Split Security into AuthN/AuthZ

AuthenticationType -> Scheme
Move Active/Passive into AutomaticAuthenticationHandler
Security -> Authorization/Authentication assemblies
401-403 logic
Switch from ClaimsIdentity to ClaimsPrincipal
This commit is contained in:
Hao Kung 2015-03-02 15:33:52 -08:00
parent d864b72561
commit 775eb5ece4
245 changed files with 1701 additions and 1169 deletions

View File

@ -1,7 +1,7 @@
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Cookies; using Microsoft.AspNet.Authentication.Cookies;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
namespace CookieSample namespace CookieSample
@ -23,8 +23,7 @@ namespace CookieSample
{ {
if (context.User == null || !context.User.Identity.IsAuthenticated) if (context.User == null || !context.User.Identity.IsAuthenticated)
{ {
context.Response.SignIn(new ClaimsIdentity(new[] { new Claim("name", "bob") }, CookieAuthenticationDefaults.AuthenticationType)); context.Response.SignIn(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim("name", "bob") })));
context.Response.ContentType = "text/plain"; context.Response.ContentType = "text/plain";
await context.Response.WriteAsync("Hello First timer"); await context.Response.WriteAsync("Hello First timer");
return; return;

View File

@ -1,6 +1,6 @@
{ {
"dependencies": { "dependencies": {
"Microsoft.AspNet.Security.Cookies": "1.0.0-*", "Microsoft.AspNet.Authentication.Cookies": "1.0.0-*",
"Microsoft.AspNet.Server.WebListener": "1.0.0-*", "Microsoft.AspNet.Server.WebListener": "1.0.0-*",
"Microsoft.AspNet.Server.IIS": "1.0.0-*", "Microsoft.AspNet.Server.IIS": "1.0.0-*",
"Kestrel": "1.0.0-*" "Kestrel": "1.0.0-*"

View File

@ -1,7 +1,7 @@
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Security; using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Security.Cookies.Infrastructure; using Microsoft.AspNet.Authentication.Cookies.Infrastructure;
using Microsoft.Framework.Cache.Memory; using Microsoft.Framework.Cache.Memory;
namespace CookieSessionSample namespace CookieSessionSample

View File

@ -2,7 +2,7 @@ using System.Collections.Generic;
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Cookies; using Microsoft.AspNet.Authentication.Cookies;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
namespace CookieSessionSample namespace CookieSessionSample
@ -32,8 +32,7 @@ namespace CookieSessionSample
{ {
claims.Add(new Claim(ClaimTypes.Role, "SomeRandomGroup" + i, ClaimValueTypes.String, "IssuedByBob", "OriginalIssuerJoe")); claims.Add(new Claim(ClaimTypes.Role, "SomeRandomGroup" + i, ClaimValueTypes.String, "IssuedByBob", "OriginalIssuerJoe"));
} }
context.Response.SignIn(new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationType)); context.Response.SignIn(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(new ClaimsIdentity(claims)));
context.Response.ContentType = "text/plain"; context.Response.ContentType = "text/plain";
await context.Response.WriteAsync("Hello First timer"); await context.Response.WriteAsync("Hello First timer");
return; return;

View File

@ -1,6 +1,6 @@
{ {
"dependencies": { "dependencies": {
"Microsoft.AspNet.Security.Cookies": "1.0.0-*", "Microsoft.AspNet.Authentication.Cookies": "1.0.0-*",
"Microsoft.AspNet.Server.WebListener": "1.0.0-*", "Microsoft.AspNet.Server.WebListener": "1.0.0-*",
"Microsoft.Framework.Cache.Memory": "1.0.0-*", "Microsoft.Framework.Cache.Memory": "1.0.0-*",
"Kestrel": "1.0.0-*", "Kestrel": "1.0.0-*",

View File

@ -1,9 +1,9 @@
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security; using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Security.Cookies; using Microsoft.AspNet.Authentication.Cookies;
using Microsoft.AspNet.Security.OpenIdConnect; using Microsoft.AspNet.Authentication.OpenIdConnect;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
namespace OpenIdConnectSample namespace OpenIdConnectSample
@ -17,7 +17,7 @@ namespace OpenIdConnectSample
services.AddDataProtection(); services.AddDataProtection();
services.Configure<ExternalAuthenticationOptions>(options => services.Configure<ExternalAuthenticationOptions>(options =>
{ {
options.SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType; options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
}); });
}); });
@ -37,7 +37,7 @@ namespace OpenIdConnectSample
{ {
if (context.User == null || !context.User.Identity.IsAuthenticated) if (context.User == null || !context.User.Identity.IsAuthenticated)
{ {
context.Response.Challenge(new AuthenticationProperties { RedirectUri = "/" }, OpenIdConnectAuthenticationDefaults.AuthenticationType); context.Response.Challenge(new AuthenticationProperties { RedirectUri = "/" }, OpenIdConnectAuthenticationDefaults.AuthenticationScheme);
context.Response.ContentType = "text/plain"; context.Response.ContentType = "text/plain";
await context.Response.WriteAsync("Hello First timer"); await context.Response.WriteAsync("Hello First timer");

View File

@ -1,9 +1,9 @@
{ {
"dependencies": { "dependencies": {
"Kestrel": "1.0.0-*", "Kestrel": "1.0.0-*",
"Microsoft.AspNet.Security.Cookies": "1.0.0-*", "Microsoft.AspNet.Authentication.Cookies": "1.0.0-*",
"Microsoft.AspNet.Server.IIS": "1.0.0-*", "Microsoft.AspNet.Server.IIS": "1.0.0-*",
"Microsoft.AspNet.Security.OpenIdConnect": "1.0.0-*", "Microsoft.AspNet.Authentication.OpenIdConnect": "1.0.0-*",
"Microsoft.AspNet.Server.WebListener": "1.0.0-*" "Microsoft.AspNet.Server.WebListener": "1.0.0-*"
}, },
"frameworks": { "frameworks": {

View File

@ -4,12 +4,12 @@ using System.Security.Claims;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.DataProtection; using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security; using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Security.Cookies; using Microsoft.AspNet.Authentication.Cookies;
using Microsoft.AspNet.Security.Google; using Microsoft.AspNet.Authentication.Google;
using Microsoft.AspNet.Security.MicrosoftAccount; using Microsoft.AspNet.Authentication.MicrosoftAccount;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
@ -26,7 +26,7 @@ namespace CookieSample
services.AddDataProtection(); services.AddDataProtection();
services.Configure<ExternalAuthenticationOptions>(options => services.Configure<ExternalAuthenticationOptions>(options =>
{ {
options.SignInAsAuthenticationType = CookieAuthenticationDefaults.AuthenticationType; options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
}); });
}); });
@ -121,6 +121,7 @@ namespace CookieSample
options.AuthorizationEndpoint = "https://github.com/login/oauth/authorize"; options.AuthorizationEndpoint = "https://github.com/login/oauth/authorize";
options.TokenEndpoint = "https://github.com/login/oauth/access_token"; options.TokenEndpoint = "https://github.com/login/oauth/access_token";
options.UserInformationEndpoint = "https://api.github.com/user"; options.UserInformationEndpoint = "https://api.github.com/user";
options.ClaimsIssuer = "OAuth2-Github";
// Retrieving user information is unique to each provider. // Retrieving user information is unique to each provider.
options.Notifications = new OAuthAuthenticationNotifications() options.Notifications = new OAuthAuthenticationNotifications()
{ {
@ -136,7 +137,7 @@ namespace CookieSample
JObject user = JObject.Parse(text); JObject user = JObject.Parse(text);
var identity = new ClaimsIdentity( var identity = new ClaimsIdentity(
context.Options.AuthenticationType, context.Options.AuthenticationScheme,
ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType); ClaimsIdentity.DefaultRoleClaimType);
@ -144,25 +145,25 @@ namespace CookieSample
var id = user.TryGetValue("id", out value) ? value.ToString() : null; var id = user.TryGetValue("id", out value) ? value.ToString() : null;
if (!string.IsNullOrEmpty(id)) if (!string.IsNullOrEmpty(id))
{ {
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, id, ClaimValueTypes.String, context.Options.AuthenticationType)); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, id, ClaimValueTypes.String, context.Options.ClaimsIssuer));
} }
var userName = user.TryGetValue("login", out value) ? value.ToString() : null; var userName = user.TryGetValue("login", out value) ? value.ToString() : null;
if (!string.IsNullOrEmpty(userName)) if (!string.IsNullOrEmpty(userName))
{ {
identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, userName, ClaimValueTypes.String, context.Options.AuthenticationType)); identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, userName, ClaimValueTypes.String, context.Options.ClaimsIssuer));
} }
var name = user.TryGetValue("name", out value) ? value.ToString() : null; var name = user.TryGetValue("name", out value) ? value.ToString() : null;
if (!string.IsNullOrEmpty(name)) if (!string.IsNullOrEmpty(name))
{ {
identity.AddClaim(new Claim("urn:github:name", name, ClaimValueTypes.String, context.Options.AuthenticationType)); identity.AddClaim(new Claim("urn:github:name", name, ClaimValueTypes.String, context.Options.ClaimsIssuer));
} }
var link = user.TryGetValue("url", out value) ? value.ToString() : null; var link = user.TryGetValue("url", out value) ? value.ToString() : null;
if (!string.IsNullOrEmpty(link)) if (!string.IsNullOrEmpty(link))
{ {
identity.AddClaim(new Claim("urn:github:url", link, ClaimValueTypes.String, context.Options.AuthenticationType)); identity.AddClaim(new Claim("urn:github:url", link, ClaimValueTypes.String, context.Options.ClaimsIssuer));
} }
context.Identity = identity; context.Principal = new ClaimsPrincipal(identity);
}, },
}; };
}); });
@ -172,7 +173,7 @@ namespace CookieSample
{ {
signoutApp.Run(async context => signoutApp.Run(async context =>
{ {
string authType = context.Request.Query["authtype"]; string authType = context.Request.Query["authscheme"];
if (!string.IsNullOrEmpty(authType)) if (!string.IsNullOrEmpty(authType))
{ {
// By default the client will be redirect back to the URL that issued the challenge (/login?authtype=foo), // By default the client will be redirect back to the URL that issued the challenge (/login?authtype=foo),
@ -183,10 +184,10 @@ namespace CookieSample
context.Response.ContentType = "text/html"; context.Response.ContentType = "text/html";
await context.Response.WriteAsync("<html><body>"); await context.Response.WriteAsync("<html><body>");
await context.Response.WriteAsync("Choose an authentication type: <br>"); await context.Response.WriteAsync("Choose an authentication scheme: <br>");
foreach (var type in context.GetAuthenticationTypes()) foreach (var type in context.GetAuthenticationSchemes())
{ {
await context.Response.WriteAsync("<a href=\"?authtype=" + type.AuthenticationType + "\">" + (type.Caption ?? "(suppressed)") + "</a><br>"); await context.Response.WriteAsync("<a href=\"?authscheme=" + type.AuthenticationScheme + "\">" + (type.Caption ?? "(suppressed)") + "</a><br>");
} }
await context.Response.WriteAsync("</body></html>"); await context.Response.WriteAsync("</body></html>");
}); });
@ -197,7 +198,7 @@ namespace CookieSample
{ {
signoutApp.Run(async context => signoutApp.Run(async context =>
{ {
context.Response.SignOut(CookieAuthenticationDefaults.AuthenticationType); context.Response.SignOut(CookieAuthenticationDefaults.AuthenticationScheme);
context.Response.ContentType = "text/html"; context.Response.ContentType = "text/html";
await context.Response.WriteAsync("<html><body>"); await context.Response.WriteAsync("<html><body>");
await context.Response.WriteAsync("You have been logged out. Goodbye " + context.User.Identity.Name + "<br>"); await context.Response.WriteAsync("You have been logged out. Goodbye " + context.User.Identity.Name + "<br>");

