React to AuthN changes
This commit is contained in:
parent
ae4cafc002
commit
46aaf790c4
|
|
@ -3,7 +3,6 @@
|
||||||
|
|
||||||
using System;
|
using System;
|
||||||
using Microsoft.AspNet.Mvc;
|
using Microsoft.AspNet.Mvc;
|
||||||
using Microsoft.AspNet.Security;
|
|
||||||
using MvcSample.Web.Filters;
|
using MvcSample.Web.Filters;
|
||||||
using MvcSample.Web.Models;
|
using MvcSample.Web.Models;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -3,10 +3,11 @@
|
||||||
|
|
||||||
using System;
|
using System;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
|
using Microsoft.AspNet.Authentication;
|
||||||
|
using Microsoft.AspNet.Authorization;
|
||||||
using Microsoft.AspNet.Builder;
|
using Microsoft.AspNet.Builder;
|
||||||
using Microsoft.AspNet.Mvc;
|
using Microsoft.AspNet.Mvc;
|
||||||
using Microsoft.AspNet.Mvc.Razor;
|
using Microsoft.AspNet.Mvc.Razor;
|
||||||
using Microsoft.AspNet.Security;
|
|
||||||
using Microsoft.Framework.ConfigurationModel;
|
using Microsoft.Framework.ConfigurationModel;
|
||||||
using Microsoft.Framework.DependencyInjection;
|
using Microsoft.Framework.DependencyInjection;
|
||||||
using MvcSample.Web.Filters;
|
using MvcSample.Web.Filters;
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using Microsoft.AspNet.Http.Security;
|
using Microsoft.AspNet.Http.Authentication;
|
||||||
using Microsoft.Framework.Internal;
|
using Microsoft.Framework.Internal;
|
||||||
|
|
||||||
namespace Microsoft.AspNet.Mvc
|
namespace Microsoft.AspNet.Mvc
|
||||||
|
|
@ -14,13 +14,13 @@ namespace Microsoft.AspNet.Mvc
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
public ChallengeResult(string authenticationType)
|
public ChallengeResult(string authenticationScheme)
|
||||||
: this(new[] { authenticationType })
|
: this(new[] { authenticationScheme })
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
public ChallengeResult(IList<string> authenticationTypes)
|
public ChallengeResult(IList<string> authenticationSchemes)
|
||||||
: this(authenticationTypes, properties: null)
|
: this(authenticationSchemes, properties: null)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -29,25 +29,25 @@ namespace Microsoft.AspNet.Mvc
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
public ChallengeResult(string authenticationType, AuthenticationProperties properties)
|
public ChallengeResult(string authenticationScheme, AuthenticationProperties properties)
|
||||||
: this(new[] { authenticationType }, properties)
|
: this(new[] { authenticationScheme }, properties)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
public ChallengeResult(IList<string> authenticationTypes, AuthenticationProperties properties)
|
public ChallengeResult(IList<string> authenticationSchemes, AuthenticationProperties properties)
|
||||||
{
|
{
|
||||||
AuthenticationTypes = authenticationTypes;
|
AuthenticationSchemes = authenticationSchemes;
|
||||||
Properties = properties;
|
Properties = properties;
|
||||||
}
|
}
|
||||||
|
|
||||||
public IList<string> AuthenticationTypes { get; set; }
|
public IList<string> AuthenticationSchemes { get; set; }
|
||||||
|
|
||||||
public AuthenticationProperties Properties { get; set; }
|
public AuthenticationProperties Properties { get; set; }
|
||||||
|
|
||||||
public override void ExecuteResult([NotNull] ActionContext context)
|
public override void ExecuteResult([NotNull] ActionContext context)
|
||||||
{
|
{
|
||||||
var response = context.HttpContext.Response;
|
var response = context.HttpContext.Response;
|
||||||
response.Challenge(Properties, AuthenticationTypes);
|
response.Challenge(Properties, AuthenticationSchemes);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -5,10 +5,10 @@ using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Reflection;
|
using System.Reflection;
|
||||||
|
using Microsoft.AspNet.Authorization;
|
||||||
using Microsoft.AspNet.Mvc.Description;
|
using Microsoft.AspNet.Mvc.Description;
|
||||||
using Microsoft.AspNet.Mvc.ModelBinding;
|
using Microsoft.AspNet.Mvc.ModelBinding;
|
||||||
using Microsoft.AspNet.Mvc.Routing;
|
using Microsoft.AspNet.Mvc.Routing;
|
||||||
using Microsoft.AspNet.Security;
|
|
||||||
using Microsoft.Framework.Internal;
|
using Microsoft.Framework.Internal;
|
||||||
using Microsoft.Framework.OptionsModel;
|
using Microsoft.Framework.OptionsModel;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -5,10 +5,10 @@ using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Reflection;
|
using System.Reflection;
|
||||||
|
using Microsoft.AspNet.Authorization;
|
||||||
using Microsoft.AspNet.Mvc.Description;
|
using Microsoft.AspNet.Mvc.Description;
|
||||||
using Microsoft.AspNet.Mvc.Filters;
|
using Microsoft.AspNet.Mvc.Filters;
|
||||||
using Microsoft.AspNet.Mvc.Routing;
|
using Microsoft.AspNet.Mvc.Routing;
|
||||||
using Microsoft.AspNet.Security;
|
|
||||||
using Microsoft.Framework.Internal;
|
using Microsoft.Framework.Internal;
|
||||||
using Microsoft.Framework.Logging;
|
using Microsoft.Framework.Logging;
|
||||||
using Microsoft.Framework.OptionsModel;
|
using Microsoft.Framework.OptionsModel;
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,7 @@
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
using Microsoft.AspNet.Security;
|
using Microsoft.AspNet.Authorization;
|
||||||
using Microsoft.Framework.DependencyInjection;
|
using Microsoft.Framework.DependencyInjection;
|
||||||
using Microsoft.Framework.Internal;
|
using Microsoft.Framework.Internal;
|
||||||
|
|
||||||
|
|
@ -33,12 +33,17 @@ namespace Microsoft.AspNet.Mvc
|
||||||
public virtual async Task OnAuthorizationAsync([NotNull] AuthorizationContext context)
|
public virtual async Task OnAuthorizationAsync([NotNull] AuthorizationContext context)
|
||||||
{
|
{
|
||||||
// Build a ClaimsPrincipal with the Policy's required authentication types
|
// Build a ClaimsPrincipal with the Policy's required authentication types
|
||||||
if (Policy.ActiveAuthenticationTypes != null && Policy.ActiveAuthenticationTypes.Any())
|
if (Policy.ActiveAuthenticationSchemes != null && Policy.ActiveAuthenticationSchemes.Any())
|
||||||
{
|
{
|
||||||
var results = await context.HttpContext.AuthenticateAsync(Policy.ActiveAuthenticationTypes);
|
var results = await context.HttpContext.AuthenticateAsync(Policy.ActiveAuthenticationSchemes);
|
||||||
if (results != null)
|
if (results != null)
|
||||||
{
|
{
|
||||||
context.HttpContext.User = new ClaimsPrincipal(results.Where(r => r.Identity != null).Select(r => r.Identity));
|
var newPrincipal = new ClaimsPrincipal();
|
||||||
|
foreach (var principal in results.Where(r => r.Principal != null).Select(r => r.Principal))
|
||||||
|
{
|
||||||
|
newPrincipal.AddIdentities(principal.Identities);
|
||||||
|
}
|
||||||
|
context.HttpContext.User = newPrincipal;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -56,7 +61,7 @@ namespace Microsoft.AspNet.Mvc
|
||||||
!httpContext.User.Identities.Any(i => i.IsAuthenticated) ||
|
!httpContext.User.Identities.Any(i => i.IsAuthenticated) ||
|
||||||
!await authService.AuthorizeAsync(httpContext.User, context, Policy))
|
!await authService.AuthorizeAsync(httpContext.User, context, Policy))
|
||||||
{
|
{
|
||||||
context.Result = new ChallengeResult(Policy.ActiveAuthenticationTypes.ToArray());
|
context.Result = new ChallengeResult(Policy.ActiveAuthenticationSchemes.ToArray());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,8 @@
|
||||||
"warningsAsErrors": true
|
"warningsAsErrors": true
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
"Microsoft.AspNet.Authentication": "1.0.0-*",
|
||||||
|
"Microsoft.AspNet.Authorization": "1.0.0-*",
|
||||||
"Microsoft.AspNet.DataProtection": "1.0.0-*",
|
