diff --git a/samples/SelfHostServer/Startup.cs b/samples/SelfHostServer/Startup.cs index 81875a0af2..e85fff80f9 100644 --- a/samples/SelfHostServer/Startup.cs +++ b/samples/SelfHostServer/Startup.cs @@ -19,7 +19,8 @@ namespace SelfHostServer // Server options can be configured here instead of in Main. services.Configure(options => { - options.Listener.AuthenticationManager.AuthenticationSchemes = AuthenticationSchemes.AllowAnonymous; + options.Listener.AuthenticationManager.AuthenticationSchemes = AuthenticationSchemes.None; + options.Listener.AuthenticationManager.AllowAnonymous = true; }); } @@ -51,7 +52,8 @@ namespace SelfHostServer .UseStartup() .UseWebListener(options => { - options.Listener.AuthenticationManager.AuthenticationSchemes = AuthenticationSchemes.AllowAnonymous; + options.Listener.AuthenticationManager.AuthenticationSchemes = AuthenticationSchemes.None; + options.Listener.AuthenticationManager.AllowAnonymous = true; }) .Build(); diff --git a/src/Microsoft.Net.Http.Server/AuthenticationManager.cs b/src/Microsoft.Net.Http.Server/AuthenticationManager.cs index 32d7ee2e69..cad91f8c30 100644 --- a/src/Microsoft.Net.Http.Server/AuthenticationManager.cs +++ b/src/Microsoft.Net.Http.Server/AuthenticationManager.cs @@ -44,38 +44,29 @@ namespace Microsoft.Net.Http.Server private WebListener _server; private AuthenticationSchemes _authSchemes; + private bool _allowAnonymous = true; internal AuthenticationManager(WebListener listener) { _server = listener; - _authSchemes = AuthenticationSchemes.AllowAnonymous; } #region Properties public AuthenticationSchemes AuthenticationSchemes { - get - { - return _authSchemes; - } + get { return _authSchemes; } set { - if (_authSchemes == AuthenticationSchemes.None) - { - throw new ArgumentException("value", "'None' is not a valid authentication type. Use 'AllowAnonymous' instead."); - } _authSchemes = value; SetServerSecurity(); } } - internal bool AllowAnonymous + public bool AllowAnonymous { - get - { - return ((_authSchemes & AuthenticationSchemes.AllowAnonymous) == AuthenticationSchemes.AllowAnonymous); - } + get { return _allowAnonymous; } + set { _allowAnonymous = value; } } #endregion Properties @@ -86,7 +77,7 @@ namespace Microsoft.Net.Http.Server new UnsafeNclNativeMethods.HttpApi.HTTP_SERVER_AUTHENTICATION_INFO(); authInfo.Flags = UnsafeNclNativeMethods.HttpApi.HTTP_FLAGS.HTTP_PROPERTY_FLAG_PRESENT; - var authSchemes = (UnsafeNclNativeMethods.HttpApi.HTTP_AUTH_TYPES)(_authSchemes & ~AuthenticationSchemes.AllowAnonymous); + var authSchemes = (UnsafeNclNativeMethods.HttpApi.HTTP_AUTH_TYPES)_authSchemes; if (authSchemes != UnsafeNclNativeMethods.HttpApi.HTTP_AUTH_TYPES.NONE) { authInfo.AuthSchemes = authSchemes; diff --git a/src/Microsoft.Net.Http.Server/AuthenticationSchemes.cs b/src/Microsoft.Net.Http.Server/AuthenticationSchemes.cs index d8ee617c16..1f53175cbd 100644 --- a/src/Microsoft.Net.Http.Server/AuthenticationSchemes.cs +++ b/src/Microsoft.Net.Http.Server/AuthenticationSchemes.cs @@ -28,7 +28,6 @@ namespace Microsoft.Net.Http.Server // Digest = 0x2, // TODO: Verify this is no longer supported by Http.Sys NTLM = 0x4, Negotiate = 0x8, - Kerberos = 0x10, - AllowAnonymous = 0x1000 + Kerberos = 0x10 } } diff --git a/src/Microsoft.Net.Http.Server/RequestProcessing/Response.cs b/src/Microsoft.Net.Http.Server/RequestProcessing/Response.cs index 12d7a51bae..1203105e3f 100644 --- a/src/Microsoft.Net.Http.Server/RequestProcessing/Response.cs +++ b/src/Microsoft.Net.Http.Server/RequestProcessing/Response.cs @@ -82,7 +82,7 @@ namespace Microsoft.Net.Http.Server _expectedBodyLength = 0; _nativeStream = null; _cacheTtl = null; - _authChallenges = RequestContext.Server.AuthenticationManager.AuthenticationSchemes & ~AuthenticationSchemes.AllowAnonymous; + _authChallenges = RequestContext.Server.AuthenticationManager.AuthenticationSchemes; } private enum ResponseState diff --git a/test/Microsoft.AspNetCore.Server.WebListener.FunctionalTests/AuthenticationTests.cs b/test/Microsoft.AspNetCore.Server.WebListener.FunctionalTests/AuthenticationTests.cs index 7606cc1bc9..e96eb7040f 100644 --- a/test/Microsoft.AspNetCore.Server.WebListener.FunctionalTests/AuthenticationTests.cs +++ b/test/Microsoft.AspNetCore.Server.WebListener.FunctionalTests/AuthenticationTests.cs @@ -29,8 +29,11 @@ namespace Microsoft.AspNetCore.Server.WebListener { public class AuthenticationTests { + private static bool AllowAnoymous = true; + private static bool DenyAnoymous = false; + [Theory] - [InlineData(AuthenticationSchemes.AllowAnonymous)] + [InlineData(AuthenticationSchemes.None)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] @@ -39,7 +42,7 @@ namespace Microsoft.AspNetCore.Server.WebListener public async Task AuthTypes_AllowAnonymous_NoChallenge(AuthenticationSchemes authType) { string address; - using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -62,7 +65,7 @@ namespace Microsoft.AspNetCore.Server.WebListener public async Task AuthType_RequireAuth_ChallengesAdded(AuthenticationSchemes authType) { string address; - using (Utilities.CreateHttpAuthServer(authType, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authType, DenyAnoymous, out address, httpContext => { throw new NotImplementedException(); })) @@ -82,7 +85,7 @@ namespace Microsoft.AspNetCore.Server.WebListener public async Task AuthType_AllowAnonymousButSpecify401_ChallengesAdded(AuthenticationSchemes authType) { string address; - using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -106,8 +109,8 @@ namespace Microsoft.AspNetCore.Server.WebListener AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM /* | AuthenticationSchemes.Digest TODO: Not implemented */ - | AuthenticationSchemes.Basic - | AuthenticationSchemes.AllowAnonymous, + | AuthenticationSchemes.Basic, + true, out address, httpContext => { @@ -134,7 +137,7 @@ namespace Microsoft.AspNetCore.Server.WebListener { string address; int requestId = 0; - using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -169,7 +172,7 @@ namespace Microsoft.AspNetCore.Server.WebListener public async Task AuthTypes_RequireAuth_Success(AuthenticationSchemes authType) { string address; - using (Utilities.CreateHttpAuthServer(authType, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authType, DenyAnoymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -183,7 +186,7 @@ namespace Microsoft.AspNetCore.Server.WebListener } [Theory] - [InlineData(AuthenticationSchemes.AllowAnonymous)] + [InlineData(AuthenticationSchemes.None)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] @@ -191,10 +194,10 @@ namespace Microsoft.AspNetCore.Server.WebListener public async Task AuthTypes_GetSingleDescriptions(AuthenticationSchemes authType) { string address; - using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address, httpContext => { var resultList = httpContext.Authentication.GetAuthenticationSchemes(); - if (authType == AuthenticationSchemes.AllowAnonymous) + if (authType == AuthenticationSchemes.None) { Assert.Equal(0, resultList.Count()); } @@ -224,7 +227,7 @@ namespace Microsoft.AspNetCore.Server.WebListener | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; - using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address, httpContext => { var resultList = httpContext.Authentication.GetAuthenticationSchemes(); Assert.Equal(3, resultList.Count()); @@ -247,7 +250,7 @@ namespace Microsoft.AspNetCore.Server.WebListener { string address; var authTypeList = authType.ToString().Split(new char[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries); - using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, async httpContext => + using (Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address, async httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -275,7 +278,7 @@ namespace Microsoft.AspNetCore.Server.WebListener { string address; var authTypeList = authType.ToString().Split(new char[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries); - using (Utilities.CreateHttpAuthServer(authType, out address, async httpContext => + using (Utilities.CreateHttpAuthServer(authType, DenyAnoymous, out address, async httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -308,7 +311,7 @@ namespace Microsoft.AspNetCore.Server.WebListener { string address; var authTypeList = authType.ToString().Split(new char[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries); - using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -333,7 +336,7 @@ namespace Microsoft.AspNetCore.Server.WebListener { string address; var authTypeList = authType.ToString().Split(new char[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries); - using (Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address, async httpContext => + using (Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address, async httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -360,7 +363,7 @@ namespace Microsoft.AspNetCore.Server.WebListener { string address; var authTypes = AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; - using (Utilities.CreateHttpAuthServer(authTypes | AuthenticationSchemes.AllowAnonymous, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authTypes, AllowAnoymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -386,7 +389,7 @@ namespace Microsoft.AspNetCore.Server.WebListener var authTypes = AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; authTypes = authTypes & ~authType; var authTypeList = authType.ToString().Split(new char[] { ',', ' ' }, StringSplitOptions.RemoveEmptyEntries); - using (Utilities.CreateHttpAuthServer(authTypes | AuthenticationSchemes.AllowAnonymous, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authTypes, AllowAnoymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -408,8 +411,8 @@ namespace Microsoft.AspNetCore.Server.WebListener public async Task AuthTypes_Forbid_Forbidden(AuthenticationSchemes authType) { string address; - var authTypes = AuthenticationSchemes.AllowAnonymous | AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; - using (Utilities.CreateHttpAuthServer(authTypes, out address, httpContext => + var authTypes = AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /*AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic; + using (Utilities.CreateHttpAuthServer(authTypes, AllowAnoymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -431,7 +434,7 @@ namespace Microsoft.AspNetCore.Server.WebListener public async Task AuthTypes_ChallengeAuthenticatedAuthType_Forbidden(AuthenticationSchemes authType) { string address; - using (Utilities.CreateHttpAuthServer(authType, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authType, DenyAnoymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -454,7 +457,7 @@ namespace Microsoft.AspNetCore.Server.WebListener public async Task AuthTypes_ChallengeAuthenticatedAuthTypeWithEmptyChallenge_Forbidden(AuthenticationSchemes authType) { string address; - using (Utilities.CreateHttpAuthServer(authType, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authType, DenyAnoymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); @@ -477,7 +480,7 @@ namespace Microsoft.AspNetCore.Server.WebListener public async Task AuthTypes_UnathorizedAuthenticatedAuthType_Unauthorized(AuthenticationSchemes authType) { string address; - using (Utilities.CreateHttpAuthServer(authType, out address, httpContext => + using (Utilities.CreateHttpAuthServer(authType, DenyAnoymous, out address, httpContext => { Assert.NotNull(httpContext.User); Assert.NotNull(httpContext.User.Identity); diff --git a/test/Microsoft.AspNetCore.Server.WebListener.FunctionalTests/Utilities.cs b/test/Microsoft.AspNetCore.Server.WebListener.FunctionalTests/Utilities.cs index b78a3d8b15..35dbaa848b 100644 --- a/test/Microsoft.AspNetCore.Server.WebListener.FunctionalTests/Utilities.cs +++ b/test/Microsoft.AspNetCore.Server.WebListener.FunctionalTests/Utilities.cs @@ -38,22 +38,22 @@ namespace Microsoft.AspNetCore.Server.WebListener internal static IServer CreateHttpServer(out string baseAddress, RequestDelegate app) { string root; - return CreateDynamicHttpServer(string.Empty, AuthenticationSchemes.AllowAnonymous, out root, out baseAddress, app); + return CreateDynamicHttpServer(string.Empty, AuthenticationSchemes.None, true, out root, out baseAddress, app); } internal static IServer CreateHttpServerReturnRoot(string path, out string root, RequestDelegate app) { string baseAddress; - return CreateDynamicHttpServer(path, AuthenticationSchemes.AllowAnonymous, out root, out baseAddress, app); + return CreateDynamicHttpServer(path, AuthenticationSchemes.None, true, out root, out baseAddress, app); } - internal static IServer CreateHttpAuthServer(AuthenticationSchemes authType, out string baseAddress, RequestDelegate app) + internal static IServer CreateHttpAuthServer(AuthenticationSchemes authType, bool allowAnonymous, out string baseAddress, RequestDelegate app) { string root; - return CreateDynamicHttpServer(string.Empty, authType, out root, out baseAddress, app); + return CreateDynamicHttpServer(string.Empty, authType, allowAnonymous, out root, out baseAddress, app); } - internal static IServer CreateDynamicHttpServer(string basePath, AuthenticationSchemes authType, out string root, out string baseAddress, RequestDelegate app) + internal static IServer CreateDynamicHttpServer(string basePath, AuthenticationSchemes authType, bool allowAnonymous, out string root, out string baseAddress, RequestDelegate app) { lock (PortLock) { @@ -68,6 +68,7 @@ namespace Microsoft.AspNetCore.Server.WebListener var server = new MessagePump(Options.Create(new WebListenerOptions()), new LoggerFactory()); server.Features.Get().Addresses.Add(baseAddress); server.Listener.AuthenticationManager.AuthenticationSchemes = authType; + server.Listener.AuthenticationManager.AllowAnonymous = allowAnonymous; try { server.Start(new DummyApplication(app)); diff --git a/test/Microsoft.Net.Http.Server.FunctionalTests/AuthenticationTests.cs b/test/Microsoft.Net.Http.Server.FunctionalTests/AuthenticationTests.cs index 3ad4c842ae..8009331223 100644 --- a/test/Microsoft.Net.Http.Server.FunctionalTests/AuthenticationTests.cs +++ b/test/Microsoft.Net.Http.Server.FunctionalTests/AuthenticationTests.cs @@ -11,8 +11,11 @@ namespace Microsoft.Net.Http.Server { public class AuthenticationTests { + private static bool AllowAnoymous = true; + private static bool DenyAnoymous = false; + [Theory] - [InlineData(AuthenticationSchemes.AllowAnonymous)] + [InlineData(AuthenticationSchemes.None)] [InlineData(AuthenticationSchemes.Negotiate)] [InlineData(AuthenticationSchemes.NTLM)] // [InlineData(AuthenticationSchemes.Digest)] @@ -21,21 +24,14 @@ namespace Microsoft.Net.Http.Server public async Task AuthTypes_AllowAnonymous_NoChallenge(AuthenticationSchemes authType) { string address; - using (var server = Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address)) + using (var server = Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address)) { Task responseTask = SendRequestAsync(address); var context = await server.AcceptAsync(); Assert.NotNull(context.User); Assert.False(context.User.Identity.IsAuthenticated); - if (authType == AuthenticationSchemes.AllowAnonymous) - { - Assert.Equal(AuthenticationSchemes.None, context.Response.AuthenticationChallenges); - } - else - { - Assert.Equal(authType, context.Response.AuthenticationChallenges); - } + Assert.Equal(authType, context.Response.AuthenticationChallenges); context.Dispose(); var response = await responseTask; @@ -53,7 +49,7 @@ namespace Microsoft.Net.Http.Server public async Task AuthType_RequireAuth_ChallengesAdded(AuthenticationSchemes authType) { string address; - using (var server = Utilities.CreateHttpAuthServer(authType, out address)) + using (var server = Utilities.CreateHttpAuthServer(authType, DenyAnoymous, out address)) { Task responseTask = SendRequestAsync(address); @@ -73,7 +69,7 @@ namespace Microsoft.Net.Http.Server public async Task AuthType_AllowAnonymousButSpecify401_ChallengesAdded(AuthenticationSchemes authType) { string address; - using (var server = Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address)) + using (var server = Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address)) { Task responseTask = SendRequestAsync(address); @@ -100,7 +96,7 @@ namespace Microsoft.Net.Http.Server | AuthenticationSchemes.NTLM /* | AuthenticationSchemes.Digest TODO: Not implemented */ | AuthenticationSchemes.Basic; - using (var server = Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address)) + using (var server = Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address)) { Task responseTask = SendRequestAsync(address); @@ -126,7 +122,7 @@ namespace Microsoft.Net.Http.Server public async Task AuthTypes_AllowAnonymousButSpecify401_Success(AuthenticationSchemes authType) { string address; - using (var server = Utilities.CreateHttpAuthServer(authType | AuthenticationSchemes.AllowAnonymous, out address)) + using (var server = Utilities.CreateHttpAuthServer(authType, AllowAnoymous, out address)) { Task responseTask = SendRequestAsync(address, useDefaultCredentials: true); @@ -157,7 +153,7 @@ namespace Microsoft.Net.Http.Server public async Task AuthTypes_RequireAuth_Success(AuthenticationSchemes authType) { string address; - using (var server = Utilities.CreateHttpAuthServer(authType, out address)) + using (var server = Utilities.CreateHttpAuthServer(authType, DenyAnoymous, out address)) { Task responseTask = SendRequestAsync(address, useDefaultCredentials: true); @@ -177,7 +173,7 @@ namespace Microsoft.Net.Http.Server public async Task AuthTypes_RequireKerberosAuth_Success() { string address; - using (var server = Utilities.CreateHttpAuthServer(AuthenticationSchemes.Kerberos, out address)) + using (var server = Utilities.CreateHttpAuthServer(AuthenticationSchemes.Kerberos, DenyAnoymous, out address)) { Task responseTask = SendRequestAsync(address, useDefaultCredentials: true); @@ -197,7 +193,7 @@ namespace Microsoft.Net.Http.Server public async Task MultipleAuthTypes_KerberosAllowAnonymousButSpecify401_ChallengesAdded() { string address; - using (var server = Utilities.CreateHttpAuthServer(AuthenticationSchemes.Kerberos | AuthenticationSchemes.AllowAnonymous, out address)) + using (var server = Utilities.CreateHttpAuthServer(AuthenticationSchemes.Kerberos, AllowAnoymous, out address)) { Task responseTask = SendRequestAsync(address); diff --git a/test/Microsoft.Net.Http.Server.FunctionalTests/Utilities.cs b/test/Microsoft.Net.Http.Server.FunctionalTests/Utilities.cs index d9240c02bc..73dc5466b7 100644 --- a/test/Microsoft.Net.Http.Server.FunctionalTests/Utilities.cs +++ b/test/Microsoft.Net.Http.Server.FunctionalTests/Utilities.cs @@ -14,10 +14,11 @@ namespace Microsoft.Net.Http.Server private static int NextPort = BasePort; private static object PortLock = new object(); - internal static WebListener CreateHttpAuthServer(AuthenticationSchemes authScheme, out string baseAddress) + internal static WebListener CreateHttpAuthServer(AuthenticationSchemes authScheme, bool allowAnonymos, out string baseAddress) { var listener = CreateHttpServer(out baseAddress); listener.AuthenticationManager.AuthenticationSchemes = authScheme; + listener.AuthenticationManager.AllowAnonymous = allowAnonymos; return listener; }