DotNetOpenId — “Это сообщение было уже обработано” Ошибка (Часть 2)
Это уже спросил Здесь, но не я, и OP принял ответ, который не помог мне. К настоящему времени я попытался войти в систему от различных браузеров, изменив веб-конфигурацию, очистив cookie, и загрузившись от внешней машины.
На самом деле я в конечном счете обнаруживал, что проблема характерна для моей собственной машины; когда я опубликовал к другой машине, она хорошо работала. Какие-либо предложения для того, где искать решения? Я сознательно использовал самый простой тестовый код, о котором я мог думать, чистая пустая aspx страница и простое Page_Load функция.
Править: Для разъяснения, как автор исходного вопроса, я добираюсь, "Это сообщение было уже обработано" ошибка. Это распечатывается для экранирования с Response.Write(response.Exception.ToString());. Я полагаю, что проблема связана с конфигурацией, в отличие от другого автора, так как признаки только обнаруживаются на моем локальном поле. Обратите внимание, что признаки независимы от того, тестирую ли я на том же поле, как код работает.
protected void Page_Load(object sender, EventArgs e)
{
using (OpenIdRelyingParty openid = new OpenIdRelyingParty())
{
IAuthenticationResponse response = openid.GetResponse();
if (response != null)
{
try
{
Response.Write(response.Exception.ToString());
}
catch (Exception)
{
}
return;
}
}
using (OpenIdRelyingParty openid = new OpenIdRelyingParty())
{
IAuthenticationRequest request = openid.CreateRequest(@"https://www.google.com/accounts/o8/id");
request.RedirectToProvider();
}
}
Сообщение об ошибке:
DotNetOpenAuth. Обмен сообщениями. Привязка. ReplayedMessageException: Это сообщение было уже обработано. Это могло указать на происходящую атаку с повторением пакетов. в DotNetOpenAuth. Обмен сообщениями. Привязка. StandardReplayProtectionBindingElement. ProcessIncomingMessage (сообщение IProtocolMessage) в c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\Bindings\StandardReplayProtectionBindingElement.cs:line 129 в DotNetOpenAuth. Обмен сообщениями. Канал. ProcessIncomingMessage (сообщение IProtocolMessage) в c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\Channel.cs:line 990 в DotNetOpenAuth. OpenId. ChannelElements. OpenIdChannel. ProcessIncomingMessage (сообщение IProtocolMessage) в c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\ChannelElements\OpenIdChannel.cs:line 172 в DotNetOpenAuth. Обмен сообщениями. Канал. ReadFromRequest (HttpRequestInfo httpRequest) в c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\Channel.cs:line 375 в DotNetOpenAuth. OpenId. RelyingParty. OpenIdRelyingParty. GetResponse (HttpRequestInfo httpRequestInfo) в c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\RelyingParty\OpenIdRelyingParty.cs:line 498
Журналы:
2010-02-01 14:19:57,238 (GMT-5) [4] INFO DotNetOpenAuth - DotNetOpenAuth, Version=3.4.0.10015, Culture=neutral, PublicKeyToken=2780ccd10d57b246 (official)
2010-02-01 14:19:57,253 (GMT-5) [4] INFO DotNetOpenAuth - Reporting will use isolated storage with scope: User, Domain, Assembly
2010-02-01 14:19:57,270 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Scanning incoming request for messages: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud&openid.response_nonce=[snip4]%3A[snip5]%3A[snip6]&openid.return_to=http%3A%2F%2Fmymachine%2FOpenIDGizmo%2Fsnort.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252Fo8%252Fid&openid.assoc_handle=[snip3]&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=[snip2]%2F[snip7]%3D&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]
2010-02-01 14:19:57,272 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Incoming HTTP request: GET http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud&openid.response_nonce=[snip4]%3A[snip5]%3A[snip6]&openid.return_to=http%3A%2F%2Fmymachine%2FOpenIDGizmo%2Fsnort.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252Fo8%252Fid&openid.assoc_handle=[snip3]&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=[snip2]%2F[snip7]%3D&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]
2010-02-01 14:19:57,360 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Incoming request received: PositiveAssertionResponse
2010-02-01 14:19:57,364 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Processing incoming PositiveAssertionResponse (2.0) message:
openid.claimed_id: https://www.google.com/accounts/o8/id?id=[snip1]
openid.identity: https://www.google.com/accounts/o8/id?id=[snip1]
openid.sig: [snip2]/[snip7]=
openid.signed: op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle
openid.assoc_handle: [snip3]
openid.op_endpoint: https://www.google.com/accounts/o8/ud
openid.return_to: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
openid.response_nonce: [snip4]:[snip5]:[snip6]
openid.mode: id_res
openid.ns: http://specs.openid.net/auth/2.0
dnoa.userSuppliedIdentifier: https://www.google.com/accounts/o8/id
2010-02-01 14:19:57,373 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,374 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,376 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Verifying incoming PositiveAssertionResponse message signature of: [snip2]=
2010-02-01 14:19:57,388 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Preparing to send CheckAuthenticationRequest (2.0) message.
2010-02-01 14:19:57,399 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not apply to message.
2010-02-01 14:19:57,399 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions did not apply to message.
2010-02-01 14:19:57,400 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,400 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did not apply to message.
2010-02-01 14:19:57,401 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,401 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2010-02-01 14:19:57,402 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2010-02-01 14:19:57,402 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not apply to message.
2010-02-01 14:19:57,403 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Prepared outgoing CheckAuthenticationRequest (2.0) message for https://www.google.com/accounts/o8/ud:
openid.return_to: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
openid.mode: check_authentication
openid.ns: http://specs.openid.net/auth/2.0
openid.claimed_id: https://www.google.com/accounts/o8/id?id=[snip1]
openid.identity: https://www.google.com/accounts/o8/id?id=[snip1]
openid.sig: [snip2]=
openid.signed: op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle
openid.assoc_handle: [snip3]
openid.op_endpoint: https://www.google.com/accounts/o8/ud
openid.response_nonce: [snip4]:[snip5]:[snip6]
dnoa.userSuppliedIdentifier: https://www.google.com/accounts/o8/id
2010-02-01 14:19:57,403 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Sending CheckAuthenticationRequest request.
2010-02-01 14:19:57,916 (GMT-5) [4] DEBUG DotNetOpenAuth.Http - HTTP POST https://www.google.com/accounts/o8/ud
2010-02-01 14:19:57,992 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Received CheckAuthenticationResponse response.
2010-02-01 14:19:57,992 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Processing incoming CheckAuthenticationResponse (2.0) message:
is_valid: true
ns: http://specs.openid.net/auth/2.0
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2010-02-01 14:19:57,994 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2010-02-01 14:19:57,995 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did not apply to message.
2010-02-01 14:19:57,995 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions did not apply to message.
2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not apply to message.
2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - After binding element processing, the received CheckAuthenticationResponse (2.0) message is:
is_valid: true
ns: http://specs.openid.net/auth/2.0
2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement applied to message.
web.config:
1 ответ
В некоторых версиях dotnetopenauth вы также можете получить:
Это сообщение уже было обработано. Это может указывать на атаку на воспроизведение.
если ваше значение maxAuthenticationTime слишком мало (что, очевидно, никак не связано с ошибкой - но это уже другой вопрос). Я столкнулся с этим только сегодня.
Чтобы увеличить это значение, отредактируйте запись конфигурации, как показано на https://github.com/DotNetOpenAuth/DotNetOpenAuth/wiki/Configuration (я предлагаю установить значение 0:10).