Fix #140, #167, address a comment in #144 and rework the bearer middleware tests #168
Conversation
|
Hi @PinpointTownes, I'm your friendly neighborhood Microsoft Open Technologies, Inc. Pull Request Bot (You can call me MSOTBOT). Thanks for your contribution! The agreement was validated by Microsoft Open Technologies, Inc. and real humans are currently evaluating your PR. TTYL, MSOTBOT; |
ghost
added
the
kevinchalet
changed the title
|
I also included fixes for #144 (comment), #167 and the casing issue of OpenidConnectAuthenticationHandler.cs |
| @@ -566,7 +565,7 @@ public override Task<bool> InvokeAsync() | |||
| { | |||
| if (ticket.Principal != null) | |||
| { | |||
| Request.HttpContext.Response.SignIn(ticket.AuthenticationScheme, ticket.Principal, ticket.Properties); | |||
| Request.HttpContext.Response.SignIn(Options.SignInScheme, ticket.Principal, ticket.Properties); | |||
There was a problem hiding this comment.
I think this change is already in.
/CC @HaoK
There was a problem hiding this comment.
Only this one line is in, so yeah a rebase probably would make this diff go away, this PR has more than that fix though, I am not familiar enough with this code to determine whether these other changes are appropriate
There was a problem hiding this comment.
@Praburaj rebased, thanks 👯
|
Changes look good to me. @tushargupta51 - could you also review? |
| @@ -46,9 +45,14 @@ public class OpenIdConnectAuthenticationMiddleware : AuthenticationMiddleware<Op | |||
| { | |||
| _logger = loggerFactory.CreateLogger<OpenIdConnectAuthenticationMiddleware>(); | |||
|
|
|||
| if (string.IsNullOrEmpty(Options.SignInScheme)) | |||
There was a problem hiding this comment.
What is SignInScheme used for?
|
The changes to the bearer middleware tests looks good. |
| @@ -4,8 +4,6 @@ | |||
| using System; | |||
| using Microsoft.AspNet.Authentication.Cookies.Infrastructure; | |||
| using Microsoft.AspNet.Authentication.DataHandler; | |||
| using Microsoft.AspNet.Authentication.Cookies.Infrastructure; | |||
There was a problem hiding this comment.
Totally unrelated changes, but these 2 lines were causing compilation warnings.
|
Rebased. |
|
Squashed to incorporate feedback in the appropriate commits. |
|
Conflict fixed. @HaoK @tushargupta51 @brentschmaltz any chance you could have a final look and merge it? 😄 |
|
I'll try to get to this after my hosting changes are done... |
|
@HaoK thanks. Don't hesitate to ping me if there are conflicts that need to be fixed. |
|
I took the liberty to fix @HaoK should we also update https://github.com/aspnet/Security/blob/dev/src/Microsoft.AspNet.Authentication.OAuth/OAuthAuthenticationOptions.cs#L104 |
|
Yeah looks good, go ahead and normalize the doc comments to be consistent, I'll merge this in soon |
|
I'm not suggesting you make this change in this PR, but what do you think about maybe ExternalAuthenticationOptions -> SignInSchemeOptions is that better or worse? I'm not sure what's a good property name if we did that, Scheme or AuthenticationScheme perhaps? |
|
Personally, I think I'd simply remove We could also set a default value ( |
|
Yeah so the idea is we want to easily configure all of the auth middlewares via one central services.Configure(options => options.SignInScheme = "Cookie"). Otherwise any app that's using Google/Facebook/Twitter/MAuth would need to do this for every auth middleware mechanically (and the error story if you misconfigure this is pretty poor) |
|
The intent is basically to be the centralized default SignInScheme, which might not be a bad name: SignInOptions.DefaultSignInScheme, as all auth middlewares would use this as the default scheme for their SignInScheme |
|
Indeed, removing Another approach: the OIDC/OAuth2/Twitter options could inherit from That said, I'm not sure it would work as-is with the current aspnet/Options bit. In this case, would
|
|
Yeah configuration options doesn't really look at inheritance, you are configuring a singleton per TOptions, so you'd be configuring only the base options, which if noone is asking for, will be ignored. So that doesn't work unfortunately. Yeah perhaps we still need something that sounds like External/Delegating/NonAutomatic something that conveys that this is for the non automatic auth middlewares to use. [GoodNameForNonAutomatic]AuthenticationOptions.DefaultSignInScheme i think is the correct name, just need to find a replacement for External |
|
Perhaps we could just use a grab all SharedAuthenticationOptions.DefaultSignInScheme? @Tratcher what do you think about renaming ExternalAuthenticationOptions to be something more general? |
|
@HaoK Sounds fine. It doesn't have any other fields. |
|
@HaoK Help me understand what SignInScheme is used for and if it is completely implemented? |
|
@brentschmaltz refer to @PinpointTownes update to the doc comments, its fairly clear, nothing has changed in its meaning or intent since Katana, we just renamed it from SignInAsAuthenticationType |
|
@brentschmaltz if you think it's not clear enough, creating a wiki page with various code samples and copying the URL in the documentation might be a good option. |
|
@PinpointTownes Do you want to squash your commits down to one or two? If I do it, the changes will look like mine instead of yours. |
|
@HaoK done. I hope the commits will be descriptive enough 😄 |
The PR is a bit noisy but I had to rework large parts of various tests, that were not really conclusive.
(GitHub accidentally closed my previous PR when I rebased it (#142) so I had to re-submit it)