Cookies Forbid now includes ReturnUrl
This commit is contained in:
parent
238fdf24e8
commit
dc6e916bd4
|
|
@ -327,14 +327,13 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
|
|
||||||
protected override async Task<bool> HandleForbiddenAsync(ChallengeContext context)
|
protected override async Task<bool> HandleForbiddenAsync(ChallengeContext context)
|
||||||
{
|
{
|
||||||
var accessDeniedUri =
|
var returnUrl = new AuthenticationProperties(context.Properties).RedirectUri;
|
||||||
Request.Scheme +
|
if (string.IsNullOrEmpty(returnUrl))
|
||||||
"://" +
|
{
|
||||||
Request.Host +
|
returnUrl = OriginalPathBase + Request.Path + Request.QueryString;
|
||||||
OriginalPathBase +
|
}
|
||||||
Options.AccessDeniedPath;
|
var accessDeniedUri = Options.AccessDeniedPath + QueryString.Create(Options.ReturnUrlParameter, returnUrl);
|
||||||
|
var redirectContext = new CookieRedirectContext(Context, Options, BuildRedirectUri(accessDeniedUri));
|
||||||
var redirectContext = new CookieRedirectContext(Context, Options, accessDeniedUri);
|
|
||||||
await Options.Events.RedirectToAccessDenied(redirectContext);
|
await Options.Events.RedirectToAccessDenied(redirectContext);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -645,6 +645,7 @@ namespace Microsoft.AspNet.Authentication.Cookies
|
||||||
Assert.Equal(HttpStatusCode.Redirect, transaction2.Response.StatusCode);
|
Assert.Equal(HttpStatusCode.Redirect, transaction2.Response.StatusCode);
|
||||||
var location = transaction2.Response.Headers.Location;
|
var location = transaction2.Response.Headers.Location;
|
||||||
Assert.Equal("/Account/AccessDenied", location.LocalPath);
|
Assert.Equal("/Account/AccessDenied", location.LocalPath);
|
||||||
|
Assert.Equal("?ReturnUrl=%2Fchallenge", location.Query);
|
||||||
}
|
}
|
||||||
|
|
||||||
[Theory]
|
[Theory]
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue