diff --git a/src/Microsoft.AspNet.Http.Core/Security/AuthenticateContext.cs b/src/Microsoft.AspNet.Http.Core/Authentication/AuthenticateContext.cs similarity index 50% rename from src/Microsoft.AspNet.Http.Core/Security/AuthenticateContext.cs rename to src/Microsoft.AspNet.Http.Core/Authentication/AuthenticateContext.cs index 95dd14a8d2..938722725e 100644 --- a/src/Microsoft.AspNet.Http.Core/Security/AuthenticateContext.cs +++ b/src/Microsoft.AspNet.Http.Core/Authentication/AuthenticateContext.cs @@ -1,30 +1,26 @@ // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. -using System; using System.Collections.Generic; -using System.Linq; using System.Security.Claims; -using System.Text; -using System.Threading.Tasks; -using Microsoft.AspNet.Http.Security; -using Microsoft.AspNet.Http.Interfaces.Security; +using Microsoft.AspNet.Http.Interfaces.Authentication; +using Microsoft.AspNet.Http.Authentication; -namespace Microsoft.AspNet.Http.Core.Security +namespace Microsoft.AspNet.Http.Core.Authentication { public class AuthenticateContext : IAuthenticateContext { private List _results; private List _accepted; - public AuthenticateContext([NotNull] IEnumerable authenticationTypes) + public AuthenticateContext([NotNull] IEnumerable authenticationSchemes) { - AuthenticationTypes = authenticationTypes; + AuthenticationSchemes = authenticationSchemes; _results = new List(); _accepted = new List(); } - public IEnumerable AuthenticationTypes { get; private set; } + public IEnumerable AuthenticationSchemes { get; private set; } public IEnumerable Results { @@ -36,16 +32,16 @@ namespace Microsoft.AspNet.Http.Core.Security get { return _accepted; } } - public void Authenticated(ClaimsIdentity identity, IDictionary properties, IDictionary description) + public void Authenticated(ClaimsPrincipal principal, IDictionary properties, IDictionary description) { var descrip = new AuthenticationDescription(description); - _accepted.Add(descrip.AuthenticationType); // may not match identity.AuthType - _results.Add(new AuthenticationResult(identity, new AuthenticationProperties(properties), descrip)); + _accepted.Add(descrip.AuthenticationScheme); // may not match identity.AuthType + _results.Add(new AuthenticationResult(principal, new AuthenticationProperties(properties), descrip)); } - public void NotAuthenticated(string authenticationType, IDictionary properties, IDictionary description) + public void NotAuthenticated(string authenticationScheme, IDictionary properties, IDictionary description) { - _accepted.Add(authenticationType); + _accepted.Add(authenticationScheme); } } } diff --git a/src/Microsoft.AspNet.Http.Core/Security/ChallengeContext.cs b/src/Microsoft.AspNet.Http.Core/Authentication/ChallengeContext.cs similarity index 72% rename from src/Microsoft.AspNet.Http.Core/Security/ChallengeContext.cs rename to src/Microsoft.AspNet.Http.Core/Authentication/ChallengeContext.cs index aa9a424fc4..db2efec1af 100644 --- a/src/Microsoft.AspNet.Http.Core/Security/ChallengeContext.cs +++ b/src/Microsoft.AspNet.Http.Core/Authentication/ChallengeContext.cs @@ -3,25 +3,22 @@ using System; using System.Collections.Generic; -using System.Linq; -using System.Text; -using System.Threading.Tasks; -using Microsoft.AspNet.Http.Interfaces.Security; +using Microsoft.AspNet.Http.Interfaces.Authentication; -namespace Microsoft.AspNet.Http.Core.Security +namespace Microsoft.AspNet.Http.Core.Authentication { public class ChallengeContext : IChallengeContext { private List _accepted; - public ChallengeContext([NotNull] IEnumerable authenticationTypes, IDictionary properties) + public ChallengeContext([NotNull] IEnumerable authenticationSchemes, IDictionary properties) { - AuthenticationTypes = authenticationTypes; + AuthenticationSchemes = authenticationSchemes; Properties = properties ?? new Dictionary(StringComparer.Ordinal); _accepted = new List(); } - public IEnumerable AuthenticationTypes { get; private set; } + public IEnumerable AuthenticationSchemes { get; private set; } public IDictionary Properties { get; private set; } diff --git a/src/Microsoft.AspNet.Http.Core/Security/AuthTypeContext.cs b/src/Microsoft.AspNet.Http.Core/Authentication/DescribeSchemesContext.cs similarity index 72% rename from src/Microsoft.AspNet.Http.Core/Security/AuthTypeContext.cs rename to src/Microsoft.AspNet.Http.Core/Authentication/DescribeSchemesContext.cs index df792fc74f..419d4d930f 100644 --- a/src/Microsoft.AspNet.Http.Core/Security/AuthTypeContext.cs +++ b/src/Microsoft.AspNet.Http.Core/Authentication/DescribeSchemesContext.cs @@ -1,18 +1,17 @@ // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. -using System; using System.Collections.Generic; -using Microsoft.AspNet.Http.Security; -using Microsoft.AspNet.Http.Interfaces.Security; +using Microsoft.AspNet.Http.Authentication; +using Microsoft.AspNet.Http.Interfaces.Authentication; -namespace Microsoft.AspNet.Http.Core.Security +namespace Microsoft.AspNet.Http.Core.Authentication { - public class AuthTypeContext : IAuthTypeContext + public class DescribeSchemesContext : IDescribeSchemesContext { private List _results; - public AuthTypeContext() + public DescribeSchemesContext() { _results = new List(); } diff --git a/src/Microsoft.AspNet.Http.Core/Security/HttpAuthenticationFeature.cs b/src/Microsoft.AspNet.Http.Core/Authentication/HttpAuthenticationFeature.cs similarity index 83% rename from src/Microsoft.AspNet.Http.Core/Security/HttpAuthenticationFeature.cs rename to src/Microsoft.AspNet.Http.Core/Authentication/HttpAuthenticationFeature.cs index f0989c420c..4c3071e7b9 100644 --- a/src/Microsoft.AspNet.Http.Core/Security/HttpAuthenticationFeature.cs +++ b/src/Microsoft.AspNet.Http.Core/Authentication/HttpAuthenticationFeature.cs @@ -2,9 +2,9 @@ // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. using System.Security.Claims; -using Microsoft.AspNet.Http.Interfaces.Security; +using Microsoft.AspNet.Http.Interfaces.Authentication; -namespace Microsoft.AspNet.Http.Core.Security +namespace Microsoft.AspNet.Http.Core.Authentication { public class HttpAuthenticationFeature : IHttpAuthenticationFeature { diff --git a/src/Microsoft.AspNet.Http.Core/Authentication/SignInContext.cs b/src/Microsoft.AspNet.Http.Core/Authentication/SignInContext.cs new file mode 100644 index 0000000000..1738456e03 --- /dev/null +++ b/src/Microsoft.AspNet.Http.Core/Authentication/SignInContext.cs @@ -0,0 +1,38 @@ +// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. +// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. + +using System; +using System.Collections.Generic; +using System.Security.Claims; +using Microsoft.AspNet.Http.Interfaces.Authentication; + +namespace Microsoft.AspNet.Http.Core.Authentication +{ + public class SignInContext : ISignInContext + { + private bool _accepted; + + public SignInContext([NotNull] string authenticationScheme, [NotNull] ClaimsPrincipal principal, IDictionary dictionary) + { + AuthenticationScheme = authenticationScheme; + Principal = principal; + Properties = dictionary ?? new Dictionary(StringComparer.Ordinal); + } + + public ClaimsPrincipal Principal { get; } + + public IDictionary Properties { get; } + + public string AuthenticationScheme { get; } + + public bool Accepted + { + get { return _accepted; } + } + + public void Accept(IDictionary description) + { + _accepted = true; + } + } +} \ No newline at end of file diff --git a/src/Microsoft.AspNet.Http.Core/Authentication/SignOutContext.cs b/src/Microsoft.AspNet.Http.Core/Authentication/SignOutContext.cs new file mode 100644 index 0000000000..200a348f03 --- /dev/null +++ b/src/Microsoft.AspNet.Http.Core/Authentication/SignOutContext.cs @@ -0,0 +1,31 @@ +// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. +// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. + +using System; +using System.Collections.Generic; +using Microsoft.AspNet.Http.Interfaces.Authentication; + +namespace Microsoft.AspNet.Http.Core.Authentication +{ + public class SignOutContext : ISignOutContext + { + private bool _accepted; + + public SignOutContext(string authenticationScheme) + { + AuthenticationScheme = authenticationScheme; + } + + public string AuthenticationScheme { get; } + + public bool Accepted + { + get { return _accepted; } + } + + public void Accept() + { + _accepted = true; + } + } +} diff --git a/src/Microsoft.AspNet.Http.Core/DefaultHttpContext.cs b/src/Microsoft.AspNet.Http.Core/DefaultHttpContext.cs index 2de1680de3..4b91833cca 100644 --- a/src/Microsoft.AspNet.Http.Core/DefaultHttpContext.cs +++ b/src/Microsoft.AspNet.Http.Core/DefaultHttpContext.cs @@ -9,14 +9,13 @@ using System.Security.Claims; using System.Threading; using System.Threading.Tasks; using Microsoft.AspNet.FeatureModel; -using Microsoft.AspNet.Http; -using Microsoft.AspNet.Http.Infrastructure; -using Microsoft.AspNet.Http.Security; -using Microsoft.AspNet.Http.Interfaces; -using Microsoft.AspNet.Http.Interfaces.Security; using Microsoft.AspNet.Http.Core.Collections; using Microsoft.AspNet.Http.Core.Infrastructure; -using Microsoft.AspNet.Http.Core.Security; +using Microsoft.AspNet.Http.Core.Authentication; +using Microsoft.AspNet.Http.Infrastructure; +using Microsoft.AspNet.Http.Interfaces; +using Microsoft.AspNet.Http.Interfaces.Authentication; +using Microsoft.AspNet.Http.Authentication; namespace Microsoft.AspNet.Http.Core { @@ -201,7 +200,7 @@ namespace Microsoft.AspNet.Http.Core _features[type] = instance; } - public override IEnumerable GetAuthenticationTypes() + public override IEnumerable GetAuthenticationSchemes() { var handler = HttpAuthenticationFeature.Handler; if (handler == null) @@ -209,46 +208,46 @@ namespace Microsoft.AspNet.Http.Core return new AuthenticationDescription[0]; } - var authTypeContext = new AuthTypeContext(); - handler.GetDescriptions(authTypeContext); - return authTypeContext.Results; + var describeContext = new DescribeSchemesContext(); + handler.GetDescriptions(describeContext); + return describeContext.Results; } - public override IEnumerable Authenticate([NotNull] IEnumerable authenticationTypes) + public override IEnumerable Authenticate([NotNull] IEnumerable authenticationSchemes) { var handler = HttpAuthenticationFeature.Handler; - var authenticateContext = new AuthenticateContext(authenticationTypes); + var authenticateContext = new AuthenticateContext(authenticationSchemes); if (handler != null) { handler.Authenticate(authenticateContext); } // Verify all types ack'd - IEnumerable leftovers = authenticationTypes.Except(authenticateContext.Accepted); + IEnumerable leftovers = authenticationSchemes.Except(authenticateContext.Accepted); if (leftovers.Any()) { - throw new InvalidOperationException("The following authentication types were not accepted: " + string.Join(", ", leftovers)); + throw new InvalidOperationException("The following authentication schemes were not accepted: " + string.Join(", ", leftovers)); } return authenticateContext.Results; } - public override async Task> AuthenticateAsync([NotNull] IEnumerable authenticationTypes) + public override async Task> AuthenticateAsync([NotNull] IEnumerable authenticationSchemes) { var handler = HttpAuthenticationFeature.Handler; - var authenticateContext = new AuthenticateContext(authenticationTypes); + var authenticateContext = new AuthenticateContext(authenticationSchemes); if (handler != null) { await handler.AuthenticateAsync(authenticateContext); } // Verify all types ack'd - IEnumerable leftovers = authenticationTypes.Except(authenticateContext.Accepted); + IEnumerable leftovers = authenticationSchemes.Except(authenticateContext.Accepted); if (leftovers.Any()) { - throw new InvalidOperationException("The following authentication types were not accepted: " + string.Join(", ", leftovers)); + throw new InvalidOperationException("The following authentication schemes were not accepted: " + string.Join(", ", leftovers)); } return authenticateContext.Results; @@ -264,4 +263,4 @@ namespace Microsoft.AspNet.Http.Core return WebSocketFeature.AcceptAsync(new WebSocketAcceptContext() { SubProtocol = subProtocol } ); } } -} +} \ No newline at end of file diff --git a/src/Microsoft.AspNet.Http.Core/DefaultHttpResponse.cs b/src/Microsoft.AspNet.Http.Core/DefaultHttpResponse.cs index 7e44614704..13cecb1eee 100644 --- a/src/Microsoft.AspNet.Http.Core/DefaultHttpResponse.cs +++ b/src/Microsoft.AspNet.Http.Core/DefaultHttpResponse.cs @@ -6,17 +6,14 @@ using System.Collections.Generic; using System.IO; using System.Linq; using System.Security.Claims; -using System.Text; -using System.Threading.Tasks; -using Microsoft.AspNet.Http; -using Microsoft.AspNet.Http.Infrastructure; -using Microsoft.AspNet.Http.Security; using Microsoft.AspNet.FeatureModel; -using Microsoft.AspNet.Http.Interfaces; -using Microsoft.AspNet.Http.Interfaces.Security; using Microsoft.AspNet.Http.Core.Collections; using Microsoft.AspNet.Http.Core.Infrastructure; -using Microsoft.AspNet.Http.Core.Security; +using Microsoft.AspNet.Http.Core.Authentication; +using Microsoft.AspNet.Http.Infrastructure; +using Microsoft.AspNet.Http.Interfaces; +using Microsoft.AspNet.Http.Interfaces.Authentication; +using Microsoft.AspNet.Http.Authentication; namespace Microsoft.AspNet.Http.Core { @@ -129,58 +126,56 @@ namespace Microsoft.AspNet.Http.Core Headers.Set(Constants.Headers.Location, location); } - public override void Challenge(AuthenticationProperties properties, [NotNull] IEnumerable authenticationTypes) + public override void Challenge(AuthenticationProperties properties, [NotNull] IEnumerable authenticationSchemes) { HttpResponseFeature.StatusCode = 401; var handler = HttpAuthenticationFeature.Handler; - var challengeContext = new ChallengeContext(authenticationTypes, properties == null ? null : properties.Dictionary); + var challengeContext = new ChallengeContext(authenticationSchemes, properties == null ? null : properties.Dictionary); if (handler != null) { handler.Challenge(challengeContext); } // Verify all types ack'd - IEnumerable leftovers = authenticationTypes.Except(challengeContext.Accepted); + IEnumerable leftovers = authenticationSchemes.Except(challengeContext.Accepted); if (leftovers.Any()) { throw new InvalidOperationException("The following authentication types were not accepted: " + string.Join(", ", leftovers)); } } - public override void SignIn(AuthenticationProperties properties, [NotNull] IEnumerable identities) + public override void SignIn(string authenticationScheme, [NotNull] ClaimsPrincipal principal, AuthenticationProperties properties) { var handler = HttpAuthenticationFeature.Handler; - var signInContext = new SignInContext(identities, properties == null ? null : properties.Dictionary); + var signInContext = new SignInContext(authenticationScheme, principal, properties == null ? null : properties.Dictionary); if (handler != null) { handler.SignIn(signInContext); } // Verify all types ack'd - IEnumerable leftovers = identities.Select(identity => identity.AuthenticationType).Except(signInContext.Accepted); - if (leftovers.Any()) + if (!signInContext.Accepted) { - throw new InvalidOperationException("The following authentication types were not accepted: " + string.Join(", ", leftovers)); + throw new InvalidOperationException("The following authentication scheme was not accepted: " + authenticationScheme); } } - public override void SignOut([NotNull] IEnumerable authenticationTypes) + public override void SignOut(string authenticationScheme) { var handler = HttpAuthenticationFeature.Handler; - var signOutContext = new SignOutContext(authenticationTypes); + var signOutContext = new SignOutContext(authenticationScheme); if (handler != null) { handler.SignOut(signOutContext); } // Verify all types ack'd - IEnumerable leftovers = authenticationTypes.Except(signOutContext.Accepted); - if (leftovers.Any()) + if (!string.IsNullOrWhiteSpace(authenticationScheme) && !signOutContext.Accepted) { - throw new InvalidOperationException("The following authentication types were not accepted: " + string.Join(", ", leftovers)); + throw new InvalidOperationException("The following authentication scheme was not accepted: " + authenticationScheme); } } } diff --git a/src/Microsoft.AspNet.Http.Core/Security/SignInContext.cs b/src/Microsoft.AspNet.Http.Core/Security/SignInContext.cs deleted file mode 100644 index 0e9383e97c..0000000000 --- a/src/Microsoft.AspNet.Http.Core/Security/SignInContext.cs +++ /dev/null @@ -1,36 +0,0 @@ -// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. -// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. - -using System; -using System.Collections.Generic; -using System.Security.Claims; -using Microsoft.AspNet.Http.Interfaces.Security; - -namespace Microsoft.AspNet.Http.Core.Security -{ - public class SignInContext : ISignInContext - { - private List _accepted; - - public SignInContext([NotNull] IEnumerable identities, IDictionary dictionary) - { - Identities = identities; - Properties = dictionary ?? new Dictionary(StringComparer.Ordinal); - _accepted = new List(); - } - - public IEnumerable Identities { get; private set; } - - public IDictionary Properties { get; private set; } - - public IEnumerable Accepted - { - get { return _accepted; } - } - - public void Accept(string authenticationType, IDictionary description) - { - _accepted.Add(authenticationType); - } - } -} diff --git a/src/Microsoft.AspNet.Http.Core/Security/SignOutContext.cs b/src/Microsoft.AspNet.Http.Core/Security/SignOutContext.cs deleted file mode 100644 index c2ed25f04a..0000000000 --- a/src/Microsoft.AspNet.Http.Core/Security/SignOutContext.cs +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. -// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. - -using System; -using System.Collections.Generic; -using Microsoft.AspNet.Http.Interfaces.Security; - -namespace Microsoft.AspNet.Http.Core.Security -{ - public class SignOutContext : ISignOutContext - { - private List _accepted; - - public SignOutContext([NotNull] IEnumerable authenticationTypes) - { - AuthenticationTypes = authenticationTypes; - _accepted = new List(); - } - - public IEnumerable AuthenticationTypes { get; private set; } - - public IEnumerable Accepted - { - get { return _accepted; } - } - - public void Accept(string authenticationType, IDictionary description) - { - _accepted.Add(authenticationType); - } - } -} diff --git a/src/Microsoft.AspNet.Http.Interfaces/Security/IAuthenticateContext.cs b/src/Microsoft.AspNet.Http.Interfaces/Security/IAuthenticateContext.cs index 3e09a1aa5e..86a1b7add1 100644 --- a/src/Microsoft.AspNet.Http.Interfaces/Security/IAuthenticateContext.cs +++ b/src/Microsoft.AspNet.Http.Interfaces/Security/IAuthenticateContext.cs @@ -4,14 +4,14 @@ using System.Collections.Generic; using System.Security.Claims; -namespace Microsoft.AspNet.Http.Interfaces.Security +namespace Microsoft.AspNet.Http.Interfaces.Authentication { public interface IAuthenticateContext { - IEnumerable AuthenticationTypes { get; } + IEnumerable AuthenticationSchemes { get; } - void Authenticated(ClaimsIdentity identity, IDictionary properties, IDictionary description); + void Authenticated(ClaimsPrincipal principal, IDictionary properties, IDictionary description); - void NotAuthenticated(string authenticationType, IDictionary properties, IDictionary description); + void NotAuthenticated(string authenticationScheme, IDictionary properties, IDictionary description); } } diff --git a/src/Microsoft.AspNet.Http.Interfaces/Security/IAuthenticationHandler.cs b/src/Microsoft.AspNet.Http.Interfaces/Security/IAuthenticationHandler.cs index 32ed5f2cf8..856433f41a 100644 --- a/src/Microsoft.AspNet.Http.Interfaces/Security/IAuthenticationHandler.cs +++ b/src/Microsoft.AspNet.Http.Interfaces/Security/IAuthenticationHandler.cs @@ -3,11 +3,11 @@ using System.Threading.Tasks; -namespace Microsoft.AspNet.Http.Interfaces.Security +namespace Microsoft.AspNet.Http.Interfaces.Authentication { public interface IAuthenticationHandler { - void GetDescriptions(IAuthTypeContext context); + void GetDescriptions(IDescribeSchemesContext context); void Authenticate(IAuthenticateContext context); Task AuthenticateAsync(IAuthenticateContext context); diff --git a/src/Microsoft.AspNet.Http.Interfaces/Security/IChallengeContext.cs b/src/Microsoft.AspNet.Http.Interfaces/Security/IChallengeContext.cs index cb44dc300b..602d1eead3 100644 --- a/src/Microsoft.AspNet.Http.Interfaces/Security/IChallengeContext.cs +++ b/src/Microsoft.AspNet.Http.Interfaces/Security/IChallengeContext.cs @@ -3,11 +3,11 @@ using System.Collections.Generic; -namespace Microsoft.AspNet.Http.Interfaces.Security +namespace Microsoft.AspNet.Http.Interfaces.Authentication { public interface IChallengeContext { - IEnumerable AuthenticationTypes {get;} + IEnumerable AuthenticationSchemes {get;} IDictionary Properties {get;} void Accept(string authenticationType, IDictionary description); diff --git a/src/Microsoft.AspNet.Http.Interfaces/Security/IAuthTypeContext.cs b/src/Microsoft.AspNet.Http.Interfaces/Security/IDescribeSchemesContext.cs similarity index 73% rename from src/Microsoft.AspNet.Http.Interfaces/Security/IAuthTypeContext.cs rename to src/Microsoft.AspNet.Http.Interfaces/Security/IDescribeSchemesContext.cs index ef952847b0..7b06b47a6f 100644 --- a/src/Microsoft.AspNet.Http.Interfaces/Security/IAuthTypeContext.cs +++ b/src/Microsoft.AspNet.Http.Interfaces/Security/IDescribeSchemesContext.cs @@ -3,9 +3,9 @@ using System.Collections.Generic; -namespace Microsoft.AspNet.Http.Interfaces.Security +namespace Microsoft.AspNet.Http.Interfaces.Authentication { - public interface IAuthTypeContext + public interface IDescribeSchemesContext { void Accept(IDictionary description); } diff --git a/src/Microsoft.AspNet.Http.Interfaces/Security/IHttpAuthenticationFeature.cs b/src/Microsoft.AspNet.Http.Interfaces/Security/IHttpAuthenticationFeature.cs index 183ebe9d2f..be9ffb4e22 100644 --- a/src/Microsoft.AspNet.Http.Interfaces/Security/IHttpAuthenticationFeature.cs +++ b/src/Microsoft.AspNet.Http.Interfaces/Security/IHttpAuthenticationFeature.cs @@ -3,7 +3,7 @@ using System.Security.Claims; -namespace Microsoft.AspNet.Http.Interfaces.Security +namespace Microsoft.AspNet.Http.Interfaces.Authentication { public interface IHttpAuthenticationFeature { diff --git a/src/Microsoft.AspNet.Http.Interfaces/Security/ISignInContext.cs b/src/Microsoft.AspNet.Http.Interfaces/Security/ISignInContext.cs index c6d1b4efc0..ee6603be66 100644 --- a/src/Microsoft.AspNet.Http.Interfaces/Security/ISignInContext.cs +++ b/src/Microsoft.AspNet.Http.Interfaces/Security/ISignInContext.cs @@ -4,13 +4,15 @@ using System.Collections.Generic; using System.Security.Claims; -namespace Microsoft.AspNet.Http.Interfaces.Security +namespace Microsoft.AspNet.Http.Interfaces.Authentication { public interface ISignInContext { - IEnumerable Identities { get; } + //IEnumerable Principals { get; } + ClaimsPrincipal Principal { get; } IDictionary Properties { get; } + string AuthenticationScheme { get; } - void Accept(string authenticationType, IDictionary description); + void Accept(IDictionary description); } } \ No newline at end of file diff --git a/src/Microsoft.AspNet.Http.Interfaces/Security/ISignOutContext.cs b/src/Microsoft.AspNet.Http.Interfaces/Security/ISignOutContext.cs index 426c601e24..b9720a941d 100644 --- a/src/Microsoft.AspNet.Http.Interfaces/Security/ISignOutContext.cs +++ b/src/Microsoft.AspNet.Http.Interfaces/Security/ISignOutContext.cs @@ -1,14 +1,12 @@ // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. -using System.Collections.Generic; - -namespace Microsoft.AspNet.Http.Interfaces.Security +namespace Microsoft.AspNet.Http.Interfaces.Authentication { public interface ISignOutContext { - IEnumerable AuthenticationTypes { get; } + string AuthenticationScheme { get; } - void Accept(string authenticationType, IDictionary description); + void Accept(); } } \ No newline at end of file diff --git a/src/Microsoft.AspNet.Http/Security/AuthenticateResult.cs b/src/Microsoft.AspNet.Http/Authentication/AuthenticateResult.cs similarity index 72% rename from src/Microsoft.AspNet.Http/Security/AuthenticateResult.cs rename to src/Microsoft.AspNet.Http/Authentication/AuthenticateResult.cs index 38b48dcf0e..e1d3918dbc 100644 --- a/src/Microsoft.AspNet.Http/Security/AuthenticateResult.cs +++ b/src/Microsoft.AspNet.Http/Authentication/AuthenticateResult.cs @@ -1,11 +1,9 @@ // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. -using System; using System.Security.Claims; -using System.Security.Principal; -namespace Microsoft.AspNet.Http.Security +namespace Microsoft.AspNet.Http.Authentication { /// /// Acts as the return value from calls to the IAuthenticationManager's AuthenticeAsync methods. @@ -18,21 +16,18 @@ namespace Microsoft.AspNet.Http.Security /// Assigned to Identity. May be null. /// Assigned to Properties. Contains extra information carried along with the identity. /// Assigned to Description. Contains information describing the authentication provider. - public AuthenticationResult(IIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] AuthenticationDescription description) + public AuthenticationResult(ClaimsPrincipal principal, [NotNull] AuthenticationProperties properties, [NotNull] AuthenticationDescription description) { - if (identity != null) - { - Identity = identity as ClaimsIdentity ?? new ClaimsIdentity(identity); - } + Principal = principal; Properties = properties; Description = description; } /// - /// Contains the claims that were authenticated by the given AuthenticationType. If the authentication - /// type was not successful the Identity property will be null. + /// Contains the claims that were authenticated by the given AuthenticationScheme. If the authentication + /// scheme was not successful the Identity property will be null. /// - public ClaimsIdentity Identity { get; private set; } + public ClaimsPrincipal Principal { get; private set; } /// /// Contains extra values that were provided with the original SignIn call. diff --git a/src/Microsoft.AspNet.Http/Security/AuthenticationDescription.cs b/src/Microsoft.AspNet.Http/Authentication/AuthenticationDescription.cs similarity index 86% rename from src/Microsoft.AspNet.Http/Security/AuthenticationDescription.cs rename to src/Microsoft.AspNet.Http/Authentication/AuthenticationDescription.cs index 2d7d4f0c73..7df6a014c0 100644 --- a/src/Microsoft.AspNet.Http/Security/AuthenticationDescription.cs +++ b/src/Microsoft.AspNet.Http/Authentication/AuthenticationDescription.cs @@ -5,7 +5,7 @@ using System; using System.Collections.Generic; using System.Globalization; -namespace Microsoft.AspNet.Http.Security +namespace Microsoft.AspNet.Http.Authentication { /// /// Contains information describing an authentication provider. @@ -13,7 +13,7 @@ namespace Microsoft.AspNet.Http.Security public class AuthenticationDescription { private const string CaptionPropertyKey = "Caption"; - private const string AuthenticationTypePropertyKey = "AuthenticationType"; + private const string AuthenticationSchemePropertyKey = "AuthenticationScheme"; /// /// Initializes a new instance of the class @@ -40,10 +40,10 @@ namespace Microsoft.AspNet.Http.Security /// /// Gets or sets the name used to reference the authentication middleware instance. /// - public string AuthenticationType + public string AuthenticationScheme { - get { return GetString(AuthenticationTypePropertyKey); } - set { Dictionary[AuthenticationTypePropertyKey] = value; } + get { return GetString(AuthenticationSchemePropertyKey); } + set { Dictionary[AuthenticationSchemePropertyKey] = value; } } /// diff --git a/src/Microsoft.AspNet.Http/Security/AuthenticationProperties.cs b/src/Microsoft.AspNet.Http/Authentication/AuthenticationProperties.cs similarity index 99% rename from src/Microsoft.AspNet.Http/Security/AuthenticationProperties.cs rename to src/Microsoft.AspNet.Http/Authentication/AuthenticationProperties.cs index afb9aca66a..475dd027d9 100644 --- a/src/Microsoft.AspNet.Http/Security/AuthenticationProperties.cs +++ b/src/Microsoft.AspNet.Http/Authentication/AuthenticationProperties.cs @@ -6,7 +6,7 @@ using System.Collections.Generic; using System.Diagnostics.CodeAnalysis; using System.Globalization; -namespace Microsoft.AspNet.Http.Security +namespace Microsoft.AspNet.Http.Authentication { /// /// Dictionary used to store state values about the authentication session. diff --git a/src/Microsoft.AspNet.Http/HttpContext.cs b/src/Microsoft.AspNet.Http/HttpContext.cs index 094b6671eb..c76019744e 100644 --- a/src/Microsoft.AspNet.Http/HttpContext.cs +++ b/src/Microsoft.AspNet.Http/HttpContext.cs @@ -8,7 +8,7 @@ using System.Net.WebSockets; using System.Security.Claims; using System.Threading; using System.Threading.Tasks; -using Microsoft.AspNet.Http.Security; +using Microsoft.AspNet.Http.Authentication; namespace Microsoft.AspNet.Http { @@ -52,21 +52,21 @@ namespace Microsoft.AspNet.Http SetFeature(typeof(T), instance); } - public abstract IEnumerable GetAuthenticationTypes(); + public abstract IEnumerable GetAuthenticationSchemes(); - public virtual AuthenticationResult Authenticate(string authenticationType) + public virtual AuthenticationResult Authenticate(string authenticationScheme) { - return Authenticate(new[] { authenticationType }).SingleOrDefault(); + return Authenticate(new[] { authenticationScheme }).SingleOrDefault(); } - public abstract IEnumerable Authenticate(IEnumerable authenticationTypes); + public abstract IEnumerable Authenticate(IEnumerable authenticationSchemes); - public virtual async Task AuthenticateAsync(string authenticationType) + public virtual async Task AuthenticateAsync(string authenticationScheme) { - return (await AuthenticateAsync(new[] { authenticationType })).SingleOrDefault(); + return (await AuthenticateAsync(new[] { authenticationScheme })).SingleOrDefault(); } - public abstract Task> AuthenticateAsync(IEnumerable authenticationTypes); + public abstract Task> AuthenticateAsync(IEnumerable authenticationSchemes); public virtual Task AcceptWebSocketAsync() { diff --git a/src/Microsoft.AspNet.Http/HttpResponse.cs b/src/Microsoft.AspNet.Http/HttpResponse.cs index d0156b4ee9..047b09825d 100644 --- a/src/Microsoft.AspNet.Http/HttpResponse.cs +++ b/src/Microsoft.AspNet.Http/HttpResponse.cs @@ -5,7 +5,7 @@ using System; using System.Collections.Generic; using System.IO; using System.Security.Claims; -using Microsoft.AspNet.Http.Security; +using Microsoft.AspNet.Http.Authentication; namespace Microsoft.AspNet.Http { @@ -44,70 +44,40 @@ namespace Microsoft.AspNet.Http Challenge(properties, new string[0]); } - public virtual void Challenge(string authenticationType) + public virtual void Challenge(string authenticationScheme) { - Challenge(new[] { authenticationType }); + Challenge(new[] { authenticationScheme }); } - public virtual void Challenge(AuthenticationProperties properties, string authenticationType) + public virtual void Challenge(AuthenticationProperties properties, string authenticationScheme) { - Challenge(properties, new[] { authenticationType }); + Challenge(properties, new[] { authenticationScheme }); } - public virtual void Challenge(params string[] authenticationTypes) + public virtual void Challenge(params string[] authenticationSchemes) { - Challenge((IEnumerable)authenticationTypes); + Challenge((IEnumerable)authenticationSchemes); } - public virtual void Challenge(IEnumerable authenticationTypes) + public virtual void Challenge(IEnumerable authenticationSchemes) { - Challenge(properties: null, authenticationTypes: authenticationTypes); + Challenge(properties: null, authenticationSchemes: authenticationSchemes); } - public virtual void Challenge(AuthenticationProperties properties, params string[] authenticationTypes) + public virtual void Challenge(AuthenticationProperties properties, params string[] authenticationSchemes) { - Challenge(properties, (IEnumerable)authenticationTypes); + Challenge(properties, (IEnumerable)authenticationSchemes); } - public abstract void Challenge(AuthenticationProperties properties, IEnumerable authenticationTypes); + public abstract void Challenge(AuthenticationProperties properties, IEnumerable authenticationSchemes); - public virtual void SignIn(ClaimsIdentity identity) - { - SignIn(properties: null, identity: identity); - } - - public virtual void SignIn(AuthenticationProperties properties, ClaimsIdentity identity) - { - SignIn(properties, new[] { identity }); - } - - public virtual void SignIn(params ClaimsIdentity[] identities) - { - SignIn(properties: null, identities: (IEnumerable)identities); - } - - public virtual void SignIn(IEnumerable identities) - { - SignIn(properties: null, identities: identities); - } - - public virtual void SignIn(AuthenticationProperties properties, params ClaimsIdentity[] identities) - { - SignIn(properties, (IEnumerable)identities); - } - - public abstract void SignIn(AuthenticationProperties properties, IEnumerable identities); + public abstract void SignIn(string authenticationScheme, ClaimsPrincipal principal, AuthenticationProperties properties = null); public virtual void SignOut() { - SignOut(new string[0]); + SignOut(authenticationScheme: null); } - public virtual void SignOut(string authenticationType) - { - SignOut(new[] { authenticationType }); - } - - public abstract void SignOut(IEnumerable authenticationTypes); + public abstract void SignOut(string authenticationScheme); } } diff --git a/src/Microsoft.AspNet.Owin/OwinEnvironment.cs b/src/Microsoft.AspNet.Owin/OwinEnvironment.cs index 148d80fcc0..f64f274333 100644 --- a/src/Microsoft.AspNet.Owin/OwinEnvironment.cs +++ b/src/Microsoft.AspNet.Owin/OwinEnvironment.cs @@ -14,9 +14,9 @@ using System.Security.Principal; using System.Threading; using System.Threading.Tasks; using Microsoft.AspNet.Http; +using Microsoft.AspNet.Http.Core.Authentication; using Microsoft.AspNet.Http.Interfaces; -using Microsoft.AspNet.Http.Interfaces.Security; -using Microsoft.AspNet.Http.Core.Security; +using Microsoft.AspNet.Http.Interfaces.Authentication; namespace Microsoft.AspNet.Owin { diff --git a/src/Microsoft.AspNet.Owin/OwinFeatureCollection.cs b/src/Microsoft.AspNet.Owin/OwinFeatureCollection.cs index 469933cf64..11d5892cb1 100644 --- a/src/Microsoft.AspNet.Owin/OwinFeatureCollection.cs +++ b/src/Microsoft.AspNet.Owin/OwinFeatureCollection.cs @@ -16,7 +16,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.AspNet.FeatureModel; using Microsoft.AspNet.Http.Interfaces; -using Microsoft.AspNet.Http.Interfaces.Security; +using Microsoft.AspNet.Http.Interfaces.Authentication; namespace Microsoft.AspNet.Owin { diff --git a/test/Microsoft.AspNet.Http.Core.Tests/DefaultHttpContextTests.cs b/test/Microsoft.AspNet.Http.Core.Tests/DefaultHttpContextTests.cs index 146967c135..5e637e1cca 100644 --- a/test/Microsoft.AspNet.Http.Core.Tests/DefaultHttpContextTests.cs +++ b/test/Microsoft.AspNet.Http.Core.Tests/DefaultHttpContextTests.cs @@ -3,13 +3,12 @@ using System; using System.Collections.Generic; -using System.IO; using System.Linq; using System.Security.Claims; using System.Threading.Tasks; -using Microsoft.AspNet.Http; using Microsoft.AspNet.FeatureModel; -using Microsoft.AspNet.Http.Interfaces; +using Microsoft.AspNet.Http.Core.Authentication; +using Microsoft.AspNet.Http.Interfaces.Authentication; using Xunit; namespace Microsoft.AspNet.Http.Core.Tests @@ -66,7 +65,7 @@ namespace Microsoft.AspNet.Http.Core.Tests public void SignInWithNoAuthMiddlewareThrows() { var context = CreateContext(); - Assert.Throws(() => context.Response.SignIn(new ClaimsIdentity("Foo"))); + Assert.Throws(() => context.Response.SignIn("Foo", new ClaimsPrincipal())); } [Fact] @@ -78,6 +77,58 @@ namespace Microsoft.AspNet.Http.Core.Tests Assert.Throws(() => context.Response.SignOut("Foo")); } + [Fact] + public void SignInOutIn() + { + var context = CreateContext(); + var handler = new AuthHandler(); + context.SetFeature(new HttpAuthenticationFeature() { Handler = handler }); + var user = new ClaimsPrincipal(); + context.Response.SignIn("ignored", user); + Assert.True(handler.SignedIn); + context.Response.SignOut("ignored"); + Assert.False(handler.SignedIn); + context.Response.SignIn("ignored", user); + Assert.True(handler.SignedIn); + } + + private class AuthHandler : IAuthenticationHandler + { + public bool SignedIn { get; set; } + + public void Authenticate(IAuthenticateContext context) + { + throw new NotImplementedException(); + } + + public Task AuthenticateAsync(IAuthenticateContext context) + { + throw new NotImplementedException(); + } + + public void Challenge(IChallengeContext context) + { + throw new NotImplementedException(); + } + + public void GetDescriptions(IDescribeSchemesContext context) + { + throw new NotImplementedException(); + } + + public void SignIn(ISignInContext context) + { + SignedIn = true; + context.Accept(new Dictionary()); + } + + public void SignOut(ISignOutContext context) + { + SignedIn = false; + context.Accept(); + } + } + private HttpContext CreateContext() { var context = new DefaultHttpContext();