d291bb7c24
Add AuthZHandlerContextFactory
2016-08-19 17:04:09 -07:00
6f15d616a8
Add IAuthorizationEvaluator
2016-08-19 17:04:09 -07:00
936a4f6092
Update OpenId Connect Configuration tests
...
1. Move configuration related tests to their own class;
2. Add tests to cover missing options scenarios;
3. Add TestDefaultValues class for default values used in OpenId connect
tests.
2016-08-18 09:51:40 -07:00
26a7c7016d
Minor updates to CookieAuthenticationHandler and its tests
...
1. Remove unnecessary variable declaration.
2. Update test name to a more accurate description.
2016-08-11 10:15:07 -07:00
4600451dc6
Allow absolute uri in authentication properties for cookie auth redirect
2016-08-11 08:48:47 -07:00
97afe4acc8
Adjust the redirect URI precedence in cookie auth
2016-08-10 15:59:39 -07:00
1ef62a40b3
Add test for CookieAuthentication
2016-08-10 15:59:39 -07:00
0314632696
JwtBearer Token: Catch exception during unauthorized flow
2016-08-05 12:11:33 -07:00
137e18f39d
Add test
2016-07-29 13:26:36 -07:00
792b316950
One build to rule them all
...
- well, at least VS and command-line builds will share output
- part of aspnet/Coherence-Signed#277
2016-07-07 12:40:05 -07:00
7323e75d5d
Updating to RTM builds of xunit and Moq
2016-07-05 21:28:47 -07:00
d8d408638e
Updating to dev versions
...
# Conflicts:
# src/Microsoft.AspNetCore.Authentication.OAuth/project.json
# src/Microsoft.AspNetCore.Authentication.Twitter/project.json
2016-06-16 11:31:40 -07:00
b7bdb39b92
Remove direct Microsoft.NETCore.Platforms dependency.
...
- Microsoft.NETCore.App now pulls this package in.
aspnet/Coherence-Signed#344
2016-06-13 15:29:53 -07:00
bffbfc7f9e
React to OpenId renames
2016-06-04 18:53:09 -07:00
120021e8a3
Add a new IncludeErrorDetails option to prevent the JWT middleware from returning error/error_description
2016-06-03 22:46:00 +02:00
35d0592701
Make AuthorizationHandler<TReq> async only
2016-06-03 13:26:16 -07:00
e299695974
#776 Show some JwtBearer errors in response headers
2016-06-01 07:10:16 -07:00
c257c9528f
AuthZ: Combine needs to use policy provider
...
Fixes https://github.com/aspnet/Security/issues/841
2016-05-31 13:45:48 -07:00
2634fe318d
#814 Rework CookieAuth for compat with CookiePolicy.
2016-05-26 14:20:15 -07:00
db7009531a
Update google token endpoint to v4
2016-05-23 10:31:36 -07:00
bfbe7ec15d
Update fb to v2.6
2016-05-23 10:31:36 -07:00
962a74c488
Add argument validation
2016-05-16 15:19:58 -07:00
6294badd97
Use a shared CookieSecurePolicy.
2016-05-16 12:29:33 -07:00
1a99fad0c6
Rename AuthorizationContext
2016-05-16 09:30:33 -07:00
7645253420
#808 Update OIDC to v1.0
2016-05-03 09:39:36 -07:00
a4c132ca74
Adding dotnet-test-xunit
2016-05-02 16:56:37 -07:00
f6cdb9faf9
Fix build warnings
2016-05-02 11:27:26 -07:00
85b5eb28a0
Use latest build of dotnet-test-xunit
2016-04-19 14:54:11 -07:00
e3667f7c26
Bring Microsoft.NETCore.Platforms dependency back
2016-04-18 17:05:20 -07:00
f6557c821d
Migrate tests, tools and samples to portable
2016-04-15 09:48:24 -07:00
16a0482238
React to HttpAbstractions namespace changes
...
- aspnet/HttpAbstractions#549 and aspnet/HttpAbstractions#592
- clean up `using`s
2016-03-30 16:15:37 -07:00
3f596108aa
#690 OIDC & JWT event refactoring.
2016-03-25 10:08:33 -07:00
6a0e58e3ff
Fixed build
2016-03-25 02:46:34 -07:00
9361960b2f
React to HttpAbstractions change: No features in `.Internal` namespace
...
- see issue aspnet/HttpAbstractions#561 and pull aspnet/HttpAbstractions#589
2016-03-18 08:35:57 -07:00
22f55d5937
Reacting to DataProtection changes
2016-03-15 18:28:56 -07:00
f5c1c45db2
IClaimsTransofrmer updated to take ClaimsTransformationContext instead of ClaimsPrincipal in TransformAsync method. #718
2016-03-11 14:07:56 -08:00
d78f7edfc7
Fix package metadata
...
And also a few other Core-related renames.
2016-03-09 23:14:51 -08:00
8645ca0dc5
Update MicrosoftAccount to use converged auth
...
-Updated MicrosoftAccountDefaults to use app model v2 & graph API
-Updated MicrosoftAccountHelper to extract user info from the user object
returned by the graph API
-Updated MicrosoftAccountMiddlewareTests accordingly
-Added the app model v2 client credentials to SocialSample/config.json
-Configured SocialSample to use SSL
Startup.cs
- Sorted namespaces
- Dropped openid scope from Microsoft-AccessToken
project.json
- Sorted dependencies
MicrosoftAccountHelper.cs
- Removed name claim transofmation
- renamed GetName, GetFirstName & GetLastName
2016-03-04 11:52:43 -08:00
0ab5cdc6ad
Fix bad rebase
2016-03-03 14:01:24 -08:00
ace166fa31
Save tokens in auth properties instead of claims
2016-03-03 12:50:46 -08:00
fbb628298c
Remove project name from output path
...
- aspnet/Coherence-Signed#187
- remove `<RootNamespace>` settings but maintain other unique aspects e.g. `<DnxInvisibleContent ... />`
- in a few cases, standardize on VS version `14.0` and not something more specific
2016-03-02 21:20:11 -08:00
e3979fd3fe
Transition to netstandard.
...
- dotnet5.X => netstandard1.y (where y = x-1).
- DNXCore50 => netstandardapp1.5.
- Applied the same changes to ifdefs.
2016-03-01 13:36:53 -08:00
0372daeebf
Updating test TFMs for custom test discovery
2016-02-19 12:45:04 -08:00
2dc353e219
Fixed 1300 errors reported in VS on build
2016-02-13 21:20:20 -08:00
552afb87b5
Enable tests to run using dotnet xunit runner
2016-02-10 05:47:19 -08:00
bbcabc0212
Move GenerateCorrelationId and ValidateCorrelationId to RemoteAuthenticationHandler
2016-02-08 11:37:49 -08:00
bafb097e9f
Update to new CLI.
...
- Added appropriate imports/net core platform libraries.
2016-02-06 19:51:50 -08:00
80dc5759cc
Async overloads for AuthZ RequireAssertion
2016-01-28 12:48:00 -08:00
00ceeb0262
Add IAuthorizationPolicyProvider support
2016-01-27 13:36:53 -08:00
3780a47528
Fix tests broken by renames.
2016-01-24 19:21:40 -08:00
a5b288897d
Update ASP.NET 5 versions for ASP.NET Core.
...
See https://github.com/aspnet/Announcements/issues/144 for more information.
2016-01-22 12:39:16 -08:00
c0d587e7c2
Rename AspNet 5 file contents.
...
See https://github.com/aspnet/Announcements/issues/144 for more information.
2016-01-22 12:35:47 -08:00
ba757d7a45
Rename AspNet 5 folders and files.
...
See https://github.com/aspnet/Announcements/issues/144 for more information.
