From b991e4b9c2c70f074031c12b54da11c33b9eaeeb Mon Sep 17 00:00:00 2001 From: Chris Ross Date: Tue, 27 Aug 2019 15:59:08 -0700 Subject: [PATCH] Fix AzureAd options validation (#13480) * Skip getting AzureAdOptions for not AzureADUi Cookies scheme #13311 (#13327) * Also check Azure Jwt options for #13311 --- .../src/AzureADCookieOptionsConfiguration.cs | 5 +++ .../AzureADJwtBearerOptionsConfiguration.cs | 5 +++ ...eADAuthenticationBuilderExtensionsTests.cs | 32 +++++++++++++++++++ 3 files changed, 42 insertions(+) diff --git a/src/Azure/AzureAD/Authentication.AzureAD.UI/src/AzureADCookieOptionsConfiguration.cs b/src/Azure/AzureAD/Authentication.AzureAD.UI/src/AzureADCookieOptionsConfiguration.cs index 7f4f87c8bd..6d0116921e 100644 --- a/src/Azure/AzureAD/Authentication.AzureAD.UI/src/AzureADCookieOptionsConfiguration.cs +++ b/src/Azure/AzureAD/Authentication.AzureAD.UI/src/AzureADCookieOptionsConfiguration.cs @@ -21,6 +21,11 @@ namespace Microsoft.AspNetCore.Authentication.AzureAD.UI public void Configure(string name, CookieAuthenticationOptions options) { var AzureADScheme = GetAzureADScheme(name); + if (AzureADScheme is null) + { + return; + } + var AzureADOptions = _AzureADOptions.Get(AzureADScheme); if (name != AzureADOptions.CookieSchemeName) { diff --git a/src/Azure/AzureAD/Authentication.AzureAD.UI/src/AzureADJwtBearerOptionsConfiguration.cs b/src/Azure/AzureAD/Authentication.AzureAD.UI/src/AzureADJwtBearerOptionsConfiguration.cs index fbf398888d..75337b2cc4 100644 --- a/src/Azure/AzureAD/Authentication.AzureAD.UI/src/AzureADJwtBearerOptionsConfiguration.cs +++ b/src/Azure/AzureAD/Authentication.AzureAD.UI/src/AzureADJwtBearerOptionsConfiguration.cs @@ -24,6 +24,11 @@ namespace Microsoft.AspNetCore.Authentication public void Configure(string name, JwtBearerOptions options) { var azureADScheme = GetAzureADScheme(name); + if (azureADScheme is null) + { + return; + } + var azureADOptions = _azureADOptions.Get(azureADScheme); if (name != azureADOptions.JwtBearerSchemeName) { diff --git a/src/Azure/AzureAD/Authentication.AzureAD.UI/test/AzureADAuthenticationBuilderExtensionsTests.cs b/src/Azure/AzureAD/Authentication.AzureAD.UI/test/AzureADAuthenticationBuilderExtensionsTests.cs index db937ca62e..07c0583c32 100644 --- a/src/Azure/AzureAD/Authentication.AzureAD.UI/test/AzureADAuthenticationBuilderExtensionsTests.cs +++ b/src/Azure/AzureAD/Authentication.AzureAD.UI/test/AzureADAuthenticationBuilderExtensionsTests.cs @@ -268,6 +268,22 @@ namespace Microsoft.AspNetCore.Authentication Assert.Contains(expectedMessage, exception.Failures); } + [Fact] + public void AddAzureAD_SkipsOptionsValidationForNonAzureCookies() + { + var services = new ServiceCollection(); + services.AddSingleton(new NullLoggerFactory()); + + services.AddAuthentication() + .AddAzureAD(o => { }) + .AddCookie("other"); + + var provider = services.BuildServiceProvider(); + var cookieAuthOptions = provider.GetService>(); + + Assert.NotNull(cookieAuthOptions.Get("other")); + } + [Fact] public void AddAzureADBearer_AddsAllAuthenticationHandlers() { @@ -453,5 +469,21 @@ namespace Microsoft.AspNetCore.Authentication Assert.Contains(expectedMessage, exception.Failures); } + + [Fact] + public void AddAzureADBearer_SkipsOptionsValidationForNonAzureCookies() + { + var services = new ServiceCollection(); + services.AddSingleton(new NullLoggerFactory()); + + services.AddAuthentication() + .AddAzureADBearer(o => { }) + .AddJwtBearer("other", o => { }); + + var provider = services.BuildServiceProvider(); + var jwtOptions = provider.GetService>(); + + Assert.NotNull(jwtOptions.Get("other")); + } } }