DotNetOpenAuth not working with MVC 5 RC
Fix available.
Install NuGet package DotNetOpenAuth.Mvc5 and change all uses of AsActionResult() to AsActionResultMvc5()
After further debugging and talking to the people at DotNetOpenAuth at GitHub https://github.com/DotNetOpenAuth/DotNetOpenAuth/issues/307 the conclusion is that MVC 5 has a new security model.
Binding redirect will therefore not be enough. Until further there are two choices:
1) Grab the DotNetOpenAuth source code and removing the [assembly: AllowPartiallyTrustedCallers] from all projects. Recompile and member to disable strong name verfication sn -Vr *. After this code cannot be run on Medium Trust environments.
2) Grab the DotNetOpenAuth source code and recompiling it against MVC 5.
According to the discussion on GitHub the best future solution would be moving out all related MVC stuff to a separate assembly.
A workaround (can use with current beta nuget package) for this case:
Create a ActionResult class wraps
HttpResponseMessagepublic class WrapperHttpResponseMessageResult : ActionResult{ private readonly HttpResponseMessage _response; public WrapperHttpResponseMessageResult(HttpResponseMessage response) { _response = response; } public override void ExecuteResult(ControllerContext context) { HttpResponseBase responseContext = context.RequestContext.HttpContext.Response; responseContext.StatusCode = (int)_response.StatusCode; responseContext.StatusDescription = _response.ReasonPhrase; foreach (KeyValuePair<string, IEnumerable<string>> keyValuePair in (HttpHeaders)_response.Headers) { foreach (string str in keyValuePair.Value) responseContext.AddHeader(keyValuePair.Key, str); } if (_response.Content != null) { _response.Content.CopyToAsync(responseContext.OutputStream).Wait(); } }}Change
return outgoingWebResponse.AsActionResult();tonew WrapperHttpResponseMessageResult(outgoingWebResponse);
Code of WrapperHttpResponseMessageResult is copied from AsActionResult, so they do the same function.