* Allow extensibility of DefaultAuthorizationService
When only a small behavior change of the `DefaultAuthorizationService` is wanted, it would be nice if you could override its methods and building upon them rather than having a copy-paste of the class in your codebase.
Inside the `override` methods in your inherited class you could call the `base` method to reuse parts of its logic.
Please refer to https://github.com/dotnet/aspnetcore/issues/23094 for the usecase.
* updated ref assembly
* nit: Remove useless `$(HasReferenceAssembly)` settings
- set in /Directory.Build.targets
- `true` only in `$(IsAspNetCoreApp)` projects
* nit: Remove useless `$(CompileUsingReferenceAssemblies)` settings
- no current versioning differences between ref/ and src/ assemblies when targeting default TFM
* Add more `$(GenerateDocumentationFile)` settings
- increases the number of generated doc files, mostly without problems
- !fixup! correct typo in `DebugProxyHost` doc comments
- was not generating a doc file before
- remove previous (ineffective) src/Components/Directory.Build.targets setting
- nit: remove a duplicate `$(GenerateDocumentationFile)` setting
* nit: Remove useless `$(IsPackable)` settings
- only analyzers and implementation projects are packable by default
- main use case for explicit setting is projects shipping only in shared framework
- conditional setting in src/Mvc/Directory.Build.props just subset logic in /Directory.Build.targets
* nit: Remove useless `$(IsProjectReferenceProvider)` settings
- only implementation projects are providers by default
* nit: Remove useless `$(IsTestAssetProject)` settings
- set in src/Mvc/test/WebSites/Directory.Build.props
* !fixup! Looks like `InProcessNewShimWebSite` must compile w/o ref/ assemblies
- restore `$(CompileUsingReferenceAssemblies)` in this one project
* Remove extra `[SkipOnHelix]` attribute
- only need the one compiled into Microsoft.AspNetCore.Testing
- update the documentation to reflect this
- nit: address Markdown warnings that VS Code showed
* Add `SuccessfulTests` to ensure something runs in every non-Helix runs
- #22241
- cleans up hundreds of warnings but leaves a couple for the Blazor tests assembly
- see comments about xUnit runner command line in the new class
* Clean up logs for Negotiate Authentication and Authorization
* Add missing arg in NegotiateLoggingExtensions.cs
* Adjust formatting
* Remaining text changes
* Update src/Security/Authentication/Negotiate/src/Internal/NegotiateLoggingExtensions.cs
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Update src/Security/Authentication/Negotiate/src/Internal/NegotiateLoggingExtensions.cs
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Update src/Security/Authentication/Negotiate/src/NegotiateHandler.cs
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Update src/Security/Authentication/Negotiate/src/Internal/NegotiateLoggingExtensions.cs
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Apply changes to feedback committed
* Update logger call to refactored name
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
Co-authored-by: Giuseppe Campanelli <campanelli_g@yahoo.com>
* Add overloads to CookieAuthentication to config options with services
* Update reference assembly
* Use the new method in sampple
* Add overloads for other authentication providers
* Update ref assemblies
* Change IServiceProvider to TService
* Add HeaderNames.XRequestedWith = "X-Requested-With"
X-Requested-With is the standard for differentiating AJAX requests and is commonly used. Having this in HeaderNames would prevent typos related to typing this header name. I couldn't find any rationale about excluding this but there might be legitimate reasons like discouraging the use of HTTP headers or differentiating AJAX requests, etc. Please reject this if that's the case.
* Replace "X-Requested-With" references with HeaderNames.XRequestedWith
The only remaining instance is WebSocketsTransport.cs in
SignalR\clients\csharp\Http.Connections.Client which doesn't have
Microsoft.Net in its references. I didn't want to impose a new
dependency as its risky.
* Fix the order of using statements
* Add XRequestedWith to the ref assembly
Fixes: #18471
AddAuthorizationCore previously assumed that options were already
registered. This isn't the case in 5.0 in Blazor WASM.
