Auth cleanup

- Rename Security folder -> Authentication
- Change Authenticate to only take one scheme to match other APIs, the
params overload did not make it any cleaner to consume (since it didn't
produce a combined ClaimsPrincipal anyways)
This commit is contained in:
Hao Kung 2015-03-16 14:26:46 -07:00
parent 93deb0b440
commit 08ddbe8531
10 changed files with 27 additions and 43 deletions

View File

@ -1,6 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNet.Http.Authentication; using Microsoft.AspNet.Http.Authentication;
@ -10,24 +11,19 @@ namespace Microsoft.AspNet.Http.Core.Authentication
{ {
public class AuthenticateContext : IAuthenticateContext public class AuthenticateContext : IAuthenticateContext
{ {
private List<AuthenticationResult> _results; private AuthenticationResult _result;
private List<string> _accepted; private bool _accepted;
public AuthenticateContext([NotNull] IEnumerable<string> authenticationSchemes) public AuthenticateContext([NotNull] string authenticationScheme)
{ {
AuthenticationSchemes = authenticationSchemes; AuthenticationScheme = authenticationScheme;
_results = new List<AuthenticationResult>();
_accepted = new List<string>();
} }
public IEnumerable<string> AuthenticationSchemes { get; private set; } public string AuthenticationScheme { get; private set; }
public IEnumerable<AuthenticationResult> Results public AuthenticationResult Result { get; set; }
{
get { return _results; }
}
public IEnumerable<string> Accepted public bool Accepted
{ {
get { return _accepted; } get { return _accepted; }
} }
@ -35,13 +31,13 @@ namespace Microsoft.AspNet.Http.Core.Authentication
public void Authenticated(ClaimsPrincipal principal, IDictionary<string, string> properties, IDictionary<string, object> description) public void Authenticated(ClaimsPrincipal principal, IDictionary<string, string> properties, IDictionary<string, object> description)
{ {
var descrip = new AuthenticationDescription(description); var descrip = new AuthenticationDescription(description);
_accepted.Add(descrip.AuthenticationScheme); // may not match identity.AuthType _accepted = true;
_results.Add(new AuthenticationResult(principal, new AuthenticationProperties(properties), descrip)); Result = new AuthenticationResult(principal, new AuthenticationProperties(properties), descrip);
} }
public void NotAuthenticated(string authenticationScheme, IDictionary<string, string> properties, IDictionary<string, object> description) public void NotAuthenticated()
{ {
_accepted.Add(authenticationScheme); _accepted = true;
} }
} }
} }

View File

@ -212,44 +212,41 @@ namespace Microsoft.AspNet.Http.Core
return describeContext.Results; return describeContext.Results;
} }
public override IEnumerable<AuthenticationResult> Authenticate([NotNull] IEnumerable<string> authenticationSchemes) public override AuthenticationResult Authenticate([NotNull] string authenticationScheme)
{ {
var handler = HttpAuthenticationFeature.Handler; var handler = HttpAuthenticationFeature.Handler;
var authenticateContext = new AuthenticateContext(authenticationSchemes); var authenticateContext = new AuthenticateContext(authenticationScheme);
if (handler != null) if (handler != null)
{ {
handler.Authenticate(authenticateContext); handler.Authenticate(authenticateContext);
} }
// Verify all types ack'd if (!authenticateContext.Accepted)
IEnumerable<string> leftovers = authenticationSchemes.Except(authenticateContext.Accepted);
if (leftovers.Any())
{ {
throw new InvalidOperationException("The following authentication schemes were not accepted: " + string.Join(", ", leftovers)); throw new InvalidOperationException("The following authentication scheme was not accepted: " + authenticationScheme);
} }
return authenticateContext.Results; return authenticateContext.Result;
} }
public override async Task<IEnumerable<AuthenticationResult>> AuthenticateAsync([NotNull] IEnumerable<string> authenticationSchemes) public override async Task<AuthenticationResult> AuthenticateAsync([NotNull] string authenticationScheme)
{ {
var handler = HttpAuthenticationFeature.Handler; var handler = HttpAuthenticationFeature.Handler;
var authenticateContext = new AuthenticateContext(authenticationSchemes); var authenticateContext = new AuthenticateContext(authenticationScheme);
if (handler != null) if (handler != null)
{ {
await handler.AuthenticateAsync(authenticateContext); await handler.AuthenticateAsync(authenticateContext);
} }
// Verify all types ack'd // Verify all types ack'd
IEnumerable<string> leftovers = authenticationSchemes.Except(authenticateContext.Accepted); if (!authenticateContext.Accepted)
if (leftovers.Any())
{ {
throw new InvalidOperationException("The following authentication schemes were not accepted: " + string.Join(", ", leftovers)); throw new InvalidOperationException("The following authentication scheme was not accepted: " + authenticationScheme);
} }
return authenticateContext.Results; return authenticateContext.Result;
} }
public override Task<WebSocket> AcceptWebSocketAsync(string subProtocol) public override Task<WebSocket> AcceptWebSocketAsync(string subProtocol)

View File

@ -8,10 +8,10 @@ namespace Microsoft.AspNet.Http.Authentication
{ {
public interface IAuthenticateContext public interface IAuthenticateContext
{ {
IEnumerable<string> AuthenticationSchemes { get; } string AuthenticationScheme { get; }
void Authenticated(ClaimsPrincipal principal, IDictionary<string, string> properties, IDictionary<string, object> description); void Authenticated(ClaimsPrincipal principal, IDictionary<string, string> properties, IDictionary<string, object> description);
void NotAuthenticated(string authenticationScheme, IDictionary<string, string> properties, IDictionary<string, object> description); void NotAuthenticated();
} }
} }

View File

@ -8,6 +8,7 @@ namespace Microsoft.AspNet.Http.Authentication
public interface IHttpAuthenticationFeature public interface IHttpAuthenticationFeature
{ {
ClaimsPrincipal User { get; set; } ClaimsPrincipal User { get; set; }
IAuthenticationHandler Handler { get; set; } IAuthenticationHandler Handler { get; set; }
} }
} }

View File

@ -54,19 +54,9 @@ namespace Microsoft.AspNet.Http
public abstract IEnumerable<AuthenticationDescription> GetAuthenticationSchemes(); public abstract IEnumerable<AuthenticationDescription> GetAuthenticationSchemes();
public virtual AuthenticationResult Authenticate(string authenticationScheme) public abstract AuthenticationResult Authenticate(string authenticationScheme);
{
return Authenticate(new[] { authenticationScheme }).SingleOrDefault();
}
public abstract IEnumerable<AuthenticationResult> Authenticate(IEnumerable<string> authenticationSchemes); public abstract Task<AuthenticationResult> AuthenticateAsync(string authenticationScheme);
public virtual async Task<AuthenticationResult> AuthenticateAsync(string authenticationScheme)
{
return (await AuthenticateAsync(new[] { authenticationScheme })).SingleOrDefault();
}
public abstract Task<IEnumerable<AuthenticationResult>> AuthenticateAsync(IEnumerable<string> authenticationSchemes);
public virtual Task<WebSocket> AcceptWebSocketAsync() public virtual Task<WebSocket> AcceptWebSocketAsync()
{ {