From b474ef9b232b5c9604754eab104fdbed649ba1ed Mon Sep 17 00:00:00 2001
From: Ryan Nowak <nowakra@gmail.com>
Date: Wed, 10 Jun 2015 14:53:44 -0700
Subject: [PATCH] Add sample of using Antiforgery outside of MVC

---
 .gitignore                                    |  1 +
 Antiforgery.sln                               |  9 +++
 global.json                                   |  2 +-
 .../AntiforgerySample/AntiforgerySample.xproj | 19 ++++++
 .../FormPostSampleMiddleware.cs               | 67 +++++++++++++++++++
 samples/AntiforgerySample/Startup.cs          | 22 ++++++
 samples/AntiforgerySample/project.json        | 36 ++++++++++
 samples/AntiforgerySample/wwwroot/Index.html  | 10 +++
 samples/AntiforgerySample/wwwroot/favicon.ico |  1 +
 .../ServiceCollectionExtensions.cs            |  2 +
 src/Microsoft.AspNet.Antiforgery/project.json |  3 +-
 11 files changed, 170 insertions(+), 2 deletions(-)
 create mode 100644 samples/AntiforgerySample/AntiforgerySample.xproj
 create mode 100644 samples/AntiforgerySample/FormPostSampleMiddleware.cs
 create mode 100644 samples/AntiforgerySample/Startup.cs
 create mode 100644 samples/AntiforgerySample/project.json
 create mode 100644 samples/AntiforgerySample/wwwroot/Index.html
 create mode 100644 samples/AntiforgerySample/wwwroot/favicon.ico

diff --git a/.gitignore b/.gitignore
index c2e1708217..304382499d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,6 +7,7 @@ _ReSharper.*/
 packages/
 artifacts/
 PublishProfiles/
+.vs/
 *.user
 *.suo
 *.cache
diff --git a/Antiforgery.sln b/Antiforgery.sln
index b6b0239866..3074ae4f3d 100644
--- a/Antiforgery.sln
+++ b/Antiforgery.sln
@@ -11,6 +11,10 @@ Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "Microsoft.AspNet.Antiforger
 EndProject
 Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "Microsoft.AspNet.Antiforgery.Test", "test\Microsoft.AspNet.Antiforgery.Test\Microsoft.AspNet.Antiforgery.Test.xproj", "{415E83F8-6002-47E4-AA8E-CD5169C06F28}"
 EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "samples", "samples", "{D8C46ADF-E40A-4B48-ADE9-E1FA80466FE3}"
+EndProject
+Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "AntiforgerySample", "samples\AntiforgerySample\AntiforgerySample.xproj", "{AF9E0784-5EDB-494F-B46C-1A8DA785C49C}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -25,6 +29,10 @@ Global
 		{415E83F8-6002-47E4-AA8E-CD5169C06F28}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{415E83F8-6002-47E4-AA8E-CD5169C06F28}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{415E83F8-6002-47E4-AA8E-CD5169C06F28}.Release|Any CPU.Build.0 = Release|Any CPU
+		{AF9E0784-5EDB-494F-B46C-1A8DA785C49C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{AF9E0784-5EDB-494F-B46C-1A8DA785C49C}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{AF9E0784-5EDB-494F-B46C-1A8DA785C49C}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{AF9E0784-5EDB-494F-B46C-1A8DA785C49C}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -32,5 +40,6 @@ Global
 	GlobalSection(NestedProjects) = preSolution
 		{46FB03FB-7A44-4106-BDDE-D6F5417544AB} = {71D070C4-B325-48F7-9F25-DD4E91C2BBCA}
 		{415E83F8-6002-47E4-AA8E-CD5169C06F28} = {6EDD8B57-4DE8-4246-A6A3-47ECD92740B4}
+		{AF9E0784-5EDB-494F-B46C-1A8DA785C49C} = {D8C46ADF-E40A-4B48-ADE9-E1FA80466FE3}
 	EndGlobalSection
 EndGlobal
diff --git a/global.json b/global.json
index 983ba0401e..feb51cb71d 100644
--- a/global.json
+++ b/global.json
@@ -1,3 +1,3 @@
 {
-    "projects": ["src"]
+    "projects": ["src", "samples"]
 }
diff --git a/samples/AntiforgerySample/AntiforgerySample.xproj b/samples/AntiforgerySample/AntiforgerySample.xproj
new file mode 100644
index 0000000000..d6dbc6607b
--- /dev/null
+++ b/samples/AntiforgerySample/AntiforgerySample.xproj
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
+    <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+  </PropertyGroup>
+  <Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.Props" Condition="'$(VSToolsPath)' != ''" />
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>af9e0784-5edb-494f-b46c-1a8da785c49c</ProjectGuid>
+    <RootNamespace>AntiforgerySample</RootNamespace>
+    <BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">..\..\artifacts\obj\$(MSBuildProjectName)</BaseIntermediateOutputPath>
+    <OutputPath Condition="'$(OutputPath)'=='' ">..\..\artifacts\bin\$(MSBuildProjectName)\</OutputPath>
+  </PropertyGroup>
+  <PropertyGroup>
+    <SchemaVersion>2.0</SchemaVersion>
+    <DevelopmentServerPort>48542</DevelopmentServerPort>
+  </PropertyGroup>
+  <Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.targets" Condition="'$(VSToolsPath)' != ''" />
+</Project>
\ No newline at end of file
diff --git a/samples/AntiforgerySample/FormPostSampleMiddleware.cs b/samples/AntiforgerySample/FormPostSampleMiddleware.cs
new file mode 100644
index 0000000000..946513badd
--- /dev/null
+++ b/samples/AntiforgerySample/FormPostSampleMiddleware.cs
@@ -0,0 +1,67 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System.Threading.Tasks;
+using Microsoft.AspNet.Antiforgery;
+using Microsoft.AspNet.Builder;
+using Microsoft.AspNet.Http;
+using Microsoft.Framework.OptionsModel;
+
+namespace AntiforgerySample
+{
+    public class FormPostSampleMiddleware
+    {
+        private readonly Antiforgery _antiforgery;
+        private readonly AntiforgeryOptions _options;
+        private readonly RequestDelegate _next;
+
+        public FormPostSampleMiddleware(
+            RequestDelegate next,
+            Antiforgery antiforgery,
+            IOptions<AntiforgeryOptions> options)
+        {
+            _next = next;
+            _antiforgery = antiforgery;
+            _options = options.Options;
+        }
+
+        public async Task Invoke(HttpContext context)
+        {
+            if (context.Request.Method == "GET")
+            {
+                var page =
+@"<html>
+<body>
+<form action=""/"" method=""post"">
+<input type=""text"" name=""{0}"" value=""{1}""/>
+<input type=""submit"" />
+</form>
+</body>
+</html>";
+
+                var tokenSet = _antiforgery.GetTokens(context, oldCookieToken: null);
+                context.Response.Cookies.Delete(_options.CookieName);
+                context.Response.Cookies.Append(_options.CookieName, tokenSet.CookieToken);
+                await context.Response.WriteAsync(string.Format(page, _options.FormFieldName, tokenSet.FormToken));
+            }
+            else if (context.Request.Method == "POST")
+            {
+                // This will throw if invalid.
+                await _antiforgery.ValidateAsync(context);
+
+                var page =
+@"<html>
+<body>
+<h1>Everything is fine</h1>
+</form>
+</body>
+</html>";
+                await context.Response.WriteAsync(page);
+            }
+            else
+            {
+                await _next(context);
+            }
+        }
+    }
+}
diff --git a/samples/AntiforgerySample/Startup.cs b/samples/AntiforgerySample/Startup.cs
new file mode 100644
index 0000000000..dadb75b86f
--- /dev/null
+++ b/samples/AntiforgerySample/Startup.cs
@@ -0,0 +1,22 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using Microsoft.AspNet.Builder;
+using Microsoft.Framework.DependencyInjection;
+
+namespace AntiforgerySample
+{
+    public class Startup
+    {
+        public void ConfigureServices(IServiceCollection services)
+        {
+            services.AddAntiforgery();
+        }
+
+        public void Configure(IApplicationBuilder app)
+        {
+            app.UseStaticFiles();
+            app.UseMiddleware<FormPostSampleMiddleware>();
+        }
+    }
+}
diff --git a/samples/AntiforgerySample/project.json b/samples/AntiforgerySample/project.json
new file mode 100644
index 0000000000..34f061b15b
--- /dev/null
+++ b/samples/AntiforgerySample/project.json
@@ -0,0 +1,36 @@
+{
+    "webroot": "wwwroot",
+    "version": "1.0.0-*",
+
+    "dependencies": {
+        "Microsoft.AspNet.Antiforgery": "1.0.0-*",
+        "Microsoft.AspNet.Http.Extensions": "1.0.0-*",
+        "Microsoft.AspNet.Server.IIS": "1.0.0-*",
+        "Microsoft.AspNet.Server.Kestrel": "1.0.0-*",
+        "Microsoft.AspNet.Server.WebListener": "1.0.0-*",
+        "Microsoft.AspNet.StaticFiles": "1.0.0-*"
+    },
+
+    "commands": {
+        "kestrel": "Microsoft.AspNet.Hosting --server Microsoft.AspNet.Server.Kestrel --server.urls http://localhost:5000",
+        "web": "Microsoft.AspNet.Hosting --server Microsoft.AspNet.Server.WebListener --server.urls http://localhost:5000"
+    },
+
+    "frameworks": {
+        "dnx451": { },
+        "dnxcore50": { }
+    },
+
+    "publishExclude": [
+        "node_modules",
+        "bower_components",
+        "**.xproj",
+        "**.user",
+        "**.vspscc"
+    ],
+    "exclude": [
+        "wwwroot",
+        "node_modules",
+        "bower_components"
+    ]
+}
diff --git a/samples/AntiforgerySample/wwwroot/Index.html b/samples/AntiforgerySample/wwwroot/Index.html
new file mode 100644
index 0000000000..94edeefc78
--- /dev/null
+++ b/samples/AntiforgerySample/wwwroot/Index.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8" />
+    <title>Antiforgery Sample</title>
+</head>
+<body>
+    <h1>Hello, World!</h1>
+</body>
+</html>
\ No newline at end of file
diff --git a/samples/AntiforgerySample/wwwroot/favicon.ico b/samples/AntiforgerySample/wwwroot/favicon.ico
new file mode 100644
index 0000000000..5f282702bb
--- /dev/null
+++ b/samples/AntiforgerySample/wwwroot/favicon.ico
@@ -0,0 +1 @@
+
\ No newline at end of file
diff --git a/src/Microsoft.AspNet.Antiforgery/ServiceCollectionExtensions.cs b/src/Microsoft.AspNet.Antiforgery/ServiceCollectionExtensions.cs
index 59c278957b..22ad5f2202 100644
--- a/src/Microsoft.AspNet.Antiforgery/ServiceCollectionExtensions.cs
+++ b/src/Microsoft.AspNet.Antiforgery/ServiceCollectionExtensions.cs
@@ -12,9 +12,11 @@ namespace Microsoft.Framework.DependencyInjection
         public static IServiceCollection AddAntiforgery([NotNull] this IServiceCollection services)
         {
             services.AddDataProtection();
+            services.AddWebEncoders();
 
             services.TryAdd(ServiceDescriptor.Singleton<IClaimUidExtractor, DefaultClaimUidExtractor>());
             services.TryAdd(ServiceDescriptor.Singleton<Antiforgery, Antiforgery>());
+            services.TryAdd(ServiceDescriptor.Scoped<IAntiforgeryContextAccessor, AntiforgeryContextAccessor>());
             services.TryAdd(
                 ServiceDescriptor.Singleton<IAntiforgeryAdditionalDataProvider, DefaultAntiforgeryAdditionalDataProvider>());
             return services;
diff --git a/src/Microsoft.AspNet.Antiforgery/project.json b/src/Microsoft.AspNet.Antiforgery/project.json
index 565854b5df..d46ba0c895 100644
--- a/src/Microsoft.AspNet.Antiforgery/project.json
+++ b/src/Microsoft.AspNet.Antiforgery/project.json
@@ -7,7 +7,8 @@
         "Microsoft.AspNet.WebUtilities": "1.0.0-*",
         "Microsoft.Framework.DependencyInjection.Abstractions": "1.0.0-*",
         "Microsoft.Framework.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" },
-        "Microsoft.Framework.OptionsModel": "1.0.0-*"
+        "Microsoft.Framework.OptionsModel": "1.0.0-*",
+        "Microsoft.Framework.WebEncoders": "1.0.0-*"
     },
 
   "frameworks" : {