AutomaticAuthenticate = false for non ApplicationCookies
This commit is contained in:
parent
e7327fa729
commit
7a795da349
|
|
@ -36,6 +36,7 @@ namespace Microsoft.AspNetCore.Identity
|
||||||
|
|
||||||
ExternalCookie = new CookieAuthenticationOptions
|
ExternalCookie = new CookieAuthenticationOptions
|
||||||
{
|
{
|
||||||
|
AutomaticAuthenticate = false,
|
||||||
AuthenticationScheme = DefaultExternalScheme,
|
AuthenticationScheme = DefaultExternalScheme,
|
||||||
CookieName = DefaultExternalScheme,
|
CookieName = DefaultExternalScheme,
|
||||||
ExpireTimeSpan = TimeSpan.FromMinutes(5)
|
ExpireTimeSpan = TimeSpan.FromMinutes(5)
|
||||||
|
|
@ -43,17 +44,18 @@ namespace Microsoft.AspNetCore.Identity
|
||||||
|
|
||||||
TwoFactorRememberMeCookie = new CookieAuthenticationOptions
|
TwoFactorRememberMeCookie = new CookieAuthenticationOptions
|
||||||
{
|
{
|
||||||
|
AutomaticAuthenticate = false,
|
||||||
AuthenticationScheme = DefaultTwoFactorRememberMeScheme,
|
AuthenticationScheme = DefaultTwoFactorRememberMeScheme,
|
||||||
CookieName = DefaultTwoFactorRememberMeScheme
|
CookieName = DefaultTwoFactorRememberMeScheme
|
||||||
};
|
};
|
||||||
|
|
||||||
TwoFactorUserIdCookie = new CookieAuthenticationOptions
|
TwoFactorUserIdCookie = new CookieAuthenticationOptions
|
||||||
{
|
{
|
||||||
|
AutomaticAuthenticate = false,
|
||||||
AuthenticationScheme = DefaultTwoFactorUserIdScheme,
|
AuthenticationScheme = DefaultTwoFactorUserIdScheme,
|
||||||
CookieName = DefaultTwoFactorUserIdScheme,
|
CookieName = DefaultTwoFactorUserIdScheme,
|
||||||
ExpireTimeSpan = TimeSpan.FromMinutes(5)
|
ExpireTimeSpan = TimeSpan.FromMinutes(5)
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public CookieAuthenticationOptions ApplicationCookie { get; set; }
|
public CookieAuthenticationOptions ApplicationCookie { get; set; }
|
||||||
|
|
|
||||||
|
|
@ -365,6 +365,8 @@ namespace Microsoft.AspNetCore.Identity
|
||||||
{
|
{
|
||||||
await Context.Authentication.SignOutAsync(Options.Cookies.ExternalCookieAuthenticationScheme);
|
await Context.Authentication.SignOutAsync(Options.Cookies.ExternalCookieAuthenticationScheme);
|
||||||
}
|
}
|
||||||
|
// Cleanup two factor user id cookie
|
||||||
|
await Context.Authentication.SignOutAsync(Options.Cookies.TwoFactorUserIdCookieAuthenticationScheme);
|
||||||
if (rememberClient)
|
if (rememberClient)
|
||||||
{
|
{
|
||||||
await RememberTwoFactorClientAsync(user);
|
await RememberTwoFactorClientAsync(user);
|
||||||
|
|
|
||||||
|
|
@ -35,6 +35,11 @@ namespace Microsoft.AspNetCore.Identity.Test
|
||||||
Assert.Equal(ClaimTypes.Name, options.ClaimsIdentity.UserNameClaimType);
|
Assert.Equal(ClaimTypes.Name, options.ClaimsIdentity.UserNameClaimType);
|
||||||
Assert.Equal(ClaimTypes.NameIdentifier, options.ClaimsIdentity.UserIdClaimType);
|
Assert.Equal(ClaimTypes.NameIdentifier, options.ClaimsIdentity.UserIdClaimType);
|
||||||
Assert.Equal("AspNet.Identity.SecurityStamp", options.ClaimsIdentity.SecurityStampClaimType);
|
Assert.Equal("AspNet.Identity.SecurityStamp", options.ClaimsIdentity.SecurityStampClaimType);
|
||||||
|
|
||||||
|
Assert.True(options.Cookies.ApplicationCookie.AutomaticAuthenticate);
|
||||||
|
Assert.False(options.Cookies.ExternalCookie.AutomaticAuthenticate);
|
||||||
|
Assert.False(options.Cookies.TwoFactorRememberMeCookie.AutomaticAuthenticate);
|
||||||
|
Assert.False(options.Cookies.TwoFactorUserIdCookie.AutomaticAuthenticate);
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
|
|
|
||||||
|
|
@ -407,6 +407,7 @@ namespace Microsoft.AspNetCore.Identity.Test
|
||||||
// REVIEW: restore ability to test is persistent
|
// REVIEW: restore ability to test is persistent
|
||||||
//It.Is<AuthenticationProperties>(v => v.IsPersistent == isPersistent))).Verifiable();
|
//It.Is<AuthenticationProperties>(v => v.IsPersistent == isPersistent))).Verifiable();
|
||||||
auth.Setup(a => a.SignOutAsync(helper.Options.Cookies.ExternalCookieAuthenticationScheme)).Returns(Task.FromResult(0)).Verifiable();
|
auth.Setup(a => a.SignOutAsync(helper.Options.Cookies.ExternalCookieAuthenticationScheme)).Returns(Task.FromResult(0)).Verifiable();
|
||||||
|
auth.Setup(a => a.SignOutAsync(helper.Options.Cookies.TwoFactorUserIdCookieAuthenticationScheme)).Returns(Task.FromResult(0)).Verifiable();
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue