React to security

This commit is contained in:
Hao Kung 2015-09-23 13:48:31 -07:00
parent ce88fe4f5e
commit fa9cba8a7a
5 changed files with 29 additions and 25 deletions

View File

@ -3,6 +3,7 @@ using System;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.Facebook; using Microsoft.AspNet.Authentication.Facebook;
using Microsoft.AspNet.Authentication.OAuth; using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.Identity; using Microsoft.AspNet.Identity;
@ -12,7 +13,7 @@ namespace MusicStore.Mocks.Facebook
{ {
internal class TestFacebookEvents internal class TestFacebookEvents
{ {
internal static Task OnAuthenticated(OAuthAuthenticatedContext context) internal static Task OnCreatingTicket(OAuthCreatingTicketContext context)
{ {
if (context.Principal != null) if (context.Principal != null)
{ {
@ -31,7 +32,7 @@ namespace MusicStore.Mocks.Facebook
return Task.FromResult(0); return Task.FromResult(0);
} }
internal static Task OnReturnEndpoint(OAuthReturnEndpointContext context) internal static Task OnSigningIn(SigningInContext context)
{ {
if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme) if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme)
{ {
@ -48,7 +49,7 @@ namespace MusicStore.Mocks.Facebook
return Task.FromResult(0); return Task.FromResult(0);
} }
internal static Task OnApplyRedirect(OAuthApplyRedirectContext context) internal static Task RedirectToAuthorizationEndpoint(OAuthRedirectToAuthorizationContext context)
{ {
context.Response.Redirect(context.RedirectUri + "&custom_redirect_uri=custom"); context.Response.Redirect(context.RedirectUri + "&custom_redirect_uri=custom");
return Task.FromResult(0); return Task.FromResult(0);

View File

@ -3,6 +3,7 @@ using System;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.Google; using Microsoft.AspNet.Authentication.Google;
using Microsoft.AspNet.Authentication.OAuth; using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.Identity; using Microsoft.AspNet.Identity;
@ -12,7 +13,7 @@ namespace MusicStore.Mocks.Google
{ {
internal class TestGoogleEvents internal class TestGoogleEvents
{ {
internal static Task OnAuthenticated(OAuthAuthenticatedContext context) internal static Task OnCreatingTicket(OAuthCreatingTicketContext context)
{ {
if (context.Principal != null) if (context.Principal != null)
{ {
@ -30,7 +31,7 @@ namespace MusicStore.Mocks.Google
return Task.FromResult(0); return Task.FromResult(0);
} }
internal static async Task OnReturnEndpoint(OAuthReturnEndpointContext context) internal static Task OnSigningIn(SigningInContext context)
{ {
if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme) if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme)
{ {
@ -44,10 +45,10 @@ namespace MusicStore.Mocks.Google
} }
} }
await Task.FromResult(0); return Task.FromResult(0);
} }
internal static Task OnApplyRedirect(OAuthApplyRedirectContext context) internal static Task RedirectToAuthorizationEndpoint(OAuthRedirectToAuthorizationContext context)
{ {
context.Response.Redirect(context.RedirectUri + "&custom_redirect_uri=custom"); context.Response.Redirect(context.RedirectUri + "&custom_redirect_uri=custom");
return Task.FromResult(0); return Task.FromResult(0);

View File

@ -3,6 +3,7 @@ using System;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.MicrosoftAccount; using Microsoft.AspNet.Authentication.MicrosoftAccount;
using Microsoft.AspNet.Authentication.OAuth; using Microsoft.AspNet.Authentication.OAuth;
using Microsoft.AspNet.Identity; using Microsoft.AspNet.Identity;
@ -12,7 +13,7 @@ namespace MusicStore.Mocks.MicrosoftAccount
{ {
internal class TestMicrosoftAccountEvents internal class TestMicrosoftAccountEvents
{ {
internal static Task OnAuthenticated(OAuthAuthenticatedContext context) internal static Task OnCreatingTicket(OAuthCreatingTicketContext context)
{ {
if (context.Principal != null) if (context.Principal != null)
{ {
@ -31,7 +32,7 @@ namespace MusicStore.Mocks.MicrosoftAccount
return Task.FromResult(0); return Task.FromResult(0);
} }
internal static Task OnReturnEndpoint(OAuthReturnEndpointContext context) internal static Task OnSigningIn(SigningInContext context)
{ {
if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme) if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme)
{ {
@ -48,7 +49,7 @@ namespace MusicStore.Mocks.MicrosoftAccount
return Task.FromResult(0); return Task.FromResult(0);
} }
internal static Task OnApplyRedirect(OAuthApplyRedirectContext context) internal static Task RedirectToAuthorizationEndpoint(OAuthRedirectToAuthorizationContext context)
{ {
context.Response.Redirect(context.RedirectUri + "&custom_redirect_uri=custom"); context.Response.Redirect(context.RedirectUri + "&custom_redirect_uri=custom");
return Task.FromResult(0); return Task.FromResult(0);