2016-01-22 12:16:26 -08:00
de2cb12f5c
OIDC cleanup
2016-01-21 17:14:15 -08:00
0f9875df0a
Reacting to hosting rename
2016-01-17 17:09:38 -08:00
10fdfcc5c8
Build with dotnet
2016-01-15 20:54:35 -08:00
2e1a8b31cd
Rename Delegate => AssertionRequirement
...
And moar sugar...
2016-01-15 14:47:33 -08:00
417ca6cbe3
Updating to new options pattern
2016-01-08 16:53:31 -08:00
990e412326
Actually fix the AssemblyInfo
2016-01-08 14:47:40 -08:00
139070df59
Fix AssemblyInfo for Security.Interop.
2016-01-08 14:25:50 -08:00
f4aafe04e0
Replace Microsoft.Owin.Security.Cookies.Interop by Microsoft.Owin.Security.Interop
2016-01-08 13:43:43 -08:00
5bcc1bfc26
Also refresh expires/Issues when renewing cookie
2016-01-08 13:22:55 -08:00
7a23028527
Switch to AuthenticationTicket in OAuth event
2016-01-05 15:46:58 -08:00
3257a82367
Expose AuthenticationProperties in events
2016-01-05 14:32:31 -08:00
f195ed3bab
Allow value type resources for AuthZ
2016-01-04 13:30:40 -08:00
d38fb1e49d
Summary of the changes
...
- No need to set the authenticationType in the Authorize_ShouldAllowIfClaimIsPresent unit test, since we already have another unit test for these functionality.
- Specified the authentication scheme of the authorization policy in the Authorize_ShouldAllowIfClaimIsPresentWithSpecifiedAuthType unit test
2016-01-04 13:26:23 -08:00
a8ef4df32a
Merge remote-tracking branch 'ph1/Roles-PR' into dev
2016-01-04 13:13:40 -08:00
5c33ecd895
Disabling JwtBearer TokenValidationTest which is using an expired token
2016-01-04 11:39:09 -08:00
9a5da5861b
Fix coding style and handle case where empty roles & schemes are empty
2015-12-28 23:57:42 +01:00
ee6a57e9a2
Fix unit tests
2015-12-28 14:55:13 +01:00
6850e3b3b6
Fix missing Trim in Roles and Schemes split
2015-12-28 14:47:15 +01:00
5837ce160a
Stardardizing middleware to use ConfigureOption lambda
2015-12-22 21:34:52 -08:00
84279c07cf
OptionsModel => Options rename
2015-12-21 15:02:14 -08:00
e4df43611d
React to IdentityModel namespace changes.
2015-12-20 19:44:21 -08:00
a041807023
Reacting to new Hosting API
2015-12-18 15:09:41 -08:00
0623f3b741
#555 Make SkipToNextMiddleware work on events.
2015-12-09 15:26:47 -08:00
3d8886a064
#566 Update Google token endpoint.
2015-12-03 10:43:31 -08:00
92c479869b
#600 Update the Twitter AuthenticationEndpoint
2015-12-02 11:51:43 -08:00
a18181d363
#565 Update facebook APIs to v2.5.
2015-12-02 10:43:17 -08:00
51cc52e855
Tooling sample updates.
2015-11-30 11:57:49 -08:00
4cf32eb678
#411 Handle validation failures from ValidateToken.
2015-11-30 11:56:57 -08:00
620622f260
Include error_desc/error_uri as well for OAuth
2015-11-19 15:06:20 -08:00
5e99883c57
Reacting to DI changes
2015-11-13 11:28:12 -08:00
216d3a0656
Fix some authentication unit tests failing on Linux and OS X.
2015-11-06 04:27:33 -08:00
dc6e916bd4
Cookies Forbid now includes ReturnUrl
2015-11-04 13:54:37 -08:00
238fdf24e8
Further improve error handling for OAuth providers
2015-11-03 12:37:35 -08:00
c71c7a3810
Reacting to RequestDelegate namespace change
2015-10-30 14:14:34 -07:00
1a59b385a0
React to WebEncoders changes.
