MVC => Auth 2.0

This commit is contained in:
Hao Kung 2017-04-19 11:57:04 -07:00
parent d65e77e4f7
commit 3e8cd1e7c9
20 changed files with 127 additions and 176 deletions

View File

@ -7,6 +7,7 @@ using System.Diagnostics;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.Core; using Microsoft.AspNetCore.Mvc.Core;
using Microsoft.AspNetCore.Mvc.Filters; using Microsoft.AspNetCore.Mvc.Filters;
@ -131,10 +132,10 @@ namespace Microsoft.AspNetCore.Mvc.Authorization
for (var i = 0; i < effectivePolicy.AuthenticationSchemes.Count; i++) for (var i = 0; i < effectivePolicy.AuthenticationSchemes.Count; i++)
{ {
var scheme = effectivePolicy.AuthenticationSchemes[i]; var scheme = effectivePolicy.AuthenticationSchemes[i];
var result = await context.HttpContext.Authentication.AuthenticateAsync(scheme); var result = await context.HttpContext.AuthenticateAsync(scheme);
if (result != null) if (result.Succeeded)
{ {
newPrincipal = SecurityHelper.MergeUserPrincipal(newPrincipal, result); newPrincipal = SecurityHelper.MergeUserPrincipal(newPrincipal, result.Principal);
} }
} }
// If all schemes failed authentication, provide a default identity anyways // If all schemes failed authentication, provide a default identity anyways

View File

@ -4,7 +4,7 @@
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Http.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc.Internal; using Microsoft.AspNetCore.Mvc.Internal;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
@ -103,17 +103,16 @@ namespace Microsoft.AspNetCore.Mvc
logger.ChallengeResultExecuting(AuthenticationSchemes); logger.ChallengeResultExecuting(AuthenticationSchemes);
var authentication = context.HttpContext.Authentication;
if (AuthenticationSchemes != null && AuthenticationSchemes.Count > 0) if (AuthenticationSchemes != null && AuthenticationSchemes.Count > 0)
{ {
foreach (var scheme in AuthenticationSchemes) foreach (var scheme in AuthenticationSchemes)
{ {
await authentication.ChallengeAsync(scheme, Properties); await context.HttpContext.ChallengeAsync(scheme, Properties);
} }
} }
else else
{ {
await authentication.ChallengeAsync(Properties); await context.HttpContext.ChallengeAsync(Properties);
} }
} }
} }

View File

@ -8,8 +8,8 @@ using System.Linq.Expressions;
using System.Security.Claims; using System.Security.Claims;
using System.Text; using System.Text;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Authentication;
using Microsoft.AspNetCore.Mvc.Core; using Microsoft.AspNetCore.Mvc.Core;
using Microsoft.AspNetCore.Mvc.ModelBinding; using Microsoft.AspNetCore.Mvc.ModelBinding;
using Microsoft.AspNetCore.Mvc.ModelBinding.Internal; using Microsoft.AspNetCore.Mvc.ModelBinding.Internal;
@ -1459,7 +1459,7 @@ namespace Microsoft.AspNetCore.Mvc
/// </summary> /// </summary>
/// <returns>The created <see cref="ChallengeResult"/> for the response.</returns> /// <returns>The created <see cref="ChallengeResult"/> for the response.</returns>
/// <remarks> /// <remarks>
/// The behavior of this method depends on the <see cref="AuthenticationManager"/> in use. /// The behavior of this method depends on the <see cref="IAuthenticationService"/> in use.
/// <see cref="StatusCodes.Status401Unauthorized"/> and <see cref="StatusCodes.Status403Forbidden"/> /// <see cref="StatusCodes.Status401Unauthorized"/> and <see cref="StatusCodes.Status403Forbidden"/>
/// are among likely status results. /// are among likely status results.
/// </remarks> /// </remarks>
@ -1473,7 +1473,7 @@ namespace Microsoft.AspNetCore.Mvc
/// <param name="authenticationSchemes">The authentication schemes to challenge.</param> /// <param name="authenticationSchemes">The authentication schemes to challenge.</param>
/// <returns>The created <see cref="ChallengeResult"/> for the response.</returns> /// <returns>The created <see cref="ChallengeResult"/> for the response.</returns>
/// <remarks> /// <remarks>
/// The behavior of this method depends on the <see cref="AuthenticationManager"/> in use. /// The behavior of this method depends on the <see cref="IAuthenticationService"/> in use.
/// <see cref="StatusCodes.Status401Unauthorized"/> and <see cref="StatusCodes.Status403Forbidden"/> /// <see cref="StatusCodes.Status401Unauthorized"/> and <see cref="StatusCodes.Status403Forbidden"/>
/// are among likely status results. /// are among likely status results.
/// </remarks> /// </remarks>
@ -1488,7 +1488,7 @@ namespace Microsoft.AspNetCore.Mvc
/// challenge.</param> /// challenge.</param>
/// <returns>The created <see cref="ChallengeResult"/> for the response.</returns> /// <returns>The created <see cref="ChallengeResult"/> for the response.</returns>
/// <remarks> /// <remarks>
/// The behavior of this method depends on the <see cref="AuthenticationManager"/> in use. /// The behavior of this method depends on the <see cref="IAuthenticationService"/> in use.
/// <see cref="StatusCodes.Status401Unauthorized"/> and <see cref="StatusCodes.Status403Forbidden"/> /// <see cref="StatusCodes.Status401Unauthorized"/> and <see cref="StatusCodes.Status403Forbidden"/>
/// are among likely status results. /// are among likely status results.
/// </remarks> /// </remarks>
@ -1505,7 +1505,7 @@ namespace Microsoft.AspNetCore.Mvc
/// <param name="authenticationSchemes">The authentication schemes to challenge.</param> /// <param name="authenticationSchemes">The authentication schemes to challenge.</param>
/// <returns>The created <see cref="ChallengeResult"/> for the response.</returns> /// <returns>The created <see cref="ChallengeResult"/> for the response.</returns>
/// <remarks> /// <remarks>
/// The behavior of this method depends on the <see cref="AuthenticationManager"/> in use. /// The behavior of this method depends on the <see cref="IAuthenticationService"/> in use.
/// <see cref="StatusCodes.Status401Unauthorized"/> and <see cref="StatusCodes.Status403Forbidden"/> /// <see cref="StatusCodes.Status401Unauthorized"/> and <see cref="StatusCodes.Status403Forbidden"/>
/// are among likely status results. /// are among likely status results.
/// </remarks> /// </remarks>

