Setting up a OpenID provider for testing

Question

I'm developing a site that uses OpenID for authentication, which is working fine however... I often work on it while travelling without an internet connection. If the session expires and I need to login again, I can't until I have connectivity again.

What I'd like to do is setup a really dumb OpenID provider on a local IIS, that I can use to login while disconnected. By really dumb I mean just that - it just needs to be a hard coded URL that responds correctly as an openID provider and allows login.

I've had a quick look at the OpenIdProviderMvc sample included with DotNetOpenAuth, but it didn't compile out of the box (couldn't resolve assembly ApplicationServices). Before I dig in deeper, I thought someone might have already been through this process.

Answer 1

So I figured this out. The OpenIdProviderMvc sample project included in DotNetOpenAuth works fine.

Main thing that I got stuck on is that the relying party site needs to have localhost whitelisted as follows:

In the configSections section of web.config:

  <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection" requirePermission="false" allowLocation="true"/>

And this as a new config section:

 <dotNetOpenAuth>
  <messaging>
   <untrustedWebRequest>
    <whitelistHosts>
     <add name="localhost" />
    </whitelistHosts>
   </untrustedWebRequest>
  </messaging>
 </dotNetOpenAuth>

If you're interested, I've also knocked together an even more dumbed down provider "localid" which let you login using an OpenID like this: http://localid/member/anythingyoulike. No login screens, just an infinite array of valid OpenID identifiers. More info here.