diff options
| -rw-r--r-- | build.proj | 9 | ||||
| -rw-r--r-- | doc/README.Bin.html | 57 | ||||
| -rw-r--r-- | doc/README.html | 193 | ||||
| -rw-r--r-- | samples/README.html | 156 | ||||
| -rw-r--r-- | src/DotNetOpenAuth.sln | 2 |
5 files changed, 233 insertions, 184 deletions
@@ -110,8 +110,13 @@ $(ProjectRoot)\Doc\*.htm*; $(ProjectRoot)\LICENSE.txt; $(ProjectRoot)\CONTRIB.txt; - " /> - <DropBinSourceFiles Include="$(OutputPath)\$(ProductName).???" /> + " + Exclude="$(ProjectRoot)\Doc\README.*.html;" /> + <DropBinSourceFiles Include=" + $(OutputPath)\$(ProductName).???; + $(OutputPath)\$(ProductName).Contracts.???; + $(ProjectRoot)\Doc\README.Bin.html; + " /> <DropSamplesSourceFiles Include="$(ProjectRoot)\Samples\**" Exclude=" $(ProjectRoot)\**\obj\**; $(ProjectRoot)\**\*.user; diff --git a/doc/README.Bin.html b/doc/README.Bin.html new file mode 100644 index 0000000..4d6df90 --- /dev/null +++ b/doc/README.Bin.html @@ -0,0 +1,57 @@ +<html> +<head> + <style type="text/css"> + th + { + text-align: left; + } + th, td + { + vertical-align: top; + } + </style> +</head> +<body> + <h1>Binary dependencies of sites using this library</h1> + <table> + <tr> + <th> + DotNetOpenAuth.dll + </th> + <td>the <b>only runtime dependency</b> for web sites to use this library. </td> + </tr> + <tr> + <th> + DotNetOpenAuth.pdb + </th> + <td>may be useful for debugging purposes.</td> + </tr> + <tr> + <th> + DotNetOpenAuth.xml + </th> + <td>provides Intellisense during development.</td> + </tr> + <tr> + <th> + DotNetOpenAuth.Contracts.dll</th> + <td><a href="http://msdn.microsoft.com/en-us/devlabs/dd491992.aspx">Compile-time + code contracts</a> for use by applications that reference DotNetOpenAuth.dll to + help web developers avoid mistakes and unhandled exceptions.</td> + </tr> + <tr> + <th> + log4net.dll + </th> + <td>If present, will allow for recording log messages this library emits.</td> + </tr> + <tr> + <th> + Microsoft.Contracts.dll + </th> + <td>enables contract compile-time and runtime enforcement, but currently only used for + developing DotNetOpenAuth itself.</td> + </tr> + </table> +</body> +</html> diff --git a/doc/README.html b/doc/README.html index 66261fb..7877d72 100644 --- a/doc/README.html +++ b/doc/README.html @@ -1,186 +1,15 @@ <html> <body> - <h1>DotNetOpenAuth Library and samples </h1> - <h3>Change history </h3> - <ul> - <li>2007-03-28 Created by Willem Muller (willem.muller@netidme.com)</li> - <li>2007-04-04 Updated by Andrew Arnott (andrewarnott@gmail.com)</li> - <li>2008-03-27 Updated by Andrew Arnott (andrewarnott@gmail.com)</li> - <li>2009-03-26 Updated by Andrew Arnott (andrewarnott@gmail.com)</li> - </ul> - <h1>General</h1> - <h3>Prerequisites:</h3> - <ul> - <li>Microsoft .NET 3.5</li> - <li>Visual Studio 2008 or IIS</li> - <li>Microsoft Windows (XP or Vista, or 2003 Server or later)</li> - <li>See the tools section further below for some helpful software </li> - </ul> - <h2>Getting the samples running</h2> - <h3>Testing the relying party/provider samples with each other</h3> - <p>In this scenario you can use the Personal Web Server (PWS) that is included in Visual - Studio 2008.</p> - <ol> - <li>Open the DotNetOpenAuth.sln or Samples.sln file in VS2008.</li> - <li>Right-click on each web project under the Samples folder and click "View in Browser" - to start PWS for each web site.</li> - <li>Each web project will be dynamicly assigned a port number. Find the port number - on the URL of the browser window for the Provider. </li> - <li>Now log into the Relying Party sample web site with this OpenID: http://localhost:<i>providerport</i>/user/bob. - </li> - <li>When the provider prompts you for a password, type in 'test'.