View File

@ -90,6 +90,7 @@ namespace Microsoft.Extensions.DependencyInjection
// Internal for testing. // Internal for testing.
internal static void AddAuthorizationServices(IServiceCollection services) internal static void AddAuthorizationServices(IServiceCollection services)
{ {
services.AddAuthenticationCore();
services.AddAuthorization(); services.AddAuthorization();
services.TryAddEnumerable( services.TryAddEnumerable(

View File

@ -4,7 +4,7 @@
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Http.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc.Internal; using Microsoft.AspNetCore.Mvc.Internal;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
@ -103,18 +103,16 @@ namespace Microsoft.AspNetCore.Mvc
logger.ForbidResultExecuting(AuthenticationSchemes); logger.ForbidResultExecuting(AuthenticationSchemes);
var authentication = context.HttpContext.Authentication;
if (AuthenticationSchemes != null && AuthenticationSchemes.Count > 0) if (AuthenticationSchemes != null && AuthenticationSchemes.Count > 0)
{ {
for (var i = 0; i < AuthenticationSchemes.Count; i++) for (var i = 0; i < AuthenticationSchemes.Count; i++)
{ {
await authentication.ForbidAsync(AuthenticationSchemes[i], Properties); await context.HttpContext.ForbidAsync(AuthenticationSchemes[i], Properties);
} }
} }
else else
{ {
await authentication.ForbidAsync(Properties); await context.HttpContext.ForbidAsync(Properties);
} }
} }
} }

View File

@ -21,6 +21,7 @@ Microsoft.AspNetCore.Mvc.RouteAttribute</Description>
<ItemGroup> <ItemGroup>
<ProjectReference Include="..\Microsoft.AspNetCore.Mvc.Abstractions\Microsoft.AspNetCore.Mvc.Abstractions.csproj" /> <ProjectReference Include="..\Microsoft.AspNetCore.Mvc.Abstractions\Microsoft.AspNetCore.Mvc.Abstractions.csproj" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.Core" Version="$(AspNetCoreVersion)" />
<PackageReference Include="Microsoft.AspNetCore.Authorization" Version="$(AspNetCoreVersion)" /> <PackageReference Include="Microsoft.AspNetCore.Authorization" Version="$(AspNetCoreVersion)" />
<PackageReference Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="$(AspNetCoreVersion)" /> <PackageReference Include="Microsoft.AspNetCore.Hosting.Abstractions" Version="$(AspNetCoreVersion)" />
<PackageReference Include="Microsoft.AspNetCore.Http" Version="$(AspNetCoreVersion)" /> <PackageReference Include="Microsoft.AspNetCore.Http" Version="$(AspNetCoreVersion)" />

