Exciting times are afoot. We have just released a Community Technology Preview of DotNetOpenAuth with built in support for OAuth2.

Download it here

Andrew posted a notice to our discussion group earlier today

For those of you chomping at the bit to start development with DotNetOpenAuth upcoming OAuth 2.0 support, now you can.

https://www.ohloh.net/p/dotnetopenauth/download?package=DotNetOpenAuth+CTP&release=OAuth2

Please do take notice of the rider that comes with this (and any) CTP;

The public API has not been locked down, and please assume that critical security holes exist, at this early stage in development.  The OAuth 2.0 spec is still a moving target, and I have not yet audited all the code to lock it down security-wise.  This is a preview so you can begin development with the library and provide early feedback. 

Do not "go live" with this version!

And please don't be shy with the feedback. :)

Further reading:

OAuth2 Specification (http://wiki.oauth.net/OAuth-2)

When targeting ASP.NET MVC 2, this assemblyBinding makes MVC 1 references relink to MVC 2 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it.

I have just downloaded my update to NDepend, and also really I think you should too. Why? Well, how do you fancy having the wealth of information that NDepend provides INTEGRATED within your Visual Studio environment? Yeah! Wow.

I have to admit that having to pop out to an external application was beginning to grind a little – especially when I have all my other tools integrated within my VS environment so I was was pretty much blown away by what I saw during the overview tour (http://www.ndepend.com/Features.aspx).

NDepend is a Visual Studio tool that makes it easy to manage complex .NET code base.
With NDepend, hundreds of standard and custom rules are continuously checked in Visual Studio with no performance cost. Hence, the design remains clean, large refactoring are seamless, code reviews are effective and evolution is mastered.
Benefits are better communication, improved quality and faster development.

Download your own copy of NDepend here (Trial Edition) http://www.ndepend.com/NDependDownload.aspx

Prerequisites

• MakeCert.exe (Which should be part of a visual studio install or downloadable here)
• winhttpcertcfg.exe (downloadable here)
• APPCMD (Part of Vista / Server 2008 / Windows 7)
• 'Certificates' snap-in for Personal and Local Computer using MMC

Method

Execute the following command from a command prompt

makecert -r -pe -n CN=*.domain.com -ss my -sr currentuser -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 wildcard.domain.cer

then

• From the RUN command or start menu, type MMC
• File > Add or Remove Snap-ins - Select Certificates, Click Add, Select My user account, Click Finish
• Repeat previous step and select My Computer (then selecting Local Computer)
• Click OK
• Expand Certificates - Current User > Personal > Certificates
• Right click *.domain.com and All Tasks > Export. The PFX file contains both the public and private key for this cert, hence why your asked for a password.
• Copy or Move the Certificate from Current User > Personal > Certificates to Local Computer > Trusted Root Certification Authorities > Certificates
• Import the PFX into Local Computer > Personal > Certificates (this will be the certificate used by your web services.

Now let's create your web servers

Remove existing demo app pools and sites

%windir%\system32\inetsrv\Appcmd delete site "Demo 1"
%windir%\system32\inetsrv\Appcmd delete site "Demo 2"
%windir%\system32\inetsrv\Appcmd delete AppPool "Demo 1 App Pool"
%windir%\system32\inetsrv\Appcmd delete AppPool "Demo 2 Portal App Pool"

Establish SSL Environment

Tell windows that Network Service is allowed access to your wildcard cert. and tell it to bind the cert to port 443 on your IP address

PathToWinHTTPCertCfg\winhttpcertcfg -g -i "wildcard.domain.com.pfx" -c LOCAL_MACHINE\My -a “Network Service” -p MySecretPassword

Then execute the following

netsh http add sslcert ipport=<YOURLOCALIPADDRESS>:443 certhash=<CERTIFICATE THUMBPRINT> appid=<A GUID IN THE FORM OF {ab3c58f7-8316-42e3-bc6e-771d4ce4b201}>

Create App Pools and Sites

This is the code to create app pools and sites

%windir%\system32\inetsrv\Appcmd add site -id:100 -name:"Demo 1" -bindings:http/*:80:YOURLOCALIPADDRESS -physicalPath:<PathToDemo1Source> -logfile.directory:<PathToPutLogFilesIn> -traceFailedRequestsLogging.directory:<PathToPutTraceFiles>

%windir%\system32\inetsrv\Appcmd set app "Demo 1/" -applicationPool:"Demo 1 App Pool"

%windir%\system32\inetsrv\Appcmd set site /site.name:"Demo 1" /+bindings.[protocol='https',bindingInformation='*:443:demo1.domain.com']

%windir%\system32\inetsrv\Appcmd add site -id:200 -name:"Demo 2" -bindings:http/*:80:YOURLOCALIPADDRESS -physicalPath:<PathToDemo2Source> -logfile.directory:<PathToPutLogFilesIn> -traceFailedRequestsLogging.directory:<PathToPutTraceFiles>

%windir%\system32\inetsrv\Appcmd set app "Demo 2/" -applicationPool:"Demo 2 App Pool"

%windir%\system32\inetsrv\Appcmd set site /site.name:"Demo 2" /+bindings.[protocol='https',bindingInformation='*:443:demo2.domain.com']

...and that should be you ;) Enjoy!

Facebook will momentarily add yet another feather to their bow by becoming the biggest example of a social network accepting OpenID from other companies.

It is maybe now, more than ever we should expect websites to care more about verifying the age and identity of their customers – now that one of the largest in the market has widely accepted a technology that makes asserting verified claims SO easy.