2015-10-30 11:39:39 -07:00
1d2c6ba122
Cookies no longer redirects for AJAX requests
2015-10-23 14:39:42 -07:00
35b7248734
#455 Remove RedirectUri from OIDC, use CallbackPath.
2015-10-22 14:56:15 -07:00
0eaec216b1
AuthZ API review changes
2015-10-21 16:45:20 -07:00
8f0e08dbce
Nuke test key
2015-10-21 15:21:40 -07:00
e72a563902
Add initial Owin Security cookie interop package
2015-10-21 15:19:16 -07:00
defc9faac0
Don't call resource handlers without required resource
2015-10-21 13:18:05 -07:00
ef61b14d6a
#501 Replace OpenIdConnectTokenEndpointResponse with an OpenIdConnectMessage
2015-10-21 12:26:01 -07:00
e0464c9508
Add some basic logging to AuthZ/N
2015-10-20 13:47:59 -07:00
c14119b612
#263 Consume ITlsTokenBindingFeature in CookieAuthMiddleware.
2015-10-16 16:31:58 -07:00
42cba79e01
Enable tests for CoreCLR.
2015-10-16 12:40:39 -07:00
b5712ef176
Remove a bunch of unused test code
...
The tests were testing nothing but themselves!
2015-10-15 23:00:10 -07:00
8359038927
Address remaining PR feedback + misc cleanup
2015-10-15 16:51:12 -07:00
409b50269a
Add RemoteAuthenticationHandler base/error handling logic
2015-10-14 23:08:43 -07:00
291997e995
React to IHttpResponseFeature changes.
2015-10-12 11:08:53 -07:00
7e93136484
React to aspnet/Universe#290 fix
...
- pick up latest `build.cmd` and `build.sh` files
- go back to Mono Beta feed (version 4.0.4) in Travis builds
- avoid frequent `mono .nuget/nuget.exe` failures
- skip test that fails with this Mono version
2015-10-10 19:09:23 -07:00
8d8943bcfe
Disable JWT Bearer test failing on Mono.
2015-10-08 17:02:43 -07:00
9e02ef9b7b
Fixing build break
2015-10-03 17:03:34 -07:00
6c529eae7a
Renaming Microsoft.Framework.* -> Microsoft.Extensions.*
2015-10-03 15:44:47 -07:00
78cf065b88
#493 Upate to IdentityModel beta8 dependencies.
2015-09-28 18:25:13 -07:00
852f44a369
Rename JwtBearer events
2015-09-24 14:53:31 -07:00
8c1cb911f2
Refactor TicketSerializer/PropertiesSerializer and add ClaimsIdentity.Actor/Claim.Properties support
2015-09-24 10:08:22 -07:00
644a4002a9
Rename back to jwtBearer
2015-09-22 14:09:41 -07:00
6c9157ff51
Fix tests
2015-09-21 16:47:33 -07:00
fec3002fff
Renames
2015-09-21 16:32:14 -07:00
59ccbdd8ca
Fix stuff
2015-09-21 14:56:05 -07:00
081577e4f4
Remove usage IOptions from middleware ctors
2015-09-18 12:24:33 -07:00
af14c99b46
Fix core build issue
2015-09-17 15:51:36 -07:00
5cc1fea400
Add CookiePolicy Middleware
2015-09-17 15:37:15 -07:00
1c0768fb71
#372 Flow mutable event state.
...
#358 Add a UserInformationReceived event.
#327 Add AuthenticationCompleted event.
#340 Split the Redirect event for Authentication and SignOut.
Rename OnAuthorizationCodeRedeemed to OnTokenResponseReceived.
Move IdTokenReceived to AuthorizationResponseReceived.
Rename IdTokenValidated to AuthenticationValidated.
2015-09-16 14:31:36 -07:00
92d5e4ce77
Fix test for CoreClr.
2015-09-16 11:28:16 -07:00
f0792f2b2e
Remove Shouldly and Moq from Microsoft.AspNet.Authorization.Tests. Enable dnxcore50 in this project.
