Update System.IdentityModel.Tokens.Jwt to 6.6 (#22846)

* Update System.IdentityModel.Tokens.Jwt to 6.6 * Update Versions.props * Add newtonsoft refs * Update OIDC instructions * Fixup JwtBearerSample TFM Co-authored-by: John Luo <johluo@microsoft.com>
2020-06-25 14:25:59 -07:00 · 2020-06-25 14:25:59 -07:00 · be0b9e48b5
parent a93ff60904
commit be0b9e48b5
6 changed files with 16 additions and 12 deletions
--- a/eng/Versions.props
+++ b/eng/Versions.props
@ -189,16 +189,16 @@
    <MicrosoftCodeAnalysisCSharpPackageVersion>3.4.0</MicrosoftCodeAnalysisCSharpPackageVersion>
    <MicrosoftCodeAnalysisCSharpWorkspacesPackageVersion>3.4.0</MicrosoftCodeAnalysisCSharpWorkspacesPackageVersion>
    <MicrosoftIdentityModelClientsActiveDirectoryPackageVersion>3.19.8</MicrosoftIdentityModelClientsActiveDirectoryPackageVersion>
-    <MicrosoftIdentityModelLoggingPackageVersion>5.5.0</MicrosoftIdentityModelLoggingPackageVersion>
-    <MicrosoftIdentityModelProtocolsOpenIdConnectPackageVersion>5.5.0</MicrosoftIdentityModelProtocolsOpenIdConnectPackageVersion>
-    <MicrosoftIdentityModelProtocolsWsFederationPackageVersion>5.5.0</MicrosoftIdentityModelProtocolsWsFederationPackageVersion>
+    <MicrosoftIdentityModelLoggingPackageVersion>6.6.0</MicrosoftIdentityModelLoggingPackageVersion>
+    <MicrosoftIdentityModelProtocolsOpenIdConnectPackageVersion>6.6.0</MicrosoftIdentityModelProtocolsOpenIdConnectPackageVersion>
+    <MicrosoftIdentityModelProtocolsWsFederationPackageVersion>6.6.0</MicrosoftIdentityModelProtocolsWsFederationPackageVersion>
    <MicrosoftInternalAspNetCoreH2SpecAllPackageVersion>2.2.1</MicrosoftInternalAspNetCoreH2SpecAllPackageVersion>
    <MicrosoftNETCoreWindowsApiSetsPackageVersion>1.0.1</MicrosoftNETCoreWindowsApiSetsPackageVersion>
    <MicrosoftOwinSecurityCookiesPackageVersion>3.0.1</MicrosoftOwinSecurityCookiesPackageVersion>
    <MicrosoftOwinTestingPackageVersion>3.0.1</MicrosoftOwinTestingPackageVersion>
    <MicrosoftWebAdministrationPackageVersion>11.1.0</MicrosoftWebAdministrationPackageVersion>
    <MicrosoftWebXdtPackageVersion>1.4.0</MicrosoftWebXdtPackageVersion>
-    <SystemIdentityModelTokensJwtPackageVersion>5.5.0</SystemIdentityModelTokensJwtPackageVersion>
+    <SystemIdentityModelTokensJwtPackageVersion>6.6.0</SystemIdentityModelTokensJwtPackageVersion>
    <!-- Packages from 2.1/2.2 branches used for site extension build -->
    <MicrosoftAspNetCoreAzureAppServicesSiteExtension21PackageVersion>2.1.1</MicrosoftAspNetCoreAzureAppServicesSiteExtension21PackageVersion>
    <MicrosoftAspNetCoreAzureAppServicesSiteExtension22PackageVersion>2.2.0</MicrosoftAspNetCoreAzureAppServicesSiteExtension22PackageVersion>
--- a/src/MusicStore/samples/MusicStore/MusicStore.csproj
+++ b/src/MusicStore/samples/MusicStore/MusicStore.csproj
@ -35,6 +35,7 @@
    <Reference Include="Microsoft.Extensions.Configuration.CommandLine" />
    <!-- Avoid CS1705 errors due to mix of assemblies brought in transitively. -->
    <Reference Include="Microsoft.Extensions.DependencyInjection.Abstractions" />
+    <Reference Include="Newtonsoft.Json" />
  </ItemGroup>

  <Target Name="VerifyPrecompiledViews" AfterTargets="Publish">
--- a/src/Security/Authentication/JwtBearer/samples/JwtBearerSample/JwtBearerSample.csproj
+++ b/src/Security/Authentication/JwtBearer/samples/JwtBearerSample/JwtBearerSample.csproj
@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">

  <PropertyGroup>
-    <TargetFrameworks>$(DefaultNetCoreTargetFramework)</TargetFrameworks>
+    <TargetFramework>$(DefaultNetCoreTargetFramework)</TargetFramework>
    <UserSecretsId>aspnet5-JwtBearerSample-20151210102827</UserSecretsId>
    <AspNetCoreHostingModel>OutOfProcess</AspNetCoreHostingModel>
 </PropertyGroup>
--- a/src/Security/Authentication/OpenIdConnect/samples/OpenIdConnectSample/OpenIdConnectSample.csproj
+++ b/src/Security/Authentication/OpenIdConnect/samples/OpenIdConnectSample/OpenIdConnectSample.csproj
@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">

  <PropertyGroup>
-    <TargetFrameworks>$(DefaultNetCoreTargetFramework)</TargetFrameworks>
+    <TargetFramework>$(DefaultNetCoreTargetFramework)</TargetFramework>
    <UserSecretsId>aspnet5-OpenIdConnectSample-20151210110318</UserSecretsId>
    <AspNetCoreHostingModel>OutOfProcess</AspNetCoreHostingModel>
  </PropertyGroup>
--- a/src/Security/Authentication/OpenIdConnect/samples/OpenIdConnectSample/Readme.md
+++ b/src/Security/Authentication/OpenIdConnect/samples/OpenIdConnectSample/Readme.md
@ -1,6 +1,6 @@
 # How to set up the sample locally

-The OpenIdConnect sample supports multilpe authentication providers. In these instruction, we will explore how to set up this sample with both Azure Active Directory and Google Identity Platform.
+The OpenIdConnect sample supports multiple authentication providers. In these instruction, we will explore how to set up this sample with both Azure Active Directory and Google Identity Platform.

 ## Determine your development environment and a few key variables

@ -14,19 +14,21 @@ If the application is run from command line or terminal, environment variable AS

 1. Set up a new Azure Active Directory (AAD) in your Azure Subscription.
 2. Open the newly created AAD in Azure web portal.
-3. Navigate to the Applications tab.
+3. Navigate to the App registrations tab.
 4. Add a new Application to the AAD. Set the "Sign-on URL" to sample application's URL.
-5. Naigate to the Application, and click the Configure tab.
+5. Navigate to the Application, and click the Configure tab.
 6. Find and save the "Client Id".
 7. Add a new key in the "Keys" section. Save value of the key, which is the "Client Secret".
 8. Click the "View Endpoints" on the drawer, a dialog will shows six endpoint URLs. Copy the "OAuth 2.0 Authorization Endpoint" to a text editor and remove the "/oauth2/authorize" from the string. The remaining part is the __authority URL__. It looks like `https://login.microsoftonline.com/<guid>`.
+9. Click the Authentication tab and check (i.e. enable) the ID tokens option under "Implicit grant".
+10. On the Authentication tab, ensure the "Redirect URIs" is set to `https://localhost:44318/signin-oidc` (i.e. the sample application's URI appended with "/signin-oidc")

-### Configure with Google Identity Platform 
+### Configure with Google Identity Platform

 1. Create a new project through [Google APIs](https://console.developers.google.com).
 2. In the sidebar choose "Credentials".
 3. Navigate to "OAuth consent screen" tab, fill in the project name and save.
-4. Navigate to "Credentials" tab. Click "Create credentials". Choose "OAuth client ID". 
+4. Navigate to "Credentials" tab. Click "Create credentials". Choose "OAuth client ID".
 5. Select "Web application" as the application type. Fill in the "Authorized redirect URIs" with `https://localhost:44318/signin-oidc`.
 6. Save the "Client ID" and "Client Secret" shown in the dialog.
 7. The "Authority URL" for Google Authentication is `https://accounts.google.com/`.
@ -41,4 +43,4 @@ dotnet user-secrets set oidc:clientid <Client Id>
 dotnet user-secrets set oidc:clientsecret <Client Secret>
 dotnet user-secrets set oidc:authority <Authority URL>
 ```
-
+3. Update the call to `AddOpenIdConnect()` in `ConfigureServices` to use the configuration values from user secrets.
--- a/src/SignalR/clients/ts/FunctionalTests/SignalR.Client.FunctionalTestApp.csproj
+++ b/src/SignalR/clients/ts/FunctionalTests/SignalR.Client.FunctionalTestApp.csproj
@ -34,6 +34,7 @@
    <Reference Include="Microsoft.AspNetCore.StaticFiles" />
    <Reference Include="Microsoft.Extensions.Logging.Console" />
    <Reference Include="Microsoft.Extensions.Logging.Debug" />
+    <Reference Include="Newtonsoft.Json" />
    <Reference Include="System.Reactive.Linq" />
    <!-- Avoid CS1705 errors due to mix of assemblies brought in transitively. -->
    <Reference Include="Microsoft.AspNetCore.SignalR.Common" />