#690 OIDC & JWT event refactoring.

Author: Tratcher

samples/JwtBearerSample/Properties/launchSettings.json

@@ -12,7 +12,7 @@
       "commandName": "IISExpress",
       "launchBrowser": true,
       "environmentVariables": {
-        "ASPNET_ENVIRONMENT": "Development"
+        "ASPNETCORE_ENVIRONMENT": "Development"
       }
     },
     "web": {

samples/JwtBearerSample/Startup.cs

@@ -61,8 +61,6 @@ public void Configure(IApplicationBuilder app)
 
             app.UseJwtBearerAuthentication(new JwtBearerOptions
             {
-                AutomaticAuthenticate = true,
-                AutomaticChallenge = true,
                 // You also need to update /wwwroot/app/scripts/app.js
                 Authority = Configuration["jwt:authority"],
                 Audience = Configuration["jwt:audience"]
@@ -74,14 +72,14 @@ public void Configure(IApplicationBuilder app)
                 // Use this if options.AutomaticAuthenticate = false
                 // var user = await context.Authentication.AuthenticateAsync(JwtBearerDefaults.AuthenticationScheme);
 
-                var user = context.User; // We can do this because of  options.AutomaticAuthenticate = true; above.
+                var user = context.User; // We can do this because of  options.AutomaticAuthenticate = true;
                 if (user?.Identity?.IsAuthenticated ?? false)
                 {
                     await next();
                 }
                 else
                 {
-                    // We can do this because of options.AutomaticChallenge = true; above
+                    // We can do this because of options.AutomaticChallenge = true;
                     await context.Authentication.ChallengeAsync();
                 }
             });

samples/JwtBearerSample/project.json

@@ -15,7 +15,7 @@
     "web": "JwtBearerSample"
   },
   "frameworks": {
-    "dnx451": {},
+    "dnx451": { },
     "netstandardapp1.5": {
       "imports": [
         "dnxcore50"
@@ -30,5 +30,9 @@
     "**.user",
     "**.vspscc"
   ],
+  "content": [
+    "project.json",
+    "wwwroot"
+  ],
   "userSecretsId": "aspnet5-JwtBearerSample-20151210102827"
 }

samples/OpenIdConnect.AzureAdSample/Properties/launchSettings.json

@@ -12,7 +12,7 @@
       "commandName": "IISExpress",
       "launchBrowser": true,
       "environmentVariables": {
-        "Hosting:Environment": "Development"
+        "ASPNETCORE_ENVIRONMENT": "Development"
       }
     },
     "web": {

samples/OpenIdConnect.AzureAdSample/Startup.cs

@@ -64,10 +64,7 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)
 
             app.UseIISPlatformHandler();
 
-            app.UseCookieAuthentication(new CookieAuthenticationOptions
-            {
-                AutomaticAuthenticate = true
-            });
+            app.UseCookieAuthentication(new CookieAuthenticationOptions());
 
             var clientId = Configuration["oidc:clientid"];
             var clientSecret = Configuration["oidc:clientsecret"];

samples/OpenIdConnect.AzureAdSample/project.json

@@ -18,5 +18,8 @@
   "commands": {
     "web": "OpenIdConnect.AzureAdSample"
   },
+  "content": [
+    "project.json"
+  ],
   "userSecretsId": "aspnet5-OpenIdConnectSample-20151210110318"
 }

samples/OpenIdConnectSample/Properties/launchSettings.json

@@ -12,7 +12,7 @@
       "commandName": "IISExpress",
       "launchBrowser": true,
       "environmentVariables": {
-        "ASPNET_ENV": "Development"
+        "ASPNETCORE_ENVIRONMENT": "Development"
       }
     },
     "web": {

samples/OpenIdConnectSample/Startup.cs

@@ -59,10 +59,7 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)
 
             app.UseIISPlatformHandler();
 
-            app.UseCookieAuthentication(new CookieAuthenticationOptions
-            {
-                AutomaticAuthenticate = true
-            });
+            app.UseCookieAuthentication(new CookieAuthenticationOptions());
 
             app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
             {

samples/OpenIdConnectSample/project.json

@@ -9,7 +9,7 @@
     "Microsoft.NETCore.Platforms": "1.0.1-*"
   },
   "frameworks": {
-    "dnx451": {},
+    "dnx451": { },
     "netstandardapp1.5": {
       "imports": [
         "dnxcore50"
@@ -22,5 +22,8 @@
   "commands": {
     "web": "OpenIdConnectSample"
   },
+  "content": [
+    "project.json"
+  ],
   "userSecretsId": "aspnet5-OpenIdConnectSample-20151210110318"
 }

src/Microsoft.AspNetCore.Authentication.JwtBearer/Events/IJwtBearerEvents.cs

@@ -18,17 +18,12 @@ public interface IJwtBearerEvents
         /// <summary>
         /// Invoked when a protocol message is first received.
         /// </summary>
-        Task ReceivingToken(ReceivingTokenContext context);
-
-        /// <summary>
-        /// Invoked with the security token that has been extracted from the protocol message.
-        /// </summary>
-        Task ReceivedToken(ReceivedTokenContext context);
+        Task MessageReceived(MessageReceivedContext context);
 
