Merge pull request #1947 from dotnet-maestro-bot/merge/release/2.2-to-master
[automated] Merge branch 'release/2.2' => 'master'
This commit is contained in:
commit
fcc02103aa
|
|
@ -258,8 +258,9 @@ namespace Microsoft.AspNetCore.Identity
|
||||||
/// <param name="securityStamp">The expected security stamp value.</param>
|
/// <param name="securityStamp">The expected security stamp value.</param>
|
||||||
/// <returns>True if the stamp matches the persisted value, otherwise it will return false.</returns>
|
/// <returns>True if the stamp matches the persisted value, otherwise it will return false.</returns>
|
||||||
public virtual async Task<bool> ValidateSecurityStampAsync(TUser user, string securityStamp)
|
public virtual async Task<bool> ValidateSecurityStampAsync(TUser user, string securityStamp)
|
||||||
=> user != null && UserManager.SupportsUserSecurityStamp
|
=> user != null &&
|
||||||
&& securityStamp == await UserManager.GetSecurityStampAsync(user);
|
// Only validate the security stamp if the store supports it
|
||||||
|
(!UserManager.SupportsUserSecurityStamp || securityStamp == await UserManager.GetSecurityStampAsync(user));
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Attempts to sign in the specified <paramref name="user"/> and <paramref name="password"/> combination
|
/// Attempts to sign in the specified <paramref name="user"/> and <paramref name="password"/> combination
|
||||||
|
|
|
||||||
|
|
@ -104,7 +104,7 @@ namespace Microsoft.AspNetCore.Identity.Test
|
||||||
contextAccessor.Setup(a => a.HttpContext).Returns(httpContext.Object);
|
contextAccessor.Setup(a => a.HttpContext).Returns(httpContext.Object);
|
||||||
var signInManager = new Mock<SignInManager<PocoUser>>(userManager.Object,
|
var signInManager = new Mock<SignInManager<PocoUser>>(userManager.Object,
|
||||||
contextAccessor.Object, claimsManager.Object, identityOptions.Object, null, new Mock<IAuthenticationSchemeProvider>().Object);
|
contextAccessor.Object, claimsManager.Object, identityOptions.Object, null, new Mock<IAuthenticationSchemeProvider>().Object);
|
||||||
signInManager.Setup(s => s.ValidateSecurityStampAsync(It.IsAny<ClaimsPrincipal>())).ReturnsAsync(shouldStampValidate ? user : default(PocoUser)).Verifiable();
|
signInManager.Setup(s => s.ValidateSecurityStampAsync(It.IsAny<ClaimsPrincipal>())).ReturnsAsync(shouldStampValidate ? user : default).Verifiable();
|
||||||
|
|
||||||
if (shouldStampValidate)
|
if (shouldStampValidate)
|
||||||
{
|
{
|
||||||
|
|
@ -147,6 +147,50 @@ namespace Microsoft.AspNetCore.Identity.Test
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task OnValidateIdentityAcceptsWhenStoreDoesNotSupportSecurityStamp()
|
||||||
|
{
|
||||||
|
var user = new PocoUser("test");
|
||||||
|
var httpContext = new Mock<HttpContext>();
|
||||||
|
|
||||||
|
|
||||||
|
var userManager = MockHelpers.MockUserManager<PocoUser>();
|
||||||
|
|
||||||
|
var claimsManager = new Mock<IUserClaimsPrincipalFactory<PocoUser>>();
|
||||||
|
var identityOptions = new Mock<IOptions<IdentityOptions>>();
|
||||||
|
identityOptions.Setup(a => a.Value).Returns(new IdentityOptions());
|
||||||
|
var options = new Mock<IOptions<SecurityStampValidatorOptions>>();
|
||||||
|
options.Setup(a => a.Value).Returns(new SecurityStampValidatorOptions { ValidationInterval = TimeSpan.Zero });
|
||||||
|
var contextAccessor = new Mock<IHttpContextAccessor>();
|
||||||
|
contextAccessor.Setup(a => a.HttpContext).Returns(httpContext.Object);
|
||||||
|
var signInManager = new SignInManager<PocoUser>(userManager.Object,
|
||||||
|
contextAccessor.Object, claimsManager.Object, identityOptions.Object, null, new Mock<IAuthenticationSchemeProvider>().Object);
|
||||||
|
userManager.Setup(u => u.GetUserAsync(It.IsAny<ClaimsPrincipal>())).ReturnsAsync(user).Verifiable();
|
||||||
|
claimsManager.Setup(c => c.CreateAsync(user)).ReturnsAsync(new ClaimsPrincipal()).Verifiable();
|
||||||
|
|
||||||
|
var services = new ServiceCollection();
|
||||||
|
services.AddSingleton(options.Object);
|
||||||
|
services.AddSingleton(signInManager);
|
||||||
|
services.AddSingleton<ISecurityStampValidator>(new SecurityStampValidator<PocoUser>(options.Object, signInManager, new SystemClock()));
|
||||||
|
httpContext.Setup(c => c.RequestServices).Returns(services.BuildServiceProvider());
|
||||||
|
|
||||||
|
var tid = new ClaimsIdentity(IdentityConstants.ApplicationScheme);
|
||||||
|
tid.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id));
|
||||||
|
var ticket = new AuthenticationTicket(new ClaimsPrincipal(tid),
|
||||||
|
new AuthenticationProperties { IssuedUtc = DateTimeOffset.UtcNow.AddSeconds(-1) },
|
||||||
|
IdentityConstants.ApplicationScheme);
|
||||||
|
|
||||||
|
var context = new CookieValidatePrincipalContext(httpContext.Object, new AuthenticationSchemeBuilder(IdentityConstants.ApplicationScheme) { HandlerType = typeof(NoopHandler) }.Build(), new CookieAuthenticationOptions(), ticket);
|
||||||
|
Assert.NotNull(context.Properties);
|
||||||
|
Assert.NotNull(context.Options);
|
||||||
|
Assert.NotNull(context.Principal);
|
||||||
|
await SecurityStampValidator.ValidatePrincipalAsync(context);
|
||||||
|
Assert.NotNull(context.Principal);
|
||||||
|
|
||||||
|
userManager.VerifyAll();
|
||||||
|
claimsManager.VerifyAll();
|
||||||
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public async Task OnValidateIdentityRejectsWhenNoIssuedUtc()
|
public async Task OnValidateIdentityRejectsWhenNoIssuedUtc()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue