SSO - 未找到 OpenID 端点

我正在尝试让 SSO openid 与 dotnetopenauth 一起使用。

我有两个单独的项目，分别进行调试（都在本地主机上，但有两个不同的端口），一个充当提供者，一个充当依赖方。

依赖方正在运行localhost:1903。 提供者正在运行localhost:3314.

依赖方代码：

    public ActionResult Authenticate()
    {
        UriBuilder returnToBuilder = new UriBuilder(Request.Url);
        returnToBuilder.Path = "/OpenId/";
        returnToBuilder.Query = null;
        returnToBuilder.Fragment = null;

        Uri returnTo = returnToBuilder.Uri;
        returnToBuilder.Path = "/";
        Realm realm = returnToBuilder.Uri;
        realm = "http://localhost:3314/OpenId/";
        returnTo = new Uri("http://localhost:3314/OpenId/");
        var response = openid.GetResponse();

        if (response == null) {
            if (Request.QueryString["ReturnUrl"] != null && User.Identity.IsAuthenticated) {
            } else {
                string strIdentifier = "testidentifier";
                var request = openid.CreateRequest(
                    strIdentifier,
                    realm,
                    returnTo);

                var fetchRequest = new FetchRequest();
                request.AddExtension(fetchRequest);
                request.RedirectToProvider();
            }
        } else {
            switch (response.Status) {
                case AuthenticationStatus.Canceled:
                    //stuff got cancelled for some reason
                    break;
                case AuthenticationStatus.Failed:
                    //response.Exception.Message;
                    break;
                case AuthenticationStatus.Authenticated:
                    //a bunch of applying roles that i don't think we care about
                    break;
            }
        }

        return new EmptyResult();
    }

提供商代码：

    public ActionResult Index()
    {
        IAuthenticationRequest iR = (IAuthenticationRequest)Request;

        if (iR.IsReturnUrlDiscoverable(ProviderEndpoint.Provider.Channel.WebRequestHandler) != RelyingPartyDiscoveryResult.Success) {
            iR.IsAuthenticated = false;
            return new EmptyResult();
        }

        if (iR.IsDirectedIdentity) {
            if (User.Identity.IsAuthenticated) {
                iR.LocalIdentifier = BuildIdentityUrl();
                iR.IsAuthenticated = true;
            } else {
                if (iR.Immediate || ImplicitAuth) {
                    iR.IsAuthenticated = false;
                } else {
                    if (!Request.Path.EndsWith("Login", StringComparison.OrdinalIgnoreCase)) {
                        return RedirectToAction("Login", "User");
                    }
                }
            }
        } else {
            string userOwningOpenIdUrl = ExtractUserName(iR.LocalIdentifier);

            iR.IsAuthenticated = userOwningOpenIdUrl == User.Identity.Name;

            if (!iR.IsAuthenticated.Value && !ImplicitAuth && !iR.Immediate) {
                if (!Request.Path.EndsWith("Login", StringComparison.OrdinalIgnoreCase)) {
                    return RedirectToAction("Login", "User");
                }
            }
        }

        if (iR.IsAuthenticated.Value) {
            var fetchRequest = iR.GetExtension<FetchRequest>();

            if (fetchRequest != null) {
                var fetchResponse = new FetchResponse();
                //roles and stuff

                iR.AddResponseExtension(fetchResponse);
            }
        }

        return new EmptyResult();
    }

当我运行依赖方代码时，出现错误openid.CreateRequest方法。我在我的提供程序代码上启用了调试，但它从未被命中。

研究该错误时，我发现了很多有关代理问题的建议，但这对我来说不应该成为问题，因为我只会访问本地主机。

也许这是相当明显的事情，但我不知道我做错了什么。

先谢谢您的帮助！

编辑：仅供参考，我从 DotNetOpenAuth 示例中获取了此代码。

好吧，我最终手动单步查看源代码并在某种程度上解决了问题。

事实证明 dumdum 在某种程度上是正确的 - 我的第一个问题是它确实需要 URI 作为标识符，所以一旦我将标识符更改为http://localhost:3314/OpenId/（尽管这本身是无效的）我克服了这个例外。

第二个问题是我忘记向 web.config 添加信息 - 所以localhost未列入白名单并且CreateRequest那里失败了。

在我解决了这两个问题之后，我的提供程序代码得到了很好的解决 - 我在那里遇到了其他错误，但这是我想象的一个单独的问题。

网络配置：

<configSections>
  <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth">
    <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth" requirePermission="false" allowLocation="true"/>
    <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth" requirePermission="false" allowLocation="true"/>
    <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true"/>
    <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true"/>
    </sectionGroup>
</configSections>

<dotNetOpenAuth>
<openid>
  <relyingParty>
    <security requireSsl="false">
      <!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. -->
      <!--<trustedProviders rejectAssertionsFromUntrustedProviders="true">
        <add endpoint="https://www.google.com/accounts/o8/ud" />
      </trustedProviders>-->
    </security>
    <behaviors>
      <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
           with OPs that use Attribute Exchange (in various formats). -->
      <add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth"/>
      <!--<add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.GsaIcamProfile, DotNetOpenAuth" />-->
    </behaviors>
    <!-- Uncomment the following to activate the sample custom store.  -->
    <!--<store type="OpenIdRelyingPartyWebForms.CustomStore, OpenIdRelyingPartyWebForms" />-->
  </relyingParty>
</openid>
<messaging>
  <untrustedWebRequest>
    <whitelistHosts>
      <!-- since this is a sample, and will often be used with localhost -->
      <add name="localhost"/>
    </whitelistHosts>
  </untrustedWebRequest>
</messaging>
<!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
<reporting enabled="true"/>
</dotNetOpenAuth>