Kahbazi
Chris Ross
parent
bd65275148
commit
f651fdf1f1
|
|
@ -15,6 +15,7 @@ namespace Microsoft.AspNetCore.Server.HttpSys
|
|||
{
|
||||
internal AuthenticationManager() { }
|
||||
public bool AllowAnonymous { get { throw null; } set { } }
|
||||
public bool AutomaticAuthentication { [System.Runtime.CompilerServices.CompilerGeneratedAttribute]get { throw null; } [System.Runtime.CompilerServices.CompilerGeneratedAttribute]set { } }
|
||||
public Microsoft.AspNetCore.Server.HttpSys.AuthenticationSchemes Schemes { get { throw null; } set { } }
|
||||
}
|
||||
[System.FlagsAttribute]
|
||||
|
|
|
|||
|
|
@ -45,12 +45,22 @@ namespace Microsoft.AspNetCore.Server.HttpSys
|
|||
}
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Indicates if anonymous requests will be surfaced to the application or challenged by the server.
|
||||
/// The default value is true.
|
||||
/// </summary>
|
||||
public bool AllowAnonymous
|
||||
{
|
||||
get { return _allowAnonymous; }
|
||||
set { _allowAnonymous = value; }
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// If true the server should set HttpContext.User. If false the server will only provide an
|
||||
/// identity when explicitly requested by the AuthenticationScheme. The default is true.
|
||||
/// </summary>
|
||||
public bool AutomaticAuthentication { get; set; } = true;
|
||||
|
||||
internal void SetUrlGroupSecurity(UrlGroup urlGroup)
|
||||
{
|
||||
Debug.Assert(_urlGroup == null, "SetUrlGroupSecurity called more than once.");
|
||||
|
|
|
|||
|
|
@ -85,7 +85,11 @@ namespace Microsoft.AspNetCore.Server.HttpSys
|
|||
_query = Request.QueryString;
|
||||
_rawTarget = Request.RawUrl;
|
||||
_scheme = Request.Scheme;
|
||||
_user = _requestContext.User;
|
||||
|
||||
if (requestContext.Server.Options.Authentication.AutomaticAuthentication)
|
||||
{
|
||||
_user = _requestContext.User;
|
||||
}
|
||||
|
||||
_responseStream = new ResponseStream(requestContext.Response.Body, OnResponseStart);
|
||||
_responseHeaders = Response.Headers;
|
||||
|
|
|
|||
|
|
@ -368,6 +368,38 @@ namespace Microsoft.AspNetCore.Server.HttpSys
|
|||
}
|
||||
}
|
||||
|
||||
[ConditionalTheory]
|
||||
[InlineData(AuthenticationSchemes.Negotiate)]
|
||||
[InlineData(AuthenticationSchemes.NTLM)]
|
||||
// [InlineData(AuthenticationSchemes.Digest)] // TODO: Not implemented
|
||||
// [InlineData(AuthenticationSchemes.Basic)] // Doesn't work with default creds
|
||||
[InlineData(AuthenticationSchemes.Negotiate | AuthenticationSchemes.NTLM | /* AuthenticationSchemes.Digest |*/ AuthenticationSchemes.Basic)]
|
||||
public async Task AuthTypes_DisableAutomaticAuthentication(AuthenticationSchemes authType)
|
||||
{
|
||||
using (var server = Utilities.CreateDynamicHost(out var address, options =>
|
||||
{
|
||||
options.Authentication.AutomaticAuthentication = false;
|
||||
options.Authentication.Schemes = authType;
|
||||
options.Authentication.AllowAnonymous = DenyAnoymous;
|
||||
},
|
||||
async httpContext =>
|
||||
{
|
||||
Assert.NotNull(httpContext.User);
|
||||
Assert.NotNull(httpContext.User.Identity);
|
||||
Assert.False(httpContext.User.Identity.IsAuthenticated);
|
||||
|
||||
var authenticateResult = await httpContext.AuthenticateAsync(HttpSysDefaults.AuthenticationScheme);
|
||||
|
||||
Assert.NotNull(authenticateResult.Principal);
|
||||
Assert.NotNull(authenticateResult.Principal.Identity);
|
||||
Assert.True(authenticateResult.Principal.Identity.IsAuthenticated);
|
||||
}))
|
||||
{
|
||||
var response = await SendRequestAsync(address, useDefaultCredentials: true);
|
||||
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
|
||||
}
|
||||
}
|
||||
|
||||
private async Task<HttpResponseMessage> SendRequestAsync(string uri, bool useDefaultCredentials = false)
|
||||
{
|
||||
HttpClientHandler handler = new HttpClientHandler();
|
||||
|
|
|
|||
Loading…
Reference in New Issue