#1044 Revert "Auth: Always call prior handlers during Challenge"
This reverts commit e12838e38f.
This commit is contained in:
parent
f00db3e66d
commit
da4730a392
|
|
@ -327,7 +327,6 @@ namespace Microsoft.AspNetCore.Authentication
|
||||||
/// Override this method to deal with a challenge that is forbidden.
|
/// Override this method to deal with a challenge that is forbidden.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="context"></param>
|
/// <param name="context"></param>
|
||||||
/// <returns>The returned boolean is ignored.</returns>
|
|
||||||
protected virtual Task<bool> HandleForbiddenAsync(ChallengeContext context)
|
protected virtual Task<bool> HandleForbiddenAsync(ChallengeContext context)
|
||||||
{
|
{
|
||||||
Response.StatusCode = 403;
|
Response.StatusCode = 403;
|
||||||
|
|
@ -340,7 +339,7 @@ namespace Microsoft.AspNetCore.Authentication
|
||||||
/// changing the 401 result to 302 of a login page or external sign-in location.)
|
/// changing the 401 result to 302 of a login page or external sign-in location.)
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="context"></param>
|
/// <param name="context"></param>
|
||||||
/// <returns>The returned boolean is no longer used.</returns>
|
/// <returns>True if no other handlers should be called</returns>
|
||||||
protected virtual Task<bool> HandleUnauthorizedAsync(ChallengeContext context)
|
protected virtual Task<bool> HandleUnauthorizedAsync(ChallengeContext context)
|
||||||
{
|
{
|
||||||
Response.StatusCode = 401;
|
Response.StatusCode = 401;
|
||||||
|
|
@ -350,6 +349,7 @@ namespace Microsoft.AspNetCore.Authentication
|
||||||
public async Task ChallengeAsync(ChallengeContext context)
|
public async Task ChallengeAsync(ChallengeContext context)
|
||||||
{
|
{
|
||||||
ChallengeCalled = true;
|
ChallengeCalled = true;
|
||||||
|
var handled = false;
|
||||||
if (ShouldHandleScheme(context.AuthenticationScheme, Options.AutomaticChallenge))
|
if (ShouldHandleScheme(context.AuthenticationScheme, Options.AutomaticChallenge))
|
||||||
{
|
{
|
||||||
switch (context.Behavior)
|
switch (context.Behavior)
|
||||||
|
|
@ -363,18 +363,18 @@ namespace Microsoft.AspNetCore.Authentication
|
||||||
}
|
}
|
||||||
goto case ChallengeBehavior.Unauthorized;
|
goto case ChallengeBehavior.Unauthorized;
|
||||||
case ChallengeBehavior.Unauthorized:
|
case ChallengeBehavior.Unauthorized:
|
||||||
await HandleUnauthorizedAsync(context);
|
handled = await HandleUnauthorizedAsync(context);
|
||||||
Logger.AuthenticationSchemeChallenged(Options.AuthenticationScheme);
|
Logger.AuthenticationSchemeChallenged(Options.AuthenticationScheme);
|
||||||
break;
|
break;
|
||||||
case ChallengeBehavior.Forbidden:
|
case ChallengeBehavior.Forbidden:
|
||||||
await HandleForbiddenAsync(context);
|
handled = await HandleForbiddenAsync(context);
|
||||||
Logger.AuthenticationSchemeForbidden(Options.AuthenticationScheme);
|
Logger.AuthenticationSchemeForbidden(Options.AuthenticationScheme);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
context.Accept();
|
context.Accept();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (PriorHandler != null)
|
if (!handled && PriorHandler != null)
|
||||||
{
|
{
|
||||||
await PriorHandler.ChallengeAsync(context);
|
await PriorHandler.ChallengeAsync(context);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -75,16 +75,17 @@ namespace Microsoft.AspNetCore.Authentication
|
||||||
Assert.Equal(1, handler.AuthCount);
|
Assert.Equal(1, handler.AuthCount);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Prior to https://github.com/aspnet/Security/issues/930 we wouldn't call prior if handled
|
[Theory]
|
||||||
[Fact]
|
[InlineData("Alpha", false)]
|
||||||
public async Task AuthHandlerChallengeAlwaysCallsPriorHandler()
|
[InlineData("Bravo", true)]
|
||||||
|
public async Task AuthHandlerChallengeCallsPriorHandlerIfNotHandled(string challenge, bool passedThrough)
|
||||||
{
|
{
|
||||||
var handler = await TestHandler.Create("Alpha");
|
var handler = await TestHandler.Create("Alpha");
|
||||||
var previous = new PreviousHandler();
|
var previous = new PreviousHandler();
|
||||||
|
|
||||||
handler.PriorHandler = previous;
|
handler.PriorHandler = previous;
|
||||||
await handler.ChallengeAsync(new ChallengeContext("Alpha"));
|
await handler.ChallengeAsync(new ChallengeContext(challenge));
|
||||||
Assert.True(previous.ChallengeCalled);
|
Assert.Equal(passedThrough, previous.ChallengeCalled);
|
||||||
}
|
}
|
||||||
|
|
||||||
private class PreviousHandler : IAuthenticationHandler
|
private class PreviousHandler : IAuthenticationHandler
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue