想去这些项目并更详细地发现它们,请随意。

解压到你想要的文件夹

  a - Add the DotNetOpenAuth.dll to references in your site.

  b- Delete all files/folders in Site Content folder.

  c- Copy Assets Content files/folders to the site Content .

  d- Copy the  Assets Script files to the site Script.

.

您的项目将如下所示:

在此处输入图像描述

3- 转到 Views > Shared > _Layout.cshtml 并用这个新的 head 替换 ,我们刚刚添加了新的样式和脚本:

<head>
    <title>@ViewBag.Title</title>
    <link href="@Url.Content("~/Content/Site.css")" 
     rel="stylesheet" type="text/css" />
    <script src="@Url.Content("~/Scripts/jquery-1.4.4.min.js")"
     type="text/javascript"></script>
    <link href="@Url.Content("~/Content/openid-shadow.css")"
     rel="stylesheet" type="text/css" />
    <link href="@Url.Content("~/Content/openid.css")" 
     rel="stylesheet" type="text/css" />
    <script src="@Url.Content("~/Scripts/openid-en.js")" 
     type="text/javascript"></script>
    <script src="@Url.Content("~/Scripts/openid-jquery.js")" 
     type="text/javascript"></script>
    <script type="text/javascript">
        $(document).ready(function () {
            openid.init('openid_identifier');
        });
    </script>
</head>

4- 转到 Models > AccountModels.cs ,导航到公共类 LogOnModel

并添加 OpenID 属性,我们将使用它来保存从 OpenID-Selector 返回的 OpenID

您的课程将如下所示:

public class LogOnModel
{
    [Display(Name = "OpenID")]
    public string OpenID { get; set; }

    [Required]
    [Display(Name = "User name")]
    public string UserName { get; set; }

    [Required]
    [DataType(DataType.Password)]
    [Display(Name = "Password")]
    public string Password { get; set; }

    [Display(Name = "Remember me?")]
    public bool RememberMe { get; set; }
}

导航到公共类 RegisterModel 并添加 OpenID 属性

public class RegisterModel
{

    [Display(Name = "OpenID")]
    public string OpenID { get; set; }

    [Required]
    [Display(Name = "User name")]
    public string UserName { get; set; }

    [Required]
    [DataType(DataType.EmailAddress)]
    [Display(Name = "Email address")]
    public string Email { get; set; }

    [Required]
    [ValidatePasswordLength]
    [DataType(DataType.Password)]
    [Display(Name = "Password")]
    public string Password { get; set; }

    [DataType(DataType.Password)]
    [Display(Name = "Confirm password")]
    [Compare("Password", ErrorMessage =
    "The password and confirmation password do not match.")]
    public string ConfirmPassword { get; set; }
}

然后转到 AccountModels.cs 中的服务部分

并修改 CreateUser 和 Add GetUser 以通过 OpenID 获取用户,您的界面

将如下所示:

public interface IMembershipService
{
    int MinPasswordLength { get; }
    bool ValidateUser(string userName, string password);
    MembershipCreateStatus CreateUser(string userName, string password,
                                      string email, string OpenID);
    bool ChangePassword(string userName, string oldPassword, string newPassword);
    MembershipUser GetUser(string OpenID);
}

将这些添加到 AccountModels.cs

using System.Security.Cryptography;
using System.Text;

然后将此函数添加到 AccountModels.cs 中,该函数将用于将 OpenID 转换为 GUID

注意:随意对您的系统使用更好的散列,MD5 有一些冲突问题。

public Guid StringToGUID(string value)
{
    // Create a new instance of the MD5CryptoServiceProvider object.
    MD5 md5Hasher = MD5.Create();
    // Convert the input string to a byte array and compute the hash.
    byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(value));
    return new Guid(data);
}

还将 CreateUser 函数修改为如下所示:

public MembershipCreateStatus CreateUser(string userName, string password, 
                                         string email , string OpenID)
{
    if (String.IsNullOrEmpty(userName)) throw 
    new ArgumentException("Value cannot be null or empty.", "userName");
    if (String.IsNullOrEmpty(password)) throw 
    new ArgumentException("Value cannot be null or empty.", "password");
    if (String.IsNullOrEmpty(email)) throw
    new ArgumentException("Value cannot be null or empty.", "email");

    MembershipCreateStatus status;
    _provider.CreateUser(userName, password, email, null, null, true,
                            StringToGUID(OpenID), out status);
    return status;
}

在这里,我们使用 MemberShip ProviderUserKey 来存储 OpenID 以及将 OpenID 字符串转换为 GUID 以供 CreateUser 和 GetUser 方法使用的技巧。

现在让我们将此函数添加到 AccountModels.cs 中,它将通过 OpenID 获取用户:

public MembershipUser GetUser(string OpenID)
{
    return _provider.GetUser(StringToGUID(OpenID), true);
}

5- 转到视图 > 帐户 > LogOn.cshtml

用这个替换所有标记,我们正在将 OpenID-Selector 集成到 LogOn View:

@model OpenIDMVC3.Models.LogOnModel
@{
    ViewBag.Title = "Log On";
}
<h2>
    Log On</h2>
<p>
    Please enter your username and password. @Html.ActionLink("Register", "Register")
    if you don't have an account.
</p>
<script src="@Url.Content("~/Scripts/jquery.validate.min.js")" type="text/javascript">
</script>
<script src="@Url.Content("~/Scripts/jquery.validate.unobtrusive.min.js")"
   type="text/javascript"></script>
<form action=
"Authenticate?ReturnUrl=@HttpUtility.UrlEncode(Request.QueryString["ReturnUrl"])"
 method="post" id="openid_form">
<input type="hidden" name="action" value="verify" />
<div>
    <fieldset>
        <legend>Login using OpenID</legend>
        <div class="openid_choice">
            <p>
                Please click your account provider:</p>
            <div id="openid_btns">
            </div>
        </div>
        <div id="openid_input_area">
            @Html.TextBox("openid_identifier")
            <input type="submit" value="Log On" />
        </div>
        <noscript>
            <p>
                OpenID is service that allows you to log-on to many different websites 
                using a single indentity. Find out <a href="http://openid.net/what/">
                 more about OpenID</a>and <a href="http://openid.net/get/">
                 how to get an OpenID enabled account</a>.</p>
        </noscript>
        <div>
            @if (Model != null)
            {
                if (String.IsNullOrEmpty(Model.UserName))
                {
                <div class="editor-label">
                    @Html.LabelFor(model => model.OpenID)
                </div>
                <div class="editor-field">
                    @Html.DisplayFor(model => model.OpenID)
                </div>
                <p class="button">
                    @Html.ActionLink("New User ,Register", "Register", 
                                         new { OpenID = Model.OpenID })
                </p>
                }
                else
                {
                    //user exist 
                <p class="buttonGreen">
                    <a href="@Url.Action("Index", "Home")">Welcome , @Model.UserName, 
                    Continue..." </a>
                </p>

                }
            }
        </div>
    </fieldset>
</div>
</form>

@Html.ValidationSummary(true, "Login was unsuccessful. Please correct the errors 
                                                    and try again.")
@using (Html.BeginForm())
{
    <div>
        <fieldset>
            <legend>Or Login Normally</legend>
            <div class="editor-label">
                @Html.LabelFor(m => m.UserName)
            </div>
            <div class="editor-field">
                @Html.TextBoxFor(m => m.UserName)
                @Html.ValidationMessageFor(m => m.UserName)
            </div>
            <div class="editor-label">
                @Html.LabelFor(m => m.Password)
            </div>
            <div class="editor-field">
                @Html.PasswordFor(m => m.Password)
                @Html.ValidationMessageFor(m => m.Password)
            </div>
            <div class="editor-label">
                @Html.CheckBoxFor(m => m.RememberMe)
                @Html.LabelFor(m => m.RememberMe)
            </div>
            <p>
                <input type="submit" value="Log On" />
            </p>
        </fieldset>
    </div>
}

6- 现在让我们运行项目,然后点击 [Log On] 链接,你会得到这样的页面:

ws

7- 转到 Controllers > AccountController.cs 并使用以下命令添加这些:

using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OpenId;
using DotNetOpenAuth.OpenId.Extensions.SimpleRegistration;
using DotNetOpenAuth.OpenId.RelyingParty;
using DotNetOpenAuth.OpenId.Extensions.AttributeExchange;

然后将此属性添加到 AccountController.cs:

private static OpenIdRelyingParty openid = new OpenIdRelyingParty();

然后将此函数添加到 AccountController.cs:

[ValidateInput(false)]
public ActionResult Authenticate(string returnUrl)
{
    var response = openid.GetResponse();
    if (response == null)
    {
        //Let us submit the request to OpenID provider
        Identifier id;
        if (Identifier.TryParse(Request.Form["openid_identifier"], out id))
        {
            try
            {
                var request = openid.CreateRequest(
                                        Request.Form["openid_identifier"]);
                return request.RedirectingResponse.AsActionResult();
            }
            catch (ProtocolException ex)
            {
                ViewBag.Message = ex.Message;
                return View("LogOn");
            }
        }

        ViewBag.Message = "Invalid identifier";
        return View("LogOn");
    }

    //Let us check the response
    switch (response.Status)
    {

        case AuthenticationStatus.Authenticated:
            LogOnModel lm = new LogOnModel();
            lm.OpenID = response.ClaimedIdentifier;
            // check if user exist
            MembershipUser user = MembershipService.GetUser(lm.OpenID);
            if (user != null)
            {
                lm.UserName = user.UserName;
                FormsService.SignIn(user.UserName, false);
            }

            return View("LogOn", lm);

        case AuthenticationStatus.Canceled:
            ViewBag.Message = "Canceled at provider";
            return View("LogOn");
        case AuthenticationStatus.Failed:
            ViewBag.Message = response.Exception.Message;
            return View("LogOn");
    }

    return new EmptyResult();
}

8 - 现在运行项目点击 [Log On] 链接并点击像谷歌这样的供应商

它可能会要求您登录或要求您允许访问您的信息

你会得到一个这样的页面:

在此处输入图像描述

如您所见,它显示了您的 OpenID 和一个按钮,表明这是一个尚未注册的新用户,

在点击 [New User ,Register] 按钮之前,我们需要修改 Register 视图和控制器以访问 OpenID 信息。

9- 转到控制器 > AccountController.cs 将 [ActionResult Register ()] 替换为:

public ActionResult Register(string OpenID)
{
    ViewBag.PasswordLength = MembershipService.MinPasswordLength;
    ViewBag.OpenID = OpenID;
    return View();
}

并修改 [ActionResult Register(RegisterModel model)] 时使用 OpenID

创建用户:

[HttpPost]
public ActionResult Register(RegisterModel model)
{
    if (ModelState.IsValid)
    {
        // Attempt to register the user
        MembershipCreateStatus createStatus =
        MembershipService.CreateUser(model.UserName, model.Password, 
                                        model.Email,model.OpenID);

        if (createStatus == MembershipCreateStatus.Success)
        {
            FormsService.SignIn(model.UserName, false);
            return RedirectToAction("Index", "Home");
        }
        else
        {
            ModelState.AddModelError("",
            AccountValidation.ErrorCodeToString(createStatus));
        }
    }

    // If we got this far, something failed, redisplay form
    ViewBag.PasswordLength = MembershipService.MinPasswordLength;
    return View(model);
}

10- 转到 Views > Account > Register.cshtml ,将标记替换为:

@model OpenIDMVC3.Models.RegisterModel
@{
    ViewBag.Title = "Register";
}

<h2>Create a New Account</h2>
<p>
    Use the form below to create a new account. 
</p>
<p>
    Passwords are required to be a minimum of @ViewBag.PasswordLength 
    characters in length.
</p>

<script src="@Url.Content("~/Scripts/jquery.validate.min.js")" 
  type="text/javascript"></script>
<script src="@Url.Content("~/Scripts/jquery.validate.unobtrusive.min.js")"
   type="text/javascript"></script>

@using (Html.BeginForm()) {
    @Html.ValidationSummary(true, "Account creation was unsuccessful.
                                            Please correct the errors and try again.")
    <div>
        <fieldset>
            <legend>Account Information</legend>
            @if (ViewData["OpenID"] != null)
            {
            <div class="editor-label">
                @Html.Label("OpenID")
            </div>
            <div class="editor-label">
                @Html.Label((string)ViewBag.OpenID)
            </div>
            }
            <div class="editor-label">
                @Html.LabelFor(m => m.UserName)
            </div>
            <div class="editor-field">
                @Html.TextBoxFor(m => m.UserName)
                @Html.ValidationMessageFor(m => m.UserName)
            </div>

            <div class="editor-label">
                @Html.LabelFor(m => m.Email)
            </div>
            <div class="editor-field">
                @Html.TextBoxFor(m => m.Email)
                @Html.ValidationMessageFor(m => m.Email)
            </div>

            <div class="editor-label">
                @Html.LabelFor(m => m.Password)
            </div>
            <div class="editor-field">
                @Html.PasswordFor(m => m.Password)
                @Html.ValidationMessageFor(m => m.Password)
            </div>

            <div class="editor-label">
                @Html.LabelFor(m => m.ConfirmPassword)
            </div>
            <div class="editor-field">
                @Html.PasswordFor(m => m.ConfirmPassword)
                @Html.ValidationMessageFor(m => m.ConfirmPassword)
            </div>

            <p>
                <input type="submit" value="Register" />
            </p>
        </fieldset>
    </div>
}

11- 转到第 8 步,让我们点击 [New User ,Register] 按钮,你会得到这个:

在此处输入图像描述

12-注册您想要的任何帐户,您将获得如下页面:

在此处输入图像描述

13-点击[注销]并使用相同的OpenID再次登录,你会得到这样的页面:

在此处输入图像描述

如您所见,欢迎绿色按钮检测到该用户已注册。

14-单击绿色按钮,您将获得如下页面:

在此处输入图像描述

恭喜!,现在您已将 OpenID 集成到您的项目中。

参考

于 2013-08-20T11:01:35.457 回答