React to AuthN changes

This commit is contained in:
Hao Kung 2015-03-02 16:14:38 -08:00
parent ae4cafc002
commit 46aaf790c4
21 changed files with 74 additions and 69 deletions

View File

@ -3,7 +3,6 @@
using System; using System;
using Microsoft.AspNet.Mvc; using Microsoft.AspNet.Mvc;
using Microsoft.AspNet.Security;
using MvcSample.Web.Filters; using MvcSample.Web.Filters;
using MvcSample.Web.Models; using MvcSample.Web.Models;

View File

@ -3,10 +3,11 @@
using System; using System;
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Mvc; using Microsoft.AspNet.Mvc;
using Microsoft.AspNet.Mvc.Razor; using Microsoft.AspNet.Mvc.Razor;
using Microsoft.AspNet.Security;
using Microsoft.Framework.ConfigurationModel; using Microsoft.Framework.ConfigurationModel;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
using MvcSample.Web.Filters; using MvcSample.Web.Filters;

View File

@ -2,7 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Collections.Generic; using System.Collections.Generic;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.Framework.Internal; using Microsoft.Framework.Internal;
namespace Microsoft.AspNet.Mvc namespace Microsoft.AspNet.Mvc
@ -14,13 +14,13 @@ namespace Microsoft.AspNet.Mvc
{ {
} }
public ChallengeResult(string authenticationType) public ChallengeResult(string authenticationScheme)
: this(new[] { authenticationType }) : this(new[] { authenticationScheme })
{ {
} }
public ChallengeResult(IList<string> authenticationTypes) public ChallengeResult(IList<string> authenticationSchemes)
: this(authenticationTypes, properties: null) : this(authenticationSchemes, properties: null)
{ {
} }
@ -29,25 +29,25 @@ namespace Microsoft.AspNet.Mvc
{ {
} }
public ChallengeResult(string authenticationType, AuthenticationProperties properties) public ChallengeResult(string authenticationScheme, AuthenticationProperties properties)
: this(new[] { authenticationType }, properties) : this(new[] { authenticationScheme }, properties)
{ {
} }
public ChallengeResult(IList<string> authenticationTypes, AuthenticationProperties properties) public ChallengeResult(IList<string> authenticationSchemes, AuthenticationProperties properties)
{ {
AuthenticationTypes = authenticationTypes; AuthenticationSchemes = authenticationSchemes;
Properties = properties; Properties = properties;
} }
public IList<string> AuthenticationTypes { get; set; } public IList<string> AuthenticationSchemes { get; set; }
public AuthenticationProperties Properties { get; set; } public AuthenticationProperties Properties { get; set; }
public override void ExecuteResult([NotNull] ActionContext context) public override void ExecuteResult([NotNull] ActionContext context)
{ {
var response = context.HttpContext.Response; var response = context.HttpContext.Response;
response.Challenge(Properties, AuthenticationTypes); response.Challenge(Properties, AuthenticationSchemes);
} }
} }
} }

View File

@ -5,10 +5,10 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Reflection; using System.Reflection;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.Mvc.Description; using Microsoft.AspNet.Mvc.Description;
using Microsoft.AspNet.Mvc.ModelBinding; using Microsoft.AspNet.Mvc.ModelBinding;
using Microsoft.AspNet.Mvc.Routing; using Microsoft.AspNet.Mvc.Routing;
using Microsoft.AspNet.Security;
using Microsoft.Framework.Internal; using Microsoft.Framework.Internal;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;

View File

@ -5,10 +5,10 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Reflection; using System.Reflection;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.Mvc.Description; using Microsoft.AspNet.Mvc.Description;
using Microsoft.AspNet.Mvc.Filters; using Microsoft.AspNet.Mvc.Filters;
using Microsoft.AspNet.Mvc.Routing; using Microsoft.AspNet.Mvc.Routing;
using Microsoft.AspNet.Security;
using Microsoft.Framework.Internal; using Microsoft.Framework.Internal;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;

View File

@ -4,7 +4,7 @@
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Security; using Microsoft.AspNet.Authorization;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.Internal; using Microsoft.Framework.Internal;
@ -33,12 +33,17 @@ namespace Microsoft.AspNet.Mvc
public virtual async Task OnAuthorizationAsync([NotNull] AuthorizationContext context) public virtual async Task OnAuthorizationAsync([NotNull] AuthorizationContext context)
{ {
// Build a ClaimsPrincipal with the Policy's required authentication types // Build a ClaimsPrincipal with the Policy's required authentication types
if (Policy.ActiveAuthenticationTypes != null && Policy.ActiveAuthenticationTypes.Any()) if (Policy.ActiveAuthenticationSchemes != null && Policy.ActiveAuthenticationSchemes.Any())
{ {
var results = await context.HttpContext.AuthenticateAsync(Policy.ActiveAuthenticationTypes); var results = await context.HttpContext.AuthenticateAsync(Policy.ActiveAuthenticationSchemes);
if (results != null) if (results != null)
{ {
context.HttpContext.User = new ClaimsPrincipal(results.Where(r => r.Identity != null).Select(r => r.Identity)); var newPrincipal = new ClaimsPrincipal();
foreach (var principal in results.Where(r => r.Principal != null).Select(r => r.Principal))
{
newPrincipal.AddIdentities(principal.Identities);
}
context.HttpContext.User = newPrincipal;
} }
} }
@ -56,7 +61,7 @@ namespace Microsoft.AspNet.Mvc
!httpContext.User.Identities.Any(i => i.IsAuthenticated) || !httpContext.User.Identities.Any(i => i.IsAuthenticated) ||
!await authService.AuthorizeAsync(httpContext.User, context, Policy)) !await authService.AuthorizeAsync(httpContext.User, context, Policy))
{ {
context.Result = new ChallengeResult(Policy.ActiveAuthenticationTypes.ToArray()); context.Result = new ChallengeResult(Policy.ActiveAuthenticationSchemes.ToArray());
} }
} }
} }

View File

@ -5,6 +5,8 @@
"warningsAsErrors": true "warningsAsErrors": true
}, },
"dependencies": { "dependencies": {
"Microsoft.AspNet.Authentication": "1.0.0-*",
"Microsoft.AspNet.Authorization": "1.0.0-*",
"Microsoft.AspNet.DataProtection": "1.0.0-*", "Microsoft.AspNet.DataProtection": "1.0.0-*",
"Microsoft.AspNet.Diagnostics.Interfaces": "1.0.0-*", "Microsoft.AspNet.Diagnostics.Interfaces": "1.0.0-*",
"Microsoft.AspNet.FileProviders": "1.0.0-*", "Microsoft.AspNet.FileProviders": "1.0.0-*",
@ -13,7 +15,6 @@
"Microsoft.AspNet.Mvc.Common": { "version": "6.0.0-*", "type": "build" }, "Microsoft.AspNet.Mvc.Common": { "version": "6.0.0-*", "type": "build" },
"Microsoft.AspNet.Mvc.ModelBinding": "6.0.0-*", "Microsoft.AspNet.Mvc.ModelBinding": "6.0.0-*",
"Microsoft.AspNet.Routing": "1.0.0-*", "Microsoft.AspNet.Routing": "1.0.0-*",
"Microsoft.AspNet.Security": "1.0.0-*",
"Microsoft.Framework.CopyOnWriteDictionary.Internal": { "version": "1.0.0-*", "type": "build" }, "Microsoft.Framework.CopyOnWriteDictionary.Internal": { "version": "1.0.0-*", "type": "build" },
"Microsoft.Framework.NotNullAttribute.Internal": { "version": "1.0.0-*", "type": "build" }, "Microsoft.Framework.NotNullAttribute.Internal": { "version": "1.0.0-*", "type": "build" },
"Microsoft.Framework.PropertyActivator.Internal": { "version": "1.0.0-*", "type": "build" }, "Microsoft.Framework.PropertyActivator.Internal": { "version": "1.0.0-*", "type": "build" },

View File

@ -5,6 +5,7 @@
"warningsAsErrors": true "warningsAsErrors": true
}, },
"dependencies": { "dependencies": {
"Microsoft.AspNet.Authorization": "1.0.0-*",
"Microsoft.AspNet.Mvc.Common": { "version": "6.0.0-*", "type": "build" }, "Microsoft.AspNet.Mvc.Common": { "version": "6.0.0-*", "type": "build" },
"Microsoft.AspNet.Mvc.Razor": "6.0.0-*", "Microsoft.AspNet.Mvc.Razor": "6.0.0-*",
"Microsoft.Framework.Cache.Memory": "1.0.0-*", "Microsoft.Framework.Cache.Memory": "1.0.0-*",

View File

@ -4,7 +4,7 @@
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Reflection; using System.Reflection;
using Microsoft.AspNet.Security; using Microsoft.AspNet.Authorization;
using Xunit; using Xunit;
namespace Microsoft.AspNet.Mvc.ApplicationModels namespace Microsoft.AspNet.Mvc.ApplicationModels

