Adem Caglin
ac773beffc
Changed BuildChallengeUrl in order to accept AuthorizationEndpoint which contains query parameters ( #992 )
2016-09-29 13:24:24 -07:00
Troy Dai
0152691108
Cookie Auto: set properties back to ticket when using SessionStore ( #995 )
2016-09-28 14:25:02 -07:00
Troy Dai
28932a7795
Log the error inforamtion when redeem auth code
2016-09-23 13:10:17 -07:00
Troy Dai
ddeef1f9ac
Add prompt parameter to Google auth endpoint
2016-09-23 10:44:41 -07:00
Troy Dai
5aae7ded01
Update Twitter auth package description
2016-09-22 14:06:04 -07:00
Chris R
25f39dd0f5
#859 Discriminate between providers when sharing an auth cookie
2016-09-21 16:27:35 -07:00
Kiran Challa
aa1fd5d89a
Move ChunkingCookieManager to a separate Sources project
2016-09-21 12:25:41 -07:00
Hao Kung
e12838e38f
Auth: Always call prior handlers during Challenge
2016-09-21 11:20:41 -07:00
Hao Kung
e8f55bdb13
Add Fail fast option for AuthZ
2016-09-15 16:12:54 -07:00
Pavel Krymets
ce0ed3d237
Use TaskCache class from Microsoft.Extensions.TaskCache.Sources ( #968 )
...
Instead of Task.FromResult(0)
2016-09-08 10:01:53 -07:00
Troy Dai
cbbec15d37
Ignore null ExpiresUtc property in RequestRefresh
...
Issue: https://github.com/aspnet/Security/issues/949
2016-08-26 14:55:36 -07:00
Troy Dai
3a5df89f1c
Move a nullref check to base class
2016-08-26 08:56:48 -07:00
Troy Dai
a79a0360c1
Update OpenIdConnectHandler
2016-08-26 08:56:48 -07:00
Troy Dai
c5509fb594
Minor update in OpenIdConnectHandler and Options
...
1. Default post sign out uri to the root of the applciation;
2. Throw ArgumentNullException for null context in HandleSignOutAsync;
3. Guard null from Unprotected;
4. Clean up code
2016-08-26 08:56:48 -07:00
Troy Dai
fa0a68a847
Fix xml comments error
2016-08-26 08:48:27 -07:00
Troy Dai
8f5c7aef57
Update tests
2016-08-26 08:47:56 -07:00
Troy Dai
26956c5ce1
Update OIDC signout flow
...
OIDC signout should return to CallbackPath then locally redirect to AuthProperties.RedirectUri
2016-08-25 15:23:12 -07:00
Hao Kung
d291bb7c24
Add AuthZHandlerContextFactory
2016-08-19 17:04:09 -07:00
Hao Kung
6f15d616a8
Add IAuthorizationEvaluator
2016-08-19 17:04:09 -07:00
Troy Dai
fb0a577dd1
Add comments to CookieAuthenticationHandler
2016-08-11 14:03:17 -07:00
Troy Dai
26a7c7016d
Minor updates to CookieAuthenticationHandler and its tests
...
1. Remove unnecessary variable declaration.
2. Update test name to a more accurate description.
2016-08-11 10:15:07 -07:00
Troy Dai
4600451dc6
Allow absolute uri in authentication properties for cookie auth redirect
2016-08-11 08:48:47 -07:00
Troy Dai
97afe4acc8
Adjust the redirect URI precedence in cookie auth
2016-08-10 15:59:39 -07:00
Troy Dai
6a9f1f9887
Honor AuthenticationProperties.RedirectUri in CookieAuthenticationHandler
2016-08-10 15:59:39 -07:00
Troy Dai
74e5777435
Update comments
2016-08-05 22:00:37 -07:00
Troy Dai
a344684d06
Use HandleAuthenticateOnceSafeAsync in Cookie auth
2016-08-05 15:27:37 -07:00
Troy Dai
926c7fab4b
Use async-wait pattern in HandleAuthenticateOnceSafeAsync
2016-08-05 14:34:36 -07:00
Troy Dai
0314632696
JwtBearer Token: Catch exception during unauthorized flow
2016-08-05 12:11:33 -07:00
Christian Weiss
706566e253
Typo "Failed to retrived" -> "Failed to retrieve"
2016-08-04 18:02:09 +02:00
Hao Kung
2a6ab2be8c
Add UpdateTokenValue API
2016-07-29 13:26:25 -07:00
Ryan Brandenburg
c16fc06cb9
Modify warning about policy behavior ( #924 )
2016-07-28 16:55:08 -07:00
Troy Dai
763df65c14
Revise if-else order in RemoteAuthenticateHandler
2016-07-26 16:27:28 -07:00
Troy Dai
0e855b25a8
Update Google and Microsoft Account Handler exception message
2016-07-26 14:16:16 -07:00
Troy Dai
0d216d726a
Minor fixes in RemoteAuthenticationHandler and FacebookHandler
2016-07-26 13:58:07 -07:00
Troy Dai
1c17bddc02
Update HandleRemoteCallbackAsync readability
2016-07-26 10:30:50 -07:00
Troy Dai
210c4b2061
Fix incorrect exception messages
2016-07-26 10:30:50 -07:00
Troy Dai
6f46bc94f8
Sort using statements
2016-07-26 10:30:50 -07:00
Troy Dai
5211f22f44
Update comment on HandleRemoteAuthenticateAsync
2016-07-26 10:30:50 -07:00
Troy Dai
cd9e9fa498
Update comment on HandleRemoteAuthenticateAsync
2016-07-26 10:30:50 -07:00
Troy Dai
5de4816f59
Update the RemoteAuthenticationHandler error handling
...
1. Exeption will be still thrown from CreateTicketAsync to avoid breaking
change.
2. OAuthHandler won't try to capture the exception.
3. OAuthHandler will check if the AuthenticateTicket is null.
4. RemoteAuthenticationHandler's error handling flow is improved to cover
the exception thrown from HandleRemoteAuthenticateAsync. The exeption
thrown from it will go throw the user error handling logic, too.
2016-07-26 10:30:50 -07:00
Troy Dai
988bcc81ee
Update comments for HandleRemoteAuthenticateAsync method
2016-07-26 10:30:50 -07:00
Troy Dai
312edaafb4
Handle back channel failure gracefully
...
1. Check the response states code. If it is out of 2XX range, compose a
readable message and throw in an exception.
2. Capture the exception in HandleRemoteAuthenticateAsync and translate
it into AuthenticateResult.
2016-07-26 10:30:50 -07:00
Troy Dai
ecb3b90984
Undo change to the GoogleDefaults
2016-07-26 09:19:42 -07:00
Troy Dai
eabdd45816
Improve code readability for Authentication.Google
2016-07-26 09:13:18 -07:00
Troy Dai
7b7da43fd8
Update comments in RemoteAuthenticationOptions
2016-07-25 20:33:12 -07:00
Ryan Brandenburg
651815c282
Remove OfType allocations ( #906 )
2016-07-25 16:31:27 -07:00
Derek
6cd46a5c10
Remote auth expiration fix ( #893 )
...
Remote auth expiration fix, and move ISystemClock to the base AuthenticationProperties
2016-07-19 15:18:42 -07:00
Troy Dai
4927ad6b74
Remove win32.cs
2016-07-14 16:24:56 -07:00
Troy Dai
5637e0c917
Remove unused using statements
2016-07-14 16:24:48 -07:00
Doug Bunting
792b316950
One build to rule them all
...
- well, at least VS and command-line builds will share output
- part of aspnet/Coherence-Signed#277
2016-07-07 12:40:05 -07:00
Kévin Chalet
b4342b1604
Replace magic strings by the new constants introduced in IdentityModel
2016-06-17 10:43:24 -07:00
Pranav K
d8d408638e
Updating to dev versions
...
# Conflicts:
# src/Microsoft.AspNetCore.Authentication.OAuth/project.json
# src/Microsoft.AspNetCore.Authentication.Twitter/project.json
2016-06-16 11:31:40 -07:00
jacalvar
20316e276c
Update Json.NET to 9.0.1
2016-06-15 15:19:11 -07:00
Hao Kung
666ad0fc3b
Doc comment update
2016-06-13 14:10:43 -07:00
Hao Kung
34ee0212d0
Fix misc feedback
2016-06-10 15:37:08 -07:00
Barry Dorrans
38e89d498d
Doc Comments
2016-06-09 16:15:09 -07:00
jacalvar
e1495f5f32
Remove unncessary usings
2016-06-09 00:48:37 -07:00
jacalvar
933b374f3e
Update Json.NET to 9.0.1-beta1
2016-06-06 21:26:53 -07:00
Pranav K
bffbfc7f9e
React to OpenId renames
2016-06-04 18:53:09 -07:00
Kévin Chalet
120021e8a3
Add a new IncludeErrorDetails option to prevent the JWT middleware from returning error/error_description
2016-06-03 22:46:00 +02:00
Hao Kung
35d0592701
Make AuthorizationHandler<TReq> async only
2016-06-03 13:26:16 -07:00
Kévin Chalet
56dca7e0bc
Add a 'sid' check to the OIDC middleware to prevent unsolicited logout when possible
2016-06-02 12:21:17 -07:00
Chris R
e299695974
#776 Show some JwtBearer errors in response headers
2016-06-01 07:10:16 -07:00
Hao Kung
c257c9528f
AuthZ: Combine needs to use policy provider
...
Fixes https://github.com/aspnet/Security/issues/841
2016-05-31 13:45:48 -07:00
Chris R
080447e9aa
#780 Remove obsolete DateTime conversions
2016-05-27 15:29:40 -07:00
Chris R
d6763bd77c
#423 Support distributed sign-out.
2016-05-27 14:51:53 -07:00
John Luo
e57e01d02c
React to updated CoreCLR packages
...
https://github.com/aspnet/Coherence/issues/97
2016-05-26 18:25:05 -07:00
Chris R
2634fe318d
#814 Rework CookieAuth for compat with CookiePolicy.
2016-05-26 14:20:15 -07:00
Chris R
59fc691f41
#667 #801 Handle authorize and forbid for redirecting handlers.
2016-05-23 10:50:50 -07:00
Hao Kung
db7009531a
Update google token endpoint to v4
2016-05-23 10:31:36 -07:00
Hao Kung
bfbe7ec15d
Update fb to v2.6
2016-05-23 10:31:36 -07:00
Pranav K
4c27df166b
Revert "React to updated CoreCLR packages"
...
This reverts commit 621ccf889c .
2016-05-18 09:40:51 -07:00
John Luo
621ccf889c
React to updated CoreCLR packages
...
https://github.com/aspnet/Coherence/issues/97
2016-05-17 14:34:03 -07:00
BrennanConroy
962a74c488
Add argument validation
2016-05-16 15:19:58 -07:00
Chris R
6294badd97
Use a shared CookieSecurePolicy.
2016-05-16 12:29:33 -07:00
BrennanConroy
1a99fad0c6
Rename AuthorizationContext
2016-05-16 09:30:33 -07:00
Chris R
d814cef75a
Merge branch 'release' into dev
2016-05-03 10:09:44 -07:00
Chris R
7645253420
#808 Update OIDC to v1.0
2016-05-03 09:39:36 -07:00
Pranav K
cf75a0f793
Merge branch 'release' into dev
2016-05-02 14:57:21 -07:00
Pranav K
f6cdb9faf9
Fix build warnings
2016-05-02 11:27:26 -07:00
Petr Onderka
ba8c0c5018
Removed space from file name
...
This caused broken link in API reference
2016-04-28 15:40:59 -07:00
Chris R
0bce133ee4
#765 Retrieve the email address from Twitter.
2016-04-28 10:19:30 -07:00
Chris R
0cd7c7236b
React to FormReader api change.
2016-04-25 12:15:04 -07:00
Kiran Challa
6e3ff403d4
[ Fixes #794 ] Exception thrown when 'Microsoft.AspNetCore.Authentication.JwtBearer' tries to log a message
2016-04-22 09:55:13 -07:00
Chris R
c06cac5d30
#744 Change OIDC's default ResponseType to IdToken.
2016-04-21 14:46:40 -07:00
BrennanConroy
3db1f1e9fd
Move dependency to netstandard only
2016-04-14 15:41:40 -07:00
BrennanConroy
8023d1eb02
Add serialization.primitives for Newtonsoft.Json
2016-04-14 13:52:39 -07:00
Pranav K
a41c578d88
Removing imports from src projects
2016-04-08 06:49:18 -07:00
Hao Kung
5cd236c1b0
Guard against null ref
2016-04-01 14:16:49 -07:00
Hao Kung
4d6ad51f8a
Add fallback logging for username in AuthZ
2016-03-31 13:09:32 -07:00
Doug Bunting
16a0482238
React to HttpAbstractions namespace changes
...
- aspnet/HttpAbstractions#549 and aspnet/HttpAbstractions#592
- clean up `using`s
2016-03-30 16:15:37 -07:00
jacalvar
4086d70628
Add comments to AddAuthentication extension methods
2016-03-28 15:44:15 -07:00
Chris R
3f596108aa
#690 OIDC & JWT event refactoring.
2016-03-25 10:08:33 -07:00
Kiran Challa
6d4a80e747
[ Fixes #532 ] Replace hard-coded logging event ids with a class of consts
2016-03-24 07:11:53 -07:00
Pranav K
7ec3da701c
Reacting to CoreFx package changes
2016-03-23 16:15:16 -07:00
Pranav K
22d133cefa
Reacting to CoreCLR package changes
2016-03-22 14:51:18 -07:00
Doug Bunting
9361960b2f
React to HttpAbstractions change: No features in `.Internal` namespace
...
- see issue aspnet/HttpAbstractions#561 and pull aspnet/HttpAbstractions#589
2016-03-18 08:35:57 -07:00
Doug Bunting
81bf1c2096
Cleanup transitive dependencies
2016-03-17 22:23:23 -07:00
Ajay Bhargav Baaskaran
1a8d5317a9
Updated Json.Net version
2016-03-14 14:50:57 -07:00
Dovydas Navickas
f5c1c45db2
IClaimsTransofrmer updated to take ClaimsTransformationContext instead of ClaimsPrincipal in TransformAsync method. #718
2016-03-11 14:07:56 -08:00