huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
952 Commits 1 Branch 0 Tags 251 MiB
Commit Graph

550 Commits

Author SHA1 Message Date
Chris Ross (ASP.NET) 9839799645 Add CookiePolicy logging #1588 2018-03-02 09:53:03 -08:00
Chris Ross (ASP.NET) 21acbf06e8 Update google auth endpoint to v2 #1307 2018-02-28 10:51:13 -08:00
Chris Ross (ASP.NET) cc8acdff57 Update facebook API version to 2.12 #1306 2018-02-28 09:48:07 -08:00
Chris Ross (ASP.NET) d95109c96d #43 Add Microsoft.AspNetCore.Authentication.WsFederation, samples, and tests. 
#1443 Block unsolicited wsfed logins by default.
#1520 Update WsFed to use the 2.0 event structure
#1425 Implement WsFed remote signout cleanup
Rework WsFed RemoteSignOutPath logic to work with ADFS #1581
Update versions, dependencies.
 2018-02-26 15:31:39 -08:00
Hao Kung c0b8be58ba
Add scheme forwarding (authN policies) (#1625) 2018-02-01 14:40:56 -08:00
Chris Ross (ASP.NET) ab8328abca Raise the CookiePolicy consent cookie lifetime to one year #1589 2018-01-26 08:52:08 -08:00
Hao Kung ba1eb281d1 Stop logging username/token 
Fixes https://github.com/aspnet/Security/issues/1259
 2018-01-16 11:40:05 -08:00
Chris Ross (ASP.NET) dde7671c06 OIDC: Use IdentityModel redirect form generator #1448 2018-01-08 09:23:06 -08:00
Chris Ross (ASP.NET) 1f855f7b06 Implement ITrackingConsentFeature.CreateConsentCookie() #1590 2018-01-05 12:34:39 -08:00
Chris Ross (ASP.NET) e13ceb690b Detect remote denails for Twitter accounts 2018-01-02 15:40:48 -08:00
Chris Ross (ASP.NET) f8b4f4c620 Add consent to CookiePolicy #1561 2017-12-27 13:38:18 -08:00
Muqeet Khan e2f6ad6169
Updated logging extension to remove the period on ValidationFailed 
_tokenValidationFailed format string includes the JWT token followed by a period, which if a dev troubleshooting copies incorrectly to the EOL will make the JWT invalid. 

Current: Failed to validate the token eyJhbGc.......HCwFmw.
Proposed: Failed to validate the token eyJhbGc.......HCwFmw
 2017-11-22 13:04:54 -06:00
Eilon Lipton 9d5d4978b0
Merge pull request #1522 from leastprivilege/patch-3 
Change LogLevel from Information to Debug (see #1517)
 2017-11-09 14:28:58 -08:00
Hao Kung 72e1cb1385 Add VirtualSchemes 2017-11-06 14:16:57 -08:00
Dominick Baier 1927f65e97
Change LogLevel from Information to Debug (see #1517) 2017-11-03 16:55:42 +01:00
Nate McMaster bd8ecd0268 Pin tool and package versions to make builds more repeatable 
Part of aspnet/Universe#575
 2017-11-01 16:37:42 -07:00
tstojecki 88cb3df0eb Added support for multiple values (arrays) in default claim action (#1501) 
* Added support for multiple values (arrays) in default claim action

* Added tests to claim action update to support array values
 2017-10-31 09:27:07 -07:00
Hao Kung 794e9c79fd Update cookie doc comments 2017-10-19 13:13:15 -07:00
Chris Ross (ASP.NET) 824539f47a #1349 Don't throw for partial cookies 2017-10-12 10:14:19 -07:00
Chris Ross (ASP.NET) bd07f8b683 #1353 use a compliant Expires header value for expiration. 2017-10-11 12:40:15 -07:00
Hao Kung 02cd997e32 Add Validate(scheme) and use for RemoteSignInScheme not self validation 2017-10-10 14:17:07 -07:00
Chris Ross (ASP.NET) 0904af8ff3 PR style cleanup 2017-10-09 11:45:51 -07:00
OpenIDAuthority e34a5f8fb8 Add MaxAge to OpenIdConnectOptions 
- max_age parameter added to the authentication request if MaxAge is not null
 - throws exception if MaxAge is set to a negative value
 - Fractions of seconds are ignored
 - See http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest for expected behavior

Addresses #1233
 2017-10-09 11:45:51 -07:00
Josh Coulter 0959c941b4 Cleaned up OAuth handler's exception messages (#1462) 2017-10-02 11:25:46 -07:00
Gareth Brading 4a6c74f4f9 Added ability to set prompt parameter in OpenIdConnectOptions (#1401) 2017-09-28 14:03:52 -07:00
Chris R 144ee21696 #1188 Add AuthenticationProperties to HandleRequestResult and RemoteFailureContext 2017-09-27 14:18:42 -07:00
Javier Calvarro Nelson 5abcfe7e3d Update API check baselines to 2.0 2017-09-22 17:24:10 -07:00
Chris Ross (ASP.NET) 13fdbac48f #942 Add the SignedOutCallbackRedirect event for OIDC 2017-09-22 15:29:15 -07:00
Hao Kung 648bb1e810 Obsolete old AddSchemes 2017-09-20 12:09:33 -07:00
Hao Kung 1367a5d385 Make all handlers public 2017-09-19 15:32:28 -07:00
agoretsky 241880eadc Minor improvements (#1403) 
* Fixed exception overwriting due to possible NullReferenceException

* Removed unused local variables
 2017-09-19 09:14:49 -07:00
Anders Abel eff1b42d6e Fix comment (#1436) 
Fix comment, it's setting sign in scheme (old left-over from copy-paste?)
 2017-09-16 10:41:52 -07:00
Hao Kung b9d9418f6d Block SignInScheme = self 2017-09-15 14:22:03 -07:00
Hao Kung 863846bb2a Cleanup resx (#1424) 2017-09-14 10:59:59 -07:00
Nate McMaster a53bf093a7 Use PackageLineup to manage PackageReference versions 2017-08-29 15:26:04 -07:00
Nate McMaster 724be48ee9 Use Directory.Build.props/targets 2017-08-29 15:24:01 -07:00
Kiran Challa bf685de16b Using WebEncoders' Base64Url encode/decode functionality 2017-08-29 08:33:47 -07:00
Damir Ainullin c8a99e5806 Removed redundant if checks (#1390) 2017-08-28 11:12:27 -06:00
Brian Chavez 414d596639 Spelling and grammar cleanup (#1391) 2017-08-27 21:03:29 -07:00
Poul Kjeldager Sørensen 488eb44467 Fix obsolete warning message (#1363) 
Fixes the messaged shown to developers when they are updating their applications to 2.0. Bad idea to set the domain with some random naming text.
 2017-08-14 11:07:19 -07:00
Scott Addie b43ffc4acc Recommend CookieBuilder.HttpOnly instead of CookieBuilder.SameSite (#1366) 2017-08-14 11:06:32 -07:00
Saravanan 43db99a568 Updated for the TwitterOptions Validation for the ConsumerKey and Con… (#1337) 2017-08-14 10:29:02 -07:00
Hao Kung d797543cfc Update obsolete error (#1346) 2017-08-03 12:59:45 -07:00
richstokoe 827852efdb Corrected typos in XML Docs in MessageReceivedContext for events in JwtBearer and OpenIdConnect middlesware. (#1336) 2017-07-24 08:49:49 -07:00
Hao Kung 644f34e90d AuthZ PolicyEvalutor should take resource 2017-07-21 11:04:01 -07:00
Chris R 36d3d97b99 #1319 Add DisplayName overloads 2017-07-13 15:20:24 -07:00
Hao Kung df325deaf3 Add AddAuthentication(defaultScheme) overload 2017-07-07 12:06:00 -07:00
Hao Kung 23da476176 Switch to IOptionsMonitor (#1295) 2017-07-06 13:41:47 -07:00
Nate McMaster bd19ba9533 Revert obsoleting CookieAuthenticationOptions.ExpireTimeSpan (#1296) 
- Revert the obsoleting of CookieAuthenticationOptions.ExpireTimeSpan in aspnet/Security#1285
- Add test to ensure Cookie.Expiration is ignored
 2017-07-05 15:43:43 -07:00
Chris R 658f4621b1 #1208 Clean up JWT and OIDC issuer handling 2017-07-05 14:44:23 -07:00