View File

@ -1,11 +1,11 @@
{ {
"dependencies": { "dependencies": {
"Microsoft.AspNet.Diagnostics": "1.0.0-*", "Microsoft.AspNet.Diagnostics": "1.0.0-*",
"Microsoft.AspNet.Security.Cookies": "1.0.0-*", "Microsoft.AspNet.Authentication.Cookies": "1.0.0-*",
"Microsoft.AspNet.Security.Facebook": "1.0.0-*", "Microsoft.AspNet.Authentication.Facebook": "1.0.0-*",
"Microsoft.AspNet.Security.Google": "1.0.0-*", "Microsoft.AspNet.Authentication.Google": "1.0.0-*",
"Microsoft.AspNet.Security.MicrosoftAccount": "1.0.0-*", "Microsoft.AspNet.Authentication.MicrosoftAccount": "1.0.0-*",
"Microsoft.AspNet.Security.Twitter": "1.0.0-*", "Microsoft.AspNet.Authentication.Twitter": "1.0.0-*",
"Microsoft.AspNet.Server.IIS": "1.0.0-*", "Microsoft.AspNet.Server.IIS": "1.0.0-*",
"Microsoft.AspNet.Server.WebListener": "1.0.0-*", "Microsoft.AspNet.Server.WebListener": "1.0.0-*",
"Kestrel": "1.0.0-*" "Kestrel": "1.0.0-*"

View File

@ -1,11 +1,10 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Diagnostics.CodeAnalysis; using System.Diagnostics.CodeAnalysis;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
/// <summary> /// <summary>
/// Default values related to cookie-based authentication middleware /// Default values related to cookie-based authentication middleware
@ -13,9 +12,9 @@ namespace Microsoft.AspNet.Security.Cookies
public static class CookieAuthenticationDefaults public static class CookieAuthenticationDefaults
{ {
/// <summary> /// <summary>
/// The default value used for CookieAuthenticationOptions.AuthenticationType /// The default value used for CookieAuthenticationOptions.AuthenticationScheme
/// </summary> /// </summary>
public const string AuthenticationType = "Cookies"; public const string AuthenticationScheme = "Cookies";
/// <summary> /// <summary>
/// The prefix used to provide a default CookieAuthenticationOptions.CookieName /// The prefix used to provide a default CookieAuthenticationOptions.CookieName

View File

@ -1,10 +1,10 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Security.Cookies; using System;
using Microsoft.AspNet.Authentication.Cookies;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
using System;
namespace Microsoft.AspNet.Builder namespace Microsoft.AspNet.Builder
{ {

View File

@ -7,20 +7,19 @@ using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
internal class CookieAuthenticationHandler : AuthenticationHandler<CookieAuthenticationOptions> internal class CookieAuthenticationHandler : AutomaticAuthenticationHandler<CookieAuthenticationOptions>
{ {
private const string HeaderNameCacheControl = "Cache-Control"; private const string HeaderNameCacheControl = "Cache-Control";
private const string HeaderNamePragma = "Pragma"; private const string HeaderNamePragma = "Pragma";
private const string HeaderNameExpires = "Expires"; private const string HeaderNameExpires = "Expires";
private const string HeaderValueNoCache = "no-cache"; private const string HeaderValueNoCache = "no-cache";
private const string HeaderValueMinusOne = "-1"; private const string HeaderValueMinusOne = "-1";
private const string SessionIdClaim = "Microsoft.AspNet.Security.Cookies-SessionId"; private const string SessionIdClaim = "Microsoft.AspNet.Authentication.Cookies-SessionId";
private readonly ILogger _logger; private readonly ILogger _logger;
@ -60,7 +59,7 @@ namespace Microsoft.AspNet.Security.Cookies
if (Options.SessionStore != null) if (Options.SessionStore != null)
{ {
Claim claim = ticket.Identity.Claims.FirstOrDefault(c => c.Type.Equals(SessionIdClaim)); Claim claim = ticket.Principal.Claims.FirstOrDefault(c => c.Type.Equals(SessionIdClaim));
if (claim == null) if (claim == null)
{ {
_logger.WriteWarning(@"SessionId missing"); _logger.WriteWarning(@"SessionId missing");
@ -103,11 +102,11 @@ namespace Microsoft.AspNet.Security.Cookies
} }
} }
var context = new CookieValidateIdentityContext(Context, ticket, Options); var context = new CookieValidatePrincipalContext(Context, ticket, Options);
await Options.Notifications.ValidateIdentity(context); await Options.Notifications.ValidatePrincipal(context);
return new AuthenticationTicket(context.Identity, context.Properties); return new AuthenticationTicket(context.Principal, context.Properties, Options.AuthenticationScheme);
} }
catch (Exception exception) catch (Exception exception)
{ {
@ -129,7 +128,7 @@ namespace Microsoft.AspNet.Security.Cookies
protected override async Task ApplyResponseGrantAsync() protected override async Task ApplyResponseGrantAsync()
{ {
var signin = SignInIdentityContext; var signin = SignInContext;
bool shouldSignin = signin != null; bool shouldSignin = signin != null;
var signout = SignOutContext; var signout = SignOutContext;
bool shouldSignout = signout != null; bool shouldSignout = signout != null;
@ -162,8 +161,8 @@ namespace Microsoft.AspNet.Security.Cookies
var signInContext = new CookieResponseSignInContext( var signInContext = new CookieResponseSignInContext(
Context, Context,
Options, Options,
Options.AuthenticationType, Options.AuthenticationScheme,
signin.Identity, signin.Principal,
signin.Properties, signin.Properties,
cookieOptions); cookieOptions);
@ -191,7 +190,7 @@ namespace Microsoft.AspNet.Security.Cookies
signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime().DateTime; signInContext.CookieOptions.Expires = expiresUtc.ToUniversalTime().DateTime;
} }
model = new AuthenticationTicket(signInContext.Identity, signInContext.Properties); model = new AuthenticationTicket(signInContext.Principal, signInContext.Properties, signInContext.AuthenticationScheme);
if (Options.SessionStore != null) if (Options.SessionStore != null)
{ {
if (_sessionKey != null) if (_sessionKey != null)
@ -199,10 +198,11 @@ namespace Microsoft.AspNet.Security.Cookies
await Options.SessionStore.RemoveAsync(_sessionKey); await Options.SessionStore.RemoveAsync(_sessionKey);
} }
_sessionKey = await Options.SessionStore.StoreAsync(model); _sessionKey = await Options.SessionStore.StoreAsync(model);
ClaimsIdentity identity = new ClaimsIdentity( var principal = new ClaimsPrincipal(
new[] { new Claim(SessionIdClaim, _sessionKey) }, new ClaimsIdentity(
Options.AuthenticationType); new[] { new Claim(SessionIdClaim, _sessionKey) },
model = new AuthenticationTicket(identity, null); Options.AuthenticationScheme));
model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
} }
string cookieValue = Options.TicketDataFormat.Protect(model); string cookieValue = Options.TicketDataFormat.Protect(model);
@ -215,8 +215,8 @@ namespace Microsoft.AspNet.Security.Cookies
var signedInContext = new CookieResponseSignedInContext( var signedInContext = new CookieResponseSignedInContext(
Context, Context,
Options, Options,
Options.AuthenticationType, Options.AuthenticationScheme,
signInContext.Identity, signInContext.Principal,
signInContext.Properties); signInContext.Properties);
Options.Notifications.ResponseSignedIn(signedInContext); Options.Notifications.ResponseSignedIn(signedInContext);
@ -248,10 +248,11 @@ namespace Microsoft.AspNet.Security.Cookies
if (Options.SessionStore != null && _sessionKey != null) if (Options.SessionStore != null && _sessionKey != null)
{ {
await Options.SessionStore.RenewAsync(_sessionKey, model); await Options.SessionStore.RenewAsync(_sessionKey, model);
ClaimsIdentity identity = new ClaimsIdentity( var principal = new ClaimsPrincipal(
new[] { new Claim(SessionIdClaim, _sessionKey) }, new ClaimsIdentity(
Options.AuthenticationType); new[] { new Claim(SessionIdClaim, _sessionKey) },
model = new AuthenticationTicket(identity, null); Options.AuthenticationScheme));
model = new AuthenticationTicket(principal, null, Options.AuthenticationScheme);
} }
string cookieValue = Options.TicketDataFormat.Protect(model); string cookieValue = Options.TicketDataFormat.Protect(model);
@ -327,8 +328,8 @@ namespace Microsoft.AspNet.Security.Cookies
return; return;
} }
// Active middleware should redirect on 401 even if there wasn't an explicit challenge. // Automatic middleware should redirect on 401 even if there wasn't an explicit challenge.
if (ChallengeContext == null && Options.AuthenticationMode == AuthenticationMode.Passive) if (ChallengeContext == null && !Options.AutomaticAuthentication)
{ {
return; return;
} }

View File

@ -1,17 +1,17 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using Microsoft.AspNet.Authentication.Cookies.Infrastructure;
using Microsoft.AspNet.Authentication.DataHandler;
using Microsoft.AspNet.Authentication.Cookies.Infrastructure;
using Microsoft.AspNet.Authentication.DataHandler;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.DataProtection; using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Security.Cookies.Infrastructure;
using Microsoft.AspNet.Security.DataHandler;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
public class CookieAuthenticationMiddleware : AuthenticationMiddleware<CookieAuthenticationOptions> public class CookieAuthenticationMiddleware : AuthenticationMiddleware<CookieAuthenticationOptions>
{ {
@ -31,12 +31,12 @@ namespace Microsoft.AspNet.Security.Cookies
} }
if (String.IsNullOrEmpty(Options.CookieName)) if (String.IsNullOrEmpty(Options.CookieName))
{ {
Options.CookieName = CookieAuthenticationDefaults.CookiePrefix + Options.AuthenticationType; Options.CookieName = CookieAuthenticationDefaults.CookiePrefix + Options.AuthenticationScheme;
} }
if (Options.TicketDataFormat == null) if (Options.TicketDataFormat == null)
{ {
IDataProtector dataProtector = dataProtectionProvider.CreateProtector( IDataProtector dataProtector = dataProtectionProvider.CreateProtector(
typeof(CookieAuthenticationMiddleware).FullName, Options.AuthenticationType, "v2"); typeof(CookieAuthenticationMiddleware).FullName, Options.AuthenticationScheme, "v2");
Options.TicketDataFormat = new TicketDataFormat(dataProtector); Options.TicketDataFormat = new TicketDataFormat(dataProtector);
} }
if (Options.CookieManager == null) if (Options.CookieManager == null)

View File

@ -1,19 +1,17 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using System.Diagnostics.CodeAnalysis; using System.Diagnostics.CodeAnalysis;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Cookies.Infrastructure; using Microsoft.AspNet.Authentication.Cookies.Infrastructure;
using Microsoft.AspNet.Security.Infrastructure;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
/// <summary> /// <summary>
/// Contains the options used by the CookiesAuthenticationMiddleware /// Contains the options used by the CookiesAuthenticationMiddleware
/// </summary> /// </summary>
public class CookieAuthenticationOptions : AuthenticationOptions public class CookieAuthenticationOptions : AutomaticAuthenticationOptions
{ {
private string _cookieName; private string _cookieName;
@ -22,7 +20,8 @@ namespace Microsoft.AspNet.Security.Cookies
/// </summary> /// </summary>
public CookieAuthenticationOptions() public CookieAuthenticationOptions()
{ {
AuthenticationType = CookieAuthenticationDefaults.AuthenticationType; AutomaticAuthentication = true;
AuthenticationScheme = CookieAuthenticationDefaults.AuthenticationScheme;
ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter; ReturnUrlParameter = CookieAuthenticationDefaults.ReturnUrlParameter;
ExpireTimeSpan = TimeSpan.FromDays(14); ExpireTimeSpan = TimeSpan.FromDays(14);
SlidingExpiration = true; SlidingExpiration = true;
@ -34,7 +33,7 @@ namespace Microsoft.AspNet.Security.Cookies
/// <summary> /// <summary>
/// Determines the cookie name used to persist the identity. The default value is ".AspNet.Cookies". /// Determines the cookie name used to persist the identity. The default value is ".AspNet.Cookies".
/// This value should be changed if you change the name of the AuthenticationType, especially if your /// This value should be changed if you change the name of the AuthenticationScheme, especially if your
/// system uses the cookie authentication middleware multiple times. /// system uses the cookie authentication middleware multiple times.
/// </summary> /// </summary>
public string CookieName public string CookieName

View File

@ -2,7 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
/// <summary> /// <summary>
/// Determines how the identity cookie's security property is set. /// Determines how the identity cookie's security property is set.

View File

@ -7,7 +7,7 @@ using System.Globalization;
using System.Linq; using System.Linq;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
namespace Microsoft.AspNet.Security.Cookies.Infrastructure namespace Microsoft.AspNet.Authentication.Cookies.Infrastructure
{ {
/// <summary> /// <summary>
/// This handles cookies that are limited by per cookie length. It breaks down long cookies for responses, and reassembles them /// This handles cookies that are limited by per cookie length. It breaks down long cookies for responses, and reassembles them

View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.Cookies.Infrastructure namespace Microsoft.AspNet.Authentication.Cookies.Infrastructure
{ {
internal static class Constants internal static class Constants
{ {

View File

@ -2,7 +2,7 @@
using System.Threading.Tasks; using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.Cookies.Infrastructure namespace Microsoft.AspNet.Authentication.Cookies.Infrastructure
{ {
/// <summary> /// <summary>
/// This provides an abstract storage mechanic to preserve identity information on the server /// This provides an abstract storage mechanic to preserve identity information on the server

View File

@ -3,7 +3,7 @@
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
namespace Microsoft.AspNet.Security.Cookies.Infrastructure namespace Microsoft.AspNet.Authentication.Cookies.Infrastructure
{ {
/// <summary> /// <summary>
/// This is used by the CookieAuthenticationMiddleware to process request and response cookies. /// This is used by the CookieAuthenticationMiddleware to process request and response cookies.

View File

@ -1,4 +1,4 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup> <PropertyGroup>
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion> <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
@ -14,4 +14,4 @@
<SchemaVersion>2.0</SchemaVersion> <SchemaVersion>2.0</SchemaVersion>
</PropertyGroup> </PropertyGroup>
<Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" /> <Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" />
</Project> </Project>

View File

@ -3,7 +3,7 @@
using System; using System;
namespace Microsoft.AspNet.Security.Facebook namespace Microsoft.AspNet.Authentication.Cookies
{ {
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)] [AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute internal sealed class NotNullAttribute : Attribute

View File

@ -4,9 +4,9 @@
using System.Diagnostics.CodeAnalysis; using System.Diagnostics.CodeAnalysis;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
/// <summary> /// <summary>
/// Context passed when a Challenge, SignIn, or SignOut causes a redirect in the cookie middleware /// Context passed when a Challenge, SignIn, or SignOut causes a redirect in the cookie middleware

View File

@ -5,7 +5,7 @@
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
/// <summary> /// <summary>
/// This default implementation of the ICookieAuthenticationNotifications may be used if the /// This default implementation of the ICookieAuthenticationNotifications may be used if the
@ -19,7 +19,7 @@ namespace Microsoft.AspNet.Security.Cookies
/// </summary> /// </summary>
public CookieAuthenticationNotifications() public CookieAuthenticationNotifications()
{ {
OnValidateIdentity = context => Task.FromResult(0); OnValidatePrincipal = context => Task.FromResult(0);
OnResponseSignIn = context => { }; OnResponseSignIn = context => { };
OnResponseSignedIn = context => { }; OnResponseSignedIn = context => { };
OnResponseSignOut = context => { }; OnResponseSignOut = context => { };
@ -30,7 +30,7 @@ namespace Microsoft.AspNet.Security.Cookies
/// <summary> /// <summary>
/// A delegate assigned to this property will be invoked when the related method is called /// A delegate assigned to this property will be invoked when the related method is called
/// </summary> /// </summary>
public Func<CookieValidateIdentityContext, Task> OnValidateIdentity { get; set; } public Func<CookieValidatePrincipalContext, Task> OnValidatePrincipal { get; set; }
/// <summary> /// <summary>
/// A delegate assigned to this property will be invoked when the related method is called /// A delegate assigned to this property will be invoked when the related method is called
@ -62,9 +62,9 @@ namespace Microsoft.AspNet.Security.Cookies
/// </summary> /// </summary>
/// <param name="context"></param> /// <param name="context"></param>
/// <returns></returns> /// <returns></returns>
public virtual Task ValidateIdentity(CookieValidateIdentityContext context) public virtual Task ValidatePrincipal(CookieValidatePrincipalContext context)
{ {
return OnValidateIdentity.Invoke(context); return OnValidatePrincipal.Invoke(context);
} }
/// <summary> /// <summary>

View File

@ -4,9 +4,9 @@
using System; using System;
using System.Diagnostics.CodeAnalysis; using System.Diagnostics.CodeAnalysis;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
/// <summary> /// <summary>
/// Context object passed to the ICookieAuthenticationProvider method Exception. /// Context object passed to the ICookieAuthenticationProvider method Exception.

View File

@ -4,10 +4,10 @@
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
/// <summary> /// <summary>
/// Context object passed to the ICookieAuthenticationProvider method ResponseSignIn. /// Context object passed to the ICookieAuthenticationProvider method ResponseSignIn.
@ -19,35 +19,35 @@ namespace Microsoft.AspNet.Security.Cookies
/// </summary> /// </summary>
/// <param name="context">The HTTP request context</param> /// <param name="context">The HTTP request context</param>
/// <param name="options">The middleware options</param> /// <param name="options">The middleware options</param>
/// <param name="authenticationType">Initializes AuthenticationType property</param> /// <param name="authenticationScheme">Initializes AuthenticationScheme property</param>
/// <param name="identity">Initializes Identity property</param> /// <param name="principal">Initializes Principal property</param>
/// <param name="properties">Initializes Extra property</param> /// <param name="properties">Initializes Extra property</param>
/// <param name="cookieOptions">Initializes options for the authentication cookie.</param> /// <param name="cookieOptions">Initializes options for the authentication cookie.</param>
public CookieResponseSignInContext( public CookieResponseSignInContext(
HttpContext context, HttpContext context,
CookieAuthenticationOptions options, CookieAuthenticationOptions options,
string authenticationType, string authenticationScheme,
ClaimsIdentity identity, ClaimsPrincipal principal,
AuthenticationProperties properties, AuthenticationProperties properties,
CookieOptions cookieOptions) CookieOptions cookieOptions)
: base(context, options) : base(context, options)
{ {
AuthenticationType = authenticationType; AuthenticationScheme = authenticationScheme;
Identity = identity; Principal = principal;
Properties = properties; Properties = properties;
CookieOptions = cookieOptions; CookieOptions = cookieOptions;
} }
/// <summary> /// <summary>
/// The name of the AuthenticationType creating a cookie /// The name of the AuthenticationScheme creating a cookie
/// </summary> /// </summary>
public string AuthenticationType { get; private set; } public string AuthenticationScheme { get; private set; }
/// <summary> /// <summary>
/// Contains the claims about to be converted into the outgoing cookie. /// Contains the claims about to be converted into the outgoing cookie.
/// May be replaced or altered during the ResponseSignIn call. /// May be replaced or altered during the ResponseSignIn call.
/// </summary> /// </summary>
public ClaimsIdentity Identity { get; set; } public ClaimsPrincipal Principal { get; set; }
/// <summary> /// <summary>
/// Contains the extra data about to be contained in the outgoing cookie. /// Contains the extra data about to be contained in the outgoing cookie.

View File

@ -3,9 +3,9 @@
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
/// <summary> /// <summary>
/// Context object passed to the ICookieAuthenticationProvider method ResponseSignOut /// Context object passed to the ICookieAuthenticationProvider method ResponseSignOut

View File

@ -3,10 +3,10 @@
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
/// <summary> /// <summary>
/// Context object passed to the ICookieAuthenticationNotifications method ResponseSignedIn. /// Context object passed to the ICookieAuthenticationNotifications method ResponseSignedIn.
@ -18,31 +18,31 @@ namespace Microsoft.AspNet.Security.Cookies
/// </summary> /// </summary>
/// <param name="context">The HTTP request context</param> /// <param name="context">The HTTP request context</param>
/// <param name="options">The middleware options</param> /// <param name="options">The middleware options</param>
/// <param name="authenticationType">Initializes AuthenticationType property</param> /// <param name="authenticationScheme">Initializes AuthenticationScheme property</param>
/// <param name="identity">Initializes Identity property</param> /// <param name="principal">Initializes Principal property</param>
/// <param name="properties">Initializes Properties property</param> /// <param name="properties">Initializes Properties property</param>
public CookieResponseSignedInContext( public CookieResponseSignedInContext(
HttpContext context, HttpContext context,
CookieAuthenticationOptions options, CookieAuthenticationOptions options,
string authenticationType, string authenticationScheme,
ClaimsIdentity identity, ClaimsPrincipal principal,
AuthenticationProperties properties) AuthenticationProperties properties)
: base(context, options) : base(context, options)
{ {
AuthenticationType = authenticationType; AuthenticationScheme = authenticationScheme;
Identity = identity; Principal = principal;
Properties = properties; Properties = properties;
} }
/// <summary> /// <summary>
/// The name of the AuthenticationType creating a cookie /// The name of the AuthenticationScheme creating a cookie
/// </summary> /// </summary>
public string AuthenticationType { get; private set; } public string AuthenticationScheme { get; private set; }
/// <summary> /// <summary>
/// Contains the claims that were converted into the outgoing cookie. /// Contains the claims that were converted into the outgoing cookie.
/// </summary> /// </summary>
public ClaimsIdentity Identity { get; private set; } public ClaimsPrincipal Principal { get; private set; }
/// <summary> /// <summary>
/// Contains the extra data that was contained in the outgoing cookie. /// Contains the extra data that was contained in the outgoing cookie.

View File

@ -1,22 +1,18 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
using System.Security.Claims; using System.Security.Claims;
using System.Security.Principal; using System.Security.Principal;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Http.Interfaces.Security; using Microsoft.AspNet.Authentication.Notifications;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Security.Notifications;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
/// <summary> /// <summary>
/// Context object passed to the ICookieAuthenticationProvider method ValidateIdentity. /// Context object passed to the ICookieAuthenticationProvider method ValidatePrincipal.
/// </summary> /// </summary>
public class CookieValidateIdentityContext : BaseContext<CookieAuthenticationOptions> public class CookieValidatePrincipalContext : BaseContext<CookieAuthenticationOptions>
{ {
/// <summary> /// <summary>
/// Creates a new instance of the context object. /// Creates a new instance of the context object.
@ -24,18 +20,18 @@ namespace Microsoft.AspNet.Security.Cookies
/// <param name="context"></param> /// <param name="context"></param>
/// <param name="ticket">Contains the initial values for identity and extra data</param> /// <param name="ticket">Contains the initial values for identity and extra data</param>
/// <param name="options"></param> /// <param name="options"></param>
public CookieValidateIdentityContext([NotNull] HttpContext context, [NotNull] AuthenticationTicket ticket, [NotNull] CookieAuthenticationOptions options) public CookieValidatePrincipalContext([NotNull] HttpContext context, [NotNull] AuthenticationTicket ticket, [NotNull] CookieAuthenticationOptions options)
: base(context, options) : base(context, options)
{ {
Identity = ticket.Identity; Principal = ticket.Principal;
Properties = ticket.Properties; Properties = ticket.Properties;
} }
/// <summary> /// <summary>
/// Contains the claims identity arriving with the request. May be altered to change the /// Contains the claims principal arriving with the request. May be altered to change the
/// details of the authenticated user. /// details of the authenticated user.
/// </summary> /// </summary>
public ClaimsIdentity Identity { get; private set; } public ClaimsPrincipal Principal { get; private set; }
/// <summary> /// <summary>
/// Contains the extra meta-data arriving with the request ticket. May be altered. /// Contains the extra meta-data arriving with the request ticket. May be altered.
@ -43,22 +39,22 @@ namespace Microsoft.AspNet.Security.Cookies
public AuthenticationProperties Properties { get; private set; } public AuthenticationProperties Properties { get; private set; }
/// <summary> /// <summary>
/// Called to replace the claims identity. The supplied identity will replace the value of the /// Called to replace the claims principal. The supplied principal will replace the value of the
/// Identity property, which determines the identity of the authenticated request. /// Principal property, which determines the identity of the authenticated request.
/// </summary> /// </summary>
/// <param name="identity">The identity used as the replacement</param> /// <param name="identity">The identity used as the replacement</param>
public void ReplaceIdentity(IIdentity identity) public void ReplacePrincipal(IPrincipal principal)
{ {
Identity = new ClaimsIdentity(identity); Principal = new ClaimsPrincipal(principal);
} }
/// <summary> /// <summary>
/// Called to reject the incoming identity. This may be done if the application has determined the /// Called to reject the incoming principal. This may be done if the application has determined the
/// account is no longer active, and the request should be treated as if it was anonymous. /// account is no longer active, and the request should be treated as if it was anonymous.
/// </summary> /// </summary>
public void RejectIdentity() public void RejectPrincipal()
{ {
Identity = null; Principal = null;
} }
} }
} }

View File

@ -6,7 +6,7 @@ using System;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Newtonsoft.Json; using Newtonsoft.Json;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
internal static class DefaultBehavior internal static class DefaultBehavior
{ {

View File

@ -4,7 +4,7 @@
using System.Threading.Tasks; using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Cookies
{ {
/// <summary> /// <summary>
/// Specifies callback methods which the <see cref="CookieAuthenticationMiddleware"></see> invokes to enable developer control over the authentication process. /> /// Specifies callback methods which the <see cref="CookieAuthenticationMiddleware"></see> invokes to enable developer control over the authentication process. />
@ -12,12 +12,12 @@ namespace Microsoft.AspNet.Security.Cookies
public interface ICookieAuthenticationNotifications public interface ICookieAuthenticationNotifications
{ {
/// <summary> /// <summary>
/// Called each time a request identity has been validated by the middleware. By implementing this method the /// Called each time a request principal has been validated by the middleware. By implementing this method the
/// application may alter or reject the identity which has arrived with the request. /// application may alter or reject the principal which has arrived with the request.
/// </summary> /// </summary>
/// <param name="context">Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.</param> /// <param name="context">Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.</param>
/// <returns>A <see cref="Task"/> representing the completed operation.</returns> /// <returns>A <see cref="Task"/> representing the completed operation.</returns>
Task ValidateIdentity(CookieValidateIdentityContext context); Task ValidatePrincipal(CookieValidatePrincipalContext context);
/// <summary> /// <summary>
/// Called when an endpoint has provided sign in information before it is converted into a cookie. By /// Called when an endpoint has provided sign in information before it is converted into a cookie. By

View File

@ -8,7 +8,7 @@
// </auto-generated> // </auto-generated>
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
namespace Microsoft.AspNet.Security.Cookies { namespace Microsoft.AspNet.Authentication.Cookies {
using System; using System;
@ -39,7 +39,7 @@ namespace Microsoft.AspNet.Security.Cookies {
internal static global::System.Resources.ResourceManager ResourceManager { internal static global::System.Resources.ResourceManager ResourceManager {
get { get {
if (object.ReferenceEquals(resourceMan, null)) { if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Security.Cookies.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly); global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Authentication.Cookies.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
resourceMan = temp; resourceMan = temp;
} }
return resourceMan; return resourceMan;

View File

@ -2,7 +2,7 @@
"version": "1.0.0-*", "version": "1.0.0-*",
"description": "ASP.NET middleware that enables an application to use cookie based authentication, similar to ASP.NET's forms authentication.", "description": "ASP.NET middleware that enables an application to use cookie based authentication, similar to ASP.NET's forms authentication.",
"dependencies": { "dependencies": {
"Microsoft.AspNet.Security": "1.0.0-*", "Microsoft.AspNet.Authentication": "1.0.0-*",
"Newtonsoft.Json": "6.0.6" "Newtonsoft.Json": "6.0.6"
}, },
"frameworks": { "frameworks": {

View File

@ -1,11 +1,11 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.Facebook namespace Microsoft.AspNet.Authentication.Facebook
{ {
public static class FacebookAuthenticationDefaults public static class FacebookAuthenticationDefaults
{ {
public const string AuthenticationType = "Facebook"; public const string AuthenticationScheme = "Facebook";
public const string AuthorizationEndpoint = "https://www.facebook.com/v2.2/dialog/oauth"; public const string AuthorizationEndpoint = "https://www.facebook.com/v2.2/dialog/oauth";

View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Security.Facebook; using Microsoft.AspNet.Authentication.Facebook;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
using System; using System;

View File

@ -11,13 +11,13 @@ using System.Threading.Tasks;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Core.Collections; using Microsoft.AspNet.Http.Core.Collections;
using Microsoft.AspNet.Http.Extensions; using Microsoft.AspNet.Http.Extensions;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.WebUtilities; using Microsoft.AspNet.WebUtilities;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.Facebook namespace Microsoft.AspNet.Authentication.Facebook
{ {
internal class FacebookAuthenticationHandler : OAuthAuthenticationHandler<FacebookAuthenticationOptions, IFacebookAuthenticationNotifications> internal class FacebookAuthenticationHandler : OAuthAuthenticationHandler<FacebookAuthenticationOptions, IFacebookAuthenticationNotifications>
{ {
@ -65,41 +65,42 @@ namespace Microsoft.AspNet.Security.Facebook
JObject user = JObject.Parse(text); JObject user = JObject.Parse(text);
var context = new FacebookAuthenticatedContext(Context, Options, user, tokens); var context = new FacebookAuthenticatedContext(Context, Options, user, tokens);
context.Identity = new ClaimsIdentity( var identity = new ClaimsIdentity(
Options.AuthenticationType, Options.AuthenticationScheme,
ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType); ClaimsIdentity.DefaultRoleClaimType);
if (!string.IsNullOrEmpty(context.Id)) if (!string.IsNullOrEmpty(context.Id))
{ {
context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, context.Id, ClaimValueTypes.String, Options.AuthenticationType)); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, context.Id, ClaimValueTypes.String, Options.AuthenticationScheme));
} }
if (!string.IsNullOrEmpty(context.UserName)) if (!string.IsNullOrEmpty(context.UserName))
{ {
context.Identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, context.UserName, ClaimValueTypes.String, Options.AuthenticationType)); identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, context.UserName, ClaimValueTypes.String, Options.AuthenticationScheme));
} }
if (!string.IsNullOrEmpty(context.Email)) if (!string.IsNullOrEmpty(context.Email))
{ {
context.Identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String, Options.AuthenticationType)); identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String, Options.AuthenticationScheme));
} }
if (!string.IsNullOrEmpty(context.Name)) if (!string.IsNullOrEmpty(context.Name))
{ {
context.Identity.AddClaim(new Claim("urn:facebook:name", context.Name, ClaimValueTypes.String, Options.AuthenticationType)); identity.AddClaim(new Claim("urn:facebook:name", context.Name, ClaimValueTypes.String, Options.AuthenticationScheme));
// Many Facebook accounts do not set the UserName field. Fall back to the Name field instead. // Many Facebook accounts do not set the UserName field. Fall back to the Name field instead.
if (string.IsNullOrEmpty(context.UserName)) if (string.IsNullOrEmpty(context.UserName))
{ {
context.Identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, context.Name, ClaimValueTypes.String, Options.AuthenticationType)); identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, context.Name, ClaimValueTypes.String, Options.AuthenticationScheme));
} }
} }
if (!string.IsNullOrEmpty(context.Link)) if (!string.IsNullOrEmpty(context.Link))
{ {
context.Identity.AddClaim(new Claim("urn:facebook:link", context.Link, ClaimValueTypes.String, Options.AuthenticationType)); identity.AddClaim(new Claim("urn:facebook:link", context.Link, ClaimValueTypes.String, Options.AuthenticationScheme));
} }
context.Properties = properties; context.Properties = properties;
context.Principal = new ClaimsPrincipal(identity);
await Options.Notifications.Authenticated(context); await Options.Notifications.Authenticated(context);
return new AuthenticationTicket(context.Identity, context.Properties); return new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme);
} }
private string GenerateAppSecretProof(string accessToken) private string GenerateAppSecretProof(string accessToken)

View File

@ -4,13 +4,13 @@
using System; using System;
using System.Globalization; using System.Globalization;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.DataProtection; using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Security.Facebook namespace Microsoft.AspNet.Authentication.Facebook
{ {
/// <summary> /// <summary>
/// An ASP.NET middleware for authenticating users using Facebook. /// An ASP.NET middleware for authenticating users using Facebook.

View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Facebook namespace Microsoft.AspNet.Authentication.Facebook
{ {
/// <summary> /// <summary>
/// Configuration options for <see cref="FacebookAuthenticationMiddleware"/>. /// Configuration options for <see cref="FacebookAuthenticationMiddleware"/>.
@ -16,8 +16,8 @@ namespace Microsoft.AspNet.Security.Facebook
/// </summary> /// </summary>
public FacebookAuthenticationOptions() public FacebookAuthenticationOptions()
{ {
AuthenticationType = FacebookAuthenticationDefaults.AuthenticationType; AuthenticationScheme = FacebookAuthenticationDefaults.AuthenticationScheme;
Caption = AuthenticationType; Caption = AuthenticationScheme;
CallbackPath = new PathString("/signin-facebook"); CallbackPath = new PathString("/signin-facebook");
SendAppSecretProof = true; SendAppSecretProof = true;
AuthorizationEndpoint = FacebookAuthenticationDefaults.AuthorizationEndpoint; AuthorizationEndpoint = FacebookAuthenticationDefaults.AuthorizationEndpoint;

View File

@ -1,4 +1,4 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup> <PropertyGroup>
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion> <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
@ -14,4 +14,4 @@
<SchemaVersion>2.0</SchemaVersion> <SchemaVersion>2.0</SchemaVersion>
</PropertyGroup> </PropertyGroup>
<Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" /> <Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" />
</Project> </Project>

View File

@ -0,0 +1,12 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
namespace Microsoft.AspNet.Authentication.Facebook
{
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute
{
}
}

View File

@ -3,10 +3,10 @@
using System.Net.Http; using System.Net.Http;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.Facebook namespace Microsoft.AspNet.Authentication.Facebook
{ {
/// <summary> /// <summary>
/// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>. /// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.

View File

@ -3,9 +3,9 @@
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Facebook namespace Microsoft.AspNet.Authentication.Facebook
{ {
/// <summary> /// <summary>
/// The default <see cref="IFacebookAuthenticationNotifications"/> implementation. /// The default <see cref="IFacebookAuthenticationNotifications"/> implementation.

View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Facebook namespace Microsoft.AspNet.Authentication.Facebook
{ {
/// <summary> /// <summary>
/// Specifies callback methods which the <see cref="FacebookAuthenticationMiddleware"></see> invokes to enable developer control over the authentication process. /// Specifies callback methods which the <see cref="FacebookAuthenticationMiddleware"></see> invokes to enable developer control over the authentication process.

View File

@ -8,7 +8,7 @@
// </auto-generated> // </auto-generated>
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
namespace Microsoft.AspNet.Security.Facebook { namespace Microsoft.AspNet.Authentication.Facebook {
using System; using System;
@ -39,7 +39,7 @@ namespace Microsoft.AspNet.Security.Facebook {
internal static global::System.Resources.ResourceManager ResourceManager { internal static global::System.Resources.ResourceManager ResourceManager {
get { get {
if (object.ReferenceEquals(resourceMan, null)) { if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Security.Facebook.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly); global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Authentication.Facebook.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
resourceMan = temp; resourceMan = temp;
} }
return resourceMan; return resourceMan;

View File

@ -2,7 +2,7 @@
"version": "1.0.0-*", "version": "1.0.0-*",
"description": "ASP.NET 5 middleware that enables an application to support Facebook's OAuth 2.0 authentication workflow.", "description": "ASP.NET 5 middleware that enables an application to support Facebook's OAuth 2.0 authentication workflow.",
"dependencies": { "dependencies": {
"Microsoft.AspNet.Security.OAuth": "1.0.0-*" "Microsoft.AspNet.Authentication.OAuth": "1.0.0-*"
}, },
"frameworks": { "frameworks": {
"aspnet50": { }, "aspnet50": { },

View File

@ -1,11 +1,11 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.Google namespace Microsoft.AspNet.Authentication.Google
{ {
public static class GoogleAuthenticationDefaults public static class GoogleAuthenticationDefaults
{ {
public const string AuthenticationType = "Google"; public const string AuthenticationScheme = "Google";
public const string AuthorizationEndpoint = "https://accounts.google.com/o/oauth2/auth"; public const string AuthorizationEndpoint = "https://accounts.google.com/o/oauth2/auth";

View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Security.Google; using Microsoft.AspNet.Authentication.Google;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
using System; using System;

View File

@ -7,13 +7,13 @@ using System.Net.Http;
using System.Net.Http.Headers; using System.Net.Http.Headers;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.WebUtilities; using Microsoft.AspNet.WebUtilities;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.Google namespace Microsoft.AspNet.Authentication.Google
{ {
internal class GoogleAuthenticationHandler : OAuthAuthenticationHandler<GoogleAuthenticationOptions, IGoogleAuthenticationNotifications> internal class GoogleAuthenticationHandler : OAuthAuthenticationHandler<GoogleAuthenticationOptions, IGoogleAuthenticationNotifications>
{ {
@ -33,46 +33,47 @@ namespace Microsoft.AspNet.Security.Google
JObject user = JObject.Parse(text); JObject user = JObject.Parse(text);
var context = new GoogleAuthenticatedContext(Context, Options, user, tokens); var context = new GoogleAuthenticatedContext(Context, Options, user, tokens);
context.Identity = new ClaimsIdentity( var identity = new ClaimsIdentity(
Options.AuthenticationType, Options.AuthenticationScheme,
ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType); ClaimsIdentity.DefaultRoleClaimType);
if (!string.IsNullOrEmpty(context.Id)) if (!string.IsNullOrEmpty(context.Id))
{ {
context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, context.Id, identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, context.Id,
ClaimValueTypes.String, Options.AuthenticationType)); ClaimValueTypes.String, Options.AuthenticationScheme));
} }
if (!string.IsNullOrEmpty(context.GivenName)) if (!string.IsNullOrEmpty(context.GivenName))
{ {
context.Identity.AddClaim(new Claim(ClaimTypes.GivenName, context.GivenName, identity.AddClaim(new Claim(ClaimTypes.GivenName, context.GivenName,
ClaimValueTypes.String, Options.AuthenticationType)); ClaimValueTypes.String, Options.AuthenticationScheme));
} }
if (!string.IsNullOrEmpty(context.FamilyName)) if (!string.IsNullOrEmpty(context.FamilyName))
{ {
context.Identity.AddClaim(new Claim(ClaimTypes.Surname, context.FamilyName, identity.AddClaim(new Claim(ClaimTypes.Surname, context.FamilyName,
ClaimValueTypes.String, Options.AuthenticationType)); ClaimValueTypes.String, Options.AuthenticationScheme));
} }
if (!string.IsNullOrEmpty(context.Name)) if (!string.IsNullOrEmpty(context.Name))
{ {
context.Identity.AddClaim(new Claim(ClaimTypes.Name, context.Name, ClaimValueTypes.String, identity.AddClaim(new Claim(ClaimTypes.Name, context.Name, ClaimValueTypes.String,
Options.AuthenticationType)); Options.AuthenticationScheme));
} }
if (!string.IsNullOrEmpty(context.Email)) if (!string.IsNullOrEmpty(context.Email))
{ {
context.Identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String, identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String,
Options.AuthenticationType)); Options.AuthenticationScheme));
} }
if (!string.IsNullOrEmpty(context.Profile)) if (!string.IsNullOrEmpty(context.Profile))
{ {
context.Identity.AddClaim(new Claim("urn:google:profile", context.Profile, ClaimValueTypes.String, identity.AddClaim(new Claim("urn:google:profile", context.Profile, ClaimValueTypes.String,
Options.AuthenticationType)); Options.AuthenticationScheme));
} }
context.Properties = properties; context.Properties = properties;
context.Principal = new ClaimsPrincipal(identity);
await Options.Notifications.Authenticated(context); await Options.Notifications.Authenticated(context);
return new AuthenticationTicket(context.Identity, context.Properties); return new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme);
} }
// TODO: Abstract this properties override pattern into the base class? // TODO: Abstract this properties override pattern into the base class?

View File

@ -5,15 +5,15 @@ using System;
using System.Diagnostics.CodeAnalysis; using System.Diagnostics.CodeAnalysis;
using System.Globalization; using System.Globalization;
using System.Net.Http; using System.Net.Http;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.DataHandler;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.DataProtection; using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Security.DataHandler; using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Security.Google namespace Microsoft.AspNet.Authentication.Google
{ {
/// <summary> /// <summary>
/// An ASP.NET middleware for authenticating users using Google OAuth 2.0. /// An ASP.NET middleware for authenticating users using Google OAuth 2.0.

View File

@ -5,10 +5,10 @@ using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Net.Http; using System.Net.Http;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Google namespace Microsoft.AspNet.Authentication.Google
{ {
/// <summary> /// <summary>
/// Configuration options for <see cref="GoogleAuthenticationMiddleware"/>. /// Configuration options for <see cref="GoogleAuthenticationMiddleware"/>.
@ -20,8 +20,8 @@ namespace Microsoft.AspNet.Security.Google
/// </summary> /// </summary>
public GoogleAuthenticationOptions() public GoogleAuthenticationOptions()
{ {
AuthenticationType = GoogleAuthenticationDefaults.AuthenticationType; AuthenticationScheme = GoogleAuthenticationDefaults.AuthenticationScheme;
Caption = AuthenticationType; Caption = AuthenticationScheme;
CallbackPath = new PathString("/signin-google"); CallbackPath = new PathString("/signin-google");
AuthorizationEndpoint = GoogleAuthenticationDefaults.AuthorizationEndpoint; AuthorizationEndpoint = GoogleAuthenticationDefaults.AuthorizationEndpoint;
TokenEndpoint = GoogleAuthenticationDefaults.TokenEndpoint; TokenEndpoint = GoogleAuthenticationDefaults.TokenEndpoint;

View File

@ -1,4 +1,4 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup> <PropertyGroup>
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion> <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
@ -14,4 +14,4 @@
<SchemaVersion>2.0</SchemaVersion> <SchemaVersion>2.0</SchemaVersion>
</PropertyGroup> </PropertyGroup>
<Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" /> <Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" />
</Project> </Project>

View File

@ -3,7 +3,7 @@
using System; using System;
namespace Microsoft.AspNet.Security.Cookies namespace Microsoft.AspNet.Authentication.Google
{ {
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)] [AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute internal sealed class NotNullAttribute : Attribute

View File

@ -6,11 +6,11 @@ using System.Globalization;
using System.Net.Http; using System.Net.Http;
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.Google namespace Microsoft.AspNet.Authentication.Google
{ {
/// <summary> /// <summary>
/// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>. /// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.

View File

@ -3,9 +3,9 @@
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Google namespace Microsoft.AspNet.Authentication.Google
{ {
/// <summary> /// <summary>
/// The default <see cref="IGoogleAuthenticationNotifications"/> implementation. /// The default <see cref="IGoogleAuthenticationNotifications"/> implementation.

View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.Google namespace Microsoft.AspNet.Authentication.Google
{ {
/// <summary> /// <summary>
/// Specifies callback methods which the <see cref="GoogleAuthenticationMiddleware" /> invokes to enable developer control over the authentication process. /// Specifies callback methods which the <see cref="GoogleAuthenticationMiddleware" /> invokes to enable developer control over the authentication process.

View File

@ -8,7 +8,7 @@
// </auto-generated> // </auto-generated>
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
namespace Microsoft.AspNet.Security.Google { namespace Microsoft.AspNet.Authentication.Google {
using System; using System;
@ -39,7 +39,7 @@ namespace Microsoft.AspNet.Security.Google {
internal static global::System.Resources.ResourceManager ResourceManager { internal static global::System.Resources.ResourceManager ResourceManager {
get { get {
if (object.ReferenceEquals(resourceMan, null)) { if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Security.Google.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly); global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Authentication.Google.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
resourceMan = temp; resourceMan = temp;
} }
return resourceMan; return resourceMan;

View File

@ -2,7 +2,7 @@
"version": "1.0.0-*", "version": "1.0.0-*",
"description": "ASP.NET 5 contains middlewares to support Google's OpenId and OAuth 2.0 authentication workflows.", "description": "ASP.NET 5 contains middlewares to support Google's OpenId and OAuth 2.0 authentication workflows.",
"dependencies": { "dependencies": {
"Microsoft.AspNet.Security.OAuth": "1.0.0-*" "Microsoft.AspNet.Authentication.OAuth": "1.0.0-*"
}, },
"frameworks": { "frameworks": {
"aspnet50": { }, "aspnet50": { },

View File

@ -1,11 +1,11 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.MicrosoftAccount namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{ {
public static class MicrosoftAccountAuthenticationDefaults public static class MicrosoftAccountAuthenticationDefaults
{ {
public const string AuthenticationType = "Microsoft"; public const string AuthenticationScheme = "Microsoft";
public const string AuthorizationEndpoint = "https://login.live.com/oauth20_authorize.srf"; public const string AuthorizationEndpoint = "https://login.live.com/oauth20_authorize.srf";

View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Security.MicrosoftAccount; using Microsoft.AspNet.Authentication.MicrosoftAccount;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
using System; using System;

View File

@ -8,12 +8,12 @@ using System.Net.Http.Headers;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.MicrosoftAccount namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{ {
internal class MicrosoftAccountAuthenticationHandler : OAuthAuthenticationHandler<MicrosoftAccountAuthenticationOptions, IMicrosoftAccountAuthenticationNotifications> internal class MicrosoftAccountAuthenticationHandler : OAuthAuthenticationHandler<MicrosoftAccountAuthenticationOptions, IMicrosoftAccountAuthenticationNotifications>
{ {
@ -33,26 +33,27 @@ namespace Microsoft.AspNet.Security.MicrosoftAccount
var context = new MicrosoftAccountAuthenticatedContext(Context, Options, accountInformation, tokens); var context = new MicrosoftAccountAuthenticatedContext(Context, Options, accountInformation, tokens);
context.Properties = properties; context.Properties = properties;
context.Identity = new ClaimsIdentity( var identity = new ClaimsIdentity(
new[] new[]
{ {
new Claim(ClaimTypes.NameIdentifier, context.Id, ClaimValueTypes.String, Options.AuthenticationType), new Claim(ClaimTypes.NameIdentifier, context.Id, ClaimValueTypes.String, Options.AuthenticationScheme),
new Claim(ClaimTypes.Name, context.Name, ClaimValueTypes.String, Options.AuthenticationType), new Claim(ClaimTypes.Name, context.Name, ClaimValueTypes.String, Options.AuthenticationScheme),
new Claim("urn:microsoftaccount:id", context.Id, ClaimValueTypes.String, Options.AuthenticationType), new Claim("urn:microsoftaccount:id", context.Id, ClaimValueTypes.String, Options.AuthenticationScheme),
new Claim("urn:microsoftaccount:name", context.Name, ClaimValueTypes.String, Options.AuthenticationType) new Claim("urn:microsoftaccount:name", context.Name, ClaimValueTypes.String, Options.AuthenticationScheme)
}, },
Options.AuthenticationType, Options.AuthenticationScheme,
ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType); ClaimsIdentity.DefaultRoleClaimType);
if (!string.IsNullOrWhiteSpace(context.Email)) if (!string.IsNullOrWhiteSpace(context.Email))
{ {
context.Identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String, Options.AuthenticationType)); identity.AddClaim(new Claim(ClaimTypes.Email, context.Email, ClaimValueTypes.String, Options.AuthenticationScheme));
} }
context.Principal = new ClaimsPrincipal(identity);
await Options.Notifications.Authenticated(context); await Options.Notifications.Authenticated(context);
return new AuthenticationTicket(context.Identity, context.Properties); return new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme);
} }
} }
} }

View File

@ -3,14 +3,14 @@
using System; using System;
using System.Globalization; using System.Globalization;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.DataProtection; using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.AspNet.Security.OAuth;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Security.MicrosoftAccount namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{ {
/// <summary> /// <summary>
/// An ASP.NET middleware for authenticating users using the Microsoft Account service. /// An ASP.NET middleware for authenticating users using the Microsoft Account service.

View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.MicrosoftAccount namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{ {
/// <summary> /// <summary>
/// Configuration options for <see cref="MicrosoftAccountAuthenticationMiddleware"/>. /// Configuration options for <see cref="MicrosoftAccountAuthenticationMiddleware"/>.
@ -16,8 +16,8 @@ namespace Microsoft.AspNet.Security.MicrosoftAccount
/// </summary> /// </summary>
public MicrosoftAccountAuthenticationOptions() public MicrosoftAccountAuthenticationOptions()
{ {
AuthenticationType = MicrosoftAccountAuthenticationDefaults.AuthenticationType; AuthenticationScheme = MicrosoftAccountAuthenticationDefaults.AuthenticationScheme;
Caption = AuthenticationType; Caption = AuthenticationScheme;
CallbackPath = new PathString("/signin-microsoft"); CallbackPath = new PathString("/signin-microsoft");
AuthorizationEndpoint = MicrosoftAccountAuthenticationDefaults.AuthorizationEndpoint; AuthorizationEndpoint = MicrosoftAccountAuthenticationDefaults.AuthorizationEndpoint;
TokenEndpoint = MicrosoftAccountAuthenticationDefaults.TokenEndpoint; TokenEndpoint = MicrosoftAccountAuthenticationDefaults.TokenEndpoint;

View File

@ -0,0 +1,12 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute
{
}
}

View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.MicrosoftAccount namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{ {
/// <summary> /// <summary>
/// Specifies callback methods which the <see cref="MicrosoftAccountAuthenticationMiddleware"/> invokes to enable developer control over the authentication process. /// Specifies callback methods which the <see cref="MicrosoftAccountAuthenticationMiddleware"/> invokes to enable developer control over the authentication process.

View File

@ -6,10 +6,10 @@ using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Net.Http; using System.Net.Http;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.MicrosoftAccount namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{ {
/// <summary> /// <summary>
/// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>. /// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.

View File

@ -3,9 +3,9 @@
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
namespace Microsoft.AspNet.Security.MicrosoftAccount namespace Microsoft.AspNet.Authentication.MicrosoftAccount
{ {
/// <summary> /// <summary>
/// Default <see cref="IMicrosoftAccountAuthenticationNotifications"/> implementation. /// Default <see cref="IMicrosoftAccountAuthenticationNotifications"/> implementation.

View File

@ -8,7 +8,7 @@
// </auto-generated> // </auto-generated>
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
namespace Microsoft.AspNet.Security.MicrosoftAccount { namespace Microsoft.AspNet.Authentication.MicrosoftAccount {
using System; using System;
@ -39,7 +39,7 @@ namespace Microsoft.AspNet.Security.MicrosoftAccount {
internal static global::System.Resources.ResourceManager ResourceManager { internal static global::System.Resources.ResourceManager ResourceManager {
get { get {
if (object.ReferenceEquals(resourceMan, null)) { if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Security.MicrosoftAccount.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly); global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Authentication.MicrosoftAccount.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
resourceMan = temp; resourceMan = temp;
} }
return resourceMan; return resourceMan;

View File

@ -2,7 +2,7 @@
"version": "1.0.0-*", "version": "1.0.0-*",
"description": "ASP.NET 5 middleware that enables an application to support the Microsoft Account authentication workflow.", "description": "ASP.NET 5 middleware that enables an application to support the Microsoft Account authentication workflow.",
"dependencies": { "dependencies": {
"Microsoft.AspNet.Security.OAuth": "1.0.0-*" "Microsoft.AspNet.Authentication.OAuth": "1.0.0-*"
}, },
"frameworks": { "frameworks": {
"aspnet50": { }, "aspnet50": { },

View File

@ -1,4 +1,4 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup> <PropertyGroup>
<VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion> <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
@ -14,4 +14,4 @@
<SchemaVersion>2.0</SchemaVersion> <SchemaVersion>2.0</SchemaVersion>
</PropertyGroup> </PropertyGroup>
<Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" /> <Import Project="$(VSToolsPath)\AspNet\Microsoft.Web.AspNet.targets" Condition="'$(VSToolsPath)' != ''" />
</Project> </Project>

View File

@ -3,7 +3,7 @@
using System; using System;
namespace Microsoft.AspNet.Security.Google namespace Microsoft.AspNet.Authentication.OAuth
{ {
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)] [AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute internal sealed class NotNullAttribute : Attribute

View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Base class used for certain event contexts /// Base class used for certain event contexts

View File

@ -3,9 +3,9 @@
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Base class used for certain event contexts /// Base class used for certain event contexts
@ -49,10 +49,11 @@ namespace Microsoft.AspNet.Security.OAuth
/// </summary> /// </summary>
/// <param name="identity">Assigned to the Ticket.Identity property</param> /// <param name="identity">Assigned to the Ticket.Identity property</param>
/// <returns>True if the validation has taken effect.</returns> /// <returns>True if the validation has taken effect.</returns>
public bool Validated(ClaimsIdentity identity) public bool Validated(ClaimsPrincipal principal)
{ {
AuthenticationProperties properties = Ticket != null ? Ticket.Properties : new AuthenticationProperties(); AuthenticationProperties properties = Ticket != null ? Ticket.Properties : new AuthenticationProperties();
return Validated(new AuthenticationTicket(identity, properties)); // TODO: Ticket can be null, need to revisit
return Validated(new AuthenticationTicket(principal, properties, Ticket.AuthenticationScheme));
} }
} }
} }

View File

@ -3,7 +3,7 @@
using System.Threading.Tasks; using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Specifies callback methods which the <see cref="OAuthAuthenticationMiddleware"/> invokes to enable developer control over the authentication process. /// Specifies callback methods which the <see cref="OAuthAuthenticationMiddleware"/> invokes to enable developer control over the authentication process.

