huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Remove Microsoft.Extensions.SecurityHelper.Sources 

\n\nCommit migrated from c41abe44af
This commit is contained in:
Nate McMaster 2018-12-13 11:26:34 -08:00
parent e0051303d1
commit 01a4a273d7
2 changed files with 0 additions and 133 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
src/Shared/SecurityHelper/SecurityHelper.cs
View File

@ -1,40 +0,0 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Linq;
using System.Security.Claims;
namespace Microsoft.Extensions.Internal
{
/// <summary>
/// Helper code used when implementing authentication middleware
/// </summary>
internal static class SecurityHelper
{
/// <summary>
/// Add all ClaimsIdentities from an additional ClaimPrincipal to the ClaimsPrincipal
/// Merges a new claims principal, placing all new identities first, and eliminating
/// any empty unauthenticated identities from context.User
/// </summary>
/// <param name="existingPrincipal">The <see cref="ClaimsPrincipal"/> containing existing <see cref="ClaimsIdentity"/>.</param>
/// <param name="additionalPrincipal">The <see cref="ClaimsPrincipal"/> containing <see cref="ClaimsIdentity"/> to be added.</param>
public static ClaimsPrincipal MergeUserPrincipal(ClaimsPrincipal existingPrincipal, ClaimsPrincipal additionalPrincipal)
{
var newPrincipal = new ClaimsPrincipal();
// New principal identities go first
if (additionalPrincipal != null)
{
newPrincipal.AddIdentities(additionalPrincipal.Identities);
}
// Then add any existing non empty or authenticated identities
if (existingPrincipal != null)
{
newPrincipal.AddIdentities(existingPrincipal.Identities.Where(i => i.IsAuthenticated || i.Claims.Any()));
}
return newPrincipal;
}
}
}

93
src/Shared/test/Shared.Tests/SecurityHelperTests.cs
View File

@ -1,93 +0,0 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Linq;
using System.Security.Claims;
using System.Security.Principal;
using Xunit;
namespace Microsoft.Extensions.Internal
{
public class SecurityHelperTests
{
[Fact]
public void AddingToAnonymousIdentityDoesNotKeepAnonymousIdentity()
{
var user = SecurityHelper.MergeUserPrincipal(new ClaimsPrincipal(), new GenericPrincipal(new GenericIdentity("Test1", "Alpha"), new string[0]));
Assert.NotNull(user);
Assert.Equal("Alpha", user.Identity.AuthenticationType);
Assert.Equal("Test1", user.Identity.Name);
Assert.IsAssignableFrom<ClaimsPrincipal>(user);
Assert.IsAssignableFrom<ClaimsIdentity>(user.Identity);
Assert.Single(user.Identities);
}
[Fact]
public void AddingExistingIdentityChangesDefaultButPreservesPrior()
{
ClaimsPrincipal user = new GenericPrincipal(new GenericIdentity("Test1", "Alpha"), null);
Assert.Equal("Alpha", user.Identity.AuthenticationType);
Assert.Equal("Test1", user.Identity.Name);
user = SecurityHelper.MergeUserPrincipal(user, new GenericPrincipal(new GenericIdentity("Test2", "Beta"), new string[0]));
Assert.Equal("Beta", user.Identity.AuthenticationType);
Assert.Equal("Test2", user.Identity.Name);
user = SecurityHelper.MergeUserPrincipal(user, new GenericPrincipal(new GenericIdentity("Test3", "Gamma"), new string[0]));
Assert.Equal("Gamma", user.Identity.AuthenticationType);
Assert.Equal("Test3", user.Identity.Name);
Assert.Equal(3, user.Identities.Count());
Assert.Equal("Test3", user.Identities.Skip(0).First().Name);
Assert.Equal("Test2", user.Identities.Skip(1).First().Name);
Assert.Equal("Test1", user.Identities.Skip(2).First().Name);
}
[Fact]
public void AddingPreservesNewIdentitiesAndDropsEmpty()
{
var existingPrincipal = new ClaimsPrincipal(new ClaimsIdentity());
var identityNoAuthTypeWithClaim = new ClaimsIdentity();
identityNoAuthTypeWithClaim.AddClaim(new Claim("identityNoAuthTypeWithClaim", "yes"));
existingPrincipal.AddIdentity(identityNoAuthTypeWithClaim);
var identityEmptyWithAuthType = new ClaimsIdentity("empty");
existingPrincipal.AddIdentity(identityEmptyWithAuthType);
Assert.False(existingPrincipal.Identity.IsAuthenticated);
var newPrincipal = new ClaimsPrincipal();
var newEmptyIdentity = new ClaimsIdentity();
var identityTwo = new ClaimsIdentity("yep");
newPrincipal.AddIdentity(newEmptyIdentity);
newPrincipal.AddIdentity(identityTwo);
var user = SecurityHelper.MergeUserPrincipal(existingPrincipal, newPrincipal);
// Preserve newPrincipal order
Assert.False(user.Identity.IsAuthenticated);
Assert.Null(user.Identity.Name);
Assert.Equal(4, user.Identities.Count());
Assert.Equal(newEmptyIdentity, user.Identities.Skip(0).First());
Assert.Equal(identityTwo, user.Identities.Skip(1).First());
Assert.Equal(identityNoAuthTypeWithClaim, user.Identities.Skip(2).First());
Assert.Equal(identityEmptyWithAuthType, user.Identities.Skip(3).First());
// This merge should drop newEmptyIdentity since its empty
user = SecurityHelper.MergeUserPrincipal(user, new GenericPrincipal(new GenericIdentity("Test3", "Gamma"), new string[0]));
Assert.Equal("Gamma", user.Identity.AuthenticationType);
Assert.Equal("Test3", user.Identity.Name);
Assert.Equal(4, user.Identities.Count());
Assert.Equal("Test3", user.Identities.Skip(0).First().Name);
Assert.Equal(identityTwo, user.Identities.Skip(1).First());
Assert.Equal(identityNoAuthTypeWithClaim, user.Identities.Skip(2).First());
Assert.Equal(identityEmptyWithAuthType, user.Identities.Skip(3).First());
}
}
}