Add Validate(scheme) and use for RemoteSignInScheme not self validation

2017-10-10 13:51:07 -07:00 · 2017-10-10 13:51:07 -07:00 · 02cd997e32
parent e0ad6ed6b9
commit 02cd997e32
6 changed files with 38 additions and 11 deletions
--- a/src/Microsoft.AspNetCore.Authentication/AuthenticationBuilder.cs
+++ b/src/Microsoft.AspNetCore.Authentication/AuthenticationBuilder.cs
@ -97,10 +97,6 @@ namespace Microsoft.AspNetCore.Authentication
            public void PostConfigure(string name, TOptions options)
            {
                options.SignInScheme = options.SignInScheme ?? _authOptions.DefaultSignInScheme ?? _authOptions.DefaultScheme;
-                if (string.Equals(options.SignInScheme, name, StringComparison.Ordinal))
-                {
-                    throw new InvalidOperationException(Resources.Exception_RemoteSignInSchemeCannotBeSelf);
-                }
            }
        }
    }
--- a/src/Microsoft.AspNetCore.Authentication/AuthenticationHandler.cs
+++ b/src/Microsoft.AspNetCore.Authentication/AuthenticationHandler.cs
@ -87,7 +87,7 @@ namespace Microsoft.AspNetCore.Authentication
            Context = context;

            Options = OptionsMonitor.Get(Scheme.Name) ?? new TOptions();
-            Options.Validate();
+            Options.Validate(Scheme.Name);

            await InitializeEventsAsync();
            await InitializeHandlerAsync();
--- a/src/Microsoft.AspNetCore.Authentication/AuthenticationSchemeOptions.cs
+++ b/src/Microsoft.AspNetCore.Authentication/AuthenticationSchemeOptions.cs
@ -13,9 +13,14 @@ namespace Microsoft.AspNetCore.Authentication
        /// <summary>
        /// Check that the options are valid. Should throw an exception if things are not ok.
        /// </summary>
-        public virtual void Validate()
-        {
-        }
+        public virtual void Validate() { }
+
+        /// <summary>
+        /// Checks that the options are valid for a specific scheme
+        /// </summary>
+        /// <param name="scheme">The scheme being validated.</param>
+        public virtual void Validate(string scheme)
+            => Validate();

        /// <summary>
        /// Gets or sets the issuer that should be used for any claims that are created
--- a/src/Microsoft.AspNetCore.Authentication/RemoteAuthenticationOptions.cs
+++ b/src/Microsoft.AspNetCore.Authentication/RemoteAuthenticationOptions.cs
@ -32,6 +32,19 @@ namespace Microsoft.AspNetCore.Authentication
            };
        }

+        /// <summary>
+        /// Checks that the options are valid for a specific scheme
+        /// </summary>
+        /// <param name="scheme">The scheme being validated.</param>
+        public override void Validate(string scheme)
+        {
+            base.Validate(scheme);
+            if (string.Equals(scheme, SignInScheme, StringComparison.Ordinal))
+            {
+                throw new InvalidOperationException(Resources.Exception_RemoteSignInSchemeCannotBeSelf);
+            }
+        }
+
        /// <summary>
        /// Check that the options are valid.  Should throw an exception if things are not ok.
        /// </summary>
--- a/test/Microsoft.AspNetCore.Authentication.Test/FacebookTests.cs
+++ b/test/Microsoft.AspNetCore.Authentication.Test/FacebookTests.cs
@ -29,7 +29,11 @@ namespace Microsoft.AspNetCore.Authentication.Facebook
        {
            var server = CreateServer(
                app => { },
-                services => services.AddAuthentication().AddFacebook(o => o.SignInScheme = FacebookDefaults.AuthenticationScheme),
+                services => services.AddAuthentication().AddFacebook(o => {
+                    o.AppId = "whatever";
+                    o.AppSecret = "whatever";
+                    o.SignInScheme = FacebookDefaults.AuthenticationScheme;
+                }),
                context => 
                {
                    // Gross
@ -45,7 +49,10 @@ namespace Microsoft.AspNetCore.Authentication.Facebook
        {
            var server = CreateServer(
                app => { },
-                services => services.AddAuthentication(o => o.DefaultScheme = FacebookDefaults.AuthenticationScheme).AddFacebook(),
+                services => services.AddAuthentication(o => o.DefaultScheme = FacebookDefaults.AuthenticationScheme).AddFacebook(o => {
+                    o.AppId = "whatever";
+                    o.AppSecret = "whatever";
+                }),
                context =>
                {
                    // Gross
@ -61,7 +68,10 @@ namespace Microsoft.AspNetCore.Authentication.Facebook
        {
            var server = CreateServer(
                app => { },
-                services => services.AddAuthentication(o => o.DefaultSignInScheme = FacebookDefaults.AuthenticationScheme).AddFacebook(),
+                services => services.AddAuthentication(o => o.DefaultSignInScheme = FacebookDefaults.AuthenticationScheme).AddFacebook(o => {
+                    o.AppId = "whatever";
+                    o.AppSecret = "whatever";
+                }),
                context =>
                {
                    // Gross
--- a/test/Microsoft.AspNetCore.Authentication.Test/OAuthTests.cs
+++ b/test/Microsoft.AspNetCore.Authentication.Test/OAuthTests.cs
@ -27,6 +27,9 @@ namespace Microsoft.AspNetCore.Authentication.OAuth
                    o.SignInScheme = "weeblie";
                    o.ClientId = "whatever";
                    o.ClientSecret = "whatever";
+                    o.CallbackPath = "/whatever";
+                    o.AuthorizationEndpoint = "/whatever";
+                    o.TokenEndpoint = "/whatever";
                }));
            var error = await Assert.ThrowsAsync<InvalidOperationException>(() => server.SendAsync("https://example.com/"));
            Assert.Contains("cannot be set to itself", error.Message);