huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Switch to AuthenticationTicket in OAuth event

This commit is contained in:
Hao Kung 2016-01-05 15:46:58 -08:00
parent 2a939287bc
commit 7a23028527
12 changed files with 58 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/Microsoft.AspNet.Authentication.Facebook/FacebookHandler.cs
View File

@ -38,7 +38,8 @@ namespace Microsoft.AspNet.Authentication.Facebook
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var context = new OAuthCreatingTicketContext(new ClaimsPrincipal(identity), properties, Context, Options, Backchannel, tokens, payload);
var ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), properties, Options.AuthenticationScheme);
var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload);
var identifier = FacebookHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
@ -78,7 +79,7 @@ namespace Microsoft.AspNet.Authentication.Facebook
await Options.Events.CreatingTicket(context);
return new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme);
return context.Ticket;
}
private string GenerateAppSecretProof(string accessToken)

5
src/Microsoft.AspNet.Authentication.Google/GoogleHandler.cs
View File

@ -32,7 +32,8 @@ namespace Microsoft.AspNet.Authentication.Google
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var context = new OAuthCreatingTicketContext(new ClaimsPrincipal(identity), properties, Context, Options, Backchannel, tokens, payload);
var ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), properties, Options.AuthenticationScheme);
var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload);
var identifier = GoogleHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
@ -72,7 +73,7 @@ namespace Microsoft.AspNet.Authentication.Google
await Options.Events.CreatingTicket(context);
return new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme);
return context.Ticket;
}
// TODO: Abstract this properties override pattern into the base class?

12
src/Microsoft.AspNet.Authentication.JwtBearer/JwtBearerHandler.cs
View File

@ -36,7 +36,7 @@ namespace Microsoft.AspNet.Authentication.JwtBearer
await Options.Events.ReceivingToken(receivingTokenContext);
if (receivingTokenContext.HandledResponse)
{
return AuthenticateResult.Success(receivingTokenContext.AuthenticationTicket);
return AuthenticateResult.Success(receivingTokenContext.Ticket);
}
if (receivingTokenContext.Skipped)
{
@ -77,7 +77,7 @@ namespace Microsoft.AspNet.Authentication.JwtBearer
await Options.Events.ReceivedToken(receivedTokenContext);
if (receivedTokenContext.HandledResponse)
{
return AuthenticateResult.Success(receivedTokenContext.AuthenticationTicket);
return AuthenticateResult.Success(receivedTokenContext.Ticket);
}
if (receivedTokenContext.Skipped)
{
@ -139,13 +139,13 @@ namespace Microsoft.AspNet.Authentication.JwtBearer
var ticket = new AuthenticationTicket(principal, new AuthenticationProperties(), Options.AuthenticationScheme);
var validatedTokenContext = new ValidatedTokenContext(Context, Options)
{
AuthenticationTicket = ticket
Ticket = ticket
};
await Options.Events.ValidatedToken(validatedTokenContext);
if (validatedTokenContext.HandledResponse)
{
return AuthenticateResult.Success(validatedTokenContext.AuthenticationTicket);
return AuthenticateResult.Success(validatedTokenContext.Ticket);
}
if (validatedTokenContext.Skipped)
{
@ -166,7 +166,7 @@ namespace Microsoft.AspNet.Authentication.JwtBearer
await Options.Events.AuthenticationFailed(authenticationFailedContext);
if (authenticationFailedContext.HandledResponse)
{
return AuthenticateResult.Success(authenticationFailedContext.AuthenticationTicket);
return AuthenticateResult.Success(authenticationFailedContext.Ticket);
}
if (authenticationFailedContext.Skipped)
{
@ -190,7 +190,7 @@ namespace Microsoft.AspNet.Authentication.JwtBearer
await Options.Events.AuthenticationFailed(authenticationFailedContext);
if (authenticationFailedContext.HandledResponse)
{
return AuthenticateResult.Success(authenticationFailedContext.AuthenticationTicket);
return AuthenticateResult.Success(authenticationFailedContext.Ticket);
}
if (authenticationFailedContext.Skipped)
{

6
src/Microsoft.AspNet.Authentication.MicrosoftAccount/MicrosoftAccountHandler.cs
View File

@ -28,7 +28,8 @@ namespace Microsoft.AspNet.Authentication.MicrosoftAccount
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var context = new OAuthCreatingTicketContext(new ClaimsPrincipal(identity), properties, Context, Options, Backchannel, tokens, payload);
var ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), properties, Options.AuthenticationScheme);
var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload);
var identifier = MicrosoftAccountHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
{
@ -50,8 +51,7 @@ namespace Microsoft.AspNet.Authentication.MicrosoftAccount
}
await Options.Events.CreatingTicket(context);
return new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme);
return context.Ticket;
}
}
}

32
src/Microsoft.AspNet.Authentication.OAuth/Events/OAuthCreatingTicketContext.cs
View File

@ -19,36 +19,32 @@ namespace Microsoft.AspNet.Authentication.OAuth
/// <summary>
/// Initializes a new <see cref="OAuthCreatingTicketContext"/>.
/// </summary>
/// <param name="principal">The <see cref="ClaimsPrincipal"/> representing the user.</param>
/// <param name="properties">Property bag for common authentication properties.</param>
/// <param name="ticket">The <see cref="AuthenticationTicket"/>.</param>
/// <param name="context">The HTTP environment.</param>
/// <param name="options">The options used by the authentication middleware.</param>
/// <param name="backchannel">The HTTP client used by the authentication middleware</param>
/// <param name="tokens">The tokens returned from the token endpoint.</param>
public OAuthCreatingTicketContext(
ClaimsPrincipal principal,
AuthenticationProperties properties,
AuthenticationTicket ticket,
HttpContext context,
OAuthOptions options,
HttpClient backchannel,
OAuthTokenResponse tokens)
: this(principal, properties, context, options, backchannel, tokens, user: new JObject())
: this(ticket, context, options, backchannel, tokens, user: new JObject())
{
}
/// <summary>
/// Initializes a new <see cref="OAuthCreatingTicketContext"/>.
/// </summary>
/// <param name="principal">The <see cref="ClaimsPrincipal"/> representing the user.</param>
/// <param name="properties">Property bag for common authentication properties.</param>
/// <param name="ticket">The <see cref="AuthenticationTicket"/>.</param>
/// <param name="context">The HTTP environment.</param>
/// <param name="options">The options used by the authentication middleware.</param>
/// <param name="backchannel">The HTTP client used by the authentication middleware</param>
/// <param name="tokens">The tokens returned from the token endpoint.</param>
/// <param name="user">The JSON-serialized user.</param>
public OAuthCreatingTicketContext(
ClaimsPrincipal principal,
AuthenticationProperties properties,
AuthenticationTicket ticket,
HttpContext context,
OAuthOptions options,
HttpClient backchannel,
@ -85,8 +81,7 @@ namespace Microsoft.AspNet.Authentication.OAuth
Backchannel = backchannel;
User = user;
Options = options;
Principal = principal;
Properties = properties;
Ticket = ticket;
}
public OAuthOptions Options { get; }
@ -140,19 +135,14 @@ namespace Microsoft.AspNet.Authentication.OAuth
public HttpClient Backchannel { get; }
/// <summary>
/// Gets the <see cref="ClaimsPrincipal"/> representing the user.
/// The <see cref="AuthenticationTicket"/> that will be created.
/// </summary>
public ClaimsPrincipal Principal { get; set; }
public AuthenticationTicket Ticket { get; set; }
/// <summary>
/// Gets the main identity exposed by <see cref="Principal"/>.
/// This property returns <c>null</c> when <see cref="Principal"/> is <c>null</c>.
/// Gets the main identity exposed by <see cref="Ticket"/>.
/// This property returns <c>null</c> when <see cref="Ticket"/> is <c>null</c>.
/// </summary>
public ClaimsIdentity Identity => Principal?.Identity as ClaimsIdentity;
/// <summary>
/// Gets or sets a property bag for common authentication properties.
/// </summary>
public AuthenticationProperties Properties { get; set; }
public ClaimsIdentity Identity => Ticket?.Principal.Identity as ClaimsIdentity;
}
}

12
src/Microsoft.AspNet.Authentication.OAuth/OAuthHandler.cs
View File

@ -155,16 +155,10 @@ namespace Microsoft.AspNet.Authentication.OAuth
protected virtual async Task<AuthenticationTicket> CreateTicketAsync(ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens)
{
var context = new OAuthCreatingTicketContext(new ClaimsPrincipal(identity), properties, Context, Options, Backchannel, tokens);
var ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), properties, Options.AuthenticationScheme);
var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens);
await Options.Events.CreatingTicket(context);
if (context.Principal?.Identity == null)
{
return null;
}
return new AuthenticationTicket(context.Principal, context.Properties, Options.AuthenticationScheme);
return context.Ticket;
}
protected override async Task<bool> HandleUnauthorizedAsync(ChallengeContext context)

32
src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
View File

@ -332,7 +332,7 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
var messageReceivedContext = await RunMessageReceivedEventAsync(message);
if (messageReceivedContext.HandledResponse)
{
return AuthenticateResult.Success(messageReceivedContext.AuthenticationTicket);
return AuthenticateResult.Success(messageReceivedContext.Ticket);
}
else if (messageReceivedContext.Skipped)
{
@ -387,7 +387,7 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
if (authorizationResponseReceivedContext.HandledResponse)
{
Logger.LogDebug(16, "AuthorizationResponseReceived.HandledResponse");
return AuthenticateResult.Success(authorizationResponseReceivedContext.AuthenticationTicket);
return AuthenticateResult.Success(authorizationResponseReceivedContext.Ticket);
}
else if (authorizationResponseReceivedContext.Skipped)
{
@ -428,7 +428,7 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
var authenticationFailedContext = await RunAuthenticationFailedEventAsync(message, exception);
if (authenticationFailedContext.HandledResponse)
{
return AuthenticateResult.Success(authenticationFailedContext.AuthenticationTicket);
return AuthenticateResult.Success(authenticationFailedContext.Ticket);
}
else if (authenticationFailedContext.Skipped)
{
@ -454,7 +454,7 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
var authorizationCodeReceivedContext = await RunAuthorizationCodeReceivedEventAsync(message, properties, ticket, jwt);
if (authorizationCodeReceivedContext.HandledResponse)
{
return AuthenticateResult.Success(authorizationCodeReceivedContext.AuthenticationTicket);
return AuthenticateResult.Success(authorizationCodeReceivedContext.Ticket);
}
else if (authorizationCodeReceivedContext.Skipped)
{
@ -471,7 +471,7 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
var authorizationCodeRedeemedContext = await RunTokenResponseReceivedEventAsync(message, tokenEndpointResponse, properties);
if (authorizationCodeRedeemedContext.HandledResponse)
{
return AuthenticateResult.Success(authorizationCodeRedeemedContext.AuthenticationTicket);
return AuthenticateResult.Success(authorizationCodeRedeemedContext.Ticket);
}
else if (authorizationCodeRedeemedContext.Skipped)
{
@ -504,13 +504,13 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
var authenticationValidatedContext = await RunAuthenticationValidatedEventAsync(message, ticket, properties, tokenEndpointResponse);
if (authenticationValidatedContext.HandledResponse)
{
return AuthenticateResult.Success(authenticationValidatedContext.AuthenticationTicket);
return AuthenticateResult.Success(authenticationValidatedContext.Ticket);
}
else if (authenticationValidatedContext.Skipped)
{
return AuthenticateResult.Skip();
}
ticket = authenticationValidatedContext.AuthenticationTicket;
ticket = authenticationValidatedContext.Ticket;
if (Options.SaveTokensAsClaims)
{
@ -553,14 +553,14 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
var authenticationValidatedContext = await RunAuthenticationValidatedEventAsync(message, ticket, properties, tokenEndpointResponse: null);
if (authenticationValidatedContext.HandledResponse)
{
return AuthenticateResult.Success(authenticationValidatedContext.AuthenticationTicket);
return AuthenticateResult.Success(authenticationValidatedContext.Ticket);
}
else if (authenticationValidatedContext.Skipped)
{
return AuthenticateResult.Skip();
}
message = authenticationValidatedContext.ProtocolMessage;
ticket = authenticationValidatedContext.AuthenticationTicket;
ticket = authenticationValidatedContext.Ticket;
// Hybrid Flow
if (message.Code != null)
@ -568,14 +568,14 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
var authorizationCodeReceivedContext = await RunAuthorizationCodeReceivedEventAsync(message, properties, ticket, jwt);
if (authorizationCodeReceivedContext.HandledResponse)
{
return AuthenticateResult.Success(authorizationCodeReceivedContext.AuthenticationTicket);
return AuthenticateResult.Success(authorizationCodeReceivedContext.Ticket);
}
else if (authorizationCodeReceivedContext.Skipped)
{
return AuthenticateResult.Skip();
}
message = authorizationCodeReceivedContext.ProtocolMessage;
ticket = authorizationCodeReceivedContext.AuthenticationTicket;
ticket = authorizationCodeReceivedContext.Ticket;
if (Options.SaveTokensAsClaims)
{
@ -666,13 +666,13 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
var userInformationReceivedContext = await RunUserInformationReceivedEventAsync(ticket, message, user);
if (userInformationReceivedContext.HandledResponse)
{
return userInformationReceivedContext.AuthenticationTicket;
return userInformationReceivedContext.Ticket;
}
else if (userInformationReceivedContext.Skipped)
{
return ticket;
}
ticket = userInformationReceivedContext.AuthenticationTicket;
ticket = userInformationReceivedContext.Ticket;
user = userInformationReceivedContext.User;
Options.ProtocolValidator.ValidateUserInfoResponse(new OpenIdConnectProtocolValidationContext()
@ -954,7 +954,7 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
Code = message.Code,
ProtocolMessage = message,
RedirectUri = redirectUri,
AuthenticationTicket = ticket,
Ticket = ticket,
JwtSecurityToken = jwt
};
@ -996,7 +996,7 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
{
var authenticationValidatedContext = new AuthenticationValidatedContext(Context, Options, properties)
{
AuthenticationTicket = ticket,
Ticket = ticket,
ProtocolMessage = message,
TokenEndpointResponse = tokenEndpointResponse,
};
@ -1020,7 +1020,7 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
var userInformationReceivedContext = new UserInformationReceivedContext(Context, Options)
{
AuthenticationTicket = ticket,
Ticket = ticket,
ProtocolMessage = message,
User = user,
};

6
src/Microsoft.AspNet.Authentication/Events/BaseControlContext.cs
View File

@ -26,7 +26,7 @@ namespace Microsoft.AspNet.Authentication
/// <summary>
/// Discontinue all processing for this request and return to the client.
/// The caller is responsible for generating the full response.
/// Set the <see cref="AuthenticationTicket"/> to trigger SignIn.
/// Set the <see cref="Ticket"/> to trigger SignIn.
/// </summary>
public void HandleResponse()
{
@ -43,8 +43,8 @@ namespace Microsoft.AspNet.Authentication
}
/// <summary>
/// Gets or set the <see cref="AuthenticationTicket"/> to return if this event signals it handled the event.
/// Gets or set the <see cref="Ticket"/> to return if this event signals it handled the event.
/// </summary>
public AuthenticationTicket AuthenticationTicket { get; set; }
public AuthenticationTicket Ticket { get; set; }
}
}

2
src/Microsoft.AspNet.Authentication/Events/TicketReceivedContext.cs
View File

@ -16,7 +16,7 @@ namespace Microsoft.AspNet.Authentication
: base(context)
{
Options = options;
AuthenticationTicket = ticket;
Ticket = ticket;
if (ticket != null)
{
Principal = ticket.Principal;

4
test/Microsoft.AspNet.Authentication.Test/Google/GoogleMiddlewareTests.cs
View File

@ -531,7 +531,7 @@ namespace Microsoft.AspNet.Authentication.Google
OnCreatingTicket = context =>
{
var refreshToken = context.RefreshToken;
context.Principal.AddIdentity(new ClaimsIdentity(new Claim[] { new Claim("RefreshToken", refreshToken, ClaimValueTypes.String, "Google") }, "Google"));
context.Ticket.Principal.AddIdentity(new ClaimsIdentity(new Claim[] { new Claim("RefreshToken", refreshToken, ClaimValueTypes.String, "Google") }, "Google"));
return Task.FromResult(0);
}
};
@ -610,7 +610,7 @@ namespace Microsoft.AspNet.Authentication.Google
{
OnTicketReceived = context =>
{
context.AuthenticationTicket.Properties.RedirectUri = null;
context.Ticket.Properties.RedirectUri = null;
return Task.FromResult(0);
}
};

12
test/Microsoft.AspNet.Authentication.Test/JwtBearer/JwtBearerMiddlewareTests.cs
View File

@ -82,7 +82,7 @@ namespace Microsoft.AspNet.Authentication.JwtBearer
new Claim(ClaimsIdentity.DefaultNameClaimType, "bob")
};
context.AuthenticationTicket = new AuthenticationTicket(
context.Ticket = new AuthenticationTicket(
new ClaimsPrincipal(new ClaimsIdentity(claims, context.Options.AuthenticationScheme)),
new AuthenticationProperties(), context.Options.AuthenticationScheme);
@ -160,7 +160,7 @@ namespace Microsoft.AspNet.Authentication.JwtBearer
new Claim(ClaimsIdentity.DefaultNameClaimType, "bob")
};
context.AuthenticationTicket = new AuthenticationTicket(
context.Ticket = new AuthenticationTicket(
new ClaimsPrincipal(new ClaimsIdentity(claims, context.Options.AuthenticationScheme)),
new AuthenticationProperties(), context.Options.AuthenticationScheme);
@ -189,7 +189,7 @@ namespace Microsoft.AspNet.Authentication.JwtBearer
{
// Retrieve the NameIdentifier claim from the identity
// returned by the custom security token validator.
var identity = (ClaimsIdentity)context.AuthenticationTicket.Principal.Identity;
var identity = (ClaimsIdentity)context.Ticket.Principal.Identity;
var identifier = identity.FindFirst(ClaimTypes.NameIdentifier);
Assert.Equal("Bob le Tout Puissant", identifier.Value);
@ -236,7 +236,7 @@ namespace Microsoft.AspNet.Authentication.JwtBearer
new Claim(ClaimsIdentity.DefaultNameClaimType, "bob")
};
context.AuthenticationTicket = new AuthenticationTicket(
context.Ticket = new AuthenticationTicket(
new ClaimsPrincipal(new ClaimsIdentity(claims, context.Options.AuthenticationScheme)),
new AuthenticationProperties(), context.Options.AuthenticationScheme);
@ -268,7 +268,7 @@ namespace Microsoft.AspNet.Authentication.JwtBearer
new Claim(ClaimsIdentity.DefaultNameClaimType, "bob")
};
context.AuthenticationTicket = new AuthenticationTicket(
context.Ticket = new AuthenticationTicket(
new ClaimsPrincipal(new ClaimsIdentity(claims, context.Options.AuthenticationScheme)),
new AuthenticationProperties(), context.Options.AuthenticationScheme);
@ -299,7 +299,7 @@ namespace Microsoft.AspNet.Authentication.JwtBearer
new Claim(ClaimsIdentity.DefaultNameClaimType, "bob")
};
context.AuthenticationTicket = new AuthenticationTicket(
context.Ticket = new AuthenticationTicket(
new ClaimsPrincipal(new ClaimsIdentity(claims, context.Options.AuthenticationScheme)),
new AuthenticationProperties(), context.Options.AuthenticationScheme);

2
test/Microsoft.AspNet.Authentication.Test/MicrosoftAccount/MicrosoftAccountMiddlewareTests.cs
View File

@ -150,7 +150,7 @@ namespace Microsoft.AspNet.Authentication.Tests.MicrosoftAccount
OnCreatingTicket = context =>
{
var refreshToken = context.RefreshToken;
context.Principal.AddIdentity(new ClaimsIdentity(new Claim[] { new Claim("RefreshToken", refreshToken, ClaimValueTypes.String, "Microsoft") }, "Microsoft"));
context.Ticket.Principal.AddIdentity(new ClaimsIdentity(new Claim[] { new Claim("RefreshToken", refreshToken, ClaimValueTypes.String, "Microsoft") }, "Microsoft"));
return Task.FromResult<object>(null);
}
};