huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Split Security into AuthN/AuthZ 

AuthenticationType -> Scheme
Move Active/Passive into AutomaticAuthenticationHandler
Security -> Authorization/Authentication assemblies
401-403 logic
Switch from ClaimsIdentity to ClaimsPrincipal
This commit is contained in:
Hao Kung 2015-03-02 15:33:52 -08:00
parent d864b72561
commit 775eb5ece4
245 changed files with 1701 additions and 1169 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
samples/CookieSample/Startup.cs
View File

@ -1,7 +1,7 @@
using System.Security.Claims;
using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Cookies;
using Microsoft.AspNet.Authentication.Cookies;
using Microsoft.Framework.DependencyInjection;
namespace CookieSample
@ -23,8 +23,7 @@ namespace CookieSample
{
if (context.User == null || !context.User.Identity.IsAuthenticated)
{
context.Response.SignIn(new ClaimsIdentity(new[] { new Claim("name", "bob") }, CookieAuthenticationDefaults.AuthenticationType));
context.Response.SignIn(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim("name", "bob") })));
context.Response.ContentType = "text/plain";
await context.Response.WriteAsync("Hello First timer");
return;

2
samples/CookieSample/project.json
View File

@ -1,6 +1,6 @@
{
"dependencies": {
"Microsoft.AspNet.Security.Cookies": "1.0.0-*",
"Microsoft.AspNet.Authentication.Cookies": "1.0.0-*",
"Microsoft.AspNet.Server.WebListener": "1.0.0-*",
"Microsoft.AspNet.Server.IIS": "1.0.0-*",
"Kestrel": "1.0.0-*"

4
samples/CookieSessionSample/MemoryCacheSessionStore.cs
View File

@ -1,7 +1,7 @@
using System;
using System.Threading.Tasks;
using Microsoft.AspNet.Security;
using Microsoft.AspNet.Security.Cookies.Infrastructure;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.Cookies.Infrastructure;
using Microsoft.Framework.Cache.Memory;
namespace CookieSessionSample

5
samples/CookieSessionSample/Startup.cs
View File

@ -2,7 +2,7 @@ using System.Collections.Generic;
using System.Security.Claims;
using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Cookies;
using Microsoft.AspNet.Authentication.Cookies;
using Microsoft.Framework.DependencyInjection;
namespace CookieSessionSample
@ -32,8 +32,7 @@ namespace CookieSessionSample
{
claims.Add(new Claim(ClaimTypes.Role, "SomeRandomGroup" + i, ClaimValueTypes.String, "IssuedByBob", "OriginalIssuerJoe"));
}
context.Response.SignIn(new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationType));
context.Response.SignIn(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(new ClaimsIdentity(claims)));
context.Response.ContentType = "text/plain";
await context.Response.WriteAsync("Hello First timer");
return;

2
samples/CookieSessionSample/project.json
View File

@ -1,6 +1,6 @@
{
"dependencies": {
"Microsoft.AspNet.Security.Cookies": "1.0.0-*",
"Microsoft.AspNet.Authentication.Cookies": "1.0.0-*",
"Microsoft.AspNet.Server.WebListener": "1.0.0-*",
"Microsoft.Framework.Cache.Memory": "1.0.0-*",
"Kestrel": "1.0.0-*",

12
samples/OpenIdConnectSample/Startup.cs
View File

@ -1,9 +1,9 @@
using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security;
using Microsoft.AspNet.Security.Cookies;
using Microsoft.AspNet.Security.OpenIdConnect;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.Cookies;
using Microsoft.AspNet.Authentication.OpenIdConnect;
using Microsoft.Framework.DependencyInjection;
namespace OpenIdConnectSample
@ -17,7 +17,7 @@ namespace OpenIdConnectSample
services.AddDataProtection();
services.Configure<ExternalAuthenticationOptions>(options =>
{
options.SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType;
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
});
});
@ -37,7 +37,7 @@ namespace OpenIdConnectSample
{
if (context.User == null || !context.User.Identity.IsAuthenticated)
{
context.Response.Challenge(new AuthenticationProperties { RedirectUri = "/" }, OpenIdConnectAuthenticationDefaults.AuthenticationType);
context.Response.Challenge(new AuthenticationProperties { RedirectUri = "/" }, OpenIdConnectAuthenticationDefaults.AuthenticationScheme);
context.Response.ContentType = "text/plain";
await context.Response.WriteAsync("Hello First timer");

4
samples/OpenIdConnectSample/project.json
View File

@ -1,9 +1,9 @@
{
"dependencies": {
"Kestrel": "1.0.0-*",
"Microsoft.AspNet.Security.Cookies": "1.0.0-*",
"Microsoft.AspNet.Authentication.Cookies": "1.0.0-*",
"Microsoft.AspNet.Server.IIS": "1.0.0-*",
"Microsoft.AspNet.Security.OpenIdConnect": "1.0.0-*",
"Microsoft.AspNet.Authentication.OpenIdConnect": "1.0.0-*",
"Microsoft.AspNet.Server.WebListener": "1.0.0-*"
},
"frameworks": {

37
samples/SocialSample/Startup.cs
View File

@ -4,12 +4,12 @@ using System.Security.Claims;
using Microsoft.AspNet.Builder;
using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security;
using Microsoft.AspNet.Security.Cookies;
using Microsoft.AspNet.Security.Google;
using Microsoft.AspNet.Security.MicrosoftAccount;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.Cookies;
using Microsoft.AspNet.Authentication.Google;
using Microsoft.AspNet.Authentication.MicrosoftAccount;
using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.Framework.DependencyInjection;
using Newtonsoft.Json.Linq;
@ -26,7 +26,7 @@ namespace CookieSample
services.AddDataProtection();
services.Configure<ExternalAuthenticationOptions>(options =>
{
options.SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType;
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
});
});
@ -121,6 +121,7 @@ namespace CookieSample
options.AuthorizationEndpoint = "https://github.com/login/oauth/authorize";
options.TokenEndpoint = "https://github.com/login/oauth/access_token";
options.UserInformationEndpoint = "https://api.github.com/user";
options.ClaimsIssuer = "OAuth2-Github";
// Retrieving user information is unique to each provider.
options.Notifications = new OAuthAuthenticationNotifications()
{
@ -136,7 +137,7 @@ namespace CookieSample
JObject user = JObject.Parse(text);
var identity = new ClaimsIdentity(
context.Options.AuthenticationType,
context.Options.AuthenticationScheme,
ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType);
@ -144,25 +145,25 @@ namespace CookieSample
var id = user.TryGetValue("id", out value) ? value.ToString() : null;
if (!string.IsNullOrEmpty(id))
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, id, ClaimValueTypes.String, context.Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, id, ClaimValueTypes.String, context.Options.ClaimsIssuer));
}
var userName = user.TryGetValue("login", out value) ? value.ToString() : null;
if (!string.IsNullOrEmpty(userName))
{
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, userName, ClaimValueTypes.String, context.Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, userName, ClaimValueTypes.String, context.Options.ClaimsIssuer));
}
var name = user.TryGetValue("name", out value) ? value.ToString() : null;
if (!string.IsNullOrEmpty(name))
{
identity.AddClaim(new Claim("urn:github:name", name, ClaimValueTypes.String, context.Options.AuthenticationType));
identity.AddClaim(new Claim("urn:github:name", name, ClaimValueTypes.String, context.Options.ClaimsIssuer));
}
var link = user.TryGetValue("url", out value) ? value.ToString() : null;
if (!string.IsNullOrEmpty(link))
{
identity.AddClaim(new Claim("urn:github:url", link, ClaimValueTypes.String, context.Options.AuthenticationType));
identity.AddClaim(new Claim("urn:github:url", link, ClaimValueTypes.String, context.Options.ClaimsIssuer));
}
context.Identity = identity;
context.Principal = new ClaimsPrincipal(identity);
},
};
});
@ -172,7 +173,7 @@ namespace CookieSample
{
signoutApp.Run(async context =>
{
string authType = context.Request.Query["authtype"];
string authType = context.Request.Query["authscheme"];
if (!string.IsNullOrEmpty(authType))
{
// By default the client will be redirect back to the URL that issued the challenge (/login?authtype=foo),
@ -183,10 +184,10 @@ namespace CookieSample
context.Response.ContentType = "text/html";
await context.Response.WriteAsync("<html><body>");
await context.Response.WriteAsync("Choose an authentication type: <br>");
foreach (var type in context.GetAuthenticationTypes())
await context.Response.WriteAsync("Choose an authentication scheme: <br>");
foreach (var type in context.GetAuthenticationSchemes())
{
await context.Response.WriteAsync("<a href=\"?authtype=" + type.AuthenticationType + "\">" + (type.Caption ?? "(suppressed)") + "</a><br>");
await context.Response.WriteAsync("<a href=\"?authscheme=" + type.AuthenticationScheme + "\">" + (type.Caption ?? "(suppressed)") + "</a><br>");
}
await context.Response.WriteAsync("</body></html>");
});
@ -197,7 +198,7 @@ namespace CookieSample
{
signoutApp.Run(async context =>
{
context.Response.SignOut(CookieAuthenticationDefaults.AuthenticationType);
context.Response.SignOut(CookieAuthenticationDefaults.AuthenticationScheme);
context.Response.ContentType = "text/html";
await context.Response.WriteAsync("<html><body>");
await context.Response.WriteAsync("You have been logged out. Goodbye " + context.User.Identity.Name + "<br>");

10
samples/SocialSample/project.json
View File

@ -1,11 +1,11 @@
{
"dependencies": {
"Microsoft.AspNet.Diagnostics": "1.0.0-*",
"Microsoft.AspNet.Security.Cookies": "1.0.0-*",
"Microsoft.AspNet.Security.Facebook": "1.0.0-*",
"Microsoft.AspNet.Security.Google": "1.0.0-*",
"Microsoft.AspNet.Security.MicrosoftAccount": "1.0.0-*",
"Microsoft.AspNet.Security.Twitter": "1.0.0-*",
"Microsoft.AspNet.Authentication.Cookies": "1.0.0-*",
"Microsoft.AspNet.Authentication.Facebook": "1.0.0-*",
"Microsoft.AspNet.Authentication.Google": "1.0.0-*",
"Microsoft.AspNet.Authentication.MicrosoftAccount": "1.0.0-*",
"Microsoft.AspNet.Authentication.Twitter": "1.0.0-*",
"Microsoft.AspNet.Server.IIS": "1.0.0-*",
"Microsoft.AspNet.Server.WebListener": "1.0.0-*",
"Kestrel": "1.0.0-*"

7
src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationDefaults.cs → src/Microsoft.AspNet.Authentication.Cookies/CookieAuthenticationDefaults.cs
View File

@ -1,11 +1,10 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Diagnostics.CodeAnalysis;
using Microsoft.AspNet.Http;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
/// <summary>
/// Default values related to cookie-based authentication middleware
@ -13,9 +12,9 @@ namespace Microsoft.AspNet.Security.Cookies
public static class CookieAuthenticationDefaults
{
/// <summary>
/// The default value used for CookieAuthenticationOptions.AuthenticationType
/// The default value used for CookieAuthenticationOptions.AuthenticationScheme
/// </summary>
public const string AuthenticationType = "Cookies";
public const string AuthenticationScheme = "Cookies";
/// <summary>
/// The prefix used to provide a default CookieAuthenticationOptions.CookieName

4
src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationExtensions.cs → src/Microsoft.AspNet.Authentication.Cookies/CookieAuthenticationExtensions.cs
View File

@ -1,10 +1,10 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Security.Cookies;
using System;
using Microsoft.AspNet.Authentication.Cookies;
using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.OptionsModel;
using System;
namespace Microsoft.AspNet.Builder
{

51
src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationHandler.cs → src/Microsoft.AspNet.Authentication.Cookies/CookieAuthenticationHandler.cs
View File

@ -7,20 +7,19 @@ using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.Framework.Logging;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
internal class CookieAuthenticationHandler : AuthenticationHandler<CookieAuthenticationOptions>
internal class CookieAuthenticationHandler : AutomaticAuthenticationHandler<CookieAuthenticationOptions>
{
private const string HeaderNameCacheControl = "Cache-Control";
private const string HeaderNamePragma = "Pragma";
private const string HeaderNameExpires = "Expires";
private const string HeaderValueNoCache = "no-cache";
private const string HeaderValueMinusOne = "-1";
private const string SessionIdClaim = "Microsoft.AspNet.Security.Cookies-SessionId";
private const string SessionIdClaim = "Microsoft.AspNet.Authentication.Cookies-SessionId";
private readonly ILogger _logger;
@ -60,7 +59,7 @@ namespace Microsoft.AspNet.Security.Cookies
if (Options.SessionStore != null)
{
Claim claim = ticket.Identity.Claims.FirstOrDefault(c => c.Type.Equals(SessionIdClaim));
Claim claim = ticket.Principal.Claims.FirstOrDefault(c => c.Type.Equals(SessionIdClaim));
if (claim == null)
{
_logger.WriteWarning(@"SessionId missing");
@ -103,11 +102,11 @@ namespace Microsoft.AspNet.Security.Cookies
}
}
var context = new CookieValidateIdentityContext(Context, ticket, Options);
var context = new CookieValidatePrincipalContext(Context, ticket, Options);
await Options.Notifications.ValidateIdentity(context);
await Options.Notifications.ValidatePrincipal(context);
return new AuthenticationTicket(context.Identity, context.Properties);
return new AuthenticationTicket(context.Principal, context.Properties, Options.AuthenticationScheme);
}
catch (Exception exception)
{
@ -129,7 +128,7 @@ namespace Microsoft.AspNet.Security.Cookies
protected override async Task ApplyResponseGrantAsync()
{
var signin = SignInIdentityContext;
var signin = SignInContext;
bool shouldSignin = signin != null;
var signout = SignOutContext;
bool shouldSignout = signout != null;
@ -162,8 +161,8 @@ namespace Microsoft.AspNet.Security.Cookies
var signInContext = new CookieResponseSignInContext(
Context,
Options,
Options.AuthenticationType,
signin.Identity,
Options.AuthenticationScheme,
signin.Principal,
signin.Properties,
cookieOptions);
@ -191,7 +190,7 @@ namespace Microsoft.AspNet.Security.Cookies
signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime().DateTime;
}
model = new AuthenticationTicket(signInContext.Identity, signInContext.Properties);
model = new AuthenticationTicket(signInContext.Principal, signInContext.Properties, signInContext.AuthenticationScheme);
if (Options.SessionStore != null)
{
if (_sessionKey != null)
@ -199,10 +198,11 @@ namespace Microsoft.AspNet.Security.Cookies
await Options.SessionStore.RemoveAsync(_sessionKey);
}
_sessionKey = await Options.SessionStore.StoreAsync(model);
ClaimsIdentity identity = new ClaimsIdentity(
new[] { new Claim(SessionIdClaim, _sessionKey) },
Options.AuthenticationType);
model = new AuthenticationTicket(identity, null);
var principal = new ClaimsPrincipal(
new ClaimsIdentity(
new[] { new Claim(SessionIdClaim, _sessionKey) },
Options.AuthenticationScheme));
model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
}
string cookieValue = Options.TicketDataFormat.Protect(model);
@ -215,8 +215,8 @@ namespace Microsoft.AspNet.Security.Cookies
var signedInContext = new CookieResponseSignedInContext(
Context,
Options,
Options.AuthenticationType,
signInContext.Identity,
Options.AuthenticationScheme,
signInContext.Principal,
signInContext.Properties);
Options.Notifications.ResponseSignedIn(signedInContext);
@ -248,10 +248,11 @@ namespace Microsoft.AspNet.Security.Cookies
if (Options.SessionStore != null && _sessionKey != null)
{
await Options.SessionStore.RenewAsync(_sessionKey, model);
ClaimsIdentity identity = new ClaimsIdentity(
new[] { new Claim(SessionIdClaim, _sessionKey) },
Options.AuthenticationType);
model = new AuthenticationTicket(identity, null);
var principal = new ClaimsPrincipal(
new ClaimsIdentity(
new[] { new Claim(SessionIdClaim, _sessionKey) },
Options.AuthenticationScheme));
model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
}
string cookieValue = Options.TicketDataFormat.Protect(model);
@ -327,8 +328,8 @@ namespace Microsoft.AspNet.Security.Cookies
return;
}
// Active middleware should redirect on 401 even if there wasn't an explicit challenge.
if (ChallengeContext == null && Options.AuthenticationMode == AuthenticationMode.Passive)
// Automatic middleware should redirect on 401 even if there wasn't an explicit challenge.
if (ChallengeContext == null && !Options.AutomaticAuthentication)
{
return;
}

14
src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationMiddleware.cs → src/Microsoft.AspNet.Authentication.Cookies/CookieAuthenticationMiddleware.cs
View File

@ -1,17 +1,17 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using Microsoft.AspNet.Authentication.Cookies.Infrastructure;
using Microsoft.AspNet.Authentication.DataHandler;
using Microsoft.AspNet.Authentication.Cookies.Infrastructure;
using Microsoft.AspNet.Authentication.DataHandler;
using Microsoft.AspNet.Builder;
using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Security.Cookies.Infrastructure;
using Microsoft.AspNet.Security.DataHandler;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.Framework.Logging;
using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
public class CookieAuthenticationMiddleware : AuthenticationMiddleware<CookieAuthenticationOptions>
{
@ -31,12 +31,12 @@ namespace Microsoft.AspNet.Security.Cookies
}
if (String.IsNullOrEmpty(Options.CookieName))
{
Options.CookieName = CookieAuthenticationDefaults.CookiePrefix + Options.AuthenticationType;
Options.CookieName = CookieAuthenticationDefaults.CookiePrefix + Options.AuthenticationScheme;
}
if (Options.TicketDataFormat == null)
{
IDataProtector dataProtector = dataProtectionProvider.CreateProtector(
typeof(CookieAuthenticationMiddleware).FullName, Options.AuthenticationType, "v2");
typeof(CookieAuthenticationMiddleware).FullName, Options.AuthenticationScheme, "v2");
Options.TicketDataFormat = new TicketDataFormat(dataProtector);
}
if (Options.CookieManager == null)

13
src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationOptions.cs → src/Microsoft.AspNet.Authentication.Cookies/CookieAuthenticationOptions.cs
View File

@ -1,19 +1,17 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Diagnostics.CodeAnalysis;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Cookies.Infrastructure;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Authentication.Cookies.Infrastructure;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
/// <summary>
/// Contains the options used by the CookiesAuthenticationMiddleware
/// </summary>
public class CookieAuthenticationOptions : AuthenticationOptions
public class CookieAuthenticationOptions : AutomaticAuthenticationOptions
{
private string _cookieName;
@ -22,7 +20,8 @@ namespace Microsoft.AspNet.Security.Cookies
/// </summary>
public CookieAuthenticationOptions()
{
AuthenticationType = CookieAuthenticationDefaults.AuthenticationType;
AutomaticAuthentication = true;
AuthenticationScheme = CookieAuthenticationDefaults.AuthenticationScheme;
ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter;
ExpireTimeSpan = TimeSpan.FromDays(14);
SlidingExpiration = true;
@ -34,7 +33,7 @@ namespace Microsoft.AspNet.Security.Cookies
/// <summary>
/// Determines the cookie name used to persist the identity. The default value is ".AspNet.Cookies".
/// This value should be changed if you change the name of the AuthenticationType, especially if your
/// This value should be changed if you change the name of the AuthenticationScheme, especially if your
/// system uses the cookie authentication middleware multiple times.
/// </summary>
public string CookieName

2
src/Microsoft.AspNet.Security.Cookies/CookieSecureOption.cs → src/Microsoft.AspNet.Authentication.Cookies/CookieSecureOption.cs
View File

@ -2,7 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
/// <summary>
/// Determines how the identity cookie's security property is set.

2
src/Microsoft.AspNet.Security.Cookies/Infrastructure/ChunkingCookieManager.cs → src/Microsoft.AspNet.Authentication.Cookies/Infrastructure/ChunkingCookieManager.cs
View File

@ -7,7 +7,7 @@ using System.Globalization;
using System.Linq;
using Microsoft.AspNet.Http;
namespace Microsoft.AspNet.Security.Cookies.Infrastructure
namespace Microsoft.AspNet.Authentication.Cookies.Infrastructure
{
/// <summary>
/// This handles cookies that are limited by per cookie length. It breaks down long cookies for responses, and reassembles them

2
src/Microsoft.AspNet.Security.Cookies/Infrastructure/Constants.cs → src/Microsoft.AspNet.Authentication.Cookies/Infrastructure/Constants.cs
View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.Cookies.Infrastructure
namespace Microsoft.AspNet.Authentication.Cookies.Infrastructure
{
internal static class Constants
{

2
src/Microsoft.AspNet.Security.Cookies/Infrastructure/IAuthenticationSessionStore.cs → src/Microsoft.AspNet.Authentication.Cookies/Infrastructure/IAuthenticationSessionStore.cs
View File

@ -2,7 +2,7 @@
using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.Cookies.Infrastructure
namespace Microsoft.AspNet.Authentication.Cookies.Infrastructure
{
/// <summary>
/// This provides an abstract storage mechanic to preserve identity information on the server

2
src/Microsoft.AspNet.Security.Cookies/Infrastructure/ICookieManager.cs → src/Microsoft.AspNet.Authentication.Cookies/Infrastructure/ICookieManager.cs
View File

@ -3,7 +3,7 @@
using Microsoft.AspNet.Http;
namespace Microsoft.AspNet.Security.Cookies.Infrastructure
namespace Microsoft.AspNet.Authentication.Cookies.Infrastructure
{
/// <summary>
/// This is used by the CookieAuthenticationMiddleware to process request and response cookies.

4
src/Microsoft.AspNet.Security.Cookies/Microsoft.AspNet.Security.Cookies.kproj → src/Microsoft.AspNet.Authentication.Cookies/Microsoft.AspNet.Authentication.Cookies.kproj
View File

@ -1,4 +1,4 @@
<?xml version="1.0" encoding="utf-8"?>
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup>
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
@ -14,4 +14,4 @@
<SchemaVersion>2.0</SchemaVersion>
</PropertyGroup>
<Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" />
</Project>
</Project>

2
src/Microsoft.AspNet.Security.Facebook/NotNullAttribute.cs → src/Microsoft.AspNet.Authentication.Cookies/NotNullAttribute.cs
View File

@ -3,7 +3,7 @@
using System;
namespace Microsoft.AspNet.Security.Facebook
namespace Microsoft.AspNet.Authentication.Cookies
{
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute

4
src/Microsoft.AspNet.Security.Cookies/Notifications/CookieApplyRedirectContext.cs → src/Microsoft.AspNet.Authentication.Cookies/Notifications/CookieApplyRedirectContext.cs
View File

@ -4,9 +4,9 @@
using System.Diagnostics.CodeAnalysis;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
/// <summary>
/// Context passed when a Challenge, SignIn, or SignOut causes a redirect in the cookie middleware

10
src/Microsoft.AspNet.Security.Cookies/Notifications/CookieAuthenticationNotifications.cs → src/Microsoft.AspNet.Authentication.Cookies/Notifications/CookieAuthenticationNotifications.cs
View File

@ -5,7 +5,7 @@
using System;
using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
/// <summary>
/// This default implementation of the ICookieAuthenticationNotifications may be used if the
@ -19,7 +19,7 @@ namespace Microsoft.AspNet.Security.Cookies
/// </summary>
public CookieAuthenticationNotifications()
{
OnValidateIdentity = context => Task.FromResult(0);
OnValidatePrincipal = context => Task.FromResult(0);
OnResponseSignIn = context => { };
OnResponseSignedIn = context => { };
OnResponseSignOut = context => { };
@ -30,7 +30,7 @@ namespace Microsoft.AspNet.Security.Cookies
/// <summary>
/// A delegate assigned to this property will be invoked when the related method is called
/// </summary>
public Func<CookieValidateIdentityContext, Task> OnValidateIdentity { get; set; }
public Func<CookieValidatePrincipalContext, Task> OnValidatePrincipal { get; set; }
/// <summary>
/// A delegate assigned to this property will be invoked when the related method is called
@ -62,9 +62,9 @@ namespace Microsoft.AspNet.Security.Cookies
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public virtual Task ValidateIdentity(CookieValidateIdentityContext context)
public virtual Task ValidatePrincipal(CookieValidatePrincipalContext context)
{
return OnValidateIdentity.Invoke(context);
return OnValidatePrincipal.Invoke(context);
}
/// <summary>

4
src/Microsoft.AspNet.Security.Cookies/Notifications/CookieExceptionContext.cs → src/Microsoft.AspNet.Authentication.Cookies/Notifications/CookieExceptionContext.cs
View File

@ -4,9 +4,9 @@
using System;
using System.Diagnostics.CodeAnalysis;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
/// <summary>
/// Context object passed to the ICookieAuthenticationProvider method Exception.

24
src/Microsoft.AspNet.Security.Cookies/Notifications/CookieResponseSignInContext.cs → src/Microsoft.AspNet.Authentication.Cookies/Notifications/CookieResponseSignInContext.cs
View File

@ -4,10 +4,10 @@
using System.Security.Claims;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
/// <summary>
/// Context object passed to the ICookieAuthenticationProvider method ResponseSignIn.
@ -19,35 +19,35 @@ namespace Microsoft.AspNet.Security.Cookies
/// </summary>
/// <param name="context">The HTTP request context</param>
/// <param name="options">The middleware options</param>
/// <param name="authenticationType">Initializes AuthenticationType property</param>
/// <param name="identity">Initializes Identity property</param>
/// <param name="authenticationScheme">Initializes AuthenticationScheme property</param>
/// <param name="principal">Initializes Principal property</param>
/// <param name="properties">Initializes Extra property</param>
/// <param name="cookieOptions">Initializes options for the authentication cookie.</param>
public CookieResponseSignInContext(
HttpContext context,
CookieAuthenticationOptions options,
string authenticationType,
ClaimsIdentity identity,
string authenticationScheme,
ClaimsPrincipal principal,
AuthenticationProperties properties,
CookieOptions cookieOptions)
: base(context, options)
{
AuthenticationType = authenticationType;
Identity = identity;
AuthenticationScheme = authenticationScheme;
Principal = principal;
Properties = properties;
CookieOptions = cookieOptions;
}
/// <summary>
/// The name of the AuthenticationType creating a cookie
/// The name of the AuthenticationScheme creating a cookie
/// </summary>
public string AuthenticationType { get; private set; }
public string AuthenticationScheme { get; private set; }
/// <summary>
/// Contains the claims about to be converted into the outgoing cookie.
/// May be replaced or altered during the ResponseSignIn call.
/// </summary>
public ClaimsIdentity Identity { get; set; }
public ClaimsPrincipal Principal { get; set; }
/// <summary>
/// Contains the extra data about to be contained in the outgoing cookie.

4
src/Microsoft.AspNet.Security.Cookies/Notifications/CookieResponseSignOutContext.cs → src/Microsoft.AspNet.Authentication.Cookies/Notifications/CookieResponseSignOutContext.cs
View File

@ -3,9 +3,9 @@
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
/// <summary>
/// Context object passed to the ICookieAuthenticationProvider method ResponseSignOut

24
src/Microsoft.AspNet.Security.Cookies/Notifications/CookieResponseSignedInContext.cs → src/Microsoft.AspNet.Authentication.Cookies/Notifications/CookieResponseSignedInContext.cs
View File

@ -3,10 +3,10 @@
using System.Security.Claims;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
/// <summary>
/// Context object passed to the ICookieAuthenticationNotifications method ResponseSignedIn.
@ -18,31 +18,31 @@ namespace Microsoft.AspNet.Security.Cookies
/// </summary>
/// <param name="context">The HTTP request context</param>
/// <param name="options">The middleware options</param>
/// <param name="authenticationType">Initializes AuthenticationType property</param>
/// <param name="identity">Initializes Identity property</param>
/// <param name="authenticationScheme">Initializes AuthenticationScheme property</param>
/// <param name="principal">Initializes Principal property</param>
/// <param name="properties">Initializes Properties property</param>
public CookieResponseSignedInContext(
HttpContext context,
CookieAuthenticationOptions options,
string authenticationType,
ClaimsIdentity identity,
string authenticationScheme,
ClaimsPrincipal principal,
AuthenticationProperties properties)
: base(context, options)
{
AuthenticationType = authenticationType;
Identity = identity;
AuthenticationScheme = authenticationScheme;
Principal = principal;
Properties = properties;
}
/// <summary>
/// The name of the AuthenticationType creating a cookie
/// The name of the AuthenticationScheme creating a cookie
/// </summary>
public string AuthenticationType { get; private set; }
public string AuthenticationScheme { get; private set; }
/// <summary>
/// Contains the claims that were converted into the outgoing cookie.
/// </summary>
public ClaimsIdentity Identity { get; private set; }
public ClaimsPrincipal Principal { get; private set; }
/// <summary>
/// Contains the extra data that was contained in the outgoing cookie.

36
src/Microsoft.AspNet.Security.Cookies/Notifications/CookieValidateIdentityContext.cs → src/Microsoft.AspNet.Authentication.Cookies/Notifications/CookieValidateIdentityContext.cs
View File

@ -1,22 +1,18 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Security.Claims;
using System.Security.Principal;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Http.Interfaces.Security;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
/// <summary>
/// Context object passed to the ICookieAuthenticationProvider method ValidateIdentity.
/// Context object passed to the ICookieAuthenticationProvider method ValidatePrincipal.
/// </summary>
public class CookieValidateIdentityContext : BaseContext<CookieAuthenticationOptions>
public class CookieValidatePrincipalContext : BaseContext<CookieAuthenticationOptions>
{
/// <summary>
/// Creates a new instance of the context object.
@ -24,18 +20,18 @@ namespace Microsoft.AspNet.Security.Cookies
/// <param name="context"></param>
/// <param name="ticket">Contains the initial values for identity and extra data</param>
/// <param name="options"></param>
public CookieValidateIdentityContext([NotNull] HttpContext context, [NotNull] AuthenticationTicket ticket, [NotNull] CookieAuthenticationOptions options)
public CookieValidatePrincipalContext([NotNull] HttpContext context, [NotNull] AuthenticationTicket ticket, [NotNull] CookieAuthenticationOptions options)
: base(context, options)
{
Identity = ticket.Identity;
Principal = ticket.Principal;
Properties = ticket.Properties;
}
/// <summary>
/// Contains the claims identity arriving with the request. May be altered to change the
/// Contains the claims principal arriving with the request. May be altered to change the
/// details of the authenticated user.
/// </summary>
public ClaimsIdentity Identity { get; private set; }
public ClaimsPrincipal Principal { get; private set; }
/// <summary>
/// Contains the extra meta-data arriving with the request ticket. May be altered.
@ -43,22 +39,22 @@ namespace Microsoft.AspNet.Security.Cookies
public AuthenticationProperties Properties { get; private set; }
/// <summary>
/// Called to replace the claims identity. The supplied identity will replace the value of the
/// Identity property, which determines the identity of the authenticated request.
/// Called to replace the claims principal. The supplied principal will replace the value of the
/// Principal property, which determines the identity of the authenticated request.
/// </summary>
/// <param name="identity">The identity used as the replacement</param>
public void ReplaceIdentity(IIdentity identity)
public void ReplacePrincipal(IPrincipal principal)
{
Identity = new ClaimsIdentity(identity);
Principal = new ClaimsPrincipal(principal);
}
/// <summary>
/// Called to reject the incoming identity. This may be done if the application has determined the
/// Called to reject the incoming principal. This may be done if the application has determined the
/// account is no longer active, and the request should be treated as if it was anonymous.
/// </summary>
public void RejectIdentity()
public void RejectPrincipal()
{
Identity = null;
Principal = null;
}
}
}

2
src/Microsoft.AspNet.Security.Cookies/Notifications/DefaultBehavior.cs → src/Microsoft.AspNet.Authentication.Cookies/Notifications/DefaultBehavior.cs
View File

@ -6,7 +6,7 @@ using System;
using Microsoft.AspNet.Http;
using Newtonsoft.Json;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
internal static class DefaultBehavior
{

8
src/Microsoft.AspNet.Security.Cookies/Notifications/ICookieAuthenticationNotifications.cs → src/Microsoft.AspNet.Authentication.Cookies/Notifications/ICookieAuthenticationNotifications.cs
View File

@ -4,7 +4,7 @@
using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Cookies
{
/// <summary>
/// Specifies callback methods which the <see cref="CookieAuthenticationMiddleware"></see> invokes to enable developer control over the authentication process. />
@ -12,12 +12,12 @@ namespace Microsoft.AspNet.Security.Cookies
public interface ICookieAuthenticationNotifications
{
/// <summary>
/// Called each time a request identity has been validated by the middleware. By implementing this method the
/// application may alter or reject the identity which has arrived with the request.
/// Called each time a request principal has been validated by the middleware. By implementing this method the
/// application may alter or reject the principal which has arrived with the request.
/// </summary>
/// <param name="context">Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.</param>
/// <returns>A <see cref="Task"/> representing the completed operation.</returns>
Task ValidateIdentity(CookieValidateIdentityContext context);
Task ValidatePrincipal(CookieValidatePrincipalContext context);
/// <summary>
/// Called when an endpoint has provided sign in information before it is converted into a cookie. By

4
src/Microsoft.AspNet.Security.Cookies/Resources.Designer.cs → src/Microsoft.AspNet.Authentication.Cookies/Resources.Designer.cs generated
View File

@ -8,7 +8,7 @@
// </auto-generated>
//------------------------------------------------------------------------------
namespace Microsoft.AspNet.Security.Cookies {
namespace Microsoft.AspNet.Authentication.Cookies {
using System;
@ -39,7 +39,7 @@ namespace Microsoft.AspNet.Security.Cookies {
internal static global::System.Resources.ResourceManager ResourceManager {
get {
if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Security.Cookies.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Authentication.Cookies.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
resourceMan = temp;
}
return resourceMan;

0
src/Microsoft.AspNet.Security.Cookies/Resources.resx → src/Microsoft.AspNet.Authentication.Cookies/Resources.resx
View File

2
src/Microsoft.AspNet.Security.Cookies/project.json → src/Microsoft.AspNet.Authentication.Cookies/project.json
View File

@ -2,7 +2,7 @@
"version": "1.0.0-*",
"description": "ASP.NET middleware that enables an application to use cookie based authentication, similar to ASP.NET's forms authentication.",
"dependencies": {
"Microsoft.AspNet.Security": "1.0.0-*",
"Microsoft.AspNet.Authentication": "1.0.0-*",
"Newtonsoft.Json": "6.0.6"
},
"frameworks": {

4
src/Microsoft.AspNet.Security.Facebook/FacebookAuthenticationDefaults.cs → src/Microsoft.AspNet.Authentication.Facebook/FacebookAuthenticationDefaults.cs
View File

@ -1,11 +1,11 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.Facebook
namespace Microsoft.AspNet.Authentication.Facebook
{
public static class FacebookAuthenticationDefaults
{
public const string AuthenticationType = "Facebook";
public const string AuthenticationScheme = "Facebook";
public const string AuthorizationEndpoint = "https://www.facebook.com/v2.2/dialog/oauth";

2
src/Microsoft.AspNet.Security.Facebook/FacebookAuthenticationExtensions.cs → src/Microsoft.AspNet.Authentication.Facebook/FacebookAuthenticationExtensions.cs
View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Security.Facebook;
using Microsoft.AspNet.Authentication.Facebook;
using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.OptionsModel;
using System;

25
src/Microsoft.AspNet.Security.Facebook/FacebookAuthenticationHandler.cs → src/Microsoft.AspNet.Authentication.Facebook/FacebookAuthenticationHandler.cs
View File

@ -11,13 +11,13 @@ using System.Threading.Tasks;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Core.Collections;
using Microsoft.AspNet.Http.Extensions;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.WebUtilities;
using Microsoft.Framework.Logging;
using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.Facebook
namespace Microsoft.AspNet.Authentication.Facebook
{
internal class FacebookAuthenticationHandler : OAuthAuthenticationHandler<FacebookAuthenticationOptions, IFacebookAuthenticationNotifications>
{
@ -65,41 +65,42 @@ namespace Microsoft.AspNet.Security.Facebook
JObject user = JObject.Parse(text);
var context = new FacebookAuthenticatedContext(Context, Options, user, tokens);
context.Identity = new ClaimsIdentity(
Options.AuthenticationType,
var identity = new ClaimsIdentity(
Options.AuthenticationScheme,
ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType);
if (!string.IsNullOrEmpty(context.Id))
{
context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, context.Id, ClaimValueTypes.String, Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, context.Id, ClaimValueTypes.String, Options.AuthenticationScheme));
}
if (!string.IsNullOrEmpty(context.UserName))
{
context.Identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, context.UserName, ClaimValueTypes.String, Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, context.UserName, ClaimValueTypes.String, Options.AuthenticationScheme));
}
if (!string.IsNullOrEmpty(context.Email))
{
context.Identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String, Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String, Options.AuthenticationScheme));
}
if (!string.IsNullOrEmpty(context.Name))
{
context.Identity.AddClaim(new Claim("urn:facebook:name", context.Name, ClaimValueTypes.String, Options.AuthenticationType));
identity.AddClaim(new Claim("urn:facebook:name", context.Name, ClaimValueTypes.String, Options.AuthenticationScheme));
// Many Facebook accounts do not set the UserName field. Fall back to the Name field instead.
if (string.IsNullOrEmpty(context.UserName))
{
context.Identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, context.Name, ClaimValueTypes.String, Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, context.Name, ClaimValueTypes.String, Options.AuthenticationScheme));
}
}
if (!string.IsNullOrEmpty(context.Link))
{
context.Identity.AddClaim(new Claim("urn:facebook:link", context.Link, ClaimValueTypes.String, Options.AuthenticationType));
identity.AddClaim(new Claim("urn:facebook:link", context.Link, ClaimValueTypes.String, Options.AuthenticationScheme));
}
context.Properties = properties;
context.Principal = new ClaimsPrincipal(identity);
await Options.Notifications.Authenticated(context);
return new AuthenticationTicket(context.Identity, context.Properties);
return new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme);
}
private string GenerateAppSecretProof(string accessToken)

6
src/Microsoft.AspNet.Security.Facebook/FacebookAuthenticationMiddleware.cs → src/Microsoft.AspNet.Authentication.Facebook/FacebookAuthenticationMiddleware.cs
View File

@ -4,13 +4,13 @@
using System;
using System.Globalization;
using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.Framework.Logging;
using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Security.Facebook
namespace Microsoft.AspNet.Authentication.Facebook
{
/// <summary>
/// An ASP.NET middleware for authenticating users using Facebook.

8
src/Microsoft.AspNet.Security.Facebook/FacebookAuthenticationOptions.cs → src/Microsoft.AspNet.Authentication.Facebook/FacebookAuthenticationOptions.cs
View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Facebook
namespace Microsoft.AspNet.Authentication.Facebook
{
/// <summary>
/// Configuration options for <see cref="FacebookAuthenticationMiddleware"/>.
@ -16,8 +16,8 @@ namespace Microsoft.AspNet.Security.Facebook
/// </summary>
public FacebookAuthenticationOptions()
{
AuthenticationType = FacebookAuthenticationDefaults.AuthenticationType;
Caption = AuthenticationType;
AuthenticationScheme = FacebookAuthenticationDefaults.AuthenticationScheme;
Caption = AuthenticationScheme;
CallbackPath = new PathString("/signin-facebook");
SendAppSecretProof = true;
AuthorizationEndpoint = FacebookAuthenticationDefaults.AuthorizationEndpoint;

4
src/Microsoft.AspNet.Security.Facebook/Microsoft.AspNet.Security.Facebook.kproj → src/Microsoft.AspNet.Authentication.Facebook/Microsoft.AspNet.Authentication.Facebook.kproj
View File

@ -1,4 +1,4 @@
<?xml version="1.0" encoding="utf-8"?>
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup>
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
@ -14,4 +14,4 @@
<SchemaVersion>2.0</SchemaVersion>
</PropertyGroup>
<Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" />
</Project>
</Project>

12
src/Microsoft.AspNet.Authentication.Facebook/NotNullAttribute.cs Normal file
View File

@ -0,0 +1,12 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
namespace Microsoft.AspNet.Authentication.Facebook
{
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute
{
}
}

4
src/Microsoft.AspNet.Security.Facebook/Notifications/FacebookAuthenticatedContext.cs → src/Microsoft.AspNet.Authentication.Facebook/Notifications/FacebookAuthenticatedContext.cs
View File

@ -3,10 +3,10 @@
using System.Net.Http;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Authentication.OAuth;
using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.Facebook
namespace Microsoft.AspNet.Authentication.Facebook
{
/// <summary>
/// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.

