Reading AuthenticationProperties from SignOutContext

This will enable users to set a specific redirect uri and call signout.
This commit is contained in:
Praburaj 2015-03-06 17:22:49 -08:00
parent 08fdd7ad30
commit b7c8af8503
2 changed files with 26 additions and 8 deletions

View File

@ -8,10 +8,9 @@ using System.IO;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Authentication.Notifications;
using Microsoft.AspNet.Http; using Microsoft.AspNet.Http;
using Microsoft.AspNet.Http.Authentication; using Microsoft.AspNet.Http.Authentication;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.Notifications;
using Microsoft.Framework.Logging; using Microsoft.Framework.Logging;
using Microsoft.IdentityModel.Protocols; using Microsoft.IdentityModel.Protocols;
@ -77,8 +76,8 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
// Set End_Session_Endpoint in order: // Set End_Session_Endpoint in order:
// 1. properties.Redirect // 1. properties.Redirect
// 2. Options.Wreply // 2. Options.Wreply
AuthenticationProperties properties = new AuthenticationProperties(); var properties = new AuthenticationProperties(signout.Properties);
if (properties != null && !string.IsNullOrEmpty(properties.RedirectUri)) if (!string.IsNullOrEmpty(properties.RedirectUri))
{ {
openIdConnectMessage.PostLogoutRedirectUri = properties.RedirectUri; openIdConnectMessage.PostLogoutRedirectUri = properties.RedirectUri;
} }
@ -220,7 +219,7 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
} }
OpenIdConnectMessage openIdConnectMessage = null; OpenIdConnectMessage openIdConnectMessage = null;
// assumption: if the ContentType is "application/x-www-form-urlencoded" it should be safe to read as it is small. // assumption: if the ContentType is "application/x-www-form-urlencoded" it should be safe to read as it is small.
if (string.Equals(Request.Method, "POST", StringComparison.OrdinalIgnoreCase) if (string.Equals(Request.Method, "POST", StringComparison.OrdinalIgnoreCase)
&& !string.IsNullOrWhiteSpace(Request.ContentType) && !string.IsNullOrWhiteSpace(Request.ContentType)
@ -580,4 +579,4 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
return false; return false;
} }
} }
} }

View File

@ -125,7 +125,6 @@ namespace Microsoft.AspNet.Authentication.Tests.OpenIdConnect
[Fact] [Fact]
public async Task SignOutWithDefaultRedirectUri() public async Task SignOutWithDefaultRedirectUri()
{ {
ISecureDataFormat<AuthenticationProperties> stateFormat = new PropertiesDataFormat(new EphemeralDataProtectionProvider().CreateProtector("GoogleTest"));
var server = CreateServer(options => var server = CreateServer(options =>
{ {
options.Authority = "https://login.windows.net/common"; options.Authority = "https://login.windows.net/common";
@ -140,7 +139,6 @@ namespace Microsoft.AspNet.Authentication.Tests.OpenIdConnect
[Fact] [Fact]
public async Task SignOutWithCustomRedirectUri() public async Task SignOutWithCustomRedirectUri()
{ {
ISecureDataFormat<AuthenticationProperties> stateFormat = new PropertiesDataFormat(new EphemeralDataProtectionProvider().CreateProtector("GoogleTest"));
var server = CreateServer(options => var server = CreateServer(options =>
{ {
options.Authority = "https://login.windows.net/common"; options.Authority = "https://login.windows.net/common";
@ -153,6 +151,21 @@ namespace Microsoft.AspNet.Authentication.Tests.OpenIdConnect
transaction.Response.Headers.Location.AbsoluteUri.ShouldContain(Uri.EscapeDataString("https://example.com/logout")); transaction.Response.Headers.Location.AbsoluteUri.ShouldContain(Uri.EscapeDataString("https://example.com/logout"));
} }
[Fact]
public async Task SignOutWith_Specific_RedirectUri_From_Authentication_Properites()
{
var server = CreateServer(options =>
{
options.Authority = "https://login.windows.net/common";
options.ClientId = "Test Id";
options.PostLogoutRedirectUri = "https://example.com/logout";
});
var transaction = await SendAsync(server, "https://example.com/signout_with_specific_redirect_uri");
transaction.Response.StatusCode.ShouldBe(HttpStatusCode.Redirect);
transaction.Response.Headers.Location.AbsoluteUri.ShouldContain(Uri.EscapeDataString("http://www.example.com/specific_redirect_uri"));
}
[Fact] [Fact]
// Test Cases for calculating the expiration time of cookie from cookie name // Test Cases for calculating the expiration time of cookie from cookie name
public void NonceCookieExpirationTime() public void NonceCookieExpirationTime()
@ -212,6 +225,12 @@ namespace Microsoft.AspNet.Authentication.Tests.OpenIdConnect
{ {
res.SignOut(OpenIdConnectAuthenticationDefaults.AuthenticationScheme); res.SignOut(OpenIdConnectAuthenticationDefaults.AuthenticationScheme);
} }
else if (req.Path == new PathString("/signout_with_specific_redirect_uri"))
{
res.SignOut(
OpenIdConnectAuthenticationDefaults.AuthenticationScheme,
new AuthenticationProperties() { RedirectUri = "http://www.example.com/specific_redirect_uri" });
}
else if (handler != null) else if (handler != null)
{ {
await handler(context); await handler(context);