</li> - </ol> - <h3>Testing with other relying party/provider sites on the Internet</h3> - <ul> - <li>You need to have a public IP address to test the Provider sample with other Relying - Party web sites out on the Internet so they can find your Provider. </li> - <li>You might need to configure your firewall and/or router to forward traffic to your - computer.</li> - <li>Note that some OpenID-enabled sites block URLs that use just IP addresses. - You may need to get a DNS name to point at your public IP address in order for your - scenario to work.</li> - <li>Ensure your firewall is configured to allow inbound and outbound TCP port 80 connections.</li> - <li>Since VS2008 Personal Web Server (PWS) does not allow web requests from other servers - (as required by OpenID relying parties trying to log into your server), testing - with external relying parties requires you to use IIS to host your server.</li> - </ul> - <h3>Setting up the IIS Applications</h3> - <ul> - <li>Create an IIS web application for each sample. </li> - <li>Check that IIS is responding to requests on the port that your router will be forwarding - requests to you on, if applicable.</li> - <li>Enable anonymous access to each site.</li> - <li>Set up URL rewriting.<ul> - <li>This is the process of url conversion like: user/john ->user.aspx?username=john</li> - <li>In IIS, go properties on the website (not the virtual directory)</li> - <li>Go the Home Directory Tab and click Configuration</li> - <li>Insert a wildcard extension </li> - <li>Enter 'c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll' for the executable</li> - <li>Uncheck the 'Verify that file exists button'</li> - <li>OK your way out of everything</li> - <li>If you navigate to 'http://localhost/OpenIdProviderWebForms/user/bob' you should - see the text: 'OpenID identity page for bob'</li> - </ul> - </li> - </ul> - <p>Note: These instructions work on IIS 6 with Windows 2003 Server. Other version of - IIS (such as the one with windows XP - IIS 5.1) will vary. For IIS 5.1 , try follow - instructions documented toward the end of this article: http://www.codeproject.com/aspnet/URLRewriter.asp. - If you still have issues (particularly if you get 404 when trying the demos or experience - something like <a href="http://groups.google.co.uk/group/microsoft.public.inetserver.iis/browse_thread/thread/386efa0bf596234b/ee1fab525c129071?lnk=st&q=URLRewriter+IIS+XP+404&rnum=2&hl=en#ee1fab525c129071"> - this</a>) try this: </p> - <ol> - <li>create a file extension mapping for .openid files that maps to asp.net (c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll)</li> - <li>browse to .openid eg: http://IP/OpenIdProviderWebForms/user/bob.openid</li> - </ol> - <p>Configure VS2008 to use IIS rather than PWS</p> - <ol> - <li>Right-click on one of the web projects within Solution Explorer.</li> - <li>Select Property Pages.</li> - <li>Select Start Options on the left.</li> - <li>Under the Server section on the right, select Use Custom Server and fill in the - Base URL.</li> - </ol> - <h2>The demos</h2> - <p>These will illustrate OpenID in action. You can debug the code to get a good idea - of what's going on. The implementations are built on top of ASP.NET's forms authentication. - So basically if you're unauthenticated and get to page requiring authentication, - it takes you through the OpenID identity provider, tracks in session that you've - left and then recognizes the user when they return to the relying party and only - then logs them into FormsAuth and redirects them to their originally requested page. - </p> - <h3>The Relying Party Demo </h3> - <ol> - <li>Kill all session cookies</li> - <li>Create an OpenID account with one of the Open Servers listed below OR use the demo - Server as the identity provider - using http://[EXTERNAL IP]/OpenIdProviderWebForms/user/bob - with the password 'test'</li> - <li>Go to http://[EXTERNAL IP]/OpenIdRelyingPartyWebForms/default.aspx and enter the - OpenIDURL</li> - <li>You are required to authenticate with the provider. Some fields (eg Name, DoB, Country - etc.) are requested, some required and some omitted. Your OpenID provider should - prompt you for the relevant fields, or at least make you aware which fields its - passing back. The exact page flow and auhentication mechanism will be implemented - differently by different identity providers.</li> - <li>After providing the required info and loggin in, you are taken back to the http://[EXTERNAL - IP]/OpenIdRelyingPartyWebForms/default.aspx and the available profile information - is displayed</li> - </ol> - <h3>The Provider Demo </h3> - <ol> - <li>Kill all session cookies</li> - <li>Get the full openID url for a user based on whats in web.config. By default you - can use http://[EXTERNAL IP]/OpenIdProviderWebForms/user/bob with the password 'test'</li> - <li>Go to http://[EXTERNAL IP]/OpenIdRelyingPartyWebForms/default.aspx and enter the - OpenIDURL of the local server</li> - <li>The user is prompted for their password. The username field is propulated from the - openid url and grayed out.</li> - <li>The user is presentend with their identity url, a trust root (the site requiring - authentication) and set of fields to complete. Only the requested or required fields - are presented. Fields with * means the consumer requires it. </li> - <li>The user completes the fields and clicks Yes and are taken to http://[EXTERNAL IP]/OpenIdRelyingPartyWebForms/default.aspx - with their available profile information.</li> - </ol> - <h3>Interesting classes and methods</h3> - <h4>Relying party</h4> - <ul> - <li>DotNetOpenId.RelyingParty.<b>OpenIdRelyingParty</b> - programmatic access to everything - a relying party web site needs.</li> - <li>DotNetOpenId.RelyingParty.<b>OpenIdTextBox</b> - An ASP.NET control that is a bare-bones - text input box with a LogOn method that automatically does all the OpenId stuff - for you.</li> - <li>DotNetOpenId.RelyingParty.<b>OpenIdLogin</b> - Like the OpenIdTextBox, but has a - Login button and some other end user-friendly UI built-in. Drop this onto - your web form and you're all done!</li> - </ul> - <h4>Provider</h4> - <ul> - <li>DotNetOpenId.Provider.<b>OpenIdProvider</b> - programmatic access to everything - a provider web site needs.</li> - <li>DotNetOpenId.Provider.<b>ProviderEndpoint</b> - An ASP.NET control that you can - drop in and have an instant provider endpoint on your page.</li> - <li>DotNetOpenId.Provider.<b>IdentityEndpoint</b> - An ASP.NET control that you can - drop onto the page for your own or your customers' individual identity pages - for discovery by Relying Parties.</li> - </ul> - <h3>Development tips / Issues I found:</h3> - <p>Here is a growing list of <a href="http://openiddirectory.com/allcats.html">OpenID - enabled sites</a> to test with. </p> - <p>Good sites to test with if you're developing a relying party:<ul> - <li><a href="http://www.myopenid.com/">http://www.myopenid.com/</a></li> - <li><a href="http://claimid.com/">http://claimid.com/</a> (supports registration extensions)</li> - <li><a href="http://www.freeyourid.com/">http://www.freeyourid.com/</a> (supports registration - extensions)</li> - </ul> - <p>Good sites to test with if you're developing a server:<ul> - <li><a href="http://beta.zooomr.com/home">http://beta.zooomr.com/home</a> *</li> - <li><a href="http://cr.unchy.com/">http://cr.unchy.com/</a> (supports registration - extensions)</li> - <li><a href="http://blog.identity20.eu">http://blog.identity20.eu</a> *</li> - <li><a href="http://openiddirectory.com">http://openiddirectory.com</a> *</li> - <li><a href="http://www.centernetworks.com/">http://www.centernetworks.com/</a> - (supports