React to forbid changes

2017-05-25 18:37:27 -07:00 · 2017-05-25 18:37:27 -07:00 · 273b25fb3a
parent d6a653145d
commit 273b25fb3a
2 changed files with 12 additions and 25 deletions
--- a/src/Microsoft.AspNetCore.Server.IISIntegration/AuthenticationHandler.cs
+++ b/src/Microsoft.AspNetCore.Server.IISIntegration/AuthenticationHandler.cs
@ -2,6 +2,7 @@
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.

 using System;
+using System.Security.Claims;
 using System.Globalization;
 using System.Security.Principal;
 using System.Threading.Tasks;
@ -58,29 +59,16 @@ namespace Microsoft.AspNetCore.Server.IISIntegration
            return _user;
        }

-
-        public Task ChallengeAsync(ChallengeContext context)
+        public Task ChallengeAsync(AuthenticationProperties properties)
        {
-            switch (context.Behavior)
-            {
-                case ChallengeBehavior.Automatic:
-                    // If there is a principal already, invoke the forbidden code path
-                    if (GetUser() == null)
-                    {
-                        goto case ChallengeBehavior.Unauthorized;
-                    }
-                    else
-                    {
-                        goto case ChallengeBehavior.Forbidden;
-                    }
-                case ChallengeBehavior.Unauthorized:
-                    context.HttpContext.Response.StatusCode = 401;
-                    // We would normally set the www-authenticate header here, but IIS does that for us.
-                    break;
-                case ChallengeBehavior.Forbidden:
-                    context.HttpContext.Response.StatusCode = 403;
-                    break;
-            }
+            // We would normally set the www-authenticate header here, but IIS does that for us.
+            _context.Response.StatusCode = 401;
+            return TaskCache.CompletedTask;
+        }
+
+        public Task ForbidAsync(AuthenticationProperties properties)
+        {
+            _context.Response.StatusCode = 403;
            return TaskCache.CompletedTask;
        }

@ -91,12 +79,12 @@ namespace Microsoft.AspNetCore.Server.IISIntegration
            return TaskCache.CompletedTask;
        }

-        public Task SignInAsync(SignInContext context)
+        public Task SignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
        {
            throw new NotSupportedException();
        }

-        public Task SignOutAsync(SignOutContext context)
+        public Task SignOutAsync(AuthenticationProperties properties)
        {
            return TaskCache.CompletedTask;
        }
--- a/test/Microsoft.AspNetCore.Server.IISIntegration.Tests/Microsoft.AspNetCore.Server.IISIntegration.Tests.csproj
+++ b/test/Microsoft.AspNetCore.Server.IISIntegration.Tests/Microsoft.AspNetCore.Server.IISIntegration.Tests.csproj
@ -12,7 +12,6 @@
  </ItemGroup>

  <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.Core" Version="$(AspNetCoreVersion)" />
    <PackageReference Include="Microsoft.AspNetCore.TestHost" Version="$(AspNetCoreVersion)" />
    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="$(TestSdkVersion)" />
    <PackageReference Include="xunit.runner.visualstudio" Version="$(XunitVersion)" />