         /// <summary>
         /// Invoked after the security token has passed validation and a ClaimsIdentity has been generated.
         /// </summary>
-        Task ValidatedToken(ValidatedTokenContext context);
+        Task TokenValidated(TokenValidatedContext context);
 
         /// <summary>
         /// Invoked to apply a challenge sent back to the caller.

src/Microsoft.AspNetCore.Authentication.JwtBearer/Events/JwtBearerEvents.cs

@@ -19,17 +19,12 @@ public class JwtBearerEvents : IJwtBearerEvents
         /// <summary>
         /// Invoked when a protocol message is first received.
         /// </summary>
-        public Func<ReceivingTokenContext, Task> OnReceivingToken { get; set; } = context => Task.FromResult(0);
-
-        /// <summary>
-        /// Invoked with the security token that has been extracted from the protocol message.
-        /// </summary>
-        public Func<ReceivedTokenContext, Task> OnReceivedToken { get; set; } = context => Task.FromResult(0);
+        public Func<MessageReceivedContext, Task> OnMessageReceived { get; set; } = context => Task.FromResult(0);
 
         /// <summary>
         /// Invoked after the security token has passed validation and a ClaimsIdentity has been generated.
         /// </summary>
-        public Func<ValidatedTokenContext, Task> OnValidatedToken { get; set; } = context => Task.FromResult(0);
+        public Func<TokenValidatedContext, Task> OnTokenValidated { get; set; } = context => Task.FromResult(0);
 
         /// <summary>
         /// Invoked before a challenge is sent back to the caller.
@@ -38,11 +33,9 @@ public class JwtBearerEvents : IJwtBearerEvents
 
         public virtual Task AuthenticationFailed(AuthenticationFailedContext context) => OnAuthenticationFailed(context);
 
-        public virtual Task ReceivingToken(ReceivingTokenContext context) => OnReceivingToken(context);
-
-        public virtual Task ReceivedToken(ReceivedTokenContext context) => OnReceivedToken(context);
+        public virtual Task MessageReceived(MessageReceivedContext context) => OnMessageReceived(context);
 
-        public virtual Task ValidatedToken(ValidatedTokenContext context) => OnValidatedToken(context);
+        public virtual Task TokenValidated(TokenValidatedContext context) => OnTokenValidated(context);
 
         public virtual Task Challenge(JwtBearerChallengeContext context) => OnChallenge(context);
     }

src/Microsoft.AspNetCore.Authentication.JwtBearer/Events/ReceivingTokenContext.cs renamed to src/Microsoft.AspNetCore.Authentication.JwtBearer/Events/MessageReceivedContext.cs

@@ -6,9 +6,9 @@
 
 namespace Microsoft.AspNetCore.Authentication.JwtBearer
 {
-    public class ReceivingTokenContext : BaseJwtBearerContext
+    public class MessageReceivedContext : BaseJwtBearerContext
     {
-        public ReceivingTokenContext(HttpContext context, JwtBearerOptions options)
+        public MessageReceivedContext(HttpContext context, JwtBearerOptions options)
             : base(context, options)
         {
         }

src/Microsoft.AspNetCore.Authentication.JwtBearer/Events/ReceivedTokenContext.cs

@@ -3,14 +3,17 @@
 
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Http;
+using Microsoft.IdentityModel.Tokens;
 
 namespace Microsoft.AspNetCore.Authentication.JwtBearer
 {
-    public class ValidatedTokenContext : BaseJwtBearerContext
+    public class TokenValidatedContext : BaseJwtBearerContext
     {
-        public ValidatedTokenContext(HttpContext context, JwtBearerOptions options)
+        public TokenValidatedContext(HttpContext context, JwtBearerOptions options)
             : base(context, options)
         {
         }
+
+        public SecurityToken SecurityToken { get; set; }
     }
 }

src/Microsoft.AspNetCore.Authentication.JwtBearer/Events/TokenValidatedContext.cs

@@ -28,24 +28,21 @@ internal class JwtBearerHandler : AuthenticationHandler<JwtBearerOptions>
         protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
         {
             string token = null;
+            AuthenticateResult result = null;
             try
             {
                 // Give application opportunity to find from a different location, adjust, or reject token
-                var receivingTokenContext = new ReceivingTokenContext(Context, Options);
+                var messageReceivedContext = new MessageReceivedContext(Context, Options);
 
                 // event can set the token
-                await Options.Events.ReceivingToken(receivingTokenContext);
-                if (receivingTokenContext.HandledResponse)
+                await Options.Events.MessageReceived(messageReceivedContext);
+                if (messageReceivedContext.CheckEventResult(out result))
                 {
-                    return AuthenticateResult.Success(receivingTokenContext.Ticket);
-                }
-                if (receivingTokenContext.Skipped)
-                {
-                    return AuthenticateResult.Skip();
+                    return result;
                 }
 
                 // If application retrieved token from somewhere else, use that.
-                token = receivingTokenContext.Token;
+                token = messageReceivedContext.Token;
 
                 if (string.IsNullOrEmpty(token))
                 {
@@ -69,22 +66,6 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
                     }
                 }
 
-                // notify user token was received
-                var receivedTokenContext = new ReceivedTokenContext(Context, Options)
-                {
-                    Token = token,
-                };
-
-                await Options.Events.ReceivedToken(receivedTokenContext);
-                if (receivedTokenContext.HandledResponse)
-                {
-                    return AuthenticateResult.Success(receivedTokenContext.Ticket);
-                }
-                if (receivedTokenContext.Skipped)
-                {
-                    return AuthenticateResult.Skip();
-                }
-
                 if (_configuration == null && Options.ConfigurationManager != null)
                 {
                     _configuration = await Options.ConfigurationManager.GetConfigurationAsync(Context.RequestAborted);
@@ -138,20 +119,18 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
                         Logger.TokenValidationSucceeded();
 
                         var ticket = new AuthenticationTicket(principal, new AuthenticationProperties(), Options.AuthenticationScheme);
-                        var validatedTokenContext = new ValidatedTokenContext(Context, Options)
+                        var tokenValidatedContext = new TokenValidatedContext(Context, Options)
                         {
-                            Ticket = ticket
+                            Ticket = ticket,
+                            SecurityToken = validatedToken,
                         };
 
-                        await Options.Events.ValidatedToken(validatedTokenContext);
-                        if (validatedTokenContext.HandledResponse)
-                        {
-                            return AuthenticateResult.Success(validatedTokenContext.Ticket);
-                        }
-                        if (validatedTokenContext.Skipped)
+                        await Options.Events.TokenValidated(tokenValidatedContext);
+                        if (tokenValidatedContext.CheckEventResult(out result))
                         {
-                            return AuthenticateResult.Skip();
+                            return result;
                         }
+                        ticket = tokenValidatedContext.Ticket;
 
                         if (Options.SaveToken)
                         {
@@ -173,13 +152,9 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
                     };
 
                     await Options.Events.AuthenticationFailed(authenticationFailedContext);
-                    if (authenticationFailedContext.HandledResponse)
-                    {
-                        return AuthenticateResult.Success(authenticationFailedContext.Ticket);
-                    }
-                    if (authenticationFailedContext.Skipped)
+                    if (authenticationFailedContext.CheckEventResult(out result))
                     {
-                        return AuthenticateResult.Skip();
+                        return result;
                     }
 
                     return AuthenticateResult.Fail(authenticationFailedContext.Exception);
@@ -197,13 +172,9 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
                 };
 
                 await Options.Events.AuthenticationFailed(authenticationFailedContext);
-                if (authenticationFailedContext.HandledResponse)
-                {
-                    return AuthenticateResult.Success(authenticationFailedContext.Ticket);
-                }
-                if (authenticationFailedContext.Skipped)
+                if (authenticationFailedContext.CheckEventResult(out result))
                 {
-                    return AuthenticateResult.Skip();
+                    return result;
                 }
 
                 throw;

src/Microsoft.AspNetCore.Authentication.JwtBearer/JwtBearerHandler.cs

@@ -25,6 +25,8 @@ public class JwtBearerOptions : AuthenticationOptions
         public JwtBearerOptions() : base()
         {
             AuthenticationScheme = JwtBearerDefaults.AuthenticationScheme;
+            AutomaticAuthenticate = true;
+            AutomaticChallenge = true;
         }
 
         /// <summary>