Add sample of using Antiforgery outside of MVC

2015-06-10 14:53:44 -07:00 · 2015-06-10 14:53:44 -07:00 · b474ef9b23
parent 355a2b0a78
commit b474ef9b23
11 changed files with 170 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@ -7,6 +7,7 @@ _ReSharper.*/
 packages/
 artifacts/
 PublishProfiles/
+.vs/
 *.user
 *.suo
 *.cache
--- a/Antiforgery.sln
+++ b/Antiforgery.sln
@ -11,6 +11,10 @@ Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "Microsoft.AspNet.Antiforger
 EndProject
 Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "Microsoft.AspNet.Antiforgery.Test", "test\Microsoft.AspNet.Antiforgery.Test\Microsoft.AspNet.Antiforgery.Test.xproj", "{415E83F8-6002-47E4-AA8E-CD5169C06F28}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "samples", "samples", "{D8C46ADF-E40A-4B48-ADE9-E1FA80466FE3}"
+EndProject
+Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "AntiforgerySample", "samples\AntiforgerySample\AntiforgerySample.xproj", "{AF9E0784-5EDB-494F-B46C-1A8DA785C49C}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@ -25,6 +29,10 @@ Global
 		{415E83F8-6002-47E4-AA8E-CD5169C06F28}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{415E83F8-6002-47E4-AA8E-CD5169C06F28}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{415E83F8-6002-47E4-AA8E-CD5169C06F28}.Release|Any CPU.Build.0 = Release|Any CPU
+		{AF9E0784-5EDB-494F-B46C-1A8DA785C49C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{AF9E0784-5EDB-494F-B46C-1A8DA785C49C}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{AF9E0784-5EDB-494F-B46C-1A8DA785C49C}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{AF9E0784-5EDB-494F-B46C-1A8DA785C49C}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@ -32,5 +40,6 @@ Global
 	GlobalSection(NestedProjects) = preSolution
 		{46FB03FB-7A44-4106-BDDE-D6F5417544AB} = {71D070C4-B325-48F7-9F25-DD4E91C2BBCA}
 		{415E83F8-6002-47E4-AA8E-CD5169C06F28} = {6EDD8B57-4DE8-4246-A6A3-47ECD92740B4}
+		{AF9E0784-5EDB-494F-B46C-1A8DA785C49C} = {D8C46ADF-E40A-4B48-ADE9-E1FA80466FE3}
 	EndGlobalSection
 EndGlobal
--- a/global.json
+++ b/global.json
@ -1,3 +1,3 @@
 {
-    "projects": ["src"]
+    "projects": ["src", "samples"]
 }
--- a/samples/AntiforgerySample/AntiforgerySample.xproj
+++ b/samples/AntiforgerySample/AntiforgerySample.xproj
@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
+    <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+  </PropertyGroup>
+  <Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.Props" Condition="'$(VSToolsPath)' != ''" />
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>af9e0784-5edb-494f-b46c-1a8da785c49c</ProjectGuid>
+    <RootNamespace>AntiforgerySample</RootNamespace>
+    <BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">..\..\artifacts\obj\$(MSBuildProjectName)</BaseIntermediateOutputPath>
+    <OutputPath Condition="'$(OutputPath)'=='' ">..\..\artifacts\bin\$(MSBuildProjectName)\</OutputPath>
+  </PropertyGroup>
+  <PropertyGroup>
+    <SchemaVersion>2.0</SchemaVersion>
+    <DevelopmentServerPort>48542</DevelopmentServerPort>
+  </PropertyGroup>
+  <Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.targets" Condition="'$(VSToolsPath)' != ''" />
+</Project>
--- a/samples/AntiforgerySample/FormPostSampleMiddleware.cs
+++ b/samples/AntiforgerySample/FormPostSampleMiddleware.cs
@ -0,0 +1,67 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System.Threading.Tasks;
+using Microsoft.AspNet.Antiforgery;
+using Microsoft.AspNet.Builder;
+using Microsoft.AspNet.Http;
+using Microsoft.Framework.OptionsModel;
+
+namespace AntiforgerySample
+{
+    public class FormPostSampleMiddleware
+    {
+        private readonly Antiforgery _antiforgery;
+        private readonly AntiforgeryOptions _options;
+        private readonly RequestDelegate _next;
+
+        public FormPostSampleMiddleware(
+            RequestDelegate next,
+            Antiforgery antiforgery,
+            IOptions<AntiforgeryOptions> options)
+        {
+            _next = next;
+            _antiforgery = antiforgery;
+            _options = options.Options;
+        }
+
+        public async Task Invoke(HttpContext context)
+        {
+            if (context.Request.Method == "GET")
+            {
+                var page =
+@"<html>
+<body>
+<form action=""/"" method=""post"">
+<input type=""text"" name=""{0}"" value=""{1}""/>
+<input type=""submit"" />
+</form>
+</body>
+</html>";
+
+                var tokenSet = _antiforgery.GetTokens(context, oldCookieToken: null);
+                context.Response.Cookies.Delete(_options.CookieName);
+                context.Response.Cookies.Append(_options.CookieName, tokenSet.CookieToken);
+                await context.Response.WriteAsync(string.Format(page, _options.FormFieldName, tokenSet.FormToken));
+            }
+            else if (context.Request.Method == "POST")
+            {
+                // This will throw if invalid.
+                await _antiforgery.ValidateAsync(context);
+
+                var page =
+@"<html>
+<body>
+<h1>Everything is fine</h1>
+</form>
+</body>
+</html>";
+                await context.Response.WriteAsync(page);
+            }
+            else
+            {
+                await _next(context);
+            }
+        }
+    }
+}
--- a/samples/AntiforgerySample/Startup.cs
+++ b/samples/AntiforgerySample/Startup.cs
@ -0,0 +1,22 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using Microsoft.AspNet.Builder;
+using Microsoft.Framework.DependencyInjection;
+
+namespace AntiforgerySample
+{
+    public class Startup
+    {
+        public void ConfigureServices(IServiceCollection services)
+        {
+            services.AddAntiforgery();
+        }
+
+        public void Configure(IApplicationBuilder app)
+        {
+            app.UseStaticFiles();
+            app.UseMiddleware<FormPostSampleMiddleware>();
+        }
+    }
+}
--- a/samples/AntiforgerySample/project.json
+++ b/samples/AntiforgerySample/project.json
@ -0,0 +1,36 @@
+{
+    "webroot": "wwwroot",
+    "version": "1.0.0-*",
+
+    "dependencies": {
+        "Microsoft.AspNet.Antiforgery": "1.0.0-*",
+        "Microsoft.AspNet.Http.Extensions": "1.0.0-*",
+        "Microsoft.AspNet.Server.IIS": "1.0.0-*",
+        "Microsoft.AspNet.Server.Kestrel": "1.0.0-*",
+        "Microsoft.AspNet.Server.WebListener": "1.0.0-*",
+        "Microsoft.AspNet.StaticFiles": "1.0.0-*"
+    },
+
+    "commands": {
+        "kestrel": "Microsoft.AspNet.Hosting --server Microsoft.AspNet.Server.Kestrel --server.urls http://localhost:5000",
+        "web": "Microsoft.AspNet.Hosting --server Microsoft.AspNet.Server.WebListener --server.urls http://localhost:5000"
+    },
+
+    "frameworks": {
+        "dnx451": { },
+        "dnxcore50": { }
+    },
+
+    "publishExclude": [
+        "node_modules",
+        "bower_components",
+        "**.xproj",
+        "**.user",
+        "**.vspscc"
+    ],
+    "exclude": [
+        "wwwroot",
+        "node_modules",
+        "bower_components"
+    ]
+}
--- a/samples/AntiforgerySample/wwwroot/Index.html
+++ b/samples/AntiforgerySample/wwwroot/Index.html
@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8" />
+    <title>Antiforgery Sample</title>
+</head>
+<body>
+    <h1>Hello, World!</h1>
+</body>
+</html>
--- a/samples/AntiforgerySample/wwwroot/favicon.ico
+++ b/samples/AntiforgerySample/wwwroot/favicon.ico
@ -0,0 +1 @@
+
--- a/src/Microsoft.AspNet.Antiforgery/ServiceCollectionExtensions.cs
+++ b/src/Microsoft.AspNet.Antiforgery/ServiceCollectionExtensions.cs
@ -12,9 +12,11 @@ namespace Microsoft.Framework.DependencyInjection
        public static IServiceCollection AddAntiforgery([NotNull] this IServiceCollection services)
        {
            services.AddDataProtection();
+            services.AddWebEncoders();

            services.TryAdd(ServiceDescriptor.Singleton<IClaimUidExtractor, DefaultClaimUidExtractor>());
            services.TryAdd(ServiceDescriptor.Singleton<Antiforgery, Antiforgery>());
+            services.TryAdd(ServiceDescriptor.Scoped<IAntiforgeryContextAccessor, AntiforgeryContextAccessor>());
            services.TryAdd(
                ServiceDescriptor.Singleton<IAntiforgeryAdditionalDataProvider, DefaultAntiforgeryAdditionalDataProvider>());
            return services;
--- a/src/Microsoft.AspNet.Antiforgery/project.json
+++ b/src/Microsoft.AspNet.Antiforgery/project.json
@ -7,7 +7,8 @@
        "Microsoft.AspNet.WebUtilities": "1.0.0-*",
        "Microsoft.Framework.DependencyInjection.Abstractions": "1.0.0-*",
        "Microsoft.Framework.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" },
-        "Microsoft.Framework.OptionsModel": "1.0.0-*"
+        "Microsoft.Framework.OptionsModel": "1.0.0-*",
+        "Microsoft.Framework.WebEncoders": "1.0.0-*"
    },

  "frameworks" : {