huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

AntiForgery: Add documentation and update variable names for readability

This commit is contained in:
Kirthi Krishnamraju 2015-04-24 12:25:38 -07:00
parent 68026add28
commit 3c9456e2a3
14 changed files with 138 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgery.cs
View File

@ -38,7 +38,7 @@ namespace Microsoft.AspNet.Mvc
var serializer = new AntiForgeryTokenSerializer(dataProtectionProvider.CreateProtector(_purpose));
var tokenStore = new AntiForgeryTokenStore(config, serializer);
var tokenProvider = new TokenProvider(config, claimUidExtractor, additionalDataProvider);
var tokenProvider = new AntiForgeryTokenProvider(config, claimUidExtractor, additionalDataProvider);
_worker = new AntiForgeryWorker(serializer, config, tokenStore, tokenProvider, tokenProvider, htmlEncoder);
}
@ -105,6 +105,12 @@ namespace Microsoft.AspNet.Mvc
_worker.Validate(context, cookieToken, formToken);
}
/// <summary>
/// Validates an anti-forgery token pair that was generated by the GetTokens method.
/// </summary>
/// <param name="context">The HTTP context associated with the current call.</param>
/// <param name="antiForgeryTokenSet">The anti-forgery token pair (cookie and form token) for this request.
/// </param>
public void Validate([NotNull] HttpContext context, AntiForgeryTokenSet antiForgeryTokenSet)
{
Validate(context, antiForgeryTokenSet.CookieToken, antiForgeryTokenSet.FormToken);

4
src/Microsoft.AspNet.Mvc.Core/AntiForgery/TokenProvider.cs → src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenProvider.cs
View File

@ -9,13 +9,13 @@ using Microsoft.AspNet.Mvc.Core;
namespace Microsoft.AspNet.Mvc
{
internal sealed class TokenProvider : ITokenValidator, ITokenGenerator
internal sealed class AntiForgeryTokenProvider : IAntiForgeryTokenValidator, IAntiForgeryTokenGenerator
{
private readonly IClaimUidExtractor _claimUidExtractor;
private readonly AntiForgeryOptions _config;
private readonly IAntiForgeryAdditionalDataProvider _additionalDataProvider;
internal TokenProvider(AntiForgeryOptions config,
internal AntiForgeryTokenProvider(AntiForgeryOptions config,
IClaimUidExtractor claimUidExtractor,
IAntiForgeryAdditionalDataProvider additionalDataProvider)
{

17
src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenSet.cs
View File

@ -6,8 +6,16 @@ using Microsoft.AspNet.Mvc.Core;
namespace Microsoft.AspNet.Mvc
{
/// <summary>
/// The anti-forgery token pair (cookie and form token) for a request.
/// </summary>
public class AntiForgeryTokenSet
{
/// <summary>
/// Creates the anti-forgery token pair (cookie and form token) for a request.
/// </summary>
/// <param name="formToken">The token that is supplied in the request form body.</param>
/// <param name="cookieToken">The token that is supplied in the request cookie.</param>
public AntiForgeryTokenSet(string formToken, string cookieToken)
{
if (string.IsNullOrEmpty(formToken))
@ -22,11 +30,14 @@ namespace Microsoft.AspNet.Mvc
CookieToken = cookieToken;
}
/// <summary>
/// The token that is supplied in the request form body.
/// </summary>
public string FormToken { get; private set; }
// The cookie token is allowed to be null.
// This would be the case when the old cookie token is still valid.
// In such cases a call to GetTokens would return a token set with null cookie token.
/// The cookie token is allowed to be null.
/// This would be the case when the old cookie token is still valid.
/// In such cases a call to GetTokens would return a token set with null cookie token.
public string CookieToken { get; private set; }
}
}

2
src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryTokenStore.cs
View File

@ -10,7 +10,7 @@ using Microsoft.Framework.Internal;
namespace Microsoft.AspNet.Mvc
{
// Saves anti-XSRF tokens split between HttpRequest.Cookies and HttpRequest.Form
internal sealed class AntiForgeryTokenStore : ITokenStore
internal sealed class AntiForgeryTokenStore : IAntiForgeryTokenStore
{
private readonly AntiForgeryOptions _config;
private readonly IAntiForgeryTokenSerializer _serializer;

