React to http challenge changes
This commit is contained in:
parent
5e03a6c1ad
commit
9ce84d39c2
|
|
@ -353,10 +353,10 @@ namespace Microsoft.AspNet.Authentication
|
||||||
|
|
||||||
public virtual void Challenge(IChallengeContext context)
|
public virtual void Challenge(IChallengeContext context)
|
||||||
{
|
{
|
||||||
if (ShouldHandleScheme(context.AuthenticationSchemes))
|
if (ShouldHandleScheme(context.AuthenticationScheme))
|
||||||
{
|
{
|
||||||
ChallengeContext = context;
|
ChallengeContext = context;
|
||||||
context.Accept(BaseOptions.AuthenticationScheme, BaseOptions.Description.Dictionary);
|
context.Accept();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (PriorHandler != null)
|
if (PriorHandler != null)
|
||||||
|
|
@ -367,14 +367,6 @@ namespace Microsoft.AspNet.Authentication
|
||||||
|
|
||||||
protected abstract void ApplyResponseChallenge();
|
protected abstract void ApplyResponseChallenge();
|
||||||
|
|
||||||
public virtual bool ShouldHandleScheme(IEnumerable<string> authenticationSchemes)
|
|
||||||
{
|
|
||||||
// If there are any schemes asked for, need to match, otherwise automatic authentication matches
|
|
||||||
return authenticationSchemes != null && authenticationSchemes.Any()
|
|
||||||
? authenticationSchemes.Contains(BaseOptions.AuthenticationScheme, StringComparer.Ordinal)
|
|
||||||
: BaseOptions.AutomaticAuthentication;
|
|
||||||
}
|
|
||||||
|
|
||||||
public virtual bool ShouldHandleScheme(string authenticationScheme)
|
public virtual bool ShouldHandleScheme(string authenticationScheme)
|
||||||
{
|
{
|
||||||
return string.Equals(BaseOptions.AuthenticationScheme, authenticationScheme, StringComparison.Ordinal) ||
|
return string.Equals(BaseOptions.AuthenticationScheme, authenticationScheme, StringComparison.Ordinal) ||
|
||||||
|
|
@ -388,7 +380,7 @@ namespace Microsoft.AspNet.Authentication
|
||||||
return Response.StatusCode == 401 &&
|
return Response.StatusCode == 401 &&
|
||||||
AuthenticateCalled &&
|
AuthenticateCalled &&
|
||||||
ChallengeContext != null &&
|
ChallengeContext != null &&
|
||||||
ShouldHandleScheme(ChallengeContext.AuthenticationSchemes);
|
ShouldHandleScheme(ChallengeContext.AuthenticationScheme);
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
|
|
|
||||||
|
|
@ -14,11 +14,11 @@ namespace Microsoft.AspNet.Authentication
|
||||||
{
|
{
|
||||||
var handler = new TestHandler("Alpha");
|
var handler = new TestHandler("Alpha");
|
||||||
|
|
||||||
bool passiveNoMatch = handler.ShouldHandleScheme(new[] { "Beta", "Gamma" });
|
bool passiveNoMatch = handler.ShouldHandleScheme("Beta");
|
||||||
|
|
||||||
handler = new TestHandler("Alpha");
|
handler = new TestHandler("Alpha");
|
||||||
|
|
||||||
bool passiveWithMatch = handler.ShouldHandleScheme(new[] { "Beta", "Alpha" });
|
bool passiveWithMatch = handler.ShouldHandleScheme("Alpha");
|
||||||
|
|
||||||
Assert.False(passiveNoMatch);
|
Assert.False(passiveNoMatch);
|
||||||
Assert.True(passiveWithMatch);
|
Assert.True(passiveWithMatch);
|
||||||
|
|
@ -28,28 +28,28 @@ namespace Microsoft.AspNet.Authentication
|
||||||
public void AutomaticHandlerInAutomaticModeHandlesEmptyChallenges()
|
public void AutomaticHandlerInAutomaticModeHandlesEmptyChallenges()
|
||||||
{
|
{
|
||||||
var handler = new TestAutoHandler("ignored", true);
|
var handler = new TestAutoHandler("ignored", true);
|
||||||
Assert.True(handler.ShouldHandleScheme(new string[0]));
|
Assert.True(handler.ShouldHandleScheme(""));
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public void AutomaticHandlerShouldHandleSchemeWhenSchemeMatches()
|
public void AutomaticHandlerShouldHandleSchemeWhenSchemeMatches()
|
||||||
{
|
{
|
||||||
var handler = new TestAutoHandler("Alpha", true);
|
var handler = new TestAutoHandler("Alpha", true);
|
||||||
Assert.True(handler.ShouldHandleScheme(new string[] { "Alpha" }));
|
Assert.True(handler.ShouldHandleScheme("Alpha"));
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public void AutomaticHandlerShouldNotHandleChallengeWhenSchemeDoesNotMatches()
|
public void AutomaticHandlerShouldNotHandleChallengeWhenSchemeDoesNotMatches()
|
||||||
{
|
{
|
||||||
var handler = new TestAutoHandler("Dog", true);
|
var handler = new TestAutoHandler("Dog", true);
|
||||||
Assert.False(handler.ShouldHandleScheme(new string[] { "Alpha" }));
|
Assert.False(handler.ShouldHandleScheme("Alpha"));
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public void AutomaticHandlerShouldNotHandleChallengeWhenSchemesNotEmpty()
|
public void AutomaticHandlerShouldNotHandleChallengeWhenSchemesNotEmpty()
|
||||||
{
|
{
|
||||||
var handler = new TestAutoHandler(null, true);
|
var handler = new TestAutoHandler(null, true);
|
||||||
Assert.False(handler.ShouldHandleScheme(new string[] { "Alpha" }));
|
Assert.False(handler.ShouldHandleScheme("Alpha"));
|
||||||
}
|
}
|
||||||
|
|
||||||
private class TestHandler : AuthenticationHandler<AuthenticationOptions>
|
private class TestHandler : AuthenticationHandler<AuthenticationOptions>
|
||||||
|
|
@ -110,6 +110,5 @@ namespace Microsoft.AspNet.Authentication
|
||||||
throw new NotImplementedException();
|
throw new NotImplementedException();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -347,40 +347,6 @@ namespace Microsoft.AspNet.Authorization.Test
|
||||||
Assert.True(allowed);
|
Assert.True(allowed);
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact(Skip = "Filtering TBD")]
|
|
||||||
public async Task Authorize_PolicyWillFilterAuthenticationScheme()
|
|
||||||
{
|
|
||||||
// Arrange
|
|
||||||
var policy = new AuthorizationPolicyBuilder("Bogus").RequireClaim(ClaimTypes.Name);
|
|
||||||
var authorizationService = BuildAuthorizationService();
|
|
||||||
var user = new ClaimsPrincipal(
|
|
||||||
new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, "Name") }, "AuthType")
|
|
||||||
);
|
|
||||||
|
|
||||||
// Act
|
|
||||||
var allowed = await authorizationService.AuthorizeAsync(user, null, policy.Build());
|
|
||||||
|
|
||||||
// Assert
|
|
||||||
Assert.False(allowed);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact(Skip = "Filtering TBD")]
|
|
||||||
public async Task Authorize_PolicyCanFilterMultipleAuthenticationScheme()
|
|
||||||
{
|
|
||||||
// Arrange
|
|
||||||
var policy = new AuthorizationPolicyBuilder("One", "Two").RequireClaim(ClaimTypes.Name, "one").RequireClaim(ClaimTypes.Name, "two");
|
|
||||||
var authorizationService = BuildAuthorizationService();
|
|
||||||
var user = new ClaimsPrincipal();
|
|
||||||
user.AddIdentity(new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, "one") }, "One"));
|
|
||||||
user.AddIdentity(new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, "two") }, "Two"));
|
|
||||||
|
|
||||||
// Act
|
|
||||||
var allowed = await authorizationService.AuthorizeAsync(user, null, policy.Build());
|
|
||||||
|
|
||||||
// Assert
|
|
||||||
Assert.True(allowed);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public async Task RolePolicyCanRequireSingleRole()
|
public async Task RolePolicyCanRequireSingleRole()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue