Merge branch 'rel/2.0.0' into dev

build/dependencies.props

@@ -2,8 +2,8 @@
   <PropertyGroup>
     <AspNetCoreVersion>2.0.0-*</AspNetCoreVersion>
     <CoreFxVersion>4.4.0-*</CoreFxVersion>
-    <IdentityModelActiveDirectoryVersion>3.13.9</IdentityModelActiveDirectoryVersion>
+    <IdentityModelActiveDirectoryVersion>3.14.1</IdentityModelActiveDirectoryVersion>
-    <IdentityModelOpenIdVersion>2.1.3</IdentityModelOpenIdVersion>
+    <IdentityModelOpenIdVersion>2.1.4</IdentityModelOpenIdVersion>
     <InternalAspNetCoreSdkVersion>2.0.1-*</InternalAspNetCoreSdkVersion>
     <JsonNetVersion>10.0.1</JsonNetVersion>
     <NETStandardImplicitPackageVersion>2.0.0-*</NETStandardImplicitPackageVersion>

samples/OpenIdConnect.AzureAdSample/Startup.cs

@@ -45,8 +45,7 @@ namespace OpenIdConnect.AzureAdSample
         {
             services.AddAuthentication(sharedOptions =>
             {
-                sharedOptions.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
+                sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
-                sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
                 sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
             })
                 .AddCookie()

samples/OpenIdConnectSample/Startup.cs

@@ -147,7 +147,7 @@ namespace OpenIdConnectSample
                 // Authenticated, but not authorized
                 if (context.Request.Path.Equals("/restricted") && !user.Identities.Any(identity => identity.HasClaim("special", "true")))
                 {
-                    await context.ChallengeAsync();
+                    await context.ForbidAsync();
                     return;
                 }