IsReturnUrlDiscoverable有什么作用?
[英]What does IsReturnUrlDiscoverable do?
问题描述
I'm using the following sample code from the DotnetOpenAuth Samples (OpenId Controller in OpenIdProviderMvc) 
我正在使用DotnetOpenAuth示例中的以下示例代码(OpenIdProviderMvc中的OpenId控制器)
public ActionResult ProcessAuthRequest() {
if (ProviderEndpoint.PendingRequest == null) {
return this.RedirectToAction("Index", "Home");
}
// Try responding immediately if possible.
ActionResult response;
if (this.AutoRespondIfPossible(out response)) {
return response;
}
// We can't respond immediately with a positive result. But if we still have to respond immediately...
if (ProviderEndpoint.PendingRequest.Immediate) {
// We can't stop to prompt the user -- we must just return a negative response.
return this.SendAssertion();
}
return this.RedirectToAction("AskUser");
}
private bool AutoRespondIfPossible(out ActionResult response)
{
if (ProviderEndpoint.PendingRequest.IsReturnUrlDiscoverable(OpenIdProvider.Channel.WebRequestHandler) == RelyingPartyDiscoveryResult.Success
&& User.Identity.IsAuthenticated) {
if (ProviderEndpoint.PendingAuthenticationRequest != null) {
if (ProviderEndpoint.PendingAuthenticationRequest.IsDirectedIdentity
|| this.UserControlsIdentifier(ProviderEndpoint.PendingAuthenticationRequest)) {
ProviderEndpoint.PendingAuthenticationRequest.IsAuthenticated = true;
response = this.SendAssertion();
return true;
}
}
if (ProviderEndpoint.PendingAnonymousRequest != null) {
ProviderEndpoint.PendingAnonymousRequest.IsApproved = true;
response = this.SendAssertion();
return true;
}
}
response = null;
return false;
}
However, I don't want to ask the user anything. 但是,我不想问任何问题。 I'm trying to set up a web application portal that should automatically respond positively to the RP if the user is logged in (which he is). 我正在尝试建立一个Web应用程序门户,如果用户登录(他是登录用户),该门户应自动对RP做出积极响应。 Yet AutoRespondIfPossible returns false, because ProviderEndpoint.PendingRequest.IsReturnUrlDiscoverable returns false and I'm not sure why. 但是AutoRespondIfPossible返回false,因为ProviderEndpoint.PendingRequest.IsReturnUrlDiscoverable返回false,但我不确定为什么。 What action should I be taking here? 我应该在这里采取什么行动?
Logs: 日志:
RP: http://pastebin.com/0EX2ZE1C EP: http://pastebin.com/q5CPrWp6 RP: http : //pastebin.com/0EX2ZE1C EP: http : //pastebin.com/q5CPrWp6
Previous related questions: 先前的相关问题:
SSO - No OpenID endpoint found SSO-找不到OpenID端点
OpenIdProvider.GetRequest() returns null OpenIdProvider.GetRequest()返回null
Does an OpenID realm have to be the base URL of the web site? OpenID领域是否必须是网站的基本URL?
1 个解决方案
解决方案1
1 已采纳 2012-10-25 14:36:02
IsReturnUrlDiscoverable performs what OpenID calls "RP Discovery". IsReturnUrlDiscoverable执行OpenID所谓的“ RP发现”。 And it's important anyway, but particularly if you will be auto-logging users in, it's critical for security. 无论如何,这都很重要,但是特别是如果您将自动登录用户时,这对于安全性至关重要。 The fact that it's returning false tells you the RP needs some work to do this correctly. 它返回false的事实告诉您RP需要一些工作才能正确执行此操作。
This blog post explains what the RP must do to pass "RP Discovery" tests. 这篇博客文章解释了RP必须执行哪些操作才能通过“ RP Discovery”测试。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.