4
src/Microsoft.AspNet.Security.Facebook/Notifications/FacebookAuthenticationNotifications.cs → src/Microsoft.AspNet.Authentication.Facebook/Notifications/FacebookAuthenticationNotifications.cs
View File

@ -3,9 +3,9 @@
using System;
using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Facebook
namespace Microsoft.AspNet.Authentication.Facebook
{
/// <summary>
/// The default <see cref="IFacebookAuthenticationNotifications"/> implementation.

4
src/Microsoft.AspNet.Security.Facebook/Notifications/IFacebookAuthenticationNotifications.cs → src/Microsoft.AspNet.Authentication.Facebook/Notifications/IFacebookAuthenticationNotifications.cs
View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Facebook
namespace Microsoft.AspNet.Authentication.Facebook
{
/// <summary>
/// Specifies callback methods which the <see cref="FacebookAuthenticationMiddleware"></see> invokes to enable developer control over the authentication process.

4
src/Microsoft.AspNet.Security.Facebook/Resources.Designer.cs → src/Microsoft.AspNet.Authentication.Facebook/Resources.Designer.cs generated
View File

@ -8,7 +8,7 @@
// </auto-generated>
//------------------------------------------------------------------------------
namespace Microsoft.AspNet.Security.Facebook {
namespace Microsoft.AspNet.Authentication.Facebook {
using System;
@ -39,7 +39,7 @@ namespace Microsoft.AspNet.Security.Facebook {
internal static global::System.Resources.ResourceManager ResourceManager {
get {
if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Security.Facebook.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Authentication.Facebook.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
resourceMan = temp;
}
return resourceMan;

0
src/Microsoft.AspNet.Security.Facebook/Resources.resx → src/Microsoft.AspNet.Authentication.Facebook/Resources.resx
View File

2
src/Microsoft.AspNet.Security.Facebook/project.json → src/Microsoft.AspNet.Authentication.Facebook/project.json
View File

@ -2,7 +2,7 @@
"version": "1.0.0-*",
"description": "ASP.NET 5 middleware that enables an application to support Facebook's OAuth 2.0 authentication workflow.",
"dependencies": {
"Microsoft.AspNet.Security.OAuth": "1.0.0-*"
"Microsoft.AspNet.Authentication.OAuth": "1.0.0-*"
},
"frameworks": {
"aspnet50": { },

4
src/Microsoft.AspNet.Security.Google/GoogleAuthenticationDefaults.cs → src/Microsoft.AspNet.Authentication.Google/GoogleAuthenticationDefaults.cs
View File

@ -1,11 +1,11 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.Google
namespace Microsoft.AspNet.Authentication.Google
{
public static class GoogleAuthenticationDefaults
{
public const string AuthenticationType = "Google";
public const string AuthenticationScheme = "Google";
public const string AuthorizationEndpoint = "https://accounts.google.com/o/oauth2/auth";

2
src/Microsoft.AspNet.Security.Google/GoogleAuthenticationExtensions.cs → src/Microsoft.AspNet.Authentication.Google/GoogleAuthenticationExtensions.cs
View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Security.Google;
using Microsoft.AspNet.Authentication.Google;
using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.OptionsModel;
using System;

37
src/Microsoft.AspNet.Security.Google/GoogleAuthenticationHandler.cs → src/Microsoft.AspNet.Authentication.Google/GoogleAuthenticationHandler.cs
View File

@ -7,13 +7,13 @@ using System.Net.Http;
using System.Net.Http.Headers;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.WebUtilities;
using Microsoft.Framework.Logging;
using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.Google
namespace Microsoft.AspNet.Authentication.Google
{
internal class GoogleAuthenticationHandler : OAuthAuthenticationHandler<GoogleAuthenticationOptions, IGoogleAuthenticationNotifications>
{
@ -33,46 +33,47 @@ namespace Microsoft.AspNet.Security.Google
JObject user = JObject.Parse(text);
var context = new GoogleAuthenticatedContext(Context, Options, user, tokens);
context.Identity = new ClaimsIdentity(
Options.AuthenticationType,
var identity = new ClaimsIdentity(
Options.AuthenticationScheme,
ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType);
if (!string.IsNullOrEmpty(context.Id))
{
context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, context.Id,
ClaimValueTypes.String, Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, context.Id,
ClaimValueTypes.String, Options.AuthenticationScheme));
}
if (!string.IsNullOrEmpty(context.GivenName))
{
context.Identity.AddClaim(new Claim(ClaimTypes.GivenName, context.GivenName,
ClaimValueTypes.String, Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimTypes.GivenName, context.GivenName,
ClaimValueTypes.String, Options.AuthenticationScheme));
}
if (!string.IsNullOrEmpty(context.FamilyName))
{
context.Identity.AddClaim(new Claim(ClaimTypes.Surname, context.FamilyName,
ClaimValueTypes.String, Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimTypes.Surname, context.FamilyName,
ClaimValueTypes.String, Options.AuthenticationScheme));
}
if (!string.IsNullOrEmpty(context.Name))
{
context.Identity.AddClaim(new Claim(ClaimTypes.Name, context.Name, ClaimValueTypes.String,
Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimTypes.Name, context.Name, ClaimValueTypes.String,
Options.AuthenticationScheme));
}
if (!string.IsNullOrEmpty(context.Email))
{
context.Identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String,
Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String,
Options.AuthenticationScheme));
}
if (!string.IsNullOrEmpty(context.Profile))
{
context.Identity.AddClaim(new Claim("urn:google:profile", context.Profile, ClaimValueTypes.String,
Options.AuthenticationType));
identity.AddClaim(new Claim("urn:google:profile", context.Profile, ClaimValueTypes.String,
Options.AuthenticationScheme));
}
context.Properties = properties;
context.Principal = new ClaimsPrincipal(identity);
await Options.Notifications.Authenticated(context);
return new AuthenticationTicket(context.Identity, context.Properties);
return new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme);
}
// TODO: Abstract this properties override pattern into the base class?

8
src/Microsoft.AspNet.Security.Google/GoogleAuthenticationMiddleware.cs → src/Microsoft.AspNet.Authentication.Google/GoogleAuthenticationMiddleware.cs
View File

@ -5,15 +5,15 @@ using System;
using System.Diagnostics.CodeAnalysis;
using System.Globalization;
using System.Net.Http;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.DataHandler;
using Microsoft.AspNet.Builder;
using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Security.DataHandler;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.Framework.Logging;
using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Security.Google
namespace Microsoft.AspNet.Authentication.Google
{
/// <summary>
/// An ASP.NET middleware for authenticating users using Google OAuth 2.0.

10
src/Microsoft.AspNet.Security.Google/GoogleAuthenticationOptions.cs → src/Microsoft.AspNet.Authentication.Google/GoogleAuthenticationOptions.cs
View File

@ -5,10 +5,10 @@ using System;
using System.Collections.Generic;
using System.Net.Http;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Google
namespace Microsoft.AspNet.Authentication.Google
{
/// <summary>
/// Configuration options for <see cref="GoogleAuthenticationMiddleware"/>.
@ -20,8 +20,8 @@ namespace Microsoft.AspNet.Security.Google
/// </summary>
public GoogleAuthenticationOptions()
{
AuthenticationType = GoogleAuthenticationDefaults.AuthenticationType;
Caption = AuthenticationType;
AuthenticationScheme = GoogleAuthenticationDefaults.AuthenticationScheme;
Caption = AuthenticationScheme;
CallbackPath = new PathString("/signin-google");
AuthorizationEndpoint = GoogleAuthenticationDefaults.AuthorizationEndpoint;
TokenEndpoint = GoogleAuthenticationDefaults.TokenEndpoint;

4
src/Microsoft.AspNet.Security.Google/Microsoft.AspNet.Security.Google.kproj → src/Microsoft.AspNet.Authentication.Google/Microsoft.AspNet.Authentication.Google.kproj
View File

@ -1,4 +1,4 @@
<?xml version="1.0" encoding="utf-8"?>
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup>
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
@ -14,4 +14,4 @@
<SchemaVersion>2.0</SchemaVersion>
</PropertyGroup>
<Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" />
</Project>
</Project>

2
src/Microsoft.AspNet.Security.Cookies/NotNullAttribute.cs → src/Microsoft.AspNet.Authentication.Google/NotNullAttribute.cs
View File

@ -3,7 +3,7 @@
using System;
namespace Microsoft.AspNet.Security.Cookies
namespace Microsoft.AspNet.Authentication.Google
{
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute

6
src/Microsoft.AspNet.Security.Google/Notifications/GoogleAuthenticatedContext.cs → src/Microsoft.AspNet.Authentication.Google/Notifications/GoogleAuthenticatedContext.cs
View File

@ -6,11 +6,11 @@ using System.Globalization;
using System.Net.Http;
using System.Security.Claims;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication.OAuth;
using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.Google
namespace Microsoft.AspNet.Authentication.Google
{
/// <summary>
/// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.

4
src/Microsoft.AspNet.Security.Google/Notifications/GoogleAuthenticationNotifications.cs → src/Microsoft.AspNet.Authentication.Google/Notifications/GoogleAuthenticationNotifications.cs
View File

@ -3,9 +3,9 @@
using System;
using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Google
namespace Microsoft.AspNet.Authentication.Google
{
/// <summary>
/// The default <see cref="IGoogleAuthenticationNotifications"/> implementation.

4
src/Microsoft.AspNet.Security.Google/Notifications/IGoogleAuthenticationNotifications.cs → src/Microsoft.AspNet.Authentication.Google/Notifications/IGoogleAuthenticationNotifications.cs
View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Google
namespace Microsoft.AspNet.Authentication.Google
{
/// <summary>
/// Specifies callback methods which the <see cref="GoogleAuthenticationMiddleware" /> invokes to enable developer control over the authentication process.

