Tuesday, December 08, 2009

Rest in peace, ExtremeSwank OpenID and OAuth

ExtremeSwankOpenID and ExtremeSwankOAuth, both libraries authored by John Ehn, have been discontinued according to the project sites respective home pages which have a new note that reads: “Note: This … Consumer is no longer in development.”

ExtremeSwankOpenID was stagnant in development lately, and when a recent OpenID vulnerability was identified as impacting the ExtremeSwankOpenID library due to a hidden “feature” in the .NET Framework’s handling of HTTP responses, it appears the library was retired rather than fixed.  This library was one of only two OpenID implementations written in .NET that were recognized in many OpenID circles.  It also touted a unique feature (which I never investigated personally) of allowing desktop applications to use OpenID to authenticate their users.

ExtremeSwankOAuth is one of many .NET OAuth implementations, and the reasoning for its retirement is less clear.

Notwithstanding ExtremeSwankOpenID’s recent lack of development, it was ironically John’s library that was under active development and supported OpenID 2.0 while a very early version of DotNetOpenId wasn’t being developed and only supported OpenID 1.1.  It was seeing DotNetOpenId’s own users switch to John’s library that motivated me to re-engage development of DotNetOpenId, now rechristened DotNetOpenAuth, which is now the only OpenID implementation for .NET that I know of – and a dang good one too if I may say so.

Although I did not know John personally, I’ve shared a few emails with him and he seemed a courteous and motivated programmer.  I wish him well on his future pursuits.

Thursday, December 03, 2009

DotNetOpenAuth v3.3 is released

It’s been nearly six months since v3.2 was released.  So what’s in v3.3 that took so long to bake?  Well, a lot of it was waiting for and getting used to Code Contracts to mature enough to bet on the technology. 

The most exciting changes though are the new OpenIdSelector control, and the new project template that helps you get going fast and strong with a new web site that accepts OpenID and/or InfoCard to log users in.  Seriously, you gotta get this version and try it out.  You can see a live demo of the new login UX now.

Go download DotNetOpenAuth now.  And get the project template too.

As usual, you can get more of the details of the changes on the VersionChanges wiki page.

Do you like what you see?  Don’t forget to contribute so that future versions can keep rocking!

Click here to lend your support to: dotnetopenid and make a donation at www.pledgie.com !