Rename windows auth forwarder header to MS-PLATFORM-HANDLER-WINAUTHTOKEN.

This commit is contained in:
Chris R 2016-01-14 10:29:39 -08:00
parent cc1cb1d480
commit 3458f80ec4
3 changed files with 17 additions and 10 deletions

View File

@ -3,7 +3,6 @@
using System; using System;
using System.Globalization; using System.Globalization;
using System.Security.Cryptography.X509Certificates;
using System.Security.Principal; using System.Security.Principal;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
@ -20,7 +19,8 @@ namespace Microsoft.AspNet.IISPlatformHandler
{ {
public class IISPlatformHandlerMiddleware public class IISPlatformHandlerMiddleware
{ {
private const string XIISWindowsAuthToken = "X-IIS-WindowsAuthToken"; private const string XIISWindowsAuthToken = "X-IIS-WindowsAuthToken"; // TODO: Legacy, remove before RTW
private const string MSPlatformHandlerWinAuthToken = "MS-PLATFORM-HANDLER-WINAUTHTOKEN";
private const string MSPlatformHandlerClientCert = "MS-PLATFORM-HANDLER-CLIENTCERT"; private const string MSPlatformHandlerClientCert = "MS-PLATFORM-HANDLER-CLIENTCERT";
private readonly RequestDelegate _next; private readonly RequestDelegate _next;
@ -49,7 +49,7 @@ namespace Microsoft.AspNet.IISPlatformHandler
public async Task Invoke(HttpContext httpContext) public async Task Invoke(HttpContext httpContext)
{ {
if (_options.FlowClientCertificate) if (_options.ForwardClientCertificate)
{ {
var header = httpContext.Request.Headers[MSPlatformHandlerClientCert]; var header = httpContext.Request.Headers[MSPlatformHandlerClientCert];
if (!StringValues.IsNullOrEmpty(header)) if (!StringValues.IsNullOrEmpty(header))
@ -58,7 +58,7 @@ namespace Microsoft.AspNet.IISPlatformHandler
} }
} }
if (_options.FlowWindowsAuthentication) if (_options.ForwardWindowsAuthentication)
{ {
var winPrincipal = UpdateUser(httpContext); var winPrincipal = UpdateUser(httpContext);
var handler = new AuthenticationHandler(httpContext, _options, winPrincipal); var handler = new AuthenticationHandler(httpContext, _options, winPrincipal);
@ -80,11 +80,18 @@ namespace Microsoft.AspNet.IISPlatformHandler
private WindowsPrincipal UpdateUser(HttpContext httpContext) private WindowsPrincipal UpdateUser(HttpContext httpContext)
{ {
var xIISWindowsAuthToken = httpContext.Request.Headers[XIISWindowsAuthToken]; var tokenHeader = httpContext.Request.Headers[MSPlatformHandlerWinAuthToken];
if (StringValues.IsNullOrEmpty(tokenHeader))
{
// TODO: Legacy, remove before RTW
tokenHeader = httpContext.Request.Headers[XIISWindowsAuthToken];
}
int hexHandle; int hexHandle;
WindowsPrincipal winPrincipal = null; WindowsPrincipal winPrincipal = null;
if (!StringValues.IsNullOrEmpty(xIISWindowsAuthToken) if (!StringValues.IsNullOrEmpty(tokenHeader)
&& int.TryParse(xIISWindowsAuthToken, NumberStyles.HexNumber, CultureInfo.InvariantCulture, out hexHandle)) && int.TryParse(tokenHeader, NumberStyles.HexNumber, CultureInfo.InvariantCulture, out hexHandle))
{ {
// Always create the identity if the handle exists, we need to dispose it so it does not leak. // Always create the identity if the handle exists, we need to dispose it so it does not leak.
var handle = new IntPtr(hexHandle); var handle = new IntPtr(hexHandle);

View File

@ -20,12 +20,12 @@ namespace Microsoft.AspNet.Builder
/// If true authentication middleware will try to authenticate using platform handler windows authentication /// If true authentication middleware will try to authenticate using platform handler windows authentication
/// If false authentication middleware won't be added /// If false authentication middleware won't be added
/// </summary> /// </summary>
public bool FlowWindowsAuthentication { get; set; } = true; public bool ForwardWindowsAuthentication { get; set; } = true;
/// <summary> /// <summary>
/// Populates the ITLSConnectionFeature if the MS-PLATFORM-HANDLER-CLIENTCERT request header is present. /// Populates the ITLSConnectionFeature if the MS-PLATFORM-HANDLER-CLIENTCERT request header is present.
/// </summary> /// </summary>
public bool FlowClientCertificate { get; set; } = true; public bool ForwardClientCertificate { get; set; } = true;
/// <summary> /// <summary>
/// Additional information about the authentication type which is made available to the application. /// Additional information about the authentication type which is made available to the application.

View File

@ -49,7 +49,7 @@ namespace Microsoft.AspNet.IISPlatformHandler
{ {
app.UseIISPlatformHandler(new IISPlatformHandlerOptions app.UseIISPlatformHandler(new IISPlatformHandlerOptions
{ {
FlowWindowsAuthentication = false ForwardWindowsAuthentication = false
}); });
app.Run(context => app.Run(context =>
{ {