registration extensions)</li> - <li><a href="http://www.loudisrelative.com">http://www.loudisrelative.com</a> - (supports registration extensions)</li> - <li><a href="http://rssarchive.com/index.html">http://rssarchive.com/index.html</a> - </li> - <li><a href="http://www.jyte.com">http://www.jyte.com</a> (supports registration - extensions)</li> - <li><a href="http://dis.covr.us/">http://dis.covr.us/</a> </li> - </ul> - * These sites seem to block outgoing traffic that is not on a non standard HTTP - port like 80 and 443. Therefore you'll need to host on a proper internet domain - before doing any testing with them. - <p>Useful tools: - <ul> - <li><a href="http://www.fiddlertool.com/fiddler/">Fiddler</a> - this will allow you - to monitor HTTP traffic when using IE</li> - <li><a href="http://www.bayden.com/Other/">TamperIE</a> - allows you to change form - data before posting it</li> - <li><a href="http://www.microsoft.com/downloads/details.aspx?familyid=E59C3964-672D-4511-BB3E-2D5E1DB91038&displaylang=en"> - IE Developer toolbar</a> - good tool for general IE UI development. Has some neat - features for quickly clearing cookies etc.</li> - <li><a href="http://www.iopus.com/download/">iMacros</a> - good for automating web testing</li> - </ul> + <h1>DotNetOpenAuth Library and samples</h1> + <p>DotNetOpenAuth is a .NET library that enables OpenID, OAuth and InfoCard support + to be easily added to your web and/or desktop applications. </p> + <p>The project site for this library is hosted at + <a href="http://dotnetopenid.googlecode.com/"> + http://dotnetopenid.googlecode.com/</a>. Please visit that web site for + documentation, support and maintenance releases.</p> + <p>As with any library that is used for security-sensitive purposes such as + authentication and authorization, you should periodically check the project web + site for updates to this library before and after you install it into a desktop + or web application.</p> </body> </html> diff --git a/samples/README.html b/samples/README.html new file mode 100644 index 0000000..287942a --- /dev/null +++ b/samples/README.html @@ -0,0 +1,156 @@ +<html> +<body> + <h1>DotNetOpenAuth samples </h1> + <h3>Prerequisites:</h3> + <ul> + <li>Microsoft .NET 3.5</li> + <li>Visual Studio 2008 or IIS (Visual Studio 2005 is reported to work, however)</li> + <li>Microsoft Windows (XP or Vista, or 2003 Server or later)</li> + <li>See the tools section further below for some helpful software </li> + </ul> + <h2>Getting the samples running</h2> + <h3>Testing the relying party/provider samples with each other</h3> + <p>In this scenario you can use the Personal Web Server (PWS) that is included in Visual + Studio 2008.</p> + <ol> + <li>Open the DotNetOpenAuth.sln or Samples.sln file in VS2008.</li> + <li>Right-click on each web project under the Samples folder and click "View in Browser" + to start PWS for each web site.</li> + <li>Each web project will be dynamicly assigned a port number. Find the port number + on the URL of the browser window for the Provider. </li> + <li>Now log into the Relying Party sample web site with this OpenID: http://localhost:<i>providerport</i>/user/bob. + </li> + <li>When the provider prompts you for a password, type in 'test'.</li> + </ol> + <h3>Testing with other relying party/provider sites on the Internet</h3> + <ul> + <li>You need to have a public IP address to test the Provider sample with other Relying + Party web sites out on the Internet so they can find your Provider. </li> + <li>You might need to configure your firewall and/or router to forward traffic to your + computer.</li> + <li>Note that some OpenID-enabled sites block URLs that use just IP addresses. + You may need to get a DNS name to point at your public IP address in order for your + scenario to work.