From c328e22699627d337dfa89fe20df6a93f455cb67 Mon Sep 17 00:00:00 2001
From: Chris R <Tratcher@outlook.com>
Date: Wed, 1 Mar 2017 16:08:42 -0800
Subject: [PATCH] #306 Consistently use WindowsPrincipal

---
 .../AuthenticationHandler.cs                                 | 5 +++--
 .../RequestProcessing/NativeRequestContext.cs                | 5 +++--
 .../RequestProcessing/Request.cs                             | 3 ++-
 .../RequestProcessing/RequestContext.cs                      | 3 ++-
 4 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/src/Microsoft.AspNetCore.Server.HttpSys/AuthenticationHandler.cs b/src/Microsoft.AspNetCore.Server.HttpSys/AuthenticationHandler.cs
index b47adc17d0..2daad5bb43 100644
--- a/src/Microsoft.AspNetCore.Server.HttpSys/AuthenticationHandler.cs
+++ b/src/Microsoft.AspNetCore.Server.HttpSys/AuthenticationHandler.cs
@@ -4,6 +4,7 @@
 using System;
 using System.Collections.Generic;
 using System.Security.Claims;
+using System.Security.Principal;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http.Features.Authentication;
 using Microsoft.Extensions.Internal;
@@ -25,7 +26,7 @@ namespace Microsoft.AspNetCore.Server.HttpSys
 
         public Task AuthenticateAsync(AuthenticateContext context)
         {
-            var identity = (ClaimsIdentity)_requestContext.User?.Identity;
+            var identity = _requestContext.User?.Identity;
 
             foreach (var authType in ListEnabledAuthSchemes())
             {
@@ -35,7 +36,7 @@ namespace Microsoft.AspNetCore.Server.HttpSys
                     if (identity != null && identity.IsAuthenticated
                         && string.Equals(authScheme, identity.AuthenticationType, StringComparison.Ordinal))
                     {
-                        context.Authenticated(new ClaimsPrincipal(identity), properties: null, description: GetDescription(authScheme));
+                        context.Authenticated(_requestContext.User, properties: null, description: null);
                     }
                     else
                     {
diff --git a/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/NativeRequestContext.cs b/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/NativeRequestContext.cs
index 9a26984742..a155b59363 100644
--- a/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/NativeRequestContext.cs
+++ b/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/NativeRequestContext.cs
@@ -212,7 +212,7 @@ namespace Microsoft.AspNetCore.Server.HttpSys
             return false;
         }
 
-        internal ClaimsPrincipal GetUser()
+        internal WindowsPrincipal GetUser()
         {
             var requestInfo = NativeRequestV2->pRequestInfo;
             var infoCount = NativeRequestV2->RequestInfoCount;
@@ -228,7 +228,8 @@ namespace Microsoft.AspNetCore.Server.HttpSys
                         GetAuthTypeFromRequest(info->pInfo->AuthType).ToString()));
                 }
             }
-            return new ClaimsPrincipal(new ClaimsIdentity()); // Anonymous / !IsAuthenticated
+
+            return new WindowsPrincipal(WindowsIdentity.GetAnonymous()); // Anonymous / !IsAuthenticated
         }
 
         private static AuthenticationSchemes GetAuthTypeFromRequest(HttpApi.HTTP_REQUEST_AUTH_TYPE input)
diff --git a/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/Request.cs b/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/Request.cs
index 06a57f89ba..d8a03d2cf9 100644
--- a/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/Request.cs
+++ b/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/Request.cs
@@ -7,6 +7,7 @@ using System.IO;
 using System.Net;
 using System.Security.Claims;
 using System.Security.Cryptography.X509Certificates;
+using System.Security.Principal;
 using System.Threading;
 using System.Threading.Tasks;
 
@@ -214,7 +215,7 @@ namespace Microsoft.AspNetCore.Server.HttpSys
         // HTTP.Sys allows you to upgrade anything to opaque unless content-length > 0 or chunked are specified.
         internal bool IsUpgradable => !HasEntityBody && ComNetOS.IsWin8orLater;
 
-        internal ClaimsPrincipal User { get; }
+        internal WindowsPrincipal User { get; }
 
         // Populates the client certificate.  The result may be null if there is no client cert.
         // TODO: Does it make sense for this to be invoked multiple times (e.g. renegotiate)? Client and server code appear to
diff --git a/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/RequestContext.cs b/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/RequestContext.cs
index 428bf2a18c..22b3ca6b13 100644
--- a/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/RequestContext.cs
+++ b/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/RequestContext.cs
@@ -6,6 +6,7 @@ using System.Diagnostics;
 using System.IO;
 using System.Security.Authentication.ExtendedProtection;
 using System.Security.Claims;
+using System.Security.Principal;
 using System.Threading;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http;
@@ -39,7 +40,7 @@ namespace Microsoft.AspNetCore.Server.HttpSys
 
         public Response Response { get; }
 
-        public ClaimsPrincipal User => Request.User;
+        public WindowsPrincipal User => Request.User;
 
         public CancellationToken DisconnectToken
         {