Cleanup cookies (moar var)

This commit is contained in:
Hao Kung 2015-05-01 17:00:06 -07:00
parent 5cf0564484
commit 6e7ec9b2fb
6 changed files with 28 additions and 33 deletions

View File

@ -8,7 +8,6 @@ using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Authentication; using Microsoft.AspNet.Http.Authentication;
using Microsoft.Framework.Internal;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
namespace Microsoft.AspNet.Authentication.Cookies namespace Microsoft.AspNet.Authentication.Cookies
@ -37,7 +36,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
AuthenticationTicket ticket = null; AuthenticationTicket ticket = null;
try try
{ {
string cookie = Options.CookieManager.GetRequestCookie(Context, Options.CookieName); var cookie = Options.CookieManager.GetRequestCookie(Context, Options.CookieName);
if (string.IsNullOrWhiteSpace(cookie)) if (string.IsNullOrWhiteSpace(cookie))
{ {
return null; return null;
@ -53,7 +52,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
if (Options.SessionStore != null) if (Options.SessionStore != null)
{ {
Claim claim = ticket.Principal.Claims.FirstOrDefault(c => c.Type.Equals(SessionIdClaim)); var claim = ticket.Principal.Claims.FirstOrDefault(c => c.Type.Equals(SessionIdClaim));
if (claim == null) if (claim == null)
{ {
Logger.LogWarning(@"SessionId missing"); Logger.LogWarning(@"SessionId missing");
@ -68,9 +67,9 @@ namespace Microsoft.AspNet.Authentication.Cookies
} }
} }
DateTimeOffset currentUtc = Options.SystemClock.UtcNow; var currentUtc = Options.SystemClock.UtcNow;
DateTimeOffset? issuedUtc = ticket.Properties.IssuedUtc; var issuedUtc = ticket.Properties.IssuedUtc;
DateTimeOffset? expiresUtc = ticket.Properties.ExpiresUtc; var expiresUtc = ticket.Properties.ExpiresUtc;
if (expiresUtc != null && expiresUtc.Value < currentUtc) if (expiresUtc != null && expiresUtc.Value < currentUtc)
{ {
@ -81,17 +80,17 @@ namespace Microsoft.AspNet.Authentication.Cookies
return null; return null;
} }
bool allowRefresh = ticket.Properties.AllowRefresh ?? true; var allowRefresh = ticket.Properties.AllowRefresh ?? true;
if (issuedUtc != null && expiresUtc != null && Options.SlidingExpiration && allowRefresh) if (issuedUtc != null && expiresUtc != null && Options.SlidingExpiration && allowRefresh)
{ {
TimeSpan timeElapsed = currentUtc.Subtract(issuedUtc.Value); var timeElapsed = currentUtc.Subtract(issuedUtc.Value);
TimeSpan timeRemaining = expiresUtc.Value.Subtract(currentUtc); var timeRemaining = expiresUtc.Value.Subtract(currentUtc);
if (timeRemaining < timeElapsed) if (timeRemaining < timeElapsed)
{ {
_shouldRenew = true; _shouldRenew = true;
_renewIssuedUtc = currentUtc; _renewIssuedUtc = currentUtc;
TimeSpan timeSpan = expiresUtc.Value.Subtract(issuedUtc.Value); var timeSpan = expiresUtc.Value.Subtract(issuedUtc.Value);
_renewExpiresUtc = currentUtc.Add(timeSpan); _renewExpiresUtc = currentUtc.Add(timeSpan);
} }
} }
@ -104,7 +103,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
} }
catch (Exception exception) catch (Exception exception)
{ {
CookieExceptionContext exceptionContext = new CookieExceptionContext(Context, Options, var exceptionContext = new CookieExceptionContext(Context, Options,
CookieExceptionContext.ExceptionLocation.Authenticate, exception, ticket); CookieExceptionContext.ExceptionLocation.Authenticate, exception, ticket);
Options.Notifications.Exception(exceptionContext); Options.Notifications.Exception(exceptionContext);
if (exceptionContext.Rethrow) if (exceptionContext.Rethrow)
@ -123,16 +122,16 @@ namespace Microsoft.AspNet.Authentication.Cookies
protected override async Task ApplyResponseGrantAsync() protected override async Task ApplyResponseGrantAsync()
{ {
var signin = SignInContext; var signin = SignInContext;
bool shouldSignin = signin != null; var shouldSignin = signin != null;
var signout = SignOutContext; var signout = SignOutContext;
bool shouldSignout = signout != null; var shouldSignout = signout != null;
if (!(shouldSignin || shouldSignout || _shouldRenew)) if (!(shouldSignin || shouldSignout || _shouldRenew))
{ {
return; return;
} }
AuthenticationTicket model = await AuthenticateAsync(); var model = await AuthenticateAsync();
try try
{ {
var cookieOptions = new CookieOptions var cookieOptions = new CookieOptions
@ -180,7 +179,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
if (signInContext.Properties.IsPersistent) if (signInContext.Properties.IsPersistent)
{ {
DateTimeOffset expiresUtc = signInContext.Properties.ExpiresUtc ?? issuedUtc.Add(Options.ExpireTimeSpan); var expiresUtc = signInContext.Properties.ExpiresUtc ?? issuedUtc.Add(Options.ExpireTimeSpan);
signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime().DateTime; signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime().DateTime;
} }
@ -198,7 +197,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
Options.AuthenticationScheme)); Options.AuthenticationScheme));
model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme); model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
} }
string cookieValue = Options.TicketDataFormat.Protect(model); var cookieValue = Options.TicketDataFormat.Protect(model);
Options.CookieManager.AppendResponseCookie( Options.CookieManager.AppendResponseCookie(
Context, Context,
@ -249,7 +248,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme); model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
} }
string cookieValue = Options.TicketDataFormat.Protect(model); var cookieValue = Options.TicketDataFormat.Protect(model);
if (model.Properties.IsPersistent) if (model.Properties.IsPersistent)
{ {
@ -275,13 +274,13 @@ namespace Microsoft.AspNet.Authentication.Cookies
HeaderNameExpires, HeaderNameExpires,
HeaderValueMinusOne); HeaderValueMinusOne);
bool shouldLoginRedirect = shouldSignin && Options.LoginPath.HasValue && Request.Path == Options.LoginPath; var shouldLoginRedirect = shouldSignin && Options.LoginPath.HasValue && Request.Path == Options.LoginPath;
bool shouldLogoutRedirect = shouldSignout && Options.LogoutPath.HasValue && Request.Path == Options.LogoutPath; var shouldLogoutRedirect = shouldSignout && Options.LogoutPath.HasValue && Request.Path == Options.LogoutPath;
if ((shouldLoginRedirect || shouldLogoutRedirect) && Response.StatusCode == 200) if ((shouldLoginRedirect || shouldLogoutRedirect) && Response.StatusCode == 200)
{ {
IReadableStringCollection query = Request.Query; var query = Request.Query;
string redirectUri = query.Get(Options.ReturnUrlParameter); var redirectUri = query.Get(Options.ReturnUrlParameter);
if (!string.IsNullOrWhiteSpace(redirectUri) if (!string.IsNullOrWhiteSpace(redirectUri)
&& IsHostRelative(redirectUri)) && IsHostRelative(redirectUri))
{ {
@ -292,7 +291,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
} }
catch (Exception exception) catch (Exception exception)
{ {
CookieExceptionContext exceptionContext = new CookieExceptionContext(Context, Options, var exceptionContext = new CookieExceptionContext(Context, Options,
CookieExceptionContext.ExceptionLocation.ApplyResponseGrant, exception, model); CookieExceptionContext.ExceptionLocation.ApplyResponseGrant, exception, model);
Options.Notifications.Exception(exceptionContext); Options.Notifications.Exception(exceptionContext);
if (exceptionContext.Rethrow) if (exceptionContext.Rethrow)
@ -363,7 +362,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
return; return;
} }
string loginUri = string.Empty; var loginUri = string.Empty;
if (ChallengeContext != null) if (ChallengeContext != null)
{ {
loginUri = new AuthenticationProperties(ChallengeContext.Properties).RedirectUri; loginUri = new AuthenticationProperties(ChallengeContext.Properties).RedirectUri;
@ -373,7 +372,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
{ {
if (string.IsNullOrWhiteSpace(loginUri)) if (string.IsNullOrWhiteSpace(loginUri))
{ {
string currentUri = var currentUri =
Request.PathBase + Request.PathBase +
Request.Path + Request.Path +
Request.QueryString; Request.QueryString;
@ -392,7 +391,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
} }
catch (Exception exception) catch (Exception exception)
{ {
CookieExceptionContext exceptionContext = new CookieExceptionContext(Context, Options, var exceptionContext = new CookieExceptionContext(Context, Options,
CookieExceptionContext.ExceptionLocation.ApplyResponseChallenge, exception, ticket: null); CookieExceptionContext.ExceptionLocation.ApplyResponseChallenge, exception, ticket: null);
Options.Notifications.Exception(exceptionContext); Options.Notifications.Exception(exceptionContext);
if (exceptionContext.Rethrow) if (exceptionContext.Rethrow)