</li> + <li>Ensure your firewall is configured to allow inbound and outbound TCP port 80 connections.</li> + <li>Since VS2008 Personal Web Server (PWS) does not allow web requests from other servers + (as required by OpenID relying parties trying to log into your server), testing + with external relying parties requires you to use IIS to host your server.</li> + </ul> + <h3>Setting up the IIS Applications</h3> + <ul> + <li>Create an IIS web application for each sample. </li> + <li>Check that IIS is responding to requests on the port that your router will be forwarding + requests to you on, if applicable.</li> + <li>Enable anonymous access to each site.</li> + </ul> + <p>Configure VS2008 to use IIS rather than PWS</p> + <ol> + <li>Right-click on one of the web projects within Solution Explorer.</li> + <li>Select Property Pages.</li> + <li>Select Start Options on the left.</li> + <li>Under the Server section on the right, select Use Custom Server and fill in the + Base URL.</li> + </ol> + <h2>The demos</h2> + <p>These will illustrate OpenID in action. You can debug the code to get a good idea + of what's going on. The implementations are built on top of ASP.NET's forms authentication. + So basically if you're unauthenticated and get to page requiring authentication, + it takes you through the OpenID identity provider, tracks in session that you've + left and then recognizes the user when they return to the relying party and only + then logs them into FormsAuth and redirects them to their originally requested page. + </p> + <h3>The Relying Party Demo </h3> + <ol> + <li>Kill all session cookies</li> + <li>Create an OpenID account with one of the Open Servers listed below OR use the demo + Server as the identity provider - using http://[EXTERNAL IP]/OpenIdProviderWebForms/user/bob + with the password 'test'</li> + <li>Go to http://[EXTERNAL IP]/OpenIdRelyingPartyWebForms/default.aspx and enter the + OpenIDURL</li> + <li>You are required to authenticate with the provider. Some fields (eg Name, DoB, Country + etc.) are requested, some required and some omitted. Your OpenID provider should + prompt you for the relevant fields, or at least make you aware which fields its + passing back. The exact page flow and auhentication mechanism will be implemented + differently by different identity providers.</li> + <li>After providing the required info and loggin in, you are taken back to the http://[EXTERNAL + IP]/OpenIdRelyingPartyWebForms/default.aspx and the available profile information + is displayed</li> + </ol> + <h3>The Provider Demo </h3> + <ol> + <li>Kill all session cookies</li> + <li>Get the full openID url for a user based on whats in web.config. By default you + can use http://[EXTERNAL IP]/OpenIdProviderWebForms/user/bob with the password 'test'</li> + <li>Go to http://[EXTERNAL IP]/OpenIdRelyingPartyWebForms/default.aspx and enter the + OpenIDURL of the local server</li> + <li>The user is prompted for their password. The username field is propulated from the + openid url and grayed out.</li> + <li>The user is presentend with their identity url, a trust root (the site requiring + authentication) and set of fields to complete. Only the requested or required fields + are presented. Fields with * means the consumer requires it. </li> + <li>The user completes the fields and clicks Yes and are taken to http://[EXTERNAL IP]/OpenIdRelyingPartyWebForms/default.aspx + with their available profile information.</li> + </ol> + <h3>Interesting classes and methods</h3> + <h4>Relying party</h4> + <ul> + <li>DotNetOpenId.RelyingParty.<b>OpenIdRelyingParty</b> - programmatic access to everything + a relying party web site needs.</li> + <li>DotNetOpenId.RelyingParty.