Auth cleanup
- Rename Security folder -> Authentication - Change Authenticate to only take one scheme to match other APIs, the params overload did not make it any cleaner to consume (since it didn't produce a combined ClaimsPrincipal anyways)
This commit is contained in:
parent
93deb0b440
commit
08ddbe8531
|
|
@ -1,6 +1,7 @@
|
||||||
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
|
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using Microsoft.AspNet.Http.Authentication;
|
using Microsoft.AspNet.Http.Authentication;
|
||||||
|
|
@ -10,24 +11,19 @@ namespace Microsoft.AspNet.Http.Core.Authentication
|
||||||
{
|
{
|
||||||
public class AuthenticateContext : IAuthenticateContext
|
public class AuthenticateContext : IAuthenticateContext
|
||||||
{
|
{
|
||||||
private List<AuthenticationResult> _results;
|
private AuthenticationResult _result;
|
||||||
private List<string> _accepted;
|
private bool _accepted;
|
||||||
|
|
||||||
public AuthenticateContext([NotNull] IEnumerable<string> authenticationSchemes)
|
public AuthenticateContext([NotNull] string authenticationScheme)
|
||||||
{
|
{
|
||||||
AuthenticationSchemes = authenticationSchemes;
|
AuthenticationScheme = authenticationScheme;
|
||||||
_results = new List<AuthenticationResult>();
|
|
||||||
_accepted = new List<string>();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public IEnumerable<string> AuthenticationSchemes { get; private set; }
|
public string AuthenticationScheme { get; private set; }
|
||||||
|
|
||||||
public IEnumerable<AuthenticationResult> Results
|
public AuthenticationResult Result { get; set; }
|
||||||
{
|
|
||||||
get { return _results; }
|
|
||||||
}
|
|
||||||
|
|
||||||
public IEnumerable<string> Accepted
|
public bool Accepted
|
||||||
{
|
{
|
||||||
get { return _accepted; }
|
get { return _accepted; }
|
||||||
}
|
}
|
||||||
|
|
@ -35,13 +31,13 @@ namespace Microsoft.AspNet.Http.Core.Authentication
|
||||||
public void Authenticated(ClaimsPrincipal principal, IDictionary<string, string> properties, IDictionary<string, object> description)
|
public void Authenticated(ClaimsPrincipal principal, IDictionary<string, string> properties, IDictionary<string, object> description)
|
||||||
{
|
{
|
||||||
var descrip = new AuthenticationDescription(description);
|
var descrip = new AuthenticationDescription(description);
|
||||||
_accepted.Add(descrip.AuthenticationScheme); // may not match identity.AuthType
|
_accepted = true;
|
||||||
_results.Add(new AuthenticationResult(principal, new AuthenticationProperties(properties), descrip));
|
Result = new AuthenticationResult(principal, new AuthenticationProperties(properties), descrip);
|
||||||
}
|
}
|
||||||
|
|
||||||
public void NotAuthenticated(string authenticationScheme, IDictionary<string, string> properties, IDictionary<string, object> description)
|
public void NotAuthenticated()
|
||||||
{
|
{
|
||||||
_accepted.Add(authenticationScheme);
|
_accepted = true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -212,44 +212,41 @@ namespace Microsoft.AspNet.Http.Core
|
||||||
return describeContext.Results;
|
return describeContext.Results;
|
||||||
}
|
}
|
||||||
|
|
||||||
public override IEnumerable<AuthenticationResult> Authenticate([NotNull] IEnumerable<string> authenticationSchemes)
|
public override AuthenticationResult Authenticate([NotNull] string authenticationScheme)
|
||||||
{
|
{
|
||||||
var handler = HttpAuthenticationFeature.Handler;
|
var handler = HttpAuthenticationFeature.Handler;
|
||||||
|
|
||||||
var authenticateContext = new AuthenticateContext(authenticationSchemes);
|
var authenticateContext = new AuthenticateContext(authenticationScheme);
|
||||||
if (handler != null)
|
if (handler != null)
|
||||||
{
|
{
|
||||||
handler.Authenticate(authenticateContext);
|
handler.Authenticate(authenticateContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Verify all types ack'd
|
if (!authenticateContext.Accepted)
|
||||||
IEnumerable<string> leftovers = authenticationSchemes.Except(authenticateContext.Accepted);
|
|
||||||
if (leftovers.Any())
|
|
||||||
{
|
{
|
||||||
throw new InvalidOperationException("The following authentication schemes were not accepted: " + string.Join(", ", leftovers));
|
