From 42f9a555ceeeab9c91149f4031af1f11c810fc53 Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Tue, 24 Mar 2015 21:59:09 -0700
Subject: [PATCH 01/19] Adding logging draft.

---
 .vs/config/applicationhost.config             | 1025 +++++++++++++++++
 samples/OpenIdConnectSample/Startup.cs        |    4 +-
 .../OpenIdConnectAuthenticationMiddleware.cs  |   10 +-
 .../project.json                              |    4 +-
 4 files changed, 1038 insertions(+), 5 deletions(-)
 create mode 100644 .vs/config/applicationhost.config

diff --git a/.vs/config/applicationhost.config b/.vs/config/applicationhost.config
new file mode 100644
index 000000000..3474ab937
--- /dev/null
+++ b/.vs/config/applicationhost.config
@@ -0,0 +1,1025 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    IIS configuration sections.
+
+    For schema documentation, see
+    %IIS_BIN%\config\schema\IIS_schema.xml.
+    
+    Please make a backup of this file before making any changes to it.
+
+    NOTE: The following environment variables are available to be used
+          within this file and are understood by the IIS Express.
+
+          %IIS_USER_HOME% - The IIS Express home directory for the user
+          %IIS_SITES_HOME% - The default home directory for sites
+          %IIS_BIN% - The location of the IIS Express binaries
+          %SYSTEMDRIVE% - The drive letter of %IIS_BIN%
+
+-->
+
+<configuration>
+
+    <!--
+
+        The <configSections> section controls the registration of sections.
+        Section is the basic unit of deployment, locking, searching and
+        containment for configuration settings.
+        
+        Every section belongs to one section group.
+        A section group is a container of logically-related sections.
+        
+        Sections cannot be nested.
+        Section groups may be nested.
+        
+        <section
+            name=""  [Required, Collection Key] [XML name of the section]
+            allowDefinition="Everywhere" [MachineOnly|MachineToApplication|AppHostOnly|Everywhere] [Level where it can be set]
+            overrideModeDefault="Allow"  [Allow|Deny] [Default delegation mode]
+            allowLocation="true"  [true|false] [Allowed in location tags]
+        />
+        
+        The recommended way to unlock sections is by using a location tag:
+        <location path="Default Web Site" overrideMode="Allow">
+            <system.webServer>
+                <asp />
+            </system.webServer>
+        </location>
+
+    -->
+    <configSections>
+        <sectionGroup name="system.applicationHost">
+            <section name="applicationPools" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
+            <section name="configHistory" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
+            <section name="customMetadata" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
+            <section name="listenerAdapters" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
+            <section name="log" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
+            <section name="preloadProviders" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
+            <section name="sites" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
+            <section name="webLimits" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
+        </sectionGroup>
+
+        <sectionGroup name="system.webServer">
+            <section name="asp" overrideModeDefault="Deny" />
+            <section name="caching" overrideModeDefault="Allow" />
+            <section name="cgi" overrideModeDefault="Deny" />
+            <section name="defaultDocument" overrideModeDefault="Allow" />
+            <section name="directoryBrowse" overrideModeDefault="Allow" />
+            <section name="fastCgi" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
+            <section name="globalModules" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
+            <section name="handlers" overrideModeDefault="Deny" />
+            <section name="httpCompression" overrideModeDefault="Allow" />
+            <section name="httpErrors" overrideModeDefault="Allow" />
+            <section name="httpLogging" overrideModeDefault="Deny" />
+            <section name="httpProtocol" overrideModeDefault="Allow" />
+            <section name="httpRedirect" overrideModeDefault="Allow" />
+            <section name="httpTracing" overrideModeDefault="Deny" />
+            <section name="isapiFilters" allowDefinition="MachineToApplication" overrideModeDefault="Deny" />
+            <section name="modules" allowDefinition="MachineToApplication" overrideModeDefault="Deny" />
+            <section name="odbcLogging" overrideModeDefault="Deny" />
+            <sectionGroup name="security">
+                <section name="access" overrideModeDefault="Deny" />
+                <section name="applicationDependencies" overrideModeDefault="Deny" />
+                <sectionGroup name="authentication">
+                    <section name="anonymousAuthentication" overrideModeDefault="Deny" />
+                    <section name="basicAuthentication" overrideModeDefault="Deny" />
+                    <section name="clientCertificateMappingAuthentication" overrideModeDefault="Deny" />
+                    <section name="digestAuthentication" overrideModeDefault="Deny" />
+                    <section name="iisClientCertificateMappingAuthentication" overrideModeDefault="Deny" />
+                    <section name="windowsAuthentication" overrideModeDefault="Deny" />
+                </sectionGroup>
+                <section name="authorization" overrideModeDefault="Allow" />
+                <section name="ipSecurity" overrideModeDefault="Deny" />
+                <section name="dynamicIpSecurity" overrideModeDefault="Deny" />
+                <section name="isapiCgiRestriction" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
+                <section name="requestFiltering" overrideModeDefault="Allow" />
+            </sectionGroup>
+            <section name="serverRuntime" overrideModeDefault="Deny" />
+            <section name="serverSideInclude" overrideModeDefault="Deny" />
+            <section name="staticContent" overrideModeDefault="Allow" />
+            <sectionGroup name="tracing">
+                <section name="traceFailedRequests" overrideModeDefault="Allow" />
+                <section name="traceProviderDefinitions" overrideModeDefault="Deny" />
+            </sectionGroup>
+            <section name="urlCompression" overrideModeDefault="Allow" />
+            <section name="validation" overrideModeDefault="Allow" />
+            <sectionGroup name="webdav">
+                <section name="globalSettings" overrideModeDefault="Deny" />
+                <section name="authoring" overrideModeDefault="Deny" />
+                <section name="authoringRules" overrideModeDefault="Deny" />
+            </sectionGroup>
+            <sectionGroup name="rewrite">
+                <section name="allowedServerVariables" overrideModeDefault="Deny" />
+                <section name="rules" overrideModeDefault="Allow" />
+                <section name="outboundRules" overrideModeDefault="Allow" />
+                <section name="globalRules" overrideModeDefault="Deny" allowDefinition="AppHostOnly" />
+                <section name="providers" overrideModeDefault="Allow" />
+                <section name="rewriteMaps" overrideModeDefault="Allow" />
+            </sectionGroup>
+            <section name="applicationInitialization" allowDefinition="MachineToApplication" overrideModeDefault="Allow" />
+            <section name="webSocket" overrideModeDefault="Deny" />
+        </sectionGroup>
+    </configSections>
+
+    <configProtectedData>
+        <providers>
+            <add name="IISWASOnlyRsaProvider" type="" description="Uses RsaCryptoServiceProvider to encrypt and decrypt" keyContainerName="iisWasKey" cspProviderName="" useMachineContainer="true" useOAEP="false" />
+            <add name="AesProvider" type="Microsoft.ApplicationHost.AesProtectedConfigurationProvider" description="Uses an AES session key to encrypt and decrypt" keyContainerName="iisConfigurationKey" cspProviderName="" useOAEP="false" useMachineContainer="true" sessionKey="AQIAAA5mAAAApAAAKmFQvWHDEETRz8l2bjZlRxIkwcqTFaCUnCLljn3Q1OkesrhEO9YyLyx4bUhsj1/DyShAv7OAFFhXlrlomaornnk5PLeyO4lIXxaiT33yOFUUgxDx4GSaygkqghVV0tO5yQ/XguUBp2juMfZyztnsNa4pLcz7ZNZQ6p4yn9hxwNs=" />
+            <add name="IISWASOnlyAesProvider" type="Microsoft.ApplicationHost.AesProtectedConfigurationProvider" description="Uses an AES session key to encrypt and decrypt" keyContainerName="iisWasKey" cspProviderName="" useOAEP="false" useMachineContainer="true" sessionKey="AQIAAA5mAAAApAAA4WoiRJ8KHwzAG8AgejPxEOO4/2Vhkolbwo/8gZeNdUDSD36m55hWv4uC9tr/MlKdnwRLL0NhT50Gccyftqz5xTZ0dg5FtvQhTw/he1NwexTKbV+I4Zrd+sZUqHZTsr7JiEr6OHGXL70qoISW5G2m9U8wKT3caPiDPNj2aAaYPLo=" />
+        </providers>
+    </configProtectedData>
+
+    <system.applicationHost>
+
+        <applicationPools>
+            <add name="Clr4IntegratedAppPool" managedRuntimeVersion="v4.0" managedPipelineMode="Integrated" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
+            <add name="Clr4ClassicAppPool" managedRuntimeVersion="v4.0" managedPipelineMode="Classic" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
+            <add name="Clr2IntegratedAppPool" managedRuntimeVersion="v2.0" managedPipelineMode="Integrated" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
+            <add name="Clr2ClassicAppPool" managedRuntimeVersion="v2.0" managedPipelineMode="Classic" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
+            <add name="UnmanagedClassicAppPool" managedRuntimeVersion="" managedPipelineMode="Classic" autoStart="true" />
+            <applicationPoolDefaults managedRuntimeLoader="v4.0">
+                <processModel />
+            </applicationPoolDefaults>
+        </applicationPools>
+
+        <!--
+
+          The <listenerAdapters> section defines the protocols with which the
+          Windows Process Activation Service (WAS) binds.
+
+        -->
+        <listenerAdapters>
+            <add name="http" />
+        </listenerAdapters>
+
+        <sites>
+            <site name="WebSite1" id="1" serverAutoStart="true">
+                <application path="/">
+                    <virtualDirectory path="/" physicalPath="%IIS_SITES_HOME%\WebSite1" />
+                </application>
+                <bindings>
+                    <binding protocol="http" bindingInformation=":8080:localhost" />
+                </bindings>
+            </site>
+            <site name="OpenIdConnectSample" id="2">
+                <application path="/" applicationPool="Clr4IntegratedAppPool">
+                    <virtualDirectory path="/" physicalPath="C:\Users\tugupta\Documents\GitHub\Security\samples\OpenIdConnectSample\wwwroot" />
+                </application>
+                <bindings>
+                    <binding protocol="http" bindingInformation="*:42023:localhost" />
+                </bindings>
+            </site>
+            <siteDefaults>
+                <logFile logFormat="W3C" directory="%IIS_USER_HOME%\Logs" />
+                <traceFailedRequestsLogging directory="%IIS_USER_HOME%\TraceLogFiles" enabled="true" maxLogFileSizeKB="1024" />
+            </siteDefaults>
+            <applicationDefaults applicationPool="Clr4IntegratedAppPool" />
+            <virtualDirectoryDefaults allowSubDirConfig="true" />
+        </sites>
+
+        <webLimits />
+
+    </system.applicationHost>
+
+    <system.webServer>
+
+        <serverRuntime />
+
+        <asp scriptErrorSentToBrowser="true">
+            <cache diskTemplateCacheDirectory="%TEMP%\iisexpress\ASP Compiled Templates" />
+            <limits />
+        </asp>
+
+        <caching enabled="true" enableKernelCache="true">
+        </caching>
+
+        <cgi />
+
+        <defaultDocument enabled="true">
+            <files>
+                <add value="Default.htm" />
+                <add value="Default.asp" />
+                <add value="index.htm" />
+                <add value="index.html" />
+                <add value="iisstart.htm" />
+                <add value="default.aspx" />
+            </files>
+        </defaultDocument>
+
+        <directoryBrowse enabled="false" />
+
+        <fastCgi />
+
+        <!--
+
+          The <globalModules> section defines all native-code modules.
+          To enable a module, specify it in the <modules> section.
+
+        -->
+        <globalModules>
+            <add name="HttpLoggingModule" image="%IIS_BIN%\loghttp.dll" />
+            <add name="UriCacheModule" image="%IIS_BIN%\cachuri.dll" />
+<!--            <add name="FileCacheModule" image="%IIS_BIN%\cachfile.dll" />  -->
+            <add name="TokenCacheModule" image="%IIS_BIN%\cachtokn.dll" />
+<!--            <add name="HttpCacheModule" image="%IIS_BIN%\cachhttp.dll" /> -->
+            <add name="DynamicCompressionModule" image="%IIS_BIN%\compdyn.dll" />
+            <add name="StaticCompressionModule" image="%IIS_BIN%\compstat.dll" />
+            <add name="DefaultDocumentModule" image="%IIS_BIN%\defdoc.dll" />
+            <add name="DirectoryListingModule" image="%IIS_BIN%\dirlist.dll" />
+            <add name="ProtocolSupportModule" image="%IIS_BIN%\protsup.dll" />
+            <add name="HttpRedirectionModule" image="%IIS_BIN%\redirect.dll" />
+            <add name="ServerSideIncludeModule" image="%IIS_BIN%\iis_ssi.dll" />
+            <add name="StaticFileModule" image="%IIS_BIN%\static.dll" />
+            <add name="AnonymousAuthenticationModule" image="%IIS_BIN%\authanon.dll" />
+            <add name="CertificateMappingAuthenticationModule" image="%IIS_BIN%\authcert.dll" />
+            <add name="UrlAuthorizationModule" image="%IIS_BIN%\urlauthz.dll" />
+            <add name="BasicAuthenticationModule" image="%IIS_BIN%\authbas.dll" />
+            <add name="WindowsAuthenticationModule" image="%IIS_BIN%\authsspi.dll" />
+<!--            <add name="DigestAuthenticationModule" image="%IIS_BIN%\authmd5.dll" /> -->
+            <add name="IISCertificateMappingAuthenticationModule" image="%IIS_BIN%\authmap.dll" />
+            <add name="IpRestrictionModule" image="%IIS_BIN%\iprestr.dll" />
+            <add name="DynamicIpRestrictionModule" image="%IIS_BIN%\diprestr.dll" />
+            <add name="RequestFilteringModule" image="%IIS_BIN%\modrqflt.dll" />
+            <add name="CustomLoggingModule" image="%IIS_BIN%\logcust.dll" />
+            <add name="CustomErrorModule" image="%IIS_BIN%\custerr.dll" />
+<!--            <add name="TracingModule" image="%IIS_BIN%\iisetw.dll" /> -->
+            <add name="FailedRequestsTracingModule" image="%IIS_BIN%\iisfreb.dll" />
+            <add name="RequestMonitorModule" image="%IIS_BIN%\iisreqs.dll" />
+            <add name="IsapiModule" image="%IIS_BIN%\isapi.dll" />
+            <add name="IsapiFilterModule" image="%IIS_BIN%\filter.dll" />
+            <add name="CgiModule" image="%IIS_BIN%\cgi.dll" />
+            <add name="FastCgiModule" image="%IIS_BIN%\iisfcgi.dll" />
+<!--            <add name="WebDAVModule" image="%IIS_BIN%\webdav.dll" /> -->
+            <add name="RewriteModule" image="%IIS_BIN%\rewrite.dll" />
+            <add name="ConfigurationValidationModule" image="%IIS_BIN%\validcfg.dll" />
+            <add name="WebSocketModule" image="%IIS_BIN%\iiswsock.dll" />
+            <add name="WebMatrixSupportModule" image="%IIS_BIN%\webmatrixsup.dll" />
+            <add name="ManagedEngine" image="%windir%\Microsoft.NET\Framework\v2.0.50727\webengine.dll" preCondition="integratedMode,runtimeVersionv2.0,bitness32" />
+            <add name="ManagedEngine64" image="%windir%\Microsoft.NET\Framework64\v2.0.50727\webengine.dll" preCondition="integratedMode,runtimeVersionv2.0,bitness64" />
+            <add name="ManagedEngineV4.0_32bit" image="%windir%\Microsoft.NET\Framework\v4.0.30319\webengine4.dll" preCondition="integratedMode,runtimeVersionv4.0,bitness32" />
+            <add name="ManagedEngineV4.0_64bit" image="%windir%\Microsoft.NET\Framework64\v4.0.30319\webengine4.dll" preCondition="integratedMode,runtimeVersionv4.0,bitness64" />
+            <add name="ApplicationInitializationModule" image="%IIS_BIN%\warmup.dll" />
+        </globalModules>
+
+        <httpCompression directory="%TEMP%\iisexpress\IIS Temporary Compressed Files">
+            <scheme name="gzip" dll="%IIS_BIN%\gzip.dll" />
+            <dynamicTypes>
+                <add mimeType="text/*" enabled="true" />
+                <add mimeType="message/*" enabled="true" />
+                <add mimeType="application/javascript" enabled="true" />
+                <add mimeType="application/atom+xml" enabled="true" />
+                <add mimeType="application/xaml+xml" enabled="true" />
+                <add mimeType="*/*" enabled="false" />
+            </dynamicTypes>
+            <staticTypes>
+                <add mimeType="text/*" enabled="true" />
+                <add mimeType="message/*" enabled="true" />
+                <add mimeType="application/javascript" enabled="true" />
+                <add mimeType="application/atom+xml" enabled="true" />
+                <add mimeType="application/xaml+xml" enabled="true" />
+                <add mimeType="*/*" enabled="false" />
+            </staticTypes>
+        </httpCompression>
+
+        <httpErrors lockAttributes="allowAbsolutePathsWhenDelegated,defaultPath">
+            <error statusCode="401" prefixLanguageFilePath="%IIS_BIN%\custerr" path="401.htm" />
+            <error statusCode="403" prefixLanguageFilePath="%IIS_BIN%\custerr" path="403.htm" />
+            <error statusCode="404" prefixLanguageFilePath="%IIS_BIN%\custerr" path="404.htm" />
+            <error statusCode="405" prefixLanguageFilePath="%IIS_BIN%\custerr" path="405.htm" />
+            <error statusCode="406" prefixLanguageFilePath="%IIS_BIN%\custerr" path="406.htm" />
+            <error statusCode="412" prefixLanguageFilePath="%IIS_BIN%\custerr" path="412.htm" />
+            <error statusCode="500" prefixLanguageFilePath="%IIS_BIN%\custerr" path="500.htm" />
+            <error statusCode="501" prefixLanguageFilePath="%IIS_BIN%\custerr" path="501.htm" />
+            <error statusCode="502" prefixLanguageFilePath="%IIS_BIN%\custerr" path="502.htm" />
+        </httpErrors>
+
+        <httpLogging dontLog="false" />
+
+        <httpProtocol>
+            <customHeaders>
+                <clear />
+                <add name="X-Powered-By" value="ASP.NET" />
+            </customHeaders>
+            <redirectHeaders>
+                <clear />
+            </redirectHeaders>
+        </httpProtocol>
+
+        <httpRedirect enabled="false" />
+
+        <httpTracing>
+        </httpTracing>
+
+        <isapiFilters>
+            <filter name="ASP.Net_2.0.50727-64" path="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_filter.dll" enableCache="true" preCondition="bitness64,runtimeVersionv2.0" />
+            <filter name="ASP.Net_2.0.50727.0" path="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll" enableCache="true" preCondition="bitness32,runtimeVersionv2.0" />
+            <filter name="ASP.Net_2.0_for_v1.1" path="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll" enableCache="true" preCondition="runtimeVersionv1.1" />
+            <filter name="ASP.Net_4.0_32bit" path="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_filter.dll" enableCache="true" preCondition="bitness32,runtimeVersionv4.0" />
+            <filter name="ASP.Net_4.0_64bit" path="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_filter.dll" enableCache="true" preCondition="bitness64,runtimeVersionv4.0" />
+        </isapiFilters>
+
+        <odbcLogging />
+
+        <security>
+
+            <access sslFlags="None" />
+
+            <applicationDependencies>
+                <application name="Active Server Pages" groupId="ASP" />
+            </applicationDependencies>
+
+            <authentication>
+
+                <anonymousAuthentication enabled="true" userName="" />
+
+                <basicAuthentication enabled="false" />
+
+                <clientCertificateMappingAuthentication enabled="false" />
+
+                <digestAuthentication enabled="false" />
+
+                <iisClientCertificateMappingAuthentication enabled="false">
+                </iisClientCertificateMappingAuthentication>
+
+                <windowsAuthentication enabled="false">
+                    <providers>
+                        <add value="Negotiate" />
+                        <add value="NTLM" />
+                    </providers>
+                </windowsAuthentication>
+
+            </authentication>
+
+            <authorization>
+                <add accessType="Allow" users="*" />
+            </authorization>
+
+            <ipSecurity allowUnlisted="true" />
+
+            <isapiCgiRestriction notListedIsapisAllowed="true" notListedCgisAllowed="true">
+                <add path="%windir%\Microsoft.NET\Framework64\v4.0.30319\webengine4.dll" allowed="true" groupId="ASP.NET_v4.0" description="ASP.NET_v4.0" />
+                <add path="%windir%\Microsoft.NET\Framework\v4.0.30319\webengine4.dll" allowed="true" groupId="ASP.NET_v4.0" description="ASP.NET_v4.0" />
+                <add path="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" allowed="true" groupId="ASP.NET v2.0.50727" description="ASP.NET v2.0.50727" />
+                <add path="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" allowed="true" groupId="ASP.NET v2.0.50727" description="ASP.NET v2.0.50727" />
+            </isapiCgiRestriction>
+
+            <requestFiltering>
+                <fileExtensions allowUnlisted="true" applyToWebDAV="true">
+                    <add fileExtension=".asax" allowed="false" />
+                    <add fileExtension=".ascx" allowed="false" />
+                    <add fileExtension=".master" allowed="false" />
+                    <add fileExtension=".skin" allowed="false" />
+                    <add fileExtension=".browser" allowed="false" />
+                    <add fileExtension=".sitemap" allowed="false" />
+                    <add fileExtension=".config" allowed="false" />
+                    <add fileExtension=".cs" allowed="false" />
+                    <add fileExtension=".csproj" allowed="false" />
+                    <add fileExtension=".vb" allowed="false" />
+                    <add fileExtension=".vbproj" allowed="false" />
+                    <add fileExtension=".webinfo" allowed="false" />
+                    <add fileExtension=".licx" allowed="false" />
+                    <add fileExtension=".resx" allowed="false" />
+                    <add fileExtension=".resources" allowed="false" />
+                    <add fileExtension=".mdb" allowed="false" />
+                    <add fileExtension=".vjsproj" allowed="false" />
+                    <add fileExtension=".java" allowed="false" />
+                    <add fileExtension=".jsl" allowed="false" />
+                    <add fileExtension=".ldb" allowed="false" />
+                    <add fileExtension=".dsdgm" allowed="false" />
+                    <add fileExtension=".ssdgm" allowed="false" />
+                    <add fileExtension=".lsad" allowed="false" />
+                    <add fileExtension=".ssmap" allowed="false" />
+                    <add fileExtension=".cd" allowed="false" />
+                    <add fileExtension=".dsprototype" allowed="false" />
+                    <add fileExtension=".lsaprototype" allowed="false" />
+                    <add fileExtension=".sdm" allowed="false" />
+                    <add fileExtension=".sdmDocument" allowed="false" />
+                    <add fileExtension=".mdf" allowed="false" />
+                    <add fileExtension=".ldf" allowed="false" />
+                    <add fileExtension=".ad" allowed="false" />
+                    <add fileExtension=".dd" allowed="false" />
+                    <add fileExtension=".ldd" allowed="false" />
+                    <add fileExtension=".sd" allowed="false" />
+                    <add fileExtension=".adprototype" allowed="false" />
+                    <add fileExtension=".lddprototype" allowed="false" />
+                    <add fileExtension=".exclude" allowed="false" />
+                    <add fileExtension=".refresh" allowed="false" />
+                    <add fileExtension=".compiled" allowed="false" />
+                    <add fileExtension=".msgx" allowed="false" />
+                    <add fileExtension=".vsdisco" allowed="false" />
+                    <add fileExtension=".rules" allowed="false" />
+                </fileExtensions>
+                <verbs allowUnlisted="true" applyToWebDAV="true" />
+                <hiddenSegments applyToWebDAV="true">
+                    <add segment="web.config" />
+                    <add segment="bin" />
+                    <add segment="App_code" />
+                    <add segment="App_GlobalResources" />
+                    <add segment="App_LocalResources" />
+                    <add segment="App_WebReferences" />
+                    <add segment="App_Data" />
+                    <add segment="App_Browsers" />
+                </hiddenSegments>
+            </requestFiltering>
+
+        </security>
+
+        <serverSideInclude ssiExecDisable="false" />
+
+        <staticContent lockAttributes="isDocFooterFileName">
+            <mimeMap fileExtension=".323" mimeType="text/h323" />
+            <mimeMap fileExtension=".3g2" mimeType="video/3gpp2" />
+            <mimeMap fileExtension=".3gp2" mimeType="video/3gpp2" />
+            <mimeMap fileExtension=".3gp" mimeType="video/3gpp" />
+            <mimeMap fileExtension=".3gpp" mimeType="video/3gpp" />
+            <mimeMap fileExtension=".aac" mimeType="audio/aac" />
+            <mimeMap fileExtension=".aaf" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".aca" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".accdb" mimeType="application/msaccess" />
+            <mimeMap fileExtension=".accde" mimeType="application/msaccess" />
+            <mimeMap fileExtension=".accdt" mimeType="application/msaccess" />
+            <mimeMap fileExtension=".acx" mimeType="application/internet-property-stream" />
+            <mimeMap fileExtension=".adt" mimeType="audio/vnd.dlna.adts" />
+            <mimeMap fileExtension=".adts" mimeType="audio/vnd.dlna.adts" />
+            <mimeMap fileExtension=".afm" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".ai" mimeType="application/postscript" />
+            <mimeMap fileExtension=".aif" mimeType="audio/x-aiff" />
+            <mimeMap fileExtension=".aifc" mimeType="audio/aiff" />
+            <mimeMap fileExtension=".aiff" mimeType="audio/aiff" />
+            <mimeMap fileExtension=".appcache" mimeType="text/cache-manifest" />
+            <mimeMap fileExtension=".application" mimeType="application/x-ms-application" />
+            <mimeMap fileExtension=".art" mimeType="image/x-jg" />
+            <mimeMap fileExtension=".asd" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".asf" mimeType="video/x-ms-asf" />
+            <mimeMap fileExtension=".asi" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".asm" mimeType="text/plain" />
+            <mimeMap fileExtension=".asr" mimeType="video/x-ms-asf" />
+            <mimeMap fileExtension=".asx" mimeType="video/x-ms-asf" />
+            <mimeMap fileExtension=".atom" mimeType="application/atom+xml" />
+            <mimeMap fileExtension=".au" mimeType="audio/basic" />
+            <mimeMap fileExtension=".avi" mimeType="video/msvideo" />
+            <mimeMap fileExtension=".axs" mimeType="application/olescript" />
+            <mimeMap fileExtension=".bas" mimeType="text/plain" />
+            <mimeMap fileExtension=".bcpio" mimeType="application/x-bcpio" />
+            <mimeMap fileExtension=".bin" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".bmp" mimeType="image/bmp" />
+            <mimeMap fileExtension=".c" mimeType="text/plain" />
+            <mimeMap fileExtension=".cab" mimeType="application/vnd.ms-cab-compressed" />
+            <mimeMap fileExtension=".calx" mimeType="application/vnd.ms-office.calx" />
+            <mimeMap fileExtension=".cat" mimeType="application/vnd.ms-pki.seccat" />
+            <mimeMap fileExtension=".cdf" mimeType="application/x-cdf" />
+            <mimeMap fileExtension=".chm" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".class" mimeType="application/x-java-applet" />
+            <mimeMap fileExtension=".clp" mimeType="application/x-msclip" />
+            <mimeMap fileExtension=".cmx" mimeType="image/x-cmx" />
+            <mimeMap fileExtension=".cnf" mimeType="text/plain" />
+            <mimeMap fileExtension=".cod" mimeType="image/cis-cod" />
+            <mimeMap fileExtension=".cpio" mimeType="application/x-cpio" />
+            <mimeMap fileExtension=".cpp" mimeType="text/plain" />
+            <mimeMap fileExtension=".crd" mimeType="application/x-mscardfile" />
+            <mimeMap fileExtension=".crl" mimeType="application/pkix-crl" />
+            <mimeMap fileExtension=".crt" mimeType="application/x-x509-ca-cert" />
+            <mimeMap fileExtension=".csh" mimeType="application/x-csh" />
+            <mimeMap fileExtension=".css" mimeType="text/css" />
+            <mimeMap fileExtension=".csv" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".cur" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".dcr" mimeType="application/x-director" />
+            <mimeMap fileExtension=".deploy" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".der" mimeType="application/x-x509-ca-cert" />
+            <mimeMap fileExtension=".dib" mimeType="image/bmp" />
+            <mimeMap fileExtension=".dir" mimeType="application/x-director" />
+            <mimeMap fileExtension=".disco" mimeType="text/xml" />
+            <mimeMap fileExtension=".dll" mimeType="application/x-msdownload" />
+            <mimeMap fileExtension=".dll.config" mimeType="text/xml" />
+            <mimeMap fileExtension=".dlm" mimeType="text/dlm" />
+            <mimeMap fileExtension=".doc" mimeType="application/msword" />
+            <mimeMap fileExtension=".docm" mimeType="application/vnd.ms-word.document.macroEnabled.12" />
+            <mimeMap fileExtension=".docx" mimeType="application/vnd.openxmlformats-officedocument.wordprocessingml.document" />
+            <mimeMap fileExtension=".dot" mimeType="application/msword" />
+            <mimeMap fileExtension=".dotm" mimeType="application/vnd.ms-word.template.macroEnabled.12" />
+            <mimeMap fileExtension=".dotx" mimeType="application/vnd.openxmlformats-officedocument.wordprocessingml.template" />
+            <mimeMap fileExtension=".dsp" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".dtd" mimeType="text/xml" />
+            <mimeMap fileExtension=".dvi" mimeType="application/x-dvi" />
+            <mimeMap fileExtension=".dvr-ms" mimeType="video/x-ms-dvr" />
+            <mimeMap fileExtension=".dwf" mimeType="drawing/x-dwf" />
+            <mimeMap fileExtension=".dwp" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".dxr" mimeType="application/x-director" />
+            <mimeMap fileExtension=".eml" mimeType="message/rfc822" />
+            <mimeMap fileExtension=".emz" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".eot" mimeType="application/vnd.ms-fontobject" />
+            <mimeMap fileExtension=".eps" mimeType="application/postscript" />
+            <mimeMap fileExtension=".etx" mimeType="text/x-setext" />
+            <mimeMap fileExtension=".evy" mimeType="application/envoy" />
+            <mimeMap fileExtension=".exe" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".exe.config" mimeType="text/xml" />
+            <mimeMap fileExtension=".fdf" mimeType="application/vnd.fdf" />
+            <mimeMap fileExtension=".fif" mimeType="application/fractals" />
+            <mimeMap fileExtension=".fla" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".flr" mimeType="x-world/x-vrml" />
+            <mimeMap fileExtension=".flv" mimeType="video/x-flv" />
+            <mimeMap fileExtension=".gif" mimeType="image/gif" />
+            <mimeMap fileExtension=".gtar" mimeType="application/x-gtar" />
+            <mimeMap fileExtension=".gz" mimeType="application/x-gzip" />
+            <mimeMap fileExtension=".h" mimeType="text/plain" />
+            <mimeMap fileExtension=".hdf" mimeType="application/x-hdf" />
+            <mimeMap fileExtension=".hdml" mimeType="text/x-hdml" />
+            <mimeMap fileExtension=".hhc" mimeType="application/x-oleobject" />
+            <mimeMap fileExtension=".hhk" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".hhp" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".hlp" mimeType="application/winhlp" />
+            <mimeMap fileExtension=".hqx" mimeType="application/mac-binhex40" />
+            <mimeMap fileExtension=".hta" mimeType="application/hta" />
+            <mimeMap fileExtension=".htc" mimeType="text/x-component" />
+            <mimeMap fileExtension=".htm" mimeType="text/html" />
+            <mimeMap fileExtension=".html" mimeType="text/html" />
+            <mimeMap fileExtension=".htt" mimeType="text/webviewhtml" />
+            <mimeMap fileExtension=".hxt" mimeType="text/html" />
+            <mimeMap fileExtension=".ico" mimeType="image/x-icon" />
+            <mimeMap fileExtension=".ics" mimeType="text/calendar" />
+            <mimeMap fileExtension=".ief" mimeType="image/ief" />
+            <mimeMap fileExtension=".iii" mimeType="application/x-iphone" />
+            <mimeMap fileExtension=".inf" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".ins" mimeType="application/x-internet-signup" />
+            <mimeMap fileExtension=".isp" mimeType="application/x-internet-signup" />
+            <mimeMap fileExtension=".IVF" mimeType="video/x-ivf" />
+            <mimeMap fileExtension=".jar" mimeType="application/java-archive" />
+            <mimeMap fileExtension=".java" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".jck" mimeType="application/liquidmotion" />
+            <mimeMap fileExtension=".jcz" mimeType="application/liquidmotion" />
+            <mimeMap fileExtension=".jfif" mimeType="image/pjpeg" />
+            <mimeMap fileExtension=".jpb" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".jpe" mimeType="image/jpeg" />
+            <mimeMap fileExtension=".jpeg" mimeType="image/jpeg" />
+            <mimeMap fileExtension=".jpg" mimeType="image/jpeg" />
+            <mimeMap fileExtension=".js" mimeType="application/javascript" />
+            <mimeMap fileExtension=".json" mimeType="application/json" />
+            <mimeMap fileExtension=".jsonld" mimeType="application/ld+json" />
+            <mimeMap fileExtension=".jsx" mimeType="text/jscript" />
+            <mimeMap fileExtension=".latex" mimeType="application/x-latex" />
+            <mimeMap fileExtension=".less" mimeType="text/css" />
+            <mimeMap fileExtension=".lit" mimeType="application/x-ms-reader" />
+            <mimeMap fileExtension=".lpk" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".lsf" mimeType="video/x-la-asf" />
+            <mimeMap fileExtension=".lsx" mimeType="video/x-la-asf" />
+            <mimeMap fileExtension=".lzh" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".m13" mimeType="application/x-msmediaview" />
+            <mimeMap fileExtension=".m14" mimeType="application/x-msmediaview" />
+            <mimeMap fileExtension=".m1v" mimeType="video/mpeg" />
+            <mimeMap fileExtension=".m2ts" mimeType="video/vnd.dlna.mpeg-tts" />
+            <mimeMap fileExtension=".m3u" mimeType="audio/x-mpegurl" />
+            <mimeMap fileExtension=".m4a" mimeType="audio/mp4" />
+            <mimeMap fileExtension=".m4v" mimeType="video/mp4" />
+            <mimeMap fileExtension=".man" mimeType="application/x-troff-man" />
+            <mimeMap fileExtension=".manifest" mimeType="application/x-ms-manifest" />
+            <mimeMap fileExtension=".map" mimeType="text/plain" />
+            <mimeMap fileExtension=".mdb" mimeType="application/x-msaccess" />
+            <mimeMap fileExtension=".mdp" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".me" mimeType="application/x-troff-me" />
+            <mimeMap fileExtension=".mht" mimeType="message/rfc822" />
+            <mimeMap fileExtension=".mhtml" mimeType="message/rfc822" />
+            <mimeMap fileExtension=".mid" mimeType="audio/mid" />
+            <mimeMap fileExtension=".midi" mimeType="audio/mid" />
+            <mimeMap fileExtension=".mix" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".mmf" mimeType="application/x-smaf" />
+            <mimeMap fileExtension=".mno" mimeType="text/xml" />
+            <mimeMap fileExtension=".mny" mimeType="application/x-msmoney" />
+            <mimeMap fileExtension=".mov" mimeType="video/quicktime" />
+            <mimeMap fileExtension=".movie" mimeType="video/x-sgi-movie" />
+            <mimeMap fileExtension=".mp2" mimeType="video/mpeg" />
+            <mimeMap fileExtension=".mp3" mimeType="audio/mpeg" />
+            <mimeMap fileExtension=".mp4" mimeType="video/mp4" />
+            <mimeMap fileExtension=".mp4v" mimeType="video/mp4" />
+            <mimeMap fileExtension=".mpa" mimeType="video/mpeg" />
+            <mimeMap fileExtension=".mpe" mimeType="video/mpeg" />
+            <mimeMap fileExtension=".mpeg" mimeType="video/mpeg" />
+            <mimeMap fileExtension=".mpg" mimeType="video/mpeg" />
+            <mimeMap fileExtension=".mpp" mimeType="application/vnd.ms-project" />
+            <mimeMap fileExtension=".mpv2" mimeType="video/mpeg" />
+            <mimeMap fileExtension=".ms" mimeType="application/x-troff-ms" />
+            <mimeMap fileExtension=".msi" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".mso" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".mvb" mimeType="application/x-msmediaview" />
+            <mimeMap fileExtension=".mvc" mimeType="application/x-miva-compiled" />
+            <mimeMap fileExtension=".nc" mimeType="application/x-netcdf" />
+            <mimeMap fileExtension=".nsc" mimeType="video/x-ms-asf" />
+            <mimeMap fileExtension=".nws" mimeType="message/rfc822" />
+            <mimeMap fileExtension=".ocx" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".oda" mimeType="application/oda" />
+            <mimeMap fileExtension=".odc" mimeType="text/x-ms-odc" />
+            <mimeMap fileExtension=".ods" mimeType="application/oleobject" />
+            <mimeMap fileExtension=".oga" mimeType="audio/ogg" />
+            <mimeMap fileExtension=".ogg" mimeType="video/ogg" />
+            <mimeMap fileExtension=".ogv" mimeType="video/ogg" />
+            <mimeMap fileExtension=".one" mimeType="application/onenote" />
+            <mimeMap fileExtension=".onea" mimeType="application/onenote" />
+            <mimeMap fileExtension=".onetoc" mimeType="application/onenote" />
+            <mimeMap fileExtension=".onetoc2" mimeType="application/onenote" />
+            <mimeMap fileExtension=".onetmp" mimeType="application/onenote" />
+            <mimeMap fileExtension=".onepkg" mimeType="application/onenote" />
+            <mimeMap fileExtension=".osdx" mimeType="application/opensearchdescription+xml" />
+            <mimeMap fileExtension=".otf" mimeType="font/otf" />
+            <mimeMap fileExtension=".p10" mimeType="application/pkcs10" />
+            <mimeMap fileExtension=".p12" mimeType="application/x-pkcs12" />
+            <mimeMap fileExtension=".p7b" mimeType="application/x-pkcs7-certificates" />
+            <mimeMap fileExtension=".p7c" mimeType="application/pkcs7-mime" />
+            <mimeMap fileExtension=".p7m" mimeType="application/pkcs7-mime" />
+            <mimeMap fileExtension=".p7r" mimeType="application/x-pkcs7-certreqresp" />
+            <mimeMap fileExtension=".p7s" mimeType="application/pkcs7-signature" />
+            <mimeMap fileExtension=".pbm" mimeType="image/x-portable-bitmap" />
+            <mimeMap fileExtension=".pcx" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".pcz" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".pdf" mimeType="application/pdf" />
+            <mimeMap fileExtension=".pfb" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".pfm" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".pfx" mimeType="application/x-pkcs12" />
+            <mimeMap fileExtension=".pgm" mimeType="image/x-portable-graymap" />
+            <mimeMap fileExtension=".pko" mimeType="application/vnd.ms-pki.pko" />
+            <mimeMap fileExtension=".pma" mimeType="application/x-perfmon" />
+            <mimeMap fileExtension=".pmc" mimeType="application/x-perfmon" />
+            <mimeMap fileExtension=".pml" mimeType="application/x-perfmon" />
+            <mimeMap fileExtension=".pmr" mimeType="application/x-perfmon" />
+            <mimeMap fileExtension=".pmw" mimeType="application/x-perfmon" />
+            <mimeMap fileExtension=".png" mimeType="image/png" />
+            <mimeMap fileExtension=".pnm" mimeType="image/x-portable-anymap" />
+            <mimeMap fileExtension=".pnz" mimeType="image/png" />
+            <mimeMap fileExtension=".pot" mimeType="application/vnd.ms-powerpoint" />
+            <mimeMap fileExtension=".potm" mimeType="application/vnd.ms-powerpoint.template.macroEnabled.12" />
+            <mimeMap fileExtension=".potx" mimeType="application/vnd.openxmlformats-officedocument.presentationml.template" />
+            <mimeMap fileExtension=".ppam" mimeType="application/vnd.ms-powerpoint.addin.macroEnabled.12" />
+            <mimeMap fileExtension=".ppm" mimeType="image/x-portable-pixmap" />
+            <mimeMap fileExtension=".pps" mimeType="application/vnd.ms-powerpoint" />
+            <mimeMap fileExtension=".ppsm" mimeType="application/vnd.ms-powerpoint.slideshow.macroEnabled.12" />
+            <mimeMap fileExtension=".ppsx" mimeType="application/vnd.openxmlformats-officedocument.presentationml.slideshow" />
+            <mimeMap fileExtension=".ppt" mimeType="application/vnd.ms-powerpoint" />
+            <mimeMap fileExtension=".pptm" mimeType="application/vnd.ms-powerpoint.presentation.macroEnabled.12" />
+            <mimeMap fileExtension=".pptx" mimeType="application/vnd.openxmlformats-officedocument.presentationml.presentation" />
+            <mimeMap fileExtension=".prf" mimeType="application/pics-rules" />
+            <mimeMap fileExtension=".prm" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".prx" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".ps" mimeType="application/postscript" />
+            <mimeMap fileExtension=".psd" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".psm" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".psp" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".pub" mimeType="application/x-mspublisher" />
+            <mimeMap fileExtension=".qt" mimeType="video/quicktime" />
+            <mimeMap fileExtension=".qtl" mimeType="application/x-quicktimeplayer" />
+            <mimeMap fileExtension=".qxd" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".ra" mimeType="audio/x-pn-realaudio" />
+            <mimeMap fileExtension=".ram" mimeType="audio/x-pn-realaudio" />
+            <mimeMap fileExtension=".rar" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".ras" mimeType="image/x-cmu-raster" />
+            <mimeMap fileExtension=".rf" mimeType="image/vnd.rn-realflash" />
+            <mimeMap fileExtension=".rgb" mimeType="image/x-rgb" />
+            <mimeMap fileExtension=".rm" mimeType="application/vnd.rn-realmedia" />
+            <mimeMap fileExtension=".rmi" mimeType="audio/mid" />
+            <mimeMap fileExtension=".roff" mimeType="application/x-troff" />
+            <mimeMap fileExtension=".rpm" mimeType="audio/x-pn-realaudio-plugin" />
+            <mimeMap fileExtension=".rtf" mimeType="application/rtf" />
+            <mimeMap fileExtension=".rtx" mimeType="text/richtext" />
+            <mimeMap fileExtension=".scd" mimeType="application/x-msschedule" />
+            <mimeMap fileExtension=".sct" mimeType="text/scriptlet" />
+            <mimeMap fileExtension=".sea" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".setpay" mimeType="application/set-payment-initiation" />
+            <mimeMap fileExtension=".setreg" mimeType="application/set-registration-initiation" />
+            <mimeMap fileExtension=".sgml" mimeType="text/sgml" />
+            <mimeMap fileExtension=".sh" mimeType="application/x-sh" />
+            <mimeMap fileExtension=".shar" mimeType="application/x-shar" />
+            <mimeMap fileExtension=".sit" mimeType="application/x-stuffit" />
+            <mimeMap fileExtension=".sldm" mimeType="application/vnd.ms-powerpoint.slide.macroEnabled.12" />
+            <mimeMap fileExtension=".sldx" mimeType="application/vnd.openxmlformats-officedocument.presentationml.slide" />
+            <mimeMap fileExtension=".smd" mimeType="audio/x-smd" />
+            <mimeMap fileExtension=".smi" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".smx" mimeType="audio/x-smd" />
+            <mimeMap fileExtension=".smz" mimeType="audio/x-smd" />
+            <mimeMap fileExtension=".snd" mimeType="audio/basic" />
+            <mimeMap fileExtension=".snp" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".spc" mimeType="application/x-pkcs7-certificates" />
+            <mimeMap fileExtension=".spl" mimeType="application/futuresplash" />
+            <mimeMap fileExtension=".spx" mimeType="audio/ogg" />
+            <mimeMap fileExtension=".src" mimeType="application/x-wais-source" />
+            <mimeMap fileExtension=".ssm" mimeType="application/streamingmedia" />
+            <mimeMap fileExtension=".sst" mimeType="application/vnd.ms-pki.certstore" />
+            <mimeMap fileExtension=".stl" mimeType="application/vnd.ms-pki.stl" />
+            <mimeMap fileExtension=".sv4cpio" mimeType="application/x-sv4cpio" />
+            <mimeMap fileExtension=".sv4crc" mimeType="application/x-sv4crc" />
+            <mimeMap fileExtension=".svg" mimeType="image/svg+xml" />
+            <mimeMap fileExtension=".svgz" mimeType="image/svg+xml" />
+            <mimeMap fileExtension=".swf" mimeType="application/x-shockwave-flash" />
+            <mimeMap fileExtension=".t" mimeType="application/x-troff" />
+            <mimeMap fileExtension=".tar" mimeType="application/x-tar" />
+            <mimeMap fileExtension=".tcl" mimeType="application/x-tcl" />
+            <mimeMap fileExtension=".tex" mimeType="application/x-tex" />
+            <mimeMap fileExtension=".texi" mimeType="application/x-texinfo" />
+            <mimeMap fileExtension=".texinfo" mimeType="application/x-texinfo" />
+            <mimeMap fileExtension=".tgz" mimeType="application/x-compressed" />
+            <mimeMap fileExtension=".thmx" mimeType="application/vnd.ms-officetheme" />
+            <mimeMap fileExtension=".thn" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".tif" mimeType="image/tiff" />
+            <mimeMap fileExtension=".tiff" mimeType="image/tiff" />
+            <mimeMap fileExtension=".toc" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".tr" mimeType="application/x-troff" />
+            <mimeMap fileExtension=".trm" mimeType="application/x-msterminal" />
+            <mimeMap fileExtension=".ts" mimeType="video/vnd.dlna.mpeg-tts" />
+            <mimeMap fileExtension=".tsv" mimeType="text/tab-separated-values" />
+            <mimeMap fileExtension=".ttf" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".tts" mimeType="video/vnd.dlna.mpeg-tts" />
+            <mimeMap fileExtension=".txt" mimeType="text/plain" />
+            <mimeMap fileExtension=".u32" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".uls" mimeType="text/iuls" />
+            <mimeMap fileExtension=".ustar" mimeType="application/x-ustar" />
+            <mimeMap fileExtension=".vbs" mimeType="text/vbscript" />
+            <mimeMap fileExtension=".vcf" mimeType="text/x-vcard" />
+            <mimeMap fileExtension=".vcs" mimeType="text/plain" />
+            <mimeMap fileExtension=".vdx" mimeType="application/vnd.ms-visio.viewer" />
+            <mimeMap fileExtension=".vml" mimeType="text/xml" />
+            <mimeMap fileExtension=".vsd" mimeType="application/vnd.visio" />
+            <mimeMap fileExtension=".vss" mimeType="application/vnd.visio" />
+            <mimeMap fileExtension=".vst" mimeType="application/vnd.visio" />
+            <mimeMap fileExtension=".vsto" mimeType="application/x-ms-vsto" />
+            <mimeMap fileExtension=".vsw" mimeType="application/vnd.visio" />
+            <mimeMap fileExtension=".vsx" mimeType="application/vnd.visio" />
+            <mimeMap fileExtension=".vtx" mimeType="application/vnd.visio" />
+            <mimeMap fileExtension=".wav" mimeType="audio/wav" />
+            <mimeMap fileExtension=".wax" mimeType="audio/x-ms-wax" />
+            <mimeMap fileExtension=".wbmp" mimeType="image/vnd.wap.wbmp" />
+            <mimeMap fileExtension=".wcm" mimeType="application/vnd.ms-works" />
+            <mimeMap fileExtension=".wdb" mimeType="application/vnd.ms-works" />
+            <mimeMap fileExtension=".webm" mimeType="video/webm" />
+            <mimeMap fileExtension=".wks" mimeType="application/vnd.ms-works" />
+            <mimeMap fileExtension=".wm" mimeType="video/x-ms-wm" />
+            <mimeMap fileExtension=".wma" mimeType="audio/x-ms-wma" />
+            <mimeMap fileExtension=".wmd" mimeType="application/x-ms-wmd" />
+            <mimeMap fileExtension=".wmf" mimeType="application/x-msmetafile" />
+            <mimeMap fileExtension=".wml" mimeType="text/vnd.wap.wml" />
+            <mimeMap fileExtension=".wmlc" mimeType="application/vnd.wap.wmlc" />
+            <mimeMap fileExtension=".wmls" mimeType="text/vnd.wap.wmlscript" />
+            <mimeMap fileExtension=".wmlsc" mimeType="application/vnd.wap.wmlscriptc" />
+            <mimeMap fileExtension=".wmp" mimeType="video/x-ms-wmp" />
+            <mimeMap fileExtension=".wmv" mimeType="video/x-ms-wmv" />
+            <mimeMap fileExtension=".wmx" mimeType="video/x-ms-wmx" />
+            <mimeMap fileExtension=".wmz" mimeType="application/x-ms-wmz" />
+            <mimeMap fileExtension=".woff" mimeType="font/x-woff" />
+            <mimeMap fileExtension=".woff2" mimeType="application/font-woff2" />
+            <mimeMap fileExtension=".wps" mimeType="application/vnd.ms-works" />
+            <mimeMap fileExtension=".wri" mimeType="application/x-mswrite" />
+            <mimeMap fileExtension=".wrl" mimeType="x-world/x-vrml" />
+            <mimeMap fileExtension=".wrz" mimeType="x-world/x-vrml" />
+            <mimeMap fileExtension=".wsdl" mimeType="text/xml" />
+            <mimeMap fileExtension=".wtv" mimeType="video/x-ms-wtv" />
+            <mimeMap fileExtension=".wvx" mimeType="video/x-ms-wvx" />
+            <mimeMap fileExtension=".x" mimeType="application/directx" />
+            <mimeMap fileExtension=".xaf" mimeType="x-world/x-vrml" />
+            <mimeMap fileExtension=".xaml" mimeType="application/xaml+xml" />
+            <mimeMap fileExtension=".xap" mimeType="application/x-silverlight-app" />
+            <mimeMap fileExtension=".xbap" mimeType="application/x-ms-xbap" />
+            <mimeMap fileExtension=".xbm" mimeType="image/x-xbitmap" />
+            <mimeMap fileExtension=".xdr" mimeType="text/plain" />
+            <mimeMap fileExtension=".xht" mimeType="application/xhtml+xml" />
+            <mimeMap fileExtension=".xhtml" mimeType="application/xhtml+xml" />
+            <mimeMap fileExtension=".xla" mimeType="application/vnd.ms-excel" />
+            <mimeMap fileExtension=".xlam" mimeType="application/vnd.ms-excel.addin.macroEnabled.12" />
+            <mimeMap fileExtension=".xlc" mimeType="application/vnd.ms-excel" />
+            <mimeMap fileExtension=".xlm" mimeType="application/vnd.ms-excel" />
+            <mimeMap fileExtension=".xls" mimeType="application/vnd.ms-excel" />
+            <mimeMap fileExtension=".xlsb" mimeType="application/vnd.ms-excel.sheet.binary.macroEnabled.12" />
+            <mimeMap fileExtension=".xlsm" mimeType="application/vnd.ms-excel.sheet.macroEnabled.12" />
+            <mimeMap fileExtension=".xlsx" mimeType="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" />
+            <mimeMap fileExtension=".xlt" mimeType="application/vnd.ms-excel" />
+            <mimeMap fileExtension=".xltm" mimeType="application/vnd.ms-excel.template.macroEnabled.12" />
+            <mimeMap fileExtension=".xltx" mimeType="application/vnd.openxmlformats-officedocument.spreadsheetml.template" />
+            <mimeMap fileExtension=".xlw" mimeType="application/vnd.ms-excel" />
+            <mimeMap fileExtension=".xml" mimeType="text/xml" />
+            <mimeMap fileExtension=".xof" mimeType="x-world/x-vrml" />
+            <mimeMap fileExtension=".xpm" mimeType="image/x-xpixmap" />
+            <mimeMap fileExtension=".xps" mimeType="application/vnd.ms-xpsdocument" />
+            <mimeMap fileExtension=".xsd" mimeType="text/xml" />
+            <mimeMap fileExtension=".xsf" mimeType="text/xml" />
+            <mimeMap fileExtension=".xsl" mimeType="text/xml" />
+            <mimeMap fileExtension=".xslt" mimeType="text/xml" />
+            <mimeMap fileExtension=".xsn" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".xtp" mimeType="application/octet-stream" />
+            <mimeMap fileExtension=".xwd" mimeType="image/x-xwindowdump" />
+            <mimeMap fileExtension=".z" mimeType="application/x-compress" />
+            <mimeMap fileExtension=".zip" mimeType="application/x-zip-compressed" />
+        </staticContent>
+
+        <tracing>
+
+             <traceProviderDefinitions>
+                <add name="WWW Server" guid="{3a2a4e84-4c21-4981-ae10-3fda0d9b0f83}">
+                    <areas>
+                        <clear />
+                        <add name="Authentication" value="2" />
+                        <add name="Security" value="4" />
+                        <add name="Filter" value="8" />
+                        <add name="StaticFile" value="16" />
+                        <add name="CGI" value="32" />
+                        <add name="Compression" value="64" />
+                        <add name="Cache" value="128" />
+                        <add name="RequestNotifications" value="256" />
+                        <add name="Module" value="512" />
+                        <add name="Rewrite" value="1024" />
+                        <add name="FastCGI" value="4096" />
+                        <add name="WebSocket" value="16384" />
+                    </areas>
+                </add>
+                <add name="ASP" guid="{06b94d9a-b15e-456e-a4ef-37c984a2cb4b}">
+                    <areas>
+                        <clear />
+                    </areas>
+                </add>
+                <add name="ISAPI Extension" guid="{a1c2040e-8840-4c31-ba11-9871031a19ea}">
+                    <areas>
+                        <clear />
+                    </areas>
+                </add>
+                <add name="ASPNET" guid="{AFF081FE-0247-4275-9C4E-021F3DC1DA35}">
+                    <areas>
+                        <add name="Infrastructure" value="1" />
+                        <add name="Module" value="2" />
+                        <add name="Page" value="4" />
+                        <add name="AppServices" value="8" />
+                    </areas>
+                </add>
+            </traceProviderDefinitions>
+
+            <traceFailedRequests>
+                <add path="*">
+                    <traceAreas>
+                        <add provider="ASP" verbosity="Verbose" />
+                        <add provider="ASPNET" areas="Infrastructure,Module,Page,AppServices" verbosity="Verbose" />
+                        <add provider="ISAPI Extension" verbosity="Verbose" />
+                        <add provider="WWW Server" areas="Authentication,Security,Filter,StaticFile,CGI,Compression,Cache,RequestNotifications,Module,Rewrite,WebSocket" verbosity="Verbose" />
+                    </traceAreas>
+                    <failureDefinitions statusCodes="200-999" />
+                </add>
+            </traceFailedRequests>
+
+        </tracing>
+
+        <urlCompression />
+
+        <validation />
+        <webdav>
+            <globalSettings>
+                <propertyStores>
+                    <add name="webdav_simple_prop" image="%IIS_BIN%\webdav_simple_prop.dll" image32="%IIS_BIN%\webdav_simple_prop.dll" />
+                </propertyStores>
+                <lockStores>
+                    <add name="webdav_simple_lock" image="%IIS_BIN%\webdav_simple_lock.dll" image32="%IIS_BIN%\webdav_simple_lock.dll" />
+                </lockStores>
+
+            </globalSettings>
+            <authoring>
+                <locks enabled="true" lockStore="webdav_simple_lock" />
+            </authoring>
+            <authoringRules />
+        </webdav>
+        <webSocket />
+        <applicationInitialization />
+
+    </system.webServer>
+    <location path="" overrideMode="Allow">
+        <system.webServer>
+            <modules>
+                <add name="IsapiFilterModule" lockItem="true" />
+                <add name="BasicAuthenticationModule" lockItem="true" />
+                <add name="IsapiModule" lockItem="true" />
+                <add name="HttpLoggingModule" lockItem="true" />
+<!--
+                <add name="HttpCacheModule" lockItem="true" />
+-->
+                <add name="DynamicCompressionModule" lockItem="true" />
+                <add name="StaticCompressionModule" lockItem="true" />
+                <add name="DefaultDocumentModule" lockItem="true" />
+                <add name="DirectoryListingModule" lockItem="true" />
+                <add name="ProtocolSupportModule" lockItem="true" />
+                <add name="HttpRedirectionModule" lockItem="true" />
+                <add name="ServerSideIncludeModule" lockItem="true" />
+                <add name="StaticFileModule" lockItem="true" />
+                <add name="AnonymousAuthenticationModule" lockItem="true" />
+                <add name="CertificateMappingAuthenticationModule" lockItem="true" />
+                <add name="UrlAuthorizationModule" lockItem="true" />
+                <add name="WindowsAuthenticationModule" lockItem="true" />
+<!--
+                <add name="DigestAuthenticationModule" lockItem="true" />
+-->
+                <add name="IISCertificateMappingAuthenticationModule" lockItem="true" />
+                <add name="WebMatrixSupportModule" lockItem="true" />
+                <add name="IpRestrictionModule" lockItem="true" />
+                <add name="DynamicIpRestrictionModule" lockItem="true" />
+                <add name="RequestFilteringModule" lockItem="true" />
+                <add name="CustomLoggingModule" lockItem="true" />
+                <add name="CustomErrorModule" lockItem="true" />
+                <add name="FailedRequestsTracingModule" lockItem="true" />
+                <add name="CgiModule" lockItem="true" />
+                <add name="FastCgiModule" lockItem="true" />
+<!--                <add name="WebDAVModule" /> -->
+                <add name="RewriteModule" /> 
+                <add name="OutputCache" type="System.Web.Caching.OutputCacheModule" preCondition="managedHandler" />
+                <add name="Session" type="System.Web.SessionState.SessionStateModule" preCondition="managedHandler" />
+                <add name="WindowsAuthentication" type="System.Web.Security.WindowsAuthenticationModule" preCondition="managedHandler" />
+                <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" preCondition="managedHandler" />
+                <add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" preCondition="managedHandler" />
+                <add name="RoleManager" type="System.Web.Security.RoleManagerModule" preCondition="managedHandler" />
+                <add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" preCondition="managedHandler" />
+                <add name="FileAuthorization" type="System.Web.Security.FileAuthorizationModule" preCondition="managedHandler" />
+                <add name="AnonymousIdentification" type="System.Web.Security.AnonymousIdentificationModule" preCondition="managedHandler" />
+                <add name="Profile" type="System.Web.Profile.ProfileModule" preCondition="managedHandler" />
+                <add name="UrlMappingsModule" type="System.Web.UrlMappingsModule" preCondition="managedHandler" />
+                <add name="ApplicationInitializationModule" lockItem="true" />
+                <add name="WebSocketModule" lockItem="true" />
+                <add name="ServiceModel-4.0" type="System.ServiceModel.Activation.ServiceHttpModule,System.ServiceModel.Activation,Version=4.0.0.0,Culture=neutral,PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler,runtimeVersionv4.0" />
+                <add name="ConfigurationValidationModule" lockItem="true" />
+                <add name="UrlRoutingModule-4.0" type="System.Web.Routing.UrlRoutingModule" preCondition="managedHandler,runtimeVersionv4.0" />
+                <add name="ScriptModule-4.0" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler,runtimeVersionv4.0" />
+            </modules>
+            <handlers accessPolicy="Read, Script">
+<!--                <add name="WebDAV" path="*" verb="PROPFIND,PROPPATCH,MKCOL,PUT,COPY,DELETE,MOVE,LOCK,UNLOCK" modules="WebDAVModule" resourceType="Unspecified" requireAccess="None" /> -->
+                <add name="AXD-ISAPI-4.0_64bit" path="*.axd" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="PageHandlerFactory-ISAPI-4.0_64bit" path="*.aspx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="SimpleHandlerFactory-ISAPI-4.0_64bit" path="*.ashx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="WebServiceHandlerFactory-ISAPI-4.0_64bit" path="*.asmx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="HttpRemotingHandlerFactory-rem-ISAPI-4.0_64bit" path="*.rem" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="HttpRemotingHandlerFactory-soap-ISAPI-4.0_64bit" path="*.soap" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="svc-ISAPI-4.0_64bit" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
+                <add name="rules-ISAPI-4.0_64bit" path="*.rules" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
+                <add name="xoml-ISAPI-4.0_64bit" path="*.xoml" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
+                <add name="xamlx-ISAPI-4.0_64bit" path="*.xamlx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
+                <add name="aspq-ISAPI-4.0_64bit" path="*.aspq" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="cshtm-ISAPI-4.0_64bit" path="*.cshtm" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="cshtml-ISAPI-4.0_64bit" path="*.cshtml" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="vbhtm-ISAPI-4.0_64bit" path="*.vbhtm" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="vbhtml-ISAPI-4.0_64bit" path="*.vbhtml" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="AXD-ISAPI-4.0_32bit" path="*.axd" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="PageHandlerFactory-ISAPI-4.0_32bit" path="*.aspx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="SimpleHandlerFactory-ISAPI-4.0_32bit" path="*.ashx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="WebServiceHandlerFactory-ISAPI-4.0_32bit" path="*.asmx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="HttpRemotingHandlerFactory-rem-ISAPI-4.0_32bit" path="*.rem" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="HttpRemotingHandlerFactory-soap-ISAPI-4.0_32bit" path="*.soap" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="svc-ISAPI-4.0_32bit" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
+                <add name="rules-ISAPI-4.0_32bit" path="*.rules" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
+                <add name="xoml-ISAPI-4.0_32bit" path="*.xoml" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
+                <add name="xamlx-ISAPI-4.0_32bit" path="*.xamlx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
+                <add name="aspq-ISAPI-4.0_32bit" path="*.aspq" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="cshtm-ISAPI-4.0_32bit" path="*.cshtm" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="cshtml-ISAPI-4.0_32bit" path="*.cshtml" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="vbhtm-ISAPI-4.0_32bit" path="*.vbhtm" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="vbhtml-ISAPI-4.0_32bit" path="*.vbhtml" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="TraceHandler-Integrated-4.0" path="trace.axd" verb="GET,HEAD,POST,DEBUG" type="System.Web.Handlers.TraceHandler" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="WebAdminHandler-Integrated-4.0" path="WebAdmin.axd" verb="GET,DEBUG" type="System.Web.Handlers.WebAdminHandler" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="AssemblyResourceLoader-Integrated-4.0" path="WebResource.axd" verb="GET,DEBUG" type="System.Web.Handlers.AssemblyResourceLoader" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="PageHandlerFactory-Integrated-4.0" path="*.aspx" verb="GET,HEAD,POST,DEBUG" type="System.Web.UI.PageHandlerFactory" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="SimpleHandlerFactory-Integrated-4.0" path="*.ashx" verb="GET,HEAD,POST,DEBUG" type="System.Web.UI.SimpleHandlerFactory" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="WebServiceHandlerFactory-Integrated-4.0" path="*.asmx" verb="GET,HEAD,POST,DEBUG" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="HttpRemotingHandlerFactory-rem-Integrated-4.0" path="*.rem" verb="GET,HEAD,POST,DEBUG" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory, System.Runtime.Remoting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="HttpRemotingHandlerFactory-soap-Integrated-4.0" path="*.soap" verb="GET,HEAD,POST,DEBUG" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory, System.Runtime.Remoting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="svc-Integrated-4.0" path="*.svc" verb="*" type="System.ServiceModel.Activation.ServiceHttpHandlerFactory, System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="rules-Integrated-4.0" path="*.rules" verb="*" type="System.ServiceModel.Activation.ServiceHttpHandlerFactory, System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="xoml-Integrated-4.0" path="*.xoml" verb="*" type="System.ServiceModel.Activation.ServiceHttpHandlerFactory, System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="xamlx-Integrated-4.0" path="*.xamlx" verb="GET,HEAD,POST,DEBUG" type="System.Xaml.Hosting.XamlHttpHandlerFactory, System.Xaml.Hosting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="aspq-Integrated-4.0" path="*.aspq" verb="GET,HEAD,POST,DEBUG" type="System.Web.HttpForbiddenHandler" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="cshtm-Integrated-4.0" path="*.cshtm" verb="GET,HEAD,POST,DEBUG" type="System.Web.HttpForbiddenHandler" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="cshtml-Integrated-4.0" path="*.cshtml" verb="GET,HEAD,POST,DEBUG" type="System.Web.HttpForbiddenHandler" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="vbhtm-Integrated-4.0" path="*.vbhtm" verb="GET,HEAD,POST,DEBUG" type="System.Web.HttpForbiddenHandler" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="vbhtml-Integrated-4.0" path="*.vbhtml" verb="GET,HEAD,POST,DEBUG" type="System.Web.HttpForbiddenHandler" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="ScriptHandlerFactoryAppServices-Integrated-4.0" path="*_AppService.axd" verb="*" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="ScriptResourceIntegrated-4.0" path="*ScriptResource.axd" verb="GET,HEAD" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" preCondition="integratedMode,runtimeVersionv4.0" />
+                <add name="ASPClassic" path="*.asp" verb="GET,HEAD,POST" modules="IsapiModule" scriptProcessor="%IIS_BIN%\asp.dll" resourceType="File" />
+                <add name="SecurityCertificate" path="*.cer" verb="GET,HEAD,POST" modules="IsapiModule" scriptProcessor="%IIS_BIN%\asp.dll" resourceType="File" />
+                <add name="ISAPI-dll" path="*.dll" verb="*" modules="IsapiModule" resourceType="File" requireAccess="Execute" allowPathInfo="true" />
+                <add name="TraceHandler-Integrated" path="trace.axd" verb="GET,HEAD,POST,DEBUG" type="System.Web.Handlers.TraceHandler" preCondition="integratedMode,runtimeVersionv2.0" />
+                <add name="WebAdminHandler-Integrated" path="WebAdmin.axd" verb="GET,DEBUG" type="System.Web.Handlers.WebAdminHandler" preCondition="integratedMode,runtimeVersionv2.0" />
+                <add name="AssemblyResourceLoader-Integrated" path="WebResource.axd" verb="GET,DEBUG" type="System.Web.Handlers.AssemblyResourceLoader" preCondition="integratedMode,runtimeVersionv2.0" />
+                <add name="PageHandlerFactory-Integrated" path="*.aspx" verb="GET,HEAD,POST,DEBUG" type="System.Web.UI.PageHandlerFactory" preCondition="integratedMode,runtimeVersionv2.0" />
+                <add name="SimpleHandlerFactory-Integrated" path="*.ashx" verb="GET,HEAD,POST,DEBUG" type="System.Web.UI.SimpleHandlerFactory" preCondition="integratedMode,runtimeVersionv2.0" />
+                <add name="WebServiceHandlerFactory-Integrated" path="*.asmx" verb="GET,HEAD,POST,DEBUG" type="System.Web.Services.Protocols.WebServiceHandlerFactory,System.Web.Services,Version=2.0.0.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a" preCondition="integratedMode,runtimeVersionv2.0" />
+                <add name="HttpRemotingHandlerFactory-rem-Integrated" path="*.rem" verb="GET,HEAD,POST,DEBUG" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory,System.Runtime.Remoting,Version=2.0.0.0,Culture=neutral,PublicKeyToken=b77a5c561934e089" preCondition="integratedMode,runtimeVersionv2.0" />
+                <add name="HttpRemotingHandlerFactory-soap-Integrated" path="*.soap" verb="GET,HEAD,POST,DEBUG" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory,System.Runtime.Remoting,Version=2.0.0.0,Culture=neutral,PublicKeyToken=b77a5c561934e089" preCondition="integratedMode,runtimeVersionv2.0" />
+                <add name="AXD-ISAPI-2.0" path="*.axd" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
+                <add name="PageHandlerFactory-ISAPI-2.0" path="*.aspx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
+                <add name="SimpleHandlerFactory-ISAPI-2.0" path="*.ashx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
+                <add name="WebServiceHandlerFactory-ISAPI-2.0" path="*.asmx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
+                <add name="HttpRemotingHandlerFactory-rem-ISAPI-2.0" path="*.rem" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
+                <add name="HttpRemotingHandlerFactory-soap-ISAPI-2.0" path="*.soap" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
+                <add name="AXD-ISAPI-2.0-64" path="*.axd" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
+                <add name="PageHandlerFactory-ISAPI-2.0-64" path="*.aspx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
+                <add name="SimpleHandlerFactory-ISAPI-2.0-64" path="*.ashx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
+                <add name="WebServiceHandlerFactory-ISAPI-2.0-64" path="*.asmx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
+                <add name="HttpRemotingHandlerFactory-rem-ISAPI-2.0-64" path="*.rem" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
+                <add name="HttpRemotingHandlerFactory-soap-ISAPI-2.0-64" path="*.soap" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
+                <add name="CGI-exe" path="*.exe" verb="*" modules="CgiModule" resourceType="File" requireAccess="Execute" allowPathInfo="true" />
+                <add name="SSINC-stm" path="*.stm" verb="GET,HEAD,POST" modules="ServerSideIncludeModule" resourceType="File" />
+                <add name="SSINC-shtm" path="*.shtm" verb="GET,HEAD,POST" modules="ServerSideIncludeModule" resourceType="File" />
+                <add name="SSINC-shtml" path="*.shtml" verb="GET,HEAD,POST" modules="ServerSideIncludeModule" resourceType="File" />
+                <add name="TRACEVerbHandler" path="*" verb="TRACE" modules="ProtocolSupportModule" requireAccess="None" />
+                <add name="OPTIONSVerbHandler" path="*" verb="OPTIONS" modules="ProtocolSupportModule" requireAccess="None" />
+                <add name="ExtensionlessUrl-ISAPI-4.0_32bit" path="*." verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
+                <add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
+                <add name="ExtensionlessUrl-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" responseBufferLimit="0" />
+                <add name="StaticFile" path="*" verb="*" modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule" resourceType="Either" requireAccess="Read" />
+            </handlers>
+        </system.webServer>
+    </location>
+</configuration>
diff --git a/samples/OpenIdConnectSample/Startup.cs b/samples/OpenIdConnectSample/Startup.cs
index 2077d802b..d9e127f2b 100644
--- a/samples/OpenIdConnectSample/Startup.cs
+++ b/samples/OpenIdConnectSample/Startup.cs
@@ -31,8 +31,8 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)
 
             app.UseOpenIdConnectAuthentication(options =>
                 {
-                    options.ClientId = "fe78e0b4-6fe7-47e6-812c-fb75cee266a4";
-                    options.Authority = "https://login.windows.net/cyrano.onmicrosoft.com";
+                    options.ClientId = "ba7651c2-53c2-442a-97c2-3d60ea42f403";
+                    options.Authority = "https://login.windows.net/tushartest.onmicrosoft.com";
                     options.RedirectUri = "http://localhost:42023";
                 });
 
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
index 9353f385c..cb19432e7 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
@@ -1,4 +1,4 @@
-// Copyright (c) .NET Foundation. All rights reserved.
+// Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System;
@@ -47,7 +47,15 @@ public OpenIdConnectAuthenticationMiddleware(
             ConfigureOptions<OpenIdConnectAuthenticationOptions> configureOptions = null)
             : base(next, options, loggerFactory, encoder, configureOptions)
         {
+<<<<<<< HEAD
             if (string.IsNullOrEmpty(Options.SignInScheme) && !string.IsNullOrEmpty(externalOptions.Options.SignInScheme))
+=======
+            _logger = loggerFactory.CreateLogger<OpenIdConnectAuthenticationMiddleware>();
+            DefaultLoggingListener eventListener = new DefaultLoggingListener(_logger);
+            eventListener.EnableEvents(WilsonEventSource.Logger, EventLevel.Informational);
+
+            if (string.IsNullOrWhiteSpace(Options.TokenValidationParameters.AuthenticationType))
+>>>>>>> Adding logging draft.
             {
                 Options.SignInScheme = externalOptions.Options.SignInScheme;
             }
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
index b61834b53..a241852b5 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
@@ -3,8 +3,8 @@
     "description": "ASP.NET 5 middleware that enables an application to support OpenIdConnect authentication workflow.",
     "dependencies": {
         "Microsoft.AspNet.Authentication": "1.0.0-*",
-        "Microsoft.Framework.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" },
-        "Microsoft.IdentityModel.Protocol.Extensions": "2.0.0-beta4-*"
+        "Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" },
+        "Microsoft.IdentityModel.Protocol.Extensions": "2.0.0-beta4"
     },
     "frameworks": {
         "dnx451": {

From 6e32a1910e9a638ac88083fcd0f0f390e450e14e Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Wed, 25 Mar 2015 14:56:22 -0700
Subject: [PATCH 02/19] Hooking up wilson event source to oidc handler.

---
 .../DefaultLoggingListener.cs                 | 47 +++++++++++++++++++
 .../OpenIdConnectAuthenticationMiddleware.cs  | 12 ++++-
 .../OpenIdConnectAuthenticationOptions.cs     |  3 ++
 3 files changed, 60 insertions(+), 2 deletions(-)
 create mode 100644 src/Microsoft.AspNet.Authentication.OpenIdConnect/DefaultLoggingListener.cs

diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/DefaultLoggingListener.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/DefaultLoggingListener.cs
new file mode 100644
index 000000000..b409383d9
--- /dev/null
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/DefaultLoggingListener.cs
@@ -0,0 +1,47 @@
+using System;
+using System.Diagnostics.Tracing;
+using Microsoft.Framework.Logging;
+
+namespace Microsoft.AspNet.Authentication.OpenIdConnect
+{
+    /// <summary>
+    /// Default logging event listener for wilson event source. It logs the data to the target where other Asp.Net logs go.
+    /// </summary>
+    public class DefaultLoggingListener : EventListener
+    {
+        private ILogger _logger;
+
+        public DefaultLoggingListener(ILogger logger)
+        {
+            _logger = logger;
+        }
+
+        protected override void OnEventWritten(EventWrittenEventArgs eventData)
+        {
+            // calling Asp.Net logger to log events
+            _logger.Log(MapEventLevelToLogLevel(eventData.Level), eventData.EventId, eventData.Payload[0], null, null);
+        }
+
+        private LogLevel MapEventLevelToLogLevel(EventLevel level)
+        {
+            LogLevel logLevel = LogLevel.Information;
+
+            switch(level)
+            {
+                case EventLevel.Critical: logLevel = LogLevel.Critical;
+                    break;
+                case EventLevel.Error: logLevel = LogLevel.Error;
+                    break;
+                case EventLevel.Warning: logLevel = LogLevel.Warning;
+                    break;
+                case EventLevel.Informational: logLevel = LogLevel.Information;
+                    break;
+                case EventLevel.Verbose: logLevel = LogLevel.Verbose;
+                    break;
+                case EventLevel.LogAlways: logLevel = LogLevel.Debug;
+                    break;
+            }
+            return logLevel;
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
index cb19432e7..c561e5984 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
@@ -51,8 +51,16 @@ public OpenIdConnectAuthenticationMiddleware(
             if (string.IsNullOrEmpty(Options.SignInScheme) && !string.IsNullOrEmpty(externalOptions.Options.SignInScheme))
 =======
             _logger = loggerFactory.CreateLogger<OpenIdConnectAuthenticationMiddleware>();
-            DefaultLoggingListener eventListener = new DefaultLoggingListener(_logger);
-            eventListener.EnableEvents(WilsonEventSource.Logger, EventLevel.Informational);
+
+            if (Options.WilsonEventSourceListener != null)
+            {
+                Options.WilsonEventSourceListener.EnableEvents(WilsonEventSource.Logger, EventLevel.Informational);
+            }
+            else
+            {
+                DefaultLoggingListener eventListener = new DefaultLoggingListener(_logger);
+                eventListener.EnableEvents(WilsonEventSource.Logger, EventLevel.Error);
+            }
 
             if (string.IsNullOrWhiteSpace(Options.TokenValidationParameters.AuthenticationType))
 >>>>>>> Adding logging draft.
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
index 9e4bfa55d..1419017ed 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
@@ -4,6 +4,7 @@
 using System;
 using System.Collections.Generic;
 using System.Diagnostics.CodeAnalysis;
+using System.Diagnostics.Tracing;
 using System.IdentityModel.Tokens;
 using System.Net.Http;
 using Microsoft.AspNet.Http;
@@ -337,5 +338,7 @@ public bool UseTokenLifetime
             get;
             set;
         }
+
+        public EventListener WilsonEventSourceListener { get; set; }
     }
 }

From 5e076e9c79239f585b5292b89900cf70c3a86aef Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Mon, 30 Mar 2015 17:08:56 -0700
Subject: [PATCH 03/19] Reverting changes to OIDCsample\startup.cs

---
 samples/OpenIdConnectSample/Startup.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/samples/OpenIdConnectSample/Startup.cs b/samples/OpenIdConnectSample/Startup.cs
index d9e127f2b..2077d802b 100644
--- a/samples/OpenIdConnectSample/Startup.cs
+++ b/samples/OpenIdConnectSample/Startup.cs
@@ -31,8 +31,8 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)
 
             app.UseOpenIdConnectAuthentication(options =>
                 {
-                    options.ClientId = "ba7651c2-53c2-442a-97c2-3d60ea42f403";
-                    options.Authority = "https://login.windows.net/tushartest.onmicrosoft.com";
+                    options.ClientId = "fe78e0b4-6fe7-47e6-812c-fb75cee266a4";
+                    options.Authority = "https://login.windows.net/cyrano.onmicrosoft.com";
                     options.RedirectUri = "http://localhost:42023";
                 });
 

From 2b0d0ad8e8d2a9637cc8fa759ff9fe0e57bf7ed8 Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Mon, 30 Mar 2015 17:11:01 -0700
Subject: [PATCH 04/19] Removing the unused file reference

---
 samples/OpenIdConnectSample/Startup.cs | 1 -
 1 file changed, 1 deletion(-)

diff --git a/samples/OpenIdConnectSample/Startup.cs b/samples/OpenIdConnectSample/Startup.cs
index 2077d802b..3c3119b78 100644
--- a/samples/OpenIdConnectSample/Startup.cs
+++ b/samples/OpenIdConnectSample/Startup.cs
@@ -5,7 +5,6 @@
 using Microsoft.AspNet.Authentication.Cookies;
 using Microsoft.AspNet.Authentication.OpenIdConnect;
 using Microsoft.Framework.DependencyInjection;
-using Microsoft.Framework.Logging;
 
 namespace OpenIdConnectSample
 {

From 9fc2eb7c5f395d0dae5e7c2db52794605e272b0e Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Thu, 9 Apr 2015 18:17:03 -0700
Subject: [PATCH 05/19] changing wilsonEventSource to IdentityModelEventSource

---
 .../OpenIdConnectAuthenticationMiddleware.cs          | 11 +++++++----
 .../OpenIdConnectAuthenticationOptions.cs             |  2 +-
 .../project.json                                      |  2 +-
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
index c561e5984..295840376 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
@@ -52,14 +52,15 @@ public OpenIdConnectAuthenticationMiddleware(
 =======
             _logger = loggerFactory.CreateLogger<OpenIdConnectAuthenticationMiddleware>();
 
-            if (Options.WilsonEventSourceListener != null)
+            if (Options.IdentityModelEventSourceListener != null)
             {
-                Options.WilsonEventSourceListener.EnableEvents(WilsonEventSource.Logger, EventLevel.Informational);
+                Options.IdentityModelEventSourceListener.EnableEvents(IdentityModelEventSource.Logger, EventLevel.Informational);
             }
             else
             {
                 DefaultLoggingListener eventListener = new DefaultLoggingListener(_logger);
-                eventListener.EnableEvents(WilsonEventSource.Logger, EventLevel.Error);
+                IdentityModelEventSource.LogLevel = EventLevel.Informational;
+                eventListener.EnableEvents(IdentityModelEventSource.Logger, EventLevel.Informational);
             }
 
             if (string.IsNullOrWhiteSpace(Options.TokenValidationParameters.AuthenticationType))
@@ -169,7 +170,9 @@ private static HttpMessageHandler ResolveHttpMessageHandler(OpenIdConnectAuthent
                 }
                 webRequestHandler.ServerCertificateValidationCallback = options.BackchannelCertificateValidator.Validate;
             }
-#else
+#endif
+
+#if DNXCORE50
                 new WinHttpHandler();
 #endif
             return handler;
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
index 1419017ed..b030ce62e 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
@@ -339,6 +339,6 @@ public bool UseTokenLifetime
             set;
         }
 
-        public EventListener WilsonEventSourceListener { get; set; }
+        public EventListener IdentityModelEventSourceListener { get; set; }
     }
 }
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
index a241852b5..5f8e6d67a 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
@@ -4,7 +4,7 @@
     "dependencies": {
         "Microsoft.AspNet.Authentication": "1.0.0-*",
         "Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" },
-        "Microsoft.IdentityModel.Protocol.Extensions": "2.0.0-beta4"
+        "Microsoft.IdentityModel.Protocol.Extensions": "2.0.0-beta4-*"
     },
     "frameworks": {
         "dnx451": {

From 3d0eb386adb75a81c6d56eeff88a997acafb9c59 Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Tue, 12 May 2015 16:03:16 -0700
Subject: [PATCH 06/19] Adding code only sign in flow