4
src/Microsoft.AspNet.Security.Google/Resources.Designer.cs → src/Microsoft.AspNet.Authentication.Google/Resources.Designer.cs generated
View File

@ -8,7 +8,7 @@
// </auto-generated>
//------------------------------------------------------------------------------
namespace Microsoft.AspNet.Security.Google {
namespace Microsoft.AspNet.Authentication.Google {
using System;
@ -39,7 +39,7 @@ namespace Microsoft.AspNet.Security.Google {
internal static global::System.Resources.ResourceManager ResourceManager {
get {
if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Security.Google.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Authentication.Google.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
resourceMan = temp;
}
return resourceMan;

0
src/Microsoft.AspNet.Security.Google/Resources.resx → src/Microsoft.AspNet.Authentication.Google/Resources.resx
View File

2
src/Microsoft.AspNet.Security.Google/project.json → src/Microsoft.AspNet.Authentication.Google/project.json
View File

@ -2,7 +2,7 @@
"version": "1.0.0-*",
"description": "ASP.NET 5 contains middlewares to support Google's OpenId and OAuth 2.0 authentication workflows.",
"dependencies": {
"Microsoft.AspNet.Security.OAuth": "1.0.0-*"
"Microsoft.AspNet.Authentication.OAuth": "1.0.0-*"
},
"frameworks": {
"aspnet50": { },

0
src/Microsoft.AspNet.Security.MicrosoftAccount/Microsoft.AspNet.Security.MicrosoftAccount.kproj → src/Microsoft.AspNet.Authentication.MicrosoftAccount/Microsoft.AspNet.Authentication.MicrosoftAccount.kproj
View File

4
src/Microsoft.AspNet.Security.MicrosoftAccount/MicrosoftAccountAuthenticationDefaults.cs → src/Microsoft.AspNet.Authentication.MicrosoftAccount/MicrosoftAccountAuthenticationDefaults.cs
View File

@ -1,11 +1,11 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.MicrosoftAccount
namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{
public static class MicrosoftAccountAuthenticationDefaults
{
public const string AuthenticationType = "Microsoft";
public const string AuthenticationScheme = "Microsoft";
public const string AuthorizationEndpoint = "https://login.live.com/oauth20_authorize.srf";

2
src/Microsoft.AspNet.Security.MicrosoftAccount/MicrosoftAccountAuthenticationExtensions.cs → src/Microsoft.AspNet.Authentication.MicrosoftAccount/MicrosoftAccountAuthenticationExtensions.cs
View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Security.MicrosoftAccount;
using Microsoft.AspNet.Authentication.MicrosoftAccount;
using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.OptionsModel;
using System;

23
src/Microsoft.AspNet.Security.MicrosoftAccount/MicrosoftAccountAuthenticationHandler.cs → src/Microsoft.AspNet.Authentication.MicrosoftAccount/MicrosoftAccountAuthenticationHandler.cs
View File

@ -8,12 +8,12 @@ using System.Net.Http.Headers;
using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.Framework.Logging;
using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.MicrosoftAccount
namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{
internal class MicrosoftAccountAuthenticationHandler : OAuthAuthenticationHandler<MicrosoftAccountAuthenticationOptions, IMicrosoftAccountAuthenticationNotifications>
{
@ -33,26 +33,27 @@ namespace Microsoft.AspNet.Security.MicrosoftAccount
var context = new MicrosoftAccountAuthenticatedContext(Context, Options, accountInformation, tokens);
context.Properties = properties;
context.Identity = new ClaimsIdentity(
var identity = new ClaimsIdentity(
new[]
{
new Claim(ClaimTypes.NameIdentifier, context.Id, ClaimValueTypes.String, Options.AuthenticationType),
new Claim(ClaimTypes.Name, context.Name, ClaimValueTypes.String, Options.AuthenticationType),
new Claim("urn:microsoftaccount:id", context.Id, ClaimValueTypes.String, Options.AuthenticationType),
new Claim("urn:microsoftaccount:name", context.Name, ClaimValueTypes.String, Options.AuthenticationType)
new Claim(ClaimTypes.NameIdentifier, context.Id, ClaimValueTypes.String, Options.AuthenticationScheme),
new Claim(ClaimTypes.Name, context.Name, ClaimValueTypes.String, Options.AuthenticationScheme),
new Claim("urn:microsoftaccount:id", context.Id, ClaimValueTypes.String, Options.AuthenticationScheme),
new Claim("urn:microsoftaccount:name", context.Name, ClaimValueTypes.String, Options.AuthenticationScheme)
},
Options.AuthenticationType,
Options.AuthenticationScheme,
ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType);
if (!string.IsNullOrWhiteSpace(context.Email))
{
context.Identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String, Options.AuthenticationType));
identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String, Options.AuthenticationScheme));
}
context.Principal = new ClaimsPrincipal(identity);
await Options.Notifications.Authenticated(context);
return new AuthenticationTicket(context.Identity, context.Properties);
return new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme);
}
}
}

6
src/Microsoft.AspNet.Security.MicrosoftAccount/MicrosoftAccountAuthenticationMiddleware.cs → src/Microsoft.AspNet.Authentication.MicrosoftAccount/MicrosoftAccountAuthenticationMiddleware.cs
View File

@ -3,14 +3,14 @@
using System;
using System.Globalization;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.Builder;
using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.Framework.Logging;
using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Security.MicrosoftAccount
namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{
/// <summary>
/// An ASP.NET middleware for authenticating users using the Microsoft Account service.

8
src/Microsoft.AspNet.Security.MicrosoftAccount/MicrosoftAccountAuthenticationOptions.cs → src/Microsoft.AspNet.Authentication.MicrosoftAccount/MicrosoftAccountAuthenticationOptions.cs
View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.MicrosoftAccount
namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{
/// <summary>
/// Configuration options for <see cref="MicrosoftAccountAuthenticationMiddleware"/>.
@ -16,8 +16,8 @@ namespace Microsoft.AspNet.Security.MicrosoftAccount
/// </summary>
public MicrosoftAccountAuthenticationOptions()
{
AuthenticationType = MicrosoftAccountAuthenticationDefaults.AuthenticationType;
Caption = AuthenticationType;
AuthenticationScheme = MicrosoftAccountAuthenticationDefaults.AuthenticationScheme;
Caption = AuthenticationScheme;
CallbackPath = new PathString("/signin-microsoft");
AuthorizationEndpoint = MicrosoftAccountAuthenticationDefaults.AuthorizationEndpoint;
TokenEndpoint = MicrosoftAccountAuthenticationDefaults.TokenEndpoint;

12
src/Microsoft.AspNet.Authentication.MicrosoftAccount/NotNullAttribute.cs Normal file
View File

@ -0,0 +1,12 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute
{
}
}

4
src/Microsoft.AspNet.Security.MicrosoftAccount/Notifications/IMicrosoftAccountAuthenticationNotifications.cs → src/Microsoft.AspNet.Authentication.MicrosoftAccount/Notifications/IMicrosoftAccountAuthenticationNotifications.cs
View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.MicrosoftAccount
namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{
/// <summary>
/// Specifies callback methods which the <see cref="MicrosoftAccountAuthenticationMiddleware"/> invokes to enable developer control over the authentication process.

4
src/Microsoft.AspNet.Security.MicrosoftAccount/Notifications/MicrosoftAccountAuthenticatedContext.cs → src/Microsoft.AspNet.Authentication.MicrosoftAccount/Notifications/MicrosoftAccountAuthenticatedContext.cs
View File

@ -6,10 +6,10 @@ using System.Collections.Generic;
using System.Linq;
using System.Net.Http;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Authentication.OAuth;
using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.MicrosoftAccount
namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{
/// <summary>
/// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.

4
src/Microsoft.AspNet.Security.MicrosoftAccount/Notifications/MicrosoftAccountAuthenticationNotifications.cs → src/Microsoft.AspNet.Authentication.MicrosoftAccount/Notifications/MicrosoftAccountAuthenticationNotifications.cs
View File

@ -3,9 +3,9 @@
using System;
using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.MicrosoftAccount
namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{
/// <summary>
/// Default <see cref="IMicrosoftAccountAuthenticationNotifications"/> implementation.

4
src/Microsoft.AspNet.Security.MicrosoftAccount/Resources.Designer.cs → src/Microsoft.AspNet.Authentication.MicrosoftAccount/Resources.Designer.cs generated
View File

@ -8,7 +8,7 @@
// </auto-generated>
//------------------------------------------------------------------------------
namespace Microsoft.AspNet.Security.MicrosoftAccount {
namespace Microsoft.AspNet.Authentication.MicrosoftAccount {
using System;
@ -39,7 +39,7 @@ namespace Microsoft.AspNet.Security.MicrosoftAccount {
internal static global::System.Resources.ResourceManager ResourceManager {
get {
if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Security.MicrosoftAccount.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Authentication.MicrosoftAccount.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
resourceMan = temp;
}
return resourceMan;

0
src/Microsoft.AspNet.Security.MicrosoftAccount/Resources.resx → src/Microsoft.AspNet.Authentication.MicrosoftAccount/Resources.resx
View File

2
src/Microsoft.AspNet.Security.MicrosoftAccount/project.json → src/Microsoft.AspNet.Authentication.MicrosoftAccount/project.json
View File

@ -2,7 +2,7 @@
"version": "1.0.0-*",
"description": "ASP.NET 5 middleware that enables an application to support the Microsoft Account authentication workflow.",
"dependencies": {
"Microsoft.AspNet.Security.OAuth": "1.0.0-*"
"Microsoft.AspNet.Authentication.OAuth": "1.0.0-*"
},
"frameworks": {
"aspnet50": { },

4
src/Microsoft.AspNet.Security.OAuth/Microsoft.AspNet.Security.OAuth.kproj → src/Microsoft.AspNet.Authentication.OAuth/Microsoft.AspNet.Authentication.OAuth.kproj
View File

@ -1,4 +1,4 @@
<?xml version="1.0" encoding="utf-8"?>
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup>
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
@ -14,4 +14,4 @@
<SchemaVersion>2.0</SchemaVersion>
</PropertyGroup>
<Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" />
</Project>
</Project>

2
src/Microsoft.AspNet.Security.Google/NotNullAttribute.cs → src/Microsoft.AspNet.Authentication.OAuth/NotNullAttribute.cs
View File

@ -3,7 +3,7 @@
using System;
namespace Microsoft.AspNet.Security.Google
namespace Microsoft.AspNet.Authentication.OAuth
{
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute

4
src/Microsoft.AspNet.Security.OAuth/Notifications/BaseValidatingContext.cs → src/Microsoft.AspNet.Authentication.OAuth/Notifications/BaseValidatingContext.cs
View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Base class used for certain event contexts

9
src/Microsoft.AspNet.Security.OAuth/Notifications/BaseValidatingTicketContext.cs → src/Microsoft.AspNet.Authentication.OAuth/Notifications/BaseValidatingTicketContext.cs
View File

@ -3,9 +3,9 @@
using System.Security.Claims;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Http.Authentication;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Base class used for certain event contexts
@ -49,10 +49,11 @@ namespace Microsoft.AspNet.Security.OAuth
/// </summary>
/// <param name="identity">Assigned to the Ticket.Identity property</param>
/// <returns>True if the validation has taken effect.</returns>
public bool Validated(ClaimsIdentity identity)
public bool Validated(ClaimsPrincipal principal)
{
AuthenticationProperties properties = Ticket != null ? Ticket.Properties : new AuthenticationProperties();
return Validated(new AuthenticationTicket(identity, properties));
// TODO: Ticket can be null, need to revisit
return Validated(new AuthenticationTicket(principal, properties, Ticket.AuthenticationScheme));
}
}
}

2
src/Microsoft.AspNet.Security.OAuth/Notifications/IOAuthAuthenticationNotifications.cs → src/Microsoft.AspNet.Authentication.OAuth/Notifications/IOAuthAuthenticationNotifications.cs
View File

@ -3,7 +3,7 @@
using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Specifies callback methods which the <see cref="OAuthAuthenticationMiddleware"/> invokes to enable developer control over the authentication process.

6
src/Microsoft.AspNet.Security.OAuth/Notifications/OAuthApplyRedirectContext.cs → src/Microsoft.AspNet.Authentication.OAuth/Notifications/OAuthApplyRedirectContext.cs
View File

@ -2,10 +2,10 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Context passed when a Challenge causes a redirect to authorize endpoint in the Microsoft account middleware.

10
src/Microsoft.AspNet.Security.OAuth/Notifications/OAuthAuthenticatedContext.cs → src/Microsoft.AspNet.Authentication.OAuth/Notifications/OAuthAuthenticatedContext.cs
View File

@ -5,11 +5,11 @@ using System;
using System.Globalization;
using System.Security.Claims;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication.Notifications;
using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.
@ -66,11 +66,11 @@ namespace Microsoft.AspNet.Security.OAuth
/// <summary>
/// Gets the <see cref="ClaimsIdentity"/> representing the user.
/// </summary>
public ClaimsIdentity Identity { get; set; }
public ClaimsPrincipal Principal { get; set; }
/// <summary>
/// Gets or sets a property bag for common authentication properties.
/// </summary>
public AuthenticationProperties Properties { get; set; }
}
}
}

2
src/Microsoft.AspNet.Security.OAuth/Notifications/OAuthAuthenticationNotifications.cs → src/Microsoft.AspNet.Authentication.OAuth/Notifications/OAuthAuthenticationNotifications.cs
View File

@ -4,7 +4,7 @@
using System;
using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Default <see cref="IOAuthAuthenticationNotifications"/> implementation.

4
src/Microsoft.AspNet.Security.OAuth/Notifications/OAuthChallengeContext.cs → src/Microsoft.AspNet.Authentication.OAuth/Notifications/OAuthChallengeContext.cs
View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Specifies the HTTP response header for the bearer authentication scheme.

10
src/Microsoft.AspNet.Security.OAuth/Notifications/OAuthGetUserInformationContext.cs → src/Microsoft.AspNet.Authentication.OAuth/Notifications/OAuthGetUserInformationContext.cs
View File

@ -6,10 +6,10 @@ using System.Globalization;
using System.Net.Http;
using System.Security.Claims;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.
@ -63,9 +63,9 @@ namespace Microsoft.AspNet.Security.OAuth
public HttpClient Backchannel { get; protected set; }
/// <summary>
/// Gets the <see cref="ClaimsIdentity"/> representing the user.
/// Gets the <see cref="ClaimsPrincipal"/> representing the user.
/// </summary>
public ClaimsIdentity Identity { get; set; }
public ClaimsPrincipal Principal { get; set; }
/// <summary>
/// Gets or sets a property bag for common authentication properties.

4
src/Microsoft.AspNet.Security.OAuth/Notifications/OAuthRequestTokenContext.cs → src/Microsoft.AspNet.Authentication.OAuth/Notifications/OAuthRequestTokenContext.cs
View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Specifies the HTTP request header for the bearer authentication scheme.

4
src/Microsoft.AspNet.Security.OAuth/Notifications/OAuthReturnEndpointContext.cs → src/Microsoft.AspNet.Authentication.OAuth/Notifications/OAuthReturnEndpointContext.cs
View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Provides context information to middleware providers.

14
src/Microsoft.AspNet.Security.OAuth/OAuthAuthenticationDefaults.cs → src/Microsoft.AspNet.Authentication.OAuth/OAuthAuthenticationDefaults.cs
View File

@ -6,7 +6,7 @@ using System.Globalization;
using System.Security.Claims;
using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
public static class OAuthAuthenticationDefaults
{
@ -14,25 +14,25 @@ namespace Microsoft.AspNet.Security.OAuth
{
// If the developer doesn't specify a user-info callback, just give them the tokens.
var identity = new ClaimsIdentity(
context.Options.AuthenticationType,
context.Options.AuthenticationScheme,
ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType);
identity.AddClaim(new Claim("access_token", context.AccessToken, ClaimValueTypes.String, context.Options.AuthenticationType));
identity.AddClaim(new Claim("access_token", context.AccessToken, ClaimValueTypes.String, context.Options.AuthenticationScheme));
if (!string.IsNullOrEmpty(context.RefreshToken))
{
identity.AddClaim(new Claim("refresh_token", context.RefreshToken, ClaimValueTypes.String, context.Options.AuthenticationType));
identity.AddClaim(new Claim("refresh_token", context.RefreshToken, ClaimValueTypes.String, context.Options.AuthenticationScheme));
}
if (!string.IsNullOrEmpty(context.TokenType))
{
identity.AddClaim(new Claim("token_type", context.TokenType, ClaimValueTypes.String, context.Options.AuthenticationType));
identity.AddClaim(new Claim("token_type", context.TokenType, ClaimValueTypes.String, context.Options.AuthenticationScheme));
}
if (context.ExpiresIn.HasValue)
{
identity.AddClaim(new Claim("expires_in", context.ExpiresIn.Value.TotalSeconds.ToString(CultureInfo.InvariantCulture),
ClaimValueTypes.String, context.Options.AuthenticationType));
ClaimValueTypes.String, context.Options.AuthenticationScheme));
}
context.Identity = identity;
context.Principal = new ClaimsPrincipal(identity);
return Task.FromResult(0);
};
}

12
src/Microsoft.AspNet.Security.OAuth/OAuthAuthenticationExtensions.cs → src/Microsoft.AspNet.Authentication.OAuth/OAuthAuthenticationExtensions.cs
View File

@ -3,8 +3,8 @@
using System;
using System.Globalization;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.Authentication;
using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Builder
@ -20,13 +20,13 @@ namespace Microsoft.AspNet.Builder
/// <param name="app">The <see cref="IApplicationBuilder"/> passed to the configure method.</param>
/// <param name="options">The middleware configuration options.</param>
/// <returns>The updated <see cref="IApplicationBuilder"/>.</returns>
public static IApplicationBuilder UseOAuthAuthentication([NotNull] this IApplicationBuilder app, [NotNull] string authenticationType, Action<OAuthAuthenticationOptions<IOAuthAuthenticationNotifications>> configureOptions = null)
public static IApplicationBuilder UseOAuthAuthentication([NotNull] this IApplicationBuilder app, [NotNull] string authenticationScheme, Action<OAuthAuthenticationOptions<IOAuthAuthenticationNotifications>> configureOptions = null)
{
return app.UseMiddleware<OAuthAuthenticationMiddleware<OAuthAuthenticationOptions<IOAuthAuthenticationNotifications>, IOAuthAuthenticationNotifications>>(
new ConfigureOptions<OAuthAuthenticationOptions<IOAuthAuthenticationNotifications>>(options =>
{
options.AuthenticationType = authenticationType;
options.Caption = authenticationType;
options.AuthenticationScheme = authenticationScheme;
options.Caption = authenticationScheme;
if (configureOptions != null)
{
configureOptions(options);
@ -37,7 +37,7 @@ namespace Microsoft.AspNet.Builder
}
})
{
Name = authenticationType,
Name = authenticationScheme,
});
}
}

33
src/Microsoft.AspNet.Security.OAuth/OAuthAuthenticationHandler.cs → src/Microsoft.AspNet.Authentication.OAuth/OAuthAuthenticationHandler.cs
View File

@ -9,13 +9,13 @@ using System.Security.Claims;
using System.Threading.Tasks;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Extensions;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.WebUtilities;
using Microsoft.Framework.Logging;
using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
public class OAuthAuthenticationHandler<TOptions, TNotifications> : AuthenticationHandler<TOptions>
where TOptions : OAuthAuthenticationOptions<TNotifications>
@ -52,26 +52,21 @@ namespace Microsoft.AspNet.Security.OAuth
var context = new OAuthReturnEndpointContext(Context, ticket)
{
SignInAsAuthenticationType = Options.SignInAsAuthenticationType,
SignInScheme = Options.SignInScheme,
RedirectUri = ticket.Properties.RedirectUri,
};
ticket.Properties.RedirectUri = null;
await Options.Notifications.ReturnEndpoint(context);
if (context.SignInAsAuthenticationType != null && context.Identity != null)
if (context.SignInScheme != null && context.Principal != null)
{
ClaimsIdentity signInIdentity = context.Identity;
if (!string.Equals(signInIdentity.AuthenticationType, context.SignInAsAuthenticationType, StringComparison.Ordinal))
{
signInIdentity = new ClaimsIdentity(signInIdentity.Claims, context.SignInAsAuthenticationType, signInIdentity.NameClaimType, signInIdentity.RoleClaimType);
}
Context.Response.SignIn(context.Properties, signInIdentity);
Context.Response.SignIn(context.SignInScheme, context.Principal, context.Properties);
}
if (!context.IsRequestCompleted && context.RedirectUri != null)
{
if (context.Identity == null)
if (context.Principal == null)
{
// add a redirect hint that sign-in failed in some way
context.RedirectUri = QueryHelpers.AddQueryString(context.RedirectUri, "error", "access_denied");
@ -116,13 +111,13 @@ namespace Microsoft.AspNet.Security.OAuth
// OAuth2 10.12 CSRF
if (!ValidateCorrelationId(properties, Logger))
{
return new AuthenticationTicket(null, properties);
return new AuthenticationTicket(properties, Options.AuthenticationScheme);
}
if (string.IsNullOrEmpty(code))
{
// Null if the remote server returns an error.
return new AuthenticationTicket(null, properties);
return new AuthenticationTicket(properties, Options.AuthenticationScheme);
}
string requestPrefix = Request.Scheme + "://" + Request.Host;
@ -133,7 +128,7 @@ namespace Microsoft.AspNet.Security.OAuth
if (string.IsNullOrWhiteSpace(tokens.AccessToken))
{
Logger.WriteWarning("Access token was not found");
return new AuthenticationTicket(null, properties);
return new AuthenticationTicket(properties, Options.AuthenticationScheme);
}
return await GetUserInformationAsync(properties, tokens);
@ -141,7 +136,7 @@ namespace Microsoft.AspNet.Security.OAuth
catch (Exception ex)
{
Logger.WriteError("Authentication failed", ex);
return new AuthenticationTicket(null, properties);
return new AuthenticationTicket(properties, Options.AuthenticationScheme);
}
}
@ -176,7 +171,7 @@ namespace Microsoft.AspNet.Security.OAuth
Properties = properties,
};
await Options.Notifications.GetUserInformationAsync(context);
return new AuthenticationTicket(context.Identity, context.Properties);
return new AuthenticationTicket(context.Principal, context.Properties, Options.AuthenticationScheme);
}
protected override void ApplyResponseChallenge()
@ -186,8 +181,8 @@ namespace Microsoft.AspNet.Security.OAuth
return;
}
// Active middleware should redirect on 401 even if there wasn't an explicit challenge.
if (ChallengeContext == null && Options.AuthenticationMode == AuthenticationMode.Passive)
// Only redirect on challenges
if (ChallengeContext == null)
{
return;
}

20
src/Microsoft.AspNet.Security.OAuth/OAuthAuthenticationMiddleware.cs → src/Microsoft.AspNet.Authentication.OAuth/OAuthAuthenticationMiddleware.cs
View File

@ -5,14 +5,14 @@ using System;
using System.Diagnostics.CodeAnalysis;
using System.Globalization;
using System.Net.Http;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.DataHandler;
using Microsoft.AspNet.Builder;
using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Security.DataHandler;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.Framework.Logging;
using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// An ASP.NET middleware for authenticating users using OAuth services.
@ -41,9 +41,9 @@ namespace Microsoft.AspNet.Security.OAuth
: base(next, services, options, configureOptions)
{
// todo: review error handling
if (string.IsNullOrWhiteSpace(Options.AuthenticationType))
if (string.IsNullOrWhiteSpace(Options.AuthenticationScheme))
{
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.Exception_OptionMustBeProvided, "AuthenticationType"));
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.Exception_OptionMustBeProvided, "AuthenticationScheme"));
}
if (string.IsNullOrWhiteSpace(Options.ClientId))
@ -71,7 +71,7 @@ namespace Microsoft.AspNet.Security.OAuth
if (Options.StateDataFormat == null)
{
IDataProtector dataProtector = dataProtectionProvider.CreateProtector(
this.GetType().FullName, Options.AuthenticationType, "v1");
this.GetType().FullName, Options.AuthenticationScheme, "v1");
Options.StateDataFormat = new PropertiesDataFormat(dataProtector);
}
@ -80,13 +80,13 @@ namespace Microsoft.AspNet.Security.OAuth
Backchannel.Timeout = Options.BackchannelTimeout;
Backchannel.MaxResponseContentBufferSize = 1024 * 1024 * 10; // 10 MB
if (string.IsNullOrEmpty(Options.SignInAsAuthenticationType))
if (string.IsNullOrEmpty(Options.SignInScheme))
{
Options.SignInAsAuthenticationType = externalOptions.Options.SignInAsAuthenticationType;
Options.SignInScheme = externalOptions.Options.SignInScheme;
}
if (string.IsNullOrEmpty(Options.SignInAsAuthenticationType))
if (string.IsNullOrEmpty(Options.SignInScheme))
{
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.Exception_OptionMustBeProvided, "SignInAsAuthenticationType"));
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.Exception_OptionMustBeProvided, "SignInScheme"));
}
}

12
src/Microsoft.AspNet.Security.OAuth/OAuthAuthenticationOptions.cs → src/Microsoft.AspNet.Authentication.OAuth/OAuthAuthenticationOptions.cs
View File

@ -6,9 +6,9 @@ using System.Collections.Generic;
using System.Net.Http;
using System.Threading.Tasks;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security;
using Microsoft.AspNet.Http.Authentication;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Configuration options for <see cref="OAuthAuthenticationMiddleware"/>.
@ -20,7 +20,6 @@ namespace Microsoft.AspNet.Security.OAuth
/// </summary>
public OAuthAuthenticationOptions()
{
AuthenticationMode = AuthenticationMode.Passive;
Scope = new List<string>();
BackchannelTimeout = TimeSpan.FromSeconds(60);
}
@ -102,7 +101,12 @@ namespace Microsoft.AspNet.Security.OAuth
/// <summary>
/// Gets or sets the name of another authentication middleware which will be responsible for actually issuing a user <see cref="System.Security.Claims.ClaimsIdentity"/>.
/// </summary>
public string SignInAsAuthenticationType { get; set; }
public string SignInScheme { get; set; }
/// <summary>
/// Gets or sets the issuer that should be used for any claims that are created
/// </summary>
public string ClaimsIssuer { get; set; }
/// <summary>
/// Gets or sets the type used to secure data handled by the middleware.

2
src/Microsoft.AspNet.Security.OAuth/OAuthAuthenticationOptions`1.cs → src/Microsoft.AspNet.Authentication.OAuth/OAuthAuthenticationOptions`1.cs
View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
/// <summary>
/// Configuration options for <see cref="OAuthAuthenticationMiddleware"/>.

4
src/Microsoft.AspNet.Security.OAuthBearer/Resources.Designer.cs → src/Microsoft.AspNet.Authentication.OAuth/Resources.Designer.cs generated
View File

@ -8,7 +8,7 @@
// </auto-generated>
//------------------------------------------------------------------------------
namespace Microsoft.AspNet.Security.OAuthBearer {
namespace Microsoft.AspNet.Authentication.OAuth {
using System;
@ -39,7 +39,7 @@ namespace Microsoft.AspNet.Security.OAuthBearer {
internal static global::System.Resources.ResourceManager ResourceManager {
get {
if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Security.OAuth.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Authentication.OAuth.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
resourceMan = temp;
}
return resourceMan;

0
src/Microsoft.AspNet.Security.OAuth/Resources.resx → src/Microsoft.AspNet.Authentication.OAuth/Resources.resx
View File

2
src/Microsoft.AspNet.Security.OAuth/TokenResponse.cs → src/Microsoft.AspNet.Authentication.OAuth/TokenResponse.cs
View File

@ -3,7 +3,7 @@
using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.OAuth
namespace Microsoft.AspNet.Authentication.OAuth
{
public class TokenResponse
{

2
src/Microsoft.AspNet.Security.OAuth/project.json → src/Microsoft.AspNet.Authentication.OAuth/project.json
View File

@ -3,7 +3,7 @@
"description": "ASP.NET 5 middleware that enables an application to support any standard OAuth 2.0 authentication workflow.",
"dependencies": {
"Microsoft.AspNet.DataProtection": "1.0.0-*",
"Microsoft.AspNet.Security": "1.0.0-*"
"Microsoft.AspNet.Authentication": "1.0.0-*"
},
"frameworks": {
"aspnet50": {

0
src/Microsoft.AspNet.Security.OAuthBearer/Microsoft.AspNet.Security.OAuthBearer.kproj → src/Microsoft.AspNet.Authentication.OAuthBearer/Microsoft.AspNet.Authentication.OAuthBearer.kproj
View File

2
src/Microsoft.AspNet.Security.MicrosoftAccount/NotNullAttribute.cs → src/Microsoft.AspNet.Authentication.OAuthBearer/NotNullAttribute.cs
View File

@ -3,7 +3,7 @@
using System;
namespace Microsoft.AspNet.Security.MicrosoftAccount
namespace Microsoft.AspNet.Authentication.OAuthBearer
{
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute

4
src/Microsoft.AspNet.Security.OAuthBearer/Notifications/AuthenticationChallengeNotification.cs → src/Microsoft.AspNet.Authentication.OAuthBearer/Notifications/AuthenticationChallengeNotification.cs
View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuthBearer
namespace Microsoft.AspNet.Authentication.OAuthBearer
{
public class AuthenticationChallengeNotification<TOptions> : BaseNotification<TOptions>
{

4
src/Microsoft.AspNet.Security.OAuthBearer/Notifications/OAuthBearerAuthenticationNotifications.cs → src/Microsoft.AspNet.Authentication.OAuthBearer/Notifications/OAuthBearerAuthenticationNotifications.cs
View File

@ -4,12 +4,12 @@
using System;
using System.Threading.Tasks;
using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications;
using Microsoft.AspNet.Authentication.Notifications;
/// <summary>
/// Specifies events which the <see cref="OAuthBearerAuthenticationMiddleware"></see> invokes to enable developer control over the authentication process. />
/// </summary>
namespace Microsoft.AspNet.Security.OAuthBearer
namespace Microsoft.AspNet.Authentication.OAuthBearer
{
/// <summary>
/// OAuth bearer token middleware provider

6
src/Microsoft.AspNet.Security.OAuthBearer/OAuthBearerAuthenticationDefaults.cs → src/Microsoft.AspNet.Authentication.OAuthBearer/OAuthBearerAuthenticationDefaults.cs
View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.OAuthBearer
namespace Microsoft.AspNet.Authentication.OAuthBearer
{
/// <summary>
/// Default values used by authorization server and bearer authentication.
@ -9,9 +9,9 @@ namespace Microsoft.AspNet.Security.OAuthBearer
public static class OAuthBearerAuthenticationDefaults
{
/// <summary>
/// Default value for AuthenticationType property in the OAuthBearerAuthenticationOptions and
/// Default value for AuthenticationScheme property in the OAuthBearerAuthenticationOptions and
/// OAuthAuthorizationServerOptions.
/// </summary>
public const string AuthenticationType = "Bearer";
public const string AuthenticationScheme = "Bearer";
}
}

2
src/Microsoft.AspNet.Security.OAuthBearer/OAuthBearerAuthenticationExtensions.cs → src/Microsoft.AspNet.Authentication.OAuthBearer/OAuthBearerAuthenticationExtensions.cs
View File

@ -2,7 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using Microsoft.AspNet.Security.OAuthBearer;
using Microsoft.AspNet.Authentication.OAuthBearer;
using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.OptionsModel;

Some files were not shown because too many files have changed in this diff Show More