View File

@ -135,9 +135,9 @@ namespace MusicStore
options.AppSecret = "[AppSecret]"; options.AppSecret = "[AppSecret]";
options.Events = new OAuthEvents() options.Events = new OAuthEvents()
{ {
OnAuthenticated = TestFacebookEvents.OnAuthenticated, OnCreatingTicket = TestFacebookEvents.OnCreatingTicket,
OnReturnEndpoint = TestFacebookEvents.OnReturnEndpoint, OnSigningIn = TestFacebookEvents.OnSigningIn,
OnApplyRedirect = TestFacebookEvents.OnApplyRedirect OnRedirectToAuthorizationEndpoint = TestFacebookEvents.RedirectToAuthorizationEndpoint
}; };
options.BackchannelHttpHandler = new FacebookMockBackChannelHttpHandler(); options.BackchannelHttpHandler = new FacebookMockBackChannelHttpHandler();
options.StateDataFormat = new CustomStateDataFormat(); options.StateDataFormat = new CustomStateDataFormat();
@ -153,9 +153,9 @@ namespace MusicStore
options.AccessType = "offline"; options.AccessType = "offline";
options.Events = new OAuthEvents() options.Events = new OAuthEvents()
{ {
OnAuthenticated = TestGoogleEvents.OnAuthenticated, OnCreatingTicket = TestGoogleEvents.OnCreatingTicket,
OnReturnEndpoint = TestGoogleEvents.OnReturnEndpoint, OnSigningIn = TestGoogleEvents.OnSigningIn,
OnApplyRedirect = TestGoogleEvents.OnApplyRedirect OnRedirectToAuthorizationEndpoint = TestGoogleEvents.RedirectToAuthorizationEndpoint
}; };
options.StateDataFormat = new CustomStateDataFormat(); options.StateDataFormat = new CustomStateDataFormat();
options.BackchannelHttpHandler = new GoogleMockBackChannelHttpHandler(); options.BackchannelHttpHandler = new GoogleMockBackChannelHttpHandler();
@ -167,9 +167,9 @@ namespace MusicStore
options.ConsumerSecret = "[ConsumerSecret]"; options.ConsumerSecret = "[ConsumerSecret]";
options.Events = new TwitterEvents() options.Events = new TwitterEvents()
{ {
OnAuthenticated = TestTwitterEvents.OnAuthenticated, OnCreatingTicket = TestTwitterEvents.OnCreatingTicket,
OnReturnEndpoint = TestTwitterEvents.OnReturnEndpoint, OnSigningIn = TestTwitterEvents.OnSigningIn,
OnApplyRedirect = TestTwitterEvents.OnApplyRedirect OnRedirectToAuthorizationEndpoint = TestTwitterEvents.RedirectToAuthorizationEndpoint
}; };
options.StateDataFormat = new CustomTwitterStateDataFormat(); options.StateDataFormat = new CustomTwitterStateDataFormat();
options.BackchannelHttpHandler = new TwitterMockBackChannelHttpHandler(); options.BackchannelHttpHandler = new TwitterMockBackChannelHttpHandler();
@ -182,9 +182,9 @@ namespace MusicStore
options.ClientSecret = "[ClientSecret]"; options.ClientSecret = "[ClientSecret]";
options.Events = new OAuthEvents() options.Events = new OAuthEvents()
{ {
OnAuthenticated = TestMicrosoftAccountEvents.OnAuthenticated, OnCreatingTicket = TestMicrosoftAccountEvents.OnCreatingTicket,
OnReturnEndpoint = TestMicrosoftAccountEvents.OnReturnEndpoint, OnSigningIn = TestMicrosoftAccountEvents.OnSigningIn,
OnApplyRedirect = TestMicrosoftAccountEvents.OnApplyRedirect OnRedirectToAuthorizationEndpoint = TestMicrosoftAccountEvents.RedirectToAuthorizationEndpoint
}; };
options.BackchannelHttpHandler = new MicrosoftAccountMockBackChannelHandler(); options.BackchannelHttpHandler = new MicrosoftAccountMockBackChannelHandler();
options.StateDataFormat = new CustomStateDataFormat(); options.StateDataFormat = new CustomStateDataFormat();

View File

@ -2,6 +2,7 @@
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNet.Authentication;
using Microsoft.AspNet.Authentication.Twitter; using Microsoft.AspNet.Authentication.Twitter;
using Microsoft.AspNet.Identity; using Microsoft.AspNet.Identity;
using MusicStore.Mocks.Common; using MusicStore.Mocks.Common;
@ -10,7 +11,7 @@ namespace MusicStore.Mocks.Twitter
{ {
internal class TestTwitterEvents internal class TestTwitterEvents
{ {
internal static Task OnAuthenticated(TwitterAuthenticatedContext context) internal static Task OnCreatingTicket(TwitterCreatingTicketContext context)
{ {
if (context.Principal != null) if (context.Principal != null)
{ {
@ -24,7 +25,7 @@ namespace MusicStore.Mocks.Twitter
return Task.FromResult(0); return Task.FromResult(0);
} }
internal static Task OnReturnEndpoint(TwitterReturnEndpointContext context) internal static Task OnSigningIn(SigningInContext context)
{ {
if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme) if (context.Principal != null && context.SignInScheme == new IdentityCookieOptions().ExternalCookieAuthenticationScheme)
{ {
@ -41,7 +42,7 @@ namespace MusicStore.Mocks.Twitter
return Task.FromResult(0); return Task.FromResult(0);
} }
internal static Task OnApplyRedirect(TwitterApplyRedirectContext context) internal static Task RedirectToAuthorizationEndpoint(TwitterRedirectToAuthorizationEndpointContext context)
{ {
context.Response.Redirect(context.RedirectUri + "&custom_redirect_uri=custom"); context.Response.Redirect(context.RedirectUri + "&custom_redirect_uri=custom");
return Task.FromResult(0); return Task.FromResult(0);