Tonight DotNetOpenId, soon to be renamed DotNetOpenAuth, released beta 1 of the major v3.0 release. You can download the bits from Ohloh. Although downloads should remember that as a beta this version should not be used in production, there are several new features that should be worth investigating and building a web application around while the final release is still in development:
- OAuth support (Both for Service Provider and Consumer roles.)
- RP+OP: Exceptions are now much more predictable: the host need only catch ProtocolException to handle all unexpected error cases.
- RP+OP: OpenID extensions without simultaneous authentication.
- RP: Signed callback arguments so relying parties can be confident their data was not tampered with during authentication.
- RP: Smaller authentication request messages (shorter URLs).
- OP: Ability to customize the lifetimes of each shared association type for added security.
- Over 400 unit tests (150+ more than previous version).
The biggest addition is obviously OAuth support, which is an entirely new protocol that actually has little-to-nothing to do with OpenID, except that they work great together. To do this the entire library was rewritten on a new reusable messaging stack that both the OpenID and OAuth protocols share.
Also keep in mind that with the product rename, the namespace has changed, and a little bit of the public API as well. This means that this version is not simply a drop-in replacement for DotNetOpenId v2.0, and host sites will have to adjust their code accordingly.
But as always, your feedback and donations for this free, open source software are appreciated!
if i’m not wrong, there is no code change except the namespace , for webforms relying party, in the sample, right?
itools,
That’s not fully determined. At this point, whether the namespace is all that a relying party needs to change for the upgrade depends on how much of the public API the site touches. A better, more comprehensive write-up will hopefully be ready when the final version is released.