2015-09-15 23:11:11 -05:00
b25d4b537f
Removed references to Shouldly
2015-09-15 14:22:38 -05:00
e8090a3176
Remove authentication from names, async events
2015-09-14 14:54:51 -07:00
2982d743d8
#443 Remove custom certificate validators.
2015-09-10 08:41:08 -07:00
ebcad24307
#404 Verify state via independent cookie.
2015-09-09 12:16:22 -07:00
9f7a723843
#390 Make the nonce cookie expire.
2015-09-09 11:55:14 -07:00
5bc13cbd6b
UseOauth now requires an instance of options
2015-09-09 11:05:14 -07:00
61a47d79a8
Work around System.Uri relative path bug on mono.
2015-09-04 11:47:19 -07:00
d2701f4897
#58 Serialize the ClaimsIdentity.BootstrapContext.
2015-09-03 17:25:56 -07:00
47520e126e
#47 Standardize on I*Events pattern.
2015-09-03 11:02:19 -07:00
d3ad11a753
#47 Rename Notifications to Events and Contexts.
2015-09-02 17:01:21 -07:00
6915db67f2
Update tests to properly return tasks.
...
- Fixes errors caused by `"warningsAsErrors": true`
2015-09-02 15:54:25 -07:00
64c40addc6
Update project.json to have warningsAsErrors accept a bool.
2015-09-02 15:34:49 -07:00
bf2b771eab
React to Options, Configure => Add, Cookie changes
...
UseCookie now has an overload which takes an instance of CookieOptions
2015-09-02 14:13:16 -07:00
bcf8a45340
#413 Rename OAuthBearer to JwtBearer.
2015-09-01 12:23:51 -07:00
d9b3ea2a54
Add POST support for OpenID Connect authorization and logout requests
2015-09-01 03:59:50 +02:00
fa39144937
Use automatic properties, replace scope by a list and replace the validators list by a single validator
2015-09-01 01:23:41 +02:00
56315c441c
Use new HttpContext.Features API.
2015-08-31 06:46:18 -07:00
92185a1c27
React to string[] -> StringValues changes.
2015-08-28 14:16:49 -07:00
86962ab12c
#278 Additional OIDC message validation.
2015-08-22 21:17:38 -07:00
289182b872
Reacting to disposable logger provider
2015-08-13 08:47:53 -07:00
a3f0ee3330
Add a shared dataprotection test for cookies
2015-08-12 14:10:42 -07:00
3294de14f4
Add DefaultPolicy support for AuthZ
2015-08-11 17:04:36 -07:00
b883920bef
Cookies now always redirects to Login/AccessDenied Paths
2015-08-11 16:50:20 -07:00
b85db5e8c0
Reacting to namespace changes in identitypackages - beta7 update
2015-07-30 13:11:08 -07:00
bdab4d95fd
Using QueryHelpers helps avoid issue #365 .
2015-07-28 10:13:52 -07:00
5bb5662e74
Remove sync AuthZ APIs
2015-07-20 16:36:25 -07:00
5a2499eb22
Rename ExternalAuthenticationOptions => Shared
2015-07-16 12:43:03 -07:00
73d4440a25
API review: nuke notification namespaces
2015-07-16 11:56:48 -07:00
ab4ba794e5
Fix cookie bugs, Authenticate => HandleAuthenticate
2015-07-14 13:22:04 -07:00
5065835a05
Remove special cookie ajax redirect behavior
2015-07-14 13:19:25 -07:00
8d7f052cf4
Adding support for signing in using "code flow"
2015-07-14 11:51:16 -07:00
Hao Kung
Troy Dai
Doug Bunting
Ajay Bhargav Baaskaran
Pranav K
N. Taylor Mullen
Kévin Chalet
Chris R
BrennanConroy
Pavel Krymets
David Fowler
John Luo
Dovydas Navickas
Eilon Lipton
Osman M Elsayed
Kiran Challa
Victor Hurdugaci
Osmozy
Vincent Lainé
Cesar Blum Silveira
Jason Loeffler
unknown
bchavez