throw new InvalidOperationException("The following authentication scheme was not accepted: " + authenticationScheme);
|
||||||
}
|
}
|
||||||
|
|
||||||
return authenticateContext.Results;
|
return authenticateContext.Result;
|
||||||
}
|
}
|
||||||
|
|
||||||
public override async Task<IEnumerable<AuthenticationResult>> AuthenticateAsync([NotNull] IEnumerable<string> authenticationSchemes)
|
public override async Task<AuthenticationResult> AuthenticateAsync([NotNull] string authenticationScheme)
|
||||||
{
|
{
|
||||||
var handler = HttpAuthenticationFeature.Handler;
|
var handler = HttpAuthenticationFeature.Handler;
|
||||||
|
|
||||||
var authenticateContext = new AuthenticateContext(authenticationSchemes);
|
var authenticateContext = new AuthenticateContext(authenticationScheme);
|
||||||
if (handler != null)
|
if (handler != null)
|
||||||
{
|
{
|
||||||
await handler.AuthenticateAsync(authenticateContext);
|
await handler.AuthenticateAsync(authenticateContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Verify all types ack'd
|
// Verify all types ack'd
|
||||||
IEnumerable<string> leftovers = authenticationSchemes.Except(authenticateContext.Accepted);
|
if (!authenticateContext.Accepted)
|
||||||
if (leftovers.Any())
|
|
||||||
{
|
{
|
||||||
throw new InvalidOperationException("The following authentication schemes were not accepted: " + string.Join(", ", leftovers));
|
throw new InvalidOperationException("The following authentication scheme was not accepted: " + authenticationScheme);
|
||||||
}
|
}
|
||||||
|
|
||||||
return authenticateContext.Results;
|
return authenticateContext.Result;
|
||||||
}
|
}
|
||||||
|
|
||||||
public override Task<WebSocket> AcceptWebSocketAsync(string subProtocol)
|
public override Task<WebSocket> AcceptWebSocketAsync(string subProtocol)
|
||||||
|
|
|
||||||
|
|
@ -8,10 +8,10 @@ namespace Microsoft.AspNet.Http.Authentication
|
||||||
{
|
{
|
||||||
public interface IAuthenticateContext
|
public interface IAuthenticateContext
|
||||||
{
|
{
|
||||||
IEnumerable<string> AuthenticationSchemes { get; }
|
string AuthenticationScheme { get; }
|
||||||
|
|
||||||
void Authenticated(ClaimsPrincipal principal, IDictionary<string, string> properties, IDictionary<string, object> description);
|
void Authenticated(ClaimsPrincipal principal, IDictionary<string, string> properties, IDictionary<string, object> description);
|
||||||
|
|
||||||
void NotAuthenticated(string authenticationScheme, IDictionary<string, string> properties, IDictionary<string, object> description);
|
void NotAuthenticated();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -8,6 +8,7 @@ namespace Microsoft.AspNet.Http.Authentication
|
||||||
public interface IHttpAuthenticationFeature
|
public interface IHttpAuthenticationFeature
|
||||||
{
|
{
|
||||||
ClaimsPrincipal User { get; set; }
|
ClaimsPrincipal User { get; set; }
|
||||||
|
|
||||||
IAuthenticationHandler Handler { get; set; }
|
IAuthenticationHandler Handler { get; set; }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -54,19 +54,9 @@ namespace Microsoft.AspNet.Http
|
||||||
|
|
||||||
public abstract IEnumerable<AuthenticationDescription> GetAuthenticationSchemes();
|
public abstract IEnumerable<AuthenticationDescription> GetAuthenticationSchemes();
|
||||||
|
|
||||||
public virtual AuthenticationResult Authenticate(string authenticationScheme)
|
public abstract AuthenticationResult Authenticate(string authenticationScheme);
|
||||||
{
|
|
||||||
return Authenticate(new[] { authenticationScheme }).SingleOrDefault();
|
|
||||||
}
|
|
||||||
|
|
||||||
public abstract IEnumerable<AuthenticationResult> Authenticate(IEnumerable<string> authenticationSchemes);
|
public abstract Task<AuthenticationResult> AuthenticateAsync(string authenticationScheme);
|
||||||
|
|
||||||
public virtual async Task<AuthenticationResult> AuthenticateAsync(string authenticationScheme)
|
|
||||||
{
|
|
||||||
return (await AuthenticateAsync(new[] { authenticationScheme })).SingleOrDefault();
|
|
||||||
}
|
|
||||||
|
|
||||||
public abstract Task<IEnumerable<AuthenticationResult>> AuthenticateAsync(IEnumerable<string> authenticationSchemes);
|
|
||||||
|
|
||||||
public virtual Task<WebSocket> AcceptWebSocketAsync()
|
public virtual Task<WebSocket> AcceptWebSocketAsync()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue