huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add an opt-out DisableTelemetry option in the OpenID Connect middleware (#1140)

This commit is contained in:
Kévin Chalet 2017-03-13 18:02:59 +01:00 committed by Chris R
parent 9de5519c8b
commit 32dd435c6e
5 changed files with 61 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
View File

@ -161,6 +161,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
var message = new OpenIdConnectMessage() var message = new OpenIdConnectMessage()
{ {
EnableTelemetryParameters = !Options.DisableTelemetry,
IssuerAddress = _configuration?.EndSessionEndpoint ?? string.Empty, IssuerAddress = _configuration?.EndSessionEndpoint ?? string.Empty,
// Redirect back to SigneOutCallbackPath first before user agent is redirected to actual post logout redirect uri // Redirect back to SigneOutCallbackPath first before user agent is redirected to actual post logout redirect uri
@ -309,6 +310,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
var message = new OpenIdConnectMessage var message = new OpenIdConnectMessage
{ {
ClientId = Options.ClientId, ClientId = Options.ClientId,
EnableTelemetryParameters = !Options.DisableTelemetry,
IssuerAddress = _configuration?.AuthorizationEndpoint ?? string.Empty, IssuerAddress = _configuration?.AuthorizationEndpoint ?? string.Empty,
RedirectUri = BuildRedirectUri(Options.CallbackPath), RedirectUri = BuildRedirectUri(Options.CallbackPath),
Resource = Options.Resource, Resource = Options.Resource,
@ -1023,6 +1025,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
ClientSecret = Options.ClientSecret, ClientSecret = Options.ClientSecret,
Code = authorizationResponse.Code, Code = authorizationResponse.Code,
GrantType = OpenIdConnectGrantTypes.AuthorizationCode, GrantType = OpenIdConnectGrantTypes.AuthorizationCode,
EnableTelemetryParameters = !Options.DisableTelemetry,
RedirectUri = properties.Items[OpenIdConnectDefaults.RedirectUriForCodePropertiesKey] RedirectUri = properties.Items[OpenIdConnectDefaults.RedirectUriForCodePropertiesKey]
}; };

7
src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectOptions.cs
View File

@ -241,5 +241,12 @@ namespace Microsoft.AspNetCore.Builder
/// This is disabled by default. /// This is disabled by default.
/// </summary> /// </summary>
public bool SkipUnrecognizedRequests { get; set; } = false; public bool SkipUnrecognizedRequests { get; set; } = false;
/// <summary>
/// Indicates whether telemetry should be disabled. When this feature is enabled,
/// the assembly version of the Microsoft IdentityModel packages is sent to the
/// remote OpenID Connect provider as an authorization/logout request parameter.
/// </summary>
public bool DisableTelemetry { get; set; }
} }
} }

20
test/Microsoft.AspNetCore.Authentication.Test/OpenIdConnect/OpenIdConnectChallengeTests.cs
View File

@ -35,7 +35,23 @@ namespace Microsoft.AspNetCore.Authentication.Tests.OpenIdConnect
OpenIdConnectParameterNames.ResponseType, OpenIdConnectParameterNames.ResponseType,
OpenIdConnectParameterNames.ResponseMode, OpenIdConnectParameterNames.ResponseMode,
OpenIdConnectParameterNames.Scope, OpenIdConnectParameterNames.Scope,
OpenIdConnectParameterNames.RedirectUri); OpenIdConnectParameterNames.RedirectUri,
OpenIdConnectParameterNames.SkuTelemetry,
OpenIdConnectParameterNames.VersionTelemetry);
}
[Fact]
public async Task AuthorizationRequestDoesNotIncludeTelemetryParametersWhenDisabled()
{
var settings = new TestSettings(opt => opt.DisableTelemetry = true);
var server = settings.CreateTestServer();
var transaction = await server.SendAsync(ChallengeEndpoint);
var res = transaction.Response;
Assert.Equal(HttpStatusCode.Redirect, res.StatusCode);
Assert.DoesNotContain(OpenIdConnectParameterNames.SkuTelemetry, res.Headers.Location.Query);
Assert.DoesNotContain(OpenIdConnectParameterNames.VersionTelemetry, res.Headers.Location.Query);
} }
/* /*
@ -58,7 +74,7 @@ namespace Microsoft.AspNetCore.Authentication.Tests.OpenIdConnect
</body> </body>
*/ */
[Fact] [Fact]
public async Task ChallengeIssueedCorrectlyForFormPost() public async Task ChallengeIssuedCorrectlyForFormPost()
{ {
var settings = new TestSettings( var settings = new TestSettings(
opt => opt.AuthenticationMethod = OpenIdConnectRedirectBehavior.FormPost); opt => opt.AuthenticationMethod = OpenIdConnectRedirectBehavior.FormPost);

