Security -> Authentication

AuthN renames and design changes

Author: HaoK

src/Microsoft.AspNet.Http.Core/Security/AuthenticateContext.cs renamed to src/Microsoft.AspNet.Http.Core/Authentication/AuthenticateContext.cs

@@ -1,30 +1,26 @@
 // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
-using System;
 using System.Collections.Generic;
-using System.Linq;
 using System.Security.Claims;
-using System.Text;
-using System.Threading.Tasks;
-using Microsoft.AspNet.Http.Security;
-using Microsoft.AspNet.Http.Interfaces.Security;
+using Microsoft.AspNet.Http.Interfaces.Authentication;
+using Microsoft.AspNet.Http.Authentication;
 
-namespace Microsoft.AspNet.Http.Core.Security
+namespace Microsoft.AspNet.Http.Core.Authentication
 {
     public class AuthenticateContext : IAuthenticateContext
     {
         private List<AuthenticationResult> _results;
         private List<string> _accepted;
 
-        public AuthenticateContext([NotNull] IEnumerable<string> authenticationTypes)
+        public AuthenticateContext([NotNull] IEnumerable<string> authenticationSchemes)
         {
-            AuthenticationTypes = authenticationTypes;
+            AuthenticationSchemes = authenticationSchemes;
             _results = new List<AuthenticationResult>();
             _accepted = new List<string>();
         }
 
-        public IEnumerable<string> AuthenticationTypes { get; private set; }
+        public IEnumerable<string> AuthenticationSchemes { get; private set; }
 
         public IEnumerable<AuthenticationResult> Results
         {
@@ -36,16 +32,16 @@ public IEnumerable<string> Accepted
             get { return _accepted; }
         }
 
-        public void Authenticated(ClaimsIdentity identity, IDictionary<string, string> properties, IDictionary<string, object> description)
+        public void Authenticated(ClaimsPrincipal principal, IDictionary<string, string> properties, IDictionary<string, object> description)
         {
             var descrip = new AuthenticationDescription(description);
-            _accepted.Add(descrip.AuthenticationType); // may not match identity.AuthType
-            _results.Add(new AuthenticationResult(identity, new AuthenticationProperties(properties), descrip));
+            _accepted.Add(descrip.AuthenticationScheme); // may not match identity.AuthType
+            _results.Add(new AuthenticationResult(principal, new AuthenticationProperties(properties), descrip));
         }
 
-        public void NotAuthenticated(string authenticationType, IDictionary<string, string> properties, IDictionary<string, object> description)
+        public void NotAuthenticated(string authenticationScheme, IDictionary<string, string> properties, IDictionary<string, object> description)
         {
-            _accepted.Add(authenticationType);
+            _accepted.Add(authenticationScheme);
         }
     }
 }

src/Microsoft.AspNet.Http.Core/Security/ChallengeContext.cs renamed to src/Microsoft.AspNet.Http.Core/Authentication/ChallengeContext.cs

@@ -3,25 +3,22 @@
 
 using System;
 using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-using System.Threading.Tasks;
-using Microsoft.AspNet.Http.Interfaces.Security;
+using Microsoft.AspNet.Http.Interfaces.Authentication;
 
-namespace Microsoft.AspNet.Http.Core.Security
+namespace Microsoft.AspNet.Http.Core.Authentication
 {
     public class ChallengeContext : IChallengeContext
     {
         private List<string> _accepted;
 
-        public ChallengeContext([NotNull] IEnumerable<string> authenticationTypes, IDictionary<string, string> properties)
+        public ChallengeContext([NotNull] IEnumerable<string> authenticationSchemes, IDictionary<string, string> properties)
         {
-            AuthenticationTypes = authenticationTypes;
+            AuthenticationSchemes = authenticationSchemes;
             Properties = properties ?? new Dictionary<string, string>(StringComparer.Ordinal);
             _accepted = new List<string>();
         }
 
-        public IEnumerable<string> AuthenticationTypes { get; private set; }
+        public IEnumerable<string> AuthenticationSchemes { get; private set; }
 
         public IDictionary<string, string> Properties { get; private set; }
 

src/Microsoft.AspNet.Http.Core/Security/AuthTypeContext.cs renamed to src/Microsoft.AspNet.Http.Core/Authentication/DescribeSchemesContext.cs

@@ -1,18 +1,17 @@
 // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
-using System;
 using System.Collections.Generic;
-using Microsoft.AspNet.Http.Security;
-using Microsoft.AspNet.Http.Interfaces.Security;
+using Microsoft.AspNet.Http.Authentication;
+using Microsoft.AspNet.Http.Interfaces.Authentication;
 
-namespace Microsoft.AspNet.Http.Core.Security
+namespace Microsoft.AspNet.Http.Core.Authentication
 {
-    public class AuthTypeContext : IAuthTypeContext
+    public class DescribeSchemesContext : IDescribeSchemesContext
     {
         private List<AuthenticationDescription> _results;
 
-        public AuthTypeContext()
+        public DescribeSchemesContext()
         {
             _results = new List<AuthenticationDescription>();
         }

src/Microsoft.AspNet.Http.Core/Security/HttpAuthenticationFeature.cs renamed to src/Microsoft.AspNet.Http.Core/Authentication/HttpAuthenticationFeature.cs

@@ -2,9 +2,9 @@
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System.Security.Claims;
-using Microsoft.AspNet.Http.Interfaces.Security;
+using Microsoft.AspNet.Http.Interfaces.Authentication;
 
-namespace Microsoft.AspNet.Http.Core.Security
+namespace Microsoft.AspNet.Http.Core.Authentication
 {
     public class HttpAuthenticationFeature : IHttpAuthenticationFeature
     {

src/Microsoft.AspNet.Http.Core/Authentication/SignInContext.cs

@@ -0,0 +1,38 @@
+// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System;
+using System.Collections.Generic;
+using System.Security.Claims;
+using Microsoft.AspNet.Http.Interfaces.Authentication;
+
+namespace Microsoft.AspNet.Http.Core.Authentication
+{
+    public class SignInContext : ISignInContext
+    {
+        private bool _accepted;
+
+        public SignInContext([NotNull] string authenticationScheme, [NotNull] ClaimsPrincipal principal, IDictionary<string, string> dictionary)
+        {
+            AuthenticationScheme = authenticationScheme;
+            Principal = principal;
+            Properties = dictionary ?? new Dictionary<string, string>(StringComparer.Ordinal);
+        }
+
+        public ClaimsPrincipal Principal { get; }
+
+        public IDictionary<string, string> Properties { get; }
+
+        public string AuthenticationScheme { get; }
+
+        public bool Accepted
+        {
+            get { return _accepted; }
+        }
+
+        public void Accept(IDictionary<string, object> description)
+        {
+            _accepted = true;
+        }
+    }
+}

src/Microsoft.AspNet.Http.Core/Authentication/SignOutContext.cs

@@ -0,0 +1,31 @@
+// Copyright (c) Microsoft Open Technologies, Inc. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System;
+using System.Collections.Generic;
+using Microsoft.AspNet.Http.Interfaces.Authentication;
+
+namespace Microsoft.AspNet.Http.Core.Authentication
+{
+    public class SignOutContext : ISignOutContext
+    {
+        private bool _accepted;
+
+        public SignOutContext(string authenticationScheme)
+        {
+            AuthenticationScheme = authenticationScheme;
+        }
+
+        public string AuthenticationScheme { get; }
+
+        public bool Accepted
+        {
+            get { return _accepted; }
+        }
+
+        public void Accept()
+        {
+            _accepted = true;
+        }
+    }
+}

src/Microsoft.AspNet.Http.Core/DefaultHttpContext.cs

@@ -9,14 +9,13 @@
 using System.Threading;
 using System.Threading.Tasks;
 using Microsoft.AspNet.FeatureModel;
-using Microsoft.AspNet.Http;
-using Microsoft.AspNet.Http.Infrastructure;
-using Microsoft.AspNet.Http.Security;
-using Microsoft.AspNet.Http.Interfaces;
-using Microsoft.AspNet.Http.Interfaces.Security;
 using Microsoft.AspNet.Http.Core.Collections;
 using Microsoft.AspNet.Http.Core.Infrastructure;
-using Microsoft.AspNet.Http.Core.Security;
+using Microsoft.AspNet.Http.Core.Authentication;
+using Microsoft.AspNet.Http.Infrastructure;
+using Microsoft.AspNet.Http.Interfaces;
+using Microsoft.AspNet.Http.Interfaces.Authentication;
+using Microsoft.AspNet.Http.Authentication;
 
 namespace Microsoft.AspNet.Http.Core
 {
@@ -201,54 +200,54 @@ public override void SetFeature(Type type, object instance)
             _features[type] = instance;
         }
 
-        public override IEnumerable<AuthenticationDescription> GetAuthenticationTypes()
+        public override IEnumerable<AuthenticationDescription> GetAuthenticationSchemes()
         {
             var handler = HttpAuthenticationFeature.Handler;
             if (handler == null)
             {
                 return new AuthenticationDescription[0];
             }
 
-            var authTypeContext = new AuthTypeContext();
-            handler.GetDescriptions(authTypeContext);
-            return authTypeContext.Results;
+            var describeContext = new DescribeSchemesContext();
+            handler.GetDescriptions(describeContext);
+            return describeContext.Results;
         }
 
-        public override IEnumerable<AuthenticationResult> Authenticate([NotNull] IEnumerable<string> authenticationTypes)
+        public override IEnumerable<AuthenticationResult> Authenticate([NotNull] IEnumerable<string> authenticationSchemes)
         {
             var handler = HttpAuthenticationFeature.Handler;
 
-            var authenticateContext = new AuthenticateContext(authenticationTypes);
+            var authenticateContext = new AuthenticateContext(authenticationSchemes);
             if (handler != null)
             {
                 handler.Authenticate(authenticateContext);
             }
 
             // Verify all types ack'd
-            IEnumerable<string> leftovers = authenticationTypes.Except(authenticateContext.Accepted);
+            IEnumerable<string> leftovers = authenticationSchemes.Except(authenticateContext.Accepted);
             if (leftovers.Any())
             {
-                throw new InvalidOperationException("The following authentication types were not accepted: " + string.Join(", ", leftovers));
+                throw new InvalidOperationException("The following authentication schemes were not accepted: " + string.Join(", ", leftovers));
             }
 
             return authenticateContext.Results;
         }
 
-        public override async Task<IEnumerable<AuthenticationResult>> AuthenticateAsync([NotNull] IEnumerable<string> authenticationTypes)
+        public override async Task<IEnumerable<AuthenticationResult>> AuthenticateAsync([NotNull] IEnumerable<string> authenticationSchemes)
         {
             var handler = HttpAuthenticationFeature.Handler;
 
-            var authenticateContext = new AuthenticateContext(authenticationTypes);
+            var authenticateContext = new AuthenticateContext(authenticationSchemes);
             if (handler != null)
             {
                 await handler.AuthenticateAsync(authenticateContext);
             }
 
             // Verify all types ack'd
-            IEnumerable<string> leftovers = authenticationTypes.Except(authenticateContext.Accepted);
+            IEnumerable<string> leftovers = authenticationSchemes.Except(authenticateContext.Accepted);
             if (leftovers.Any())
             {
-                throw new InvalidOperationException("The following authentication types were not accepted: " + string.Join(", ", leftovers));
+                throw new InvalidOperationException("The following authentication schemes were not accepted: " + string.Join(", ", leftovers));
             }
 
             return authenticateContext.Results;
@@ -264,4 +263,4 @@ public override Task<WebSocket> AcceptWebSocketAsync(string subProtocol)
             return WebSocketFeature.AcceptAsync(new WebSocketAcceptContext() { SubProtocol = subProtocol } );
         }
     }
-}
+}

src/Microsoft.AspNet.Http.Core/DefaultHttpResponse.cs

@@ -6,17 +6,14 @@
 using System.IO;
 using System.Linq;
 using System.Security.Claims;
-using System.Text;
-using System.Threading.Tasks;
-using Microsoft.AspNet.Http;
-using Microsoft.AspNet.Http.Infrastructure;
-using Microsoft.AspNet.Http.Security;
 using Microsoft.AspNet.FeatureModel;
-using Microsoft.AspNet.Http.Interfaces;
-using Microsoft.AspNet.Http.Interfaces.Security;
 using Microsoft.AspNet.Http.Core.Collections;
 using Microsoft.AspNet.Http.Core.Infrastructure;
-using Microsoft.AspNet.Http.Core.Security;
+using Microsoft.AspNet.Http.Core.Authentication;
+using Microsoft.AspNet.Http.Infrastructure;
+using Microsoft.AspNet.Http.Interfaces;
+using Microsoft.AspNet.Http.Interfaces.Authentication;
+using Microsoft.AspNet.Http.Authentication;
 
 namespace Microsoft.AspNet.Http.Core
 {
@@ -129,58 +126,56 @@ public override void Redirect(string location, bool permanent)
             Headers.Set(Constants.Headers.Location, location);
         }
 
-        public override void Challenge(AuthenticationProperties properties, [NotNull] IEnumerable<string> authenticationTypes)
+        public override void Challenge(AuthenticationProperties properties, [NotNull] IEnumerable<string> authenticationSchemes)
         {
             HttpResponseFeature.StatusCode = 401;
             var handler = HttpAuthenticationFeature.Handler;
 
-            var challengeContext = new ChallengeContext(authenticationTypes, properties == null ? null : properties.Dictionary);
+            var challengeContext = new ChallengeContext(authenticationSchemes, properties == null ? null : properties.Dictionary);
             if (handler != null)
             {
                 handler.Challenge(challengeContext);
             }
 
             // Verify all types ack'd
-            IEnumerable<string> leftovers = authenticationTypes.Except(challengeContext.Accepted);
+            IEnumerable<string> leftovers = authenticationSchemes.Except(challengeContext.Accepted);
             if (leftovers.Any())
             {
                 throw new InvalidOperationException("The following authentication types were not accepted: " + string.Join(", ", leftovers));
             }
         }
 
-        public override void SignIn(AuthenticationProperties properties, [NotNull] IEnumerable<ClaimsIdentity> identities)
+        public override void SignIn(string authenticationScheme, [NotNull] ClaimsPrincipal principal, AuthenticationProperties properties)
         {
             var handler = HttpAuthenticationFeature.Handler;
 
-            var signInContext = new SignInContext(identities, properties == null ? null : properties.Dictionary);
+            var signInContext = new SignInContext(authenticationScheme, principal, properties == null ? null : properties.Dictionary);
             if (handler != null)
             {
                 handler.SignIn(signInContext);
             }
 
             // Verify all types ack'd
-            IEnumerable<string> leftovers = identities.Select(identity => identity.AuthenticationType).Except(signInContext.Accepted);
-            if (leftovers.Any())
+            if (!signInContext.Accepted)
             {
-                throw new InvalidOperationException("The following authentication types were not accepted: " + string.Join(", ", leftovers));
+                throw new InvalidOperationException("The following authentication scheme was not accepted: " + authenticationScheme);
             }
         }
 
-        public override void SignOut([NotNull] IEnumerable<string> authenticationTypes)
+        public override void SignOut(string authenticationScheme)
         {
             var handler = HttpAuthenticationFeature.Handler;
 
-            var signOutContext = new SignOutContext(authenticationTypes);
+            var signOutContext = new SignOutContext(authenticationScheme);
             if (handler != null)
             {
                 handler.SignOut(signOutContext);
             }
 
             // Verify all types ack'd
-            IEnumerable<string> leftovers = authenticationTypes.Except(signOutContext.Accepted);
-            if (leftovers.Any())
+            if (!string.IsNullOrWhiteSpace(authenticationScheme) && !signOutContext.Accepted)
             {
-                throw new InvalidOperationException("The following authentication types were not accepted: " + string.Join(", ", leftovers));
+                throw new InvalidOperationException("The following authentication scheme was not accepted: " + authenticationScheme);
             }
         }
     }