I'm trying to get authentication up and running with Google using the ServiceStack.Authentication.OpenId package. I've followed the SocialBootStrap example but can't figure out what I've missed.
I've added the authentication provider to my apphost:
Plugins.Add(new AuthFeature(() => new CustomUserSession(), new IAuthProvider[] {
new CredentialsAuthProvider(), //HTML Form post of UserName/Password credentials
new TwitterAuthProvider(appSettings), //Sign-in with Twitter
new FacebookAuthProvider(appSettings), //Sign-in with Facebook
new GoogleOpenIdOAuthProvider(appSettings), //Sign-in with Goolge OpenId
new WsFedSamlAuthProvider(appSettings)
})
I've add config settings to my app.config (I'm running a self host app):
<add key="oauth.googleopenid.AppId" value="XXX" />
<add key="oauth.googleopenid.AppSecret" value="XXX" />
<add key="oauth.googleopenid.RedirectUrl" value="http://XXX" />
<add key="oauth.googleopenid.CallbackUrl" value="http://XXX/api/auth/googleopenid" />
Incidentially the AppId and AppSecret aren't in the example, but I was getting a different error without them.
Finally I have put a web form in place on my login page:
<form action="/api/auth/googleopenid" method="POST">
<button class='btn' type='submit'>Sign-in with Google</button>
</form>
When I click the button I get the following error:
errorCode: InvalidOperation
Exceptionmessage: No current HttpContext was detected, so an IOpenIdApplicationStore instance must be explicitly provided or specified in the .config file. Call the constructor overload that takes an IOpenIdApplicationStore.stack
Trace[Auth: 08/01/13 20:49:30]: [REQUEST: {provider:googleopenid}]System.InvalidOperationException: No current HttpContext was detected, so an IOpenIdApplicationStore instance must be explicitly provided or specified in the .config file. Call the constructor overload that takes an IOpenIdApplicationStore. at DotNetOpenAuth.Messaging.ErrorUtilities.VerifyOperation(Boolean condition, String errorMessage, Object[] args) at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.get_HttpApplicationStore() at DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty..ctor() at ServiceStack.Authentication.OpenId.OpenIdOAuthProvider.Authenticate(IServiceBase authService, IAuthSession session, Auth request) at ServiceStack.ServiceInterface.Auth.AuthService.Authenticate(Auth request, String provider, IAuthSession session, IAuthProvider oAuthConfig) at ServiceStack.ServiceInterface.Auth.AuthService.Post(Auth request) at lambda_method(Closure , Object , Object ) at ServiceStack.ServiceHost.ServiceRunner`1.Execute(IRequestContext requestContext, Object instance, TRequest request)
I've followed through the examples as best as possible, I guess I am missing something?
Thank you in anticipation.
The problem related, as the error states, to there being no HTTP Context. This is because I am running in a self hosted app ie not in IIS.
To work in this environment it is necessary to provide dotnetopenauth with a custom application store. The store is where crypto keys and nonces get stored, in a IIS environment dotnetopenauth would use the application cache accessed through HTTP Context.
To solve the problem I have written a custom application store backed by a native REDIS client and a custom OpenIdAuthentication Provider.
I've put up a gist with my code here https://gist.github.com/miketrebilcock/6652969 . This works for a STS Server I have written based on OpenId, but doesn't seem to work with OpenId providers in Servicestack - a little more investigation required.