60
src/Microsoft.AspNet.Mvc.Core/AntiForgery/AntiForgeryWorker.cs
View File

@ -17,16 +17,16 @@ namespace Microsoft.AspNet.Mvc
{
private readonly AntiForgeryOptions _config;
private readonly IAntiForgeryTokenSerializer _serializer;
private readonly ITokenStore _tokenStore;
private readonly ITokenValidator _validator;
private readonly ITokenGenerator _generator;
private readonly IAntiForgeryTokenStore _tokenStore;
private readonly IAntiForgeryTokenValidator _validator;
private readonly IAntiForgeryTokenGenerator _generator;
private readonly IHtmlEncoder _htmlEncoder;
internal AntiForgeryWorker([NotNull] IAntiForgeryTokenSerializer serializer,
[NotNull] AntiForgeryOptions config,
[NotNull] ITokenStore tokenStore,
[NotNull] ITokenGenerator generator,
[NotNull] ITokenValidator validator,
[NotNull] IAntiForgeryTokenStore tokenStore,
[NotNull] IAntiForgeryTokenGenerator generator,
[NotNull] IAntiForgeryTokenValidator validator,
[NotNull] IHtmlEncoder htmlEncoder)
{
_serializer = serializer;
@ -52,7 +52,7 @@ namespace Microsoft.AspNet.Mvc
: null;
}
private AntiForgeryToken DeserializeTokenNoThrow(string serializedToken)
private AntiForgeryToken DeserializeTokenDoesNotThrow(string serializedToken)
{
try
{
@ -81,7 +81,7 @@ namespace Microsoft.AspNet.Mvc
return null;
}
private AntiForgeryToken GetCookieTokenNoThrow(HttpContext httpContext)
private AntiForgeryToken GetCookieTokenDoesNotThrow(HttpContext httpContext)
{
try
{
@ -103,12 +103,12 @@ namespace Microsoft.AspNet.Mvc
{
CheckSSLConfig(httpContext);
var oldCookieToken = GetCookieTokenNoThrow(httpContext);
var tokenSet = GetTokens(httpContext, oldCookieToken);
var newCookieToken = tokenSet.CookieToken;
var cookieToken = GetCookieTokenDoesNotThrow(httpContext);
var tokenSet = GetTokens(httpContext, cookieToken);
cookieToken = tokenSet.CookieToken;
var formToken = tokenSet.FormToken;
SaveCookieTokenAndHeader(httpContext, newCookieToken);
SaveCookieTokenAndHeader(httpContext, cookieToken);
// <input type="hidden" name="__AntiForgeryToken" value="..." />
var inputTag = new TagBuilder("input", _htmlEncoder)
@ -129,28 +129,28 @@ namespace Microsoft.AspNet.Mvc
// 'new cookie value' out param is non-null, the caller *must* persist
// the new value to cookie storage since the original value was null or
// invalid. This method is side-effect free.
public AntiForgeryTokenSet GetTokens([NotNull] HttpContext httpContext, string serializedOldCookieToken)
public AntiForgeryTokenSet GetTokens([NotNull] HttpContext httpContext, string cookieToken)
{
CheckSSLConfig(httpContext);
var oldCookieToken = DeserializeTokenNoThrow(serializedOldCookieToken);
var tokenSet = GetTokens(httpContext, oldCookieToken);
var deSerializedcookieToken = DeserializeTokenDoesNotThrow(cookieToken);
var tokenSet = GetTokens(httpContext, deSerializedcookieToken);
var serializedNewCookieToken = Serialize(tokenSet.CookieToken);
var serializedCookieToken = Serialize(tokenSet.CookieToken);
var serializedFormToken = Serialize(tokenSet.FormToken);
return new AntiForgeryTokenSet(serializedFormToken, serializedNewCookieToken);
return new AntiForgeryTokenSet(serializedFormToken, serializedCookieToken);
}
private AntiForgeryTokenSetInternal GetTokens(HttpContext httpContext, AntiForgeryToken oldCookieToken)
private AntiForgeryTokenSetInternal GetTokens(HttpContext httpContext, AntiForgeryToken cookieToken)
{
var newCookieToken = ValidateAndGenerateNewToken(oldCookieToken);
var newCookieToken = ValidateAndGenerateNewCookieToken(cookieToken);
if (newCookieToken != null)
{
oldCookieToken = newCookieToken;
cookieToken = newCookieToken;
}
var formToken = _generator.GenerateFormToken(
httpContext,
ExtractIdentity(httpContext),
oldCookieToken);
cookieToken);
return new AntiForgeryTokenSetInternal()
{
@ -208,16 +208,16 @@ namespace Microsoft.AspNet.Mvc
{
CheckSSLConfig(httpContext);
var oldCookieToken = GetCookieTokenNoThrow(httpContext);
var newCookieToken = ValidateAndGenerateNewToken(oldCookieToken);
SaveCookieTokenAndHeader(httpContext, newCookieToken);
var cookieToken = GetCookieTokenDoesNotThrow(httpContext);
cookieToken = ValidateAndGenerateNewCookieToken(cookieToken);
SaveCookieTokenAndHeader(httpContext, cookieToken);
}
// This method returns null if oldCookieToken is valid.
private AntiForgeryToken ValidateAndGenerateNewToken(AntiForgeryToken oldCookieToken)
private AntiForgeryToken ValidateAndGenerateNewCookieToken(AntiForgeryToken cookieToken)
{
if (!_validator.IsCookieTokenValid(oldCookieToken))
if (!_validator.IsCookieTokenValid(cookieToken))
{
// Need to make sure we're always operating with a good cookie token.
var newCookieToken = _generator.GenerateCookieToken();
@ -230,12 +230,12 @@ namespace Microsoft.AspNet.Mvc
private void SaveCookieTokenAndHeader(
[NotNull] HttpContext httpContext,
AntiForgeryToken newCookieToken)
AntiForgeryToken cookieToken)
{
if (newCookieToken != null)
if (cookieToken != null)
{
// Persist the new cookie if it is not null.
_tokenStore.SaveCookieToken(httpContext, newCookieToken);
_tokenStore.SaveCookieToken(httpContext, cookieToken);
}
if (!_config.SuppressXFrameOptionsHeader)

5
src/Microsoft.AspNet.Mvc.Core/AntiForgery/DefaultAntiForgeryAdditionalDataProvider.cs
View File

@ -5,13 +5,18 @@ using Microsoft.AspNet.Http;
namespace Microsoft.AspNet.Mvc
{
/// <summary>
/// A default <see cref="IAntiForgeryAdditionalDataProvider"/> implementation.
/// </summary>
public class DefaultAntiForgeryAdditionalDataProvider : IAntiForgeryAdditionalDataProvider
{
/// <inheritdoc />
public virtual string GetAdditionalData(HttpContext context)
{
return string.Empty;
}
/// <inheritdoc />
public virtual bool ValidateAdditionalData(HttpContext context, string additionalData)
{
// Default implementation does not understand anything but empty data.

5
src/Microsoft.AspNet.Mvc.Core/AntiForgery/DefaultClaimUidExtractor.cs
View File

@ -10,9 +10,12 @@ using System.Security.Cryptography;
namespace Microsoft.AspNet.Mvc
{
// Can extract unique identifers for a claims-based identity
/// <summary>
/// Default implementation of <see cref="IClaimUidExtractor"/>.
/// </summary>
public class DefaultClaimUidExtractor : IClaimUidExtractor
{
/// <inheritdoc />
public string ExtractClaimUid(ClaimsIdentity claimsIdentity)
{
if (claimsIdentity == null || !claimsIdentity.IsAuthenticated)

2
src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenGenerator.cs → src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenGenerator.cs
View File

@ -7,7 +7,7 @@ using Microsoft.AspNet.Http;
namespace Microsoft.AspNet.Mvc
{
// Provides configuration information about the anti-forgery system.
internal interface ITokenGenerator
internal interface IAntiForgeryTokenGenerator
{
// Generates a new random cookie token.
AntiForgeryToken GenerateCookieToken();

2
src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenStore.cs → src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenStore.cs
View File

@ -7,7 +7,7 @@ using Microsoft.AspNet.Http;
namespace Microsoft.AspNet.Mvc
{
// Provides an abstraction around how tokens are persisted and retrieved for a request
internal interface ITokenStore
internal interface IAntiForgeryTokenStore
{
AntiForgeryToken GetCookieToken(HttpContext httpContext);
Task<AntiForgeryToken> GetFormTokenAsync(HttpContext httpContext);

2
src/Microsoft.AspNet.Mvc.Core/AntiForgery/ITokenValidator.cs → src/Microsoft.AspNet.Mvc.Core/AntiForgery/IAntiForgeryTokenValidator.cs
View File

@ -7,7 +7,7 @@ using Microsoft.AspNet.Http;
namespace Microsoft.AspNet.Mvc
{
// Provides an abstraction around something that can validate anti-XSRF tokens
internal interface ITokenValidator
internal interface IAntiForgeryTokenValidator
{
// Determines whether an existing cookie token is valid (well-formed).
// If it is not, the caller must call GenerateCookieToken() before calling GenerateFormToken().

9
src/Microsoft.AspNet.Mvc.Core/AntiForgery/IClaimUidExtractor.cs
View File

@ -5,9 +5,16 @@ using System.Security.Claims;
namespace Microsoft.AspNet.Mvc
{
// Can extract unique identifers for a claims-based identity
/// <summary>
/// This interface can extract unique identifers for a claims-based identity.
/// </summary>
public interface IClaimUidExtractor
{
/// <summary>
/// Extracts claims identifier.
/// </summary>
/// <param name="identity">The <see cref="ClaimsIdentity"/>.</param>
/// <returns>The claims identifier.</returns>
string ExtractClaimUid(ClaimsIdentity identity);
}
}

58
test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/AntiForgeryWorkerTest.cs
View File

@ -130,7 +130,8 @@ namespace Microsoft.AspNet.Mvc.Core.Test
htmlEncoder: new CommonTestEncoder());
// Act & assert
var ex = Assert.Throws<InvalidOperationException>(() => worker.GetTokens(mockHttpContext.Object, "cookie-token"));
var ex = Assert.Throws<InvalidOperationException>(() =>
worker.GetTokens(mockHttpContext.Object, "cookie-token"));
Assert.Equal(
@"The anti-forgery system has the configuration value AntiForgeryOptions.RequireSsl = true, " +
"but the current request is not an SSL request.",
@ -241,7 +242,10 @@ namespace Microsoft.AspNet.Mvc.Core.Test
{
// Arrange
// Genreate a new cookie.
var context = GetAntiForgeryWorkerContext(new AntiForgeryOptions(), useOldCookie: false, isOldCookieValid: false);
var context = GetAntiForgeryWorkerContext(
new AntiForgeryOptions(),
useOldCookie: false,
isOldCookieValid: false);
var worker = GetAntiForgeryWorker(context);
// Act
@ -257,7 +261,10 @@ namespace Microsoft.AspNet.Mvc.Core.Test
{
// Arrange
// Make sure the existing cookie is invalid.
var context = GetAntiForgeryWorkerContext(new AntiForgeryOptions(), useOldCookie: false, isOldCookieValid: false);
var context = GetAntiForgeryWorkerContext(
new AntiForgeryOptions(),
useOldCookie: false,
isOldCookieValid: false);
// This will cause the cookieToken to be null.
context.TokenSerializer.Setup(o => o.Deserialize("serialized-old-cookie-token"))
@ -280,7 +287,10 @@ namespace Microsoft.AspNet.Mvc.Core.Test
public void GetTokens_ExistingValidCookieToken_GeneratesANewFormToken()
{
// Arrange
var context = GetAntiForgeryWorkerContext(new AntiForgeryOptions(), useOldCookie: true, isOldCookieValid: true);
var context = GetAntiForgeryWorkerContext(
new AntiForgeryOptions(),
useOldCookie: true,
isOldCookieValid: true);
context.TokenStore = null;
var worker = GetAntiForgeryWorker(context);
@ -390,7 +400,9 @@ namespace Microsoft.AspNet.Mvc.Core.Test
[Theory]
[InlineData(false, "SAMEORIGIN")]
[InlineData(true, null)]
public void SetCookieTokenAndHeader_AddsXFrameOptionsHeader(bool suppressXFrameOptions, string expectedHeaderValue)
public void SetCookieTokenAndHeader_AddsXFrameOptionsHeader(
bool suppressXFrameOptions,
string expectedHeaderValue)
{
// Arrange
var options = new AntiForgeryOptions()
@ -440,13 +452,21 @@ namespace Microsoft.AspNet.Mvc.Core.Test
return mockHttpContext;
}
private Mock<ITokenProvider> GetTokenProvider(HttpContext context, TestTokenSet testTokenSet, bool useOldCookie, bool isOldCookieValid = true, bool isNewCookieValid = true)
private Mock<IAntiForgeryTokenProvider> GetTokenProvider(
HttpContext context,
TestTokenSet testTokenSet,
bool useOldCookie,
bool isOldCookieValid = true,
bool isNewCookieValid = true)
{
var oldCookieToken = testTokenSet.OldCookieToken;
var newCookieToken = testTokenSet.NewCookieToken;
var formToken = testTokenSet.FormToken;
var mockValidator = new Mock<ITokenProvider>(MockBehavior.Strict);
mockValidator.Setup(o => o.GenerateFormToken(context, context.User.Identity as ClaimsIdentity, useOldCookie ? oldCookieToken : newCookieToken))
var mockValidator = new Mock<IAntiForgeryTokenProvider>(MockBehavior.Strict);
mockValidator.Setup(o => o.GenerateFormToken(
context,
context.User.Identity as ClaimsIdentity,
useOldCookie ? oldCookieToken : newCookieToken))
.Returns(formToken);
mockValidator.Setup(o => o.IsCookieTokenValid(oldCookieToken))
.Returns(isOldCookieValid);
@ -459,11 +479,14 @@ namespace Microsoft.AspNet.Mvc.Core.Test
return mockValidator;
}
private Mock<ITokenStore> GetTokenStore(HttpContext context, TestTokenSet testTokenSet, bool saveNewCookie = true)
private Mock<IAntiForgeryTokenStore> GetTokenStore(
HttpContext context,
TestTokenSet testTokenSet,
bool saveNewCookie = true)
{
var oldCookieToken = testTokenSet.OldCookieToken;
var formToken = testTokenSet.FormToken;
var mockTokenStore = new Mock<ITokenStore>(MockBehavior.Strict);
var mockTokenStore = new Mock<IAntiForgeryTokenStore>(MockBehavior.Strict);
mockTokenStore.Setup(o => o.GetCookieToken(context))
.Returns(oldCookieToken);
mockTokenStore.Setup(o => o.GetFormTokenAsync(context))
@ -504,7 +527,10 @@ namespace Microsoft.AspNet.Mvc.Core.Test
};
}
private AntiForgeryWorkerContext GetAntiForgeryWorkerContext(AntiForgeryOptions config, bool useOldCookie = false, bool isOldCookieValid = true)
private AntiForgeryWorkerContext GetAntiForgeryWorkerContext(
AntiForgeryOptions config,
bool useOldCookie = false,
bool isOldCookieValid = true)
{
// Arrange
var mockHttpContext = GetHttpContext();
@ -513,7 +539,11 @@ namespace Microsoft.AspNet.Mvc.Core.Test
var mockSerializer = GetTokenSerializer(testTokenSet);
var mockTokenStore = GetTokenStore(mockHttpContext.Object, testTokenSet);
var mockTokenProvider = GetTokenProvider(mockHttpContext.Object, testTokenSet, useOldCookie: useOldCookie, isOldCookieValid: isOldCookieValid);
var mockTokenProvider = GetTokenProvider(
mockHttpContext.Object,
testTokenSet,
useOldCookie: useOldCookie,
isOldCookieValid: isOldCookieValid);
return new AntiForgeryWorkerContext()
{
@ -544,9 +574,9 @@ namespace Microsoft.AspNet.Mvc.Core.Test
public Mock<HttpContext> HttpContext { get; set; }
public Mock<ITokenProvider> TokenProvider { get; set; }
public Mock<IAntiForgeryTokenProvider> TokenProvider { get; set; }
public Mock<ITokenStore> TokenStore { get; set; }
public Mock<IAntiForgeryTokenStore> TokenStore { get; set; }
public Mock<IAntiForgeryTokenSerializer> TokenSerializer { get; set; }
}

2
test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/ITokenProvider.cs → test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/IAntiForgeryTokenProvider.cs
View File

@ -4,7 +4,7 @@
namespace Microsoft.AspNet.Mvc.Core.Test
{
// A TokenProvider that can be passed to MoQ
internal interface ITokenProvider : ITokenValidator, ITokenGenerator
internal interface IAntiForgeryTokenProvider : IAntiForgeryTokenValidator, IAntiForgeryTokenGenerator
{
}
}

38
test/Microsoft.AspNet.Mvc.Core.Test/AntiXsrf/TokenProviderTest.cs
View File

@ -16,7 +16,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
public void GenerateCookieToken()
{
// Arrange
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: null,
claimUidExtractor: null,
additionalDataProvider: null);
@ -40,7 +40,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
var config = new AntiForgeryOptions();
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: null,
additionalDataProvider: null);
@ -71,7 +71,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
var config = new AntiForgeryOptions();
IClaimUidExtractor claimUidExtractor = new Mock<IClaimUidExtractor>().Object;
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: claimUidExtractor,
additionalDataProvider: null);
@ -106,7 +106,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
var config = new AntiForgeryOptions();
IClaimUidExtractor claimUidExtractor = new Mock<IClaimUidExtractor>().Object;
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: claimUidExtractor,
additionalDataProvider: mockAdditionalDataProvider.Object);
@ -145,7 +145,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
mockClaimUidExtractor.Setup(o => o.ExtractClaimUid(identity))
.Returns(base64ClaimUId);
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: mockClaimUidExtractor.Object,
additionalDataProvider: null);
@ -178,7 +178,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
var config = new AntiForgeryOptions();
IClaimUidExtractor claimUidExtractor = new Mock<IClaimUidExtractor>().Object;
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: claimUidExtractor,
additionalDataProvider: null);
@ -204,7 +204,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
IsSessionToken = false
};
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: null,
claimUidExtractor: null,
additionalDataProvider: null);
@ -221,7 +221,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
{
// Arrange
AntiForgeryToken cookieToken = null;
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: null,
claimUidExtractor: null,
additionalDataProvider: null);
@ -242,7 +242,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
IsSessionToken = true
};
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: null,
claimUidExtractor: null,
additionalDataProvider: null);
@ -267,7 +267,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
{
CookieName = "my-cookie-name"
};
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: null,
additionalDataProvider: null);
@ -293,7 +293,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
FormFieldName = "my-form-field-name"
};
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: null,
additionalDataProvider: null);
@ -320,7 +320,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
FormFieldName = "my-form-field-name"
};
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: null,
additionalDataProvider: null);
@ -352,7 +352,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
var sessionToken = new AntiForgeryToken() { IsSessionToken = true };
var fieldtoken = new AntiForgeryToken() { IsSessionToken = false };
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: null,
claimUidExtractor: null,
additionalDataProvider: null);
@ -385,7 +385,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
mockClaimUidExtractor.Setup(o => o.ExtractClaimUid(identity))
.Returns((string)null);
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: null,
claimUidExtractor: mockClaimUidExtractor.Object,
additionalDataProvider: null);
@ -418,7 +418,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
mockClaimUidExtractor.Setup(o => o.ExtractClaimUid(identity))
.Returns(Convert.ToBase64String(differentToken.GetData()));
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: null,
claimUidExtractor: mockClaimUidExtractor.Object,
additionalDataProvider: null);
@ -452,7 +452,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
.Returns(false);
var config = new AntiForgeryOptions();
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: null,
additionalDataProvider: mockAdditionalDataProvider.Object);
@ -484,7 +484,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
.Returns(true);
var config = new AntiForgeryOptions();
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: null,
additionalDataProvider: mockAdditionalDataProvider.Object);
@ -516,7 +516,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
.Returns(true);
var config = new AntiForgeryOptions();
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: new Mock<IClaimUidExtractor>().Object,
additionalDataProvider: mockAdditionalDataProvider.Object);
@ -548,7 +548,7 @@ namespace Microsoft.AspNet.Mvc.Core.Test
var config = new AntiForgeryOptions();
var tokenProvider = new TokenProvider(
var tokenProvider = new AntiForgeryTokenProvider(
config: config,
claimUidExtractor: mockClaimUidExtractor.Object,
additionalDataProvider: null);