View File

@ -4,7 +4,7 @@
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Reflection; using System.Reflection;
using Microsoft.AspNet.Security; using Microsoft.AspNet.Authorization;
using Xunit; using Xunit;
namespace Microsoft.AspNet.Mvc.ApplicationModels namespace Microsoft.AspNet.Mvc.ApplicationModels

View File

@ -5,7 +5,7 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Reflection; using System.Reflection;
using Microsoft.AspNet.Security; using Microsoft.AspNet.Authorization;
using Microsoft.Framework.Internal; using Microsoft.Framework.Internal;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
using Moq; using Moq;
@ -329,8 +329,8 @@ namespace Microsoft.AspNet.Mvc.ApplicationModels
{ {
// Arrange // Arrange
var options = new AuthorizationOptions(); var options = new AuthorizationOptions();
options.AddPolicy("Base", policy => policy.RequiresClaim("Basic").RequiresClaim("Basic2")); options.AddPolicy("Base", policy => policy.RequireClaim("Basic").RequireClaim("Basic2"));
options.AddPolicy("Derived", policy => policy.RequiresClaim("Derived")); options.AddPolicy("Derived", policy => policy.RequireClaim("Derived"));
var builder = CreateTestDefaultActionModelBuilder(options); var builder = CreateTestDefaultActionModelBuilder(options);
var typeInfo = typeof(DerivedController).GetTypeInfo(); var typeInfo = typeof(DerivedController).GetTypeInfo();
var actionName = nameof(DerivedController.Authorize); var actionName = nameof(DerivedController.Authorize);

View File

@ -5,8 +5,8 @@ using System;
using System.Linq; using System.Linq;
using System.Reflection; using System.Reflection;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.Mvc.Filters; using Microsoft.AspNet.Mvc.Filters;
using Microsoft.AspNet.Security;
using Microsoft.Framework.Internal; using Microsoft.Framework.Internal;
using Xunit; using Xunit;

View File

@ -5,9 +5,9 @@ using System.Collections.Generic;
using System.ComponentModel.Design; using System.ComponentModel.Design;
using System.Linq; using System.Linq;
using System.Reflection; using System.Reflection;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.Mvc.ApplicationModels; using Microsoft.AspNet.Mvc.ApplicationModels;
using Microsoft.AspNet.Mvc.Core; using Microsoft.AspNet.Mvc.Core;
using Microsoft.AspNet.Security;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Xunit; using Xunit;

