Clean up auth types, copywrite headers, file names, exceptions.

This commit is contained in:
Chris Ross 2015-01-14 15:13:24 -08:00
parent 91242245f3
commit 38fb911afc
12 changed files with 38 additions and 46 deletions

View File

@ -1,9 +1,10 @@
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.Framework.DependencyInjection;
using Microsoft.AspNet.Security.OpenIdConnect;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security; using Microsoft.AspNet.Security;
using Microsoft.AspNet.Security.Cookies;
using Microsoft.AspNet.Security.OpenIdConnect;
using Microsoft.Framework.DependencyInjection;
namespace OpenIdConnectSample namespace OpenIdConnectSample
{ {
@ -16,14 +17,13 @@ namespace OpenIdConnectSample
services.AddDataProtection(); services.AddDataProtection();
services.Configure<ExternalAuthenticationOptions>(options => services.Configure<ExternalAuthenticationOptions>(options =>
{ {
options.SignInAsAuthenticationType = OpenIdConnectAuthenticationDefaults.AuthenticationType; options.SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType;
}); });
}); });
app.UseCookieAuthentication(options => app.UseCookieAuthentication(options =>
{ {
options.AuthenticationType = OpenIdConnectAuthenticationDefaults.AuthenticationType;
}); });
app.UseOpenIdConnectAuthentication(options => app.UseOpenIdConnectAuthentication(options =>
@ -31,8 +31,6 @@ namespace OpenIdConnectSample
options.ClientId = "fe78e0b4-6fe7-47e6-812c-fb75cee266a4"; options.ClientId = "fe78e0b4-6fe7-47e6-812c-fb75cee266a4";
options.Authority = "https://login.windows.net/cyrano.onmicrosoft.com"; options.Authority = "https://login.windows.net/cyrano.onmicrosoft.com";
options.RedirectUri = "http://localhost:42023"; options.RedirectUri = "http://localhost:42023";
options.SignInAsAuthenticationType = OpenIdConnectAuthenticationDefaults.AuthenticationType;
options.AuthenticationType = OpenIdConnectAuthenticationDefaults.AuthenticationType;
}); });
app.Run(async context => app.Run(async context =>

View File

@ -5,7 +5,6 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.IdentityModel.Tokens; using System.IdentityModel.Tokens;
using System.Linq; using System.Linq;
using System.Runtime.ExceptionServices;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
@ -38,7 +37,6 @@ namespace Microsoft.AspNet.Security.OAuthBearer
/// <returns></returns> /// <returns></returns>
protected override async Task<AuthenticationTicket> AuthenticateCoreAsync() protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
{ {
ExceptionDispatchInfo authFailedEx = null;
string token = null; string token = null;
try try
{ {
@ -144,16 +142,10 @@ namespace Microsoft.AspNet.Security.OAuthBearer
} }
catch (Exception ex) catch (Exception ex)
{ {
// We can't await inside a catch block, capture and handle outside. _logger.WriteError("Exception occurred while processing message", ex);
authFailedEx = ExceptionDispatchInfo.Capture(ex);
}
if (authFailedEx != null)
{
_logger.WriteError("Exception occurred while processing message", authFailedEx.SourceException);
// Refresh the configuration for exceptions that may be caused by key rollovers. The user can also request a refresh in the notification. // Refresh the configuration for exceptions that may be caused by key rollovers. The user can also request a refresh in the notification.
if (Options.RefreshOnIssuerKeyNotFound && authFailedEx.SourceException.GetType().Equals(typeof(SecurityTokenSignatureKeyNotFoundException))) if (Options.RefreshOnIssuerKeyNotFound && ex.GetType().Equals(typeof(SecurityTokenSignatureKeyNotFoundException)))
{ {
Options.ConfigurationManager.RequestRefresh(); Options.ConfigurationManager.RequestRefresh();
} }
@ -162,7 +154,7 @@ namespace Microsoft.AspNet.Security.OAuthBearer
new AuthenticationFailedNotification<HttpContext, OAuthBearerAuthenticationOptions>(Context, Options) new AuthenticationFailedNotification<HttpContext, OAuthBearerAuthenticationOptions>(Context, Options)
{ {
ProtocolMessage = Context, ProtocolMessage = Context,
Exception = authFailedEx.SourceException Exception = ex
}; };
await Options.Notifications.AuthenticationFailed(authenticationFailedNotification); await Options.Notifications.AuthenticationFailed(authenticationFailedNotification);
@ -176,10 +168,8 @@ namespace Microsoft.AspNet.Security.OAuthBearer
return null; return null;
} }
authFailedEx.Throw(); throw;
} }
return null;
} }
protected override void ApplyResponseChallenge() protected override void ApplyResponseChallenge()
@ -189,6 +179,11 @@ namespace Microsoft.AspNet.Security.OAuthBearer
protected override async Task ApplyResponseChallengeAsync() protected override async Task ApplyResponseChallengeAsync()
{ {
if ((Response.StatusCode != 401) || (ChallengeContext == null))
{
return;
}
await Options.Notifications.ApplyChallenge(new AuthenticationChallengeNotification<OAuthBearerAuthenticationOptions>(Context, Options)); await Options.Notifications.ApplyChallenge(new AuthenticationChallengeNotification<OAuthBearerAuthenticationOptions>(Context, Options));
} }

View File

@ -1,4 +1,5 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. See License.txt in the project root for license information. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.OpenIdConnect namespace Microsoft.AspNet.Security.OpenIdConnect
{ {

View File

@ -1,4 +1,5 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. See License.txt in the project root for license information. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.OpenIdConnect; using Microsoft.AspNet.Security.OpenIdConnect;

View File

@ -1,5 +1,5 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. See License.txt in the project root for license information. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.OpenIdConnect namespace Microsoft.AspNet.Security.OpenIdConnect
{ {

View File

@ -1,4 +1,5 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. See License.txt in the project root for license information. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using Microsoft.AspNet.Security.OpenIdConnect; using Microsoft.AspNet.Security.OpenIdConnect;

View File

@ -1,4 +1,5 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. See License.txt in the project root for license information. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using System.Collections.ObjectModel; using System.Collections.ObjectModel;

View File

@ -1,4 +1,5 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. See License.txt in the project root for license information. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;

View File

@ -1,4 +1,5 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. See License.txt in the project root for license information. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;

View File

@ -1,11 +1,11 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. See License.txt in the project root for license information. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using System.Globalization; using System.Globalization;
using System.IdentityModel.Tokens; using System.IdentityModel.Tokens;
using System.IO; using System.IO;
using System.Linq; using System.Linq;
using System.Runtime.ExceptionServices;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
@ -224,7 +224,6 @@ namespace Microsoft.AspNet.Security.OpenIdConnect
return null; return null;
} }
ExceptionDispatchInfo authFailedEx = null;
try try
{ {
var messageReceivedNotification = new MessageReceivedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions>(Context, Options) var messageReceivedNotification = new MessageReceivedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions>(Context, Options)
@ -410,16 +409,10 @@ namespace Microsoft.AspNet.Security.OpenIdConnect
} }
catch (Exception exception) catch (Exception exception)
{ {
// We can't await inside a catch block, capture and handle outside. _logger.WriteError("Exception occurred while processing message", exception);
authFailedEx = ExceptionDispatchInfo.Capture(exception);
}
if (authFailedEx != null)
{
_logger.WriteError("Exception occurred while processing message", authFailedEx.SourceException);
// Refresh the configuration for exceptions that may be caused by key rollovers. The user can also request a refresh in the notification. // Refresh the configuration for exceptions that may be caused by key rollovers. The user can also request a refresh in the notification.
if (Options.RefreshOnIssuerKeyNotFound && authFailedEx.SourceException.GetType().Equals(typeof(SecurityTokenSignatureKeyNotFoundException))) if (Options.RefreshOnIssuerKeyNotFound && exception.GetType().Equals(typeof(SecurityTokenSignatureKeyNotFoundException)))
{ {
Options.ConfigurationManager.RequestRefresh(); Options.ConfigurationManager.RequestRefresh();
} }
@ -427,7 +420,7 @@ namespace Microsoft.AspNet.Security.OpenIdConnect
var authenticationFailedNotification = new AuthenticationFailedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions>(Context, Options) var authenticationFailedNotification = new AuthenticationFailedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions>(Context, Options)
{ {
ProtocolMessage = openIdConnectMessage, ProtocolMessage = openIdConnectMessage,
Exception = authFailedEx.SourceException Exception = exception
}; };
await Options.Notifications.AuthenticationFailed(authenticationFailedNotification); await Options.Notifications.AuthenticationFailed(authenticationFailedNotification);
@ -441,10 +434,8 @@ namespace Microsoft.AspNet.Security.OpenIdConnect
return null; return null;
} }
authFailedEx.Throw(); throw;
} }
return null;
} }
/// <summary> /// <summary>

View File

@ -1,4 +1,5 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. See License.txt in the project root for license information. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;

View File

@ -1,4 +1,5 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. See License.txt in the project root for license information. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;