"Microsoft.AspNet.DataProtection": "1.0.0-*",
|
||||||
"Microsoft.AspNet.Diagnostics.Interfaces": "1.0.0-*",
|
"Microsoft.AspNet.Diagnostics.Interfaces": "1.0.0-*",
|
||||||
"Microsoft.AspNet.FileProviders": "1.0.0-*",
|
"Microsoft.AspNet.FileProviders": "1.0.0-*",
|
||||||
|
|
@ -13,7 +15,6 @@
|
||||||
"Microsoft.AspNet.Mvc.Common": { "version": "6.0.0-*", "type": "build" },
|
"Microsoft.AspNet.Mvc.Common": { "version": "6.0.0-*", "type": "build" },
|
||||||
"Microsoft.AspNet.Mvc.ModelBinding": "6.0.0-*",
|
"Microsoft.AspNet.Mvc.ModelBinding": "6.0.0-*",
|
||||||
"Microsoft.AspNet.Routing": "1.0.0-*",
|
"Microsoft.AspNet.Routing": "1.0.0-*",
|
||||||
"Microsoft.AspNet.Security": "1.0.0-*",
|
|
||||||
"Microsoft.Framework.CopyOnWriteDictionary.Internal": { "version": "1.0.0-*", "type": "build" },
|
"Microsoft.Framework.CopyOnWriteDictionary.Internal": { "version": "1.0.0-*", "type": "build" },
|
||||||
"Microsoft.Framework.NotNullAttribute.Internal": { "version": "1.0.0-*", "type": "build" },
|
"Microsoft.Framework.NotNullAttribute.Internal": { "version": "1.0.0-*", "type": "build" },
|
||||||
"Microsoft.Framework.PropertyActivator.Internal": { "version": "1.0.0-*", "type": "build" },
|
"Microsoft.Framework.PropertyActivator.Internal": { "version": "1.0.0-*", "type": "build" },
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,7 @@
|
||||||
"warningsAsErrors": true
|
"warningsAsErrors": true
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
"Microsoft.AspNet.Authorization": "1.0.0-*",
|
||||||
"Microsoft.AspNet.Mvc.Common": { "version": "6.0.0-*", "type": "build" },
|
"Microsoft.AspNet.Mvc.Common": { "version": "6.0.0-*", "type": "build" },
|
||||||
"Microsoft.AspNet.Mvc.Razor": "6.0.0-*",
|
"Microsoft.AspNet.Mvc.Razor": "6.0.0-*",
|
||||||
"Microsoft.Framework.Cache.Memory": "1.0.0-*",
|
"Microsoft.Framework.Cache.Memory": "1.0.0-*",
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,7 @@
|
||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Reflection;
|
using System.Reflection;
|
||||||
using Microsoft.AspNet.Security;
|
using Microsoft.AspNet.Authorization;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNet.Mvc.ApplicationModels
|
namespace Microsoft.AspNet.Mvc.ApplicationModels
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,7 @@
|
||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Reflection;
|
using System.Reflection;
|
||||||
using Microsoft.AspNet.Security;
|
using Microsoft.AspNet.Authorization;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNet.Mvc.ApplicationModels
|
namespace Microsoft.AspNet.Mvc.ApplicationModels
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,7 @@ using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Reflection;
|
using System.Reflection;
|
||||||
using Microsoft.AspNet.Security;
|
using Microsoft.AspNet.Authorization;
|
||||||
using Microsoft.Framework.Internal;
|
using Microsoft.Framework.Internal;
|
||||||
using Microsoft.Framework.OptionsModel;
|
using Microsoft.Framework.OptionsModel;
|
||||||
using Moq;
|
using Moq;
|
||||||
|
|
@ -329,8 +329,8 @@ namespace Microsoft.AspNet.Mvc.ApplicationModels
|
||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
var options = new AuthorizationOptions();
|
var options = new AuthorizationOptions();
|
||||||
options.AddPolicy("Base", policy => policy.RequiresClaim("Basic").RequiresClaim("Basic2"));
|
options.AddPolicy("Base", policy => policy.RequireClaim("Basic").RequireClaim("Basic2"));
|
||||||
options.AddPolicy("Derived", policy => policy.RequiresClaim("Derived"));
|
options.AddPolicy("Derived", policy => policy.RequireClaim("Derived"));
|
||||||
var builder = CreateTestDefaultActionModelBuilder(options);
|
var builder = CreateTestDefaultActionModelBuilder(options);
|
||||||
var typeInfo = typeof(DerivedController).GetTypeInfo();
|
var typeInfo = typeof(DerivedController).GetTypeInfo();
|
||||||
var actionName = nameof(DerivedController.Authorize);
|
var actionName = nameof(DerivedController.Authorize);
|
||||||
|
|
|
||||||
|
|
@ -5,8 +5,8 @@ using System;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Reflection;
|
using System.Reflection;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
using Microsoft.AspNet.Authorization;
|
||||||
using Microsoft.AspNet.Mvc.Filters;
|
using Microsoft.AspNet.Mvc.Filters;
|
||||||
using Microsoft.AspNet.Security;
|
|
||||||
using Microsoft.Framework.Internal;
|
using Microsoft.Framework.Internal;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -5,9 +5,9 @@ using System.Collections.Generic;
|
||||||
using System.ComponentModel.Design;
|
using System.ComponentModel.Design;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Reflection;
|
using System.Reflection;
|
||||||
|
using Microsoft.AspNet.Authorization;
|
||||||
using Microsoft.AspNet.Mvc.ApplicationModels;
|
using Microsoft.AspNet.Mvc.ApplicationModels;
|
||||||
using Microsoft.AspNet.Mvc.Core;
|
using Microsoft.AspNet.Mvc.Core;
|
||||||
using Microsoft.AspNet.Security;
|
|
||||||
using Microsoft.Framework.Logging;
|
using Microsoft.Framework.Logging;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -5,9 +5,9 @@ using System;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
using Microsoft.AspNet.Authorization;
|
||||||
using Microsoft.AspNet.Http;
|
using Microsoft.AspNet.Http;
|
||||||
using Microsoft.AspNet.Routing;
|
using Microsoft.AspNet.Routing;
|
||||||
using Microsoft.AspNet.Security;
|
|
||||||
using Microsoft.AspNet.WebUtilities;
|
using Microsoft.AspNet.WebUtilities;
|
||||||
using Microsoft.Framework.DependencyInjection;
|
using Microsoft.Framework.DependencyInjection;
|
||||||
using Microsoft.Framework.DependencyInjection.Fallback;
|
using Microsoft.Framework.DependencyInjection.Fallback;
|
||||||
|
|
@ -29,7 +29,7 @@ namespace Microsoft.AspNet.Mvc.Test
|
||||||
public async Task Invoke_ValidClaimShouldNotFail()
|
public async Task Invoke_ValidClaimShouldNotFail()
|
||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequiresClaim("Permission", "CanViewPage").Build());
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireClaim("Permission", "CanViewPage").Build());
|
||||||
var authorizationContext = GetAuthorizationContext(services => services.AddAuthorization());
|
var authorizationContext = GetAuthorizationContext(services => services.AddAuthorization());
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
|
|
@ -99,7 +99,7 @@ namespace Microsoft.AspNet.Mvc.Test
|
||||||
public async Task Invoke_SingleValidClaimShouldSucceed()
|
public async Task Invoke_SingleValidClaimShouldSucceed()
|
||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequiresClaim("Permission", "CanViewComment", "CanViewPage").Build());
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireClaim("Permission", "CanViewComment", "CanViewPage").Build());
|
||||||
var authorizationContext = GetAuthorizationContext(services =>
|
var authorizationContext = GetAuthorizationContext(services =>
|
||||||
{
|
{
|
||||||
services.AddAuthorization();
|
services.AddAuthorization();
|
||||||
|
|
@ -117,7 +117,7 @@ namespace Microsoft.AspNet.Mvc.Test
|
||||||
public async Task Invoke_RequireAdminRoleShouldFailWithNoHandlers()
|
public async Task Invoke_RequireAdminRoleShouldFailWithNoHandlers()
|
||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequiresRole("Administrator").Build());
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireRole("Administrator").Build());
|
||||||
var authorizationContext = GetAuthorizationContext(services =>
|
var authorizationContext = GetAuthorizationContext(services =>
|
||||||
{
|
{
|
||||||
services.AddOptions();
|
services.AddOptions();
|
||||||
|
|
@ -135,7 +135,7 @@ namespace Microsoft.AspNet.Mvc.Test
|
||||||
public async Task Invoke_RequireAdminAndUserRoleWithNoPolicyShouldSucceed()
|
public async Task Invoke_RequireAdminAndUserRoleWithNoPolicyShouldSucceed()
|
||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequiresRole("Administrator").Build());
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireRole("Administrator").Build());
|
||||||
var authorizationContext = GetAuthorizationContext(services =>
|
var authorizationContext = GetAuthorizationContext(services =>
|
||||||
{
|
{
|
||||||
services.AddAuthorization();
|
services.AddAuthorization();
|
||||||
|
|
@ -153,7 +153,7 @@ namespace Microsoft.AspNet.Mvc.Test
|
||||||
public async Task Invoke_RequireUnknownRoleShouldFail()
|
public async Task Invoke_RequireUnknownRoleShouldFail()
|
||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequiresRole("Wut").Build());
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder().RequireRole("Wut").Build());
|
||||||
var authorizationContext = GetAuthorizationContext(services =>
|
var authorizationContext = GetAuthorizationContext(services =>
|
||||||
{
|
{
|
||||||
services.AddAuthorization();
|
services.AddAuthorization();
|
||||||
|
|
@ -172,8 +172,8 @@ namespace Microsoft.AspNet.Mvc.Test
|
||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
|
||||||
.RequiresRole("Administrator")
|
.RequireRole("Administrator")
|
||||||
.RequiresClaim("Permission", "CanViewComment")
|
.RequireClaim("Permission", "CanViewComment")
|
||||||
.Build());
|
.Build());
|
||||||
var authorizationContext = GetAuthorizationContext(services =>
|
var authorizationContext = GetAuthorizationContext(services =>
|
||||||
{
|
{
|
||||||
|
|
@ -193,7 +193,7 @@ namespace Microsoft.AspNet.Mvc.Test
|
||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
|
||||||
.RequiresClaim("Permission", "CanViewComment")
|
.RequireClaim("Permission", "CanViewComment")
|
||||||
.Build());
|
.Build());
|
||||||
var authorizationContext = GetAuthorizationContext(services =>
|
var authorizationContext = GetAuthorizationContext(services =>
|
||||||
{
|
{
|
||||||
|
|
@ -223,7 +223,7 @@ namespace Microsoft.AspNet.Mvc.Test
|
||||||
});
|
});
|
||||||
|
|
||||||
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
|
||||||
.RequiresClaim("Permission", "CanViewComment")
|
.RequireClaim("Permission", "CanViewComment")
|
||||||
.Build());
|
.Build());
|
||||||
var authorizationContext = GetAuthorizationContext(services =>
|
var authorizationContext = GetAuthorizationContext(services =>
|
||||||
services.AddInstance(authorizationService.Object)
|
services.AddInstance(authorizationService.Object)
|
||||||
|
|
@ -243,7 +243,7 @@ namespace Microsoft.AspNet.Mvc.Test
|
||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder()
|
||||||
.RequiresClaim("Permission", "CanViewComment")
|
.RequireClaim("Permission", "CanViewComment")
|
||||||
.Build());
|
.Build());
|
||||||
var authorizationContext = GetAuthorizationContext(services =>
|
var authorizationContext = GetAuthorizationContext(services =>
|
||||||
{
|
{
|
||||||
|
|
@ -263,8 +263,8 @@ namespace Microsoft.AspNet.Mvc.Test
|
||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder("Basic", "Bearer")
|
var authorizeFilter = new AuthorizeFilter(new AuthorizationPolicyBuilder("Basic", "Bearer")
|
||||||
.RequiresClaim("Permission", "CanViewComment")
|
.RequireClaim("Permission", "CanViewComment")
|
||||||
.RequiresClaim("Permission", "CupBearer")
|
.RequireClaim("Permission", "CupBearer")
|
||||||
.Build());
|
.Build());
|
||||||
var authorizationContext = GetAuthorizationContext(services =>
|
var authorizationContext = GetAuthorizationContext(services =>
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -4,10 +4,10 @@
|
||||||
using System;
|
using System;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
using Microsoft.AspNet.Authentication;
|
||||||
|
