Commit Graph

507 Commits

Author SHA1 Message Date
Nate McMaster 861026cd76 Remove redundant references 2017-01-05 18:16:07 -08:00
Nate McMaster ba8f85d972 Upgrade to VS 2017 2017-01-05 13:53:05 -08:00
Pranav K 7ab28ecdc6 Updating to 4.4 CoreFx packages 2016-12-14 14:47:31 -08:00
Chris R da4730a392 #1044 Revert "Auth: Always call prior handlers during Challenge"
This reverts commit e12838e38f.
2016-12-14 10:55:46 -08:00
Pranav K 46df38de68 Updating versions to 1.2.0-* 2016-11-09 14:19:34 -08:00
jacalvar 82c231efca Created public API baselines 2016-11-08 11:38:53 -08:00
Ryan Brandenburg 96c27fa393 Revert breaking parameter rename 2016-11-08 10:32:46 -08:00
Chris R 415055ebab #1007 Additional id_token validation 2016-11-07 12:33:49 -08:00
Chris R 0c815da523 #903 Ensure redirect uris can be generated 2016-11-04 10:51:03 -07:00
Pranav K 834718d1f9 Updating to RTM builds of IdentityModel packages 2016-11-02 14:43:57 -07:00
Kiran Challa e55e3b6f5a Updated Authentication's Base64UrlTextEncoder to use WebUtilities's Base64UrlTextEncoder logic 2016-11-01 12:22:42 -07:00
Kiran Challa 500201bdf7 Made ChunkingCookieManager's default chunk size public 2016-11-01 12:14:02 -07:00
Chris R 2d1c56ce5c #884 Honor OIDC's and Jwt's OnAuthenticationFailed HandleResponse() 2016-10-31 13:48:50 -07:00
Kévin Chalet 8fcbddc23b Update ClaimsHelper.AddClaimsToIdentity to infer the claim value type from the JSON token type (#1002) 2016-10-24 09:28:25 -07:00
Pranav K 3eab3ef013 Updating package that was missed 2016-10-13 14:00:21 -07:00
Pranav K 734d36b2d1 Update to latest CoreFx package 2016-10-13 13:59:39 -07:00
Pranav K f64c864911 Updating partner package versions 2016-10-03 14:28:05 -07:00
Troy Dai e09dd6d0b8 Fix #976: Break claims value in array into multiple claims (#996)
* Break claims value in array into multiple claims

* Review feedback 1
2016-09-29 16:21:26 -07:00
Adem Caglin ac773beffc Changed BuildChallengeUrl in order to accept AuthorizationEndpoint which contains query parameters (#992) 2016-09-29 13:24:24 -07:00
Troy Dai 0152691108 Cookie Auto: set properties back to ticket when using SessionStore (#995) 2016-09-28 14:25:02 -07:00
Troy Dai 28932a7795 Log the error inforamtion when redeem auth code 2016-09-23 13:10:17 -07:00
Troy Dai ddeef1f9ac Add prompt parameter to Google auth endpoint 2016-09-23 10:44:41 -07:00
Troy Dai 5aae7ded01 Update Twitter auth package description 2016-09-22 14:06:04 -07:00
Chris R 25f39dd0f5 #859 Discriminate between providers when sharing an auth cookie 2016-09-21 16:27:35 -07:00
Kiran Challa aa1fd5d89a Move ChunkingCookieManager to a separate Sources project 2016-09-21 12:25:41 -07:00
Hao Kung e12838e38f Auth: Always call prior handlers during Challenge 2016-09-21 11:20:41 -07:00
Hao Kung e8f55bdb13 Add Fail fast option for AuthZ 2016-09-15 16:12:54 -07:00
Pavel Krymets ce0ed3d237 Use TaskCache class from Microsoft.Extensions.TaskCache.Sources (#968)
Instead of Task.FromResult(0)
2016-09-08 10:01:53 -07:00
Troy Dai cbbec15d37 Ignore null ExpiresUtc property in RequestRefresh
Issue: https://github.com/aspnet/Security/issues/949
2016-08-26 14:55:36 -07:00
Troy Dai 3a5df89f1c Move a nullref check to base class 2016-08-26 08:56:48 -07:00
Troy Dai a79a0360c1 Update OpenIdConnectHandler 2016-08-26 08:56:48 -07:00
Troy Dai c5509fb594 Minor update in OpenIdConnectHandler and Options
1. Default post sign out uri to the root of the applciation;
2. Throw ArgumentNullException for null context in HandleSignOutAsync;
3. Guard null from Unprotected;
4. Clean up code
2016-08-26 08:56:48 -07:00
Troy Dai fa0a68a847 Fix xml comments error 2016-08-26 08:48:27 -07:00
Troy Dai 8f5c7aef57 Update tests 2016-08-26 08:47:56 -07:00
Troy Dai 26956c5ce1 Update OIDC signout flow
OIDC signout should return to CallbackPath then locally redirect to AuthProperties.RedirectUri
2016-08-25 15:23:12 -07:00
Hao Kung d291bb7c24 Add AuthZHandlerContextFactory 2016-08-19 17:04:09 -07:00
Hao Kung 6f15d616a8 Add IAuthorizationEvaluator 2016-08-19 17:04:09 -07:00
Troy Dai fb0a577dd1 Add comments to CookieAuthenticationHandler 2016-08-11 14:03:17 -07:00
Troy Dai 26a7c7016d Minor updates to CookieAuthenticationHandler and its tests
1. Remove unnecessary variable declaration.
2. Update test name to a more accurate description.
2016-08-11 10:15:07 -07:00
Troy Dai 4600451dc6 Allow absolute uri in authentication properties for cookie auth redirect 2016-08-11 08:48:47 -07:00
Troy Dai 97afe4acc8 Adjust the redirect URI precedence in cookie auth 2016-08-10 15:59:39 -07:00
Troy Dai 6a9f1f9887 Honor AuthenticationProperties.RedirectUri in CookieAuthenticationHandler 2016-08-10 15:59:39 -07:00
Troy Dai 74e5777435 Update comments 2016-08-05 22:00:37 -07:00
Troy Dai a344684d06 Use HandleAuthenticateOnceSafeAsync in Cookie auth 2016-08-05 15:27:37 -07:00
Troy Dai 926c7fab4b Use async-wait pattern in HandleAuthenticateOnceSafeAsync 2016-08-05 14:34:36 -07:00
Troy Dai 0314632696 JwtBearer Token: Catch exception during unauthorized flow 2016-08-05 12:11:33 -07:00
Christian Weiss 706566e253 Typo "Failed to retrived" -> "Failed to retrieve" 2016-08-04 18:02:09 +02:00
Hao Kung 2a6ab2be8c Add UpdateTokenValue API 2016-07-29 13:26:25 -07:00
Ryan Brandenburg c16fc06cb9 Modify warning about policy behavior (#924) 2016-07-28 16:55:08 -07:00
Troy Dai 763df65c14 Revise if-else order in RemoteAuthenticateHandler 2016-07-26 16:27:28 -07:00
Troy Dai 0e855b25a8 Update Google and Microsoft Account Handler exception message 2016-07-26 14:16:16 -07:00
Troy Dai 0d216d726a Minor fixes in RemoteAuthenticationHandler and FacebookHandler 2016-07-26 13:58:07 -07:00
Troy Dai 1c17bddc02 Update HandleRemoteCallbackAsync readability 2016-07-26 10:30:50 -07:00
Troy Dai 210c4b2061 Fix incorrect exception messages 2016-07-26 10:30:50 -07:00
Troy Dai 6f46bc94f8 Sort using statements 2016-07-26 10:30:50 -07:00
Troy Dai 5211f22f44 Update comment on HandleRemoteAuthenticateAsync 2016-07-26 10:30:50 -07:00
Troy Dai cd9e9fa498 Update comment on HandleRemoteAuthenticateAsync 2016-07-26 10:30:50 -07:00
Troy Dai 5de4816f59 Update the RemoteAuthenticationHandler error handling
1. Exeption will be still thrown from CreateTicketAsync to avoid breaking
change.
2. OAuthHandler won't try to capture the exception.
3. OAuthHandler will check if the AuthenticateTicket is null.
4. RemoteAuthenticationHandler's error handling flow is improved to cover
the exception thrown from HandleRemoteAuthenticateAsync. The exeption
thrown from it will go throw the user error handling logic, too.
2016-07-26 10:30:50 -07:00
Troy Dai 988bcc81ee Update comments for HandleRemoteAuthenticateAsync method 2016-07-26 10:30:50 -07:00
Troy Dai 312edaafb4 Handle back channel failure gracefully
1. Check the response states code. If it is out of 2XX range, compose a
readable message and throw in an exception.
2. Capture the exception in HandleRemoteAuthenticateAsync and translate
it into AuthenticateResult.
2016-07-26 10:30:50 -07:00
Troy Dai ecb3b90984 Undo change to the GoogleDefaults 2016-07-26 09:19:42 -07:00
Troy Dai eabdd45816 Improve code readability for Authentication.Google 2016-07-26 09:13:18 -07:00
Troy Dai 7b7da43fd8 Update comments in RemoteAuthenticationOptions 2016-07-25 20:33:12 -07:00
Ryan Brandenburg 651815c282 Remove OfType allocations (#906) 2016-07-25 16:31:27 -07:00
Derek 6cd46a5c10 Remote auth expiration fix (#893)
Remote auth expiration fix, and move ISystemClock to the base AuthenticationProperties
2016-07-19 15:18:42 -07:00
Troy Dai 4927ad6b74 Remove win32.cs 2016-07-14 16:24:56 -07:00
Troy Dai 5637e0c917 Remove unused using statements 2016-07-14 16:24:48 -07:00
Doug Bunting 792b316950 One build to rule them all
- well, at least VS and command-line builds will share output
- part of aspnet/Coherence-Signed#277
2016-07-07 12:40:05 -07:00
Kévin Chalet b4342b1604 Replace magic strings by the new constants introduced in IdentityModel 2016-06-17 10:43:24 -07:00
Pranav K d8d408638e Updating to dev versions
# Conflicts:
#	src/Microsoft.AspNetCore.Authentication.OAuth/project.json
#	src/Microsoft.AspNetCore.Authentication.Twitter/project.json
2016-06-16 11:31:40 -07:00
jacalvar 20316e276c Update Json.NET to 9.0.1 2016-06-15 15:19:11 -07:00
Hao Kung 666ad0fc3b Doc comment update 2016-06-13 14:10:43 -07:00
Hao Kung 34ee0212d0 Fix misc feedback 2016-06-10 15:37:08 -07:00
Barry Dorrans 38e89d498d Doc Comments 2016-06-09 16:15:09 -07:00
jacalvar e1495f5f32 Remove unncessary usings 2016-06-09 00:48:37 -07:00
jacalvar 933b374f3e Update Json.NET to 9.0.1-beta1 2016-06-06 21:26:53 -07:00
Pranav K bffbfc7f9e React to OpenId renames 2016-06-04 18:53:09 -07:00
Kévin Chalet 120021e8a3 Add a new IncludeErrorDetails option to prevent the JWT middleware from returning error/error_description 2016-06-03 22:46:00 +02:00
Hao Kung 35d0592701 Make AuthorizationHandler<TReq> async only 2016-06-03 13:26:16 -07:00
Kévin Chalet 56dca7e0bc Add a 'sid' check to the OIDC middleware to prevent unsolicited logout when possible 2016-06-02 12:21:17 -07:00
Chris R e299695974 #776 Show some JwtBearer errors in response headers 2016-06-01 07:10:16 -07:00
Hao Kung c257c9528f AuthZ: Combine needs to use policy provider
Fixes https://github.com/aspnet/Security/issues/841
2016-05-31 13:45:48 -07:00
Chris R 080447e9aa #780 Remove obsolete DateTime conversions 2016-05-27 15:29:40 -07:00
Chris R d6763bd77c #423 Support distributed sign-out. 2016-05-27 14:51:53 -07:00
John Luo e57e01d02c React to updated CoreCLR packages
https://github.com/aspnet/Coherence/issues/97
2016-05-26 18:25:05 -07:00
Chris R 2634fe318d #814 Rework CookieAuth for compat with CookiePolicy. 2016-05-26 14:20:15 -07:00
Chris R 59fc691f41 #667 #801 Handle authorize and forbid for redirecting handlers. 2016-05-23 10:50:50 -07:00
Hao Kung db7009531a Update google token endpoint to v4 2016-05-23 10:31:36 -07:00
Hao Kung bfbe7ec15d Update fb to v2.6 2016-05-23 10:31:36 -07:00
Pranav K 4c27df166b Revert "React to updated CoreCLR packages"
This reverts commit 621ccf889c.
2016-05-18 09:40:51 -07:00
John Luo 621ccf889c React to updated CoreCLR packages
https://github.com/aspnet/Coherence/issues/97
2016-05-17 14:34:03 -07:00
BrennanConroy 962a74c488 Add argument validation 2016-05-16 15:19:58 -07:00
Chris R 6294badd97 Use a shared CookieSecurePolicy. 2016-05-16 12:29:33 -07:00
BrennanConroy 1a99fad0c6 Rename AuthorizationContext 2016-05-16 09:30:33 -07:00
Chris R d814cef75a Merge branch 'release' into dev 2016-05-03 10:09:44 -07:00
Chris R 7645253420 #808 Update OIDC to v1.0 2016-05-03 09:39:36 -07:00
Pranav K cf75a0f793 Merge branch 'release' into dev 2016-05-02 14:57:21 -07:00
Pranav K f6cdb9faf9 Fix build warnings 2016-05-02 11:27:26 -07:00
Petr Onderka ba8c0c5018 Removed space from file name
This caused broken link in API reference
2016-04-28 15:40:59 -07:00
Chris R 0bce133ee4 #765 Retrieve the email address from Twitter. 2016-04-28 10:19:30 -07:00