From 5246cc8fb05a9f531ac39380996db1ccbd77bfb7 Mon Sep 17 00:00:00 2001
From: Safia Abdalla <safia@microsoft.com>
Date: Wed, 26 Aug 2020 19:22:34 +0000
Subject: [PATCH 1/3] Set SameSiteMode for cookies in authentication tests
 (#25281)

---
 .../testassets/Wasm.Authentication.Server/Startup.cs        | 6 ++++++
 .../Wasm.Authentication.Server.csproj                       | 2 ++
 2 files changed, 8 insertions(+)

diff --git a/src/Components/WebAssembly/testassets/Wasm.Authentication.Server/Startup.cs b/src/Components/WebAssembly/testassets/Wasm.Authentication.Server/Startup.cs
index 1224ee978fdc..038e01f0c711 100644
--- a/src/Components/WebAssembly/testassets/Wasm.Authentication.Server/Startup.cs
+++ b/src/Components/WebAssembly/testassets/Wasm.Authentication.Server/Startup.cs
@@ -3,6 +3,7 @@
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.Configuration;
@@ -57,6 +58,11 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
                 app.UseWebAssemblyDebugging();
             }
 
+            app.UseCookiePolicy(new CookiePolicyOptions
+            {
+                MinimumSameSitePolicy = SameSiteMode.Lax
+            });
+
             app.UseBlazorFrameworkFiles();
             app.UseStaticFiles();
 
diff --git a/src/Components/WebAssembly/testassets/Wasm.Authentication.Server/Wasm.Authentication.Server.csproj b/src/Components/WebAssembly/testassets/Wasm.Authentication.Server/Wasm.Authentication.Server.csproj
index 3d6b47ebe767..2619203d595e 100644
--- a/src/Components/WebAssembly/testassets/Wasm.Authentication.Server/Wasm.Authentication.Server.csproj
+++ b/src/Components/WebAssembly/testassets/Wasm.Authentication.Server/Wasm.Authentication.Server.csproj
@@ -11,10 +11,12 @@
 
   <ItemGroup>
     <Reference Include="Microsoft.AspNetCore" />
+    <Reference Include="Microsoft.AspNetCore.CookiePolicy" />
     <Reference Include="Microsoft.AspNetCore.Diagnostics" />
     <Reference Include="Microsoft.AspNetCore.ApiAuthorization.IdentityServer" />
     <Reference Include="Microsoft.AspNetCore.Components.WebAssembly.Server" />
     <Reference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" />
+    <Reference Include="Microsoft.AspNetCore.Authentication.Cookies" />
     <Reference Include="Microsoft.AspNetCore.Identity.UI" />
     <Reference Include="Microsoft.EntityFrameworkCore.Relational" />
     <Reference Include="Microsoft.EntityFrameworkCore.SQLite" />

From e7cb2dd3ee3b778f350f525109858270ad110453 Mon Sep 17 00:00:00 2001
From: Brennan <brecon@microsoft.com>
Date: Wed, 26 Aug 2020 14:23:01 -0700
Subject: [PATCH 2/3] Fix SignalR typescript tests with Chrome SameSite
 reaction (#25283)

---
 .../clients/ts/FunctionalTests/Startup.cs      | 18 +++++++++++++++---
 .../clients/ts/FunctionalTests/ts/Common.ts    | 12 ++++++++++++
 .../ts/FunctionalTests/ts/ConnectionTests.ts   | 12 +++++++-----
 .../FunctionalTests/ts/HubConnectionTests.ts   | 18 ++++--------------
 4 files changed, 38 insertions(+), 22 deletions(-)

diff --git a/src/SignalR/clients/ts/FunctionalTests/Startup.cs b/src/SignalR/clients/ts/FunctionalTests/Startup.cs
index a7ad5a3886e5..eb8182afb4e9 100644
--- a/src/SignalR/clients/ts/FunctionalTests/Startup.cs
+++ b/src/SignalR/clients/ts/FunctionalTests/Startup.cs
@@ -160,9 +160,21 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
             {
                 if (context.Request.Path.Value.Contains("/negotiate"))
                 {
-                    context.Response.Cookies.Append("testCookie", "testValue");
-                    context.Response.Cookies.Append("testCookie2", "testValue2");
-                    context.Response.Cookies.Append("expiredCookie", "doesntmatter", new CookieOptions() { Expires = DateTimeOffset.Now.AddHours(-1) });
+                    var cookieOptions = new CookieOptions();
+                    var expiredCookieOptions = new CookieOptions() { Expires = DateTimeOffset.Now.AddHours(-1) };
+                    if (context.Request.IsHttps)
+                    {
+                        cookieOptions.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.None;
+                        cookieOptions.Secure = true;
+
+                        expiredCookieOptions.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.None;
+                        expiredCookieOptions.Secure = true;
+                    }
+                    context.Response.Cookies.Append("testCookie", "testValue", cookieOptions);
+                    context.Response.Cookies.Append("testCookie2", "testValue2", cookieOptions);
+
+                    cookieOptions.Expires = DateTimeOffset.Now.AddHours(-1);
+                    context.Response.Cookies.Append("expiredCookie", "doesntmatter", expiredCookieOptions);
                 }
 
                 await next.Invoke();
diff --git a/src/SignalR/clients/ts/FunctionalTests/ts/Common.ts b/src/SignalR/clients/ts/FunctionalTests/ts/Common.ts
index 2bb33c1c11bc..652fd4182242 100644
--- a/src/SignalR/clients/ts/FunctionalTests/ts/Common.ts
+++ b/src/SignalR/clients/ts/FunctionalTests/ts/Common.ts
@@ -54,6 +54,7 @@ console.log(`Using SignalR HTTPS Server: '${ENDPOINT_BASE_HTTPS_URL}'`);
 console.log(`Jasmine DEFAULT_TIMEOUT_INTERVAL: ${jasmine.DEFAULT_TIMEOUT_INTERVAL}`);
 
 export const ECHOENDPOINT_URL = ENDPOINT_BASE_URL + "/echo";
+export const HTTPS_ECHOENDPOINT_URL = ENDPOINT_BASE_HTTPS_URL + "/echo";
 
 export function getHttpTransportTypes(): HttpTransportType[] {
     const transportTypes = [];
@@ -100,3 +101,14 @@ export function eachTransportAndProtocol(action: (transport: HttpTransportType,
 export function getGlobalObject(): any {
     return typeof window !== "undefined" ? window : global;
 }
+
+// Run test in Node or Chrome, but not on macOS
+export const shouldRunHttpsTests =
+    // Need to have an HTTPS URL
+    !!ENDPOINT_BASE_HTTPS_URL &&
+
+    // Run on Node, unless macOS
+    (process && process.platform !== "darwin") &&
+
+    // Only run under Chrome browser
+    (typeof navigator === "undefined" || navigator.userAgent.search("Chrome") !== -1);
diff --git a/src/SignalR/clients/ts/FunctionalTests/ts/ConnectionTests.ts b/src/SignalR/clients/ts/FunctionalTests/ts/ConnectionTests.ts
index 7760294123d0..bb6821ef39d6 100644
--- a/src/SignalR/clients/ts/FunctionalTests/ts/ConnectionTests.ts
+++ b/src/SignalR/clients/ts/FunctionalTests/ts/ConnectionTests.ts
@@ -5,13 +5,15 @@
 // tslint:disable:no-floating-promises
 
 import { HttpTransportType, IHttpConnectionOptions, TransferFormat } from "@microsoft/signalr";
-import { eachTransport, ECHOENDPOINT_URL } from "./Common";
+import { eachTransport, ECHOENDPOINT_URL, HTTPS_ECHOENDPOINT_URL, shouldRunHttpsTests } from "./Common";
 import { TestLogger } from "./TestLogger";
 
 // We want to continue testing HttpConnection, but we don't export it anymore. So just pull it in directly from the source file.
 import { HttpConnection } from "@microsoft/signalr/dist/esm/HttpConnection";
 import "./LogBannerReporter";
 
+const USED_ECHOENDPOINT_URL = shouldRunHttpsTests ? HTTPS_ECHOENDPOINT_URL : ECHOENDPOINT_URL;
+
 const commonOptions: IHttpConnectionOptions = {
     logMessageContent: true,
     logger: TestLogger.instance,
@@ -20,7 +22,7 @@ const commonOptions: IHttpConnectionOptions = {
 describe("connection", () => {
     it("can connect to the server without specifying transport explicitly", (done) => {
         const message = "Hello World!";
-        const connection = new HttpConnection(ECHOENDPOINT_URL, {
+        const connection = new HttpConnection(USED_ECHOENDPOINT_URL, {
             ...commonOptions,
         });
 
@@ -49,7 +51,7 @@ describe("connection", () => {
                 const message = "Hello World!";
                 // the url should be resolved relative to the document.location.host
                 // and the leading '/' should be automatically added to the url
-                const connection = new HttpConnection(ECHOENDPOINT_URL, {
+                const connection = new HttpConnection(USED_ECHOENDPOINT_URL, {
                     ...commonOptions,
                     transport: transportType,
                 });
@@ -78,7 +80,7 @@ describe("connection", () => {
                 const message = "Hello World!";
 
                 // DON'T use commonOptions because we want to specifically test the scenario where logMessageContent is not set.
-                const connection = new HttpConnection(ECHOENDPOINT_URL, {
+                const connection = new HttpConnection(USED_ECHOENDPOINT_URL, {
                     logger: TestLogger.instance,
                     transport: transportType,
                 });
@@ -113,7 +115,7 @@ describe("connection", () => {
                 const message = "Hello World!";
 
                 // DON'T use commonOptions because we want to specifically test the scenario where logMessageContent is set to true (even if commonOptions changes).
-                const connection = new HttpConnection(ECHOENDPOINT_URL, {
+                const connection = new HttpConnection(USED_ECHOENDPOINT_URL, {
                     logMessageContent: true,
                     logger: TestLogger.instance,
                     transport: transportType,
diff --git a/src/SignalR/clients/ts/FunctionalTests/ts/HubConnectionTests.ts b/src/SignalR/clients/ts/FunctionalTests/ts/HubConnectionTests.ts
index 3d5f434a1768..bb5366965b2c 100644
--- a/src/SignalR/clients/ts/FunctionalTests/ts/HubConnectionTests.ts
+++ b/src/SignalR/clients/ts/FunctionalTests/ts/HubConnectionTests.ts
@@ -7,7 +7,7 @@
 import { AbortError, DefaultHttpClient, HttpClient, HttpRequest, HttpResponse, HttpTransportType, HubConnectionBuilder, IHttpConnectionOptions, JsonHubProtocol, NullLogger } from "@microsoft/signalr";
 import { MessagePackHubProtocol } from "@microsoft/signalr-protocol-msgpack";
 
-import { eachTransport, eachTransportAndProtocol, ENDPOINT_BASE_HTTPS_URL, ENDPOINT_BASE_URL } from "./Common";
+import { eachTransport, eachTransportAndProtocol, ENDPOINT_BASE_HTTPS_URL, ENDPOINT_BASE_URL, shouldRunHttpsTests } from "./Common";
 import "./LogBannerReporter";
 import { TestLogger } from "./TestLogger";
 
@@ -17,6 +17,7 @@ import * as RX from "rxjs";
 
 const TESTHUBENDPOINT_URL = ENDPOINT_BASE_URL + "/testhub";
 const TESTHUBENDPOINT_HTTPS_URL = ENDPOINT_BASE_HTTPS_URL ? (ENDPOINT_BASE_HTTPS_URL + "/testhub") : undefined;
+const HTTPORHTTPS_TESTHUBENDPOINT_URL = shouldRunHttpsTests ? TESTHUBENDPOINT_HTTPS_URL : TESTHUBENDPOINT_URL;
 
 const TESTHUB_NOWEBSOCKETS_ENDPOINT_URL = ENDPOINT_BASE_URL + "/testhub-nowebsockets";
 const TESTHUB_REDIRECT_ENDPOINT_URL = ENDPOINT_BASE_URL + "/redirect?numRedirects=0&baseUrl=" + ENDPOINT_BASE_URL;
@@ -25,17 +26,6 @@ const commonOptions: IHttpConnectionOptions = {
     logMessageContent: true,
 };
 
-// Run test in Node or Chrome, but not on macOS
-const shouldRunHttpsTests =
-    // Need to have an HTTPS URL
-    !!TESTHUBENDPOINT_HTTPS_URL &&
-
-    // Run on Node, unless macOS
-    (process && process.platform !== "darwin") &&
-
-    // Only run under Chrome browser
-    (typeof navigator === "undefined" || navigator.userAgent.search("Chrome") !== -1);
-
 function getConnectionBuilder(transportType?: HttpTransportType, url?: string, options?: IHttpConnectionOptions): HubConnectionBuilder {
     let actualOptions: IHttpConnectionOptions = options || {};
     if (transportType) {
@@ -690,7 +680,7 @@ describe("hubConnection", () => {
             }
 
             it("preserves cookies between requests", async (done) => {
-                const hubConnection = getConnectionBuilder(transportType).build();
+                const hubConnection = getConnectionBuilder(transportType, HTTPORHTTPS_TESTHUBENDPOINT_URL).build();
                 await hubConnection.start();
                 const cookieValue = await hubConnection.invoke<string>("GetCookie", "testCookie");
                 const cookieValue2 = await hubConnection.invoke<string>("GetCookie", "testCookie2");
@@ -701,7 +691,7 @@ describe("hubConnection", () => {
             });
 
             it("expired cookies are not preserved", async (done) => {
-                const hubConnection = getConnectionBuilder(transportType).build();
+                const hubConnection = getConnectionBuilder(transportType, HTTPORHTTPS_TESTHUBENDPOINT_URL).build();
                 await hubConnection.start();
                 const cookieValue = await hubConnection.invoke<string>("GetCookie", "expiredCookie");
                 expect(cookieValue).toBeNull();

From c749e5ef4346ab9653f6a2fed7c3a8e41f2919ba Mon Sep 17 00:00:00 2001
From: Doug Bunting <6431421+dougbu@users.noreply.github.com>
Date: Mon, 7 Sep 2020 22:36:03 -0700
Subject: [PATCH 3/3] Disable template tests that use Selenium

---
 src/Shared/E2ETesting/E2ETesting.props | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/Shared/E2ETesting/E2ETesting.props b/src/Shared/E2ETesting/E2ETesting.props
index 47eff5955bfa..96cf8e7eefc4 100644
--- a/src/Shared/E2ETesting/E2ETesting.props
+++ b/src/Shared/E2ETesting/E2ETesting.props
@@ -18,6 +18,9 @@
 
     <!-- WebDriver is not strong-named, so this test project cannot be strong named either. -->
     <SignAssembly>false</SignAssembly>
+  
+    <!-- Tests are disabled due to https://github.com/dotnet/aspnetcore/issues/25322 -->
+    <SkipTests>true</SkipTests>
   </PropertyGroup>
 
   <ItemGroup>