Commit Graph

272 Commits

Author SHA1 Message Date
Ryan Nowak 831785fe9f Make AddAuthorization() idempotent
Found this issue which looking into making AddMvc() idempotent. You'll end
up with multiple pass-through handlers registered if two components call
AddAuthorization(). This is very possible to happen if used two frameworks
in the same app.
2015-09-04 08:26:54 -07:00
Chris R d2701f4897 #58 Serialize the ClaimsIdentity.BootstrapContext. 2015-09-03 17:25:56 -07:00
Chris R dda67b9d7c Remove unused RedirectFromIdentityProviderContext. 2015-09-03 12:39:36 -07:00
Chris R 47520e126e #47 Standardize on I*Events pattern. 2015-09-03 11:02:19 -07:00
Chris R 2aba485263 Move Context objects to OIDC and JwtBearer, remove generics. 2015-09-02 17:01:25 -07:00
Chris R e4f78176f9 Regenerate Resources.Designer.cs using the standard tooling. 2015-09-02 17:01:23 -07:00
Chris R d3ad11a753 #47 Rename Notifications to Events and Contexts. 2015-09-02 17:01:21 -07:00
Chris R 0f115f1fda #307 Assume notifications are not null. 2015-09-02 17:01:18 -07:00
Chris R 4b1f710c39 #415 Use a cross-platform friendly HttpClient for CoreCLR. 2015-09-02 16:25:27 -07:00
Hao Kung bf2b771eab React to Options, Configure => Add, Cookie changes
UseCookie now has an overload which takes an instance of CookieOptions
2015-09-02 14:13:16 -07:00
Chris R bcf8a45340 #413 Rename OAuthBearer to JwtBearer. 2015-09-01 12:23:51 -07:00
Chris R 561c997cb2 React to IHeaderDictionary API changes. 2015-08-31 20:29:36 -07:00
Kévin Chalet d9b3ea2a54 Add POST support for OpenID Connect authorization and logout requests 2015-09-01 03:59:50 +02:00
Kévin Chalet fa39144937 Use automatic properties, replace scope by a list and replace the validators list by a single validator 2015-09-01 01:23:41 +02:00
Chris R 56315c441c Use new HttpContext.Features API. 2015-08-31 06:46:18 -07:00
Chris R 92185a1c27 React to string[] -> StringValues changes. 2015-08-28 14:16:49 -07:00
Chris R d5e27bf546 #278 Validate the message, not the JWT. 2015-08-25 13:47:11 -07:00
Chris R 7213b53554 #407 OIDC - Fail if the user-info subject does not match 2015-08-25 11:26:02 -07:00
Chris R 86962ab12c #278 Additional OIDC message validation. 2015-08-22 21:17:38 -07:00
Hao Kung a3f0ee3330 Add a shared dataprotection test for cookies 2015-08-12 14:10:42 -07:00
Hao Kung 3294de14f4 Add DefaultPolicy support for AuthZ 2015-08-11 17:04:36 -07:00
Hao Kung b883920bef Cookies now always redirects to Login/AccessDenied Paths 2015-08-11 16:50:20 -07:00
Pranav K b1013ed976 Reacting to DI changes 2015-08-11 14:07:12 -07:00
Chris R f3e03fbf26 #396 React to CoreCLR Cryptography package changes, remove transitive dependencies. 2015-08-11 10:43:02 -07:00
Troy Dai 2a204e473b Update CoreCLR versions 2015-08-04 10:15:32 -07:00
unknown b85db5e8c0 Reacting to namespace changes in identitypackages - beta7 update 2015-07-30 13:11:08 -07:00
bchavez bdab4d95fd Using QueryHelpers helps avoid issue #365. 2015-07-28 10:13:52 -07:00
Hao Kung 5bb5662e74 Remove sync AuthZ APIs 2015-07-20 16:36:25 -07:00
Hao Kung 5a2499eb22 Rename ExternalAuthenticationOptions => Shared 2015-07-16 12:43:03 -07:00
Hao Kung 73d4440a25 API review: nuke notification namespaces 2015-07-16 11:56:48 -07:00
Kévin Chalet 54128e8137 Add response_mode=query support for OpenID Connect 2015-07-15 18:36:21 +02:00
Hao Kung ab4ba794e5 Fix cookie bugs, Authenticate => HandleAuthenticate 2015-07-14 13:22:04 -07:00
Hao Kung 5065835a05 Remove special cookie ajax redirect behavior 2015-07-14 13:19:25 -07:00
tushar gupta 8d7f052cf4 Adding support for signing in using "code flow" 2015-07-14 11:51:16 -07:00
unknown c6aa9371c7 Updating protocol.extensions package version from beta5 to beta6 2015-07-08 17:26:03 -07:00
Hao Kung efc35302e8 Switch to shared security helper 2015-07-08 15:01:09 -07:00
Chris R 57031946d0 #214 Refactor OIDC state parameters. 2015-07-08 12:21:14 -07:00
Victor Hurdugaci 039cc18e8b Fix typo in project.json 2015-07-01 20:41:03 -07:00
Victor Hurdugaci 0d71421c05 Add repository information to project files 2015-07-01 20:25:17 -07:00
Hao Kung 61bbe4cf52 Set user in OAuthContext 2015-07-01 19:01:44 -07:00
Kévin Chalet 9bb8b61146 Revisit OAuthAuthenticationHandler and add a new SaveTokensAsClaims option 2015-07-01 15:03:54 -07:00
Hao Kung 6e67b1c9b1 Delete dead file 2015-07-01 14:38:29 -07:00
Hao Kung 5e92de8009 Tweak SecurityHelper for MVC usage 2015-07-01 12:36:37 -07:00
Hao Kung b9f152ebb1 Cookie fixes 2015-07-01 11:55:06 -07:00
Hao Kung d7ce42dacc Handle null in ticket serializer 2015-06-30 12:08:20 -07:00
Hao Kung 78cf7f99ff Fix base path issue with OAuthHandler 2015-06-29 10:43:43 -07:00
Kévin Chalet 102f113e2b Replace INonceCache by IDistributedCache 2015-06-27 01:08:27 +02:00
Hao Kung 6ae37717e8 Delete super dead code 2015-06-25 19:47:11 -07:00
Hao Kung 19d026268b Move Correlation stuff to OAuthHandler 2015-06-25 19:40:34 -07:00
Hao Kung 1ae4c24a5f PR fixes 2015-06-25 19:27:06 -07:00
Hao Kung 3a8ea672ea AuthN and AuthZ API changes (Async, Challenge) 2015-06-25 17:19:27 -07:00
Hisham Abdullah Bin Ateya 797e1287e3 Using [NotNull] 2015-06-19 09:19:51 -07:00
Hisham Abdullah Bin Ateya 7fcbefc86f Using 'nameof' operator instead of magic strings 2015-06-19 09:19:50 -07:00
Chris R ab3cc8bcc7 React to OnSendingHeaders rename. 2015-06-12 15:53:07 -07:00
Kévin Chalet c6230f5de2 Fix invalid challenge in CookieAuthenticationHandler.ApplyResponseChallenge 2015-06-05 12:19:25 -07:00
Pranav K 0b214a0e77 * Changing IdentityModel package versions to beta5
* Updating NuGet.config to pick up packages from AzureAD feed.
2015-06-02 16:17:49 -07:00
Hao Kung e54d088c46 Fix issue with 401->403 not working with AutomaticAuthentication 2015-05-22 14:48:24 -07:00
Kirthi Krishnamraju af2c524352 React to aspnet/Configuration #195,#198 2015-05-20 18:20:35 -07:00
Hao Kung 468852550c Tweak SecurityHelper.AddUserPrincipal logic 2015-05-12 15:49:49 -07:00
Hao Kung 17deab142d AuthZ: Sugar to make resource parameter optional 2015-05-12 13:57:23 -07:00
Hao Kung bb2e12a8e6 Add sugar for UseClaimsTransformation 2015-05-12 13:52:32 -07:00
Eilon Lipton 96a0b3e459 Merge pull request #241 from hishamco/dev
Using [NotNull] and  'nameof' operator
2015-05-08 22:03:14 -07:00
Chris R 071de85e04 React to Http namespace changes. 2015-05-07 14:10:59 -07:00
Hisham Abdullah Bin Ateya 582f562bbb Using [NotNull] and 'nameof' operator 2015-05-07 22:04:48 +03:00
Troy Dai e57440f92c React to common package name change 2015-05-07 09:41:05 -07:00
Chris R 3cc6739c3d React to QueryString API change. 2015-05-06 16:17:34 -07:00
Hao Kung dbdabeb9d2 Delete old handlers 2015-05-06 14:24:58 -07:00
Hao Kung 434d158c76 Support custom name and role claims 2015-05-06 14:24:20 -07:00
Hao Kung ce48c1fc7d Move ClaimsIssuer to base AuthenticationOptions
Also step 1 of refactoring tests
2015-05-05 14:50:59 -07:00
Hao Kung 6e7ec9b2fb Cleanup cookies (moar var) 2015-05-01 17:00:06 -07:00
N. Taylor Mullen 5cf0564484 Update LICENSE.txt and license header on files. 2015-05-01 14:00:05 -07:00
Brennan 4a5e8e5dfe Reacting to Logging Package rename 2015-04-29 19:09:52 -07:00
Chris R 1283414499 React to Http.Interfaces package rename. 2015-04-29 15:46:47 -07:00
Chris Ross 63fc18b945 React to auth feature API changes. 2015-04-24 09:57:49 -07:00
Hao Kung 87c31c5526 Switch to IUrlEncoder, introduce AddAuthentication 2015-04-23 22:49:47 -07:00
Hao Kung 30d350da26 Move logger to base handler and moar var 2015-04-22 12:23:54 -07:00
Chris Ross 6072e3b1b8 #221 Remove unneeded dependencies around DataProtection. 2015-04-21 16:21:50 -07:00
Chris Ross 99f3aa197f #118 - Use common cookie header formatters. 2015-04-20 15:16:29 -07:00
Chris Ross a3b2d2c3eb Handle Http.Core rename. 2015-04-16 15:58:45 -07:00
Hao Kung 501bd4ff10 Merge https://github.com/brentschmaltz/Security 2015-04-16 12:26:42 -07:00
Hao Kung 9ce84d39c2 React to http challenge changes 2015-04-15 11:21:32 -07:00
Pinpoint 5e03a6c1ad Fix incorrect handler delegation and update SignInScheme documentation 2015-04-13 23:20:24 +02:00
Pinpoint 4a2a742ad5 Fix SecurityTokenValidated and rework the different OAuth2 Bearer middleware tests 2015-04-13 23:19:32 +02:00
N. Taylor Mullen e0694a21d8 Add serviceable attribute to projects.
aspnet/DNX#1600
2015-04-07 14:50:16 -07:00
Doug Bunting 440e782f8b Update .xproj files for Microsoft.Web.AspNet.* -> Microsoft.DNX.* rename 2015-04-02 13:49:29 -07:00
Praburaj 1a37bf1747 Changing Wilson package versions to beta4 2015-03-31 10:34:44 -07:00
Praburaj ffd2489f6c Revert "Changing Wilson packages to beta4"
This reverts commit 101b719994.
2015-03-30 19:11:44 -07:00
Praburaj 101b719994 Changing Wilson packages to beta4 2015-03-30 19:10:57 -07:00
Praburaj 4a5b9f6b6e Add a description for the OpenIdConnect package 2015-03-23 21:34:26 -07:00
Hao Kung 776593ec71 React to hosting changes 2015-03-19 11:04:33 -07:00
Hao Kung e2a8efbb64 Cleanup
Switch to logging interfaces reference
Tweak DenyAnonymous logic

Fixes https://github.com/aspnet/Security/issues/181
Fixes https://github.com/aspnet/Security/issues/169
2015-03-17 11:40:58 -07:00
Hao Kung 7abccd8f22 React to Shared NotNull 2015-03-16 15:22:46 -07:00
Hao Kung 14d1b467c6 ClaimsXform and RIP AutoAuthHandler
- Initial support for ClaimsTransformation
- merge automatic auth handler back into base
2015-03-16 15:14:44 -07:00
Praburaj bd7f07052e Using [NotNull] from the common package 2015-03-14 07:25:14 -07:00
N. Taylor Mullen f8c526c12d Update .kproj => .xproj. 2015-03-11 14:04:40 -07:00
Hao Kung 78406b411c Remove config from AddAuthorization 2015-03-11 11:43:48 -07:00
Praburaj b7c8af8503 Reading AuthenticationProperties from SignOutContext
This will enable users to set a specific redirect uri and call signout.
2015-03-09 19:48:04 -07:00
N. Taylor Mullen 08fdd7ad30 Remove BOM from project.json, *.cmd, *.sh and *.shade files. 2015-03-09 12:59:01 -07:00
N. Taylor Mullen 1bd605da5e Update aspnet50/aspnetcore50 => dnx451/dnxcore50. 2015-03-08 12:56:09 -07:00
Hao Kung 5e7f1d7eff Add Configure overloads for Auth for config/name 2015-03-06 12:37:34 -08:00