View File

@ -2,10 +2,10 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Context passed when a Challenge causes a redirect to authorize endpoint in the Microsoft account middleware. /// Context passed when a Challenge causes a redirect to authorize endpoint in the Microsoft account middleware.

View File

@ -5,11 +5,11 @@ using System;
using System.Globalization; using System.Globalization;
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>. /// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.
@ -66,11 +66,11 @@ namespace Microsoft.AspNet.Security.OAuth
/// <summary> /// <summary>
/// Gets the <see cref="ClaimsIdentity"/> representing the user. /// Gets the <see cref="ClaimsIdentity"/> representing the user.
/// </summary> /// </summary>
public ClaimsIdentity Identity { get; set; } public ClaimsPrincipal Principal { get; set; }
/// <summary> /// <summary>
/// Gets or sets a property bag for common authentication properties. /// Gets or sets a property bag for common authentication properties.
/// </summary> /// </summary>
public AuthenticationProperties Properties { get; set; } public AuthenticationProperties Properties { get; set; }
} }
} }

View File

@ -4,7 +4,7 @@
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Default <see cref="IOAuthAuthenticationNotifications"/> implementation. /// Default <see cref="IOAuthAuthenticationNotifications"/> implementation.

View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Specifies the HTTP response header for the bearer authentication scheme. /// Specifies the HTTP response header for the bearer authentication scheme.

View File

@ -6,10 +6,10 @@ using System.Globalization;
using System.Net.Http; using System.Net.Http;
using System.Security.Claims; using System.Security.Claims;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>. /// Contains information about the login session as well as the user <see cref="System.Security.Claims.ClaimsIdentity"/>.
@ -63,9 +63,9 @@ namespace Microsoft.AspNet.Security.OAuth
public HttpClient Backchannel { get; protected set; } public HttpClient Backchannel { get; protected set; }
/// <summary> /// <summary>
/// Gets the <see cref="ClaimsIdentity"/> representing the user. /// Gets the <see cref="ClaimsPrincipal"/> representing the user.
/// </summary> /// </summary>
public ClaimsIdentity Identity { get; set; } public ClaimsPrincipal Principal { get; set; }
/// <summary> /// <summary>
/// Gets or sets a property bag for common authentication properties. /// Gets or sets a property bag for common authentication properties.

View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Specifies the HTTP request header for the bearer authentication scheme. /// Specifies the HTTP request header for the bearer authentication scheme.

View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Provides context information to middleware providers. /// Provides context information to middleware providers.

View File

@ -6,7 +6,7 @@ using System.Globalization;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
public static class OAuthAuthenticationDefaults public static class OAuthAuthenticationDefaults
{ {
@ -14,25 +14,25 @@ namespace Microsoft.AspNet.Security.OAuth
{ {
// If the developer doesn't specify a user-info callback, just give them the tokens. // If the developer doesn't specify a user-info callback, just give them the tokens.
var identity = new ClaimsIdentity( var identity = new ClaimsIdentity(
context.Options.AuthenticationType, context.Options.AuthenticationScheme,
ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType); ClaimsIdentity.DefaultRoleClaimType);
identity.AddClaim(new Claim("access_token", context.AccessToken, ClaimValueTypes.String, context.Options.AuthenticationType)); identity.AddClaim(new Claim("access_token", context.AccessToken, ClaimValueTypes.String, context.Options.AuthenticationScheme));
if (!string.IsNullOrEmpty(context.RefreshToken)) if (!string.IsNullOrEmpty(context.RefreshToken))
{ {
identity.AddClaim(new Claim("refresh_token", context.RefreshToken, ClaimValueTypes.String, context.Options.AuthenticationType)); identity.AddClaim(new Claim("refresh_token", context.RefreshToken, ClaimValueTypes.String, context.Options.AuthenticationScheme));
} }
if (!string.IsNullOrEmpty(context.TokenType)) if (!string.IsNullOrEmpty(context.TokenType))
{ {
identity.AddClaim(new Claim("token_type", context.TokenType, ClaimValueTypes.String, context.Options.AuthenticationType)); identity.AddClaim(new Claim("token_type", context.TokenType, ClaimValueTypes.String, context.Options.AuthenticationScheme));
} }
if (context.ExpiresIn.HasValue) if (context.ExpiresIn.HasValue)
{ {
identity.AddClaim(new Claim("expires_in", context.ExpiresIn.Value.TotalSeconds.ToString(CultureInfo.InvariantCulture), identity.AddClaim(new Claim("expires_in", context.ExpiresIn.Value.TotalSeconds.ToString(CultureInfo.InvariantCulture),
ClaimValueTypes.String, context.Options.AuthenticationType)); ClaimValueTypes.String, context.Options.AuthenticationScheme));
} }
context.Identity = identity; context.Principal = new ClaimsPrincipal(identity);
return Task.FromResult(0); return Task.FromResult(0);
}; };
} }

View File

@ -3,8 +3,8 @@
using System; using System;
using System.Globalization; using System.Globalization;
using Microsoft.AspNet.Security.OAuth; using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.Security.Infrastructure; using Microsoft.AspNet.Authentication;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Builder namespace Microsoft.AspNet.Builder
@ -20,13 +20,13 @@ namespace Microsoft.AspNet.Builder
/// <param name="app">The <see cref="IApplicationBuilder"/> passed to the configure method.</param> /// <param name="app">The <see cref="IApplicationBuilder"/> passed to the configure method.</param>
/// <param name="options">The middleware configuration options.</param> /// <param name="options">The middleware configuration options.</param>
/// <returns>The updated <see cref="IApplicationBuilder"/>.</returns> /// <returns>The updated <see cref="IApplicationBuilder"/>.</returns>
public static IApplicationBuilder UseOAuthAuthentication([NotNull] this IApplicationBuilder app, [NotNull] string authenticationType, Action<OAuthAuthenticationOptions<IOAuthAuthenticationNotifications>> configureOptions = null) public static IApplicationBuilder UseOAuthAuthentication([NotNull] this IApplicationBuilder app, [NotNull] string authenticationScheme, Action<OAuthAuthenticationOptions<IOAuthAuthenticationNotifications>> configureOptions = null)
{ {
return app.UseMiddleware<OAuthAuthenticationMiddleware<OAuthAuthenticationOptions<IOAuthAuthenticationNotifications>, IOAuthAuthenticationNotifications>>( return app.UseMiddleware<OAuthAuthenticationMiddleware<OAuthAuthenticationOptions<IOAuthAuthenticationNotifications>, IOAuthAuthenticationNotifications>>(
new ConfigureOptions<OAuthAuthenticationOptions<IOAuthAuthenticationNotifications>>(options => new ConfigureOptions<OAuthAuthenticationOptions<IOAuthAuthenticationNotifications>>(options =>
{ {
options.AuthenticationType = authenticationType; options.AuthenticationScheme = authenticationScheme;
options.Caption = authenticationType; options.Caption = authenticationScheme;
if (configureOptions != null) if (configureOptions != null)
{ {
configureOptions(options); configureOptions(options);
@ -37,7 +37,7 @@ namespace Microsoft.AspNet.Builder
} }
}) })
{ {
Name = authenticationType, Name = authenticationScheme,
}); });
} }
} }

View File

@ -9,13 +9,13 @@ using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Extensions; using Microsoft.AspNet.Http.Extensions;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Security.Infrastructure; using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.WebUtilities; using Microsoft.AspNet.WebUtilities;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
public class OAuthAuthenticationHandler<TOptions, TNotifications> : AuthenticationHandler<TOptions> public class OAuthAuthenticationHandler<TOptions, TNotifications> : AuthenticationHandler<TOptions>
where TOptions : OAuthAuthenticationOptions<TNotifications> where TOptions : OAuthAuthenticationOptions<TNotifications>
@ -52,26 +52,21 @@ namespace Microsoft.AspNet.Security.OAuth
var context = new OAuthReturnEndpointContext(Context, ticket) var context = new OAuthReturnEndpointContext(Context, ticket)
{ {
SignInAsAuthenticationType = Options.SignInAsAuthenticationType, SignInScheme = Options.SignInScheme,
RedirectUri = ticket.Properties.RedirectUri, RedirectUri = ticket.Properties.RedirectUri,
}; };
ticket.Properties.RedirectUri = null; ticket.Properties.RedirectUri = null;
await Options.Notifications.ReturnEndpoint(context); await Options.Notifications.ReturnEndpoint(context);
if (context.SignInAsAuthenticationType != null && context.Identity != null) if (context.SignInScheme != null && context.Principal != null)
{ {
ClaimsIdentity signInIdentity = context.Identity; Context.Response.SignIn(context.SignInScheme, context.Principal, context.Properties);
if (!string.Equals(signInIdentity.AuthenticationType, context.SignInAsAuthenticationType, StringComparison.Ordinal))
{
signInIdentity = new ClaimsIdentity(signInIdentity.Claims, context.SignInAsAuthenticationType, signInIdentity.NameClaimType, signInIdentity.RoleClaimType);
}
Context.Response.SignIn(context.Properties, signInIdentity);
} }
if (!context.IsRequestCompleted && context.RedirectUri != null) if (!context.IsRequestCompleted && context.RedirectUri != null)
{ {
if (context.Identity == null) if (context.Principal == null)
{ {
// add a redirect hint that sign-in failed in some way // add a redirect hint that sign-in failed in some way
context.RedirectUri = QueryHelpers.AddQueryString(context.RedirectUri, "error", "access_denied"); context.RedirectUri = QueryHelpers.AddQueryString(context.RedirectUri, "error", "access_denied");
@ -116,13 +111,13 @@ namespace Microsoft.AspNet.Security.OAuth
// OAuth2 10.12 CSRF // OAuth2 10.12 CSRF
if (!ValidateCorrelationId(properties, Logger)) if (!ValidateCorrelationId(properties, Logger))
{ {
return new AuthenticationTicket(null, properties); return new AuthenticationTicket(properties, Options.AuthenticationScheme);
} }
if (string.IsNullOrEmpty(code)) if (string.IsNullOrEmpty(code))
{ {
// Null if the remote server returns an error. // Null if the remote server returns an error.
return new AuthenticationTicket(null, properties); return new AuthenticationTicket(properties, Options.AuthenticationScheme);
} }
string requestPrefix = Request.Scheme + "://" + Request.Host; string requestPrefix = Request.Scheme + "://" + Request.Host;
@ -133,7 +128,7 @@ namespace Microsoft.AspNet.Security.OAuth
if (string.IsNullOrWhiteSpace(tokens.AccessToken)) if (string.IsNullOrWhiteSpace(tokens.AccessToken))
{ {
Logger.WriteWarning("Access token was not found"); Logger.WriteWarning("Access token was not found");
return new AuthenticationTicket(null, properties); return new AuthenticationTicket(properties, Options.AuthenticationScheme);
} }
return await GetUserInformationAsync(properties, tokens); return await GetUserInformationAsync(properties, tokens);
@ -141,7 +136,7 @@ namespace Microsoft.AspNet.Security.OAuth
catch (Exception ex) catch (Exception ex)
{ {
Logger.WriteError("Authentication failed", ex); Logger.WriteError("Authentication failed", ex);
return new AuthenticationTicket(null, properties); return new AuthenticationTicket(properties, Options.AuthenticationScheme);
} }
} }
@ -176,7 +171,7 @@ namespace Microsoft.AspNet.Security.OAuth
Properties = properties, Properties = properties,
}; };
await Options.Notifications.GetUserInformationAsync(context); await Options.Notifications.GetUserInformationAsync(context);
return new AuthenticationTicket(context.Identity, context.Properties); return new AuthenticationTicket(context.Principal, context.Properties, Options.AuthenticationScheme);
} }
protected override void ApplyResponseChallenge() protected override void ApplyResponseChallenge()
@ -186,8 +181,8 @@ namespace Microsoft.AspNet.Security.OAuth
return; return;
} }
// Active middleware should redirect on 401 even if there wasn't an explicit challenge. // Only redirect on challenges
if (ChallengeContext == null && Options.AuthenticationMode == AuthenticationMode.Passive) if (ChallengeContext == null)
{ {
return; return;
} }