We don't want Blazor to register options in the default host because it
prevents options from being linked out.
note: we will have some remaining work for this issue after this change
is merged. The Blazor WASM hosting changes haven't landed in master yet,
so we'll need to update that code to remove options from the host.
- Multi-target ObjectPool
- Move Embedded.Manifest.Task.Internal.Entry to the public namespace
- Remove ref assemblies from AspNetCore.Testing
- Skip TestPathUtilitiesTest since it's a pattern we want to migrate away from
- Fix FileProviders.Abstractions version in Embedded.*.nuspec
- Add workarounds for project references to FileProviders.Embedded
- change ref/ projects to build only the default TFM during source builds
- avoid errors restoring packages like Microsoft.BCL.AsyncInterfaces
- may also speed up source builds slightly
* Mark AspNetCore projects that aren't packaged explicitly
- avoid NU5104 warnings due to confusing versioning
- `$(IsShippingPackage)` was semantically incorrect in any case
* Remove redundant `$(IsShippingPackage)` settings in `$(IsAspNetCoreApp)` projects
- default is `true` for all implementation projects
* Use `$(IsPackable)` when deciding how `$(IsAspNetCoreApp)` projects are handled
- remove all use of `$(IsShippingPackage)` for shared framework composition
- update documentation to match these changes
nits:
- remove odd default for `$(IsPackable)` in Directory.Build.targets
- no longer relevant since all `$(IsAspNetCoreApp)` projects are `$(IsShippingPackage)` too
- include more information in docs/ProjectProperties.md
* Add direct System.Text.Json references
- avoid MSB3277 warnings
* Added a new property, ValidateCertificateChain
This aligns the code with README.md, and enables chained certificate authentication to work in Azure App Service (which won't have the client certificate's root in its trust store)
* Updated reference assemblies
New ValidateCertificateChain property was missing from /ref - hadn't updated it, so automatic test was failing
* Replaced the broad property which disables certificate chain validation with a granular list of trusted issuers
Also updated documentation to remove the unused property and to indicate that it isn't possible to validate half of the chain from the OS' trust store, and half from the private root store
* Swapped property access for an AddRange call
* Updated reference assembly
* Added certificate tests
Three test cases:
- Untrusted client certificate should fail, as it does now.
- Client certificate which is part of a chain with an untrusted root but a trusted issuer should fail, since the chain as a whole isn't trusted.
- Client certificate which is part of a fully-trusted chain should pass.
Also noticed that there were a couple of issues in CreateServer, where the certificate revocation flags weren't being set properly.
Finally, the csproj was referring to a folder name ("test\Certificates") which didn't exist. It looks like the folder was renamed to "TestCertificates", so I've update the project to match.
* Update Microsoft.AspNetCore.Authentication.Certificate.netcoreapp.cs
* Reverting change of Tests csproj, which was blocking certificate tests
* Forgot to add certificates to the shared source root, so tests were failing
* Updating following code review
Replaced custom logic with a new ChainTrustValidationMode property. Updated reference assemblies
* Changed tests to account for new property
* Updated certificates for PR tests
* Updated certificates
Updating all new certificates to avoid using the alternate signature algorithm
* Dummy checkin
Compilation errors coming from CertificateTests.cs, performing this checkin to test whether or not they're limited to a specific build.
* Following up typo corrections
Commit 116799fa70 in upstream repo changed a variable name, causing compile errors on PR build. Fixing that
Co-authored-by: Hao Kung <HaoK@users.noreply.github.com>
Hao Kung
Kevin Pilch
Pranav K
Kahbazi
Hans Bakker
Ajay Bhargav B
Doug Bunting
John Luo
Smit Patel
Chris Ross
Giuseppe Campanelli
Dawid Szmidka
Justin Kotalik
Christian Wenz
Christian Wenz
Andrew Stanton-Nurse
Kevin Pilch
huysentruitw
Roman Marusyk
Patrick Goode
Sedat Kapanoglu
Ryan Nowak
Brennan Conroy
Stephen Halter
Edward Neal
James Newton-King
Maher Jendoubi