How can I validate OpenId token in C#?

I am trying to validate using this parameters:

"openid.mode=check_authentication"<br>
+ "&openid.assoc_handle=" + txtAssocHandle.Text<br>
+ "&openid.response_nonce=" + HttpUtility.UrlEncode(txtNonce.Text)<br>开发者_JAVA技巧
+ "&openid.op_endpoint=" + txtEndpoint.Text<br>
+ "&openid.sig=" + txtSignature.Text<br>
+ "&openid.signed=mode,identity,return_to";

and it returns

is_valid:false
ns:http://specs.openid.net/auth/2.0

what am I doing wrong here? the txt fields are being filled with login response values

Your openid.signed argument needs to be exactly what the OP sent to your RP rather than this incomplete hard-coded list of 3 parameters, for one thing. All your arguments should be URL encoded as well, not just your nonce.

There is a lot more to validating an OpenID token than just sending it back to the OP using "dumb mode". What are you trying to do?

Have you considered using an OpenID library? Seriously, getting OpenID right (meaning secure, and interoperable) is a big job. Way bigger than assembling just the right query string. :)