View File

@ -4,7 +4,7 @@
using System; using System;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Http.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc.Core; using Microsoft.AspNetCore.Mvc.Core;
using Microsoft.AspNetCore.Mvc.Internal; using Microsoft.AspNetCore.Mvc.Internal;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
@ -88,8 +88,7 @@ namespace Microsoft.AspNetCore.Mvc
logger.SignInResultExecuting(AuthenticationScheme, Principal); logger.SignInResultExecuting(AuthenticationScheme, Principal);
var authentication = context.HttpContext.Authentication; await context.HttpContext.SignInAsync(AuthenticationScheme, Principal, Properties);
await authentication.SignInAsync(AuthenticationScheme, Principal, Properties);
} }
} }
} }

View File

@ -4,7 +4,7 @@
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Http.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc.Core; using Microsoft.AspNetCore.Mvc.Core;
using Microsoft.AspNetCore.Mvc.Internal; using Microsoft.AspNetCore.Mvc.Internal;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
@ -106,11 +106,9 @@ namespace Microsoft.AspNetCore.Mvc
logger.SignOutResultExecuting(AuthenticationSchemes); logger.SignOutResultExecuting(AuthenticationSchemes);
var authentication = context.HttpContext.Authentication;
for (var i = 0; i < AuthenticationSchemes.Count; i++) for (var i = 0; i < AuthenticationSchemes.Count; i++)
{ {
await authentication.SignOutAsync(AuthenticationSchemes[i], Properties); await context.HttpContext.SignOutAsync(AuthenticationSchemes[i], Properties);
} }
} }
} }

View File

@ -5,9 +5,9 @@ using System;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Authentication;
using Microsoft.AspNetCore.Mvc.Abstractions; using Microsoft.AspNetCore.Mvc.Abstractions;
using Microsoft.AspNetCore.Mvc.Filters; using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
@ -482,10 +482,12 @@ namespace Microsoft.AspNetCore.Mvc.Authorization
// ServiceProvider // ServiceProvider
var serviceCollection = new ServiceCollection(); var serviceCollection = new ServiceCollection();
var auth = new Mock<IAuthenticationService>();
if (registerServices != null) if (registerServices != null)
{ {
serviceCollection.AddOptions(); serviceCollection.AddOptions();
serviceCollection.AddLogging(); serviceCollection.AddLogging();
serviceCollection.AddSingleton(auth.Object);
registerServices(serviceCollection); registerServices(serviceCollection);
} }
@ -493,17 +495,15 @@ namespace Microsoft.AspNetCore.Mvc.Authorization
// HttpContext // HttpContext
var httpContext = new Mock<HttpContext>(); var httpContext = new Mock<HttpContext>();
var auth = new Mock<AuthenticationManager>();
httpContext.Setup(o => o.Authentication).Returns(auth.Object);
httpContext.SetupProperty(c => c.User); httpContext.SetupProperty(c => c.User);
if (!anonymous) if (!anonymous)
{ {
httpContext.Object.User = validUser; httpContext.Object.User = validUser;
} }
httpContext.SetupGet(c => c.RequestServices).Returns(serviceProvider); httpContext.SetupGet(c => c.RequestServices).Returns(serviceProvider);
auth.Setup(c => c.AuthenticateAsync("Bearer")).ReturnsAsync(bearerPrincipal); auth.Setup(c => c.AuthenticateAsync(httpContext.Object, "Bearer")).ReturnsAsync(AuthenticateResult.Success(new AuthenticationTicket(bearerPrincipal, "Bearer")));
auth.Setup(c => c.AuthenticateAsync("Basic")).ReturnsAsync(basicPrincipal); auth.Setup(c => c.AuthenticateAsync(httpContext.Object, "Basic")).ReturnsAsync(AuthenticateResult.Success(new AuthenticationTicket(basicPrincipal, "Basic")));
auth.Setup(c => c.AuthenticateAsync("Fails")).ReturnsAsync(default(ClaimsPrincipal)); auth.Setup(c => c.AuthenticateAsync(httpContext.Object, "Fails")).ReturnsAsync(AuthenticateResult.Fail("Fails"));
// AuthorizationFilterContext // AuthorizationFilterContext
var actionContext = new ActionContext( var actionContext = new ActionContext(

