huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Cleanup 

Switch to logging interfaces reference
Tweak DenyAnonymous logic

Fixes https://github.com/aspnet/Security/issues/181
Fixes https://github.com/aspnet/Security/issues/169
This commit is contained in:
Hao Kung 2015-03-17 11:40:58 -07:00
parent 7abccd8f22
commit e2a8efbb64
5 changed files with 17 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Microsoft.AspNet.Authentication/project.json
View File

@ -6,7 +6,7 @@
"Microsoft.AspNet.RequestContainer": "1.0.0-*",
"Microsoft.AspNet.Http.Interfaces": "1.0.0-*",
"Microsoft.AspNet.Http.Core": "1.0.0-*",
"Microsoft.Framework.Logging": "1.0.0-*",
"Microsoft.Framework.Logging.Interfaces": "1.0.0-*",
"Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" }
},
"frameworks": {

16
src/Microsoft.AspNet.Authorization/DefaultAuthorizationService.cs
View File

@ -23,11 +23,9 @@ namespace Microsoft.AspNet.Authorization
public bool Authorize(ClaimsPrincipal user, object resource, string policyName)
{
var policy = _options.GetPolicy(policyName);
if (policy == null)
{
return false;
}
return this.Authorize(user, resource, policy);
return (policy == null)
? false
: this.Authorize(user, resource, policy);
}
public bool Authorize(ClaimsPrincipal user, object resource, params IAuthorizationRequirement[] requirements)
@ -53,11 +51,9 @@ namespace Microsoft.AspNet.Authorization
public Task<bool> AuthorizeAsync(ClaimsPrincipal user, object resource, string policyName)
{
var policy = _options.GetPolicy(policyName);
if (policy == null)
{
return Task.FromResult(false);
}
return this.AuthorizeAsync(user, resource, policy);
return (policy == null)
? Task.FromResult(false)
: this.AuthorizeAsync(user, resource, policy);
}
}
}

7
src/Microsoft.AspNet.Authorization/DenyAnonymousAuthorizationHandler.cs
View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Threading.Tasks;
using System.Linq;
namespace Microsoft.AspNet.Authorization
{
@ -11,9 +11,8 @@ namespace Microsoft.AspNet.Authorization
{
var user = context.User;
var userIsAnonymous =
user == null ||
user.Identity == null ||
!user.Identity.IsAuthenticated;
user?.Identity == null ||
!user.Identities.Any(i => i.IsAuthenticated);
if (!userIsAnonymous)
{
context.Succeed(requirement);

2
src/Microsoft.AspNet.Authorization/project.json
View File

@ -3,7 +3,7 @@
"description": "ASP.NET 5 authorization classes.",
"dependencies": {
"Microsoft.AspNet.Http.Interfaces": "1.0.0-*",
"Microsoft.Framework.Logging": "1.0.0-*",
"Microsoft.Framework.Logging.Interfaces": "1.0.0-*",
"Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" },
"Microsoft.Framework.OptionsModel": "1.0.0-*"
},

13
test/Microsoft.AspNet.Authorization.Test/DefaultAuthorizationServiceTests.cs
View File

@ -549,13 +549,12 @@ namespace Microsoft.AspNet.Authorization.Test
options.AddPolicy("Any", policy => policy.RequireAuthenticatedUser());
});
});
var user = new ClaimsPrincipal(
new ClaimsIdentity(
new Claim[] {
new Claim(ClaimTypes.Name, "Name"),
},
"AuthType")
);
var user = new ClaimsPrincipal(new ClaimsIdentity());
user.AddIdentity(new ClaimsIdentity(
new Claim[] {
new Claim(ClaimTypes.Name, "Name"),
},
"AuthType"));
// Act
var allowed = await authorizationService.AuthorizeAsync(user, null, "Any");