c18a3d3a7d
Revert "Revert "Update OpenId package versions""
...
This reverts commit 0113df6075
2017-01-31 06:51:51 -08:00
0113df6075
Revert "Update OpenId package versions"
...
This reverts commit a031c4badb
2017-01-30 11:10:41 -08:00
a031c4badb
Update OpenId package versions
2017-01-25 17:09:26 -08:00
7634c5420a
Upgrade to RC.3
...
Removes __TemporarySources__ to use contentFiles packages
Remove default globs
Update test platform
2017-01-19 22:31:43 -08:00
fddfad14c9
#1082 Update IdentityModel dependencies to 5.1.2
2017-01-19 13:50:46 -08:00
861026cd76
Remove redundant references
2017-01-05 18:16:07 -08:00
ba8f85d972
Upgrade to VS 2017
2017-01-05 13:53:05 -08:00
7ab28ecdc6
Updating to 4.4 CoreFx packages
2016-12-14 14:47:31 -08:00
da4730a392
#1044 Revert "Auth: Always call prior handlers during Challenge"
...
This reverts commit e12838e38f
2016-12-14 10:55:46 -08:00
46df38de68
Updating versions to 1.2.0-*
2016-11-09 14:19:34 -08:00
82c231efca
Created public API baselines
2016-11-08 11:38:53 -08:00
96c27fa393
Revert breaking parameter rename
2016-11-08 10:32:46 -08:00
415055ebab
#1007 Additional id_token validation
2016-11-07 12:33:49 -08:00
0c815da523
#903 Ensure redirect uris can be generated
2016-11-04 10:51:03 -07:00
834718d1f9
Updating to RTM builds of IdentityModel packages
2016-11-02 14:43:57 -07:00
e55e3b6f5a
Updated Authentication's Base64UrlTextEncoder to use WebUtilities's Base64UrlTextEncoder logic
2016-11-01 12:22:42 -07:00
500201bdf7
Made ChunkingCookieManager's default chunk size public
2016-11-01 12:14:02 -07:00
2d1c56ce5c
#884 Honor OIDC's and Jwt's OnAuthenticationFailed HandleResponse()
2016-10-31 13:48:50 -07:00
8fcbddc23b
Update ClaimsHelper.AddClaimsToIdentity to infer the claim value type from the JSON token type ( #1002 )
2016-10-24 09:28:25 -07:00
3eab3ef013
Updating package that was missed
2016-10-13 14:00:21 -07:00
734d36b2d1
Update to latest CoreFx package
2016-10-13 13:59:39 -07:00
f64c864911
Updating partner package versions
2016-10-03 14:28:05 -07:00
e09dd6d0b8
Fix #976 : Break claims value in array into multiple claims ( #996 )
...
* Break claims value in array into multiple claims
* Review feedback 1
2016-09-29 16:21:26 -07:00
ac773beffc
Changed BuildChallengeUrl in order to accept AuthorizationEndpoint which contains query parameters ( #992 )
2016-09-29 13:24:24 -07:00
0152691108
Cookie Auto: set properties back to ticket when using SessionStore ( #995 )
2016-09-28 14:25:02 -07:00
28932a7795
Log the error inforamtion when redeem auth code
2016-09-23 13:10:17 -07:00
ddeef1f9ac
Add prompt parameter to Google auth endpoint
2016-09-23 10:44:41 -07:00
5aae7ded01
Update Twitter auth package description
2016-09-22 14:06:04 -07:00
25f39dd0f5
#859 Discriminate between providers when sharing an auth cookie
2016-09-21 16:27:35 -07:00
aa1fd5d89a
Move ChunkingCookieManager to a separate Sources project
2016-09-21 12:25:41 -07:00
e12838e38f
Auth: Always call prior handlers during Challenge
2016-09-21 11:20:41 -07:00
e8f55bdb13
Add Fail fast option for AuthZ
2016-09-15 16:12:54 -07:00
ce0ed3d237
Use TaskCache class from Microsoft.Extensions.TaskCache.Sources ( #968 )
...
Instead of Task.FromResult(0)
2016-09-08 10:01:53 -07:00
cbbec15d37
Ignore null ExpiresUtc property in RequestRefresh
...
Issue: https://github.com/aspnet/Security/issues/949
2016-08-26 14:55:36 -07:00
3a5df89f1c
Move a nullref check to base class
2016-08-26 08:56:48 -07:00
a79a0360c1
Update OpenIdConnectHandler
2016-08-26 08:56:48 -07:00
c5509fb594
Minor update in OpenIdConnectHandler and Options
...
1. Default post sign out uri to the root of the applciation;
2. Throw ArgumentNullException for null context in HandleSignOutAsync;
3. Guard null from Unprotected;
4. Clean up code
2016-08-26 08:56:48 -07:00
fa0a68a847
Fix xml comments error
2016-08-26 08:48:27 -07:00
8f5c7aef57
Update tests
2016-08-26 08:47:56 -07:00
26956c5ce1
Update OIDC signout flow
...
OIDC signout should return to CallbackPath then locally redirect to AuthProperties.RedirectUri
2016-08-25 15:23:12 -07:00
d291bb7c24
Add AuthZHandlerContextFactory
2016-08-19 17:04:09 -07:00
6f15d616a8
Add IAuthorizationEvaluator
2016-08-19 17:04:09 -07:00
fb0a577dd1
Add comments to CookieAuthenticationHandler
2016-08-11 14:03:17 -07:00
26a7c7016d
Minor updates to CookieAuthenticationHandler and its tests
...
1. Remove unnecessary variable declaration.
2. Update test name to a more accurate description.
2016-08-11 10:15:07 -07:00
4600451dc6
Allow absolute uri in authentication properties for cookie auth redirect
2016-08-11 08:48:47 -07:00
97afe4acc8
Adjust the redirect URI precedence in cookie auth
2016-08-10 15:59:39 -07:00
6a9f1f9887
Honor AuthenticationProperties.RedirectUri in CookieAuthenticationHandler
2016-08-10 15:59:39 -07:00
74e5777435
Update comments
2016-08-05 22:00:37 -07:00
a344684d06
Use HandleAuthenticateOnceSafeAsync in Cookie auth
2016-08-05 15:27:37 -07:00
926c7fab4b
Use async-wait pattern in HandleAuthenticateOnceSafeAsync
2016-08-05 14:34:36 -07:00
0314632696
JwtBearer Token: Catch exception during unauthorized flow
2016-08-05 12:11:33 -07:00
706566e253
Typo "Failed to retrived" -> "Failed to retrieve"
2016-08-04 18:02:09 +02:00
2a6ab2be8c
Add UpdateTokenValue API
2016-07-29 13:26:25 -07:00
c16fc06cb9
Modify warning about policy behavior ( #924 )
2016-07-28 16:55:08 -07:00
763df65c14
Revise if-else order in RemoteAuthenticateHandler
2016-07-26 16:27:28 -07:00
0e855b25a8
Update Google and Microsoft Account Handler exception message
2016-07-26 14:16:16 -07:00
0d216d726a
Minor fixes in RemoteAuthenticationHandler and FacebookHandler
2016-07-26 13:58:07 -07:00
1c17bddc02
Update HandleRemoteCallbackAsync readability
2016-07-26 10:30:50 -07:00
210c4b2061
Fix incorrect exception messages
2016-07-26 10:30:50 -07:00
6f46bc94f8
Sort using statements
2016-07-26 10:30:50 -07:00
5211f22f44
Update comment on HandleRemoteAuthenticateAsync
2016-07-26 10:30:50 -07:00
cd9e9fa498
Update comment on HandleRemoteAuthenticateAsync
2016-07-26 10:30:50 -07:00
5de4816f59
Update the RemoteAuthenticationHandler error handling
...
1. Exeption will be still thrown from CreateTicketAsync to avoid breaking
change.
2. OAuthHandler won't try to capture the exception.
3. OAuthHandler will check if the AuthenticateTicket is null.
4. RemoteAuthenticationHandler's error handling flow is improved to cover
the exception thrown from HandleRemoteAuthenticateAsync. The exeption
thrown from it will go throw the user error handling logic, too.
2016-07-26 10:30:50 -07:00
988bcc81ee
Update comments for HandleRemoteAuthenticateAsync method
2016-07-26 10:30:50 -07:00
312edaafb4
Handle back channel failure gracefully
...
1. Check the response states code. If it is out of 2XX range, compose a
readable message and throw in an exception.
2. Capture the exception in HandleRemoteAuthenticateAsync and translate
it into AuthenticateResult.
2016-07-26 10:30:50 -07:00
ecb3b90984
Undo change to the GoogleDefaults
2016-07-26 09:19:42 -07:00
eabdd45816
Improve code readability for Authentication.Google
2016-07-26 09:13:18 -07:00
7b7da43fd8
Update comments in RemoteAuthenticationOptions
2016-07-25 20:33:12 -07:00
651815c282
Remove OfType allocations ( #906 )
2016-07-25 16:31:27 -07:00
6cd46a5c10
Remote auth expiration fix ( #893 )
...
Remote auth expiration fix, and move ISystemClock to the base AuthenticationProperties
2016-07-19 15:18:42 -07:00
4927ad6b74
Remove win32.cs
2016-07-14 16:24:56 -07:00
5637e0c917
Remove unused using statements
2016-07-14 16:24:48 -07:00
792b316950
One build to rule them all
...
- well, at least VS and command-line builds will share output
- part of aspnet/Coherence-Signed#277
2016-07-07 12:40:05 -07:00
b4342b1604
Replace magic strings by the new constants introduced in IdentityModel
2016-06-17 10:43:24 -07:00
d8d408638e
Updating to dev versions
...
# Conflicts:
# src/Microsoft.AspNetCore.Authentication.OAuth/project.json
# src/Microsoft.AspNetCore.Authentication.Twitter/project.json
2016-06-16 11:31:40 -07:00
20316e276c
Update Json.NET to 9.0.1
2016-06-15 15:19:11 -07:00
666ad0fc3b
Doc comment update
2016-06-13 14:10:43 -07:00
34ee0212d0
Fix misc feedback
2016-06-10 15:37:08 -07:00
38e89d498d
Doc Comments
2016-06-09 16:15:09 -07:00
e1495f5f32
Remove unncessary usings
2016-06-09 00:48:37 -07:00
933b374f3e
Update Json.NET to 9.0.1-beta1
2016-06-06 21:26:53 -07:00
bffbfc7f9e
React to OpenId renames
2016-06-04 18:53:09 -07:00
120021e8a3
Add a new IncludeErrorDetails option to prevent the JWT middleware from returning error/error_description
2016-06-03 22:46:00 +02:00
35d0592701
Make AuthorizationHandler<TReq> async only
2016-06-03 13:26:16 -07:00
56dca7e0bc
Add a 'sid' check to the OIDC middleware to prevent unsolicited logout when possible
2016-06-02 12:21:17 -07:00
e299695974
#776 Show some JwtBearer errors in response headers
2016-06-01 07:10:16 -07:00
c257c9528f
AuthZ: Combine needs to use policy provider
...
Fixes https://github.com/aspnet/Security/issues/841
2016-05-31 13:45:48 -07:00
080447e9aa
#780 Remove obsolete DateTime conversions
2016-05-27 15:29:40 -07:00
d6763bd77c
#423 Support distributed sign-out.
2016-05-27 14:51:53 -07:00
e57e01d02c
React to updated CoreCLR packages
...
https://github.com/aspnet/Coherence/issues/97
2016-05-26 18:25:05 -07:00
2634fe318d
#814 Rework CookieAuth for compat with CookiePolicy.
2016-05-26 14:20:15 -07:00
59fc691f41
#667 #801 Handle authorize and forbid for redirecting handlers.
2016-05-23 10:50:50 -07:00
db7009531a
Update google token endpoint to v4
2016-05-23 10:31:36 -07:00
bfbe7ec15d
Update fb to v2.6
2016-05-23 10:31:36 -07:00
4c27df166b
Revert "React to updated CoreCLR packages"
...
This reverts commit 621ccf889c
2016-05-18 09:40:51 -07:00
621ccf889c
React to updated CoreCLR packages
...
https://github.com/aspnet/Coherence/issues/97
2016-05-17 14:34:03 -07:00
962a74c488
Add argument validation
2016-05-16 15:19:58 -07:00
6294badd97
Use a shared CookieSecurePolicy.
2016-05-16 12:29:33 -07:00
1a99fad0c6
Rename AuthorizationContext
2016-05-16 09:30:33 -07:00
d814cef75a
Merge branch 'release' into dev
2016-05-03 10:09:44 -07:00
7645253420
#808 Update OIDC to v1.0
2016-05-03 09:39:36 -07:00
cf75a0f793
Merge branch 'release' into dev
2016-05-02 14:57:21 -07:00
f6cdb9faf9
Fix build warnings
2016-05-02 11:27:26 -07:00
ba8c0c5018
Removed space from file name
...
This caused broken link in API reference
2016-04-28 15:40:59 -07:00
0bce133ee4
#765 Retrieve the email address from Twitter.
2016-04-28 10:19:30 -07:00
0cd7c7236b
React to FormReader api change.
2016-04-25 12:15:04 -07:00
6e3ff403d4
[ Fixes #794 ] Exception thrown when 'Microsoft.AspNetCore.Authentication.JwtBearer' tries to log a message
2016-04-22 09:55:13 -07:00
c06cac5d30
#744 Change OIDC's default ResponseType to IdToken.
2016-04-21 14:46:40 -07:00
3db1f1e9fd
Move dependency to netstandard only
2016-04-14 15:41:40 -07:00
8023d1eb02
Add serialization.primitives for Newtonsoft.Json
2016-04-14 13:52:39 -07:00
a41c578d88
Removing imports from src projects
2016-04-08 06:49:18 -07:00
5cd236c1b0
Guard against null ref
2016-04-01 14:16:49 -07:00
4d6ad51f8a
Add fallback logging for username in AuthZ
2016-03-31 13:09:32 -07:00
16a0482238
React to HttpAbstractions namespace changes
...
- aspnet/HttpAbstractions#549 and aspnet/HttpAbstractions#592
- clean up `using`s
2016-03-30 16:15:37 -07:00
4086d70628
Add comments to AddAuthentication extension methods
2016-03-28 15:44:15 -07:00
3f596108aa
#690 OIDC & JWT event refactoring.
2016-03-25 10:08:33 -07:00
6d4a80e747
[ Fixes #532 ] Replace hard-coded logging event ids with a class of consts
2016-03-24 07:11:53 -07:00
7ec3da701c
Reacting to CoreFx package changes
2016-03-23 16:15:16 -07:00
22d133cefa
Reacting to CoreCLR package changes
2016-03-22 14:51:18 -07:00
9361960b2f
React to HttpAbstractions change: No features in `.Internal` namespace
...
- see issue aspnet/HttpAbstractions#561 and pull aspnet/HttpAbstractions#589
2016-03-18 08:35:57 -07:00
81bf1c2096
Cleanup transitive dependencies
2016-03-17 22:23:23 -07:00
1a8d5317a9
Updated Json.Net version
2016-03-14 14:50:57 -07:00
f5c1c45db2
IClaimsTransofrmer updated to take ClaimsTransformationContext instead of ClaimsPrincipal in TransformAsync method. #718
2016-03-11 14:07:56 -08:00
4bfeba2a3c
Update project.json
...
@tratcher said :shipit:
2016-03-10 15:16:54 -08:00
d78f7edfc7
Fix package metadata
...
And also a few other Core-related renames.
2016-03-09 23:14:51 -08:00
a5fcddc0a8
#704 unregister auth handlers during unwind.
2016-03-09 09:45:59 -08:00
553e036d28
Add GivenName and Surname default claims to FacebookOptions
2016-03-09 11:04:11 +00:00
9dfe4d9699
Enabled xml doc generation
2016-03-04 15:49:20 -08:00
ef6dd41384
SaveTokens in OIDC
2016-03-04 12:55:32 -08:00
8645ca0dc5
Update MicrosoftAccount to use converged auth
...
-Updated MicrosoftAccountDefaults to use app model v2 & graph API
-Updated MicrosoftAccountHelper to extract user info from the user object
returned by the graph API
-Updated MicrosoftAccountMiddlewareTests accordingly
-Added the app model v2 client credentials to SocialSample/config.json
-Configured SocialSample to use SSL
Startup.cs
- Sorted namespaces
- Dropped openid scope from Microsoft-AccessToken
project.json
- Sorted dependencies
MicrosoftAccountHelper.cs
- Removed name claim transofmation
- renamed GetName, GetFirstName & GetLastName
2016-03-04 11:52:43 -08:00
94e0088eea
Added Company, Copyright and Product attributes to AssemblyInfo
2016-03-03 17:33:22 -08:00
ace166fa31
Save tokens in auth properties instead of claims
2016-03-03 12:50:46 -08:00
cedef4dcba
Fix build break
2016-03-03 06:39:15 -08:00
fbb628298c
Remove project name from output path
...
- aspnet/Coherence-Signed#187
- remove `<RootNamespace>` settings but maintain other unique aspects e.g. `<DnxInvisibleContent ... />`
- in a few cases, standardize on VS version `14.0` and not something more specific
2016-03-02 21:20:11 -08:00
b5300ad0e4
Update doc comments
2016-03-02 13:46:47 -08:00
e3979fd3fe
Transition to netstandard.
...
- dotnet5.X => netstandard1.y (where y = x-1).
- DNXCore50 => netstandardapp1.5.
- Applied the same changes to ifdefs.
2016-03-01 13:36:53 -08:00
9bbbe535f2
#690 Enable custom OIDC authorization code redemption.
2016-02-19 15:07:25 -08:00
34bc9c52e1
#456 Unify OIDC Code/IdToken/Hybride flows.
2016-02-08 12:06:13 -08:00
bbcabc0212
Move GenerateCorrelationId and ValidateCorrelationId to RemoteAuthenticationHandler
2016-02-08 11:37:49 -08:00
bafb097e9f
Update to new CLI.
...
- Added appropriate imports/net core platform libraries.
2016-02-06 19:51:50 -08:00
c2194ea99d
Updated Json.Net versions
2016-02-05 10:21:39 -08:00
e00453af4d
Ensure scope has no duplicates
2016-02-04 09:08:03 +00:00
e737f3207e
Remove username from Facebook
...
Add default fields for Facebook
Remove default fields except name and email
Add all the core fields for Facebook
Fix location and field uniqueness
2016-02-02 11:58:08 -08:00
80dc5759cc
Async overloads for AuthZ RequireAssertion
2016-01-28 12:48:00 -08:00
a80c5e6d85
#614 Standardize the pattern for scope defaults.
2016-01-27 15:26:32 -08:00
297c72aa21
React to Logging API changes
2016-01-27 14:42:56 -08:00
00ceeb0262
Add IAuthorizationPolicyProvider support
2016-01-27 13:36:53 -08:00
9c41eb958e
React to IdentityModel breaking change.
2016-01-26 14:28:49 -08:00
a1aeb4313e
Remove unused dependency
...
- The authorization stack doesn't depend on AspNetCore at all really
2016-01-24 23:57:17 -08:00
0c6a805405
#632 Save twitters access token secret as a claim.
2016-01-24 18:45:04 -08:00
Pranav K
Nate McMaster
Chris R
jacalvar
Ryan Brandenburg
Kiran Challa
Kévin Chalet
Troy Dai
Adem Caglin
Hao Kung
Pavel Krymets
Christian Weiss
Derek
Doug Bunting
Kévin Chalet
Barry Dorrans
John Luo
BrennanConroy
Petr Onderka
Ajay Bhargav Baaskaran
Dovydas Navickas
Eilon Lipton
Eilon Lipton
Mike Surcouf
Osman M Elsayed
N. Taylor Mullen
David Fowler