20
test/Microsoft.AspNetCore.Authentication.Test/OpenIdConnect/OpenIdConnectMiddlewareTests.cs
View File

@ -46,7 +46,25 @@ namespace Microsoft.AspNetCore.Authentication.Tests.OpenIdConnect
Assert.Equal(HttpStatusCode.Redirect, res.StatusCode); Assert.Equal(HttpStatusCode.Redirect, res.StatusCode);
Assert.NotNull(res.Headers.Location); Assert.NotNull(res.Headers.Location);
setting.ValidateSignoutRedirect(transaction.Response.Headers.Location); setting.ValidateSignoutRedirect(
transaction.Response.Headers.Location,
OpenIdConnectParameterNames.SkuTelemetry,
OpenIdConnectParameterNames.VersionTelemetry);
}
[Fact]
public async Task EndSessionRequestDoesNotIncludeTelemetryParametersWhenDisabled()
{
var setting = new TestSettings(opt => opt.DisableTelemetry = true);
var server = setting.CreateTestServer();
var transaction = await server.SendAsync(DefaultHost + TestServerBuilder.Signout);
var res = transaction.Response;
Assert.Equal(HttpStatusCode.Redirect, res.StatusCode);
Assert.DoesNotContain(OpenIdConnectParameterNames.SkuTelemetry, res.Headers.Location.Query);
Assert.DoesNotContain(OpenIdConnectParameterNames.VersionTelemetry, res.Headers.Location.Query);
} }
[Fact] [Fact]

14
test/Microsoft.AspNetCore.Authentication.Test/OpenIdConnect/TestSettings.cs
View File

@ -5,6 +5,7 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Diagnostics; using System.Diagnostics;
using System.Linq; using System.Linq;
using System.Reflection;
using System.Text; using System.Text;
using System.Text.Encodings.Web; using System.Text.Encodings.Web;
using System.Xml.Linq; using System.Xml.Linq;
@ -152,6 +153,12 @@ namespace Microsoft.AspNetCore.Authentication.Tests.OpenIdConnect
case OpenIdConnectParameterNames.State: case OpenIdConnectParameterNames.State:
ValidateState(actualValues, errors, htmlEncoded); ValidateState(actualValues, errors, htmlEncoded);
break; break;
case OpenIdConnectParameterNames.SkuTelemetry:
ValidateSkuTelemetry(actualValues, errors, htmlEncoded);
break;
case OpenIdConnectParameterNames.VersionTelemetry:
ValidateVersionTelemetry(actualValues, errors, htmlEncoded);
break;
default: default:
throw new InvalidOperationException($"Unknown parameter \"{paramToValidate}\"."); throw new InvalidOperationException($"Unknown parameter \"{paramToValidate}\".");
} }
@ -201,6 +208,13 @@ namespace Microsoft.AspNetCore.Authentication.Tests.OpenIdConnect
private void ValidateState(IDictionary<string, string> actualQuery, ICollection<string> errors, bool htmlEncoded) => private void ValidateState(IDictionary<string, string> actualQuery, ICollection<string> errors, bool htmlEncoded) =>
ValidateQueryParameter(OpenIdConnectParameterNames.State, ExpectedState, actualQuery, errors, htmlEncoded); ValidateQueryParameter(OpenIdConnectParameterNames.State, ExpectedState, actualQuery, errors, htmlEncoded);
private void ValidateSkuTelemetry(IDictionary<string, string> actualQuery, ICollection<string> errors, bool htmlEncoded) =>
ValidateQueryParameter(OpenIdConnectParameterNames.SkuTelemetry, "ID_NET", actualQuery, errors, htmlEncoded);
private void ValidateVersionTelemetry(IDictionary<string, string> actualQuery, ICollection<string> errors, bool htmlEncoded) =>
ValidateQueryParameter(OpenIdConnectParameterNames.VersionTelemetry,
typeof(OpenIdConnectMessage).GetTypeInfo().Assembly.GetName().Version.ToString(), actualQuery, errors, htmlEncoded);
private void ValidateQueryParameter( private void ValidateQueryParameter(
string parameterName, string parameterName,
string expectedValue, string expectedValue,