<b>OpenIdTextBox</b> - An ASP.NET control that is a bare-bones + text input box with a LogOn method that automatically does all the OpenId stuff + for you.</li> + <li>DotNetOpenId.RelyingParty.<b>OpenIdLogin</b> - Like the OpenIdTextBox, but has a + Login button and some other end user-friendly UI built-in. Drop this onto + your web form and you're all done!</li> + </ul> + <h4>Provider</h4> + <ul> + <li>DotNetOpenId.Provider.<b>OpenIdProvider</b> - programmatic access to everything + a provider web site needs.</li> + <li>DotNetOpenId.Provider.<b>ProviderEndpoint</b> - An ASP.NET control that you can + drop in and have an instant provider endpoint on your page.</li> + <li>DotNetOpenId.Provider.<b>IdentityEndpoint</b> - An ASP.NET control that you can + drop onto the page for your own or your customers' individual identity pages + for discovery by Relying Parties.</li> + </ul> + <h3>Development tips / Issues I found:</h3> + <p>Here is a growing list of <a href="http://openiddirectory.com/allcats.html">OpenID + enabled sites</a> to test with. </p> + <p>Good sites to test with if you're developing a relying party:<ul> + <li><a href="http://www.myopenid.com/">http://www.myopenid.com/</a></li> + <li><a href="http://claimid.com/">http://claimid.com/</a> (supports registration extensions)</li> + <li><a href="http://www.freeyourid.com/">http://www.freeyourid.com/</a> (supports registration + extensions)</li> + </ul> + <p>Good sites to test with if you're developing a server:<ul> + <li><a href="http://beta.zooomr.com/home">http://beta.zooomr.com/home</a> *</li> + <li><a href="http://cr.unchy.com/">http://cr.unchy.com/</a> (supports registration + extensions)</li> + <li><a href="http://blog.identity20.eu">http://blog.identity20.eu</a> *</li> + <li><a href="http://openiddirectory.com">http://openiddirectory.com</a> *</li> + <li><a href="http://www.centernetworks.com/">http://www.centernetworks.com/</a> + (supports registration extensions)</li> + <li><a href="http://www.loudisrelative.com">http://www.loudisrelative.com</a> + (supports registration extensions)</li> + <li><a href="http://rssarchive.com/index.html">http://rssarchive.com/index.html</a> + </li> + <li><a href="http://www.jyte.com">http://www.jyte.com</a> (supports registration + extensions)</li> + <li><a href="http://dis.covr.us/">http://dis.covr.us/</a> </li> + </ul> + * These sites seem to block outgoing traffic that is not on a non standard HTTP + port like 80 and 443. Therefore you'll need to host on a proper internet domain + before doing any testing with them. + <p>Useful tools: + <ul> + <li><a href="http://www.fiddlertool.com/fiddler/">Fiddler</a> - this will allow you + to monitor HTTP traffic when using IE</li> + <li><a href="http://www.bayden.com/Other/">TamperIE</a> - allows you to change form + data before posting it</li> + <li><a href="http://www.microsoft.com/downloads/details.aspx?familyid=E59C3964-672D-4511-BB3E-2D5E1DB91038&displaylang=en"> + IE Developer toolbar</a> - good tool for general IE UI development. Has some neat + features for quickly clearing cookies etc.</li> + <li><a href="http://www.iopus.com/download/">iMacros</a> - good for automating web testing</li> + </ul> +</body> +</html> diff --git a/src/DotNetOpenAuth.sln b/src/DotNetOpenAuth.sln index a811989..171ab07 100644 --- a/src/DotNetOpenAuth.sln +++ b/src/DotNetOpenAuth.sln @@ -9,7 +9,9 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution ProjectSection(SolutionItems) = preProject DotNetOpenAuth.vsmdi = DotNetOpenAuth.vsmdi LocalTestRun.testrunconfig = LocalTestRun.testrunconfig + ..\doc\README.Bin.html = ..\doc\README.Bin.html ..\doc\README.html = ..\doc\README.html + ..\samples\README.html = ..\samples\README.html EndProjectSection EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Specs", "Specs", "{CD57219F-24F4-4136-8741-6063D0D7A031}" |