Move Antiforgery implementation details to `.Internal`
- leave `IAntiforgery`, `IAntiforgeryAdditionalDataProvider` and related bits behind
This commit is contained in:
parent
48ee352022
commit
705c080d3b
|
|
@ -1,7 +1,7 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Used as a per request state.
|
/// Used as a per request state.
|
||||||
|
|
@ -8,7 +8,7 @@ using Microsoft.AspNetCore.DataProtection;
|
||||||
using Microsoft.AspNetCore.WebUtilities;
|
using Microsoft.AspNetCore.WebUtilities;
|
||||||
using Microsoft.Extensions.Options;
|
using Microsoft.Extensions.Options;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class AntiforgeryOptionsSetup : ConfigureOptions<AntiforgeryOptions>
|
public class AntiforgeryOptionsSetup : ConfigureOptions<AntiforgeryOptions>
|
||||||
{
|
{
|
||||||
|
|
@ -5,7 +5,7 @@ using System.IO;
|
||||||
using System.Security.Cryptography;
|
using System.Security.Cryptography;
|
||||||
using System.Text;
|
using System.Text;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class AntiforgerySerializationContext
|
public class AntiforgerySerializationContext
|
||||||
{
|
{
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public sealed class AntiforgeryToken
|
public sealed class AntiforgeryToken
|
||||||
{
|
{
|
||||||
|
|
@ -8,7 +8,7 @@ using System.Runtime.CompilerServices;
|
||||||
using System.Security.Cryptography;
|
using System.Security.Cryptography;
|
||||||
using System.Text;
|
using System.Text;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
// Represents a binary blob (token) that contains random data.
|
// Represents a binary blob (token) that contains random data.
|
||||||
// Useful for binary data inside a serialized stream.
|
// Useful for binary data inside a serialized stream.
|
||||||
|
|
@ -10,7 +10,7 @@ using Microsoft.AspNetCore.Html;
|
||||||
using Microsoft.AspNetCore.Http;
|
using Microsoft.AspNetCore.Http;
|
||||||
using Microsoft.Extensions.Options;
|
using Microsoft.Extensions.Options;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Provides access to the antiforgery system, which provides protection against
|
/// Provides access to the antiforgery system, which provides protection against
|
||||||
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
using Microsoft.AspNetCore.Http;
|
using Microsoft.AspNetCore.Http;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// A default <see cref="IAntiforgeryAdditionalDataProvider"/> implementation.
|
/// A default <see cref="IAntiforgeryAdditionalDataProvider"/> implementation.
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class DefaultAntiforgeryContextAccessor : IAntiforgeryContextAccessor
|
public class DefaultAntiforgeryContextAccessor : IAntiforgeryContextAccessor
|
||||||
{
|
{
|
||||||
|
|
@ -6,7 +6,7 @@ using System.Security.Claims;
|
||||||
using System.Security.Principal;
|
using System.Security.Principal;
|
||||||
using Microsoft.AspNetCore.Http;
|
using Microsoft.AspNetCore.Http;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class DefaultAntiforgeryTokenGenerator : IAntiforgeryTokenGenerator
|
public class DefaultAntiforgeryTokenGenerator : IAntiforgeryTokenGenerator
|
||||||
{
|
{
|
||||||
|
|
@ -7,7 +7,7 @@ using Microsoft.AspNetCore.DataProtection;
|
||||||
using Microsoft.AspNetCore.WebUtilities;
|
using Microsoft.AspNetCore.WebUtilities;
|
||||||
using Microsoft.Extensions.ObjectPool;
|
using Microsoft.Extensions.ObjectPool;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class DefaultAntiforgeryTokenSerializer : IAntiforgeryTokenSerializer
|
public class DefaultAntiforgeryTokenSerializer : IAntiforgeryTokenSerializer
|
||||||
{
|
{
|
||||||
|
|
@ -9,7 +9,7 @@ using Microsoft.Extensions.DependencyInjection;
|
||||||
using Microsoft.Extensions.Options;
|
using Microsoft.Extensions.Options;
|
||||||
using Microsoft.Extensions.Primitives;
|
using Microsoft.Extensions.Primitives;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class DefaultAntiforgeryTokenStore : IAntiforgeryTokenStore
|
public class DefaultAntiforgeryTokenStore : IAntiforgeryTokenStore
|
||||||
{
|
{
|
||||||
|
|
@ -7,7 +7,7 @@ using System.Linq;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using Microsoft.Extensions.ObjectPool;
|
using Microsoft.Extensions.ObjectPool;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Default implementation of <see cref="IClaimUidExtractor"/>.
|
/// Default implementation of <see cref="IClaimUidExtractor"/>.
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public interface IAntiforgeryContextAccessor
|
public interface IAntiforgeryContextAccessor
|
||||||
{
|
{
|
||||||
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
using Microsoft.AspNetCore.Http;
|
using Microsoft.AspNetCore.Http;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Generates and validates antiforgery tokens.
|
/// Generates and validates antiforgery tokens.
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
// Abstracts out the serialization process for an antiforgery token
|
// Abstracts out the serialization process for an antiforgery token
|
||||||
public interface IAntiforgeryTokenSerializer
|
public interface IAntiforgeryTokenSerializer
|
||||||
|
|
@ -4,7 +4,7 @@
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
using Microsoft.AspNetCore.Http;
|
using Microsoft.AspNetCore.Http;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
// Provides an abstraction around how tokens are persisted and retrieved for a request
|
// Provides an abstraction around how tokens are persisted and retrieved for a request
|
||||||
public interface IAntiforgeryTokenStore
|
public interface IAntiforgeryTokenStore
|
||||||
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// This interface can extract unique identifers for a claims-based identity.
|
/// This interface can extract unique identifers for a claims-based identity.
|
||||||
|
|
@ -5,7 +5,7 @@ using Microsoft.Extensions.DependencyInjection;
|
||||||
using Microsoft.Extensions.Options;
|
using Microsoft.Extensions.Options;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class AntiforgeryOptionsSetupTest
|
public class AntiforgeryOptionsSetupTest
|
||||||
{
|
{
|
||||||
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class AntiforgeryTokenTest
|
public class AntiforgeryTokenTest
|
||||||
{
|
{
|
||||||
|
|
@ -4,7 +4,7 @@
|
||||||
using System;
|
using System;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class BinaryBlobTest
|
public class BinaryBlobTest
|
||||||
{
|
{
|
||||||
|
|
@ -13,7 +13,7 @@ using Microsoft.Extensions.WebEncoders.Testing;
|
||||||
using Moq;
|
using Moq;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class DefaultAntiforgeryTest
|
public class DefaultAntiforgeryTest
|
||||||
{
|
{
|
||||||
|
|
@ -186,7 +186,7 @@ namespace Microsoft.AspNetCore.Antiforgery
|
||||||
var antiforgery = GetAntiforgery(context);
|
var antiforgery = GetAntiforgery(context);
|
||||||
var encoder = new HtmlTestEncoder();
|
var encoder = new HtmlTestEncoder();
|
||||||
|
|
||||||
// Setup so that the null cookie token returned is treated as invalid.
|
// Setup so that the null cookie token returned is treated as invalid.
|
||||||
context.TokenGenerator
|
context.TokenGenerator
|
||||||
.Setup(o => o.IsCookieTokenValid(null))
|
.Setup(o => o.IsCookieTokenValid(null))
|
||||||
.Returns(false);
|
.Returns(false);
|
||||||
|
|
@ -226,7 +226,7 @@ namespace Microsoft.AspNetCore.Antiforgery
|
||||||
.Setup(o => o.GetCookieToken(context.HttpContext))
|
.Setup(o => o.GetCookieToken(context.HttpContext))
|
||||||
.Throws(new Exception("should be swallowed"));
|
.Throws(new Exception("should be swallowed"));
|
||||||
|
|
||||||
// Setup so that the null cookie token returned is treated as invalid.
|
// Setup so that the null cookie token returned is treated as invalid.
|
||||||
context.TokenGenerator
|
context.TokenGenerator
|
||||||
.Setup(o => o.IsCookieTokenValid(null))
|
.Setup(o => o.IsCookieTokenValid(null))
|
||||||
.Returns(false);
|
.Returns(false);
|
||||||
|
|
@ -9,7 +9,7 @@ using Microsoft.AspNetCore.Testing;
|
||||||
using Moq;
|
using Moq;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class DefaultAntiforgeryTokenGeneratorProviderTest
|
public class DefaultAntiforgeryTokenGeneratorProviderTest
|
||||||
{
|
{
|
||||||
|
|
@ -190,7 +190,7 @@ namespace Microsoft.AspNetCore.Antiforgery
|
||||||
.Returns("my-username");
|
.Returns("my-username");
|
||||||
|
|
||||||
httpContext.User = new ClaimsPrincipal(mockIdentity.Object);
|
httpContext.User = new ClaimsPrincipal(mockIdentity.Object);
|
||||||
|
|
||||||
var claimUidExtractor = new Mock<IClaimUidExtractor>().Object;
|
var claimUidExtractor = new Mock<IClaimUidExtractor>().Object;
|
||||||
|
|
||||||
var tokenProvider = new DefaultAntiforgeryTokenGenerator(
|
var tokenProvider = new DefaultAntiforgeryTokenGenerator(
|
||||||
|
|
@ -325,7 +325,7 @@ namespace Microsoft.AspNetCore.Antiforgery
|
||||||
claimUidExtractor: null,
|
claimUidExtractor: null,
|
||||||
additionalDataProvider: null);
|
additionalDataProvider: null);
|
||||||
|
|
||||||
string expectedMessage =
|
string expectedMessage =
|
||||||
"Validation of the provided antiforgery token failed. " +
|
"Validation of the provided antiforgery token failed. " +
|
||||||
"The cookie token and the request token were swapped.";
|
"The cookie token and the request token were swapped.";
|
||||||
|
|
||||||
|
|
@ -4,13 +4,12 @@
|
||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using Microsoft.AspNetCore.Antiforgery.Internal;
|
|
||||||
using Microsoft.AspNetCore.DataProtection;
|
using Microsoft.AspNetCore.DataProtection;
|
||||||
using Microsoft.Extensions.ObjectPool;
|
using Microsoft.Extensions.ObjectPool;
|
||||||
using Moq;
|
using Moq;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class DefaultAntiforgeryTokenSerializerTest
|
public class DefaultAntiforgeryTokenSerializerTest
|
||||||
{
|
{
|
||||||
|
|
@ -4,7 +4,6 @@
|
||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
using Microsoft.AspNetCore.Antiforgery.Internal;
|
|
||||||
using Microsoft.AspNetCore.DataProtection;
|
using Microsoft.AspNetCore.DataProtection;
|
||||||
using Microsoft.AspNetCore.Http;
|
using Microsoft.AspNetCore.Http;
|
||||||
using Microsoft.AspNetCore.Http.Internal;
|
using Microsoft.AspNetCore.Http.Internal;
|
||||||
|
|
@ -14,7 +13,7 @@ using Microsoft.Extensions.Primitives;
|
||||||
using Moq;
|
using Moq;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class DefaultAntiforgeryTokenStoreTest
|
public class DefaultAntiforgeryTokenStoreTest
|
||||||
{
|
{
|
||||||
|
|
@ -4,12 +4,11 @@
|
||||||
using System;
|
using System;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using Microsoft.AspNetCore.Antiforgery.Internal;
|
|
||||||
using Microsoft.Extensions.ObjectPool;
|
using Microsoft.Extensions.ObjectPool;
|
||||||
using Moq;
|
using Moq;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Antiforgery
|
namespace Microsoft.AspNetCore.Antiforgery.Internal
|
||||||
{
|
{
|
||||||
public class DefaultClaimUidExtractorTest
|
public class DefaultClaimUidExtractorTest
|
||||||
{
|
{
|
||||||
Loading…
Reference in New Issue