IE8 在发送具有激活属性交换的 openid 身份验证请求时卡住
我在发送带有激活的属性交换的身份验证请求时遇到问题。它适用于 FF 和 Opera,但 IE 似乎有问题。
该错误发生在 request.RedirectToProvider() 内。地址栏中的 Url 显示端点 url。
这是一个代码片段,其中创建并发送了身份验证请求
using (OpenIdRelyingParty openid = this.createRelyingParty())
{
IAuthenticationRequest request = openid.CreateRequest(openid_identifier, realm);
;
var fetch = new FetchRequest();
fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
request.AddExtension(fetch);
// Send your visitor to their Provider for authentication.
request.RedirectToProvider();
}
我猜想在 RedirectToProvider() 内部会发送一个 POST,并在 GET 之后不久发送。 RFC 不允许 POST 后跟 GET。不幸的是我不知道如何验证它。
有人遇到同样的问题吗?
I´m getting a problem sending the authentication request with activated attribute exchange. It works with FF and Opera but IE seems to have a problem with it.
The error occurs within the request.RedirectToProvider(). The Url within the address bar shows the endpoints url.
Here is a code snippet where the authentication request is created and sent
using (OpenIdRelyingParty openid = this.createRelyingParty())
{
IAuthenticationRequest request = openid.CreateRequest(openid_identifier, realm);
;
var fetch = new FetchRequest();
fetch.Attributes.AddRequired(WellKnownAttributes.Contact.Email);
request.AddExtension(fetch);
// Send your visitor to their Provider for authentication.
request.RedirectToProvider();
}
I guess that inside RedirectToProvider() a POST is sent and short after a GET. By RFC a POST followed by a GET is not allowed. Unfortunately I don`t know how to validate it.
Does someone got the same problem?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
经过进一步调查,这似乎发生了(基于提供商日志):
身份验证请求通过 POST 发送。提供商通过重定向进行应答。这就是为什么首先有一个 POST,然后有一个 GET。
我不认为 openId 规范是这么说的。如果我用 POST 请求,不应该有 POST 响应,如果我用 GET 请求,不应该有 GET 响应吗?
无论如何..有没有办法让 RedirectToProvider() 方法通过 GET 而不是 POST 发送请求?
On further investigation this seems to happen (based upon the providers logs):
The authentication request is sent via POST. The Provider answers with a redirect. This is how it happens that there is at first a POST and then a GET.
I don
t think this is how the openId specification say to do it. Shouldn
t there be a POST response if i request with a POST and a GET if I request with a GET?Anyhow.. Is there a way to make the RedirectToProvider()-method sending the request via GET instead of POST?