aspnet
diff --git a/‎src/Microsoft.AspNet.Http.Abstractions/Authentication/AuthenticateResult.cs‎
Lines changed: 0 additions & 44 deletions b/‎src/Microsoft.AspNet.Http.Abstractions/Authentication/AuthenticateResult.cs‎
Lines changed: 0 additions & 44 deletions
diff --git a/‎src/Microsoft.AspNet.Http.Abstractions/Authentication/AuthenticationManager.cs‎
Lines changed: 38 additions & 16 deletions b/‎src/Microsoft.AspNet.Http.Abstractions/Authentication/AuthenticationManager.cs‎
Lines changed: 38 additions & 16 deletions
diff --git a/‎src/Microsoft.AspNet.Http.Abstractions/HttpResponse.cs‎
Lines changed: 18 additions & 6 deletions b/‎src/Microsoft.AspNet.Http.Abstractions/HttpResponse.cs‎
Lines changed: 18 additions & 6 deletions
diff --git a/‎src/Microsoft.AspNet.Http.Features/Authentication/ChallengeBehavior.cs‎
Lines changed: 12 additions & 0 deletions b/‎src/Microsoft.AspNet.Http.Features/Authentication/ChallengeBehavior.cs‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎src/Microsoft.AspNet.Http.Features/Authentication/ChallengeContext.cs‎
Lines changed: 9 additions & 1 deletion b/‎src/Microsoft.AspNet.Http.Features/Authentication/ChallengeContext.cs‎
Lines changed: 9 additions & 1 deletion
diff --git a/‎src/Microsoft.AspNet.Http.Features/Authentication/IAuthenticationHandler.cs‎
Lines changed: 3 additions & 5 deletions b/‎src/Microsoft.AspNet.Http.Features/Authentication/IAuthenticationHandler.cs‎
Lines changed: 3 additions & 5 deletions
diff --git a/‎src/Microsoft.AspNet.Http.Features/IHttpResponseFeature.cs‎
Lines changed: 3 additions & 2 deletions b/‎src/Microsoft.AspNet.Http.Features/IHttpResponseFeature.cs‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎src/Microsoft.AspNet.Http/Authentication/DefaultAuthenticationManager.cs‎
Lines changed: 11 additions & 55 deletions b/‎src/Microsoft.AspNet.Http/Authentication/DefaultAuthenticationManager.cs‎
Lines changed: 11 additions & 55 deletions
@@ -4,48 +4,70 @@
 using System.Collections.Generic;
 using System.Security.Claims;
 using System.Threading.Tasks;
+using Microsoft.AspNet.Http.Features.Authentication;
+using Microsoft.Framework.Internal;
 
 namespace Microsoft.AspNet.Http.Authentication
 {
     public abstract class AuthenticationManager
     {
         public abstract IEnumerable<AuthenticationDescription> GetAuthenticationSchemes();
 
-        public abstract AuthenticationResult Authenticate(string authenticationScheme);
+        public abstract Task AuthenticateAsync([NotNull] AuthenticateContext context);
 
-        public abstract Task<AuthenticationResult> AuthenticateAsync(string authenticationScheme);
+        public virtual async Task<ClaimsPrincipal> AuthenticateAsync([NotNull] string authenticationScheme)
+        {
+            var context = new AuthenticateContext(authenticationScheme);
+            await AuthenticateAsync(context);
+            return context.Principal;
+        }
 
-        public virtual void Challenge()
+        public virtual Task ChallengeAsync()
         {
-            Challenge(authenticationScheme: null, properties: null);
+            return ChallengeAsync(properties: null);
         }
 
-        public virtual void Challenge(AuthenticationProperties properties)
+        public virtual Task ChallengeAsync(AuthenticationProperties properties)
         {
-            Challenge(authenticationScheme: null, properties: properties);
+            return ChallengeAsync(authenticationScheme: string.Empty, properties: properties);
         }
 
-        public virtual void Challenge(string authenticationScheme)
+        public virtual Task ChallengeAsync([NotNull] string authenticationScheme)
         {
-            Challenge(authenticationScheme: authenticationScheme, properties: null);
+            return ChallengeAsync(authenticationScheme: authenticationScheme, properties: null);
         }
 
-        public abstract void Challenge(string authenticationScheme, AuthenticationProperties properties);
+        // Leave it up to authentication handler to do the right thing for the challenge
+        public virtual Task ChallengeAsync([NotNull] string authenticationScheme, AuthenticationProperties properties)
+        {
+            return ChallengeAsync(authenticationScheme, properties, ChallengeBehavior.Automatic);
+        }
 
-        public void SignIn(string authenticationScheme, ClaimsPrincipal principal)
+        public virtual Task SignInAsync([NotNull] string authenticationScheme, [NotNull] ClaimsPrincipal principal)
         {
-            SignIn(authenticationScheme, principal, properties: null);
+            return SignInAsync(authenticationScheme, principal, properties: null);
         }
 
-        public abstract void SignIn(string authenticationScheme, ClaimsPrincipal principal, AuthenticationProperties properties);
+        public virtual Task ForbidAsync([NotNull] string authenticationScheme)
+        {
+            return ForbidAsync(authenticationScheme, properties: null);
+        }
 
-        public virtual void SignOut()
+        // Deny access (typically a 403)
+        public virtual Task ForbidAsync([NotNull] string authenticationScheme, AuthenticationProperties properties)
         {
-            SignOut(authenticationScheme: null, properties: null);
+            return ChallengeAsync(authenticationScheme, properties, ChallengeBehavior.Forbidden);
         }
 
-        public abstract void SignOut(string authenticationScheme);
+        public abstract Task ChallengeAsync([NotNull] string authenticationScheme, AuthenticationProperties properties, ChallengeBehavior behavior);
+
+        public abstract Task SignInAsync([NotNull] string authenticationScheme, [NotNull] ClaimsPrincipal principal, AuthenticationProperties properties);
+
+        public virtual Task SignOutAsync([NotNull] string authenticationScheme)
+        {
+            return SignOutAsync(authenticationScheme, properties: null);
+        }
 
-        public abstract void SignOut(string authenticationScheme, AuthenticationProperties properties);
+        public abstract Task SignOutAsync([NotNull] string authenticationScheme, AuthenticationProperties properties);
     }
 }
@@ -3,11 +3,20 @@
 
 using System;
 using System.IO;
+using System.Threading.Tasks;
+using Microsoft.Framework.Internal;
 
 namespace Microsoft.AspNet.Http
 {
     public abstract class HttpResponse
     {
+        private static readonly Func<object, Task> _callbackDelegate = callback => ((Func<Task>)callback)();
+        private static readonly Func<object, Task> _disposeDelegate = disposable =>
+        {
+            ((IDisposable)disposable).Dispose();
+            return Task.FromResult(0);
+        };
+
         public abstract HttpContext HttpContext { get; }
 
         public abstract int StatusCode { get; set; }
@@ -24,14 +33,17 @@ public abstract class HttpResponse
 
         public abstract bool HasStarted { get; }
 
-        public abstract void OnResponseStarting(Action<object> callback, object state);
+        public abstract void OnStarting([NotNull] Func<object, Task> callback, object state);
 
-        public abstract void OnResponseCompleted(Action<object> callback, object state);
+        public virtual void OnStarting([NotNull] Func<Task> callback) => OnStarting(_callbackDelegate, callback);
 
-        public virtual void Redirect(string location)
-        {
-            Redirect(location, permanent: false);
-        }
+        public abstract void OnCompleted([NotNull] Func<object, Task> callback, object state);
+
+        public virtual void OnCompletedDispose([NotNull] IDisposable disposable) => OnCompleted(_disposeDelegate, disposable);
+
+        public virtual void OnCompleted([NotNull] Func<Task> callback) => OnCompleted(_callbackDelegate, callback);
+
+        public virtual void Redirect(string location) => Redirect(location, permanent: false);
 
         public abstract void Redirect(string location, bool permanent);
     }
 
@@ -0,0 +1,12 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+namespace Microsoft.AspNet.Http.Features.Authentication
+{
+    public enum ChallengeBehavior
+    {
+        Automatic,
+        Unauthorized,
+        Forbidden
+    }
+}
@@ -3,19 +3,27 @@
 
 using System;
 using System.Collections.Generic;
+using Microsoft.Framework.Internal;
 
 namespace Microsoft.AspNet.Http.Features.Authentication
 {
     public class ChallengeContext
     {
-        public ChallengeContext(string authenticationScheme, IDictionary<string, string> properties)
+        public ChallengeContext([NotNull] string authenticationScheme) : this(authenticationScheme, properties: null, behavior: ChallengeBehavior.Automatic)
+        {
+        }
+
+        public ChallengeContext([NotNull] string authenticationScheme, IDictionary<string, string> properties, ChallengeBehavior behavior)
         {
             AuthenticationScheme = authenticationScheme;
             Properties = properties ?? new Dictionary<string, string>(StringComparer.Ordinal);
+            Behavior = behavior;
         }
 
         public string AuthenticationScheme { get; }
 
+        public ChallengeBehavior Behavior { get; }
+
         public IDictionary<string, string> Properties { get; }
 
         public bool Accepted { get; private set; }
 
@@ -9,14 +9,12 @@ public interface IAuthenticationHandler
     {
         void GetDescriptions(DescribeSchemesContext context);
 
-        void Authenticate(AuthenticateContext context);
-
         Task AuthenticateAsync(AuthenticateContext context);
 
-        void Challenge(ChallengeContext context);
+        Task ChallengeAsync(ChallengeContext context);
 
-        void SignIn(SignInContext context);
+        Task SignInAsync(SignInContext context);
 
-        void SignOut(SignOutContext context);
+        Task SignOutAsync(SignOutContext context);
     }
 }
@@ -4,6 +4,7 @@
 using System;
 using System.Collections.Generic;
 using System.IO;
+using System.Threading.Tasks;
 
 namespace Microsoft.AspNet.Http.Features
 {
@@ -14,7 +15,7 @@ public interface IHttpResponseFeature
         IDictionary<string, string[]> Headers { get; set; }
         Stream Body { get; set; }
         bool HasStarted { get; }
-        void OnResponseStarting(Action<object> callback, object state);
-        void OnResponseCompleted(Action<object> callback, object state);
+        void OnStarting(Func<object, Task> callback, object state);
+        void OnCompleted(Func<object, Task> callback, object state);
     }
 }
@@ -48,66 +48,29 @@ public override IEnumerable<AuthenticationDescription> GetAuthenticationSchemes(
             return describeContext.Results.Select(description => new AuthenticationDescription(description));
         }
 
-        public override AuthenticationResult Authenticate([NotNull] string authenticationScheme)
+        public override async Task AuthenticateAsync([NotNull] AuthenticateContext context)
         {
             var handler = HttpAuthenticationFeature.Handler;
 
-            var authenticateContext = new AuthenticateContext(authenticationScheme);
             if (handler != null)
             {
-                handler.Authenticate(authenticateContext);
+                await handler.AuthenticateAsync(context);
             }
 
-            if (!authenticateContext.Accepted)
+            if (!context.Accepted)
             {
-                throw new InvalidOperationException($"The following authentication scheme was not accepted: {authenticationScheme}");
-            }
-
-            if (authenticateContext.Principal == null)
-            {
-                return null;
-            }
-
-            return new AuthenticationResult(authenticateContext.Principal,
-                new AuthenticationProperties(authenticateContext.Properties),
-                new AuthenticationDescription(authenticateContext.Description));
-        }
-
-        public override async Task<AuthenticationResult> AuthenticateAsync([NotNull] string authenticationScheme)
-        {
-            var handler = HttpAuthenticationFeature.Handler;
-
-            var authenticateContext = new AuthenticateContext(authenticationScheme);
-            if (handler != null)
-            {
-                await handler.AuthenticateAsync(authenticateContext);
-            }
-
-            // Verify all types ack'd
-            if (!authenticateContext.Accepted)
-            {
-                throw new InvalidOperationException($"The following authentication scheme was not accepted: {authenticationScheme}");
-            }
-
-            if (authenticateContext.Principal == null)
-            {
-                return null;
+                throw new InvalidOperationException($"The following authentication scheme was not accepted: {context.AuthenticationScheme}");
             }
-
-            return new AuthenticationResult(authenticateContext.Principal,
-                new AuthenticationProperties(authenticateContext.Properties),
-                new AuthenticationDescription(authenticateContext.Description));
         }
 
-        public override void Challenge(string authenticationScheme, AuthenticationProperties properties)
+        public override async Task ChallengeAsync([NotNull] string authenticationScheme, AuthenticationProperties properties, ChallengeBehavior behavior)
         {
-            HttpResponseFeature.StatusCode = 401;
             var handler = HttpAuthenticationFeature.Handler;
 
-            var challengeContext = new ChallengeContext(authenticationScheme, properties?.Items);
+            var challengeContext = new ChallengeContext(authenticationScheme, properties?.Items, behavior);
             if (handler != null)
             {
-                handler.Challenge(challengeContext);
+                await handler.ChallengeAsync(challengeContext);
             }
 
             // The default Challenge with no scheme is always accepted
@@ -117,43 +80,36 @@ public override void Challenge(string authenticationScheme, AuthenticationProper
             }
         }
 
-        public override void SignIn([NotNull] string authenticationScheme, [NotNull] ClaimsPrincipal principal, AuthenticationProperties properties)
+        public override async Task SignInAsync([NotNull] string authenticationScheme, [NotNull] ClaimsPrincipal principal, AuthenticationProperties properties)
         {
             var handler = HttpAuthenticationFeature.Handler;
 
             var signInContext = new SignInContext(authenticationScheme, principal, properties?.Items);
             if (handler != null)
             {
-                handler.SignIn(signInContext);
+                await handler.SignInAsync(signInContext);
             }
 
-            // Verify all types ack'd
             if (!signInContext.Accepted)
             {
                 throw new InvalidOperationException($"The following authentication scheme was not accepted: {authenticationScheme}");
             }
         }
 
-        public override void SignOut(string authenticationScheme, AuthenticationProperties properties)
+        public override async Task SignOutAsync([NotNull] string authenticationScheme, AuthenticationProperties properties)
         {
             var handler = HttpAuthenticationFeature.Handler;
 
             var signOutContext = new SignOutContext(authenticationScheme, properties?.Items);
             if (handler != null)
             {
-                handler.SignOut(signOutContext);
+                await handler.SignOutAsync(signOutContext);
             }
 
-            // Verify all types ack'd
             if (!string.IsNullOrWhiteSpace(authenticationScheme) && !signOutContext.Accepted)
             {
                 throw new InvalidOperationException($"The following authentication scheme was not accepted: {authenticationScheme}");
             }
         }
-
-        public override void SignOut(string authenticationScheme)
-        {
-            SignOut(authenticationScheme, properties: null);
-        }
     }
 }
Original file line number	Diff line number	Diff line change
`@@ -3,19 +3,27 @@`
`3`	`3`
`4`	`4`	`using System;`
`5`	`5`	`using System.Collections.Generic;`
	`6`	`+using Microsoft.Framework.Internal;`
`6`	`7`
`7`	`8`	`namespace Microsoft.AspNet.Http.Features.Authentication`
`8`	`9`	`{`
`9`	`10`	`public class ChallengeContext`
`10`	`11`	`{`
`11`		`- public ChallengeContext(string authenticationScheme, IDictionary<string, string> properties)`
	`12`	`+ public ChallengeContext([NotNull] string authenticationScheme) : this(authenticationScheme, properties: null, behavior: ChallengeBehavior.Automatic)`
	`13`	`+ {`
	`14`	`+ }`
	`15`	`+`
	`16`	`+ public ChallengeContext([NotNull] string authenticationScheme, IDictionary<string, string> properties, ChallengeBehavior behavior)`
`12`	`17`	`{`
`13`	`18`	`AuthenticationScheme = authenticationScheme;`
`14`	`19`	`Properties = properties ?? new Dictionary<string, string>(StringComparer.Ordinal);`
	`20`	`+ Behavior = behavior;`
`15`	`21`	`}`
`16`	`22`
`17`	`23`	`public string AuthenticationScheme { get; }`
`18`	`24`
	`25`	`+ public ChallengeBehavior Behavior { get; }`
	`26`	`+`
`19`	`27`	`public IDictionary<string, string> Properties { get; }`
`20`	`28`
`21`	`29`	`public bool Accepted { get; private set; }`
Original file line number	Diff line number	Diff line change
`@@ -9,14 +9,12 @@ public interface IAuthenticationHandler`
`9`	`9`	`{`
`10`	`10`	`void GetDescriptions(DescribeSchemesContext context);`
`11`	`11`
`12`		`- void Authenticate(AuthenticateContext context);`
`13`		`-`
`14`	`12`	`Task AuthenticateAsync(AuthenticateContext context);`
`15`	`13`
`16`		`- void Challenge(ChallengeContext context);`
	`14`	`+ Task ChallengeAsync(ChallengeContext context);`
`17`	`15`
`18`		`- void SignIn(SignInContext context);`
	`16`	`+ Task SignInAsync(SignInContext context);`
`19`	`17`
`20`		`- void SignOut(SignOutContext context);`
	`18`	`+ Task SignOutAsync(SignOutContext context);`
`21`	`19`	`}`
`22`	`20`	`}`
Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,7 @@`
`4`	`4`	`using System;`
`5`	`5`	`using System.Collections.Generic;`
`6`	`6`	`using System.IO;`
	`7`	`+using System.Threading.Tasks;`
`7`	`8`
`8`	`9`	`namespace Microsoft.AspNet.Http.Features`
`9`	`10`	`{`
`@@ -14,7 +15,7 @@ public interface IHttpResponseFeature`
`14`	`15`	`IDictionary<string, string[]> Headers { get; set; }`
`15`	`16`	`Stream Body { get; set; }`
`16`	`17`	`bool HasStarted { get; }`
`17`		`- void OnResponseStarting(Action<object> callback, object state);`
`18`		`- void OnResponseCompleted(Action<object> callback, object state);`
	`18`	`+ void OnStarting(Func<object, Task> callback, object state);`
	`19`	`+ void OnCompleted(Func<object, Task> callback, object state);`
`19`	`20`	`}`
`20`	`21`	`}`
Original file line number	Diff line number	Diff line change
`@@ -48,66 +48,29 @@ public override IEnumerable<AuthenticationDescription> GetAuthenticationSchemes(`
`48`	`48`	`return describeContext.Results.Select(description => new AuthenticationDescription(description));`
`49`	`49`	`}`
`50`	`50`
`51`		`- public override AuthenticationResult Authenticate([NotNull] string authenticationScheme)`
	`51`	`+ public override async Task AuthenticateAsync([NotNull] AuthenticateContext context)`
`52`	`52`	`{`
`53`	`53`	`var handler = HttpAuthenticationFeature.Handler;`
`54`	`54`
`55`		`- var authenticateContext = new AuthenticateContext(authenticationScheme);`
`56`	`55`	`if (handler != null)`
`57`	`56`	`{`
`58`		`- handler.Authenticate(authenticateContext);`
	`57`	`+ await handler.AuthenticateAsync(context);`
`59`	`58`	`}`
`60`	`59`
`61`		`- if (!authenticateContext.Accepted)`
	`60`	`+ if (!context.Accepted)`
`62`	`61`	`{`
`63`		`- throw new InvalidOperationException($"The following authentication scheme was not accepted: {authenticationScheme}");`
`64`		`- }`
`65`		`-`
`66`		`- if (authenticateContext.Principal == null)`
`67`		`- {`
`68`		`- return null;`
`69`		`- }`
`70`		`-`
`71`		`- return new AuthenticationResult(authenticateContext.Principal,`
`72`		`- new AuthenticationProperties(authenticateContext.Properties),`
`73`		`- new AuthenticationDescription(authenticateContext.Description));`
`74`		`- }`
`75`		`-`
`76`		`- public override async Task<AuthenticationResult> AuthenticateAsync([NotNull] string authenticationScheme)`
`77`		`- {`
`78`		`- var handler = HttpAuthenticationFeature.Handler;`
`79`		`-`
`80`		`- var authenticateContext = new AuthenticateContext(authenticationScheme);`
`81`		`- if (handler != null)`
`82`		`- {`
`83`		`- await handler.AuthenticateAsync(authenticateContext);`
`84`		`- }`
`85`		`-`
`86`		`- // Verify all types ack'd`
`87`		`- if (!authenticateContext.Accepted)`
`88`		`- {`
`89`		`- throw new InvalidOperationException($"The following authentication scheme was not accepted: {authenticationScheme}");`
`90`		`- }`
`91`		`-`
`92`		`- if (authenticateContext.Principal == null)`
`93`		`- {`
`94`		`- return null;`
	`62`	`+ throw new InvalidOperationException($"The following authentication scheme was not accepted: {context.AuthenticationScheme}");`
`95`	`63`	`}`
`96`		`-`
`97`		`- return new AuthenticationResult(authenticateContext.Principal,`
`98`		`- new AuthenticationProperties(authenticateContext.Properties),`
`99`		`- new AuthenticationDescription(authenticateContext.Description));`
`100`	`64`	`}`
`101`	`65`
`102`		`- public override void Challenge(string authenticationScheme, AuthenticationProperties properties)`
	`66`	`+ public override async Task ChallengeAsync([NotNull] string authenticationScheme, AuthenticationProperties properties, ChallengeBehavior behavior)`
`103`	`67`	`{`
`104`		`- HttpResponseFeature.StatusCode = 401;`
`105`	`68`	`var handler = HttpAuthenticationFeature.Handler;`
`106`	`69`
`107`		`- var challengeContext = new ChallengeContext(authenticationScheme, properties?.Items);`
	`70`	`+ var challengeContext = new ChallengeContext(authenticationScheme, properties?.Items, behavior);`
`108`	`71`	`if (handler != null)`
`109`	`72`	`{`
`110`		`- handler.Challenge(challengeContext);`
	`73`	`+ await handler.ChallengeAsync(challengeContext);`
`111`	`74`	`}`
`112`	`75`
`113`	`76`	`// The default Challenge with no scheme is always accepted`
`@@ -117,43 +80,36 @@ public override void Challenge(string authenticationScheme, AuthenticationProper`
`117`	`80`	`}`
`118`	`81`	`}`
`119`	`82`
`120`		`- public override void SignIn([NotNull] string authenticationScheme, [NotNull] ClaimsPrincipal principal, AuthenticationProperties properties)`
	`83`	`+ public override async Task SignInAsync([NotNull] string authenticationScheme, [NotNull] ClaimsPrincipal principal, AuthenticationProperties properties)`
`121`	`84`	`{`
`122`	`85`	`var handler = HttpAuthenticationFeature.Handler;`
`123`	`86`
`124`	`87`	`var signInContext = new SignInContext(authenticationScheme, principal, properties?.Items);`
`125`	`88`	`if (handler != null)`
`126`	`89`	`{`
`127`		`- handler.SignIn(signInContext);`
	`90`	`+ await handler.SignInAsync(signInContext);`
`128`	`91`	`}`
`129`	`92`
`130`		`- // Verify all types ack'd`
`131`	`93`	`if (!signInContext.Accepted)`
`132`	`94`	`{`
`133`	`95`	`throw new InvalidOperationException($"The following authentication scheme was not accepted: {authenticationScheme}");`
`134`	`96`	`}`
`135`	`97`	`}`
`136`	`98`
`137`		`- public override void SignOut(string authenticationScheme, AuthenticationProperties properties)`
	`99`	`+ public override async Task SignOutAsync([NotNull] string authenticationScheme, AuthenticationProperties properties)`
`138`	`100`	`{`
`139`	`101`	`var handler = HttpAuthenticationFeature.Handler;`
`140`	`102`
`141`	`103`	`var signOutContext = new SignOutContext(authenticationScheme, properties?.Items);`
`142`	`104`	`if (handler != null)`
`143`	`105`	`{`
`144`		`- handler.SignOut(signOutContext);`
	`106`	`+ await handler.SignOutAsync(signOutContext);`
`145`	`107`	`}`
`146`	`108`
`147`		`- // Verify all types ack'd`
`148`	`109`	`if (!string.IsNullOrWhiteSpace(authenticationScheme) && !signOutContext.Accepted)`
`149`	`110`	`{`
`150`	`111`	`throw new InvalidOperationException($"The following authentication scheme was not accepted: {authenticationScheme}");`
`151`	`112`	`}`
`152`	`113`	`}`
`153`		`-`
`154`		`- public override void SignOut(string authenticationScheme)`
`155`		`- {`
`156`		`- SignOut(authenticationScheme, properties: null);`
`157`		`- }`
`158`	`114`	`}`
`159`	`115`	`}`