8023d1eb02
Add serialization.primitives for Newtonsoft.Json
2016-04-14 13:52:39 -07:00
a41c578d88
Removing imports from src projects
2016-04-08 06:49:18 -07:00
5cd236c1b0
Guard against null ref
2016-04-01 14:16:49 -07:00
4d6ad51f8a
Add fallback logging for username in AuthZ
2016-03-31 13:09:32 -07:00
16a0482238
React to HttpAbstractions namespace changes
...
- aspnet/HttpAbstractions#549 and aspnet/HttpAbstractions#592
- clean up `using`s
2016-03-30 16:15:37 -07:00
4086d70628
Add comments to AddAuthentication extension methods
2016-03-28 15:44:15 -07:00
3f596108aa
#690 OIDC & JWT event refactoring.
2016-03-25 10:08:33 -07:00
6d4a80e747
[ Fixes #532 ] Replace hard-coded logging event ids with a class of consts
2016-03-24 07:11:53 -07:00
7ec3da701c
Reacting to CoreFx package changes
2016-03-23 16:15:16 -07:00
22d133cefa
Reacting to CoreCLR package changes
2016-03-22 14:51:18 -07:00
9361960b2f
React to HttpAbstractions change: No features in `.Internal` namespace
...
- see issue aspnet/HttpAbstractions#561 and pull aspnet/HttpAbstractions#589
2016-03-18 08:35:57 -07:00
81bf1c2096
Cleanup transitive dependencies
2016-03-17 22:23:23 -07:00
1a8d5317a9
Updated Json.Net version
2016-03-14 14:50:57 -07:00
f5c1c45db2
IClaimsTransofrmer updated to take ClaimsTransformationContext instead of ClaimsPrincipal in TransformAsync method. #718
2016-03-11 14:07:56 -08:00
4bfeba2a3c
Update project.json
...
@tratcher said :shipit:
2016-03-10 15:16:54 -08:00
d78f7edfc7
Fix package metadata
...
And also a few other Core-related renames.
2016-03-09 23:14:51 -08:00
a5fcddc0a8
#704 unregister auth handlers during unwind.
2016-03-09 09:45:59 -08:00
553e036d28
Add GivenName and Surname default claims to FacebookOptions
2016-03-09 11:04:11 +00:00
9dfe4d9699
Enabled xml doc generation
2016-03-04 15:49:20 -08:00
ef6dd41384
SaveTokens in OIDC
2016-03-04 12:55:32 -08:00
8645ca0dc5
Update MicrosoftAccount to use converged auth
...
-Updated MicrosoftAccountDefaults to use app model v2 & graph API
-Updated MicrosoftAccountHelper to extract user info from the user object
returned by the graph API
-Updated MicrosoftAccountMiddlewareTests accordingly
-Added the app model v2 client credentials to SocialSample/config.json
-Configured SocialSample to use SSL
Startup.cs
- Sorted namespaces
- Dropped openid scope from Microsoft-AccessToken
project.json
- Sorted dependencies
MicrosoftAccountHelper.cs
- Removed name claim transofmation
- renamed GetName, GetFirstName & GetLastName
2016-03-04 11:52:43 -08:00
94e0088eea
Added Company, Copyright and Product attributes to AssemblyInfo
2016-03-03 17:33:22 -08:00
ace166fa31
Save tokens in auth properties instead of claims
2016-03-03 12:50:46 -08:00
cedef4dcba
Fix build break
2016-03-03 06:39:15 -08:00
fbb628298c
Remove project name from output path
...
- aspnet/Coherence-Signed#187
- remove `<RootNamespace>` settings but maintain other unique aspects e.g. `<DnxInvisibleContent ... />`
- in a few cases, standardize on VS version `14.0` and not something more specific
2016-03-02 21:20:11 -08:00
b5300ad0e4
Update doc comments
2016-03-02 13:46:47 -08:00
e3979fd3fe
Transition to netstandard.
...
- dotnet5.X => netstandard1.y (where y = x-1).
- DNXCore50 => netstandardapp1.5.
- Applied the same changes to ifdefs.
2016-03-01 13:36:53 -08:00
9bbbe535f2
#690 Enable custom OIDC authorization code redemption.
2016-02-19 15:07:25 -08:00
34bc9c52e1
#456 Unify OIDC Code/IdToken/Hybride flows.
2016-02-08 12:06:13 -08:00
bbcabc0212
Move GenerateCorrelationId and ValidateCorrelationId to RemoteAuthenticationHandler
2016-02-08 11:37:49 -08:00
bafb097e9f
Update to new CLI.
...
- Added appropriate imports/net core platform libraries.
2016-02-06 19:51:50 -08:00
c2194ea99d
Updated Json.Net versions
2016-02-05 10:21:39 -08:00
e00453af4d
Ensure scope has no duplicates
2016-02-04 09:08:03 +00:00
e737f3207e
Remove username from Facebook
...
Add default fields for Facebook
Remove default fields except name and email
Add all the core fields for Facebook
Fix location and field uniqueness
2016-02-02 11:58:08 -08:00
80dc5759cc
Async overloads for AuthZ RequireAssertion
2016-01-28 12:48:00 -08:00
a80c5e6d85
#614 Standardize the pattern for scope defaults.
2016-01-27 15:26:32 -08:00
297c72aa21
React to Logging API changes
2016-01-27 14:42:56 -08:00
00ceeb0262
Add IAuthorizationPolicyProvider support
2016-01-27 13:36:53 -08:00
9c41eb958e
React to IdentityModel breaking change.
2016-01-26 14:28:49 -08:00
a1aeb4313e
Remove unused dependency
...
- The authorization stack doesn't depend on AspNetCore at all really
2016-01-24 23:57:17 -08:00
0c6a805405
#632 Save twitters access token secret as a claim.
2016-01-24 18:45:04 -08:00
38de3d6013
#526 Change from storing expires_in to calculating expires_at.
2016-01-24 18:45:02 -08:00
a5b288897d
Update ASP.NET 5 versions for ASP.NET Core.
...
See https://github.com/aspnet/Announcements/issues/144 for more information.
2016-01-22 12:39:16 -08:00
c0d587e7c2
Rename AspNet 5 file contents.
...
See https://github.com/aspnet/Announcements/issues/144 for more information.
2016-01-22 12:35:47 -08:00
ba757d7a45
Rename AspNet 5 folders and files.
...
See https://github.com/aspnet/Announcements/issues/144 for more information.
2016-01-22 12:16:26 -08:00
de2cb12f5c
OIDC cleanup
2016-01-21 17:14:15 -08:00
2e1a8b31cd
Rename Delegate => AssertionRequirement
...
And moar sugar...
2016-01-15 14:47:33 -08:00
417ca6cbe3
Updating to new options pattern
2016-01-08 16:53:31 -08:00
990e412326
Actually fix the AssemblyInfo
2016-01-08 14:47:40 -08:00
f4aafe04e0
Replace Microsoft.Owin.Security.Cookies.Interop by Microsoft.Owin.Security.Interop
2016-01-08 13:43:43 -08:00
5bcc1bfc26
Also refresh expires/Issues when renewing cookie
2016-01-08 13:22:55 -08:00
7a23028527
Switch to AuthenticationTicket in OAuth event
2016-01-05 15:46:58 -08:00
2a939287bc
Merge pull request #636 from npnelson/dev
...
Fix Typo in a Log Message
2016-01-05 15:27:47 -08:00
3257a82367
Expose AuthenticationProperties in events
2016-01-05 14:32:31 -08:00
f195ed3bab
Allow value type resources for AuthZ
2016-01-04 13:30:40 -08:00
74961cac49
fix typo in log message HttContext.User merged...=>HttpContext.User merged
2015-12-30 16:50:42 -05:00
9bf861307c
Rework the empty or space only filtering in Roles and Schemes
2015-12-30 12:04:00 +01:00
9a5da5861b
Fix coding style and handle case where empty roles & schemes are empty
2015-12-28 23:57:42 +01:00
6850e3b3b6
Fix missing Trim in Roles and Schemes split
2015-12-28 14:47:15 +01:00
2d21b72561
Adding back middleware initialization with options instance.
2015-12-23 15:26:41 -08:00
5837ce160a
Stardardizing middleware to use ConfigureOption lambda
2015-12-22 21:34:52 -08:00
84279c07cf
OptionsModel => Options rename
2015-12-21 15:02:14 -08:00
e4df43611d
React to IdentityModel namespace changes.
2015-12-20 19:44:21 -08:00
0623f3b741
#555 Make SkipToNextMiddleware work on events.
2015-12-09 15:26:47 -08:00
4c1943b281
Reacting to verbose rename
2015-12-07 14:28:28 -08:00
f24c35f1a9
Promote SaveTokensAsClaims to RemoteAuthOptions
2015-12-07 13:37:56 -08:00
3d8886a064
#566 Update Google token endpoint.
2015-12-03 10:43:31 -08:00
92c479869b
#600 Update the Twitter AuthenticationEndpoint
2015-12-02 11:51:43 -08:00
a18181d363
#565 Update facebook APIs to v2.5.
2015-12-02 10:43:17 -08:00
b81f947042
Remove unused references
2015-12-01 10:55:47 -08:00
0db9a16c91
Use the newest build of OpenIdConnect packages cloned to AspNet feeds.
...
Fixes #576
2015-12-01 10:38:42 -08:00
4cf32eb678
#411 Handle validation failures from ValidateToken.
2015-11-30 11:56:57 -08:00
620622f260
Include error_desc/error_uri as well for OAuth
2015-11-19 15:06:20 -08:00
de107ffe61
Cookies now defaults to AutomaticAuthenticate true again
2015-11-13 11:27:39 -08:00
b05f8771ae
Removed comment
2015-11-12 15:23:30 -08:00
d6cdb4bbfe
Remove System beta tag in project.json for coreclr packages.
2015-11-12 12:24:08 -08:00
8a23efebf2
Merge branch 'release' into dev
2015-11-05 11:51:33 -08:00
bcb02a06ef
Update IdentityModel dependencies to strong named version.
2015-11-05 11:50:33 -08:00
dc6e916bd4
Cookies Forbid now includes ReturnUrl
2015-11-04 13:54:37 -08:00
238fdf24e8
Further improve error handling for OAuth providers
2015-11-03 12:37:35 -08:00
a363368dc8
Strong name everything.
2015-11-03 12:29:44 -08:00
e9d2c53ebc
React to IRequestCookieCollection changes.
2015-11-02 15:56:49 -08:00
c71c7a3810
Reacting to RequestDelegate namespace change
2015-10-30 14:14:34 -07:00
1a59b385a0
React to WebEncoders changes.
2015-10-30 11:39:39 -07:00
57a64298c0
#485 OIDC RequireHttpsMetadata
2015-10-23 15:33:48 -07:00
9c9cf3d314
React to break change in StringValues
2015-10-23 15:13:30 -07:00
204ab0b860
Fix build break
2015-10-23 14:56:17 -07:00
1d2c6ba122
Cookies no longer redirects for AJAX requests
2015-10-23 14:39:42 -07:00
35b7248734
#455 Remove RedirectUri from OIDC, use CallbackPath.
2015-10-22 14:56:15 -07:00
5566433686
Switching to generations TFMs
2015-10-22 00:35:50 -07:00
0eaec216b1
AuthZ API review changes
2015-10-21 16:45:20 -07:00
7dfac2fd78
Add assembly info for new project
2015-10-21 15:23:39 -07:00
e72a563902
Add initial Owin Security cookie interop package
2015-10-21 15:19:16 -07:00
defc9faac0
Don't call resource handlers without required resource
2015-10-21 13:18:05 -07:00
ef61b14d6a
#501 Replace OpenIdConnectTokenEndpointResponse with an OpenIdConnectMessage
2015-10-21 12:26:01 -07:00
00c81d41aa
Use fixed version of OpenIdConnect
2015-10-21 11:24:10 -07:00
2b259e8b99
Remove deprecated AddCookieAuthentication methods
2015-10-20 13:56:40 -07:00
e0464c9508
Add some basic logging to AuthZ/N
2015-10-20 13:47:59 -07:00
fd54c5af21
Add lots of missing doc comments.
...
Also did some minor renames to match extension method patterns.
2015-10-19 13:02:05 -07:00
0f78135f5d
Moving AllowAnonymous attribute from MVC
2015-10-19 11:02:20 -07:00
121e6891e7
Remove log codes from exception/log messages; don't localize logs
...
https://github.com/aspnet/Security/issues/414 and
https://github.com/aspnet/Security/issues/418
Also started putting in event ids for logs.
2015-10-17 16:50:16 -07:00
c14119b612
#263 Consume ITlsTokenBindingFeature in CookieAuthMiddleware.
2015-10-16 16:31:58 -07:00
f588677bb4
#506 Update to Rc1 IdentityModel, update ValidateUserInfoEndpointResponse.
2015-10-16 12:11:54 -07:00
3c925fc4bf
Fix package descriptions with proper casing
...
#468
2015-10-15 22:30:11 -07:00
8359038927
Address remaining PR feedback + misc cleanup
2015-10-15 16:51:12 -07:00
409b50269a
Add RemoteAuthenticationHandler base/error handling logic
2015-10-14 23:08:43 -07:00
6c529eae7a
Renaming Microsoft.Framework.* -> Microsoft.Extensions.*
2015-10-03 15:44:47 -07:00
6ed7d1f3c0
Replace NotNullAttribute with thrown exceptions
2015-09-29 09:35:27 -07:00
78cf065b88
#493 Upate to IdentityModel beta8 dependencies.
2015-09-28 18:25:13 -07:00
852f44a369
Rename JwtBearer events
2015-09-24 14:53:31 -07:00
966fa6672f
#147 Make OIDC UseTokenLifetime false by default.
2015-09-24 10:18:04 -07:00
8c1cb911f2
Refactor TicketSerializer/PropertiesSerializer and add ClaimsIdentity.Actor/Claim.Properties support
2015-09-24 10:08:22 -07:00
e091bceaa8
Caption => DisplayName
2015-09-23 15:02:03 -07:00
742b96d18c
Port SaveTokensAsClaims to the OpenID Connect middleware and automatically flow id_token_hint on logout requests
2015-09-23 14:33:30 -07:00
1ef66c9c11
Fix stuff
2015-09-22 16:48:50 -07:00
a55a372476
Add period
2015-09-22 16:21:40 -07:00
644a4002a9
Rename back to jwtBearer
2015-09-22 14:09:41 -07:00
b189475551
Split cookie events
2015-09-21 17:12:21 -07:00
fec3002fff
Renames
2015-09-21 16:32:14 -07:00
59ccbdd8ca
Fix stuff
2015-09-21 14:56:05 -07:00
081577e4f4
Remove usage IOptions from middleware ctors
2015-09-18 12:24:33 -07:00
5cc1fea400
Add CookiePolicy Middleware
2015-09-17 15:37:15 -07:00
1c0768fb71
#372 Flow mutable event state.
...
#358 Add a UserInformationReceived event.
#327 Add AuthenticationCompleted event.
#340 Split the Redirect event for Authentication and SignOut.
Rename OnAuthorizationCodeRedeemed to OnTokenResponseReceived.
Move IdTokenReceived to AuthorizationResponseReceived.
Rename IdTokenValidated to AuthenticationValidated.
2015-09-16 14:31:36 -07:00
ee2d263223
#434 Remove the nonce cache.
2015-09-15 09:13:26 -07:00
e8090a3176
Remove authentication from names, async events
2015-09-14 14:54:51 -07:00
0f06b6a09a
Adding NeutralResourcesLanguageAttribute
2015-09-10 18:31:59 -07:00
2982d743d8
#443 Remove custom certificate validators.
2015-09-10 08:41:08 -07:00
ebcad24307
#404 Verify state via independent cookie.
2015-09-09 12:16:22 -07:00
9f7a723843
#390 Make the nonce cookie expire.
2015-09-09 11:55:14 -07:00
5bc13cbd6b
UseOauth now requires an instance of options
2015-09-09 11:05:14 -07:00
76fd055d8e
Remove redundant body rewind.
2015-09-08 14:14:39 -07:00
831785fe9f
Make AddAuthorization() idempotent
...
Found this issue which looking into making AddMvc() idempotent. You'll end
up with multiple pass-through handlers registered if two components call
AddAuthorization(). This is very possible to happen if used two frameworks
in the same app.
2015-09-04 08:26:54 -07:00
d2701f4897
#58 Serialize the ClaimsIdentity.BootstrapContext.
2015-09-03 17:25:56 -07:00
dda67b9d7c
Remove unused RedirectFromIdentityProviderContext.
2015-09-03 12:39:36 -07:00
47520e126e
#47 Standardize on I*Events pattern.
2015-09-03 11:02:19 -07:00
2aba485263
Move Context objects to OIDC and JwtBearer, remove generics.
2015-09-02 17:01:25 -07:00
e4f78176f9
Regenerate Resources.Designer.cs using the standard tooling.
2015-09-02 17:01:23 -07:00
d3ad11a753
#47 Rename Notifications to Events and Contexts.
2015-09-02 17:01:21 -07:00
0f115f1fda
#307 Assume notifications are not null.
2015-09-02 17:01:18 -07:00
4b1f710c39
#415 Use a cross-platform friendly HttpClient for CoreCLR.
2015-09-02 16:25:27 -07:00
bf2b771eab
React to Options, Configure => Add, Cookie changes
...
UseCookie now has an overload which takes an instance of CookieOptions
2015-09-02 14:13:16 -07:00
bcf8a45340
#413 Rename OAuthBearer to JwtBearer.
2015-09-01 12:23:51 -07:00
561c997cb2
React to IHeaderDictionary API changes.
2015-08-31 20:29:36 -07:00
d9b3ea2a54
Add POST support for OpenID Connect authorization and logout requests
2015-09-01 03:59:50 +02:00
fa39144937
Use automatic properties, replace scope by a list and replace the validators list by a single validator
2015-09-01 01:23:41 +02:00
56315c441c
Use new HttpContext.Features API.
2015-08-31 06:46:18 -07:00
92185a1c27
React to string[] -> StringValues changes.
2015-08-28 14:16:49 -07:00
d5e27bf546
#278 Validate the message, not the JWT.
2015-08-25 13:47:11 -07:00
7213b53554
#407 OIDC - Fail if the user-info subject does not match
2015-08-25 11:26:02 -07:00
86962ab12c
#278 Additional OIDC message validation.
2015-08-22 21:17:38 -07:00
BrennanConroy
Pranav K
Hao Kung
Doug Bunting
jacalvar
Chris R
Kiran Challa
Ajay Bhargav Baaskaran
Dovydas Navickas
Eilon Lipton
Eilon Lipton
Mike Surcouf
Osman M Elsayed
N. Taylor Mullen
Kévin Chalet
David Fowler
John Luo
Nicholas Nelson
Vincent Lainé
Cesar Blum Silveira
Ryan Nowak