Switch to logging interfaces reference
Tweak DenyAnonymous logic

Fixes https://github.com/aspnet/Security/issues/181
Fixes https://github.com/aspnet/Security/issues/169
This commit is contained in:
Hao Kung 2015-03-17 11:40:58 -07:00
parent 7abccd8f22
commit e2a8efbb64
5 changed files with 17 additions and 23 deletions

View File

@ -6,7 +6,7 @@
"Microsoft.AspNet.RequestContainer": "1.0.0-*", "Microsoft.AspNet.RequestContainer": "1.0.0-*",
"Microsoft.AspNet.Http.Interfaces": "1.0.0-*", "Microsoft.AspNet.Http.Interfaces": "1.0.0-*",
"Microsoft.AspNet.Http.Core": "1.0.0-*", "Microsoft.AspNet.Http.Core": "1.0.0-*",
"Microsoft.Framework.Logging": "1.0.0-*", "Microsoft.Framework.Logging.Interfaces": "1.0.0-*",
"Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" } "Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" }
}, },
"frameworks": { "frameworks": {

View File

@ -23,11 +23,9 @@ namespace Microsoft.AspNet.Authorization
public bool Authorize(ClaimsPrincipal user, object resource, string policyName) public bool Authorize(ClaimsPrincipal user, object resource, string policyName)
{ {
var policy = _options.GetPolicy(policyName); var policy = _options.GetPolicy(policyName);
if (policy == null) return (policy == null)
{ ? false
return false; : this.Authorize(user, resource, policy);
}
return this.Authorize(user, resource, policy);
} }
public bool Authorize(ClaimsPrincipal user, object resource, params IAuthorizationRequirement[] requirements) public bool Authorize(ClaimsPrincipal user, object resource, params IAuthorizationRequirement[] requirements)
@ -53,11 +51,9 @@ namespace Microsoft.AspNet.Authorization
public Task<bool> AuthorizeAsync(ClaimsPrincipal user, object resource, string policyName) public Task<bool> AuthorizeAsync(ClaimsPrincipal user, object resource, string policyName)
{ {
var policy = _options.GetPolicy(policyName); var policy = _options.GetPolicy(policyName);
if (policy == null) return (policy == null)
{ ? Task.FromResult(false)
return Task.FromResult(false); : this.AuthorizeAsync(user, resource, policy);
}
return this.AuthorizeAsync(user, resource, policy);
} }
} }
} }

View File

@ -1,7 +1,7 @@
// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System.Threading.Tasks; using System.Linq;
namespace Microsoft.AspNet.Authorization namespace Microsoft.AspNet.Authorization
{ {
@ -11,9 +11,8 @@ namespace Microsoft.AspNet.Authorization
{ {
var user = context.User; var user = context.User;
var userIsAnonymous = var userIsAnonymous =
user == null || user?.Identity == null ||
user.Identity == null || !user.Identities.Any(i => i.IsAuthenticated);
!user.Identity.IsAuthenticated;
if (!userIsAnonymous) if (!userIsAnonymous)
{ {
context.Succeed(requirement); context.Succeed(requirement);

View File

@ -3,7 +3,7 @@
"description": "ASP.NET 5 authorization classes.", "description": "ASP.NET 5 authorization classes.",
"dependencies": { "dependencies": {
"Microsoft.AspNet.Http.Interfaces": "1.0.0-*", "Microsoft.AspNet.Http.Interfaces": "1.0.0-*",
"Microsoft.Framework.Logging": "1.0.0-*", "Microsoft.Framework.Logging.Interfaces": "1.0.0-*",
"Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" }, "Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" },
"Microsoft.Framework.OptionsModel": "1.0.0-*" "Microsoft.Framework.OptionsModel": "1.0.0-*"
}, },

View File

@ -549,13 +549,12 @@ namespace Microsoft.AspNet.Authorization.Test
options.AddPolicy("Any", policy => policy.RequireAuthenticatedUser()); options.AddPolicy("Any", policy => policy.RequireAuthenticatedUser());
}); });
}); });
var user = new ClaimsPrincipal( var user = new ClaimsPrincipal(new ClaimsIdentity());
new ClaimsIdentity( user.AddIdentity(new ClaimsIdentity(
new Claim[] { new Claim[] {
new Claim(ClaimTypes.Name, "Name"), new Claim(ClaimTypes.Name, "Name"),
}, },
"AuthType") "AuthType"));
);
// Act // Act
var allowed = await authorizationService.AuthorizeAsync(user, null, "Any"); var allowed = await authorizationService.AuthorizeAsync(user, null, "Any");