43db99a568
Updated for the TwitterOptions Validation for the ConsumerKey and Con… ( #1337 )
2017-08-14 10:29:02 -07:00
d797543cfc
Update obsolete error ( #1346 )
2017-08-03 12:59:45 -07:00
827852efdb
Corrected typos in XML Docs in MessageReceivedContext for events in JwtBearer and OpenIdConnect middlesware. ( #1336 )
2017-07-24 08:49:49 -07:00
644f34e90d
AuthZ PolicyEvalutor should take resource
2017-07-21 11:04:01 -07:00
36d3d97b99
#1319 Add DisplayName overloads
2017-07-13 15:20:24 -07:00
df325deaf3
Add AddAuthentication(defaultScheme) overload
2017-07-07 12:06:00 -07:00
23da476176
Switch to IOptionsMonitor ( #1295 )
2017-07-06 13:41:47 -07:00
bd19ba9533
Revert obsoleting CookieAuthenticationOptions.ExpireTimeSpan ( #1296 )
...
- Revert the obsoleting of CookieAuthenticationOptions.ExpireTimeSpan in aspnet/Security#1285
- Add test to ensure Cookie.Expiration is ignored
2017-07-05 15:43:43 -07:00
658f4621b1
#1208 Clean up JWT and OIDC issuer handling
2017-07-05 14:44:23 -07:00
1c30f33c92
Remove AddXyzAuth extension methods
2017-07-05 13:00:40 -07:00
a7bf561b1c
Add CookieBuilder to CookieAuthenticationOptions and obsolete the duplicated properties
2017-07-05 10:05:10 -07:00
968237d751
Replace configure method on Twitter, RemoteAuthentication, and OpenIdConnect options with CookieBuilder
2017-07-05 09:56:12 -07:00
66b939725e
https://github.com/aspnet/Security/issues/1265 . Check Auth failures and log them.
2017-07-03 18:04:05 -07:00
ff9f145a8e
Refactor Events + Add IAuthenticationBuilder
2017-06-29 16:27:03 -07:00
80383606d3
AuthZ: Eliminate extra ToArray()
2017-06-27 10:31:42 -07:00
05c6cbe466
Fix documentation for JwtBearerOptions.Events ( #1249 )
2017-06-23 09:00:31 -07:00
879f0b7f40
[ Fixes #1133 ] Limit the path on the nonce and correlation id cookies
2017-06-15 11:23:05 -07:00
200ce72312
Rename PostLogoutRedirectUri to avoid spec confusion
2017-06-13 15:20:54 -07:00
9797d4bc5f
Reenable API check
2017-06-12 14:58:11 -07:00
bc3c4e9f12
#1200 Doc comments for OnRedirectToIdentityProvider
2017-06-09 16:23:47 -07:00
4a258b4565
Remove usage of TaskCache
2017-06-08 09:01:00 -07:00
a561da0b3f
Remove itemgroup from csproj with unreachable code
2017-06-06 15:41:17 -07:00
b795893542
Remove rogue using
2017-06-05 14:04:33 -07:00
ae3dfcdb32
Remote ConfigureDefaultOptions
2017-06-05 11:34:35 -07:00
db9ae62632
IInitializeOptions => IPostConfigureOptions
2017-06-02 14:28:03 -07:00
c523839078
Update default settings for SameSite
...
- Need Lax policy for social authentication
- Need None policy for OIDC
2017-05-26 12:19:18 -07:00
0b41dd1289
Disable api check to unblock build
2017-05-25 20:25:04 -07:00
e940cdb36b
AuthZ 2.0 changes + react to Http
2017-05-25 18:29:19 -07:00
30392a1811
Retarget to netstandard2.0 and net461
2017-05-24 19:04:48 -07:00
769da5fd87
Add SameSitePolicy to CookiePolicyMiddleware
2017-05-23 09:55:11 -07:00
2a4a7dd26a
Make samples work. Fix AddOAuthAuthentication extension. ( #1226 )
2017-05-22 10:01:44 -07:00
1f5a27e20a
Switch to Options Initializer
2017-05-17 14:05:27 -07:00
36605636df
Remove unnecessary package references ( #1210 )
2017-05-10 11:47:56 -07:00
d84abf1fe6
Migrate to netcoreapp2.0 ( #1202 )
...
* Migrate to netcoreapp2.0, remove Microsoft.Owin.Security.Interop & tests.
* Remove net45 baselines
2017-05-04 19:26:44 -07:00
254eb82ee1
Update API Check related files
...
React to aspnet/BuildTools#238
2017-04-25 08:19:08 -07:00
4f20655850
Set DisplayName for auth
2017-04-20 14:19:32 -07:00
bb73898ca2
Disable api check
2017-04-19 14:14:46 -07:00
da30688fa9
Disable api checks for now
2017-04-19 13:58:38 -07:00
99aa3bd35d
Auth 2.0
2017-04-19 13:00:03 -07:00
75a4d006aa
Disable API Check in projects with untracked breaking changes
2017-03-22 08:35:25 -07:00
b8eae7a697
Add reference to System.Security.Claims
2017-03-22 06:04:21 -07:00
ffa45dbd01
Change compilation targets.
...
* Remove net451 as a compilation target
* Upgrade to netcoreapp2.0
2017-03-22 06:04:21 -07:00
10ef26d63c
Consolidate dependency versions into one file and remove workarounds
2017-03-15 18:12:53 -07:00
32dd435c6e
Add an opt-out DisableTelemetry option in the OpenID Connect middleware ( #1140 )
2017-03-13 10:02:59 -07:00
ad425163b2
#969 Make social auth claims mapping more configurable
...
#1024 Remove OIDC protocol claims
2017-03-01 10:55:30 -08:00
9847f40654
Downgrade to stable packages
2017-02-14 16:15:42 -08:00
fea5d5cfdc
Truncate SystemClock to Seconds Precision ( #1110 )
2017-02-06 14:36:42 -08:00
c18a3d3a7d
Revert "Revert "Update OpenId package versions""
...
This reverts commit 0113df6075
2017-01-31 06:51:51 -08:00
0113df6075
Revert "Update OpenId package versions"
...
This reverts commit a031c4badb
2017-01-30 11:10:41 -08:00
a031c4badb
Update OpenId package versions
2017-01-25 17:09:26 -08:00
7634c5420a
Upgrade to RC.3
...
Removes __TemporarySources__ to use contentFiles packages
Remove default globs
Update test platform
2017-01-19 22:31:43 -08:00
fddfad14c9
#1082 Update IdentityModel dependencies to 5.1.2
2017-01-19 13:50:46 -08:00
861026cd76
Remove redundant references
2017-01-05 18:16:07 -08:00
ba8f85d972
Upgrade to VS 2017
2017-01-05 13:53:05 -08:00
7ab28ecdc6
Updating to 4.4 CoreFx packages
2016-12-14 14:47:31 -08:00
da4730a392
#1044 Revert "Auth: Always call prior handlers during Challenge"
...
This reverts commit e12838e38f
2016-12-14 10:55:46 -08:00
46df38de68
Updating versions to 1.2.0-*
2016-11-09 14:19:34 -08:00
82c231efca
Created public API baselines
2016-11-08 11:38:53 -08:00
96c27fa393
Revert breaking parameter rename
2016-11-08 10:32:46 -08:00
415055ebab
#1007 Additional id_token validation
2016-11-07 12:33:49 -08:00
0c815da523
#903 Ensure redirect uris can be generated
2016-11-04 10:51:03 -07:00
834718d1f9
Updating to RTM builds of IdentityModel packages
2016-11-02 14:43:57 -07:00
e55e3b6f5a
Updated Authentication's Base64UrlTextEncoder to use WebUtilities's Base64UrlTextEncoder logic
2016-11-01 12:22:42 -07:00
500201bdf7
Made ChunkingCookieManager's default chunk size public
2016-11-01 12:14:02 -07:00
2d1c56ce5c
#884 Honor OIDC's and Jwt's OnAuthenticationFailed HandleResponse()
2016-10-31 13:48:50 -07:00
8fcbddc23b
Update ClaimsHelper.AddClaimsToIdentity to infer the claim value type from the JSON token type ( #1002 )
2016-10-24 09:28:25 -07:00
3eab3ef013
Updating package that was missed
2016-10-13 14:00:21 -07:00
734d36b2d1
Update to latest CoreFx package
2016-10-13 13:59:39 -07:00
f64c864911
Updating partner package versions
2016-10-03 14:28:05 -07:00
e09dd6d0b8
Fix #976 : Break claims value in array into multiple claims ( #996 )
...
* Break claims value in array into multiple claims
* Review feedback 1
2016-09-29 16:21:26 -07:00
ac773beffc
Changed BuildChallengeUrl in order to accept AuthorizationEndpoint which contains query parameters ( #992 )
2016-09-29 13:24:24 -07:00
0152691108
Cookie Auto: set properties back to ticket when using SessionStore ( #995 )
2016-09-28 14:25:02 -07:00
28932a7795
Log the error inforamtion when redeem auth code
2016-09-23 13:10:17 -07:00
ddeef1f9ac
Add prompt parameter to Google auth endpoint
2016-09-23 10:44:41 -07:00
5aae7ded01
Update Twitter auth package description
2016-09-22 14:06:04 -07:00
25f39dd0f5
#859 Discriminate between providers when sharing an auth cookie
2016-09-21 16:27:35 -07:00
aa1fd5d89a
Move ChunkingCookieManager to a separate Sources project
2016-09-21 12:25:41 -07:00
e12838e38f
Auth: Always call prior handlers during Challenge
2016-09-21 11:20:41 -07:00
e8f55bdb13
Add Fail fast option for AuthZ
2016-09-15 16:12:54 -07:00
ce0ed3d237
Use TaskCache class from Microsoft.Extensions.TaskCache.Sources ( #968 )
...
Instead of Task.FromResult(0)
2016-09-08 10:01:53 -07:00
cbbec15d37
Ignore null ExpiresUtc property in RequestRefresh
...
Issue: https://github.com/aspnet/Security/issues/949
2016-08-26 14:55:36 -07:00
3a5df89f1c
Move a nullref check to base class
2016-08-26 08:56:48 -07:00
a79a0360c1
Update OpenIdConnectHandler
2016-08-26 08:56:48 -07:00
c5509fb594
Minor update in OpenIdConnectHandler and Options
...
1. Default post sign out uri to the root of the applciation;
2. Throw ArgumentNullException for null context in HandleSignOutAsync;
3. Guard null from Unprotected;
4. Clean up code
2016-08-26 08:56:48 -07:00
fa0a68a847
Fix xml comments error
2016-08-26 08:48:27 -07:00
8f5c7aef57
Update tests
2016-08-26 08:47:56 -07:00
26956c5ce1
Update OIDC signout flow
...
OIDC signout should return to CallbackPath then locally redirect to AuthProperties.RedirectUri
2016-08-25 15:23:12 -07:00
d291bb7c24
Add AuthZHandlerContextFactory
2016-08-19 17:04:09 -07:00
6f15d616a8
Add IAuthorizationEvaluator
2016-08-19 17:04:09 -07:00
fb0a577dd1
Add comments to CookieAuthenticationHandler
2016-08-11 14:03:17 -07:00
26a7c7016d
Minor updates to CookieAuthenticationHandler and its tests
...
1. Remove unnecessary variable declaration.
2. Update test name to a more accurate description.
2016-08-11 10:15:07 -07:00
4600451dc6
Allow absolute uri in authentication properties for cookie auth redirect
2016-08-11 08:48:47 -07:00
97afe4acc8
Adjust the redirect URI precedence in cookie auth
2016-08-10 15:59:39 -07:00
6a9f1f9887
Honor AuthenticationProperties.RedirectUri in CookieAuthenticationHandler
2016-08-10 15:59:39 -07:00
74e5777435
Update comments
2016-08-05 22:00:37 -07:00
a344684d06
Use HandleAuthenticateOnceSafeAsync in Cookie auth
2016-08-05 15:27:37 -07:00
926c7fab4b
Use async-wait pattern in HandleAuthenticateOnceSafeAsync
2016-08-05 14:34:36 -07:00
0314632696
JwtBearer Token: Catch exception during unauthorized flow
2016-08-05 12:11:33 -07:00
706566e253
Typo "Failed to retrived" -> "Failed to retrieve"
2016-08-04 18:02:09 +02:00
2a6ab2be8c
Add UpdateTokenValue API
2016-07-29 13:26:25 -07:00
Saravanan
Hao Kung
richstokoe
Hao Kung
Chris R
Nate McMaster
Nate McMaster
Murat Girgin
Gerardo Saca
Javier Calvarro Nelson
Pranav K
John Luo
Pavel Krymets
Smit Patel
Doug Bunting
Kévin Chalet
Ben Adams
Ryan Brandenburg
Kiran Challa
Troy Dai
Adem Caglin
Christian Weiss