Merge branch 'release/2.1' into dev

2018-02-09 14:19:40 -08:00 · 2018-02-09 14:19:40 -08:00 · 8f005c7a58
parent 7a1f716fc0 025d366b83
commit 8f005c7a58
3 changed files with 35 additions and 8 deletions
--- a/src/Microsoft.DotNet.Web.ProjectTemplates/content/RazorPagesWeb-CSharp/Startup.cs
+++ b/src/Microsoft.DotNet.Web.ProjectTemplates/content/RazorPagesWeb-CSharp/Startup.cs
@ -18,6 +18,7 @@ using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Http;
 #endif
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.HttpsPolicy;
 using Microsoft.AspNetCore.Mvc;
 #if (OrganizationalAuth)
@ -54,6 +55,7 @@ namespace Company.WebApplication1
            {
                // This lambda determines whether user consent for non-essential cookies is needed for a given request.
                options.CheckConsentNeeded = context => true;
+                options.MinimumSameSitePolicy = SameSiteMode.None;
            });

 #if (IndividualLocalAuth)
--- a/src/Microsoft.DotNet.Web.ProjectTemplates/content/StarterWeb-CSharp/Controllers/AccountController.cs
+++ b/src/Microsoft.DotNet.Web.ProjectTemplates/content/StarterWeb-CSharp/Controllers/AccountController.cs
@ -21,7 +21,7 @@ namespace Company.WebApplication1.Controllers
        [HttpGet]
        public IActionResult SignIn()
        {
-            var redirectUrl = Url.Page("/Index");
+            var redirectUrl =  Url.Action(nameof(HomeController.Index), "Home");
            return Challenge(
                new AuthenticationProperties { RedirectUri = redirectUrl },
                OpenIdConnectDefaults.AuthenticationScheme
@ -31,12 +31,24 @@ namespace Company.WebApplication1.Controllers
        [HttpGet]
        public IActionResult SignOut()
        {
-            var callbackUrl = Url.Page("/Account/SignedOut", pageHandler: null, values: null, protocol: Request.Scheme);
+            var callbackUrl = Url.Action(nameof(SignedOut), "Account", values: null, protocol: Request.Scheme);
            return SignOut(
                new AuthenticationProperties { RedirectUri = callbackUrl },
                CookieAuthenticationDefaults.AuthenticationScheme, OpenIdConnectDefaults.AuthenticationScheme
            );
        }
+
+        [HttpGet]
+        public IActionResult SignedOut()
+        {
+            if (User.Identity.IsAuthenticated)
+            {
+                // Redirect to home page if the user is authenticated.
+                return RedirectToAction(nameof(HomeController.Index), "Home");
+            }
+
+            return View();
+        }
 #elseif (IndividualB2CAuth)
        private readonly AzureAdB2COptions _options;

@ -48,7 +60,7 @@ namespace Company.WebApplication1.Controllers
        [HttpGet]
        public IActionResult SignIn()
        {
-            var redirectUrl = Url.Page("/Index");
+            var redirectUrl =  Url.Action(nameof(HomeController.Index), "Home");
            return Challenge(
                new AuthenticationProperties { RedirectUri = redirectUrl },
                OpenIdConnectDefaults.AuthenticationScheme
@ -58,7 +70,7 @@ namespace Company.WebApplication1.Controllers
        [HttpGet]
        public IActionResult ResetPassword()
        {
-            var redirectUrl = Url.Page("/Index");
+            var redirectUrl =  Url.Action(nameof(HomeController.Index), "Home");
            var properties = new AuthenticationProperties { RedirectUri = redirectUrl };
            properties.Items[AzureAdB2COptions.PolicyAuthenticationProperty] = _options.ResetPasswordPolicyId;
            return Challenge(properties, OpenIdConnectDefaults.AuthenticationScheme);
@ -67,7 +79,7 @@ namespace Company.WebApplication1.Controllers
        [HttpGet]
        public IActionResult EditProfile()
        {
-            var redirectUrl = Url.Page("/Index");
+            var redirectUrl =  Url.Action(nameof(HomeController.Index), "Home");
            var properties = new AuthenticationProperties { RedirectUri = redirectUrl };
            properties.Items[AzureAdB2COptions.PolicyAuthenticationProperty] = _options.EditProfilePolicyId;
            return Challenge(properties, OpenIdConnectDefaults.AuthenticationScheme);
@ -76,12 +88,23 @@ namespace Company.WebApplication1.Controllers
        [HttpGet]
        public IActionResult SignOut()
        {
-            var callbackUrl = Url.Page("/Account/SignedOut", pageHandler: null, values: null, protocol: Request.Scheme);
+            var callbackUrl = Url.Action(nameof(SignedOut), "Account", values: null, protocol: Request.Scheme);
            return SignOut(
                new AuthenticationProperties { RedirectUri = callbackUrl },
                CookieAuthenticationDefaults.AuthenticationScheme,
-                OpenIdConnectDefaults.AuthenticationScheme
-            );
+                OpenIdConnectDefaults.AuthenticationScheme);
+        }
+
+         [HttpGet]
+        public IActionResult SignedOut()
+        {
+            if (User.Identity.IsAuthenticated)
+            {
+                // Redirect to home page if the user is authenticated.
+                return RedirectToAction(nameof(HomeController.Index), "Home");
+            }
+
+            return View();
        }
 #endif

--- a/src/Microsoft.DotNet.Web.ProjectTemplates/content/StarterWeb-CSharp/Startup.cs
+++ b/src/Microsoft.DotNet.Web.ProjectTemplates/content/StarterWeb-CSharp/Startup.cs
@ -12,6 +12,7 @@ using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Identity;
 #endif
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.HttpsPolicy;
 using Microsoft.AspNetCore.Mvc;
 #if (IndividualLocalAuth)
@ -74,6 +75,7 @@ namespace Company.WebApplication1
            {
                // This lambda determines whether user consent for non-essential cookies is needed for a given request.
                options.CheckConsentNeeded = context => true;
+                options.MinimumSameSitePolicy = SameSiteMode.None;
            });

            services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);