7a23028527
Switch to AuthenticationTicket in OAuth event
2016-01-05 15:46:58 -08:00
2a939287bc
Merge pull request #636 from npnelson/dev
...
Fix Typo in a Log Message
2016-01-05 15:27:47 -08:00
3257a82367
Expose AuthenticationProperties in events
2016-01-05 14:32:31 -08:00
f195ed3bab
Allow value type resources for AuthZ
2016-01-04 13:30:40 -08:00
74961cac49
fix typo in log message HttContext.User merged...=>HttpContext.User merged
2015-12-30 16:50:42 -05:00
9bf861307c
Rework the empty or space only filtering in Roles and Schemes
2015-12-30 12:04:00 +01:00
9a5da5861b
Fix coding style and handle case where empty roles & schemes are empty
2015-12-28 23:57:42 +01:00
6850e3b3b6
Fix missing Trim in Roles and Schemes split
2015-12-28 14:47:15 +01:00
2d21b72561
Adding back middleware initialization with options instance.
2015-12-23 15:26:41 -08:00
5837ce160a
Stardardizing middleware to use ConfigureOption lambda
2015-12-22 21:34:52 -08:00
84279c07cf
OptionsModel => Options rename
2015-12-21 15:02:14 -08:00
e4df43611d
React to IdentityModel namespace changes.
2015-12-20 19:44:21 -08:00
0623f3b741
#555 Make SkipToNextMiddleware work on events.
2015-12-09 15:26:47 -08:00
4c1943b281
Reacting to verbose rename
2015-12-07 14:28:28 -08:00
f24c35f1a9
Promote SaveTokensAsClaims to RemoteAuthOptions
2015-12-07 13:37:56 -08:00
3d8886a064
#566 Update Google token endpoint.
2015-12-03 10:43:31 -08:00
92c479869b
#600 Update the Twitter AuthenticationEndpoint
2015-12-02 11:51:43 -08:00
a18181d363
#565 Update facebook APIs to v2.5.
2015-12-02 10:43:17 -08:00
b81f947042
Remove unused references
2015-12-01 10:55:47 -08:00
0db9a16c91
Use the newest build of OpenIdConnect packages cloned to AspNet feeds.
...
Fixes #576
2015-12-01 10:38:42 -08:00
4cf32eb678
#411 Handle validation failures from ValidateToken.
2015-11-30 11:56:57 -08:00
620622f260
Include error_desc/error_uri as well for OAuth
2015-11-19 15:06:20 -08:00
de107ffe61
Cookies now defaults to AutomaticAuthenticate true again
2015-11-13 11:27:39 -08:00
b05f8771ae
Removed comment
2015-11-12 15:23:30 -08:00
d6cdb4bbfe
Remove System beta tag in project.json for coreclr packages.
2015-11-12 12:24:08 -08:00
8a23efebf2
Merge branch 'release' into dev
2015-11-05 11:51:33 -08:00
bcb02a06ef
Update IdentityModel dependencies to strong named version.
2015-11-05 11:50:33 -08:00
dc6e916bd4
Cookies Forbid now includes ReturnUrl
2015-11-04 13:54:37 -08:00
238fdf24e8
Further improve error handling for OAuth providers
2015-11-03 12:37:35 -08:00
a363368dc8
Strong name everything.
2015-11-03 12:29:44 -08:00
e9d2c53ebc
React to IRequestCookieCollection changes.
2015-11-02 15:56:49 -08:00
c71c7a3810
Reacting to RequestDelegate namespace change
2015-10-30 14:14:34 -07:00
1a59b385a0
React to WebEncoders changes.
2015-10-30 11:39:39 -07:00
57a64298c0
#485 OIDC RequireHttpsMetadata
2015-10-23 15:33:48 -07:00
9c9cf3d314
React to break change in StringValues
2015-10-23 15:13:30 -07:00
204ab0b860
Fix build break
2015-10-23 14:56:17 -07:00
1d2c6ba122
Cookies no longer redirects for AJAX requests
2015-10-23 14:39:42 -07:00
35b7248734
#455 Remove RedirectUri from OIDC, use CallbackPath.
2015-10-22 14:56:15 -07:00
5566433686
Switching to generations TFMs
2015-10-22 00:35:50 -07:00
0eaec216b1
AuthZ API review changes
2015-10-21 16:45:20 -07:00
7dfac2fd78
Add assembly info for new project
2015-10-21 15:23:39 -07:00
e72a563902
Add initial Owin Security cookie interop package
2015-10-21 15:19:16 -07:00
defc9faac0
Don't call resource handlers without required resource
2015-10-21 13:18:05 -07:00
ef61b14d6a
#501 Replace OpenIdConnectTokenEndpointResponse with an OpenIdConnectMessage
2015-10-21 12:26:01 -07:00
00c81d41aa
Use fixed version of OpenIdConnect
2015-10-21 11:24:10 -07:00
2b259e8b99
Remove deprecated AddCookieAuthentication methods
2015-10-20 13:56:40 -07:00
e0464c9508
Add some basic logging to AuthZ/N
2015-10-20 13:47:59 -07:00
fd54c5af21
Add lots of missing doc comments.
...
Also did some minor renames to match extension method patterns.
2015-10-19 13:02:05 -07:00
0f78135f5d
Moving AllowAnonymous attribute from MVC
2015-10-19 11:02:20 -07:00
121e6891e7
Remove log codes from exception/log messages; don't localize logs
...
https://github.com/aspnet/Security/issues/414 and
https://github.com/aspnet/Security/issues/418
Also started putting in event ids for logs.
2015-10-17 16:50:16 -07:00
c14119b612
#263 Consume ITlsTokenBindingFeature in CookieAuthMiddleware.
2015-10-16 16:31:58 -07:00
f588677bb4
#506 Update to Rc1 IdentityModel, update ValidateUserInfoEndpointResponse.
2015-10-16 12:11:54 -07:00
3c925fc4bf
Fix package descriptions with proper casing
...
#468
2015-10-15 22:30:11 -07:00
8359038927
Address remaining PR feedback + misc cleanup
2015-10-15 16:51:12 -07:00
409b50269a
Add RemoteAuthenticationHandler base/error handling logic
2015-10-14 23:08:43 -07:00
6c529eae7a
Renaming Microsoft.Framework.* -> Microsoft.Extensions.*
2015-10-03 15:44:47 -07:00
6ed7d1f3c0
Replace NotNullAttribute with thrown exceptions
2015-09-29 09:35:27 -07:00
78cf065b88
#493 Upate to IdentityModel beta8 dependencies.
2015-09-28 18:25:13 -07:00
852f44a369
Rename JwtBearer events
2015-09-24 14:53:31 -07:00
966fa6672f
#147 Make OIDC UseTokenLifetime false by default.
2015-09-24 10:18:04 -07:00
8c1cb911f2
Refactor TicketSerializer/PropertiesSerializer and add ClaimsIdentity.Actor/Claim.Properties support
2015-09-24 10:08:22 -07:00
e091bceaa8
Caption => DisplayName
2015-09-23 15:02:03 -07:00
742b96d18c
Port SaveTokensAsClaims to the OpenID Connect middleware and automatically flow id_token_hint on logout requests
2015-09-23 14:33:30 -07:00
1ef66c9c11
Fix stuff
2015-09-22 16:48:50 -07:00
a55a372476
Add period
2015-09-22 16:21:40 -07:00
644a4002a9
Rename back to jwtBearer
2015-09-22 14:09:41 -07:00
b189475551
Split cookie events
2015-09-21 17:12:21 -07:00
fec3002fff
Renames
2015-09-21 16:32:14 -07:00
59ccbdd8ca
Fix stuff
2015-09-21 14:56:05 -07:00
081577e4f4
Remove usage IOptions from middleware ctors
2015-09-18 12:24:33 -07:00
5cc1fea400
Add CookiePolicy Middleware
2015-09-17 15:37:15 -07:00
1c0768fb71
#372 Flow mutable event state.
...
#358 Add a UserInformationReceived event.
#327 Add AuthenticationCompleted event.
#340 Split the Redirect event for Authentication and SignOut.
Rename OnAuthorizationCodeRedeemed to OnTokenResponseReceived.
Move IdTokenReceived to AuthorizationResponseReceived.
Rename IdTokenValidated to AuthenticationValidated.
2015-09-16 14:31:36 -07:00
ee2d263223
#434 Remove the nonce cache.
2015-09-15 09:13:26 -07:00
e8090a3176
Remove authentication from names, async events
2015-09-14 14:54:51 -07:00
0f06b6a09a
Adding NeutralResourcesLanguageAttribute
2015-09-10 18:31:59 -07:00
2982d743d8
#443 Remove custom certificate validators.
2015-09-10 08:41:08 -07:00
ebcad24307
#404 Verify state via independent cookie.
2015-09-09 12:16:22 -07:00
9f7a723843
#390 Make the nonce cookie expire.
2015-09-09 11:55:14 -07:00
5bc13cbd6b
UseOauth now requires an instance of options
2015-09-09 11:05:14 -07:00
76fd055d8e
Remove redundant body rewind.
2015-09-08 14:14:39 -07:00
831785fe9f
Make AddAuthorization() idempotent
...
Found this issue which looking into making AddMvc() idempotent. You'll end
up with multiple pass-through handlers registered if two components call
AddAuthorization(). This is very possible to happen if used two frameworks
in the same app.
2015-09-04 08:26:54 -07:00
d2701f4897
#58 Serialize the ClaimsIdentity.BootstrapContext.
2015-09-03 17:25:56 -07:00
dda67b9d7c
Remove unused RedirectFromIdentityProviderContext.
2015-09-03 12:39:36 -07:00
47520e126e
#47 Standardize on I*Events pattern.
2015-09-03 11:02:19 -07:00
2aba485263
Move Context objects to OIDC and JwtBearer, remove generics.
2015-09-02 17:01:25 -07:00
e4f78176f9
Regenerate Resources.Designer.cs using the standard tooling.
2015-09-02 17:01:23 -07:00
d3ad11a753
#47 Rename Notifications to Events and Contexts.
2015-09-02 17:01:21 -07:00
0f115f1fda
#307 Assume notifications are not null.
2015-09-02 17:01:18 -07:00
4b1f710c39
#415 Use a cross-platform friendly HttpClient for CoreCLR.
2015-09-02 16:25:27 -07:00
bf2b771eab
React to Options, Configure => Add, Cookie changes
...
UseCookie now has an overload which takes an instance of CookieOptions
2015-09-02 14:13:16 -07:00
bcf8a45340
#413 Rename OAuthBearer to JwtBearer.
2015-09-01 12:23:51 -07:00
561c997cb2
React to IHeaderDictionary API changes.
2015-08-31 20:29:36 -07:00
d9b3ea2a54
Add POST support for OpenID Connect authorization and logout requests
2015-09-01 03:59:50 +02:00
fa39144937
Use automatic properties, replace scope by a list and replace the validators list by a single validator
2015-09-01 01:23:41 +02:00
56315c441c
Use new HttpContext.Features API.
2015-08-31 06:46:18 -07:00
92185a1c27
React to string[] -> StringValues changes.
2015-08-28 14:16:49 -07:00
d5e27bf546
#278 Validate the message, not the JWT.
2015-08-25 13:47:11 -07:00
7213b53554
#407 OIDC - Fail if the user-info subject does not match
2015-08-25 11:26:02 -07:00
86962ab12c
#278 Additional OIDC message validation.
2015-08-22 21:17:38 -07:00
a3f0ee3330
Add a shared dataprotection test for cookies
2015-08-12 14:10:42 -07:00
Hao Kung
Chris R
Nicholas Nelson
Vincent Lainé
John Luo
Pranav K
Ajay Bhargav Baaskaran
N. Taylor Mullen
Cesar Blum Silveira
Ryan Nowak
Eilon Lipton
Kévin Chalet