using Microsoft.AspNet.Authorization;
|
||||||
using Microsoft.AspNet.Builder;
|
using Microsoft.AspNet.Builder;
|
||||||
using Microsoft.AspNet.Http.Security;
|
using Microsoft.AspNet.Http.Authentication;
|
||||||
using Microsoft.AspNet.Security;
|
|
||||||
using Microsoft.AspNet.Security.Infrastructure;
|
|
||||||
using Microsoft.Framework.OptionsModel;
|
using Microsoft.Framework.OptionsModel;
|
||||||
|
|
||||||
namespace FiltersWebSite
|
namespace FiltersWebSite
|
||||||
|
|
@ -18,9 +18,9 @@ namespace FiltersWebSite
|
||||||
RequestDelegate next,
|
RequestDelegate next,
|
||||||
IServiceProvider services,
|
IServiceProvider services,
|
||||||
IOptions<BasicOptions> options,
|
IOptions<BasicOptions> options,
|
||||||
string authType) :
|
string authScheme) :
|
||||||
base(next, services, options,
|
base(next, services, options,
|
||||||
new ConfigureOptions<BasicOptions>(o => o.AuthenticationType = authType) { Name = authType })
|
new ConfigureOptions<BasicOptions>(o => o.AuthenticationScheme = authScheme) { Name = authScheme })
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -4,10 +4,9 @@
|
||||||
using System;
|
using System;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
using Microsoft.AspNet.Authentication;
|
||||||
using Microsoft.AspNet.Builder;
|
using Microsoft.AspNet.Builder;
|
||||||
using Microsoft.AspNet.Http.Security;
|
using Microsoft.AspNet.Http.Authentication;
|
||||||
using Microsoft.AspNet.Security;
|
|
||||||
using Microsoft.AspNet.Security.Infrastructure;
|
|
||||||
using Microsoft.Framework.OptionsModel;
|
using Microsoft.Framework.OptionsModel;
|
||||||
|
|
||||||
namespace FiltersWebSite
|
namespace FiltersWebSite
|
||||||
|
|
@ -24,15 +23,16 @@ namespace FiltersWebSite
|
||||||
|
|
||||||
protected override AuthenticationTicket AuthenticateCore()
|
protected override AuthenticationTicket AuthenticateCore()
|
||||||
{
|
{
|
||||||
var id = new ClaimsIdentity(
|
var principal = new ClaimsPrincipal();
|
||||||
|
principal.AddIdentity(new ClaimsIdentity(
|
||||||
new Claim[] {
|
new Claim[] {
|
||||||
new Claim("Permission", "CanViewPage"),
|
new Claim("Permission", "CanViewPage"),
|
||||||
new Claim("Manager", "yes"),
|
new Claim("Manager", "yes"),
|
||||||
new Claim(ClaimTypes.Role, "Administrator"),
|
new Claim(ClaimTypes.Role, "Administrator"),
|
||||||
new Claim(ClaimTypes.NameIdentifier, "John")
|
new Claim(ClaimTypes.NameIdentifier, "John")
|
||||||
},
|
},
|
||||||
Options.AuthenticationType);
|
Options.AuthenticationScheme));
|
||||||
return new AuthenticationTicket(id, new AuthenticationProperties());
|
return new AuthenticationTicket(principal, new AuthenticationProperties(), Options.AuthenticationScheme);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -4,10 +4,9 @@
|
||||||
using System;
|
using System;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
using Microsoft.AspNet.Authentication;
|
||||||
using Microsoft.AspNet.Builder;
|
using Microsoft.AspNet.Builder;
|
||||||
using Microsoft.AspNet.Http.Security;
|
using Microsoft.AspNet.Http.Authentication;
|
||||||
using Microsoft.AspNet.Security;
|
|
||||||
using Microsoft.AspNet.Security.Infrastructure;
|
|
||||||
using Microsoft.Framework.OptionsModel;
|
using Microsoft.Framework.OptionsModel;
|
||||||
|
|
||||||
namespace FiltersWebSite
|
namespace FiltersWebSite
|
||||||
|
|
@ -16,7 +15,6 @@ namespace FiltersWebSite
|
||||||
{
|
{
|
||||||
public BasicOptions()
|
public BasicOptions()
|
||||||
{
|
{
|
||||||
AuthenticationMode = AuthenticationMode.Passive;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
using Microsoft.AspNet.Mvc;
|
using Microsoft.AspNet.Mvc;
|
||||||
using Microsoft.AspNet.Security;
|
using Microsoft.AspNet.Authorization;
|
||||||
|
|
||||||
namespace FiltersWebSite
|
namespace FiltersWebSite
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -3,14 +3,14 @@