View File

@ -5,14 +5,14 @@ using System;
using System.Diagnostics.CodeAnalysis; using System.Diagnostics.CodeAnalysis;
using System.Globalization; using System.Globalization;
using System.Net.Http; using System.Net.Http;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.DataHandler;
using Microsoft.AspNet.Builder; using Microsoft.AspNet.Builder;
using Microsoft.AspNet.DataProtection; using Microsoft.AspNet.DataProtection;
using Microsoft.AspNet.Security.DataHandler;
using Microsoft.AspNet.Security.Infrastructure;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// An ASP.NET middleware for authenticating users using OAuth services. /// An ASP.NET middleware for authenticating users using OAuth services.
@ -41,9 +41,9 @@ namespace Microsoft.AspNet.Security.OAuth
: base(next, services, options, configureOptions) : base(next, services, options, configureOptions)
{ {
// todo: review error handling // todo: review error handling
if (string.IsNullOrWhiteSpace(Options.AuthenticationType)) if (string.IsNullOrWhiteSpace(Options.AuthenticationScheme))
{ {
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.Exception_OptionMustBeProvided, "AuthenticationType")); throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.Exception_OptionMustBeProvided, "AuthenticationScheme"));
} }
if (string.IsNullOrWhiteSpace(Options.ClientId)) if (string.IsNullOrWhiteSpace(Options.ClientId))
@ -71,7 +71,7 @@ namespace Microsoft.AspNet.Security.OAuth
if (Options.StateDataFormat == null) if (Options.StateDataFormat == null)
{ {
IDataProtector dataProtector = dataProtectionProvider.CreateProtector( IDataProtector dataProtector = dataProtectionProvider.CreateProtector(
this.GetType().FullName, Options.AuthenticationType, "v1"); this.GetType().FullName, Options.AuthenticationScheme, "v1");
Options.StateDataFormat = new PropertiesDataFormat(dataProtector); Options.StateDataFormat = new PropertiesDataFormat(dataProtector);
} }
@ -80,13 +80,13 @@ namespace Microsoft.AspNet.Security.OAuth
Backchannel.Timeout = Options.BackchannelTimeout; Backchannel.Timeout = Options.BackchannelTimeout;
Backchannel.MaxResponseContentBufferSize = 1024 * 1024 * 10; // 10 MB Backchannel.MaxResponseContentBufferSize = 1024 * 1024 * 10; // 10 MB
if (string.IsNullOrEmpty(Options.SignInAsAuthenticationType)) if (string.IsNullOrEmpty(Options.SignInScheme))
{ {
Options.SignInAsAuthenticationType = externalOptions.Options.SignInAsAuthenticationType; Options.SignInScheme = externalOptions.Options.SignInScheme;
} }
if (string.IsNullOrEmpty(Options.SignInAsAuthenticationType)) if (string.IsNullOrEmpty(Options.SignInScheme))
{ {
throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.Exception_OptionMustBeProvided, "SignInAsAuthenticationType")); throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.Exception_OptionMustBeProvided, "SignInScheme"));
} }
} }

View File

@ -6,9 +6,9 @@ using System.Collections.Generic;
using System.Net.Http; using System.Net.Http;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.Http.Authentication;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Configuration options for <see cref="OAuthAuthenticationMiddleware"/>. /// Configuration options for <see cref="OAuthAuthenticationMiddleware"/>.
@ -20,7 +20,6 @@ namespace Microsoft.AspNet.Security.OAuth
/// </summary> /// </summary>
public OAuthAuthenticationOptions() public OAuthAuthenticationOptions()
{ {
AuthenticationMode = AuthenticationMode.Passive;
Scope = new List<string>(); Scope = new List<string>();
BackchannelTimeout = TimeSpan.FromSeconds(60); BackchannelTimeout = TimeSpan.FromSeconds(60);
} }
@ -102,7 +101,12 @@ namespace Microsoft.AspNet.Security.OAuth
/// <summary> /// <summary>
/// Gets or sets the name of another authentication middleware which will be responsible for actually issuing a user <see cref="System.Security.Claims.ClaimsIdentity"/>. /// Gets or sets the name of another authentication middleware which will be responsible for actually issuing a user <see cref="System.Security.Claims.ClaimsIdentity"/>.
/// </summary> /// </summary>
public string SignInAsAuthenticationType { get; set; } public string SignInScheme { get; set; }
/// <summary>
/// Gets or sets the issuer that should be used for any claims that are created
/// </summary>
public string ClaimsIssuer { get; set; }
/// <summary> /// <summary>
/// Gets or sets the type used to secure data handled by the middleware. /// Gets or sets the type used to secure data handled by the middleware.

View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
/// <summary> /// <summary>
/// Configuration options for <see cref="OAuthAuthenticationMiddleware"/>. /// Configuration options for <see cref="OAuthAuthenticationMiddleware"/>.

View File

@ -8,7 +8,7 @@
// </auto-generated> // </auto-generated>
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
namespace Microsoft.AspNet.Security.OAuthBearer { namespace Microsoft.AspNet.Authentication.OAuth {
using System; using System;
@ -39,7 +39,7 @@ namespace Microsoft.AspNet.Security.OAuthBearer {
internal static global::System.Resources.ResourceManager ResourceManager { internal static global::System.Resources.ResourceManager ResourceManager {
get { get {
if (object.ReferenceEquals(resourceMan, null)) { if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Security.OAuth.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly); global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNet.Authentication.OAuth.Resources", System.Reflection.IntrospectionExtensions.GetTypeInfo(typeof(Resources)).Assembly);
resourceMan = temp; resourceMan = temp;
} }
return resourceMan; return resourceMan;

View File

@ -3,7 +3,7 @@
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
namespace Microsoft.AspNet.Security.OAuth namespace Microsoft.AspNet.Authentication.OAuth
{ {
public class TokenResponse public class TokenResponse
{ {

View File

@ -3,7 +3,7 @@
"description": "ASP.NET 5 middleware that enables an application to support any standard OAuth 2.0 authentication workflow.", "description": "ASP.NET 5 middleware that enables an application to support any standard OAuth 2.0 authentication workflow.",
"dependencies": { "dependencies": {
"Microsoft.AspNet.DataProtection": "1.0.0-*", "Microsoft.AspNet.DataProtection": "1.0.0-*",
"Microsoft.AspNet.Security": "1.0.0-*" "Microsoft.AspNet.Authentication": "1.0.0-*"
}, },
"frameworks": { "frameworks": {
"aspnet50": { "aspnet50": {

View File

@ -3,7 +3,7 @@
using System; using System;
namespace Microsoft.AspNet.Security.MicrosoftAccount namespace Microsoft.AspNet.Authentication.OAuthBearer
{ {
[AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)] [AttributeUsage(AttributeTargets.Parameter, AllowMultiple = false)]
internal sealed class NotNullAttribute : Attribute internal sealed class NotNullAttribute : Attribute

View File

@ -2,9 +2,9 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
namespace Microsoft.AspNet.Security.OAuthBearer namespace Microsoft.AspNet.Authentication.OAuthBearer
{ {
public class AuthenticationChallengeNotification<TOptions> : BaseNotification<TOptions> public class AuthenticationChallengeNotification<TOptions> : BaseNotification<TOptions>
{ {

View File

@ -4,12 +4,12 @@
using System; using System;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Security.Notifications; using Microsoft.AspNet.Authentication.Notifications;
/// <summary> /// <summary>
/// Specifies events which the <see cref="OAuthBearerAuthenticationMiddleware"></see> invokes to enable developer control over the authentication process. /> /// Specifies events which the <see cref="OAuthBearerAuthenticationMiddleware"></see> invokes to enable developer control over the authentication process. />
/// </summary> /// </summary>
namespace Microsoft.AspNet.Security.OAuthBearer namespace Microsoft.AspNet.Authentication.OAuthBearer
{ {
/// <summary> /// <summary>
/// OAuth bearer token middleware provider /// OAuth bearer token middleware provider

View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
namespace Microsoft.AspNet.Security.OAuthBearer namespace Microsoft.AspNet.Authentication.OAuthBearer
{ {
/// <summary> /// <summary>
/// Default values used by authorization server and bearer authentication. /// Default values used by authorization server and bearer authentication.
@ -9,9 +9,9 @@ namespace Microsoft.AspNet.Security.OAuthBearer
public static class OAuthBearerAuthenticationDefaults public static class OAuthBearerAuthenticationDefaults
{ {
/// <summary> /// <summary>
/// Default value for AuthenticationType property in the OAuthBearerAuthenticationOptions and /// Default value for AuthenticationScheme property in the OAuthBearerAuthenticationOptions and
/// OAuthAuthorizationServerOptions. /// OAuthAuthorizationServerOptions.
/// </summary> /// </summary>
public const string AuthenticationType = "Bearer"; public const string AuthenticationScheme = "Bearer";
} }
} }

View File

@ -2,7 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System; using System;
using Microsoft.AspNet.Security.OAuthBearer; using Microsoft.AspNet.Authentication.OAuthBearer;
using Microsoft.Framework.DependencyInjection; using Microsoft.Framework.DependencyInjection;
using Microsoft.Framework.OptionsModel; using Microsoft.Framework.OptionsModel;

Some files were not shown because too many files have changed in this diff Show More