View File

@ -2,8 +2,8 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Authentication;
using Microsoft.AspNetCore.Mvc.Abstractions; using Microsoft.AspNetCore.Mvc.Abstractions;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
@ -22,11 +22,11 @@ namespace Microsoft.AspNetCore.Mvc
// Arrange // Arrange
var result = new ChallengeResult("", null); var result = new ChallengeResult("", null);
var httpContext = new Mock<HttpContext>(); var auth = new Mock<IAuthenticationService>();
httpContext.SetupGet(c => c.RequestServices).Returns(CreateServices().BuildServiceProvider());
var auth = new Mock<AuthenticationManager>(); var httpContext = new Mock<HttpContext>();
httpContext.Setup(o => o.Authentication).Returns(auth.Object); httpContext.SetupGet(c => c.RequestServices)
.Returns(CreateServices().AddSingleton(auth.Object).BuildServiceProvider());
var routeData = new RouteData(); var routeData = new RouteData();
routeData.Routers.Add(Mock.Of<IRouter>()); routeData.Routers.Add(Mock.Of<IRouter>());
@ -39,7 +39,7 @@ namespace Microsoft.AspNetCore.Mvc
await result.ExecuteResultAsync(actionContext); await result.ExecuteResultAsync(actionContext);
// Assert // Assert
auth.Verify(c => c.ChallengeAsync("", null), Times.Exactly(1)); auth.Verify(c => c.ChallengeAsync(httpContext.Object, "", null, ChallengeBehavior.Automatic), Times.Exactly(1));
} }
[Fact] [Fact]
@ -48,11 +48,10 @@ namespace Microsoft.AspNetCore.Mvc
// Arrange // Arrange
var result = new ChallengeResult(new string[] { }, null); var result = new ChallengeResult(new string[] { }, null);
var auth = new Mock<IAuthenticationService>();
var httpContext = new Mock<HttpContext>(); var httpContext = new Mock<HttpContext>();
httpContext.SetupGet(c => c.RequestServices).Returns(CreateServices().BuildServiceProvider()); httpContext.SetupGet(c => c.RequestServices)
.Returns(CreateServices().AddSingleton(auth.Object).BuildServiceProvider());
var auth = new Mock<AuthenticationManager>();
httpContext.Setup(o => o.Authentication).Returns(auth.Object);
var routeData = new RouteData(); var routeData = new RouteData();
routeData.Routers.Add(Mock.Of<IRouter>()); routeData.Routers.Add(Mock.Of<IRouter>());
@ -65,13 +64,14 @@ namespace Microsoft.AspNetCore.Mvc
await result.ExecuteResultAsync(actionContext); await result.ExecuteResultAsync(actionContext);
// Assert // Assert
auth.Verify(c => c.ChallengeAsync((AuthenticationProperties)null), Times.Exactly(1)); auth.Verify(c => c.ChallengeAsync(httpContext.Object, null, null, ChallengeBehavior.Automatic), Times.Exactly(1));
} }
private static IServiceCollection CreateServices() private static IServiceCollection CreateServices()
{ {
var services = new ServiceCollection(); var services = new ServiceCollection();
services.AddSingleton<ILoggerFactory>(NullLoggerFactory.Instance); services.AddSingleton<ILoggerFactory>(NullLoggerFactory.Instance);
services.AddAuthenticationCore();
return services; return services;
} }
} }

View File

@ -3,8 +3,8 @@
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Authentication;
using Microsoft.AspNetCore.Mvc.Abstractions; using Microsoft.AspNetCore.Mvc.Abstractions;
using Microsoft.AspNetCore.Mvc.Internal; using Microsoft.AspNetCore.Mvc.Internal;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
@ -22,14 +22,13 @@ namespace Microsoft.AspNetCore.Mvc
public async Task ExecuteResultAsync_InvokesForbidAsyncOnAuthenticationManager() public async Task ExecuteResultAsync_InvokesForbidAsyncOnAuthenticationManager()
{ {
// Arrange // Arrange
var authenticationManager = new Mock<AuthenticationManager>(); var httpContext = new Mock<HttpContext>();
authenticationManager var auth = new Mock<IAuthenticationService>();
.Setup(c => c.ForbidAsync("", null)) auth
.Setup(c => c.ChallengeAsync(httpContext.Object, "", null, ChallengeBehavior.Forbidden))
.Returns(TaskCache.CompletedTask) .Returns(TaskCache.CompletedTask)
.Verifiable(); .Verifiable();
var httpContext = new Mock<HttpContext>(); httpContext.Setup(c => c.RequestServices).Returns(CreateServices(auth.Object));
httpContext.Setup(c => c.RequestServices).Returns(CreateServices());
httpContext.Setup(c => c.Authentication).Returns(authenticationManager.Object);
var result = new ForbidResult("", null); var result = new ForbidResult("", null);
var routeData = new RouteData(); var routeData = new RouteData();
@ -42,26 +41,25 @@ namespace Microsoft.AspNetCore.Mvc
await result.ExecuteResultAsync(actionContext); await result.ExecuteResultAsync(actionContext);
// Assert // Assert
authenticationManager.Verify(); auth.Verify();
} }
[Fact] [Fact]
public async Task ExecuteResultAsync_InvokesForbidAsyncOnAllConfiguredSchemes() public async Task ExecuteResultAsync_InvokesForbidAsyncOnAllConfiguredSchemes()
{ {
// Arrange // Arrange
var authProperties = new AuthenticationProperties();
var authenticationManager = new Mock<AuthenticationManager>();
authenticationManager
.Setup(c => c.ForbidAsync("Scheme1", authProperties))
.Returns(TaskCache.CompletedTask)
.Verifiable();
authenticationManager
.Setup(c => c.ForbidAsync("Scheme2", authProperties))
.Returns(TaskCache.CompletedTask)
.Verifiable();
var httpContext = new Mock<HttpContext>(); var httpContext = new Mock<HttpContext>();
httpContext.Setup(c => c.RequestServices).Returns(CreateServices()); var authProperties = new AuthenticationProperties();
httpContext.Setup(c => c.Authentication).Returns(authenticationManager.Object); var auth = new Mock<IAuthenticationService>();
auth
.Setup(c => c.ChallengeAsync(httpContext.Object, "Scheme1", authProperties, ChallengeBehavior.Forbidden))
.Returns(TaskCache.CompletedTask)
.Verifiable();
auth
.Setup(c => c.ChallengeAsync(httpContext.Object, "Scheme2", authProperties, ChallengeBehavior.Forbidden))
.Returns(TaskCache.CompletedTask)
.Verifiable();
httpContext.Setup(c => c.RequestServices).Returns(CreateServices(auth.Object));
var result = new ForbidResult(new[] { "Scheme1", "Scheme2" }, authProperties); var result = new ForbidResult(new[] { "Scheme1", "Scheme2" }, authProperties);
var routeData = new RouteData(); var routeData = new RouteData();
@ -74,7 +72,7 @@ namespace Microsoft.AspNetCore.Mvc
await result.ExecuteResultAsync(actionContext); await result.ExecuteResultAsync(actionContext);
// Assert // Assert
authenticationManager.Verify(); auth.Verify();
} }
public static TheoryData ExecuteResultAsync_InvokesForbidAsyncWithAuthPropertiesData => public static TheoryData ExecuteResultAsync_InvokesForbidAsyncWithAuthPropertiesData =>
@ -89,14 +87,13 @@ namespace Microsoft.AspNetCore.Mvc
public async Task ExecuteResultAsync_InvokesForbidAsyncWithAuthProperties(AuthenticationProperties expected) public async Task ExecuteResultAsync_InvokesForbidAsyncWithAuthProperties(AuthenticationProperties expected)
{ {
// Arrange // Arrange
var authenticationManager = new Mock<AuthenticationManager>(); var httpContext = new Mock<HttpContext>();
authenticationManager var auth = new Mock<IAuthenticationService>();
.Setup(c => c.ForbidAsync(expected)) auth
.Setup(c => c.ChallengeAsync(httpContext.Object, null, expected, ChallengeBehavior.Forbidden))
.Returns(TaskCache.CompletedTask) .Returns(TaskCache.CompletedTask)
.Verifiable(); .Verifiable();
var httpContext = new Mock<HttpContext>(); httpContext.Setup(c => c.RequestServices).Returns(CreateServices(auth.Object));
httpContext.Setup(c => c.RequestServices).Returns(CreateServices());
httpContext.Setup(c => c.Authentication).Returns(authenticationManager.Object);
var result = new ForbidResult(expected); var result = new ForbidResult(expected);
var routeData = new RouteData(); var routeData = new RouteData();
@ -109,7 +106,7 @@ namespace Microsoft.AspNetCore.Mvc
await result.ExecuteResultAsync(actionContext); await result.ExecuteResultAsync(actionContext);
// Assert // Assert
authenticationManager.Verify(); auth.Verify();
} }
[Theory] [Theory]
@ -118,14 +115,13 @@ namespace Microsoft.AspNetCore.Mvc
AuthenticationProperties expected) AuthenticationProperties expected)
{ {
// Arrange // Arrange
var authenticationManager = new Mock<AuthenticationManager>(); var httpContext = new Mock<HttpContext>();
authenticationManager var auth = new Mock<IAuthenticationService>();
.Setup(c => c.ForbidAsync(expected)) auth
.Setup(c => c.ChallengeAsync(httpContext.Object, null, expected, ChallengeBehavior.Forbidden))
.Returns(TaskCache.CompletedTask) .Returns(TaskCache.CompletedTask)
.Verifiable(); .Verifiable();
var httpContext = new Mock<HttpContext>(); httpContext.Setup(c => c.RequestServices).Returns(CreateServices(auth.Object));
httpContext.Setup(c => c.RequestServices).Returns(CreateServices());
httpContext.Setup(c => c.Authentication).Returns(authenticationManager.Object);
var result = new ForbidResult(expected) var result = new ForbidResult(expected)
{ {
AuthenticationSchemes = new string[0] AuthenticationSchemes = new string[0]
@ -141,13 +137,14 @@ namespace Microsoft.AspNetCore.Mvc
await result.ExecuteResultAsync(actionContext); await result.ExecuteResultAsync(actionContext);
// Assert // Assert
authenticationManager.Verify(); auth.Verify();
} }
private static IServiceProvider CreateServices() private static IServiceProvider CreateServices(IAuthenticationService auth)
{ {
return new ServiceCollection() return new ServiceCollection()
.AddSingleton<ILoggerFactory>(NullLoggerFactory.Instance) .AddSingleton<ILoggerFactory>(NullLoggerFactory.Instance)
.AddSingleton(auth)
.BuildServiceProvider(); .BuildServiceProvider();
} }
} }

View File

@ -4,8 +4,8 @@
using System; using System;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Authentication;
using Microsoft.AspNetCore.Mvc.Abstractions; using Microsoft.AspNetCore.Mvc.Abstractions;
using Microsoft.AspNetCore.Mvc.Internal; using Microsoft.AspNetCore.Mvc.Internal;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
@ -24,14 +24,13 @@ namespace Microsoft.AspNetCore.Mvc
{ {
// Arrange // Arrange
var principal = new ClaimsPrincipal(); var principal = new ClaimsPrincipal();
var authenticationManager = new Mock<AuthenticationManager>(); var httpContext = new Mock<HttpContext>();
authenticationManager var auth = new Mock<IAuthenticationService>();
.Setup(c => c.SignInAsync("", principal, null)) auth
.Setup(c => c.SignInAsync(httpContext.Object, "", principal, null))
.Returns(TaskCache.CompletedTask) .Returns(TaskCache.CompletedTask)
.Verifiable(); .Verifiable();
var httpContext = new Mock<HttpContext>(); httpContext.Setup(c => c.RequestServices).Returns(CreateServices(auth.Object));
httpContext.Setup(c => c.RequestServices).Returns(CreateServices());
httpContext.Setup(c => c.Authentication).Returns(authenticationManager.Object);
var result = new SignInResult("", principal, null); var result = new SignInResult("", principal, null);
var routeData = new RouteData(); var routeData = new RouteData();
@ -44,7 +43,7 @@ namespace Microsoft.AspNetCore.Mvc
await result.ExecuteResultAsync(actionContext); await result.ExecuteResultAsync(actionContext);
// Assert // Assert
authenticationManager.Verify(); auth.Verify();
} }
[Fact] [Fact]
@ -53,14 +52,13 @@ namespace Microsoft.AspNetCore.Mvc
// Arrange // Arrange
var principal = new ClaimsPrincipal(); var principal = new ClaimsPrincipal();
var authProperties = new AuthenticationProperties(); var authProperties = new AuthenticationProperties();
var authenticationManager = new Mock<AuthenticationManager>(); var httpContext = new Mock<HttpContext>();
authenticationManager var auth = new Mock<IAuthenticationService>();
.Setup(c => c.SignInAsync("Scheme1", principal, authProperties)) auth
.Setup(c => c.SignInAsync(httpContext.Object, "Scheme1", principal, authProperties))
.Returns(TaskCache.CompletedTask) .Returns(TaskCache.CompletedTask)
.Verifiable(); .Verifiable();
var httpContext = new Mock<HttpContext>(); httpContext.Setup(c => c.RequestServices).Returns(CreateServices(auth.Object));
httpContext.Setup(c => c.RequestServices).Returns(CreateServices());
httpContext.Setup(c => c.Authentication).Returns(authenticationManager.Object);
var result = new SignInResult("Scheme1", principal, authProperties); var result = new SignInResult("Scheme1", principal, authProperties);
var routeData = new RouteData(); var routeData = new RouteData();
@ -73,13 +71,14 @@ namespace Microsoft.AspNetCore.Mvc
await result.ExecuteResultAsync(actionContext); await result.ExecuteResultAsync(actionContext);
// Assert // Assert
authenticationManager.Verify(); auth.Verify();
} }
private static IServiceProvider CreateServices() private static IServiceProvider CreateServices(IAuthenticationService auth)
{ {
return new ServiceCollection() return new ServiceCollection()
.AddSingleton<ILoggerFactory>(NullLoggerFactory.Instance) .AddSingleton<ILoggerFactory>(NullLoggerFactory.Instance)
.AddSingleton(auth)
.BuildServiceProvider(); .BuildServiceProvider();
} }
} }

View File

@ -3,8 +3,8 @@
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Authentication;
using Microsoft.AspNetCore.Mvc.Abstractions; using Microsoft.AspNetCore.Mvc.Abstractions;
using Microsoft.AspNetCore.Mvc.Internal; using Microsoft.AspNetCore.Mvc.Internal;
using Microsoft.AspNetCore.Routing; using Microsoft.AspNetCore.Routing;
@ -22,14 +22,13 @@ namespace Microsoft.AspNetCore.Mvc
public async Task ExecuteResultAsync_InvokesSignOutAsyncOnAuthenticationManager() public async Task ExecuteResultAsync_InvokesSignOutAsyncOnAuthenticationManager()
{ {
// Arrange // Arrange
var authenticationManager = new Mock<AuthenticationManager>(); var httpContext = new Mock<HttpContext>();
authenticationManager var auth = new Mock<IAuthenticationService>();
.Setup(c => c.SignOutAsync("", null)) auth
.Setup(c => c.SignOutAsync(httpContext.Object, "", null))
.Returns(TaskCache.CompletedTask) .Returns(TaskCache.CompletedTask)
.Verifiable(); .Verifiable();
var httpContext = new Mock<HttpContext>(); httpContext.Setup(c => c.RequestServices).Returns(CreateServices(auth.Object));
httpContext.Setup(c => c.RequestServices).Returns(CreateServices());
httpContext.Setup(c => c.Authentication).Returns(authenticationManager.Object);
var result = new SignOutResult("", null); var result = new SignOutResult("", null);
var routeData = new RouteData(); var routeData = new RouteData();
@ -42,7 +41,7 @@ namespace Microsoft.AspNetCore.Mvc
await result.ExecuteResultAsync(actionContext); await result.ExecuteResultAsync(actionContext);
// Assert // Assert
authenticationManager.Verify(); auth.Verify();
} }
[Fact] [Fact]
@ -50,18 +49,17 @@ namespace Microsoft.AspNetCore.Mvc
{ {
// Arrange // Arrange
var authProperties = new AuthenticationProperties(); var authProperties = new AuthenticationProperties();
var authenticationManager = new Mock<AuthenticationManager>();
authenticationManager
.Setup(c => c.SignOutAsync("Scheme1", authProperties))
.Returns(TaskCache.CompletedTask)
.Verifiable();
authenticationManager
.Setup(c => c.SignOutAsync("Scheme2", authProperties))
.Returns(TaskCache.CompletedTask)
.Verifiable();
var httpContext = new Mock<HttpContext>(); var httpContext = new Mock<HttpContext>();
httpContext.Setup(c => c.RequestServices).Returns(CreateServices()); var auth = new Mock<IAuthenticationService>();
httpContext.Setup(c => c.Authentication).Returns(authenticationManager.Object); auth
.Setup(c => c.SignOutAsync(httpContext.Object, "Scheme1", authProperties))
.Returns(TaskCache.CompletedTask)
.Verifiable();
auth
.Setup(c => c.SignOutAsync(httpContext.Object, "Scheme2", authProperties))
.Returns(TaskCache.CompletedTask)
.Verifiable();
httpContext.Setup(c => c.RequestServices).Returns(CreateServices(auth.Object));
var result = new SignOutResult(new[] { "Scheme1", "Scheme2" }, authProperties); var result = new SignOutResult(new[] { "Scheme1", "Scheme2" }, authProperties);
var routeData = new RouteData(); var routeData = new RouteData();
@ -74,13 +72,14 @@ namespace Microsoft.AspNetCore.Mvc
await result.ExecuteResultAsync(actionContext); await result.ExecuteResultAsync(actionContext);
// Assert // Assert
authenticationManager.Verify(); auth.Verify();
} }
private static IServiceProvider CreateServices() private static IServiceProvider CreateServices(IAuthenticationService auth)
{ {
return new ServiceCollection() return new ServiceCollection()
.AddSingleton<ILoggerFactory>(NullLoggerFactory.Instance) .AddSingleton<ILoggerFactory>(NullLoggerFactory.Instance)
.AddSingleton(auth)
.BuildServiceProvider(); .BuildServiceProvider();
} }
} }

View File

@ -1,30 +0,0 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Text.Encodings.Web;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Logging;
namespace FiltersWebSite
{
public class AuthorizeBasicMiddleware : AuthenticationMiddleware<BasicOptions>
{
public AuthorizeBasicMiddleware(
RequestDelegate next,
ILoggerFactory loggerFactory,
UrlEncoder encoder,
string authScheme) :
base(next,
new BasicOptions { AuthenticationScheme = authScheme },
loggerFactory,
encoder)
{
}
protected override AuthenticationHandler<BasicOptions> CreateHandler()
{
return new BasicAuthenticationHandler();
}
}
}

View File

@ -3,16 +3,21 @@
using System; using System;
using System.Security.Claims; using System.Security.Claims;
using System.Text.Encodings.Web;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http.Authentication; using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options; using Microsoft.Extensions.Options;
namespace FiltersWebSite namespace FiltersWebSite
{ {
public class BasicAuthenticationHandler : AuthenticationHandler<BasicOptions> public class BasicAuthenticationHandler : AuthenticationHandler<BasicOptions>
{ {
public BasicAuthenticationHandler(IOptionsSnapshot<BasicOptions> options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock)
: base(options, logger, encoder, clock)
{ }
protected override Task<AuthenticateResult> HandleAuthenticateAsync() protected override Task<AuthenticateResult> HandleAuthenticateAsync()
{ {
var principal = new ClaimsPrincipal(); var principal = new ClaimsPrincipal();
@ -23,9 +28,9 @@ namespace FiltersWebSite
new Claim(ClaimTypes.Role, "Administrator"), new Claim(ClaimTypes.Role, "Administrator"),
new Claim(ClaimTypes.NameIdentifier, "John") new Claim(ClaimTypes.NameIdentifier, "John")
}, },
Options.AuthenticationScheme)); Scheme.Name));
return Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(principal, return Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(principal,
new AuthenticationProperties(), Options.AuthenticationScheme))); new AuthenticationProperties(), Scheme.Name)));
} }
} }
} }

View File

@ -6,17 +6,11 @@ using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Http.Authentication;
using Microsoft.Extensions.Options; using Microsoft.Extensions.Options;
namespace FiltersWebSite namespace FiltersWebSite
{ {
public class BasicOptions : AuthenticationOptions, IOptions<BasicOptions> public class BasicOptions : AuthenticationSchemeOptions
{ {
public BasicOptions()
{
}
public BasicOptions Value { get { return this; } }
} }
} }

View File

@ -16,6 +16,8 @@ namespace FiltersWebSite
// Set up application services // Set up application services
public void ConfigureServices(IServiceCollection services) public void ConfigureServices(IServiceCollection services)
{ {
services.AddScheme<BasicOptions, BasicAuthenticationHandler>("Interactive", _ => { });
services.AddScheme<BasicOptions, BasicAuthenticationHandler>("Api", _ => { });
services.AddMvc(); services.AddMvc();
services.AddAuthorization(options => services.AddAuthorization(options =>
{ {
@ -60,8 +62,6 @@ namespace FiltersWebSite
{ {
app.UseCultureReplacer(); app.UseCultureReplacer();
app.UseMiddleware<AuthorizeBasicMiddleware>("Interactive");
app.UseMiddleware<AuthorizeBasicMiddleware>("Api");
app.UseMiddleware<ErrorReporterMiddleware>(); app.UseMiddleware<ErrorReporterMiddleware>();
app.UseMvcWithDefaultRoute(); app.UseMvcWithDefaultRoute();

View File

@ -11,6 +11,7 @@ namespace RazorPagesWebSite
public void ConfigureServices(IServiceCollection services) public void ConfigureServices(IServiceCollection services)
{ {
services services
.AddCookieAuthentication(options => options.LoginPath = "/Login")
.AddMvc() .AddMvc()
.AddCookieTempDataProvider() .AddCookieTempDataProvider()
.AddRazorPagesOptions(options => .AddRazorPagesOptions(options =>
@ -25,12 +26,7 @@ namespace RazorPagesWebSite
{ {
app.UseCultureReplacer(); app.UseCultureReplacer();
app.UseCookieAuthentication(new CookieAuthenticationOptions app.UseAuthentication();
{
LoginPath = "/Login",
AutomaticAuthenticate = true,
AutomaticChallenge = true
});
app.UseStaticFiles(); app.UseStaticFiles();

View File

@ -11,6 +11,7 @@ namespace RazorPagesWebSite
public void ConfigureServices(IServiceCollection services) public void ConfigureServices(IServiceCollection services)
{ {
services services
.AddCookieAuthentication(options => options.LoginPath = "/Login")
.AddMvc() .AddMvc()
.AddCookieTempDataProvider() .AddCookieTempDataProvider()
.AddRazorPagesOptions(options => .AddRazorPagesOptions(options =>
@ -25,12 +26,7 @@ namespace RazorPagesWebSite
{ {
app.UseCultureReplacer(); app.UseCultureReplacer();
app.UseCookieAuthentication(new CookieAuthenticationOptions app.UseAuthentication();
{
LoginPath = "/Login",
AutomaticAuthenticate = true,
AutomaticChallenge = true
});
app.UseStaticFiles(); app.UseStaticFiles();

View File

@ -14,19 +14,17 @@ namespace SecurityWebSite
// Add framework services. // Add framework services.
services.AddMvc(); services.AddMvc();
services.AddAntiforgery(); services.AddAntiforgery();
services.AddAuthentication(); services.AddCookieAuthentication(options =>
{
options.LoginPath = "/Home/Login";
options.LogoutPath = "/Home/Logout";
});
} }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app) public void Configure(IApplicationBuilder app)
{ {
app.UseCookieAuthentication(new CookieAuthenticationOptions app.UseAuthentication();
{
LoginPath = "/Home/Login",
LogoutPath = "/Home/Logout",
AutomaticAuthenticate = true,
AutomaticChallenge = true
});
app.UseMvc(routes => app.UseMvc(routes =>
{ {