2 files changed, 48 insertions, 1 deletions

diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.js b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.js
index a2cf8e2..cdc3d96 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.js
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdAjaxTextBox.js
@@ -390,6 +390,21 @@ function initAjaxOpenId(box, openid_logo_url, dotnetopenid_logo_url, spinner_url
 		// visual cue that auth was successful
 		var parsedPositiveAssertion = new window.dnoa_internal.PositiveAssertion(discoveryResult.successAuthData);
 		box.dnoi_internal.claimedIdentifier = parsedPositiveAssertion.claimedIdentifier;
+		if (discoveryResult.claimedIdentifier != parsedPositiveAssertion.claimedIdentifier) {
+			// The OP doesn't support delegation.  So "correct" the identifier the user entered
+			// so he realizes his identity didn't stick.
+			box.value = parsedPositiveAssertion.claimedIdentifier;
+			box.lastDiscoveredIdentifier = box.value;
+
+			// Also inject a fake discovery result for this new identifier to keep the UI from performing
+			// discovery on the new identifier (the RP will perform the necessary verification server-side).
+			if (!window.dnoa_internal.discoveryResults[box.value]) {
+				// We must make sure that the only service endpoint from the earlier discovery that
+				// is copied over is the one that sent the assertion just now. Deep clone, then strip
+				// out the other SEPs.
+				window.dnoa_internal.discoveryResults[box.value] = discoveryResult.cloneWithOneServiceEndpoint(respondingEndpoint);
+			}
+		}
 		box.dnoi_internal.setVisualCue('authenticated', parsedPositiveAssertion.endpoint, parsedPositiveAssertion.claimedIdentifier);
 		if (box.dnoi_internal.onauthenticated) {
 			box.dnoi_internal.onauthenticated(box, extensionResponses);
@@ -477,7 +492,7 @@ function initAjaxOpenId(box, openid_logo_url, dotnetopenid_logo_url, spinner_url
 				discover();
 			} else {
 				var newValue = box.value;
-				if (lastValue != newValue) {
+				if (lastValue != newValue && newValue != box.lastDiscoveredIdentifier) {
 					box.dnoi_internal.setVisualCue();
 					if (newValue.length == 0) {
 						reset();
diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.js b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.js
index 555bdb6..86613fb 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.js
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyAjaxControlBase.js
@@ -372,6 +372,25 @@ window.dnoa_internal.DiscoveryResult = function(identifier, discoveryInfo) {
 
 	};
 
+	this.cloneWithOneServiceEndpoint = function(serviceEndpoint) {
+		var clone = window.dnoa_internal.clone(this);
+		clone.userSuppliedIdentifier = serviceEndpoint.claimedIdentifier;
+
+		// Erase all SEPs except the given one, and put it into first position.
+		clone.length = 1;
+		for (var i = 0; i < this.length; i++) {
+			if (clone[i].endpoint.toString() == serviceEndpoint.endpoint.toString()) {
+				var tmp = clone[i];
+				clone[i] = null;
+				clone[0] = tmp;
+			} else {
+				clone[i] = null;
+			}
+		}
+
+		return clone;
+	};
+
 	this.userSuppliedIdentifier = identifier;
 
 	if (discoveryInfo) {
@@ -496,3 +515,16 @@ window.dnoa_internal.PositiveAssertion = function(uri) {
 	}
 	this.toString = function() { return uri.toString(); };
 };
+
+window.dnoa_internal.clone = function(obj) {
+	if (obj == null || typeof (obj) != 'object') {
+		return obj;
+	}
+
+	var temp = new Object();
+	for (var key in obj) {
+		temp[key] = window.dnoa_internal.clone(obj[key]);
+	}
+
+	return temp;
+};
\ No newline at end of file