e9d2c53ebc
React to IRequestCookieCollection changes.
2015-11-02 15:56:49 -08:00
c71c7a3810
Reacting to RequestDelegate namespace change
2015-10-30 14:14:34 -07:00
1a59b385a0
React to WebEncoders changes.
2015-10-30 11:39:39 -07:00
57a64298c0
#485 OIDC RequireHttpsMetadata
2015-10-23 15:33:48 -07:00
9c9cf3d314
React to break change in StringValues
2015-10-23 15:13:30 -07:00
204ab0b860
Fix build break
2015-10-23 14:56:17 -07:00
1d2c6ba122
Cookies no longer redirects for AJAX requests
2015-10-23 14:39:42 -07:00
35b7248734
#455 Remove RedirectUri from OIDC, use CallbackPath.
2015-10-22 14:56:15 -07:00
5566433686
Switching to generations TFMs
2015-10-22 00:35:50 -07:00
0eaec216b1
AuthZ API review changes
2015-10-21 16:45:20 -07:00
7dfac2fd78
Add assembly info for new project
2015-10-21 15:23:39 -07:00
e72a563902
Add initial Owin Security cookie interop package
2015-10-21 15:19:16 -07:00
defc9faac0
Don't call resource handlers without required resource
2015-10-21 13:18:05 -07:00
ef61b14d6a
#501 Replace OpenIdConnectTokenEndpointResponse with an OpenIdConnectMessage
2015-10-21 12:26:01 -07:00
00c81d41aa
Use fixed version of OpenIdConnect
2015-10-21 11:24:10 -07:00
2b259e8b99
Remove deprecated AddCookieAuthentication methods
2015-10-20 13:56:40 -07:00
e0464c9508
Add some basic logging to AuthZ/N
2015-10-20 13:47:59 -07:00
fd54c5af21
Add lots of missing doc comments.
...
Also did some minor renames to match extension method patterns.
2015-10-19 13:02:05 -07:00
0f78135f5d
Moving AllowAnonymous attribute from MVC
2015-10-19 11:02:20 -07:00
121e6891e7
Remove log codes from exception/log messages; don't localize logs
...
https://github.com/aspnet/Security/issues/414 and
https://github.com/aspnet/Security/issues/418
Also started putting in event ids for logs.
2015-10-17 16:50:16 -07:00
c14119b612
#263 Consume ITlsTokenBindingFeature in CookieAuthMiddleware.
2015-10-16 16:31:58 -07:00
f588677bb4
#506 Update to Rc1 IdentityModel, update ValidateUserInfoEndpointResponse.
2015-10-16 12:11:54 -07:00
3c925fc4bf
Fix package descriptions with proper casing
...
#468
2015-10-15 22:30:11 -07:00
8359038927
Address remaining PR feedback + misc cleanup
2015-10-15 16:51:12 -07:00
409b50269a
Add RemoteAuthenticationHandler base/error handling logic
2015-10-14 23:08:43 -07:00
6c529eae7a
Renaming Microsoft.Framework.* -> Microsoft.Extensions.*
2015-10-03 15:44:47 -07:00
6ed7d1f3c0
Replace NotNullAttribute with thrown exceptions
2015-09-29 09:35:27 -07:00
78cf065b88
#493 Upate to IdentityModel beta8 dependencies.
2015-09-28 18:25:13 -07:00
852f44a369
Rename JwtBearer events
2015-09-24 14:53:31 -07:00
966fa6672f
#147 Make OIDC UseTokenLifetime false by default.
2015-09-24 10:18:04 -07:00
8c1cb911f2
Refactor TicketSerializer/PropertiesSerializer and add ClaimsIdentity.Actor/Claim.Properties support
2015-09-24 10:08:22 -07:00
e091bceaa8
Caption => DisplayName
2015-09-23 15:02:03 -07:00
742b96d18c
Port SaveTokensAsClaims to the OpenID Connect middleware and automatically flow id_token_hint on logout requests
2015-09-23 14:33:30 -07:00
1ef66c9c11
Fix stuff
2015-09-22 16:48:50 -07:00
a55a372476
Add period
2015-09-22 16:21:40 -07:00
644a4002a9
Rename back to jwtBearer
2015-09-22 14:09:41 -07:00
b189475551
Split cookie events
2015-09-21 17:12:21 -07:00
fec3002fff
Renames
2015-09-21 16:32:14 -07:00
59ccbdd8ca
Fix stuff
2015-09-21 14:56:05 -07:00
081577e4f4
Remove usage IOptions from middleware ctors
2015-09-18 12:24:33 -07:00
5cc1fea400
Add CookiePolicy Middleware
2015-09-17 15:37:15 -07:00
1c0768fb71
#372 Flow mutable event state.
...
#358 Add a UserInformationReceived event.
#327 Add AuthenticationCompleted event.
#340 Split the Redirect event for Authentication and SignOut.
Rename OnAuthorizationCodeRedeemed to OnTokenResponseReceived.
Move IdTokenReceived to AuthorizationResponseReceived.
Rename IdTokenValidated to AuthenticationValidated.
2015-09-16 14:31:36 -07:00
ee2d263223
#434 Remove the nonce cache.
2015-09-15 09:13:26 -07:00
e8090a3176
Remove authentication from names, async events
2015-09-14 14:54:51 -07:00
0f06b6a09a
Adding NeutralResourcesLanguageAttribute
2015-09-10 18:31:59 -07:00
2982d743d8
#443 Remove custom certificate validators.
2015-09-10 08:41:08 -07:00
ebcad24307
#404 Verify state via independent cookie.
2015-09-09 12:16:22 -07:00
9f7a723843
#390 Make the nonce cookie expire.
2015-09-09 11:55:14 -07:00
5bc13cbd6b
UseOauth now requires an instance of options
2015-09-09 11:05:14 -07:00
76fd055d8e
Remove redundant body rewind.
2015-09-08 14:14:39 -07:00
831785fe9f
Make AddAuthorization() idempotent
...
Found this issue which looking into making AddMvc() idempotent. You'll end
up with multiple pass-through handlers registered if two components call
AddAuthorization(). This is very possible to happen if used two frameworks
in the same app.
2015-09-04 08:26:54 -07:00
d2701f4897
#58 Serialize the ClaimsIdentity.BootstrapContext.
2015-09-03 17:25:56 -07:00
dda67b9d7c
Remove unused RedirectFromIdentityProviderContext.
2015-09-03 12:39:36 -07:00
47520e126e
#47 Standardize on I*Events pattern.
2015-09-03 11:02:19 -07:00
2aba485263
Move Context objects to OIDC and JwtBearer, remove generics.
2015-09-02 17:01:25 -07:00
e4f78176f9
Regenerate Resources.Designer.cs using the standard tooling.
2015-09-02 17:01:23 -07:00
d3ad11a753
#47 Rename Notifications to Events and Contexts.
2015-09-02 17:01:21 -07:00
0f115f1fda
#307 Assume notifications are not null.
2015-09-02 17:01:18 -07:00
4b1f710c39
#415 Use a cross-platform friendly HttpClient for CoreCLR.
2015-09-02 16:25:27 -07:00
bf2b771eab
React to Options, Configure => Add, Cookie changes
...
UseCookie now has an overload which takes an instance of CookieOptions
2015-09-02 14:13:16 -07:00
bcf8a45340
#413 Rename OAuthBearer to JwtBearer.
2015-09-01 12:23:51 -07:00
561c997cb2
React to IHeaderDictionary API changes.
2015-08-31 20:29:36 -07:00
d9b3ea2a54
Add POST support for OpenID Connect authorization and logout requests
2015-09-01 03:59:50 +02:00
fa39144937
Use automatic properties, replace scope by a list and replace the validators list by a single validator
2015-09-01 01:23:41 +02:00
56315c441c
Use new HttpContext.Features API.
2015-08-31 06:46:18 -07:00
92185a1c27
React to string[] -> StringValues changes.
2015-08-28 14:16:49 -07:00
d5e27bf546
#278 Validate the message, not the JWT.
2015-08-25 13:47:11 -07:00
7213b53554
#407 OIDC - Fail if the user-info subject does not match
2015-08-25 11:26:02 -07:00
86962ab12c
#278 Additional OIDC message validation.
2015-08-22 21:17:38 -07:00
a3f0ee3330
Add a shared dataprotection test for cookies
2015-08-12 14:10:42 -07:00
3294de14f4
Add DefaultPolicy support for AuthZ
2015-08-11 17:04:36 -07:00
b883920bef
Cookies now always redirects to Login/AccessDenied Paths
2015-08-11 16:50:20 -07:00
b1013ed976
Reacting to DI changes
2015-08-11 14:07:12 -07:00
f3e03fbf26
#396 React to CoreCLR Cryptography package changes, remove transitive dependencies.
2015-08-11 10:43:02 -07:00
2a204e473b
Update CoreCLR versions
2015-08-04 10:15:32 -07:00
b85db5e8c0
Reacting to namespace changes in identitypackages - beta7 update
2015-07-30 13:11:08 -07:00
bdab4d95fd
Using QueryHelpers helps avoid issue #365 .
2015-07-28 10:13:52 -07:00
5bb5662e74
Remove sync AuthZ APIs
2015-07-20 16:36:25 -07:00
5a2499eb22
Rename ExternalAuthenticationOptions => Shared
2015-07-16 12:43:03 -07:00
73d4440a25
API review: nuke notification namespaces
2015-07-16 11:56:48 -07:00
54128e8137
Add response_mode=query support for OpenID Connect
2015-07-15 18:36:21 +02:00
ab4ba794e5
Fix cookie bugs, Authenticate => HandleAuthenticate
2015-07-14 13:22:04 -07:00
5065835a05
Remove special cookie ajax redirect behavior
2015-07-14 13:19:25 -07:00
8d7f052cf4
Adding support for signing in using "code flow"
2015-07-14 11:51:16 -07:00
c6aa9371c7
Updating protocol.extensions package version from beta5 to beta6
2015-07-08 17:26:03 -07:00
efc35302e8
Switch to shared security helper
2015-07-08 15:01:09 -07:00
57031946d0
#214 Refactor OIDC state parameters.
2015-07-08 12:21:14 -07:00
039cc18e8b
Fix typo in project.json
2015-07-01 20:41:03 -07:00
0d71421c05
Add repository information to project files
2015-07-01 20:25:17 -07:00
61bbe4cf52
Set user in OAuthContext
2015-07-01 19:01:44 -07:00
9bb8b61146
Revisit OAuthAuthenticationHandler and add a new SaveTokensAsClaims option
2015-07-01 15:03:54 -07:00
6e67b1c9b1
Delete dead file
2015-07-01 14:38:29 -07:00
5e92de8009
Tweak SecurityHelper for MVC usage
2015-07-01 12:36:37 -07:00
b9f152ebb1
Cookie fixes
2015-07-01 11:55:06 -07:00
d7ce42dacc
Handle null in ticket serializer
2015-06-30 12:08:20 -07:00
78cf7f99ff
Fix base path issue with OAuthHandler
2015-06-29 10:43:43 -07:00
102f113e2b
Replace INonceCache by IDistributedCache
2015-06-27 01:08:27 +02:00
6ae37717e8
Delete super dead code
2015-06-25 19:47:11 -07:00
19d026268b
Move Correlation stuff to OAuthHandler
2015-06-25 19:40:34 -07:00
1ae4c24a5f
PR fixes
2015-06-25 19:27:06 -07:00
3a8ea672ea
AuthN and AuthZ API changes (Async, Challenge)
2015-06-25 17:19:27 -07:00
797e1287e3
Using [NotNull]
2015-06-19 09:19:51 -07:00
7fcbefc86f
Using 'nameof' operator instead of magic strings
2015-06-19 09:19:50 -07:00
ab3cc8bcc7
React to OnSendingHeaders rename.
2015-06-12 15:53:07 -07:00
c6230f5de2
Fix invalid challenge in CookieAuthenticationHandler.ApplyResponseChallenge
2015-06-05 12:19:25 -07:00
0b214a0e77
* Changing IdentityModel package versions to beta5
...
* Updating NuGet.config to pick up packages from AzureAD feed.
2015-06-02 16:17:49 -07:00
e54d088c46
Fix issue with 401->403 not working with AutomaticAuthentication
2015-05-22 14:48:24 -07:00
af2c524352
React to aspnet/Configuration #195,#198
2015-05-20 18:20:35 -07:00
468852550c
Tweak SecurityHelper.AddUserPrincipal logic
2015-05-12 15:49:49 -07:00
17deab142d
AuthZ: Sugar to make resource parameter optional
2015-05-12 13:57:23 -07:00
bb2e12a8e6
Add sugar for UseClaimsTransformation
2015-05-12 13:52:32 -07:00
96a0b3e459
Merge pull request #241 from hishamco/dev
...
Using [NotNull] and 'nameof' operator
2015-05-08 22:03:14 -07:00
071de85e04
React to Http namespace changes.
2015-05-07 14:10:59 -07:00
582f562bbb
Using [NotNull] and 'nameof' operator
2015-05-07 22:04:48 +03:00
e57440f92c
React to common package name change
2015-05-07 09:41:05 -07:00
3cc6739c3d
React to QueryString API change.
2015-05-06 16:17:34 -07:00
dbdabeb9d2
Delete old handlers
2015-05-06 14:24:58 -07:00
434d158c76
Support custom name and role claims
2015-05-06 14:24:20 -07:00
ce48c1fc7d
Move ClaimsIssuer to base AuthenticationOptions
...
Also step 1 of refactoring tests
2015-05-05 14:50:59 -07:00
6e7ec9b2fb
Cleanup cookies (moar var)
2015-05-01 17:00:06 -07:00
5cf0564484
Update LICENSE.txt and license header on files.
2015-05-01 14:00:05 -07:00
4a5e8e5dfe
Reacting to Logging Package rename
2015-04-29 19:09:52 -07:00
1283414499
React to Http.Interfaces package rename.
2015-04-29 15:46:47 -07:00
63fc18b945
React to auth feature API changes.
2015-04-24 09:57:49 -07:00
87c31c5526
Switch to IUrlEncoder, introduce AddAuthentication
2015-04-23 22:49:47 -07:00
30d350da26
Move logger to base handler and moar var
2015-04-22 12:23:54 -07:00
6072e3b1b8
#221 Remove unneeded dependencies around DataProtection.
2015-04-21 16:21:50 -07:00
99f3aa197f
#118 - Use common cookie header formatters.
2015-04-20 15:16:29 -07:00
a3b2d2c3eb
Handle Http.Core rename.
2015-04-16 15:58:45 -07:00
501bd4ff10
Merge https://github.com/brentschmaltz/Security
2015-04-16 12:26:42 -07:00
9ce84d39c2
React to http challenge changes
2015-04-15 11:21:32 -07:00
5e03a6c1ad
Fix incorrect handler delegation and update SignInScheme documentation
2015-04-13 23:20:24 +02:00
4a2a742ad5
Fix SecurityTokenValidated and rework the different OAuth2 Bearer middleware tests
2015-04-13 23:19:32 +02:00
e0694a21d8
Add serviceable attribute to projects.
...
aspnet/DNX#1600
2015-04-07 14:50:16 -07:00
440e782f8b
Update .xproj files for Microsoft.Web.AspNet.* -> Microsoft.DNX.* rename
2015-04-02 13:49:29 -07:00
1a37bf1747
Changing Wilson package versions to beta4
2015-03-31 10:34:44 -07:00
ffd2489f6c
Revert "Changing Wilson packages to beta4"
...
This reverts commit 101b719994
2015-03-30 19:11:44 -07:00
101b719994
Changing Wilson packages to beta4
2015-03-30 19:10:57 -07:00
4a5b9f6b6e
Add a description for the OpenIdConnect package
2015-03-23 21:34:26 -07:00
776593ec71
React to hosting changes
2015-03-19 11:04:33 -07:00
e2a8efbb64
Cleanup
...
Switch to logging interfaces reference
Tweak DenyAnonymous logic
Fixes https://github.com/aspnet/Security/issues/181
Fixes https://github.com/aspnet/Security/issues/169
2015-03-17 11:40:58 -07:00
7abccd8f22
React to Shared NotNull
2015-03-16 15:22:46 -07:00
14d1b467c6
ClaimsXform and RIP AutoAuthHandler
...
- Initial support for ClaimsTransformation
- merge automatic auth handler back into base
2015-03-16 15:14:44 -07:00
bd7f07052e
Using [NotNull] from the common package
2015-03-14 07:25:14 -07:00
f8c526c12d
Update .kproj => .xproj.
2015-03-11 14:04:40 -07:00
78406b411c
Remove config from AddAuthorization
2015-03-11 11:43:48 -07:00
b7c8af8503
Reading AuthenticationProperties from SignOutContext
...
This will enable users to set a specific redirect uri and call signout.
2015-03-09 19:48:04 -07:00
08fdd7ad30
Remove BOM from project.json, *.cmd, *.sh and *.shade files.
2015-03-09 12:59:01 -07:00
1bd605da5e
Update aspnet50/aspnetcore50 => dnx451/dnxcore50.
2015-03-08 12:56:09 -07:00
5e7f1d7eff
Add Configure overloads for Auth for config/name
2015-03-06 12:37:34 -08:00
Chris R
John Luo
Ryan Nowak
Hao Kung
Pranav K
Eilon Lipton
Ajay Bhargav Baaskaran
Kévin Chalet
Troy Dai
unknown
bchavez
unknown
Victor Hurdugaci
Hisham Abdullah Bin Ateya
Kirthi Krishnamraju
Eilon Lipton
N. Taylor Mullen
Brennan
Doug Bunting
Praburaj