huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Remote auth expiration fix (#893) 

Remote auth expiration fix, and move ISystemClock to the base AuthenticationProperties
This commit is contained in:
Derek 2016-07-19 17:18:42 -05:00 committed by Chris R
parent 4927ad6b74
commit 6cd46a5c10
10 changed files with 14 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Microsoft.AspNetCore.Authentication.Cookies/CookieAuthenticationOptions.cs
View File

@ -138,12 +138,6 @@ namespace Microsoft.AspNetCore.Builder
/// </summary>
public ISecureDataFormat<AuthenticationTicket> TicketDataFormat { get; set; }
/// <summary>
/// For testing purposes only.
/// </summary>
[EditorBrowsable(EditorBrowsableState.Never)]
public ISystemClock SystemClock { get; set; }
/// <summary>
/// The component used to get cookies from the request or set them on the response.
///

6
src/Microsoft.AspNetCore.Authentication.JwtBearer/JwtBearerOptions.cs
View File

@ -95,12 +95,6 @@ namespace Microsoft.AspNetCore.Builder
/// </summary>
public bool RefreshOnIssuerKeyNotFound { get; set; } = true;
/// <summary>
/// For testing purposes only.
/// </summary>
[EditorBrowsable(EditorBrowsableState.Never)]
public ISystemClock SystemClock { get; set; } = new SystemClock();
/// <summary>
/// Gets the ordered list of <see cref="ISecurityTokenValidator"/> used to validate access tokens.
/// </summary>

5
src/Microsoft.AspNetCore.Authentication.OAuth/OAuthHandler.cs
View File

@ -175,10 +175,7 @@ namespace Microsoft.AspNetCore.Authentication.OAuth
throw new ArgumentNullException(nameof(context));
}
var properties = new AuthenticationProperties(context.Properties)
{
ExpiresUtc = Options.SystemClock.UtcNow.Add(Options.RemoteAuthenticationTimeout)
};
var properties = new AuthenticationProperties(context.Properties);
if (string.IsNullOrEmpty(properties.RedirectUri))
{

6
src/Microsoft.AspNetCore.Authentication.OAuth/OAuthOptions.cs
View File

@ -64,11 +64,5 @@ namespace Microsoft.AspNetCore.Builder
/// Gets or sets the type used to secure data handled by the middleware.
/// </summary>
public ISecureDataFormat<AuthenticationProperties> StateDataFormat { get; set; }
/// <summary>
/// For testing purposes only.
/// </summary>
[EditorBrowsable(EditorBrowsableState.Never)]
public ISystemClock SystemClock { get; set; } = new SystemClock();
}
}

5
src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
View File

@ -259,10 +259,7 @@ namespace Microsoft.AspNetCore.Authentication.OpenIdConnect
// order for local RedirectUri
// 1. challenge.Properties.RedirectUri
// 2. CurrentUri if RedirectUri is not set)
var properties = new AuthenticationProperties(context.Properties)
{
ExpiresUtc = Options.SystemClock.UtcNow.Add(Options.RemoteAuthenticationTimeout)
};
var properties = new AuthenticationProperties(context.Properties);
if (string.IsNullOrEmpty(properties.RedirectUri))
{

6
src/Microsoft.AspNetCore.Authentication.OpenIdConnect/OpenIdConnectOptions.cs
View File

@ -202,11 +202,5 @@ namespace Microsoft.AspNetCore.Builder
/// This is disabled by default.
/// </summary>
public bool SkipUnrecognizedRequests { get; set; } = false;
/// <summary>
/// For testing purposes only.
/// </summary>
[EditorBrowsable(EditorBrowsableState.Never)]
public ISystemClock SystemClock { get; set; } = new SystemClock();
}
}

8
src/Microsoft.AspNetCore.Authentication.Twitter/TwitterHandler.cs
View File

@ -131,10 +131,7 @@ namespace Microsoft.AspNetCore.Authentication.Twitter
throw new ArgumentNullException(nameof(context));
}
var properties = new AuthenticationProperties(context.Properties)
{
ExpiresUtc = Options.SystemClock.UtcNow.Add(Options.RemoteAuthenticationTimeout)
};
var properties = new AuthenticationProperties(context.Properties);
if (string.IsNullOrEmpty(properties.RedirectUri))
{
@ -148,7 +145,8 @@ namespace Microsoft.AspNetCore.Authentication.Twitter
var cookieOptions = new CookieOptions
{
HttpOnly = true,
Secure = Request.IsHttps
Secure = Request.IsHttps,
Expires = Options.SystemClock.UtcNow.Add(Options.RemoteAuthenticationTimeout),
};
Response.Cookies.Append(StateCookie, Options.StateDataFormat.Protect(requestToken), cookieOptions);

6
src/Microsoft.AspNetCore.Authentication.Twitter/TwitterOptions.cs
View File

@ -59,11 +59,5 @@ namespace Microsoft.AspNetCore.Builder
get { return (ITwitterEvents)base.Events; }
set { base.Events = value; }
}
/// <summary>
/// For testing purposes only.
/// </summary>
[EditorBrowsable(EditorBrowsableState.Never)]
public ISystemClock SystemClock { get; set; } = new SystemClock();
}
}

8
src/Microsoft.AspNetCore.Authentication/AuthenticationOptions.cs
View File

@ -1,7 +1,9 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http.Authentication;
using System.ComponentModel;
namespace Microsoft.AspNetCore.Builder
{
@ -47,5 +49,11 @@ namespace Microsoft.AspNetCore.Builder
/// Additional information about the authentication type which is made available to the application.
/// </summary>
public AuthenticationDescription Description { get; set; } = new AuthenticationDescription();
/// <summary>
/// For testing purposes only.
/// </summary>
[EditorBrowsable(EditorBrowsableState.Never)]
public ISystemClock SystemClock { get; set; } = new SystemClock();
}
}

2
src/Microsoft.AspNetCore.Authentication/RemoteAuthenticationHandler.cs
View File

@ -149,7 +149,7 @@ namespace Microsoft.AspNetCore.Authentication
{
HttpOnly = true,
Secure = Request.IsHttps,
Expires = properties.ExpiresUtc
Expires = Options.SystemClock.UtcNow.Add(Options.RemoteAuthenticationTimeout),
};
properties.Items[CorrelationProperty] = correlationId;