Cleanup cookies (moar var)
This commit is contained in:
parent
5cf0564484
commit
6e7ec9b2fb
|
|
@ -8,7 +8,6 @@ using System.Security.Claims;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
using Microsoft.AspNet.Http;
|
using Microsoft.AspNet.Http;
|
||||||
using Microsoft.AspNet.Http.Authentication;
|
using Microsoft.AspNet.Http.Authentication;
|
||||||
using Microsoft.Framework.Internal;
|
|
||||||
using Microsoft.Framework.Logging;
|
using Microsoft.Framework.Logging;
|
||||||
|
|
||||||
namespace Microsoft.AspNet.Authentication.Cookies
|
namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
|
|
@ -37,7 +36,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
AuthenticationTicket ticket = null;
|
AuthenticationTicket ticket = null;
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
string cookie = Options.CookieManager.GetRequestCookie(Context, Options.CookieName);
|
var cookie = Options.CookieManager.GetRequestCookie(Context, Options.CookieName);
|
||||||
if (string.IsNullOrWhiteSpace(cookie))
|
if (string.IsNullOrWhiteSpace(cookie))
|
||||||
{
|
{
|
||||||
return null;
|
return null;
|
||||||
|
|
@ -53,7 +52,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
|
|
||||||
if (Options.SessionStore != null)
|
if (Options.SessionStore != null)
|
||||||
{
|
{
|
||||||
Claim claim = ticket.Principal.Claims.FirstOrDefault(c => c.Type.Equals(SessionIdClaim));
|
var claim = ticket.Principal.Claims.FirstOrDefault(c => c.Type.Equals(SessionIdClaim));
|
||||||
if (claim == null)
|
if (claim == null)
|
||||||
{
|
{
|
||||||
Logger.LogWarning(@"SessionId missing");
|
Logger.LogWarning(@"SessionId missing");
|
||||||
|
|
@ -68,9 +67,9 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
DateTimeOffset currentUtc = Options.SystemClock.UtcNow;
|
var currentUtc = Options.SystemClock.UtcNow;
|
||||||
DateTimeOffset? issuedUtc = ticket.Properties.IssuedUtc;
|
var issuedUtc = ticket.Properties.IssuedUtc;
|
||||||
DateTimeOffset? expiresUtc = ticket.Properties.ExpiresUtc;
|
var expiresUtc = ticket.Properties.ExpiresUtc;
|
||||||
|
|
||||||
if (expiresUtc != null && expiresUtc.Value < currentUtc)
|
if (expiresUtc != null && expiresUtc.Value < currentUtc)
|
||||||
{
|
{
|
||||||
|
|
@ -81,17 +80,17 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool allowRefresh = ticket.Properties.AllowRefresh ?? true;
|
var allowRefresh = ticket.Properties.AllowRefresh ?? true;
|
||||||
if (issuedUtc != null && expiresUtc != null && Options.SlidingExpiration && allowRefresh)
|
if (issuedUtc != null && expiresUtc != null && Options.SlidingExpiration && allowRefresh)
|
||||||
{
|
{
|
||||||
TimeSpan timeElapsed = currentUtc.Subtract(issuedUtc.Value);
|
var timeElapsed = currentUtc.Subtract(issuedUtc.Value);
|
||||||
TimeSpan timeRemaining = expiresUtc.Value.Subtract(currentUtc);
|
var timeRemaining = expiresUtc.Value.Subtract(currentUtc);
|
||||||
|
|
||||||
if (timeRemaining < timeElapsed)
|
if (timeRemaining < timeElapsed)
|
||||||
{
|
{
|
||||||
_shouldRenew = true;
|
_shouldRenew = true;
|
||||||
_renewIssuedUtc = currentUtc;
|
_renewIssuedUtc = currentUtc;
|
||||||
TimeSpan timeSpan = expiresUtc.Value.Subtract(issuedUtc.Value);
|
var timeSpan = expiresUtc.Value.Subtract(issuedUtc.Value);
|
||||||
_renewExpiresUtc = currentUtc.Add(timeSpan);
|
_renewExpiresUtc = currentUtc.Add(timeSpan);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -104,7 +103,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
}
|
}
|
||||||
catch (Exception exception)
|
catch (Exception exception)
|
||||||
{
|
{
|
||||||
CookieExceptionContext exceptionContext = new CookieExceptionContext(Context, Options,
|
var exceptionContext = new CookieExceptionContext(Context, Options,
|
||||||
CookieExceptionContext.ExceptionLocation.Authenticate, exception, ticket);
|
CookieExceptionContext.ExceptionLocation.Authenticate, exception, ticket);
|
||||||
Options.Notifications.Exception(exceptionContext);
|
Options.Notifications.Exception(exceptionContext);
|
||||||
if (exceptionContext.Rethrow)
|
if (exceptionContext.Rethrow)
|
||||||
|
|
@ -123,16 +122,16 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
protected override async Task ApplyResponseGrantAsync()
|
protected override async Task ApplyResponseGrantAsync()
|
||||||
{
|
{
|
||||||
var signin = SignInContext;
|
var signin = SignInContext;
|
||||||
bool shouldSignin = signin != null;
|
var shouldSignin = signin != null;
|
||||||
var signout = SignOutContext;
|
var signout = SignOutContext;
|
||||||
bool shouldSignout = signout != null;
|
var shouldSignout = signout != null;
|
||||||
|
|
||||||
if (!(shouldSignin || shouldSignout || _shouldRenew))
|
if (!(shouldSignin || shouldSignout || _shouldRenew))
|
||||||
{
|
{
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
AuthenticationTicket model = await AuthenticateAsync();
|
var model = await AuthenticateAsync();
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
var cookieOptions = new CookieOptions
|
var cookieOptions = new CookieOptions
|
||||||
|
|
@ -180,7 +179,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
|
|
||||||
if (signInContext.Properties.IsPersistent)
|
if (signInContext.Properties.IsPersistent)
|
||||||
{
|
{
|
||||||
DateTimeOffset expiresUtc = signInContext.Properties.ExpiresUtc ?? issuedUtc.Add(Options.ExpireTimeSpan);
|
var expiresUtc = signInContext.Properties.ExpiresUtc ?? issuedUtc.Add(Options.ExpireTimeSpan);
|
||||||
signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime().DateTime;
|
signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime().DateTime;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -198,7 +197,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
Options.AuthenticationScheme));
|
Options.AuthenticationScheme));
|
||||||
model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
|
model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
|
||||||
}
|
}
|
||||||
string cookieValue = Options.TicketDataFormat.Protect(model);
|
var cookieValue = Options.TicketDataFormat.Protect(model);
|
||||||
|
|
||||||
Options.CookieManager.AppendResponseCookie(
|
Options.CookieManager.AppendResponseCookie(
|
||||||
Context,
|
Context,
|
||||||
|
|
@ -249,7 +248,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
|
model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
|
||||||
}
|
}
|
||||||
|
|
||||||
string cookieValue = Options.TicketDataFormat.Protect(model);
|
var cookieValue = Options.TicketDataFormat.Protect(model);
|
||||||
|
|
||||||
if (model.Properties.IsPersistent)
|
if (model.Properties.IsPersistent)
|
||||||
{
|
{
|
||||||
|
|
@ -275,13 +274,13 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
HeaderNameExpires,
|
HeaderNameExpires,
|
||||||
HeaderValueMinusOne);
|
HeaderValueMinusOne);
|
||||||
|
|
||||||
bool shouldLoginRedirect = shouldSignin && Options.LoginPath.HasValue && Request.Path == Options.LoginPath;
|
var shouldLoginRedirect = shouldSignin && Options.LoginPath.HasValue && Request.Path == Options.LoginPath;
|
||||||
bool shouldLogoutRedirect = shouldSignout && Options.LogoutPath.HasValue && Request.Path == Options.LogoutPath;
|
var shouldLogoutRedirect = shouldSignout && Options.LogoutPath.HasValue && Request.Path == Options.LogoutPath;
|
||||||
|
|
||||||
if ((shouldLoginRedirect || shouldLogoutRedirect) && Response.StatusCode == 200)
|
if ((shouldLoginRedirect || shouldLogoutRedirect) && Response.StatusCode == 200)
|
||||||
{
|
{
|
||||||
IReadableStringCollection query = Request.Query;
|
var query = Request.Query;
|
||||||
string redirectUri = query.Get(Options.ReturnUrlParameter);
|
var redirectUri = query.Get(Options.ReturnUrlParameter);
|
||||||
if (!string.IsNullOrWhiteSpace(redirectUri)
|
if (!string.IsNullOrWhiteSpace(redirectUri)
|
||||||
&& IsHostRelative(redirectUri))
|
&& IsHostRelative(redirectUri))
|
||||||
{
|
{
|
||||||
|
|
@ -292,7 +291,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
}
|
}
|
||||||
catch (Exception exception)
|
catch (Exception exception)
|
||||||
{
|
{
|
||||||
CookieExceptionContext exceptionContext = new CookieExceptionContext(Context, Options,
|
var exceptionContext = new CookieExceptionContext(Context, Options,
|
||||||
CookieExceptionContext.ExceptionLocation.ApplyResponseGrant, exception, model);
|
CookieExceptionContext.ExceptionLocation.ApplyResponseGrant, exception, model);
|
||||||
Options.Notifications.Exception(exceptionContext);
|
Options.Notifications.Exception(exceptionContext);
|
||||||
if (exceptionContext.Rethrow)
|
if (exceptionContext.Rethrow)
|
||||||
|
|
@ -363,7 +362,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
string loginUri = string.Empty;
|
var loginUri = string.Empty;
|
||||||
if (ChallengeContext != null)
|
if (ChallengeContext != null)
|
||||||
{
|
{
|
||||||
loginUri = new AuthenticationProperties(ChallengeContext.Properties).RedirectUri;
|
loginUri = new AuthenticationProperties(ChallengeContext.Properties).RedirectUri;
|
||||||
|
|
@ -373,7 +372,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
{
|
{
|
||||||
if (string.IsNullOrWhiteSpace(loginUri))
|
if (string.IsNullOrWhiteSpace(loginUri))
|
||||||
{
|
{
|
||||||
string currentUri =
|
var currentUri =
|
||||||
Request.PathBase +
|
Request.PathBase +
|
||||||
Request.Path +
|
Request.Path +
|
||||||
Request.QueryString;
|
Request.QueryString;
|
||||||
|
|
@ -392,7 +391,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
}
|
}
|
||||||
catch (Exception exception)
|
catch (Exception exception)
|
||||||
{
|
{
|
||||||
CookieExceptionContext exceptionContext = new CookieExceptionContext(Context, Options,
|
var exceptionContext = new CookieExceptionContext(Context, Options,
|
||||||
CookieExceptionContext.ExceptionLocation.ApplyResponseChallenge, exception, ticket: null);
|
CookieExceptionContext.ExceptionLocation.ApplyResponseChallenge, exception, ticket: null);
|
||||||
Options.Notifications.Exception(exceptionContext);
|
Options.Notifications.Exception(exceptionContext);
|
||||||
if (exceptionContext.Rethrow)
|
if (exceptionContext.Rethrow)
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,6 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
|
||||||
using System.Diagnostics.CodeAnalysis;
|
using System.Diagnostics.CodeAnalysis;
|
||||||
using Microsoft.AspNet.Http;
|
using Microsoft.AspNet.Http;
|
||||||
using Microsoft.AspNet.Authentication.Notifications;
|
using Microsoft.AspNet.Authentication.Notifications;
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,6 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
|
||||||
using System;
|
using System;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
|
||||||
|
|
@ -112,4 +111,4 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
OnException.Invoke(context);
|
OnException.Invoke(context);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -1,7 +1,6 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using Microsoft.AspNet.Http;
|
using Microsoft.AspNet.Http;
|
||||||
using Microsoft.AspNet.Http.Authentication;
|
using Microsoft.AspNet.Http.Authentication;
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,6 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
|
||||||
using Microsoft.AspNet.Http;
|
using Microsoft.AspNet.Http;
|
||||||
using Microsoft.AspNet.Authentication.Notifications;
|
using Microsoft.AspNet.Authentication.Notifications;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
{
|
{
|
||||||
if (IsAjaxRequest(context.Request))
|
if (IsAjaxRequest(context.Request))
|
||||||
{
|
{
|
||||||
string jsonResponse = JsonConvert.SerializeObject(new
|
var jsonResponse = JsonConvert.SerializeObject(new
|
||||||
{
|
{
|
||||||
status = context.Response.StatusCode,
|
status = context.Response.StatusCode,
|
||||||
headers = new
|
headers = new
|
||||||
|
|
@ -34,7 +34,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
|
|
||||||
private static bool IsAjaxRequest(HttpRequest request)
|
private static bool IsAjaxRequest(HttpRequest request)
|
||||||
{
|
{
|
||||||
IReadableStringCollection query = request.Query;
|
var query = request.Query;
|
||||||
if (query != null)
|
if (query != null)
|
||||||
{
|
{
|
||||||
if (query["X-Requested-With"] == "XMLHttpRequest")
|
if (query["X-Requested-With"] == "XMLHttpRequest")
|
||||||
|
|
@ -43,7 +43,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
IHeaderDictionary headers = request.Headers;
|
var headers = request.Headers;
|
||||||
if (headers != null)
|
if (headers != null)
|
||||||
{
|
{
|
||||||
if (headers["X-Requested-With"] == "XMLHttpRequest")
|
if (headers["X-Requested-With"] == "XMLHttpRequest")
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue