* Update SDK to preview.5.20251.2
- includes support for the `net5.0` TFM
- includes fix for `$(PublishDepsFilePath)`
- includes fix for incorrect NU5118 warnings when `'$(PackAsTool)' == 'true'`
* !!temporary!! Suppress NU5129 warnings
- build/ and buildTransitive/ naming conventions do not treat TFMs as equivalent
* Run `InjectRequestHandlerOnPublish` later
- late enough for .deps file to exist i.e. after the `CopyFilesToPublishDirectory` target
- `AfterTargets` is a bit flaky; use `BeforeTargets` with empty targets instead
* Always add `@(AssemblyAttribute)` items before they are processed
- use `BeforeTargets="GetAssemblyAttributes"` for consistently throughout the repo
* Move template specific helpers out of shared and into templates
* More debug info, fix casing issues
* Keep test skipped
* Undo lock changes
* Standarize retry logic
* Tweak certificate validation code
* Fixes and improvements for dotnet-dev-certs:
* Revamps the HTTPS developer certificate tool implementation.
* It accumulated a lot of cruft during the past few years and that has made making changes harder.
* Separated the CertificateManager implementation into different classes per platform.
* This centralizes the decision point of choosing a platform in a single place.
* Makes clear what the flow is for a given platform.
* Isolates changes needed for a given platform in the future.
* Moved CertificateManager to a singleton
* No more statics!
* Updates logging to use EventSource
* We didn't have a good way of performing logging as the code is shared and must run in multiple contexts and the set of dependencies need to be kept to a minimum.
* Adding ETW allow us to log/monitor the the tool execution and capture the logs with `dotnet trace` without having to invent our own logging.
* We can decide to write an EventListener in `dotnet-dev-certs` to write the results to the console output.
* Updates the way we handle the dev-cert in Mac OS to use the security tool to import the certificate into the store instead of using the certificate store.
* WIP add interop tests
* Clean up
* Move test project into build infrastructure
* Clean up
* Remove hardcoded paths
* Clean up
* Fix build
* Add copyright notices
* Update azure template
* Fix build
* Fix build?
* Fix build?
* Add gRPC interop tests to CI
- Convert to using references managed by build infrastructure
- Use produced AspNetCore.App shared framework
- Save server logs
- Dynamically bind to ports
- Ensure InteropWebsite is built in the same configuration as the test project
* Cleanup
* Rebase fix
* Include tests assets in build directory for Helix
* Incorporate changes in ProcessEx
* Include Grpc test in regular build
* Fixup
* Test
* exe doesn't always exist
* Capture logs on helix
* Maybe this will work
* There are two application started messages
* Derp
* Cleanup
* Update directory
* Add interop tests to more pipelines
* mkdir
Co-authored-by: John Luo <johluo@microsoft.com>
* Consume the internalized System.Net.Quic sources (#19156)
* Consume the internalized System.Net.Quic sources
* More changes from rebase
* Remove Console.WriteLine
* Additional code sync
- Multi-target ObjectPool
- Move Embedded.Manifest.Task.Internal.Entry to the public namespace
- Remove ref assemblies from AspNetCore.Testing
- Skip TestPathUtilitiesTest since it's a pattern we want to migrate away from
- Fix FileProviders.Abstractions version in Embedded.*.nuspec
- Add workarounds for project references to FileProviders.Embedded
* Adds a Microsoft.AspNetCore.Components.WebAssembly.Authentication
library for performing authentication in Blazor webassembly.
* Includes a default implementation that supports OIDC capable IdPs
using oidc-client.js
* Includes multiple primitives to deal with authentication flows and
supports acquiring access tokens to call APIs.
* RemoteAuthenticatorView is responsible for handling authentication
operations at the user interface level.
* RemoteAuthenticatorService is responsible for handling the lower
level authentication details by using JavaScript interop to interact
with the underlying javascript library implementing the auth protocol.
* SignOutSessionStateManager handles CSRF protection for the logout
path.
* IAccessTokenProvider handles provisioning access tokens to call APIs.
* Add service worker
* Add manifest
* Bring back BaselineTest.cs
* Add baselines for blazorwasm templates
* Add publishing test for PWA template
* Baseline fixes
* Fix baseline test logic to allow for multi-project outputs
* Remove non-blazorwasm baselines, since this branch now only covers blazorwasm
* Add test for PWA publish output
* Beginning generation of assets manifest
* Generate assets manifest including blazor outputs
* Tweaks
* Write assets manifest in JSON form
* Publish service worker
* Better API
* More resilience
* Better API again
* Make ComputeBlazorAssetsManifestItems public as people will need to customize the list
* Exclude service worker files from assets manifest
* Use web standard format for hash
* Update project template
* In assets manifest, only include items being published
* Renames
* Compute default assets manifest version by combining hashes
* Emit sw manifest in .js form
* Update service worker in project
* Actually isolate browser instances when requested during E2E tests
* E2E test for published PWA operating offline
* Fix SWAM path in template
* Clarify targets
* Removed mutating of string-contents in BCryptHandle
* Revert "Removed mutating of string-contents in BCryptHandle"
This reverts commit 5ae80c2834471baf34d1e5a05a42e3cce1ff02d7.
This is a .NET STandard 2.0 project, so no span is available by default. I think it's not worth it to add a reference to System.Memory-package just for this change.
* Better perf for StringUtilities.TryGetAsciiString
* Removed mutating of created string from HttpUtilities
* Use static readonly span-actions as this gives a boost due to not having a null check for the compiler generated cached delegate
* Debug Asserts
* PR Feedback
* Added a new property, ValidateCertificateChain
This aligns the code with README.md, and enables chained certificate authentication to work in Azure App Service (which won't have the client certificate's root in its trust store)
* Updated reference assemblies
New ValidateCertificateChain property was missing from /ref - hadn't updated it, so automatic test was failing
* Replaced the broad property which disables certificate chain validation with a granular list of trusted issuers
Also updated documentation to remove the unused property and to indicate that it isn't possible to validate half of the chain from the OS' trust store, and half from the private root store
* Swapped property access for an AddRange call
* Updated reference assembly
* Added certificate tests
Three test cases:
- Untrusted client certificate should fail, as it does now.
- Client certificate which is part of a chain with an untrusted root but a trusted issuer should fail, since the chain as a whole isn't trusted.
- Client certificate which is part of a fully-trusted chain should pass.
Also noticed that there were a couple of issues in CreateServer, where the certificate revocation flags weren't being set properly.
Finally, the csproj was referring to a folder name ("test\Certificates") which didn't exist. It looks like the folder was renamed to "TestCertificates", so I've update the project to match.
* Update Microsoft.AspNetCore.Authentication.Certificate.netcoreapp.cs
* Reverting change of Tests csproj, which was blocking certificate tests
* Forgot to add certificates to the shared source root, so tests were failing
* Updating following code review
Replaced custom logic with a new ChainTrustValidationMode property. Updated reference assemblies
* Changed tests to account for new property
* Updated certificates for PR tests
* Updated certificates
Updating all new certificates to avoid using the alternate signature algorithm
* Dummy checkin
Compilation errors coming from CertificateTests.cs, performing this checkin to test whether or not they're limited to a specific build.
* Following up typo corrections
Commit 116799fa70 in upstream repo changed a variable name, causing compile errors on PR build. Fixing that
Co-authored-by: Hao Kung <HaoK@users.noreply.github.com>
* [Platform] Detect and fix certificates with potentially inaccessible keys on Mac OS (2.1) (#17560)
* [Https] Detects and fixes HTTPS certificates where the key is not guaranteed to be accessible across security partitions
* Fix dotnet dev-certs https --check
* Update logic for detecting missing certs
* Fix security command
* Update warning logic
* Check that the key is accessible in Kestrel
* Add correct link to docs
* Update src/Tools/dotnet-dev-certs/src/Program.cs
Co-Authored-By: Daniel Roth <daroth@microsoft.com>
* Update src/Tools/dotnet-dev-certs/src/Program.cs
Co-Authored-By: Daniel Roth <daroth@microsoft.com>
* Add test for 2.1
* Update src/Tools/dotnet-dev-certs/src/Program.cs
Co-Authored-By: Chris Ross <Tratcher@Outlook.com>
* Address feedback
* Fix non-interctive path
* Fix tests
* Remove a couple of test from an unshipped product
* Check only for certificates considered valid
* Switch the exception being caught, remove invalid test
Co-authored-by: Daniel Roth <daroth@microsoft.com>
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Fix patchconfig merge (#18389)
* Fix flaky HubConnectionHandler test (#18391)
Co-authored-by: Javier Calvarro Nelson <jacalvar@microsoft.com>
Co-authored-by: Daniel Roth <daroth@microsoft.com>
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
Co-authored-by: Brennan <brecon@microsoft.com>
* Some minor clean up of Stream implementations
- Use TaskToApm from corefx to implement Begin/End in streams
- Use PipeReader.CopyToAsync(Stream) to implement CopyToAsync
- Add more overrides on derived Streams in IIS