View File

@ -1,7 +1,6 @@
// Copyright (c) .NET Foundation. All rights reserved. // Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Diagnostics.CodeAnalysis; using System.Diagnostics.CodeAnalysis;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Authentication.Notifications; using Microsoft.AspNet.Authentication.Notifications;

View File

@ -1,7 +1,6 @@
// Copyright (c) .NET Foundation. All rights reserved. // Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;
@ -112,4 +111,4 @@ namespace Microsoft.AspNet.Authentication.Cookies
OnException.Invoke(context); OnException.Invoke(context);
} }
} }
} }

View File

@ -1,7 +1,6 @@
// Copyright (c) .NET Foundation. All rights reserved. // Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Authentication; using Microsoft.AspNet.Http.Authentication;

View File

@ -1,7 +1,6 @@
// Copyright (c) .NET Foundation. All rights reserved. // Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Authentication.Notifications; using Microsoft.AspNet.Authentication.Notifications;

View File

@ -14,7 +14,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
{ {
if (IsAjaxRequest(context.Request)) if (IsAjaxRequest(context.Request))
{ {
string jsonResponse = JsonConvert.SerializeObject(new var jsonResponse = JsonConvert.SerializeObject(new
{ {
status = context.Response.StatusCode, status = context.Response.StatusCode,
headers = new headers = new
@ -34,7 +34,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
private static bool IsAjaxRequest(HttpRequest request) private static bool IsAjaxRequest(HttpRequest request)
{ {
IReadableStringCollection query = request.Query; var query = request.Query;
if (query != null) if (query != null)
{ {
if (query["X-Requested-With"] == "XMLHttpRequest") if (query["X-Requested-With"] == "XMLHttpRequest")
@ -43,7 +43,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
} }
} }
IHeaderDictionary headers = request.Headers; var headers = request.Headers;
if (headers != null) if (headers != null)
{ {
if (headers["X-Requested-With"] == "XMLHttpRequest") if (headers["X-Requested-With"] == "XMLHttpRequest")