--no-https option for RazorPagesWeb-CSharp template (#362)

src/Microsoft.DotNet.Web.ProjectTemplates/RazorPagesWeb-CSharp.csproj.in

@@ -29,7 +29,7 @@
     <PackageReference Include="Microsoft.AspNetCore.Authentication.Cookies" Version="${MicrosoftAspNetCoreAuthenticationCookiesPackageVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
     <PackageReference Include="Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore" Version="${MicrosoftAspNetCoreDiagnosticsEntityFrameworkCorePackageVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
     <PackageReference Include="Microsoft.AspNetCore.CookiePolicy" Version="${MicrosoftAspNetCoreCookiePolicyPackageVersion}" />
-    <PackageReference Include="Microsoft.AspNetCore.HttpsPolicy" Version="${MicrosoftAspNetCoreHttpsPolicyPackageVersion}" />
+    <PackageReference Include="Microsoft.AspNetCore.HttpsPolicy" Version="${MicrosoftAspNetCoreHttpsPolicyPackageVersion}" Condition="'$(RequiresHttps)' == 'True'"/>
     <PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="${MicrosoftAspNetCoreIdentityEntityFrameworkCorePackageVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
     <PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="${MicrosoftAspNetCoreIdentityEntityFrameworkCorePackageVersion}" Condition="'$(IndividualLocalAuth)' == 'True'" />
     <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="${MicrosoftAspNetCoreMvcPackageVersion}" />

src/Microsoft.DotNet.Web.ProjectTemplates/content/RazorPagesWeb-CSharp/.template.config/dotnetcli.host.json

@@ -72,6 +72,10 @@
     "UseBrowserLink": {
       "longName": "use-browserlink",
       "shortName": ""
+    },
+    "NoHttps": {
+      "longName": "no-https",
+      "shortName": ""
     }
   },
   "usageExamples": [

src/Microsoft.DotNet.Web.ProjectTemplates/content/RazorPagesWeb-CSharp/.template.config/template.json

@@ -246,7 +246,7 @@
     "HttpsPort": {
       "type": "parameter",
       "datatype": "integer",
-      "description": "Port number to use for the HTTPS endpoint in launchSettings.json."
+      "description": "Port number to use for the HTTPS endpoint in launchSettings.json. This option is only applicable when the parameter no-https is not used (no-https will be ignored if either IndividualAuth or OrganizationalAuth is used)."
     },
     "HttpsPortGenerated": {
       "type": "generated",
@@ -299,7 +299,13 @@
     },
     "RequiresHttps": {
       "type": "computed",
-      "value": "(OrganizationalAuth || IndividualAuth)"
+      "value": "(OrganizationalAuth || IndividualAuth || !NoHttps)"
+    },
+    "NoHttps": {
+      "type": "parameter",
+      "datatype": "bool",
+      "defaultValue": "false",
+      "description": "Whether to turn off HTTPS. This option only applies if IndividualAuth or OrganizationalAuth are not being used."
     },
     "UseLocalDB": {
       "type": "parameter",

src/Microsoft.DotNet.Web.ProjectTemplates/content/RazorPagesWeb-CSharp/.template.config/vs-2017.3.host.json

@@ -22,7 +22,8 @@
   "supportedAuthentications": [
     {
       "auth": "None",
-      "authenticationType": "NoAuth"
+      "authenticationType": "NoAuth",
+      "allowUnsecured": true
     },
     {
       "auth": "Individual",
@@ -61,5 +62,6 @@
   ],
   "excludeLaunchSettings": false,
   "azureReplyUrlPortName": "HttpsPort",
-  "minFullFrameworkVersion": "4.6.1"
+  "minFullFrameworkVersion": "4.6.1",
+  "disableHttpsSymbol": "NoHttps"
 }

src/Microsoft.DotNet.Web.ProjectTemplates/content/RazorPagesWeb-CSharp/Properties/launchSettings.json

@@ -18,7 +18,11 @@
     "Company.WebApplication1": {
       "commandName": "Project",
       "launchBrowser": true,
+      //#if(RequiresHttps)
       "applicationUrl": "https://localhost:5001;http://localhost:5000",
+      //#else
+      "applicationUrl": "http://localhost:5000",
+      //#endif
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       }

src/Microsoft.DotNet.Web.ProjectTemplates/content/RazorPagesWeb-CSharp/Startup.cs

@@ -21,7 +21,9 @@ using Microsoft.AspNetCore.Identity;
 #endif
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.Http;
+#if (RequiresHttps)
 using Microsoft.AspNetCore.HttpsPolicy;
+#endif
 using Microsoft.AspNetCore.Mvc;
 #if (OrganizationalAuth)
 using Microsoft.AspNetCore.Mvc.Authorization;
@@ -144,10 +146,15 @@ namespace Company.WebApplication1
             else
             {
                 app.UseExceptionHandler("/Error");
+#if (RequiresHttps)
                 app.UseHsts();
             }
 
             app.UseHttpsRedirection();
+#else
+            }
+
+#endif
             app.UseStaticFiles();
             app.UseCookiePolicy();
 

test/Templates.Test/Helpers/TemplateTestBase.cs

@@ -48,7 +48,7 @@ namespace Templates.Test
             throw new NotImplementedException();
         }
 
-        protected void RunDotNetNew(string templateName, string targetFrameworkOverride, string auth = null, string language = null, bool useLocalDB = false)
+        protected void RunDotNetNew(string templateName, string targetFrameworkOverride, string auth = null, string language = null, bool useLocalDB = false, bool noHttps = false)
         {
             var args = $"new {templateName}";
 
@@ -72,6 +72,11 @@ namespace Templates.Test
                 args += $" -uld";
             }
 
+            if (noHttps)
+            {
+                args += $" --no-https";
+            }
+
             // Only run one instance of 'dotnet new' at once, as a workaround for
             // https://github.com/aspnet/templating/issues/63
             lock (DotNetNewLock)

test/Templates.Test/RazorPagesTemplateTest.cs

@@ -14,18 +14,22 @@ namespace Templates.Test
         }
 
         [ConditionalFact]
-        [OSSkipCondition(OperatingSystems.Linux)]
-        [OSSkipCondition(OperatingSystems.MacOSX)]
+        [OSSkipCondition(OperatingSystems.Linux | OperatingSystems.MacOSX)]
         public void RazorPagesTemplate_NoAuth_Works_NetFramework()
             => RazorPagesTemplate_NoAuthImpl("net461");
 
+        [ConditionalFact]
+        [OSSkipCondition(OperatingSystems.Linux | OperatingSystems.MacOSX)]
+        public void RazorPagesTemplate_NoAuth_NoHttps_Works_NetFramework()
+            => RazorPagesTemplate_NoAuthImpl("net471", true);
+
         [Fact]
         public void RazorPagesTemplate_NoAuth_Works_NetCore()
             => RazorPagesTemplate_NoAuthImpl(null);
 
-        private void RazorPagesTemplate_NoAuthImpl(string targetFrameworkOverride)
+        private void RazorPagesTemplate_NoAuthImpl(string targetFrameworkOverride, bool noHttps = false)
         {
-            RunDotNetNew("razor", targetFrameworkOverride);
+            RunDotNetNew("razor", targetFrameworkOverride, noHttps: noHttps);
 
             AssertFileExists("Pages/Shared/_LoginPartial.cshtml", false);
 
@@ -36,6 +40,18 @@ namespace Templates.Test
             Assert.DoesNotContain("Microsoft.EntityFrameworkCore.Tools.DotNet", projectFileContents);
             Assert.DoesNotContain("Microsoft.Extensions.SecretManager.Tools", projectFileContents);
 
+            if (targetFrameworkOverride != null)
+            {
+                if (noHttps)
+                {
+                    Assert.DoesNotContain("Microsoft.AspNetCore.HttpsPolicy", projectFileContents);
+                }
+                else
+                {
+                    Assert.Contains("Microsoft.AspNetCore.HttpsPolicy", projectFileContents);
+                }
+            }
+
             foreach (var publish in new[] { false, true })
             {
                 using (var aspNetProcess = StartAspNetProcess(targetFrameworkOverride, publish))
@@ -48,11 +64,15 @@ namespace Templates.Test
         }
 
         [ConditionalFact(Skip = "https://github.com/aspnet/templating/issues/378")]
-        [OSSkipCondition(OperatingSystems.Linux)]
-        [OSSkipCondition(OperatingSystems.MacOSX)]
+        [OSSkipCondition(OperatingSystems.Linux | OperatingSystems.MacOSX)]
         public void RazorPagesTemplate_IndividualAuth_Works_NetFramework()
             => RazorPagesTemplate_IndividualAuthImpl("net461");
 
+        [ConditionalFact(Skip = "https://github.com/aspnet/templating/issues/378")]
+        [OSSkipCondition(OperatingSystems.Linux | OperatingSystems.MacOSX)]
+        public void RazorPagesTemplate_WithIndividualAuth_NoHttpsSetToTrue_UsesHttps_NetFramework()
+            => RazorPagesTemplate_IndividualAuthImpl("net471", false, true);
+
         [Fact(Skip = "https://github.com/aspnet/templating/issues/378")]
         public void RazorPagesTemplate_IndividualAuth_Works_NetCore()
             => RazorPagesTemplate_IndividualAuthImpl(null);
@@ -61,7 +81,7 @@ namespace Templates.Test
         public void RazorPagesTemplate_IndividualAuth_UsingLocalDB_Works_NetCore()
             => RazorPagesTemplate_IndividualAuthImpl(null, true);
 
-        private void RazorPagesTemplate_IndividualAuthImpl(string targetFrameworkOverride, bool useLocalDB = false)
+        private void RazorPagesTemplate_IndividualAuthImpl(string targetFrameworkOverride, bool useLocalDB = false, bool noHttps = false)
         {
             RunDotNetNew("razor", targetFrameworkOverride, auth: "Individual", useLocalDB: useLocalDB);
 
@@ -74,6 +94,11 @@ namespace Templates.Test
             }
             Assert.Contains("Microsoft.VisualStudio.Web.CodeGeneration.Design", projectFileContents);
 
+            if (targetFrameworkOverride != null)
+            {
+                Assert.Contains("Microsoft.AspNetCore.HttpsPolicy", projectFileContents);
+            }
+
             RunDotNetEfCreateMigration("razorpages");
 
             AssertEmptyMigration("razorpages");