View File

@ -5,9 +5,9 @@ using System;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Routing; using Microsoft.AspNet.Routing;
using Microsoft.AspNet.Security;
using Microsoft.AspNet.WebUtilities; using Microsoft.AspNet.WebUtilities;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.DependencyInjection.Fallback; using Microsoft.Framework.DependencyInjection.Fallback;
@ -29,7 +29,7 @@ namespace Microsoft.AspNet.Mvc.Test
public async Task Invoke_ValidClaimShouldNotFail() public async Task Invoke_ValidClaimShouldNotFail()
{ {
// Arrange // Arrange
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequiresClaim("Permission", "CanViewPage").Build()); var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireClaim("Permission", "CanViewPage").Build());
var authorizationContext = GetAuthorizationContext(services => services.AddAuthorization()); var authorizationContext = GetAuthorizationContext(services => services.AddAuthorization());
// Act // Act
@ -99,7 +99,7 @@ namespace Microsoft.AspNet.Mvc.Test
public async Task Invoke_SingleValidClaimShouldSucceed() public async Task Invoke_SingleValidClaimShouldSucceed()
{ {
// Arrange // Arrange
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequiresClaim("Permission", "CanViewComment", "CanViewPage").Build()); var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireClaim("Permission", "CanViewComment", "CanViewPage").Build());
var authorizationContext = GetAuthorizationContext(services => var authorizationContext = GetAuthorizationContext(services =>
{ {
services.AddAuthorization(); services.AddAuthorization();
@ -117,7 +117,7 @@ namespace Microsoft.AspNet.Mvc.Test
public async Task Invoke_RequireAdminRoleShouldFailWithNoHandlers() public async Task Invoke_RequireAdminRoleShouldFailWithNoHandlers()
{ {
// Arrange // Arrange
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequiresRole("Administrator").Build()); var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireRole("Administrator").Build());
var authorizationContext = GetAuthorizationContext(services => var authorizationContext = GetAuthorizationContext(services =>
{ {
services.AddOptions(); services.AddOptions();
@ -135,7 +135,7 @@ namespace Microsoft.AspNet.Mvc.Test
public async Task Invoke_RequireAdminAndUserRoleWithNoPolicyShouldSucceed() public async Task Invoke_RequireAdminAndUserRoleWithNoPolicyShouldSucceed()
{ {
// Arrange // Arrange
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequiresRole("Administrator").Build()); var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireRole("Administrator").Build());
var authorizationContext = GetAuthorizationContext(services => var authorizationContext = GetAuthorizationContext(services =>
{ {
services.AddAuthorization(); services.AddAuthorization();
@ -153,7 +153,7 @@ namespace Microsoft.AspNet.Mvc.Test
public async Task Invoke_RequireUnknownRoleShouldFail() public async Task Invoke_RequireUnknownRoleShouldFail()
{ {
// Arrange // Arrange
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequiresRole("Wut").Build()); var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireRole("Wut").Build());
var authorizationContext = GetAuthorizationContext(services => var authorizationContext = GetAuthorizationContext(services =>
{ {
services.AddAuthorization(); services.AddAuthorization();
@ -172,8 +172,8 @@ namespace Microsoft.AspNet.Mvc.Test
{ {
// Arrange // Arrange
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder() var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
.RequiresRole("Administrator") .RequireRole("Administrator")
.RequiresClaim("Permission", "CanViewComment") .RequireClaim("Permission", "CanViewComment")
.Build()); .Build());
var authorizationContext = GetAuthorizationContext(services => var authorizationContext = GetAuthorizationContext(services =>
{ {
@ -193,7 +193,7 @@ namespace Microsoft.AspNet.Mvc.Test
{ {
// Arrange // Arrange
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder() var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
.RequiresClaim("Permission", "CanViewComment") .RequireClaim("Permission", "CanViewComment")
.Build()); .Build());
var authorizationContext = GetAuthorizationContext(services => var authorizationContext = GetAuthorizationContext(services =>
{ {
@ -223,7 +223,7 @@ namespace Microsoft.AspNet.Mvc.Test
}); });
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder() var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
.RequiresClaim("Permission", "CanViewComment") .RequireClaim("Permission", "CanViewComment")
.Build()); .Build());
var authorizationContext = GetAuthorizationContext(services => var authorizationContext = GetAuthorizationContext(services =>
services.AddInstance(authorizationService.Object) services.AddInstance(authorizationService.Object)
@ -243,7 +243,7 @@ namespace Microsoft.AspNet.Mvc.Test
{ {
// Arrange // Arrange
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder() var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
.RequiresClaim("Permission", "CanViewComment") .RequireClaim("Permission", "CanViewComment")
.Build()); .Build());
var authorizationContext = GetAuthorizationContext(services => var authorizationContext = GetAuthorizationContext(services =>
{ {
@ -263,8 +263,8 @@ namespace Microsoft.AspNet.Mvc.Test
{ {
// Arrange // Arrange
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder("Basic", "Bearer") var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder("Basic", "Bearer")
.RequiresClaim("Permission", "CanViewComment") .RequireClaim("Permission", "CanViewComment")
.RequiresClaim("Permission", "CupBearer") .RequireClaim("Permission", "CupBearer")
.Build()); .Build());
var authorizationContext = GetAuthorizationContext(services => var authorizationContext = GetAuthorizationContext(services =>
{ {

View File

@ -4,10 +4,10 @@
using System; using System;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
namespace FiltersWebSite namespace FiltersWebSite
@ -18,9 +18,9 @@ namespace FiltersWebSite
RequestDelegate next, RequestDelegate next,
IServiceProvider services, IServiceProvider services,
IOptions<BasicOptions> options, IOptions<BasicOptions> options,
string authType) : string authScheme) :
base(next, services, options, base(next, services, options,
new ConfigureOptions<BasicOptions>(o => o.AuthenticationType = authType) { Name = authType }) new ConfigureOptions<BasicOptions>(o => o.AuthenticationScheme = authScheme) { Name = authScheme })
{ {
} }

View File

@ -4,10 +4,9 @@
using System; using System;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
namespace FiltersWebSite namespace FiltersWebSite
@ -24,15 +23,16 @@ namespace FiltersWebSite
protected override AuthenticationTicket AuthenticateCore() protected override AuthenticationTicket AuthenticateCore()
{ {
var id = new ClaimsIdentity( var principal = new ClaimsPrincipal();
principal.AddIdentity(new ClaimsIdentity(
new Claim[] { new Claim[] {
new Claim("Permission", "CanViewPage"), new Claim("Permission", "CanViewPage"),
new Claim("Manager", "yes"), new Claim("Manager", "yes"),
new Claim(ClaimTypes.Role, "Administrator"), new Claim(ClaimTypes.Role, "Administrator"),
new Claim(ClaimTypes.NameIdentifier, "John") new Claim(ClaimTypes.NameIdentifier, "John")
}, },
Options.AuthenticationType); Options.AuthenticationScheme));
return new AuthenticationTicket(id, new AuthenticationProperties()); return new AuthenticationTicket(principal, new AuthenticationProperties(), Options.AuthenticationScheme);
} }
} }
} }

View File

@ -4,10 +4,9 @@
using System; using System;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
namespace FiltersWebSite namespace FiltersWebSite
@ -16,7 +15,6 @@ namespace FiltersWebSite
{ {
public BasicOptions() public BasicOptions()
{ {
AuthenticationMode = AuthenticationMode.Passive;
} }
} }
} }

View File

@ -2,7 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Mvc; using Microsoft.AspNet.Mvc;
using Microsoft.AspNet.Security; using Microsoft.AspNet.Authorization;
namespace FiltersWebSite namespace FiltersWebSite
{ {

View File

@ -3,14 +3,14 @@
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Security; using Microsoft.AspNet.Authorization;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
namespace FiltersWebSite namespace FiltersWebSite
{ {
public class ManagerHandler : AuthorizationHandler<OperationAuthorizationRequirement> public class ManagerHandler : AuthorizationHandler<OperationAuthorizationRequirement>
{ {
public override void Handle(Microsoft.AspNet.Security.AuthorizationContext context, OperationAuthorizationRequirement requirement) public override void Handle(AuthorizationContext context, OperationAuthorizationRequirement requirement)
{ {
if (context.User.HasClaim("Manager", "yes")) if (context.User.HasClaim("Manager", "yes"))
{ {

View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Security; using Microsoft.AspNet.Authorization;
namespace FiltersWebSite namespace FiltersWebSite
{ {

View File

@ -3,9 +3,9 @@
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Authorization;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Mvc; using Microsoft.AspNet.Mvc;
using Microsoft.AspNet.Security;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
namespace FiltersWebSite namespace FiltersWebSite
@ -25,26 +25,26 @@ namespace FiltersWebSite
options.AddPolicy("Impossible", policy => { }); options.AddPolicy("Impossible", policy => { });
options.AddPolicy("Api", policy => options.AddPolicy("Api", policy =>
{ {
policy.ActiveAuthenticationTypes.Add("Api"); policy.ActiveAuthenticationSchemes.Add("Api");
policy.RequiresClaim(ClaimTypes.NameIdentifier); policy.RequireClaim(ClaimTypes.NameIdentifier);
}); });
options.AddPolicy("Api-Manager", policy => options.AddPolicy("Api-Manager", policy =>
{ {
policy.ActiveAuthenticationTypes.Add("Api"); policy.ActiveAuthenticationSchemes.Add("Api");
policy.Requirements.Add(Operations.Edit); policy.Requirements.Add(Operations.Edit);
}); });
options.AddPolicy("Interactive", policy => options.AddPolicy("Interactive", policy =>
{ {
policy.ActiveAuthenticationTypes.Add("Interactive"); policy.ActiveAuthenticationSchemes.Add("Interactive");
policy.RequiresClaim(ClaimTypes.NameIdentifier) policy.RequireClaim(ClaimTypes.NameIdentifier)
.RequiresClaim("Permission", "CanViewPage"); .RequireClaim("Permission", "CanViewPage");
}); });
}); });
services.AddSingleton<RandomNumberFilter>(); services.AddSingleton<RandomNumberFilter>();
services.AddSingleton<RandomNumberService>(); services.AddSingleton<RandomNumberService>();
services.AddTransient<IAuthorizationHandler, ManagerHandler>(); services.AddTransient<IAuthorizationHandler, ManagerHandler>();
services.Configure<BasicOptions>(o => o.AuthenticationType = "Api", "Api"); services.Configure<BasicOptions>(o => o.AuthenticationScheme = "Api", "Api");
services.Configure<BasicOptions>(o => o.AuthenticationType = "Interactive", "Interactive"); services.Configure<BasicOptions>(o => o.AuthenticationScheme = "Interactive", "Interactive");
services.Configure<MvcOptions>(options => services.Configure<MvcOptions>(options =>
{ {