|
||||||
|
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
using Microsoft.AspNet.Security;
|
using Microsoft.AspNet.Authorization;
|
||||||
using Microsoft.Framework.DependencyInjection;
|
using Microsoft.Framework.DependencyInjection;
|
||||||
|
|
||||||
namespace FiltersWebSite
|
namespace FiltersWebSite
|
||||||
{
|
{
|
||||||
public class ManagerHandler : AuthorizationHandler<OperationAuthorizationRequirement>
|
public class ManagerHandler : AuthorizationHandler<OperationAuthorizationRequirement>
|
||||||
{
|
{
|
||||||
public override void Handle(Microsoft.AspNet.Security.AuthorizationContext context, OperationAuthorizationRequirement requirement)
|
public override void Handle(AuthorizationContext context, OperationAuthorizationRequirement requirement)
|
||||||
{
|
{
|
||||||
if (context.User.HasClaim("Manager", "yes"))
|
if (context.User.HasClaim("Manager", "yes"))
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
|
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
using Microsoft.AspNet.Security;
|
using Microsoft.AspNet.Authorization;
|
||||||
|
|
||||||
namespace FiltersWebSite
|
namespace FiltersWebSite
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -3,9 +3,9 @@
|
||||||
|
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
using Microsoft.AspNet.Authorization;
|
||||||
using Microsoft.AspNet.Builder;
|
using Microsoft.AspNet.Builder;
|
||||||
using Microsoft.AspNet.Mvc;
|
using Microsoft.AspNet.Mvc;
|
||||||
using Microsoft.AspNet.Security;
|
|
||||||
using Microsoft.Framework.DependencyInjection;
|
using Microsoft.Framework.DependencyInjection;
|
||||||
|
|
||||||
namespace FiltersWebSite
|
namespace FiltersWebSite
|
||||||
|
|
@ -25,26 +25,26 @@ namespace FiltersWebSite
|
||||||
options.AddPolicy("Impossible", policy => { });
|
options.AddPolicy("Impossible", policy => { });
|
||||||
options.AddPolicy("Api", policy =>
|
options.AddPolicy("Api", policy =>
|
||||||
{
|
{
|
||||||
policy.ActiveAuthenticationTypes.Add("Api");
|
policy.ActiveAuthenticationSchemes.Add("Api");
|
||||||
policy.RequiresClaim(ClaimTypes.NameIdentifier);
|
policy.RequireClaim(ClaimTypes.NameIdentifier);
|
||||||
});
|
});
|
||||||
options.AddPolicy("Api-Manager", policy =>
|
options.AddPolicy("Api-Manager", policy =>
|
||||||
{
|
{
|
||||||
policy.ActiveAuthenticationTypes.Add("Api");
|
policy.ActiveAuthenticationSchemes.Add("Api");
|
||||||
policy.Requirements.Add(Operations.Edit);
|
policy.Requirements.Add(Operations.Edit);
|
||||||
});
|
});
|
||||||
options.AddPolicy("Interactive", policy =>
|
options.AddPolicy("Interactive", policy =>
|
||||||
{
|
{
|
||||||
policy.ActiveAuthenticationTypes.Add("Interactive");
|
policy.ActiveAuthenticationSchemes.Add("Interactive");
|
||||||
policy.RequiresClaim(ClaimTypes.NameIdentifier)
|
policy.RequireClaim(ClaimTypes.NameIdentifier)
|
||||||
.RequiresClaim("Permission", "CanViewPage");
|
.RequireClaim("Permission", "CanViewPage");
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
services.AddSingleton<RandomNumberFilter>();
|
services.AddSingleton<RandomNumberFilter>();
|
||||||
services.AddSingleton<RandomNumberService>();
|
services.AddSingleton<RandomNumberService>();
|
||||||
services.AddTransient<IAuthorizationHandler, ManagerHandler>();
|
services.AddTransient<IAuthorizationHandler, ManagerHandler>();
|
||||||
services.Configure<BasicOptions>(o => o.AuthenticationType = "Api", "Api");
|
services.Configure<BasicOptions>(o => o.AuthenticationScheme = "Api", "Api");
|
||||||
services.Configure<BasicOptions>(o => o.AuthenticationType = "Interactive", "Interactive");
|
services.Configure<BasicOptions>(o => o.AuthenticationScheme = "Interactive", "Interactive");
|
||||||
|
|
||||||
services.Configure<MvcOptions>(options =>
|
services.Configure<MvcOptions>(options =>
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue