* Remove all ref/ projects
* Remove GenAPI infrastructure
* Remove notion of a reference assembly project
- remove `$(IsReferenceAssemblyProject)`, `$(ReferenceReferenceAssemblies)` and `$(ReferenceImplementationAssemblies)`
- remove unnecessary `$(NoWarn)` settings
nits:
- remove a few misleading comments
- wrap some long lines
* Move .0 package version workaround into Versions.props
- touch up SharedFramework.External.props
* Expose `%(LatestPackageReference.RTMVersion)` metadata
- automate use of properties in the `@(LatestPackageReference)` item group to make this maintainable
- add a couple of special cases at the bottom of eng/Dependencies.props
- add one more `$(...PackageVersion)` property to avoid yet-another special case
* Enable Roslyn reference assemblies
- exclude ref/ assembly from packages other than targeting pack
- update Microsoft.AspNetCore.App.Ref.csproj
- `%(IsReferenceAssembly)` and `%(ReferenceGrouping)` metadata no longer relevant
- only ref/ assemblies are in `@(ReferencePathWithRefAssemblies)` item group
nits:
- remove now-unnecessary workaround
- issues with TFM transition are behind us
- clean up Microsoft.AspNetCore.App.Runtime.csproj slightly
- use `GeneratePathProperty="true"`
- reorder item / property settings for meta-expansion
- correct spelling errors and phrasing in comments
* Update documentation to reflect recent changes
- remove CrossRepoBreakingChanges.md; was tied to old TeamCity infrastructure
- also much less relevant given repo merges
- adjust details and examples in ReferenceResolution.md
- reflect repo merges, Dependencies.props changes, and current Maestro++ channels
- add a few more details e.g. specific files where Version.Details.xml versions are used
* !fixup! Remove another irrelevant doc file
* !fixup! Address PR review suggestions
- convert a couple of warnings to errors
- use consistent casing for Microsoft.NETCore.App.Runtime.* packages
- reduce `%(LatestPackageReference.Version)` metadata special cases
- add and improve comments e.g.
- improve comments about `$(*V0PackageVersion)` properties
- improve placement of comments about item removal in ResolveReferences.targets
- confirmed `$(*V0PackageVersion)` property list is complete
nits:
- fix solution example in ReferenceResolution.md
- remove item group definition for `@(LatestPackageReference)`
- remove `%(LatestPackageReference.VersionName)` metadata after use; large item group
- similarly, remove `%(LatestPackageReference.RTMVersion)` when not needed; just complicates `Condition`s
When I squash, I must remember this fixes
- #14801
- dotnet/aspnetcore-internal#2693
* Actually use `%(LatestPackageReference.RTMVersion)` metadata
- gather RTM package references in a new project
- a (very) separate project to work around package conflict resolution
- empty `Test` target works around Arcade's testing approach
- new target in ResolveReferences.targets updates relevant assembly paths to use the RTM packages
- done as soon as possible after `ResolvePackageAssets` determines the paths
- done for all compilation inputs, not just ref/ assemblies
* Allow extensibility of DefaultAuthorizationService
When only a small behavior change of the `DefaultAuthorizationService` is wanted, it would be nice if you could override its methods and building upon them rather than having a copy-paste of the class in your codebase.
Inside the `override` methods in your inherited class you could call the `base` method to reuse parts of its logic.
Please refer to https://github.com/dotnet/aspnetcore/issues/23094 for the usecase.
* updated ref assembly
* nit: Remove useless `$(HasReferenceAssembly)` settings
- set in /Directory.Build.targets
- `true` only in `$(IsAspNetCoreApp)` projects
* nit: Remove useless `$(CompileUsingReferenceAssemblies)` settings
- no current versioning differences between ref/ and src/ assemblies when targeting default TFM
* Add more `$(GenerateDocumentationFile)` settings
- increases the number of generated doc files, mostly without problems
- !fixup! correct typo in `DebugProxyHost` doc comments
- was not generating a doc file before
- remove previous (ineffective) src/Components/Directory.Build.targets setting
- nit: remove a duplicate `$(GenerateDocumentationFile)` setting
* nit: Remove useless `$(IsPackable)` settings
- only analyzers and implementation projects are packable by default
- main use case for explicit setting is projects shipping only in shared framework
- conditional setting in src/Mvc/Directory.Build.props just subset logic in /Directory.Build.targets
* nit: Remove useless `$(IsProjectReferenceProvider)` settings
- only implementation projects are providers by default
* nit: Remove useless `$(IsTestAssetProject)` settings
- set in src/Mvc/test/WebSites/Directory.Build.props
* !fixup! Looks like `InProcessNewShimWebSite` must compile w/o ref/ assemblies
- restore `$(CompileUsingReferenceAssemblies)` in this one project
* Remove extra `[SkipOnHelix]` attribute
- only need the one compiled into Microsoft.AspNetCore.Testing
- update the documentation to reflect this
- nit: address Markdown warnings that VS Code showed
* Add `SuccessfulTests` to ensure something runs in every non-Helix runs
- #22241
- cleans up hundreds of warnings but leaves a couple for the Blazor tests assembly
- see comments about xUnit runner command line in the new class
* Clean up logs for Negotiate Authentication and Authorization
* Add missing arg in NegotiateLoggingExtensions.cs
* Adjust formatting
* Remaining text changes
* Update src/Security/Authentication/Negotiate/src/Internal/NegotiateLoggingExtensions.cs
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Update src/Security/Authentication/Negotiate/src/Internal/NegotiateLoggingExtensions.cs
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Update src/Security/Authentication/Negotiate/src/NegotiateHandler.cs
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Update src/Security/Authentication/Negotiate/src/Internal/NegotiateLoggingExtensions.cs
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Apply changes to feedback committed
* Update logger call to refactored name
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
Co-authored-by: Giuseppe Campanelli <campanelli_g@yahoo.com>
* Add overloads to CookieAuthentication to config options with services
* Update reference assembly
* Use the new method in sampple
* Add overloads for other authentication providers
* Update ref assemblies
* Change IServiceProvider to TService
* Add HeaderNames.XRequestedWith = "X-Requested-With"
X-Requested-With is the standard for differentiating AJAX requests and is commonly used. Having this in HeaderNames would prevent typos related to typing this header name. I couldn't find any rationale about excluding this but there might be legitimate reasons like discouraging the use of HTTP headers or differentiating AJAX requests, etc. Please reject this if that's the case.
* Replace "X-Requested-With" references with HeaderNames.XRequestedWith
The only remaining instance is WebSocketsTransport.cs in
SignalR\clients\csharp\Http.Connections.Client which doesn't have
Microsoft.Net in its references. I didn't want to impose a new
dependency as its risky.
* Fix the order of using statements
* Add XRequestedWith to the ref assembly
Fixes: #18471
AddAuthorizationCore previously assumed that options were already
registered. This isn't the case in 5.0 in Blazor WASM.
We don't want Blazor to register options in the default host because it
prevents options from being linked out.
note: we will have some remaining work for this issue after this change
is merged. The Blazor WASM hosting changes haven't landed in master yet,
so we'll need to update that code to remove options from the host.
- Multi-target ObjectPool
- Move Embedded.Manifest.Task.Internal.Entry to the public namespace
- Remove ref assemblies from AspNetCore.Testing
- Skip TestPathUtilitiesTest since it's a pattern we want to migrate away from
- Fix FileProviders.Abstractions version in Embedded.*.nuspec
- Add workarounds for project references to FileProviders.Embedded
- change ref/ projects to build only the default TFM during source builds
- avoid errors restoring packages like Microsoft.BCL.AsyncInterfaces
- may also speed up source builds slightly
* Mark AspNetCore projects that aren't packaged explicitly
- avoid NU5104 warnings due to confusing versioning
- `$(IsShippingPackage)` was semantically incorrect in any case
* Remove redundant `$(IsShippingPackage)` settings in `$(IsAspNetCoreApp)` projects
- default is `true` for all implementation projects
* Use `$(IsPackable)` when deciding how `$(IsAspNetCoreApp)` projects are handled
- remove all use of `$(IsShippingPackage)` for shared framework composition
- update documentation to match these changes
nits:
- remove odd default for `$(IsPackable)` in Directory.Build.targets
- no longer relevant since all `$(IsAspNetCoreApp)` projects are `$(IsShippingPackage)` too
- include more information in docs/ProjectProperties.md
* Add direct System.Text.Json references
- avoid MSB3277 warnings
* Added a new property, ValidateCertificateChain
This aligns the code with README.md, and enables chained certificate authentication to work in Azure App Service (which won't have the client certificate's root in its trust store)
* Updated reference assemblies
New ValidateCertificateChain property was missing from /ref - hadn't updated it, so automatic test was failing
* Replaced the broad property which disables certificate chain validation with a granular list of trusted issuers
Also updated documentation to remove the unused property and to indicate that it isn't possible to validate half of the chain from the OS' trust store, and half from the private root store
* Swapped property access for an AddRange call
* Updated reference assembly
* Added certificate tests
Three test cases:
- Untrusted client certificate should fail, as it does now.
- Client certificate which is part of a chain with an untrusted root but a trusted issuer should fail, since the chain as a whole isn't trusted.
- Client certificate which is part of a fully-trusted chain should pass.
Also noticed that there were a couple of issues in CreateServer, where the certificate revocation flags weren't being set properly.
Finally, the csproj was referring to a folder name ("test\Certificates") which didn't exist. It looks like the folder was renamed to "TestCertificates", so I've update the project to match.
* Update Microsoft.AspNetCore.Authentication.Certificate.netcoreapp.cs
* Reverting change of Tests csproj, which was blocking certificate tests
* Forgot to add certificates to the shared source root, so tests were failing
* Updating following code review
Replaced custom logic with a new ChainTrustValidationMode property. Updated reference assemblies
* Changed tests to account for new property
* Updated certificates for PR tests
* Updated certificates
Updating all new certificates to avoid using the alternate signature algorithm
* Dummy checkin
Compilation errors coming from CertificateTests.cs, performing this checkin to test whether or not they're limited to a specific build.
* Following up typo corrections
Commit 116799fa70 in upstream repo changed a variable name, causing compile errors on PR build. Fixing that
Co-authored-by: Hao Kung <HaoK@users.noreply.github.com>
Hao Kung
Doug Bunting
Kevin Pilch
Pranav K
Kahbazi
Hans Bakker
Ajay Bhargav B
John Luo
Smit Patel
Chris Ross
Giuseppe Campanelli
Dawid Szmidka
Justin Kotalik
Christian Wenz
Christian Wenz
Andrew Stanton-Nurse
Kevin Pilch
huysentruitw
Roman Marusyk
Patrick Goode
Sedat Kapanoglu
Ryan Nowak
Brennan Conroy
Stephen Halter
Edward Neal
James Newton-King