92185a1c27
React to string[] -> StringValues changes.
2015-08-28 14:16:49 -07:00
d5e27bf546
#278 Validate the message, not the JWT.
2015-08-25 13:47:11 -07:00
7213b53554
#407 OIDC - Fail if the user-info subject does not match
2015-08-25 11:26:02 -07:00
86962ab12c
#278 Additional OIDC message validation.
2015-08-22 21:17:38 -07:00
a3f0ee3330
Add a shared dataprotection test for cookies
2015-08-12 14:10:42 -07:00
3294de14f4
Add DefaultPolicy support for AuthZ
2015-08-11 17:04:36 -07:00
b883920bef
Cookies now always redirects to Login/AccessDenied Paths
2015-08-11 16:50:20 -07:00
b1013ed976
Reacting to DI changes
2015-08-11 14:07:12 -07:00
f3e03fbf26
#396 React to CoreCLR Cryptography package changes, remove transitive dependencies.
2015-08-11 10:43:02 -07:00
2a204e473b
Update CoreCLR versions
2015-08-04 10:15:32 -07:00
b85db5e8c0
Reacting to namespace changes in identitypackages - beta7 update
2015-07-30 13:11:08 -07:00
bdab4d95fd
Using QueryHelpers helps avoid issue #365 .
2015-07-28 10:13:52 -07:00
5bb5662e74
Remove sync AuthZ APIs
2015-07-20 16:36:25 -07:00
5a2499eb22
Rename ExternalAuthenticationOptions => Shared
2015-07-16 12:43:03 -07:00
73d4440a25
API review: nuke notification namespaces
2015-07-16 11:56:48 -07:00
54128e8137
Add response_mode=query support for OpenID Connect
2015-07-15 18:36:21 +02:00
ab4ba794e5
Fix cookie bugs, Authenticate => HandleAuthenticate
2015-07-14 13:22:04 -07:00
5065835a05
Remove special cookie ajax redirect behavior
2015-07-14 13:19:25 -07:00
8d7f052cf4
Adding support for signing in using "code flow"
2015-07-14 11:51:16 -07:00
c6aa9371c7
Updating protocol.extensions package version from beta5 to beta6
2015-07-08 17:26:03 -07:00
efc35302e8
Switch to shared security helper
2015-07-08 15:01:09 -07:00
57031946d0
#214 Refactor OIDC state parameters.
2015-07-08 12:21:14 -07:00
039cc18e8b
Fix typo in project.json
2015-07-01 20:41:03 -07:00
0d71421c05
Add repository information to project files
2015-07-01 20:25:17 -07:00
61bbe4cf52
Set user in OAuthContext
2015-07-01 19:01:44 -07:00
9bb8b61146
Revisit OAuthAuthenticationHandler and add a new SaveTokensAsClaims option
2015-07-01 15:03:54 -07:00
6e67b1c9b1
Delete dead file
2015-07-01 14:38:29 -07:00
5e92de8009
Tweak SecurityHelper for MVC usage
2015-07-01 12:36:37 -07:00
b9f152ebb1
Cookie fixes
2015-07-01 11:55:06 -07:00
d7ce42dacc
Handle null in ticket serializer
2015-06-30 12:08:20 -07:00
78cf7f99ff
Fix base path issue with OAuthHandler
2015-06-29 10:43:43 -07:00
102f113e2b
Replace INonceCache by IDistributedCache
2015-06-27 01:08:27 +02:00
6ae37717e8
Delete super dead code
2015-06-25 19:47:11 -07:00
19d026268b
Move Correlation stuff to OAuthHandler
2015-06-25 19:40:34 -07:00
1ae4c24a5f
PR fixes
2015-06-25 19:27:06 -07:00
3a8ea672ea
AuthN and AuthZ API changes (Async, Challenge)
2015-06-25 17:19:27 -07:00
797e1287e3
Using [NotNull]
2015-06-19 09:19:51 -07:00
7fcbefc86f
Using 'nameof' operator instead of magic strings
2015-06-19 09:19:50 -07:00
ab3cc8bcc7
React to OnSendingHeaders rename.
2015-06-12 15:53:07 -07:00
c6230f5de2
Fix invalid challenge in CookieAuthenticationHandler.ApplyResponseChallenge
2015-06-05 12:19:25 -07:00
0b214a0e77
* Changing IdentityModel package versions to beta5
...
* Updating NuGet.config to pick up packages from AzureAD feed.
2015-06-02 16:17:49 -07:00
e54d088c46
Fix issue with 401->403 not working with AutomaticAuthentication
2015-05-22 14:48:24 -07:00
af2c524352
React to aspnet/Configuration #195,#198
2015-05-20 18:20:35 -07:00
468852550c
Tweak SecurityHelper.AddUserPrincipal logic
2015-05-12 15:49:49 -07:00
17deab142d
AuthZ: Sugar to make resource parameter optional
2015-05-12 13:57:23 -07:00
bb2e12a8e6
Add sugar for UseClaimsTransformation
2015-05-12 13:52:32 -07:00
96a0b3e459
Merge pull request #241 from hishamco/dev
...
Using [NotNull] and 'nameof' operator
2015-05-08 22:03:14 -07:00
071de85e04
React to Http namespace changes.
2015-05-07 14:10:59 -07:00
582f562bbb
Using [NotNull] and 'nameof' operator
2015-05-07 22:04:48 +03:00
e57440f92c
React to common package name change
2015-05-07 09:41:05 -07:00
3cc6739c3d
React to QueryString API change.
2015-05-06 16:17:34 -07:00
dbdabeb9d2
Delete old handlers
2015-05-06 14:24:58 -07:00
434d158c76
Support custom name and role claims
2015-05-06 14:24:20 -07:00
ce48c1fc7d
Move ClaimsIssuer to base AuthenticationOptions
...
Also step 1 of refactoring tests
2015-05-05 14:50:59 -07:00
6e7ec9b2fb
Cleanup cookies (moar var)
2015-05-01 17:00:06 -07:00
5cf0564484
Update LICENSE.txt and license header on files.
2015-05-01 14:00:05 -07:00
4a5e8e5dfe
Reacting to Logging Package rename
2015-04-29 19:09:52 -07:00
1283414499
React to Http.Interfaces package rename.
2015-04-29 15:46:47 -07:00
63fc18b945
React to auth feature API changes.
2015-04-24 09:57:49 -07:00
87c31c5526
Switch to IUrlEncoder, introduce AddAuthentication
2015-04-23 22:49:47 -07:00
30d350da26
Move logger to base handler and moar var
2015-04-22 12:23:54 -07:00
6072e3b1b8
#221 Remove unneeded dependencies around DataProtection.
2015-04-21 16:21:50 -07:00
99f3aa197f
#118 - Use common cookie header formatters.
2015-04-20 15:16:29 -07:00
a3b2d2c3eb
Handle Http.Core rename.
2015-04-16 15:58:45 -07:00
501bd4ff10
Merge https://github.com/brentschmaltz/Security
2015-04-16 12:26:42 -07:00
9ce84d39c2
React to http challenge changes
2015-04-15 11:21:32 -07:00
5e03a6c1ad
Fix incorrect handler delegation and update SignInScheme documentation
2015-04-13 23:20:24 +02:00
4a2a742ad5
Fix SecurityTokenValidated and rework the different OAuth2 Bearer middleware tests
2015-04-13 23:19:32 +02:00
e0694a21d8
Add serviceable attribute to projects.
...
aspnet/DNX#1600
2015-04-07 14:50:16 -07:00
440e782f8b
Update .xproj files for Microsoft.Web.AspNet.* -> Microsoft.DNX.* rename
2015-04-02 13:49:29 -07:00
1a37bf1747
Changing Wilson package versions to beta4
2015-03-31 10:34:44 -07:00
ffd2489f6c
Revert "Changing Wilson packages to beta4"
...
This reverts commit 101b719994
2015-03-30 19:11:44 -07:00
101b719994
Changing Wilson packages to beta4
2015-03-30 19:10:57 -07:00
4a5b9f6b6e
Add a description for the OpenIdConnect package
2015-03-23 21:34:26 -07:00
776593ec71
React to hosting changes
2015-03-19 11:04:33 -07:00
e2a8efbb64
Cleanup
...
Switch to logging interfaces reference
Tweak DenyAnonymous logic
Fixes https://github.com/aspnet/Security/issues/181
Fixes https://github.com/aspnet/Security/issues/169
2015-03-17 11:40:58 -07:00
7abccd8f22
React to Shared NotNull
2015-03-16 15:22:46 -07:00
14d1b467c6
ClaimsXform and RIP AutoAuthHandler
...
- Initial support for ClaimsTransformation
- merge automatic auth handler back into base
2015-03-16 15:14:44 -07:00
bd7f07052e
Using [NotNull] from the common package
2015-03-14 07:25:14 -07:00
f8c526c12d
Update .kproj => .xproj.
2015-03-11 14:04:40 -07:00
78406b411c
Remove config from AddAuthorization
2015-03-11 11:43:48 -07:00
b7c8af8503
Reading AuthenticationProperties from SignOutContext
...
This will enable users to set a specific redirect uri and call signout.
2015-03-09 19:48:04 -07:00
08fdd7ad30
Remove BOM from project.json, *.cmd, *.sh and *.shade files.
2015-03-09 12:59:01 -07:00
1bd605da5e
Update aspnet50/aspnetcore50 => dnx451/dnxcore50.
2015-03-08 12:56:09 -07:00
5e7f1d7eff
Add Configure overloads for Auth for config/name
2015-03-06 12:37:34 -08:00
ce8caf0b9a
Rename Microsoft.AspNet.Http.Interfaces => Microsoft.AspNet.Http
2015-03-05 17:13:43 -08:00
aacc00aaee
Move extension methods to proper namespaces
...
Also add sugar for OpenIdConnect
Fixes https://github.com/aspnet/Security/issues/107
Fixes https://github.com/aspnet/Security/issues/113
2015-03-05 16:04:57 -08:00
e2bb76280f
Support AccessDeniedPath for Cookie 403 redirection
...
Fixes https://github.com/aspnet/Security/issues/166
2015-03-05 15:01:44 -08:00
1459ca1edb
React to DI changes
2015-03-04 19:57:15 -08:00
329d826857
Logging API changes
2015-03-04 17:10:56 -08:00
0577454f13
Fix for OpenIdConnect
2015-03-03 15:40:54 -08:00
d890f49fc0
Fix sln and kproj
2015-03-02 17:43:59 -08:00
775eb5ece4
Split Security into AuthN/AuthZ
...
AuthenticationType -> Scheme
Move Active/Passive into AutomaticAuthenticationHandler
Security -> Authorization/Authentication assemblies
401-403 logic
Switch from ClaimsIdentity to ClaimsPrincipal
2015-03-02 15:33:52 -08:00
d864b72561
React to DataProtection rename
2015-02-25 17:23:11 -08:00
a15cb4ffe5
React to HttpRequest.IsSecure renaming
2015-02-17 11:08:12 -08:00
5094b85ac9
Latest AuthZ iteration
...
- Core Auth API now takes list of IAuthorizationRequirements, or policy
name.
- Overload that takes AuthorizationPolicy instance moved to extension
method.
- Remove HttpContext from API and replace with ClaimsPrincipal instead
- Add Operation requirement
- Add Sync overloads
- Add ClaimsTransformationOptions (TBD where to use this)
Fixes https://github.com/aspnet/Security/issues/132
Fixes https://github.com/aspnet/Security/issues/116
Fixes https://github.com/aspnet/Security/issues/11
Fixes https://github.com/aspnet/Security/issues/117
2015-02-16 15:04:10 -08:00
04c6b1f101
Adding necessary dependencies to OpenIdConnect directly
...
OpenIdconnect project is betting on the dependencies included by Microsoft.IdentityModel.Protocol.Extensions for the types that are referenced directly in this library but not used in Protocol.Extensions library.
This change is to enable Wilson clean up its unused dependencies.
2015-02-10 11:25:30 -08:00
bb2352c638
Remove build time deps and fixed formatting
2015-02-10 11:01:03 -08:00
74bb8e089d
Reacting to System.Dynamic.Runtime version changes
2015-02-06 09:55:22 -08:00
b17d718d27
Updating .kproj files
2015-02-04 14:24:28 -08:00
4e83a678c0
Creating authentication ticket by passing in a principal
...
This fixes bug : https://github.com/aspnet/Security/issues/144
2015-02-02 13:46:28 -08:00
3483842ab7
Rollback of setting Principal on AuthenticationTicket.
...
adjust formating of messages.
2015-01-28 10:27:55 -08:00
e04358f7f9
Missing resource file.
2015-01-27 09:58:47 -08:00
e5518e6fc2
ChallengeContext will be null with [Authorize] attribute
...
OpenIdConnect set Ticket.Principal, get identity from there.
2015-01-27 08:15:28 -08:00
ac03ad3edf
Handle HttpFeature rename
2015-01-18 20:55:49 -08:00
123065c0ae
Add some sugar for AuthZ
...
- Register passthrough handler by default
- AddPolicy overload that takesAction<AuthorizationPolicyBuilder>
- Chaining policy overloads/methods
- More fluent apis for PolicyBuilder
Fixes #122 , #114
2015-01-17 17:11:34 -08:00
c53394e847
Cleaning up comments and some TODOs.
2015-01-16 14:45:53 -08:00
cdbd003bb1
Adding token property to MessageReceivedNotification
2015-01-16 14:45:50 -08:00
de56109c16
Fixing Issue #120
2015-01-16 14:45:47 -08:00
4a635835af
Initial iteration of new Authorization Service
2015-01-15 23:37:35 -08:00
f7c502a9e6
Handle PipelineCore rename.
2015-01-15 13:57:07 -08:00
123e649ee2
* Removing transitive dependencies from project.json
...
* Fix casing for project.json
2015-01-15 07:54:10 -08:00
61bdaec1e2
Handle QueryBuilder namespace change.
2015-01-14 17:04:10 -08:00
38fb911afc
Clean up auth types, copywrite headers, file names, exceptions.
2015-01-14 15:13:24 -08:00
91242245f3
Fix directory casing, part 2.
2015-01-14 14:54:47 -08:00
8e6e7f9590
Fix directory casing, part1.
2015-01-14 14:53:51 -08:00
49e66f0311
Additions for OpenIdConnectMiddleware and OAuthBearer Beta1.
2015-01-14 14:50:45 -08:00
fbe80ee64e
Handle ReadFormAsync breaking changes.
2015-01-07 18:10:42 -08:00
e6218c0429
React to ReadFor breaking change.
2015-01-07 17:06:22 -08:00
fec32f6746
#82 - Improve error handling mechanics.
2015-01-07 10:05:26 -08:00
8b7d33baaf
#63 - Use the PathBase in the Cookie path by default.
2014-12-18 14:41:16 -08:00
fcf2f93aa3
Updating System.ObjectModel version that was copied incorrectly
2014-12-15 16:50:13 -08:00
20f21aa57f
Removing transitive dependencies from Microsoft.AspNet.Security.OAuth
2014-12-15 15:04:48 -08:00
184233af61
#79 : Remove cookie compression.
2014-12-05 10:40:46 -08:00
0a71973513
Add schema version to kproj files
2014-11-25 11:03:55 -08:00
0fee3c87a0
#85 - Update the targeted Facebook API version to v2.2.
2014-11-14 15:05:31 -08:00
ee162013a5
Update KProj to the latest format
2014-11-12 15:33:16 -08:00
6aed946a63
Merge branch 'release' into dev
2014-10-31 02:12:01 -07:00
a5bd9d29e5
Added package descriptions
2014-10-31 02:11:42 -07:00
2934bb866d
Removing transitive dependencies from project.json
2014-10-29 11:23:57 -07:00
fb51830598
Merge branch 'release' into dev
2014-10-29 11:04:28 -07:00
edefdf6b2f
Updating Newtonsoft.json version to 6.0.6
2014-10-29 10:32:37 -07:00
a492b8fcbd
#84 - Fix regression with OAuth Notifications.
2014-10-27 16:01:31 -07:00
95f19407fc
#74 - Clean up data protection provider helper.
2014-10-21 14:01:25 -07:00
89ade800c4
Update Claims dependency.
2014-10-17 09:49:04 -07:00
78f472fd20
Switch to automatically ensure request services
2014-10-16 11:14:07 -07:00
45836c8041
Update UseMiddleware dependencies.
2014-10-15 15:56:08 -07:00
84dfcf5258
React to Options and Hosting changes
2014-10-14 19:14:54 -07:00
6965a66f18
#59 - Use Task.GetAwaiter().GetResult() instead of Task.Result.
2014-10-13 14:26:24 -07:00
3e88f44552
#69 - Properly delete Twitter state cookie.
2014-10-13 11:13:24 -07:00
2e65a40555
Update Security to account for DataProtector API changes.
2014-10-10 12:21:08 -07:00
9e2f992479
Removing version from framework assemblies node
2014-10-10 10:57:33 -07:00
d598b83e33
Reacting to CLR package versioning changes
2014-10-10 10:34:22 -07:00
4853554147
#39 - Port the OAuth Bearer middleware from Katana.
2014-10-09 09:04:24 -07:00
3426034bcb
Use DI activated options for auth middlewares
...
UseXXX() now use DI activated options
Use ExternalAuthenticationOptions instead of DefaultSignInAs
2014-10-08 13:02:08 -07:00
23c024ef41
Fixup references
2014-10-05 12:26:17 -07:00
0f9ac1f84f
#52 - Set a default user-agent for the OAuth backchannel.
2014-10-02 12:05:35 -07:00
43cdd54c16
Removing declaration expressions
2014-10-01 14:47:27 -07:00
35ad3ec7bb
Code cleanup.
2014-09-15 09:35:55 -07:00
07b3fe2135
#32 - Port comment and flow cleanup from Katana.
2014-09-12 14:42:55 -07:00
Chris R
Hao Kung
Pranav K
Troy Dai
unknown
bchavez
Kévin Chalet
unknown
Victor Hurdugaci
Hisham Abdullah Bin Ateya
Kirthi Krishnamraju
Eilon Lipton
N. Taylor Mullen
Brennan
Doug Bunting
Praburaj
Levi B
David Fowler
BrentSchmaltz
Stephen Halter