---
 .../OpenIdConnectAuthenticationHandler.cs     | 120 +++++++++++-------
 .../Resources.resx                            |   5 +-
 .../project.json                              |   6 +-
 .../OpenIdConnectHandlerTests.cs              |  30 ++++-
 .../project.json                              |   3 +-
 5 files changed, 112 insertions(+), 52 deletions(-)

diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
index cc132e9bb..33dbeec7e 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
@@ -13,6 +13,11 @@
 using Microsoft.AspNet.Http.Authentication;
 using Microsoft.Framework.Logging;
 using Microsoft.IdentityModel.Protocols;
+using Microsoft.IdentityModel.Clients.ActiveDirectory;
+using System.Net.Http;
+using System.Net.Http.Headers;
+using Newtonsoft.Json;
+using System.Collections.Generic;
 
 namespace Microsoft.AspNet.Authentication.OpenIdConnect
 {
@@ -238,6 +243,7 @@ protected override AuthenticationTicket AuthenticateCore()
         /// <remarks>Uses log id's OIDCH-0000 - OIDCH-0025</remarks>
         protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
         {
+            bool isCodeOnlyFlow = (Options.ResponseType == "code");
             Logger.LogDebug(Resources.OIDCH_0000_AuthenticateCoreAsync, this.GetType());
 
             // Allow login to be constrained to a specific path. Need to make this runtime configurable.
@@ -321,6 +327,45 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                     _configuration = await Options.ConfigurationManager.GetConfigurationAsync(Context.RequestAborted);
                 }
 
+                if (!string.IsNullOrWhiteSpace(message.Code))
+                {
+                    Logger.LogDebug(Resources.OIDCH_0014_CodeReceived, message.Code);
+
+                    var authorizationCodeReceivedNotification = new AuthorizationCodeReceivedNotification(Context, Options)
+                    {
+                        Code = message.Code,
+                        ProtocolMessage = message
+                        //RedirectUri = ticket.Properties.Items.ContainsKey(OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey) ?
+                        //ticket.Properties.Items[OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey] : string.Empty,
+                    };
+
+                    await Options.Notifications.AuthorizationCodeReceived(authorizationCodeReceivedNotification);
+                    if (authorizationCodeReceivedNotification.HandledResponse)
+                    {
+                        Logger.LogInformation(Resources.OIDCH_0015_CodeReceivedNotificationHandledResponse);
+                        return authorizationCodeReceivedNotification.AuthenticationTicket;
+                    }
+
+                    if (authorizationCodeReceivedNotification.Skipped)
+                    {
+                        Logger.LogInformation(Resources.OIDCH_0016_CodeReceivedNotificationSkipped);
+                        return null;
+                    }
+
+                    // Redeeming authorization code for tokens
+                    if (string.IsNullOrWhiteSpace(message.IdToken) && isCodeOnlyFlow)
+                    {
+                        Logger.LogDebug("OIDCH_0037: Id Token is null. Redeeming code : {0} for tokens.", message.Code);
+
+                        var tokens = RedeemAuthorizationCode(message.Code);
+                        // Exchange code for tokens
+                        if (tokens != null)
+                        {
+                            message.IdToken = tokens.IdToken;
+                        }
+                    }
+                }
+
                 // OpenIdConnect protocol allows a Code to be received without the id_token
                 if (!string.IsNullOrWhiteSpace(message.IdToken))
                 {
@@ -429,58 +474,31 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                         return null;
                     }
 
-                    string nonce = jwt.Payload.Nonce;
-                    if (Options.NonceCache != null)
+                    // If id_token is received using code only flow, no need to validate nonce and chash.
+                    if (!isCodeOnlyFlow)
                     {
-                        // if the nonce cannot be removed, it was used
-                        if (!Options.NonceCache.TryRemoveNonce(nonce))
+
+                        string nonce = jwt.Payload.Nonce;
+                        if (Options.NonceCache != null)
                         {
-                            nonce = null;
+                            // if the nonce cannot be removed, it was used
+                            if (!Options.NonceCache.TryRemoveNonce(nonce))
+                            {
+                                nonce = null;
+                            }
+                        }
+                        else
+                        {
+                            nonce = ReadNonceCookie(nonce);
                         }
-                    }
-                    else
-                    {
-                        nonce = ReadNonceCookie(nonce);
-                    }
-
-                    var protocolValidationContext = new OpenIdConnectProtocolValidationContext
-                    {
-                        AuthorizationCode = message.Code,
-                        Nonce = nonce, 
-                    };
-
-                    Options.ProtocolValidator.Validate(jwt, protocolValidationContext);
-                }
-
-                if (message.Code != null)
-                {
-                    Logger.LogDebug(Resources.OIDCH_0014_CodeReceived, message.Code);
-                    if (ticket == null)
-                    {
-                        ticket = new AuthenticationTicket(properties, Options.AuthenticationScheme);
-                    }
-
-                    var authorizationCodeReceivedNotification = new AuthorizationCodeReceivedNotification(Context, Options)
-                    {
-                        AuthenticationTicket = ticket,
-                        Code = message.Code,
-                        JwtSecurityToken = jwt,
-                        ProtocolMessage = message,
-                        RedirectUri = ticket.Properties.Items.ContainsKey(OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey) ?
-                                      ticket.Properties.Items[OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey] : string.Empty,
-                    };
 
-                    await Options.Notifications.AuthorizationCodeReceived(authorizationCodeReceivedNotification);
-                    if (authorizationCodeReceivedNotification.HandledResponse)
-                    {
-                        Logger.LogInformation(Resources.OIDCH_0015_CodeReceivedNotificationHandledResponse);
-                        return authorizationCodeReceivedNotification.AuthenticationTicket;
-                    }
+                        var protocolValidationContext = new OpenIdConnectProtocolValidationContext
+                        {
+                            AuthorizationCode = message.Code,
+                            Nonce = nonce,
+                        };
 
-                    if (authorizationCodeReceivedNotification.Skipped)
-                    {
-                        Logger.LogInformation(Resources.OIDCH_0016_CodeReceivedNotificationSkipped);
-                        return null;
+                        Options.ProtocolValidator.Validate(jwt, protocolValidationContext);
                     }
                 }
 
@@ -520,6 +538,14 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
             }
         }
 
+        protected virtual IdentityModel.Clients.ActiveDirectory.AuthenticationResult RedeemAuthorizationCode(string authorizationCode)
+        {
+            AuthenticationContext authContext = new AuthenticationContext(Options.Authority, false);
+            ClientCredential credential = new ClientCredential(Options.ClientId, Options.ClientSecret);
+            var tokens = authContext.AcquireTokenByAuthorizationCodeAsync(authorizationCode, new Uri(Options.RedirectUri), credential).GetAwaiter().GetResult();
+            return tokens;
+        }
+
         /// <summary>
         /// Adds the nonce to <see cref="HttpResponse.Cookies"/>.
         /// </summary>
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx
index 454dae209..11a859cec 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx
@@ -222,4 +222,7 @@
   <data name="OIDCH_0020_IdTokenReceived" xml:space="preserve">
     <value>OIDCH_0020: 'id_token' received: '{0}'</value>
   </data>
-</root>
+  <data name="OIDCH_0037_Redeeming_Auth_Code" xml:space="preserve">
+    <value>OIDCH_0037: Id Token is null. Redeeming code : {0} for tokens.</value>
+  </data>
+</root>
\ No newline at end of file
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
index 5f8e6d67a..f7bd6d351 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
@@ -4,7 +4,11 @@
     "dependencies": {
         "Microsoft.AspNet.Authentication": "1.0.0-*",
         "Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" },
-        "Microsoft.IdentityModel.Protocol.Extensions": "2.0.0-beta4-*"
+        "Microsoft.IdentityModel.Protocol.Extensions": "2.0.0-beta4-*",
+        "Microsoft.IdentityModel.Clients.ActiveDirectory": "3.1.204222344-alpha",
+        "System.Threading.Tasks": "4.0.10-beta-*",
+        "System.Runtime": "4.0.20-beta-*"
+
     },
     "frameworks": {
         "dnx451": {
diff --git a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
index 183ae6018..29e5ef3cd 100644
--- a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
+++ b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
@@ -62,6 +62,7 @@ static OpenIdConnectHandlerTests()
                     { "OIDCH_0019:", LogLevel.Debug },
                     { "OIDCH_0020:", LogLevel.Debug },
                     { "OIDCH_0026:", LogLevel.Error },
+                    { "OIDCH_0037:", LogLevel.Debug }
                 };
 
             BuildLogEntryList();
@@ -151,12 +152,16 @@ public async Task AuthenticateCore()
             logsEntriesExpected = new int[] { 3 };
             await RunVariation(LogLevel.Information, message, MessageReceivedSkippedOptions, errors, logsEntriesExpected);
 
-            logsEntriesExpected = new int[] {0, 1, 7, 20, 8 };
+            logsEntriesExpected = new int[] {0, 1, 7, 14, 20, 8 };
             await RunVariation(LogLevel.Debug, message, SecurityTokenReceivedHandledOptions, errors, logsEntriesExpected);
 
-            logsEntriesExpected = new int[] {0, 1, 7, 20, 9 };
+            logsEntriesExpected = new int[] {0, 1, 7, 14, 20, 9 };
             await RunVariation(LogLevel.Debug, message, SecurityTokenReceivedSkippedOptions, errors, logsEntriesExpected);
 
+            message.IdToken = null;
+            logsEntriesExpected = new int[] { 0, 1, 7, 14, 22, 20, 8};
+            await RunVariation(LogLevel.Debug, message, CodeReceivedAndRedeemedHandledOptions, errors, logsEntriesExpected);
+
 #if _Verbose
             Console.WriteLine("\n ===== \n");
             DisplayErrors(errors);
@@ -317,6 +322,21 @@ private static void CodeReceivedHandledOptions(OpenIdConnectAuthenticationOption
                 };
         }
 
+        private static void CodeReceivedAndRedeemedHandledOptions(OpenIdConnectAuthenticationOptions options)
+        {
+            DefaultOptions(options);
+            options.ResponseType = "code";
+            options.Notifications =
+                new OpenIdConnectAuthenticationNotifications
+                {
+                    SecurityTokenReceived = (notification) =>
+                    {
+                        notification.HandleResponse();
+                        return Task.FromResult<object>(null);
+                    }
+                };
+        }
+
         private static void CodeReceivedSkippedOptions(OpenIdConnectAuthenticationOptions options)
         {
             DefaultOptions(options);
@@ -336,6 +356,7 @@ private static void DefaultOptions(OpenIdConnectAuthenticationOptions options)
             options.AuthenticationScheme = "OpenIdConnectHandlerTest";
             options.ConfigurationManager = ConfigurationManager.DefaultStaticConfigurationManager;
             options.StateDataFormat = new AuthenticationPropertiesFormater();
+
         }
 
         private static void MessageReceivedHandledOptions(OpenIdConnectAuthenticationOptions options)
@@ -570,6 +591,11 @@ protected override async Task ApplyResponseChallengeAsync()
 
             await Options.Notifications.RedirectToIdentityProvider(redirectToIdentityProviderNotification);
         }
+
+        protected override IdentityModel.Clients.ActiveDirectory.AuthenticationResult RedeemAuthorizationCode(string authorizationCode)
+        {
+            return null;
+        }
     }
 
     /// <summary>
diff --git a/test/Microsoft.AspNet.Authentication.Test/project.json b/test/Microsoft.AspNet.Authentication.Test/project.json
index c7f594c4f..e91c82ef9 100644
--- a/test/Microsoft.AspNet.Authentication.Test/project.json
+++ b/test/Microsoft.AspNet.Authentication.Test/project.json
@@ -13,7 +13,8 @@
         "Microsoft.AspNet.DataProtection": "1.0.0-*",
         "Microsoft.AspNet.TestHost": "1.0.0-*",
         "Moq": "4.2.1312.1622",
-        "xunit.runner.aspnet": "2.0.0-aspnet-*"
+        "xunit.runner.aspnet": "2.0.0-aspnet-*",
+        "Microsoft.IdentityModel.Clients.ActiveDirectory": "3.1.204222344-alpha"
     },
     "commands": {
         "test": "xunit.runner.aspnet"

From 719e66e3f97bf8653bd46223d62e5f80b036bf55 Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Wed, 13 May 2015 09:57:36 -0700
Subject: [PATCH 07/19] Fixing the test case for code redemption

---
 .../OpenIdConnectAuthenticationHandler.cs              | 10 +++++-----
 .../OpenIdConnect/OpenIdConnectHandlerTests.cs         |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
index 33dbeec7e..34d9329c5 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
@@ -1,4 +1,4 @@
-// Copyright (c) .NET Foundation. All rights reserved.
+// Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System;
@@ -334,9 +334,9 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                     var authorizationCodeReceivedNotification = new AuthorizationCodeReceivedNotification(Context, Options)
                     {
                         Code = message.Code,
-                        ProtocolMessage = message
-                        //RedirectUri = ticket.Properties.Items.ContainsKey(OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey) ?
-                        //ticket.Properties.Items[OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey] : string.Empty,
+                        ProtocolMessage = message,
+                        RedirectUri = properties.Items.ContainsKey(OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey) ? 
+                                      properties.Items[OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey] : string.Empty,
                     };
 
                     await Options.Notifications.AuthorizationCodeReceived(authorizationCodeReceivedNotification);
@@ -355,7 +355,7 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                     // Redeeming authorization code for tokens
                     if (string.IsNullOrWhiteSpace(message.IdToken) && isCodeOnlyFlow)
                     {
-                        Logger.LogDebug("OIDCH_0037: Id Token is null. Redeeming code : {0} for tokens.", message.Code);
+                        Logger.LogDebug(Resources.OIDCH_0037_Redeeming_Auth_Code, message.Code);
 
                         var tokens = RedeemAuthorizationCode(message.Code);
                         // Exchange code for tokens
diff --git a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
index 29e5ef3cd..88ca9c7d0 100644
--- a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
+++ b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
@@ -1,4 +1,4 @@
-// Copyright (c) .NET Foundation. All rights reserved.
+// Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 // this controls if the logs are written to the console.
@@ -159,7 +159,7 @@ public async Task AuthenticateCore()
             await RunVariation(LogLevel.Debug, message, SecurityTokenReceivedSkippedOptions, errors, logsEntriesExpected);
 
             message.IdToken = null;
-            logsEntriesExpected = new int[] { 0, 1, 7, 14, 22, 20, 8};
+            logsEntriesExpected = new int[] { 0, 1, 7, 14, 22};
             await RunVariation(LogLevel.Debug, message, CodeReceivedAndRedeemedHandledOptions, errors, logsEntriesExpected);
 
 #if _Verbose

From f3d44a946876c6b6df05a8fd19968bfc151bc808 Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Wed, 13 May 2015 10:17:48 -0700
Subject: [PATCH 08/19] Adding code only response type constant

---
 .../OpenIdConnectAuthenticationHandler.cs                     | 2 +-
 .../OpenIdConnectAuthenticationMiddleware.cs                  | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
index 34d9329c5..1d5a168d5 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
@@ -243,7 +243,7 @@ protected override AuthenticationTicket AuthenticateCore()
         /// <remarks>Uses log id's OIDCH-0000 - OIDCH-0025</remarks>
         protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
         {
-            bool isCodeOnlyFlow = (Options.ResponseType == "code");
+            bool isCodeOnlyFlow = (Options.ResponseType == OpenIdConnectConstants.Code);
             Logger.LogDebug(Resources.OIDCH_0000_AuthenticateCoreAsync, this.GetType());
 
             // Allow login to be constrained to a specific path. Need to make this runtime configurable.
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
index 295840376..d25827700 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
@@ -170,9 +170,7 @@ private static HttpMessageHandler ResolveHttpMessageHandler(OpenIdConnectAuthent
                 }
                 webRequestHandler.ServerCertificateValidationCallback = options.BackchannelCertificateValidator.Validate;
             }
-#endif
-
-#if DNXCORE50
+#else
                 new WinHttpHandler();
 #endif
             return handler;

From 8e5c49a9e9c18bbc8de379902d667c737462eeea Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Wed, 13 May 2015 13:26:24 -0700
Subject: [PATCH 09/19] Correcting the constant name

---
 .../OpenIdConnectAuthenticationHandler.cs     | 46 ++++++++++---------
 1 file changed, 24 insertions(+), 22 deletions(-)

diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
index 1d5a168d5..4e1072313 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
@@ -243,7 +243,7 @@ protected override AuthenticationTicket AuthenticateCore()
         /// <remarks>Uses log id's OIDCH-0000 - OIDCH-0025</remarks>
         protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
         {
-            bool isCodeOnlyFlow = (Options.ResponseType == OpenIdConnectConstants.Code);
+            bool isCodeOnlyFlow = (Options.ResponseType == OpenIdConnectResponseTypes.CodeOnly);
             Logger.LogDebug(Resources.OIDCH_0000_AuthenticateCoreAsync, this.GetType());
 
             // Allow login to be constrained to a specific path. Need to make this runtime configurable.
@@ -474,32 +474,34 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                         return null;
                     }
 
-                    // If id_token is received using code only flow, no need to validate nonce and chash.
-                    if (!isCodeOnlyFlow)
-                    {
 
-                        string nonce = jwt.Payload.Nonce;
-                        if (Options.NonceCache != null)
-                        {
-                            // if the nonce cannot be removed, it was used
-                            if (!Options.NonceCache.TryRemoveNonce(nonce))
-                            {
-                                nonce = null;
-                            }
-                        }
-                        else
+                    string nonce = jwt.Payload.Nonce;
+                    if (Options.NonceCache != null)
+                    {
+                        // if the nonce cannot be removed, it was used
+                        if (!Options.NonceCache.TryRemoveNonce(nonce))
                         {
-                            nonce = ReadNonceCookie(nonce);
+                            nonce = null;
                         }
+                    }
+                    else
+                    {
+                        nonce = ReadNonceCookie(nonce);
+                    }
 
-                        var protocolValidationContext = new OpenIdConnectProtocolValidationContext
-                        {
-                            AuthorizationCode = message.Code,
-                            Nonce = nonce,
-                        };
-
-                        Options.ProtocolValidator.Validate(jwt, protocolValidationContext);
+                    var protocolValidationContext = new OpenIdConnectProtocolValidationContext
+                    {
+                        AuthorizationCode = message.Code,
+                        Nonce = nonce,
+                    };
+                    
+                    // If id_token is received using code only flow, no need to validate chash and also it is not returned in the response. Setting authorizationCode to null will skip the validation of chash.
+                    if (isCodeOnlyFlow)
+                    {
+                        protocolValidationContext.AuthorizationCode = null;
                     }
+
+                    Options.ProtocolValidator.Validate(jwt, protocolValidationContext);
                 }
 
                 return ticket;

From 9c94b490dcf9453267a2461dee5605a52f4372e9 Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Wed, 13 May 2015 13:29:48 -0700
Subject: [PATCH 10/19] replacing string with constant variable for code only
 flow reponse type value

---
 .../OpenIdConnect/OpenIdConnectHandlerTests.cs                  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
index 88ca9c7d0..900906d24 100644
--- a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
+++ b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
@@ -325,7 +325,7 @@ private static void CodeReceivedHandledOptions(OpenIdConnectAuthenticationOption
         private static void CodeReceivedAndRedeemedHandledOptions(OpenIdConnectAuthenticationOptions options)
         {
             DefaultOptions(options);
-            options.ResponseType = "code";
+            options.ResponseType = OpenIdConnectResponseTypes.CodeOnly;
             options.Notifications =
                 new OpenIdConnectAuthenticationNotifications
                 {

From d430b5d50db1b4ccb01bb189c1d99b1b6bb3d395 Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Thu, 14 May 2015 08:35:05 -0700
Subject: [PATCH 11/19] Adding .designer.cs file

---
 .../Resources.Designer.cs                                 | 8 ++++++++
 .../project.json                                          | 2 +-
 test/Microsoft.AspNet.Authentication.Test/project.json    | 2 +-
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs
index b95de8318..26841458e 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs
@@ -172,6 +172,14 @@ internal static string OIDCH_0036_UriIsNotWellFormed
             get { return ResourceManager.GetString("OIDCH_0036_UriIsNotWellFormed"); }
         }
 
+        /// <summary>
+        /// OIDCH_0037: Id Token is null. Redeeming code : {0} for tokens.
+        /// </summary>
+        internal static string OIDCH_0037_Redeeming_Auth_Code
+        {
+            get { return ResourceManager.GetString("OIDCH_0037_Redeeming_Auth_Code"); }
+        }
+
         /// <summary>
         /// OIDCH_0000: Entering: '{0}'.
         /// </summary>
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
index f7bd6d351..6cef4d281 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
@@ -5,7 +5,7 @@
         "Microsoft.AspNet.Authentication": "1.0.0-*",
         "Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" },
         "Microsoft.IdentityModel.Protocol.Extensions": "2.0.0-beta4-*",
-        "Microsoft.IdentityModel.Clients.ActiveDirectory": "3.1.204222344-alpha",
+        "Microsoft.IdentityModel.Clients.ActiveDirectory": "3.3.205132343-alpha",
         "System.Threading.Tasks": "4.0.10-beta-*",
         "System.Runtime": "4.0.20-beta-*"
 
diff --git a/test/Microsoft.AspNet.Authentication.Test/project.json b/test/Microsoft.AspNet.Authentication.Test/project.json
index e91c82ef9..4a549dd04 100644
--- a/test/Microsoft.AspNet.Authentication.Test/project.json
+++ b/test/Microsoft.AspNet.Authentication.Test/project.json
@@ -14,7 +14,7 @@
         "Microsoft.AspNet.TestHost": "1.0.0-*",
         "Moq": "4.2.1312.1622",
         "xunit.runner.aspnet": "2.0.0-aspnet-*",
-        "Microsoft.IdentityModel.Clients.ActiveDirectory": "3.1.204222344-alpha"
+        "Microsoft.IdentityModel.Clients.ActiveDirectory": "3.3.205132343-alpha"
     },
     "commands": {
         "test": "xunit.runner.aspnet"

From c3b28a92f87f20ba93c6d6c3e1631bfdbe4f3fcf Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Mon, 18 May 2015 23:45:08 -0700
Subject: [PATCH 12/19] Removing adal dependency and addressing some github
 comments

---
 .../TokenResponse.cs                          |  2 +
 .../OpenIdConnectAuthenticationHandler.cs     | 42 +++++++++++++------
 .../OpenIdConnectAuthenticationMiddleware.cs  | 22 +++++++---
 .../OpenIdConnectAuthenticationOptions.cs     |  2 -
 .../project.json                              |  7 +++-
 .../OpenIdConnectHandlerTests.cs              |  3 +-
 6 files changed, 55 insertions(+), 23 deletions(-)

diff --git a/src/Microsoft.AspNet.Authentication.OAuth/TokenResponse.cs b/src/Microsoft.AspNet.Authentication.OAuth/TokenResponse.cs
index 5bcb80ad8..04dffa0fc 100644
--- a/src/Microsoft.AspNet.Authentication.OAuth/TokenResponse.cs
+++ b/src/Microsoft.AspNet.Authentication.OAuth/TokenResponse.cs
@@ -14,6 +14,7 @@ public TokenResponse(JObject response)
             TokenType = response.Value<string>("token_type");
             RefreshToken = response.Value<string>("refresh_token");
             ExpiresIn = response.Value<string>("expires_in");
+            IdToken = response.Value<string>("id_token");
         }
 
         public JObject Response { get; set; }
@@ -21,5 +22,6 @@ public TokenResponse(JObject response)
         public string TokenType { get; set; }
         public string RefreshToken { get; set; }
         public string ExpiresIn { get; set; }
+        public string IdToken { get; set; }
     }
 }
\ No newline at end of file
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
index 4e1072313..213d493b8 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
@@ -2,22 +2,21 @@
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System;
+using System.Collections.Generic;
 using System.Globalization;
 using System.IdentityModel.Tokens;
 using System.IO;
 using System.Linq;
+using System.Net.Http;
 using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNet.Authentication.Notifications;
+using Microsoft.AspNet.Authentication.OAuth;
 using Microsoft.AspNet.Http;
 using Microsoft.AspNet.Http.Authentication;
 using Microsoft.Framework.Logging;
 using Microsoft.IdentityModel.Protocols;
-using Microsoft.IdentityModel.Clients.ActiveDirectory;
-using System.Net.Http;
-using System.Net.Http.Headers;
-using Newtonsoft.Json;
-using System.Collections.Generic;
+using Newtonsoft.Json.Linq;
 
 namespace Microsoft.AspNet.Authentication.OpenIdConnect
 {
@@ -43,6 +42,13 @@ private string CurrentUri
             }
         }
 
+        protected HttpClient Backchannel { get; private set; }
+
+        public OpenIdConnectAuthenticationHandler(HttpClient backchannel)
+        {
+            Backchannel = backchannel;
+        }
+
         protected override void ApplyResponseGrant()
         {
             ApplyResponseGrantAsync().GetAwaiter().GetResult();
@@ -243,7 +249,7 @@ protected override AuthenticationTicket AuthenticateCore()
         /// <remarks>Uses log id's OIDCH-0000 - OIDCH-0025</remarks>
         protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
         {
-            bool isCodeOnlyFlow = (Options.ResponseType == OpenIdConnectResponseTypes.CodeOnly);
+            var isCodeOnlyFlow = (Options.ResponseType == OpenIdConnectResponseTypes.CodeOnly);
             Logger.LogDebug(Resources.OIDCH_0000_AuthenticateCoreAsync, this.GetType());
 
             // Allow login to be constrained to a specific path. Need to make this runtime configurable.
@@ -357,7 +363,7 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                     {
                         Logger.LogDebug(Resources.OIDCH_0037_Redeeming_Auth_Code, message.Code);
 
-                        var tokens = RedeemAuthorizationCode(message.Code);
+                        var tokens = await RedeemAuthorizationCode(message.Code);
                         // Exchange code for tokens
                         if (tokens != null)
                         {
@@ -474,7 +480,6 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                         return null;
                     }
 
-
                     string nonce = jwt.Payload.Nonce;
                     if (Options.NonceCache != null)
                     {
@@ -540,12 +545,23 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
             }
         }
 
-        protected virtual IdentityModel.Clients.ActiveDirectory.AuthenticationResult RedeemAuthorizationCode(string authorizationCode)
+        protected virtual async Task<TokenResponse> RedeemAuthorizationCode(string authorizationCode)
         {
-            AuthenticationContext authContext = new AuthenticationContext(Options.Authority, false);
-            ClientCredential credential = new ClientCredential(Options.ClientId, Options.ClientSecret);
-            var tokens = authContext.AcquireTokenByAuthorizationCodeAsync(authorizationCode, new Uri(Options.RedirectUri), credential).GetAwaiter().GetResult();
-            return tokens;
+            var tokenRequestParameters = new Dictionary<string, string>()
+            {
+                { "client_id", Options.ClientId },
+                { "redirect_uri", Options.RedirectUri },
+                { "client_secret", Options.ClientSecret },
+                { "code", authorizationCode },
+                { "grant_type", "authorization_code" },
+            };
+            var requestMessage = new HttpRequestMessage(HttpMethod.Post, _configuration.TokenEndpoint);
+            requestMessage.Content = new FormUrlEncodedContent(tokenRequestParameters);
+            var responseMessage = await Backchannel.SendAsync(requestMessage);
+            responseMessage.EnsureSuccessStatusCode();
+            var tokenResonse = await responseMessage.Content.ReadAsStringAsync();
+            JObject jsonTokenResponse = JObject.Parse(tokenResonse);
+            return new TokenResponse(jsonTokenResponse);
         }
 
         /// <summary>
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
index d25827700..27a0b5d96 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
@@ -4,6 +4,7 @@
 using System;
 using System.Collections.ObjectModel;
 using System.Diagnostics.CodeAnalysis;
+using System.Diagnostics.Tracing;
 using System.IdentityModel.Tokens;
 using System.Net.Http;
 using System.Text;
@@ -13,10 +14,10 @@
 using Microsoft.AspNet.Builder;
 using Microsoft.AspNet.DataProtection;
 using Microsoft.AspNet.Http;
+using Microsoft.Framework.Internal;
 using Microsoft.Framework.Logging;
 using Microsoft.Framework.OptionsModel;
 using Microsoft.IdentityModel.Protocols;
-using Microsoft.Framework.Internal;
 using Microsoft.Framework.WebEncoders;
 
 namespace Microsoft.AspNet.Authentication.OpenIdConnect
@@ -47,6 +48,7 @@ public OpenIdConnectAuthenticationMiddleware(
             ConfigureOptions<OpenIdConnectAuthenticationOptions> configureOptions = null)
             : base(next, options, loggerFactory, encoder, configureOptions)
         {
+<<<<<<< HEAD
 <<<<<<< HEAD
             if (string.IsNullOrEmpty(Options.SignInScheme) && !string.IsNullOrEmpty(externalOptions.Options.SignInScheme))
 =======
@@ -62,6 +64,10 @@ public OpenIdConnectAuthenticationMiddleware(
                 IdentityModelEventSource.LogLevel = EventLevel.Informational;
                 eventListener.EnableEvents(IdentityModelEventSource.Logger, EventLevel.Informational);
             }
+=======
+            var eventListener = new DefaultIdentityModelLoggingListener(Logger);
+            eventListener.EnableEvents(IdentityModelEventSource.Logger, EventLevel.Informational);
+>>>>>>> Removing adal dependency and addressing some github comments
 
             if (string.IsNullOrWhiteSpace(Options.TokenValidationParameters.AuthenticationType))
 >>>>>>> Adding logging draft.
@@ -117,6 +123,11 @@ public OpenIdConnectAuthenticationMiddleware(
                 Options.TokenValidationParameters.ValidAudience = Options.ClientId;
             }
 
+            Backchannel = new HttpClient(ResolveHttpMessageHandler(Options));
+            Backchannel.DefaultRequestHeaders.UserAgent.ParseAdd("Microsoft ASP.NET OAuth middleware");
+            Backchannel.Timeout = Options.BackchannelTimeout;
+            Backchannel.MaxResponseContentBufferSize = 1024 * 1024 * 10; // 10 MB
+
             if (Options.ConfigurationManager == null)
             {
                 if (Options.Configuration != null)
@@ -136,21 +147,20 @@ public OpenIdConnectAuthenticationMiddleware(
                         Options.MetadataAddress += ".well-known/openid-configuration";
                     }
 
-                    var httpClient = new HttpClient(ResolveHttpMessageHandler(Options));
-                    httpClient.Timeout = Options.BackchannelTimeout;
-                    httpClient.MaxResponseContentBufferSize = 1024 * 1024 * 10; // 10 MB
-                    Options.ConfigurationManager = new ConfigurationManager<OpenIdConnectConfiguration>(Options.MetadataAddress, httpClient);
+                    Options.ConfigurationManager = new ConfigurationManager<OpenIdConnectConfiguration>(Options.MetadataAddress, Backchannel);
                 }
             }
         }
 
+        protected HttpClient Backchannel { get; private set; }
+
         /// <summary>
         /// Provides the <see cref="AuthenticationHandler"/> object for processing authentication-related requests.
         /// </summary>
         /// <returns>An <see cref="AuthenticationHandler"/> configured with the <see cref="OpenIdConnectAuthenticationOptions"/> supplied to the constructor.</returns>
         protected override AuthenticationHandler<OpenIdConnectAuthenticationOptions> CreateHandler()
         {
-            return new OpenIdConnectAuthenticationHandler();
+            return new OpenIdConnectAuthenticationHandler(Backchannel);
         }
 
         [SuppressMessage("Microsoft.Reliability", "CA2000:Dispose objects before losing scope", Justification = "Managed by caller")]
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
index b030ce62e..1a96cdc9f 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
@@ -338,7 +338,5 @@ public bool UseTokenLifetime
             get;
             set;
         }
-
-        public EventListener IdentityModelEventSourceListener { get; set; }
     }
 }
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
index 6cef4d281..b15f7bc89 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
@@ -5,10 +5,15 @@
         "Microsoft.AspNet.Authentication": "1.0.0-*",
         "Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" },
         "Microsoft.IdentityModel.Protocol.Extensions": "2.0.0-beta4-*",
-        "Microsoft.IdentityModel.Clients.ActiveDirectory": "3.3.205132343-alpha",
         "System.Threading.Tasks": "4.0.10-beta-*",
+<<<<<<< HEAD
         "System.Runtime": "4.0.20-beta-*"
 
+=======
+        "System.Runtime": "4.0.20-beta-*",
+        "Microsoft.Framework.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" },
+        "Microsoft.AspNet.Authentication.OAuth": "1.0.0-*"
+>>>>>>> Removing adal dependency and addressing some github comments
     },
     "frameworks": {
         "dnx451": {
diff --git a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
index 900906d24..eabd94af6 100644
--- a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
+++ b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
@@ -10,6 +10,7 @@
 using System.Net.Http;
 using System.Threading.Tasks;
 using Microsoft.AspNet.Authentication.Notifications;
+using Microsoft.AspNet.Authentication.OAuth;
 using Microsoft.AspNet.Authentication.OpenIdConnect;
 using Microsoft.AspNet.Builder;
 using Microsoft.AspNet.DataProtection;
@@ -592,7 +593,7 @@ protected override async Task ApplyResponseChallengeAsync()
             await Options.Notifications.RedirectToIdentityProvider(redirectToIdentityProviderNotification);
         }
 
-        protected override IdentityModel.Clients.ActiveDirectory.AuthenticationResult RedeemAuthorizationCode(string authorizationCode)
+        protected override async Task<TokenResponse> RedeemAuthorizationCode(string authorizationCode)
         {
             return null;
         }

From c6f45baa9262bea8440e1752c6d64377e67c7f2c Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Fri, 22 May 2015 10:19:30 -0700
Subject: [PATCH 13/19] retrieving claims from userinfo endpoint

---
 .../OpenIdConnectAuthenticationHandler.cs     | 150 ++++++++++++------
 .../OpenIdConnectAuthenticationOptions.cs     |   6 +
 .../Resources.Designer.cs                     |   8 +
 .../Resources.resx                            |   3 +
 .../OpenIdConnectHandlerTests.cs              |   4 +-
 .../project.json                              |   3 +-
 6 files changed, 126 insertions(+), 48 deletions(-)

diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
index 213d493b8..cc7b1ec4f 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
@@ -8,6 +8,7 @@
 using System.IO;
 using System.Linq;
 using System.Net.Http;
+using System.Net.Http.Headers;
 using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNet.Authentication.Notifications;
@@ -250,6 +251,7 @@ protected override AuthenticationTicket AuthenticateCore()
         protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
         {
             var isCodeOnlyFlow = (Options.ResponseType == OpenIdConnectResponseTypes.CodeOnly);
+            OpenIdConnectMessage tokens = null;
             Logger.LogDebug(Resources.OIDCH_0000_AuthenticateCoreAsync, this.GetType());
 
             // Allow login to be constrained to a specific path. Need to make this runtime configurable.
@@ -333,42 +335,15 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                     _configuration = await Options.ConfigurationManager.GetConfigurationAsync(Context.RequestAborted);
                 }
 
-                if (!string.IsNullOrWhiteSpace(message.Code))
+                // Redeeming authorization code for tokens
+                if (string.IsNullOrWhiteSpace(message.IdToken) && isCodeOnlyFlow)
                 {
-                    Logger.LogDebug(Resources.OIDCH_0014_CodeReceived, message.Code);
-
-                    var authorizationCodeReceivedNotification = new AuthorizationCodeReceivedNotification(Context, Options)
-                    {
-                        Code = message.Code,
-                        ProtocolMessage = message,
-                        RedirectUri = properties.Items.ContainsKey(OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey) ? 
-                                      properties.Items[OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey] : string.Empty,
-                    };
-
-                    await Options.Notifications.AuthorizationCodeReceived(authorizationCodeReceivedNotification);
-                    if (authorizationCodeReceivedNotification.HandledResponse)
-                    {
-                        Logger.LogInformation(Resources.OIDCH_0015_CodeReceivedNotificationHandledResponse);
-                        return authorizationCodeReceivedNotification.AuthenticationTicket;
-                    }
-
-                    if (authorizationCodeReceivedNotification.Skipped)
-                    {
-                        Logger.LogInformation(Resources.OIDCH_0016_CodeReceivedNotificationSkipped);
-                        return null;
-                    }
+                    Logger.LogDebug(Resources.OIDCH_0037_Redeeming_Auth_Code, message.Code);
 
-                    // Redeeming authorization code for tokens
-                    if (string.IsNullOrWhiteSpace(message.IdToken) && isCodeOnlyFlow)
+                    tokens = await RedeemAuthorizationCode(message.Code);
+                    if (tokens != null)
                     {
-                        Logger.LogDebug(Resources.OIDCH_0037_Redeeming_Auth_Code, message.Code);
-
-                        var tokens = await RedeemAuthorizationCode(message.Code);
-                        // Exchange code for tokens
-                        if (tokens != null)
-                        {
-                            message.IdToken = tokens.IdToken;
-                        }
+                        message.IdToken = tokens.IdToken;
                     }
                 }
 
@@ -460,6 +435,11 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                         }
                     }
 
+                    if (Options.GetClaimsFromUserInfoEndpoint)
+                    {
+                        ticket = await GetUserInformationAsync(properties, tokens, ticket);
+                    }
+
                     var securityTokenValidatedNotification =
                         new SecurityTokenValidatedNotification<OpenIdConnectMessage, OpenIdConnectAuthenticationOptions>(Context, Options)
                         {
@@ -500,7 +480,7 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                         Nonce = nonce,
                     };
                     
-                    // If id_token is received using code only flow, no need to validate chash and also it is not returned in the response. Setting authorizationCode to null will skip the validation of chash.
+                    // If id_token is received using code only flow, no need to validate chash as it is not returned in the response. Setting authorizationCode to null will skip the validation of chash.
                     if (isCodeOnlyFlow)
                     {
                         protocolValidationContext.AuthorizationCode = null;
@@ -509,7 +489,39 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                     Options.ProtocolValidator.Validate(jwt, protocolValidationContext);
                 }
 
-                return ticket;
+                if (message.Code != null)
+                {
+                    Logger.LogDebug(Resources.OIDCH_0014_CodeReceived, message.Code);
+                    if (ticket == null)
+                    {
+                        ticket = new AuthenticationTicket(properties, Options.AuthenticationScheme);
+                    }
+
+                    var authorizationCodeReceivedNotification = new AuthorizationCodeReceivedNotification(Context, Options)
+                    {
+                        AuthenticationTicket = ticket,
+                        Code = message.Code,
+                        JwtSecurityToken = jwt,
+                        ProtocolMessage = message,
+                        RedirectUri = ticket.Properties.Items.ContainsKey(OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey) ?
+                                      ticket.Properties.Items[OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey] : string.Empty,
+                    };
+
+                    await Options.Notifications.AuthorizationCodeReceived(authorizationCodeReceivedNotification);
+                    if (authorizationCodeReceivedNotification.HandledResponse)
+                    {
+                        Logger.LogInformation(Resources.OIDCH_0015_CodeReceivedNotificationHandledResponse);
+                        return authorizationCodeReceivedNotification.AuthenticationTicket;
+                    }
+
+                    if (authorizationCodeReceivedNotification.Skipped)
+                    {
+                        Logger.LogInformation(Resources.OIDCH_0016_CodeReceivedNotificationSkipped);
+                        return null;
+                    }
+                }
+
+            return ticket;
             }
             catch (Exception exception)
             {
@@ -545,23 +557,71 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
             }
         }
 
-        protected virtual async Task<TokenResponse> RedeemAuthorizationCode(string authorizationCode)
+        protected virtual async Task<OpenIdConnectMessage> RedeemAuthorizationCode(string authorizationCode)
         {
-            var tokenRequestParameters = new Dictionary<string, string>()
+            var openIdMessage = new OpenIdConnectMessage()
             {
-                { "client_id", Options.ClientId },
-                { "redirect_uri", Options.RedirectUri },
-                { "client_secret", Options.ClientSecret },
-                { "code", authorizationCode },
-                { "grant_type", "authorization_code" },
+                ClientId = Options.ClientId,
+                ClientSecret = Options.ClientSecret,
+                Code = authorizationCode,
+                GrantType = "authorization_code",
+                RedirectUri = Options.RedirectUri
             };
+
             var requestMessage = new HttpRequestMessage(HttpMethod.Post, _configuration.TokenEndpoint);
-            requestMessage.Content = new FormUrlEncodedContent(tokenRequestParameters);
+            requestMessage.Content = new FormUrlEncodedContent(openIdMessage.Parameters);
             var responseMessage = await Backchannel.SendAsync(requestMessage);
             responseMessage.EnsureSuccessStatusCode();
             var tokenResonse = await responseMessage.Content.ReadAsStringAsync();
-            JObject jsonTokenResponse = JObject.Parse(tokenResonse);
-            return new TokenResponse(jsonTokenResponse);
+            var jsonTokenResponse = JObject.Parse(tokenResonse);
+            return new OpenIdConnectMessage()
+            {
+                AccessToken = jsonTokenResponse.Value<string>("access_token"),
+                IdToken = jsonTokenResponse.Value<string>("id_token"),
+                TokenType = jsonTokenResponse.Value<string>("token_type"),
+                ExpiresIn = jsonTokenResponse.Value<string>("expires_in")
+            };
+        }
+
+        protected virtual async Task<AuthenticationTicket> GetUserInformationAsync(AuthenticationProperties properties, OpenIdConnectMessage message, AuthenticationTicket ticket)
+        {
+            var requestMessage = new HttpRequestMessage(HttpMethod.Get, _configuration.UserInfoEndpoint);
+            requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Bearer", message.AccessToken);
+            var responseMessage = await Backchannel.SendAsync(requestMessage);
+            responseMessage.EnsureSuccessStatusCode();
+            var userInfoResponse = await responseMessage.Content.ReadAsStringAsync();
+            var user = JObject.Parse(userInfoResponse);
+
+            var identity = (ClaimsIdentity)ticket.Principal.Identity;
+            var subject = identity.FindFirst(ClaimTypes.NameIdentifier).ToString();
+
+            // check if the sub claim matches
+            var userInfoSubject = user.Value<string>("sub");
+            if (userInfoSubject == null || !string.Equals(userInfoSubject.ToString(), subject, StringComparison.OrdinalIgnoreCase))
+            {
+                Logger.LogError(Resources.OIDCH_0038_Subject_Claim_Mismatch);
+                throw new ArgumentException(Resources.OIDCH_0038_Subject_Claim_Mismatch); 
+            }
+
+            var userInfoIdentity = new ClaimsIdentity(identity);
+            foreach (KeyValuePair<string, JToken> pair in user)
+            {
+                JToken value;
+                var claimValue = user.TryGetValue(pair.Key, out value) ? value.ToString() : null;
+
+                IDictionary<string, string> inboundClaimTypeMap = new Dictionary<string, string>(JwtSecurityTokenHandler.InboundClaimTypeMap);
+                string longClaimTypeName;
+                inboundClaimTypeMap.TryGetValue(pair.Key, out longClaimTypeName);
+
+                // checking if claim exist with either short or long name
+                if (!(identity.HasClaim(pair.Key, claimValue) || identity.HasClaim(longClaimTypeName, claimValue)))
+                {
+                    userInfoIdentity.AddClaim(new Claim(pair.Key, claimValue, ClaimValueTypes.String, Options.ClaimsIssuer));
+                }
+            }
+
+            ticket.Principal.AddIdentity(userInfoIdentity);
+            return ticket;
         }
 
         /// <summary>
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
index 1a96cdc9f..38b8f78b5 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
@@ -56,6 +56,7 @@ public OpenIdConnectAuthenticationOptions(string authenticationScheme)
             AuthenticationScheme = authenticationScheme;
             BackchannelTimeout = TimeSpan.FromMinutes(1);
             Caption = OpenIdConnectAuthenticationDefaults.Caption;
+            GetClaimsFromUserInfoEndpoint = false;
             ProtocolValidator = new OpenIdConnectProtocolValidator();
             RefreshOnIssuerKeyNotFound = true;
             ResponseMode = OpenIdConnectResponseModes.FormPost;
@@ -164,6 +165,11 @@ public string Caption
         /// </summary>
         public bool DefaultToCurrentUriOnRedirect { get; set; }
 
+        /// <summary>
+        /// Boolean to set whether the middleware should go to user info endpoint to retrieve claims or not.
+        /// </summary>
+        public bool GetClaimsFromUserInfoEndpoint { get; set; }
+
         /// <summary>
         /// Gets or sets the discovery endpoint for obtaining metadata
         /// </summary>
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs
index 26841458e..dcecd152d 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs
@@ -180,6 +180,14 @@ internal static string OIDCH_0037_Redeeming_Auth_Code
             get { return ResourceManager.GetString("OIDCH_0037_Redeeming_Auth_Code"); }
         }
 
+        /// <summary>
+        /// OIDCH_0038: Subject claim received from userinfo endpoint does not match the one in the id token.
+        /// </summary>
+        internal static string OIDCH_0038_Subject_Claim_Mismatch
+        {
+            get { return ResourceManager.GetString("OIDCH_0038_Subject_Claim_Mismatch"); }
+        }
+
         /// <summary>
         /// OIDCH_0000: Entering: '{0}'.
         /// </summary>
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx
index 11a859cec..058505786 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx
@@ -225,4 +225,7 @@
   <data name="OIDCH_0037_Redeeming_Auth_Code" xml:space="preserve">
     <value>OIDCH_0037: Id Token is null. Redeeming code : {0} for tokens.</value>
   </data>
+  <data name="OIDCH_0038_Subject_Claim_Mismatch" xml:space="preserve">
+    <value>OIDCH_0038: Subject claim received from userinfo endpoint does not match the one in the id token.</value>
+  </data>
 </root>
\ No newline at end of file
diff --git a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
index eabd94af6..746c42a69 100644
--- a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
+++ b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
@@ -566,6 +566,8 @@ public override void Configure(OpenIdConnectAuthenticationOptions options, strin
     /// </summary>
     public class CustomOpenIdConnectAuthenticationHandler : OpenIdConnectAuthenticationHandler
     {
+        public CustomOpenIdConnectAuthenticationHandler() : base(null) { }
+
         public async Task BaseInitializeAsyncPublic(AuthenticationOptions options, HttpContext context, ILogger logger, IUrlEncoder encoder)
         {
             await base.BaseInitializeAsync(options, context, logger, encoder);
@@ -593,7 +595,7 @@ protected override async Task ApplyResponseChallengeAsync()
             await Options.Notifications.RedirectToIdentityProvider(redirectToIdentityProviderNotification);
         }
 
-        protected override async Task<TokenResponse> RedeemAuthorizationCode(string authorizationCode)
+        protected override async Task<OpenIdConnectMessage> RedeemAuthorizationCode(string authorizationCode)
         {
             return null;
         }
diff --git a/test/Microsoft.AspNet.Authentication.Test/project.json b/test/Microsoft.AspNet.Authentication.Test/project.json
index 4a549dd04..c7f594c4f 100644
--- a/test/Microsoft.AspNet.Authentication.Test/project.json
+++ b/test/Microsoft.AspNet.Authentication.Test/project.json
@@ -13,8 +13,7 @@
         "Microsoft.AspNet.DataProtection": "1.0.0-*",
         "Microsoft.AspNet.TestHost": "1.0.0-*",
         "Moq": "4.2.1312.1622",
-        "xunit.runner.aspnet": "2.0.0-aspnet-*",
-        "Microsoft.IdentityModel.Clients.ActiveDirectory": "3.3.205132343-alpha"
+        "xunit.runner.aspnet": "2.0.0-aspnet-*"
     },
     "commands": {
         "test": "xunit.runner.aspnet"

From 081ee8f9067b69498b6d977f6120af9b1aad08b2 Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Fri, 22 May 2015 11:42:36 -0700
Subject: [PATCH 14/19] removing changes to tokenresponse and cleanup

---
 .../TokenResponse.cs                               |  2 --
 .../OpenIdConnectAuthenticationHandler.cs          |  4 ++--
 .../Resources.Designer.cs                          |  8 ++++++++
 .../Resources.resx                                 |  3 +++
 .../project.json                                   | 11 +----------
 .../OpenIdConnect/OpenIdConnectHandlerTests.cs     | 14 ++++++++++----
 6 files changed, 24 insertions(+), 18 deletions(-)

diff --git a/src/Microsoft.AspNet.Authentication.OAuth/TokenResponse.cs b/src/Microsoft.AspNet.Authentication.OAuth/TokenResponse.cs
index 04dffa0fc..5bcb80ad8 100644
--- a/src/Microsoft.AspNet.Authentication.OAuth/TokenResponse.cs
+++ b/src/Microsoft.AspNet.Authentication.OAuth/TokenResponse.cs
@@ -14,7 +14,6 @@ public TokenResponse(JObject response)
             TokenType = response.Value<string>("token_type");
             RefreshToken = response.Value<string>("refresh_token");
             ExpiresIn = response.Value<string>("expires_in");
-            IdToken = response.Value<string>("id_token");
         }
 
         public JObject Response { get; set; }
@@ -22,6 +21,5 @@ public TokenResponse(JObject response)
         public string TokenType { get; set; }
         public string RefreshToken { get; set; }
         public string ExpiresIn { get; set; }
-        public string IdToken { get; set; }
     }
 }
\ No newline at end of file
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
index cc7b1ec4f..46d680bbf 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
@@ -12,7 +12,6 @@
 using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNet.Authentication.Notifications;
-using Microsoft.AspNet.Authentication.OAuth;
 using Microsoft.AspNet.Http;
 using Microsoft.AspNet.Http.Authentication;
 using Microsoft.Framework.Logging;
@@ -437,6 +436,7 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
 
                     if (Options.GetClaimsFromUserInfoEndpoint)
                     {
+                        Logger.LogDebug(Resources.OIDCH_0039_Sending_Request_UIEndpoint);
                         ticket = await GetUserInformationAsync(properties, tokens, ticket);
                     }
 
@@ -521,7 +521,7 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                     }
                 }
 
-            return ticket;
+                return ticket;
             }
             catch (Exception exception)
             {
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs
index dcecd152d..ad1702f04 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.Designer.cs
@@ -188,6 +188,14 @@ internal static string OIDCH_0038_Subject_Claim_Mismatch
             get { return ResourceManager.GetString("OIDCH_0038_Subject_Claim_Mismatch"); }
         }
 
+        /// <summary>
+        /// OIDCH_0038: Subject claim received from userinfo endpoint does not match the one in the id token.
+        /// </summary>
+        internal static string OIDCH_0039_Sending_Request_UIEndpoint
+        {
+            get { return ResourceManager.GetString("OIDCH_0039_Sending_Request_UIEndpoint"); }
+        }
+
         /// <summary>
         /// OIDCH_0000: Entering: '{0}'.
         /// </summary>
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx
index 058505786..0084347f2 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/Resources.resx
@@ -228,4 +228,7 @@
   <data name="OIDCH_0038_Subject_Claim_Mismatch" xml:space="preserve">
     <value>OIDCH_0038: Subject claim received from userinfo endpoint does not match the one in the id token.</value>
   </data>
+  <data name="OIDCH_0039_Sending_Request_UIEndpoint" xml:space="preserve">
+    <value>OIDCH_0039: Sending request to user info endpoint for retrieving claims.</value>
+  </data>
 </root>
\ No newline at end of file
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
index b15f7bc89..5f8e6d67a 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
@@ -4,16 +4,7 @@
     "dependencies": {
         "Microsoft.AspNet.Authentication": "1.0.0-*",
         "Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" },
-        "Microsoft.IdentityModel.Protocol.Extensions": "2.0.0-beta4-*",
-        "System.Threading.Tasks": "4.0.10-beta-*",
-<<<<<<< HEAD
-        "System.Runtime": "4.0.20-beta-*"
-
-=======
-        "System.Runtime": "4.0.20-beta-*",
-        "Microsoft.Framework.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" },
-        "Microsoft.AspNet.Authentication.OAuth": "1.0.0-*"
->>>>>>> Removing adal dependency and addressing some github comments
+        "Microsoft.IdentityModel.Protocol.Extensions": "2.0.0-beta4-*"
     },
     "frameworks": {
         "dnx451": {
diff --git a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
index 746c42a69..6cf85f8ce 100644
--- a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
+++ b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
@@ -8,6 +8,7 @@
 using System;
 using System.Collections.Generic;
 using System.Net.Http;
+using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNet.Authentication.Notifications;
 using Microsoft.AspNet.Authentication.OAuth;
@@ -153,14 +154,14 @@ public async Task AuthenticateCore()
             logsEntriesExpected = new int[] { 3 };
             await RunVariation(LogLevel.Information, message, MessageReceivedSkippedOptions, errors, logsEntriesExpected);
 
-            logsEntriesExpected = new int[] {0, 1, 7, 14, 20, 8 };
+            logsEntriesExpected = new int[] {0, 1, 7, 20, 8 };
             await RunVariation(LogLevel.Debug, message, SecurityTokenReceivedHandledOptions, errors, logsEntriesExpected);
 
-            logsEntriesExpected = new int[] {0, 1, 7, 14, 20, 9 };
+            logsEntriesExpected = new int[] {0, 1, 7, 20, 9 };
             await RunVariation(LogLevel.Debug, message, SecurityTokenReceivedSkippedOptions, errors, logsEntriesExpected);
 
             message.IdToken = null;
-            logsEntriesExpected = new int[] { 0, 1, 7, 14, 22};
+            logsEntriesExpected = new int[] { 0, 1, 7, 22, 20, 8};
             await RunVariation(LogLevel.Debug, message, CodeReceivedAndRedeemedHandledOptions, errors, logsEntriesExpected);
 
 #if _Verbose
@@ -419,6 +420,7 @@ private static void SecurityTokenReceivedSkippedOptions(OpenIdConnectAuthenticat
         private static void SecurityTokenValidatedHandledOptions(OpenIdConnectAuthenticationOptions options)
         {
             DefaultOptions(options);
+            options.GetClaimsFromUserInfoEndpoint = true;
             options.Notifications =
                 new OpenIdConnectAuthenticationNotifications
                 {
@@ -597,8 +599,12 @@ protected override async Task ApplyResponseChallengeAsync()
 
         protected override async Task<OpenIdConnectMessage> RedeemAuthorizationCode(string authorizationCode)
         {
-            return null;
+            return new OpenIdConnectMessage()
+            {
+                IdToken = "test token"
+            };
         }
+
     }
 
     /// <summary>

From a34370ac9e28e54373b9c19bd12f5c0278967f07 Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Tue, 26 May 2015 10:44:58 -0700
Subject: [PATCH 15/19] Addressing github comments - removing system
 dependencies and code cleanup

---
 .../OpenIdConnectAuthenticationHandler.cs       | 17 +++++++++--------
 .../OpenIdConnectAuthenticationMiddleware.cs    |  2 +-
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
index 46d680bbf..5461404b0 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
@@ -576,15 +576,16 @@ protected virtual async Task<OpenIdConnectMessage> RedeemAuthorizationCode(strin
             var jsonTokenResponse = JObject.Parse(tokenResonse);
             return new OpenIdConnectMessage()
             {
-                AccessToken = jsonTokenResponse.Value<string>("access_token"),
-                IdToken = jsonTokenResponse.Value<string>("id_token"),
-                TokenType = jsonTokenResponse.Value<string>("token_type"),
-                ExpiresIn = jsonTokenResponse.Value<string>("expires_in")
+                AccessToken = jsonTokenResponse.Value<string>(OpenIdConnectParameterNames.AccessToken),
+                IdToken = jsonTokenResponse.Value<string>(OpenIdConnectParameterNames.IdToken),
+                TokenType = jsonTokenResponse.Value<string>(OpenIdConnectParameterNames.TokenType),
+                ExpiresIn = jsonTokenResponse.Value<string>(OpenIdConnectParameterNames.ExpiresIn)
             };
         }
 
         protected virtual async Task<AuthenticationTicket> GetUserInformationAsync(AuthenticationProperties properties, OpenIdConnectMessage message, AuthenticationTicket ticket)
         {
+
             var requestMessage = new HttpRequestMessage(HttpMethod.Get, _configuration.UserInfoEndpoint);
             requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Bearer", message.AccessToken);
             var responseMessage = await Backchannel.SendAsync(requestMessage);
@@ -593,23 +594,23 @@ protected virtual async Task<AuthenticationTicket> GetUserInformationAsync(Authe
             var user = JObject.Parse(userInfoResponse);
 
             var identity = (ClaimsIdentity)ticket.Principal.Identity;
-            var subject = identity.FindFirst(ClaimTypes.NameIdentifier).ToString();
+            var subject = identity.FindFirst(ClaimTypes.NameIdentifier).Value;
 
             // check if the sub claim matches
             var userInfoSubject = user.Value<string>("sub");
-            if (userInfoSubject == null || !string.Equals(userInfoSubject.ToString(), subject, StringComparison.OrdinalIgnoreCase))
+            if (userInfoSubject == null || !string.Equals(userInfoSubject, subject, StringComparison.OrdinalIgnoreCase))
             {
                 Logger.LogError(Resources.OIDCH_0038_Subject_Claim_Mismatch);
                 throw new ArgumentException(Resources.OIDCH_0038_Subject_Claim_Mismatch); 
             }
 
             var userInfoIdentity = new ClaimsIdentity(identity);
-            foreach (KeyValuePair<string, JToken> pair in user)
+            foreach (var pair in user)
             {
                 JToken value;
                 var claimValue = user.TryGetValue(pair.Key, out value) ? value.ToString() : null;
 
-                IDictionary<string, string> inboundClaimTypeMap = new Dictionary<string, string>(JwtSecurityTokenHandler.InboundClaimTypeMap);
+                var inboundClaimTypeMap = new Dictionary<string, string>(JwtSecurityTokenHandler.InboundClaimTypeMap);
                 string longClaimTypeName;
                 inboundClaimTypeMap.TryGetValue(pair.Key, out longClaimTypeName);
 
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
index 27a0b5d96..e5757095b 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
@@ -124,7 +124,7 @@ public OpenIdConnectAuthenticationMiddleware(
             }
 
             Backchannel = new HttpClient(ResolveHttpMessageHandler(Options));
-            Backchannel.DefaultRequestHeaders.UserAgent.ParseAdd("Microsoft ASP.NET OAuth middleware");
+            Backchannel.DefaultRequestHeaders.UserAgent.ParseAdd("Microsoft ASP.NET OpenIdConnect middleware");
             Backchannel.Timeout = Options.BackchannelTimeout;
             Backchannel.MaxResponseContentBufferSize = 1024 * 1024 * 10; // 10 MB
 

From 334e66f5f7b6e6441bcc084f2a4cf68523728fcb Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Sun, 14 Jun 2015 15:44:00 -0700
Subject: [PATCH 16/19] Taking off the wilson logging adapter, adding checks
 for userinfo endpoint and some cleanup

---
 .../DefaultLoggingListener.cs                 | 47 -------------------
 .../OpenIdConnectAuthenticationHandler.cs     | 32 ++++++++++---
 .../OpenIdConnectAuthenticationMiddleware.cs  | 25 +---------
 .../OpenIdConnectAuthenticationOptions.cs     |  1 -
 .../project.json                              |  2 +-
 5 files changed, 27 insertions(+), 80 deletions(-)
 delete mode 100644 src/Microsoft.AspNet.Authentication.OpenIdConnect/DefaultLoggingListener.cs

diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/DefaultLoggingListener.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/DefaultLoggingListener.cs
deleted file mode 100644
index b409383d9..000000000
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/DefaultLoggingListener.cs
+++ /dev/null
@@ -1,47 +0,0 @@
-using System;
-using System.Diagnostics.Tracing;
-using Microsoft.Framework.Logging;
-
-namespace Microsoft.AspNet.Authentication.OpenIdConnect
-{
-    /// <summary>
-    /// Default logging event listener for wilson event source. It logs the data to the target where other Asp.Net logs go.
-    /// </summary>
-    public class DefaultLoggingListener : EventListener
-    {
-        private ILogger _logger;
-
-        public DefaultLoggingListener(ILogger logger)
-        {
-            _logger = logger;
-        }
-
-        protected override void OnEventWritten(EventWrittenEventArgs eventData)
-        {
-            // calling Asp.Net logger to log events
-            _logger.Log(MapEventLevelToLogLevel(eventData.Level), eventData.EventId, eventData.Payload[0], null, null);
-        }
-
-        private LogLevel MapEventLevelToLogLevel(EventLevel level)
-        {
-            LogLevel logLevel = LogLevel.Information;
-
-            switch(level)
-            {
-                case EventLevel.Critical: logLevel = LogLevel.Critical;
-                    break;
-                case EventLevel.Error: logLevel = LogLevel.Error;
-                    break;
-                case EventLevel.Warning: logLevel = LogLevel.Warning;
-                    break;
-                case EventLevel.Informational: logLevel = LogLevel.Information;
-                    break;
-                case EventLevel.Verbose: logLevel = LogLevel.Verbose;
-                    break;
-                case EventLevel.LogAlways: logLevel = LogLevel.Debug;
-                    break;
-            }
-            return logLevel;
-        }
-    }
-}
\ No newline at end of file
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
index 5461404b0..ebde50eeb 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
@@ -164,17 +164,16 @@ protected override async Task ApplyResponseChallengeAsync()
                 properties.RedirectUri = CurrentUri;
             }
 
