59ccbdd8ca
Fix stuff
2015-09-21 14:56:05 -07:00
081577e4f4
Remove usage IOptions from middleware ctors
2015-09-18 12:24:33 -07:00
af14c99b46
Fix core build issue
2015-09-17 15:51:36 -07:00
5cc1fea400
Add CookiePolicy Middleware
2015-09-17 15:37:15 -07:00
1c0768fb71
#372 Flow mutable event state.
...
#358 Add a UserInformationReceived event.
#327 Add AuthenticationCompleted event.
#340 Split the Redirect event for Authentication and SignOut.
Rename OnAuthorizationCodeRedeemed to OnTokenResponseReceived.
Move IdTokenReceived to AuthorizationResponseReceived.
Rename IdTokenValidated to AuthenticationValidated.
2015-09-16 14:31:36 -07:00
92d5e4ce77
Fix test for CoreClr.
2015-09-16 11:28:16 -07:00
f0792f2b2e
Remove Shouldly and Moq from Microsoft.AspNet.Authorization.Tests. Enable dnxcore50 in this project.
2015-09-15 23:11:11 -05:00
b25d4b537f
Removed references to Shouldly
2015-09-15 14:22:38 -05:00
e8090a3176
Remove authentication from names, async events
2015-09-14 14:54:51 -07:00
2982d743d8
#443 Remove custom certificate validators.
2015-09-10 08:41:08 -07:00
ebcad24307
#404 Verify state via independent cookie.
2015-09-09 12:16:22 -07:00
9f7a723843
#390 Make the nonce cookie expire.
2015-09-09 11:55:14 -07:00
5bc13cbd6b
UseOauth now requires an instance of options
2015-09-09 11:05:14 -07:00
61a47d79a8
Work around System.Uri relative path bug on mono.
2015-09-04 11:47:19 -07:00
d2701f4897
#58 Serialize the ClaimsIdentity.BootstrapContext.
2015-09-03 17:25:56 -07:00
47520e126e
#47 Standardize on I*Events pattern.
2015-09-03 11:02:19 -07:00
d3ad11a753
#47 Rename Notifications to Events and Contexts.
2015-09-02 17:01:21 -07:00
6915db67f2
Update tests to properly return tasks.
...
- Fixes errors caused by `"warningsAsErrors": true`
2015-09-02 15:54:25 -07:00
64c40addc6
Update project.json to have warningsAsErrors accept a bool.
2015-09-02 15:34:49 -07:00
bf2b771eab
React to Options, Configure => Add, Cookie changes
...
UseCookie now has an overload which takes an instance of CookieOptions
2015-09-02 14:13:16 -07:00
bcf8a45340
#413 Rename OAuthBearer to JwtBearer.
2015-09-01 12:23:51 -07:00
d9b3ea2a54
Add POST support for OpenID Connect authorization and logout requests
2015-09-01 03:59:50 +02:00
fa39144937
Use automatic properties, replace scope by a list and replace the validators list by a single validator
2015-09-01 01:23:41 +02:00
56315c441c
Use new HttpContext.Features API.
2015-08-31 06:46:18 -07:00
92185a1c27
React to string[] -> StringValues changes.
2015-08-28 14:16:49 -07:00
86962ab12c
#278 Additional OIDC message validation.
2015-08-22 21:17:38 -07:00
289182b872
Reacting to disposable logger provider
2015-08-13 08:47:53 -07:00
a3f0ee3330
Add a shared dataprotection test for cookies
2015-08-12 14:10:42 -07:00
3294de14f4
Add DefaultPolicy support for AuthZ
2015-08-11 17:04:36 -07:00
b883920bef
Cookies now always redirects to Login/AccessDenied Paths
2015-08-11 16:50:20 -07:00
b85db5e8c0
Reacting to namespace changes in identitypackages - beta7 update
2015-07-30 13:11:08 -07:00
bdab4d95fd
Using QueryHelpers helps avoid issue #365 .
2015-07-28 10:13:52 -07:00
5bb5662e74
Remove sync AuthZ APIs
2015-07-20 16:36:25 -07:00
5a2499eb22
Rename ExternalAuthenticationOptions => Shared
2015-07-16 12:43:03 -07:00
73d4440a25
API review: nuke notification namespaces
2015-07-16 11:56:48 -07:00
ab4ba794e5
Fix cookie bugs, Authenticate => HandleAuthenticate
2015-07-14 13:22:04 -07:00
5065835a05
Remove special cookie ajax redirect behavior
2015-07-14 13:19:25 -07:00
8d7f052cf4
Adding support for signing in using "code flow"
2015-07-14 11:51:16 -07:00
efc35302e8
Switch to shared security helper
2015-07-08 15:01:09 -07:00
57031946d0
#214 Refactor OIDC state parameters.
2015-07-08 12:21:14 -07:00
61bbe4cf52
Set user in OAuthContext
2015-07-01 19:01:44 -07:00
9bb8b61146
Revisit OAuthAuthenticationHandler and add a new SaveTokensAsClaims option
2015-07-01 15:03:54 -07:00
5e92de8009
Tweak SecurityHelper for MVC usage
2015-07-01 12:36:37 -07:00
b9f152ebb1
Cookie fixes
2015-07-01 11:55:06 -07:00
d7ce42dacc
Handle null in ticket serializer
2015-06-30 12:08:20 -07:00
78cf7f99ff
Fix base path issue with OAuthHandler
2015-06-29 10:43:43 -07:00
102f113e2b
Replace INonceCache by IDistributedCache
2015-06-27 01:08:27 +02:00
3a8ea672ea
AuthN and AuthZ API changes (Async, Challenge)
2015-06-25 17:19:27 -07:00
5947b07873
Remove stray Console.Writes from tests.
2015-06-05 12:19:26 -07:00
c6230f5de2
Fix invalid challenge in CookieAuthenticationHandler.ApplyResponseChallenge
2015-06-05 12:19:25 -07:00
e54d088c46
Fix issue with 401->403 not working with AutomaticAuthentication
2015-05-22 14:48:24 -07:00
468852550c
Tweak SecurityHelper.AddUserPrincipal logic
2015-05-12 15:49:49 -07:00
17deab142d
AuthZ: Sugar to make resource parameter optional
2015-05-12 13:57:23 -07:00
bb2e12a8e6
Add sugar for UseClaimsTransformation
2015-05-12 13:52:32 -07:00
071de85e04
React to Http namespace changes.
2015-05-07 14:10:59 -07:00
434d158c76
Support custom name and role claims
2015-05-06 14:24:20 -07:00
ce48c1fc7d
Move ClaimsIssuer to base AuthenticationOptions
...
Also step 1 of refactoring tests
2015-05-05 14:50:59 -07:00
5cf0564484
Update LICENSE.txt and license header on files.
2015-05-01 14:00:05 -07:00
63fc18b945
React to auth feature API changes.
2015-04-24 09:57:49 -07:00
87c31c5526
Switch to IUrlEncoder, introduce AddAuthentication
2015-04-23 22:49:47 -07:00
30d350da26
Move logger to base handler and moar var
2015-04-22 12:23:54 -07:00
6072e3b1b8
#221 Remove unneeded dependencies around DataProtection.
2015-04-21 16:21:50 -07:00
99f3aa197f
#118 - Use common cookie header formatters.
2015-04-20 15:16:29 -07:00
a3b2d2c3eb
Handle Http.Core rename.
2015-04-16 15:58:45 -07:00
501bd4ff10
Merge https://github.com/brentschmaltz/Security
2015-04-16 12:26:42 -07:00
9ce84d39c2
React to http challenge changes
2015-04-15 11:21:32 -07:00
4a2a742ad5
Fix SecurityTokenValidated and rework the different OAuth2 Bearer middleware tests
2015-04-13 23:19:32 +02:00
4eb9229482
Merge remote-tracking branch 'origin/release' into dev
2015-04-03 12:12:23 -07:00
8218a727d9
Correct .xproj filenames to match containing directories
...
- these were the only two projects I found will naming inconsistencies
2015-04-02 16:16:24 -07:00
440e782f8b
Update .xproj files for Microsoft.Web.AspNet.* -> Microsoft.DNX.* rename
2015-04-02 13:49:29 -07:00
5a6c90882a
Add travis and appveyor CI support.
2015-04-01 15:55:21 -07:00
776593ec71
React to hosting changes
2015-03-19 11:04:33 -07:00
33e3c944d0
Reenabling the tests
...
Bug https://github.com/aspnet/HttpAbstractions/issues/231 is fixed
2015-03-17 17:55:13 -07:00
e2a8efbb64
Cleanup
...
Switch to logging interfaces reference
Tweak DenyAnonymous logic
Fixes https://github.com/aspnet/Security/issues/181
Fixes https://github.com/aspnet/Security/issues/169
2015-03-17 11:40:58 -07:00
14d1b467c6
ClaimsXform and RIP AutoAuthHandler
...
- Initial support for ClaimsTransformation
- merge automatic auth handler back into base
2015-03-16 15:14:44 -07:00
c4aa387cd2
Temporarily skipping a couple of tests to work around Url encoder bug
...
https://github.com/aspnet/HttpAbstractions/issues/231
2015-03-13 14:50:51 -07:00
42436d3a7e
Update xunit.runner.kre => xunit.runner.aspnet.
2015-03-12 16:18:52 -07:00
f8c526c12d
Update .kproj => .xproj.
2015-03-11 14:04:40 -07:00
b7c8af8503
Reading AuthenticationProperties from SignOutContext
...
This will enable users to set a specific redirect uri and call signout.
2015-03-09 19:48:04 -07:00
08fdd7ad30
Remove BOM from project.json, *.cmd, *.sh and *.shade files.
2015-03-09 12:59:01 -07:00
1bd605da5e
Update aspnet50/aspnetcore50 => dnx451/dnxcore50.
2015-03-08 12:56:09 -07:00
aacc00aaee
Move extension methods to proper namespaces
...
Also add sugar for OpenIdConnect
Fixes https://github.com/aspnet/Security/issues/107
Fixes https://github.com/aspnet/Security/issues/113
2015-03-05 16:04:57 -08:00
e2bb76280f
Support AccessDeniedPath for Cookie 403 redirection
...
Fixes https://github.com/aspnet/Security/issues/166
2015-03-05 15:01:44 -08:00
08017f992a
Fix build breaks caused by Options refactoring.
2015-03-04 23:28:20 -08:00
1459ca1edb
React to DI changes
2015-03-04 19:57:15 -08:00
0577454f13
Fix for OpenIdConnect
2015-03-03 15:40:54 -08:00
775eb5ece4
Split Security into AuthN/AuthZ
...
AuthenticationType -> Scheme
Move Active/Passive into AutomaticAuthenticationHandler
Security -> Authorization/Authentication assemblies
401-403 logic
Switch from ClaimsIdentity to ClaimsPrincipal
2015-03-02 15:33:52 -08:00
d864b72561
React to DataProtection rename
2015-02-25 17:23:11 -08:00
5094b85ac9
Latest AuthZ iteration
...
- Core Auth API now takes list of IAuthorizationRequirements, or policy
name.
- Overload that takes AuthorizationPolicy instance moved to extension
method.
- Remove HttpContext from API and replace with ClaimsPrincipal instead
- Add Operation requirement
- Add Sync overloads
- Add ClaimsTransformationOptions (TBD where to use this)
Fixes https://github.com/aspnet/Security/issues/132
Fixes https://github.com/aspnet/Security/issues/116
Fixes https://github.com/aspnet/Security/issues/11
Fixes https://github.com/aspnet/Security/issues/117
2015-02-16 15:04:10 -08:00
123065c0ae
Add some sugar for AuthZ
...
- Register passthrough handler by default
- AddPolicy overload that takesAction<AuthorizationPolicyBuilder>
- Chaining policy overloads/methods
- More fluent apis for PolicyBuilder
Fixes #122 , #114
2015-01-17 17:11:34 -08:00
cdbd003bb1
Adding token property to MessageReceivedNotification
2015-01-16 14:45:50 -08:00
de56109c16
Fixing Issue #120
2015-01-16 14:45:47 -08:00
4a635835af
Initial iteration of new Authorization Service
2015-01-15 23:37:35 -08:00
f7c502a9e6
Handle PipelineCore rename.
2015-01-15 13:57:07 -08:00
123e649ee2
* Removing transitive dependencies from project.json
...
* Fix casing for project.json
2015-01-15 07:54:10 -08:00
38fb911afc
Clean up auth types, copywrite headers, file names, exceptions.
2015-01-14 15:13:24 -08:00
49e66f0311
Additions for OpenIdConnectMiddleware and OAuthBearer Beta1.
2015-01-14 14:50:45 -08:00
8b7d33baaf
#63 - Use the PathBase in the Cookie path by default.
2014-12-18 14:41:16 -08:00
2d2eedf89e
Update tests to use official xunit
2014-12-17 10:41:02 -08:00
0a71973513
Add schema version to kproj files
2014-11-25 11:03:55 -08:00
240ed82b31
React to AddDataProtection change
2014-11-24 16:32:33 -08:00
5f06906087
React to fallback changes
2014-11-20 17:25:16 -08:00
b37966f7ef
Fix DataProtection DI dependencies.
2014-11-18 14:51:36 -08:00
0fee3c87a0
#85 - Update the targeted Facebook API version to v2.2.
2014-11-14 15:05:31 -08:00
ee162013a5
Update KProj to the latest format
2014-11-12 15:33:16 -08:00
2934bb866d
Removing transitive dependencies from project.json
2014-10-29 11:23:57 -07:00
78f472fd20
Switch to automatically ensure request services
2014-10-16 11:14:07 -07:00
45836c8041
Update UseMiddleware dependencies.
2014-10-15 15:56:08 -07:00
84dfcf5258
React to Options and Hosting changes
2014-10-14 19:14:54 -07:00
6965a66f18
#59 - Use Task.GetAwaiter().GetResult() instead of Task.Result.
2014-10-13 14:26:24 -07:00
e315a545cb
#61 - Unit test cleanup.
2014-10-13 11:13:26 -07:00
2e65a40555
Update Security to account for DataProtector API changes.
2014-10-10 12:21:08 -07:00
9e2f992479
Removing version from framework assemblies node
2014-10-10 10:57:33 -07:00
d598b83e33
Reacting to CLR package versioning changes
2014-10-10 10:34:22 -07:00
e9038b40f1
React to UsePerRequestServices
2014-10-09 14:18:09 -07:00
3426034bcb
Use DI activated options for auth middlewares
...
UseXXX() now use DI activated options
Use ExternalAuthenticationOptions instead of DefaultSignInAs
2014-10-08 13:02:08 -07:00
23c024ef41
Fixup references
2014-10-05 12:26:17 -07:00
f6d6f31414
#32 - Port Cookie chunking from Katana.
2014-09-12 12:41:02 -07:00
51c3dc98dc
Handle IBuilder rename to IApplicationBuilder.
2014-09-10 12:27:01 -07:00
13adde63fa
Update the method used to read JSON asynchronously
2014-09-10 09:13:22 -07:00
80c8891c08
#49 - OAuth base middleware.
2014-09-08 11:42:11 -07:00
810c96e939
Updated to use the new target framework in project.json
2014-09-04 01:47:16 -07:00
3a3816af41
#41 - Port MicrosoftAccount middleware from Katana.
2014-08-29 13:19:18 -07:00
536da06660
Updated to use the new target framework in project.json
2014-08-28 23:48:55 -07:00
b9eb7ba282
#38 - Port the Twitter middleware from katana
2014-08-27 09:02:44 -07:00
5577159453
#37 - Port the Google auth middleware from Katana.
2014-08-25 09:50:19 -07:00
919fa0c195
Port Facebook middleware from Katana.
2014-08-20 14:52:01 -07:00
c74e583ec9
Removed source files from the project
2014-08-15 09:27:27 -07:00
05804c78db
Port more security tests from Katana.
2014-08-07 16:08:44 -07:00
ea98a50e43
Renamed configurations to frameworks in project.json
2014-07-13 22:01:33 -07:00
faf98f8bb0
Bump version to 1.0.0-*
2014-06-19 16:47:16 -07:00
ba6488fb6a
Fixed project.json casing
2014-05-26 02:52:29 -07:00
75759dae9c
Updating kproj file to match tooling changes
2014-05-18 20:13:57 -07:00
d9502923f8
Moving interface members to extension methods
2014-05-12 14:32:07 -07:00
d02f76a2fd
Updating copyright headers
2014-05-08 23:01:33 -07:00
f8f3e34986
Sort dependencies and remove duplicates in dependencies
2014-05-07 18:04:18 -07:00
d916a6d66a
React to renames
2014-05-06 01:04:17 -07:00
05b091ee66
Removing Authorization namespace
2014-05-05 15:37:36 -07:00
b7ed0faa33
Adding AuthorizationPolicy and mutable user claims
...
#13
2014-05-05 14:29:13 -07:00
f5200a1d55
Implementing IAuthorizationService
...
#7
2014-04-24 16:16:15 -07:00
Hao Kung
Chris R
Jason Loeffler
N. Taylor Mullen
Kévin Chalet
Kiran Challa
unknown
bchavez
Doug Bunting
Praburaj
Brennan
Levi B
Pranav K
BrentSchmaltz
Victor Hurdugaci
David Fowler
Wei Wang
Brice Lambson
Sebastien Ros
Andrew Peters