1

I'm implementing an OAuth2Client and when I call

var result = OAuthWebSecurity.VerifyAuthentication();

I result.IsSuccessful is equals to false. I've seen that "OAuthWebSecurity.IsAuthenticatedWithOAuth" method has the following exception:

'Microsoft.Web.WebPages.OAuth.OAuthWebSecurity.IsAuthenticatedWithOAuth' threw an exception of type 'System.MissingMethodException' "Method not found: 'Void DotNetOpenAuth.AspNet.OpenAuthSecurityManager..ctor(System.Web.HttpContextBase)'." " at Microsoft.Web.WebPages.OAuth.OAuthWebSecurity.GetIsAuthenticatedWithOAuthCore(HttpContextBase context)\r\n at Microsoft.Web.WebPages.OAuth.OAuthWebSecurity.get_IsAuthenticatedWithOAuth()"

Why?

Gui Ferreira
  • 4,367
  • 6
  • 28
  • 41

2 Answers2

2

It looks like it's because of this change. I've opened an issue to track and fix this.

For now, if you install the 4.0.4.12182 version of DotNetOpenAuth.AspNet, it should correct the problem (it was before the regression was introduced).

Andrew Arnott
  • 80,040
  • 26
  • 132
  • 171
  • Nuget gives me this message when I try to install version 4.0.12182... "Updating 'DotNetOpenAuth.Core 4.2.2.13055' to 'DotNetOpenAuth.Core 4.0.4.12182' failed. Unable to find a version of 'DotNetOpenAuth.OAuth2.Core' that is compatible with 'DotNetOpenAuth.Core 4.0.4.12182'" – Gui Ferreira Feb 28 '13 at 12:13
  • Try the command again, but this time adding the `-pre` switch. – Andrew Arnott Mar 01 '13 at 04:04
  • I've tried to Install DotNetOpenAuth.Core -pre but I get incompatibility errors with Web Api. – Gui Ferreira Mar 01 '13 at 10:46
  • Don't just install DotNetOpenAuth.Core. Use the command on the leaf package you installed. – Andrew Arnott Mar 01 '13 at 16:53
1

I'm going with an workaround... In my scenario I have only one OAuth Client, so if I cast it to my client I can verify authentication.

var result = ((MyOAuth2Client)OAuthWebSecurity.GetOAuthClientData("my")
.AuthenticationClient).VerifyAuthentication(HttpContext, Request.Url);
Gui Ferreira
  • 4,367
  • 6
  • 28
  • 41
  • can you share more details? Where does "MyOAuth2Client" come from, I don't have it, it you could make it work with the latest 4.2.2.13055 dotnetopenauth please share... thx – firepol Apr 09 '13 at 12:15
  • @firepol check this: http://stackoverflow.com/questions/14988312/oauthwebsecurity-without-openid "MyOAuth2Client" is a custom implementation of OAuth2Client. This is like Facebook or Twitter client supplied by DotNetOpenAuth but applied to a custom provider – Gui Ferreira Apr 09 '13 at 13:02
  • Tried this, but I still have the same error, "{"Method not found: 'Void DotNetOpenAuth.AspNet.OpenAuthSecurityManager ..ctor(System.Web.HttpContextBase)'."}" – Case Apr 10 '13 at 19:36
  • @Guilherme: can you share (or mail firepol80 [at] gmail) a working example for Facebook? The link you posted is for SoundCloud... I created a project and was using the FB login since a few months and it was working. Then I updated to 4.2.x and it still works (result.IsSuccessful = true) but only for existing users saved in the webpages_OAuthMembership table & not when testing on localhost. It doesnt work (result.IsSuccessful = false) when trying to login a new FB user. I tried with DotNetOpenAuth 4.0.3 (new mvc4 fresh project) and result.IsSuccessful = false, always. This is driving me crazy. – firepol Apr 14 '13 at 09:36
  • UPDATE: doh! It works with DotNetOpenAuth 4.2.2x, my problem is that somebody in my company changed the Sandbox mode to "enabled" for our FB app (without informing me) so that's why it didn't work on localhost also for existing users. For the new users I had another problem I could also find (not related to oauth). I could see the error by editing the soundcloud example, it was possible to debug and see exactly where the problem was. I will publish the custom oauth code and share it in the week. – firepol Apr 14 '13 at 12:33