-            if (!string.IsNullOrWhiteSpace(Options.RedirectUri))
-            {
-                Logger.LogDebug(Resources.OIDCH_0031_Using_Options_RedirectUri, Options.RedirectUri);
-            }
-
             // When redeeming a 'code' for an AccessToken, this value is needed
             if (!string.IsNullOrWhiteSpace(Options.RedirectUri))
             {
+                Logger.LogDebug(Resources.OIDCH_0031_Using_Options_RedirectUri, Options.RedirectUri);
                 properties.Items.Add(OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey, Options.RedirectUri);
             }
 
+            // adding response type to properties so that we can determine the response type of an incoming message.
+            properties.Items.Add(OpenIdConnectParameterNames.ResponseType, Options.ResponseType);
+
             if (_configuration == null && Options.ConfigurationManager != null)
             {
                 _configuration = await Options.ConfigurationManager.GetConfigurationAsync(Context.RequestAborted);
@@ -249,7 +248,6 @@ protected override AuthenticationTicket AuthenticateCore()
         /// <remarks>Uses log id's OIDCH-0000 - OIDCH-0025</remarks>
         protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
         {
-            var isCodeOnlyFlow = (Options.ResponseType == OpenIdConnectResponseTypes.CodeOnly);
             OpenIdConnectMessage tokens = null;
             Logger.LogDebug(Resources.OIDCH_0000_AuthenticateCoreAsync, this.GetType());
 
@@ -312,12 +310,16 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                 }
 
                 var properties = GetPropertiesFromState(message.State);
+
                 if (properties == null)
                 {
                     Logger.LogError(Resources.OIDCH_0005_MessageStateIsInvalid);
                     return null;
                 }
 
+                var isCodeOnlyFlow = (properties.Items.ContainsKey(OpenIdConnectParameterNames.ResponseType) ? 
+                    (properties.Items[OpenIdConnectParameterNames.ResponseType] == OpenIdConnectResponseTypes.CodeOnly) : false);
+
                 // devs will need to hook AuthenticationFailedNotification to avoid having 'raw' runtime errors displayed to users.
                 if (!string.IsNullOrWhiteSpace(message.Error))
                 {
@@ -585,8 +587,24 @@ protected virtual async Task<OpenIdConnectMessage> RedeemAuthorizationCode(strin
 
         protected virtual async Task<AuthenticationTicket> GetUserInformationAsync(AuthenticationProperties properties, OpenIdConnectMessage message, AuthenticationTicket ticket)
         {
+            string userInfoEndpoint = null;
+            if (_configuration != null)
+            {
+                userInfoEndpoint = _configuration.UserInfoEndpoint;
+            }
+
+            if (string.IsNullOrEmpty(userInfoEndpoint))
+            {
+                userInfoEndpoint = Options.Configuration != null ? Options.Configuration.UserInfoEndpoint : null;
+            }
+
+            if (string.IsNullOrEmpty(userInfoEndpoint))
+            {
+                Logger.LogError("UserInfo endpoint is not set. Request to retrieve claims from userinfo endpoint cannot be completed.");
+                return ticket;
+            }
 
-            var requestMessage = new HttpRequestMessage(HttpMethod.Get, _configuration.UserInfoEndpoint);
+            var requestMessage = new HttpRequestMessage(HttpMethod.Get, userInfoEndpoint);
             requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Bearer", message.AccessToken);
             var responseMessage = await Backchannel.SendAsync(requestMessage);
             responseMessage.EnsureSuccessStatusCode();
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
index e5757095b..a507dee49 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationMiddleware.cs
@@ -4,7 +4,6 @@
 using System;
 using System.Collections.ObjectModel;
 using System.Diagnostics.CodeAnalysis;
-using System.Diagnostics.Tracing;
 using System.IdentityModel.Tokens;
 using System.Net.Http;
 using System.Text;
@@ -17,8 +16,8 @@
 using Microsoft.Framework.Internal;
 using Microsoft.Framework.Logging;
 using Microsoft.Framework.OptionsModel;
-using Microsoft.IdentityModel.Protocols;
 using Microsoft.Framework.WebEncoders;
+using Microsoft.IdentityModel.Protocols;
 
 namespace Microsoft.AspNet.Authentication.OpenIdConnect
 {
@@ -48,29 +47,7 @@ public OpenIdConnectAuthenticationMiddleware(
             ConfigureOptions<OpenIdConnectAuthenticationOptions> configureOptions = null)
             : base(next, options, loggerFactory, encoder, configureOptions)
         {
-<<<<<<< HEAD
-<<<<<<< HEAD
             if (string.IsNullOrEmpty(Options.SignInScheme) && !string.IsNullOrEmpty(externalOptions.Options.SignInScheme))
-=======
-            _logger = loggerFactory.CreateLogger<OpenIdConnectAuthenticationMiddleware>();
-
-            if (Options.IdentityModelEventSourceListener != null)
-            {
-                Options.IdentityModelEventSourceListener.EnableEvents(IdentityModelEventSource.Logger, EventLevel.Informational);
-            }
-            else
-            {
-                DefaultLoggingListener eventListener = new DefaultLoggingListener(_logger);
-                IdentityModelEventSource.LogLevel = EventLevel.Informational;
-                eventListener.EnableEvents(IdentityModelEventSource.Logger, EventLevel.Informational);
-            }
-=======
-            var eventListener = new DefaultIdentityModelLoggingListener(Logger);
-            eventListener.EnableEvents(IdentityModelEventSource.Logger, EventLevel.Informational);
->>>>>>> Removing adal dependency and addressing some github comments
-
-            if (string.IsNullOrWhiteSpace(Options.TokenValidationParameters.AuthenticationType))
->>>>>>> Adding logging draft.
             {
                 Options.SignInScheme = externalOptions.Options.SignInScheme;
             }
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
index 38b8f78b5..d77dd87fb 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationOptions.cs
@@ -4,7 +4,6 @@
 using System;
 using System.Collections.Generic;
 using System.Diagnostics.CodeAnalysis;
-using System.Diagnostics.Tracing;
 using System.IdentityModel.Tokens;
 using System.Net.Http;
 using Microsoft.AspNet.Http;
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
index 5f8e6d67a..b61834b53 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
@@ -3,7 +3,7 @@
     "description": "ASP.NET 5 middleware that enables an application to support OpenIdConnect authentication workflow.",
     "dependencies": {
         "Microsoft.AspNet.Authentication": "1.0.0-*",
-        "Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" },
+        "Microsoft.Framework.NotNullAttribute.Sources": { "type": "build", "version": "1.0.0-*" },
         "Microsoft.IdentityModel.Protocol.Extensions": "2.0.0-beta4-*"
     },
     "frameworks": {

From d35032966943706b22230061c62af4fa5faf25ea Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Sun, 14 Jun 2015 16:10:27 -0700
Subject: [PATCH 17/19] Removing the .vs folder that was pushed by mistake

---
 .vs/config/applicationhost.config | 1025 -----------------------------
 1 file changed, 1025 deletions(-)
 delete mode 100644 .vs/config/applicationhost.config

diff --git a/.vs/config/applicationhost.config b/.vs/config/applicationhost.config
deleted file mode 100644
index 3474ab937..000000000
--- a/.vs/config/applicationhost.config
+++ /dev/null
@@ -1,1025 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
-    IIS configuration sections.
-
-    For schema documentation, see
-    %IIS_BIN%\config\schema\IIS_schema.xml.
-    
-    Please make a backup of this file before making any changes to it.
-
-    NOTE: The following environment variables are available to be used
-          within this file and are understood by the IIS Express.
-
-          %IIS_USER_HOME% - The IIS Express home directory for the user
-          %IIS_SITES_HOME% - The default home directory for sites
-          %IIS_BIN% - The location of the IIS Express binaries
-          %SYSTEMDRIVE% - The drive letter of %IIS_BIN%
-
--->
-
-<configuration>
-
-    <!--
-
-        The <configSections> section controls the registration of sections.
-        Section is the basic unit of deployment, locking, searching and
-        containment for configuration settings.
-        
-        Every section belongs to one section group.
-        A section group is a container of logically-related sections.
-        
-        Sections cannot be nested.
-        Section groups may be nested.
-        
-        <section
-            name=""  [Required, Collection Key] [XML name of the section]
-            allowDefinition="Everywhere" [MachineOnly|MachineToApplication|AppHostOnly|Everywhere] [Level where it can be set]
-            overrideModeDefault="Allow"  [Allow|Deny] [Default delegation mode]
-            allowLocation="true"  [true|false] [Allowed in location tags]
-        />
-        
-        The recommended way to unlock sections is by using a location tag:
-        <location path="Default Web Site" overrideMode="Allow">
-            <system.webServer>
-                <asp />
-            </system.webServer>
-        </location>
-
-    -->
-    <configSections>
-        <sectionGroup name="system.applicationHost">
-            <section name="applicationPools" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
-            <section name="configHistory" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
-            <section name="customMetadata" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
-            <section name="listenerAdapters" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
-            <section name="log" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
-            <section name="preloadProviders" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
-            <section name="sites" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
-            <section name="webLimits" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
-        </sectionGroup>
-
-        <sectionGroup name="system.webServer">
-            <section name="asp" overrideModeDefault="Deny" />
-            <section name="caching" overrideModeDefault="Allow" />
-            <section name="cgi" overrideModeDefault="Deny" />
-            <section name="defaultDocument" overrideModeDefault="Allow" />
-            <section name="directoryBrowse" overrideModeDefault="Allow" />
-            <section name="fastCgi" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
-            <section name="globalModules" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
-            <section name="handlers" overrideModeDefault="Deny" />
-            <section name="httpCompression" overrideModeDefault="Allow" />
-            <section name="httpErrors" overrideModeDefault="Allow" />
-            <section name="httpLogging" overrideModeDefault="Deny" />
-            <section name="httpProtocol" overrideModeDefault="Allow" />
-            <section name="httpRedirect" overrideModeDefault="Allow" />
-            <section name="httpTracing" overrideModeDefault="Deny" />
-            <section name="isapiFilters" allowDefinition="MachineToApplication" overrideModeDefault="Deny" />
-            <section name="modules" allowDefinition="MachineToApplication" overrideModeDefault="Deny" />
-            <section name="odbcLogging" overrideModeDefault="Deny" />
-            <sectionGroup name="security">
-                <section name="access" overrideModeDefault="Deny" />
-                <section name="applicationDependencies" overrideModeDefault="Deny" />
-                <sectionGroup name="authentication">
-                    <section name="anonymousAuthentication" overrideModeDefault="Deny" />
-                    <section name="basicAuthentication" overrideModeDefault="Deny" />
-                    <section name="clientCertificateMappingAuthentication" overrideModeDefault="Deny" />
-                    <section name="digestAuthentication" overrideModeDefault="Deny" />
-                    <section name="iisClientCertificateMappingAuthentication" overrideModeDefault="Deny" />
-                    <section name="windowsAuthentication" overrideModeDefault="Deny" />
-                </sectionGroup>
-                <section name="authorization" overrideModeDefault="Allow" />
-                <section name="ipSecurity" overrideModeDefault="Deny" />
-                <section name="dynamicIpSecurity" overrideModeDefault="Deny" />
-                <section name="isapiCgiRestriction" allowDefinition="AppHostOnly" overrideModeDefault="Deny" />
-                <section name="requestFiltering" overrideModeDefault="Allow" />
-            </sectionGroup>
-            <section name="serverRuntime" overrideModeDefault="Deny" />
-            <section name="serverSideInclude" overrideModeDefault="Deny" />
-            <section name="staticContent" overrideModeDefault="Allow" />
-            <sectionGroup name="tracing">
-                <section name="traceFailedRequests" overrideModeDefault="Allow" />
-                <section name="traceProviderDefinitions" overrideModeDefault="Deny" />
-            </sectionGroup>
-            <section name="urlCompression" overrideModeDefault="Allow" />
-            <section name="validation" overrideModeDefault="Allow" />
-            <sectionGroup name="webdav">
-                <section name="globalSettings" overrideModeDefault="Deny" />
-                <section name="authoring" overrideModeDefault="Deny" />
-                <section name="authoringRules" overrideModeDefault="Deny" />
-            </sectionGroup>
-            <sectionGroup name="rewrite">
-                <section name="allowedServerVariables" overrideModeDefault="Deny" />
-                <section name="rules" overrideModeDefault="Allow" />
-                <section name="outboundRules" overrideModeDefault="Allow" />
-                <section name="globalRules" overrideModeDefault="Deny" allowDefinition="AppHostOnly" />
-                <section name="providers" overrideModeDefault="Allow" />
-                <section name="rewriteMaps" overrideModeDefault="Allow" />
-            </sectionGroup>
-            <section name="applicationInitialization" allowDefinition="MachineToApplication" overrideModeDefault="Allow" />
-            <section name="webSocket" overrideModeDefault="Deny" />
-        </sectionGroup>
-    </configSections>
-
-    <configProtectedData>
-        <providers>
-            <add name="IISWASOnlyRsaProvider" type="" description="Uses RsaCryptoServiceProvider to encrypt and decrypt" keyContainerName="iisWasKey" cspProviderName="" useMachineContainer="true" useOAEP="false" />
-            <add name="AesProvider" type="Microsoft.ApplicationHost.AesProtectedConfigurationProvider" description="Uses an AES session key to encrypt and decrypt" keyContainerName="iisConfigurationKey" cspProviderName="" useOAEP="false" useMachineContainer="true" sessionKey="AQIAAA5mAAAApAAAKmFQvWHDEETRz8l2bjZlRxIkwcqTFaCUnCLljn3Q1OkesrhEO9YyLyx4bUhsj1/DyShAv7OAFFhXlrlomaornnk5PLeyO4lIXxaiT33yOFUUgxDx4GSaygkqghVV0tO5yQ/XguUBp2juMfZyztnsNa4pLcz7ZNZQ6p4yn9hxwNs=" />
-            <add name="IISWASOnlyAesProvider" type="Microsoft.ApplicationHost.AesProtectedConfigurationProvider" description="Uses an AES session key to encrypt and decrypt" keyContainerName="iisWasKey" cspProviderName="" useOAEP="false" useMachineContainer="true" sessionKey="AQIAAA5mAAAApAAA4WoiRJ8KHwzAG8AgejPxEOO4/2Vhkolbwo/8gZeNdUDSD36m55hWv4uC9tr/MlKdnwRLL0NhT50Gccyftqz5xTZ0dg5FtvQhTw/he1NwexTKbV+I4Zrd+sZUqHZTsr7JiEr6OHGXL70qoISW5G2m9U8wKT3caPiDPNj2aAaYPLo=" />
-        </providers>
-    </configProtectedData>
-
-    <system.applicationHost>
-
-        <applicationPools>
-            <add name="Clr4IntegratedAppPool" managedRuntimeVersion="v4.0" managedPipelineMode="Integrated" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
-            <add name="Clr4ClassicAppPool" managedRuntimeVersion="v4.0" managedPipelineMode="Classic" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
-            <add name="Clr2IntegratedAppPool" managedRuntimeVersion="v2.0" managedPipelineMode="Integrated" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
-            <add name="Clr2ClassicAppPool" managedRuntimeVersion="v2.0" managedPipelineMode="Classic" CLRConfigFile="%IIS_USER_HOME%\config\aspnet.config" autoStart="true" />
-            <add name="UnmanagedClassicAppPool" managedRuntimeVersion="" managedPipelineMode="Classic" autoStart="true" />
-            <applicationPoolDefaults managedRuntimeLoader="v4.0">
-                <processModel />
-            </applicationPoolDefaults>
-        </applicationPools>
-
-        <!--
-
-          The <listenerAdapters> section defines the protocols with which the
-          Windows Process Activation Service (WAS) binds.
-
-        -->
-        <listenerAdapters>
-            <add name="http" />
-        </listenerAdapters>
-
-        <sites>
-            <site name="WebSite1" id="1" serverAutoStart="true">
-                <application path="/">
-                    <virtualDirectory path="/" physicalPath="%IIS_SITES_HOME%\WebSite1" />
-                </application>
-                <bindings>
-                    <binding protocol="http" bindingInformation=":8080:localhost" />
-                </bindings>
-            </site>
-            <site name="OpenIdConnectSample" id="2">
-                <application path="/" applicationPool="Clr4IntegratedAppPool">
-                    <virtualDirectory path="/" physicalPath="C:\Users\tugupta\Documents\GitHub\Security\samples\OpenIdConnectSample\wwwroot" />
-                </application>
-                <bindings>
-                    <binding protocol="http" bindingInformation="*:42023:localhost" />
-                </bindings>
-            </site>
-            <siteDefaults>
-                <logFile logFormat="W3C" directory="%IIS_USER_HOME%\Logs" />
-                <traceFailedRequestsLogging directory="%IIS_USER_HOME%\TraceLogFiles" enabled="true" maxLogFileSizeKB="1024" />
-            </siteDefaults>
-            <applicationDefaults applicationPool="Clr4IntegratedAppPool" />
-            <virtualDirectoryDefaults allowSubDirConfig="true" />
-        </sites>
-
-        <webLimits />
-
-    </system.applicationHost>
-
-    <system.webServer>
-
-        <serverRuntime />
-
-        <asp scriptErrorSentToBrowser="true">
-            <cache diskTemplateCacheDirectory="%TEMP%\iisexpress\ASP Compiled Templates" />
-            <limits />
-        </asp>
-
-        <caching enabled="true" enableKernelCache="true">
-        </caching>
-
-        <cgi />
-
-        <defaultDocument enabled="true">
-            <files>
-                <add value="Default.htm" />
-                <add value="Default.asp" />
-                <add value="index.htm" />
-                <add value="index.html" />
-                <add value="iisstart.htm" />
-                <add value="default.aspx" />
-            </files>
-        </defaultDocument>
-
-        <directoryBrowse enabled="false" />
-
-        <fastCgi />
-
-        <!--
-
-          The <globalModules> section defines all native-code modules.
-          To enable a module, specify it in the <modules> section.
-
-        -->
-        <globalModules>
-            <add name="HttpLoggingModule" image="%IIS_BIN%\loghttp.dll" />
-            <add name="UriCacheModule" image="%IIS_BIN%\cachuri.dll" />
-<!--            <add name="FileCacheModule" image="%IIS_BIN%\cachfile.dll" />  -->
-            <add name="TokenCacheModule" image="%IIS_BIN%\cachtokn.dll" />
-<!--            <add name="HttpCacheModule" image="%IIS_BIN%\cachhttp.dll" /> -->
-            <add name="DynamicCompressionModule" image="%IIS_BIN%\compdyn.dll" />
-            <add name="StaticCompressionModule" image="%IIS_BIN%\compstat.dll" />
-            <add name="DefaultDocumentModule" image="%IIS_BIN%\defdoc.dll" />
-            <add name="DirectoryListingModule" image="%IIS_BIN%\dirlist.dll" />
-            <add name="ProtocolSupportModule" image="%IIS_BIN%\protsup.dll" />
-            <add name="HttpRedirectionModule" image="%IIS_BIN%\redirect.dll" />
-            <add name="ServerSideIncludeModule" image="%IIS_BIN%\iis_ssi.dll" />
-            <add name="StaticFileModule" image="%IIS_BIN%\static.dll" />
-            <add name="AnonymousAuthenticationModule" image="%IIS_BIN%\authanon.dll" />
-            <add name="CertificateMappingAuthenticationModule" image="%IIS_BIN%\authcert.dll" />
-            <add name="UrlAuthorizationModule" image="%IIS_BIN%\urlauthz.dll" />
-            <add name="BasicAuthenticationModule" image="%IIS_BIN%\authbas.dll" />
-            <add name="WindowsAuthenticationModule" image="%IIS_BIN%\authsspi.dll" />
-<!--            <add name="DigestAuthenticationModule" image="%IIS_BIN%\authmd5.dll" /> -->
-            <add name="IISCertificateMappingAuthenticationModule" image="%IIS_BIN%\authmap.dll" />
-            <add name="IpRestrictionModule" image="%IIS_BIN%\iprestr.dll" />
-            <add name="DynamicIpRestrictionModule" image="%IIS_BIN%\diprestr.dll" />
-            <add name="RequestFilteringModule" image="%IIS_BIN%\modrqflt.dll" />
-            <add name="CustomLoggingModule" image="%IIS_BIN%\logcust.dll" />
-            <add name="CustomErrorModule" image="%IIS_BIN%\custerr.dll" />
-<!--            <add name="TracingModule" image="%IIS_BIN%\iisetw.dll" /> -->
-            <add name="FailedRequestsTracingModule" image="%IIS_BIN%\iisfreb.dll" />
-            <add name="RequestMonitorModule" image="%IIS_BIN%\iisreqs.dll" />
-            <add name="IsapiModule" image="%IIS_BIN%\isapi.dll" />
-            <add name="IsapiFilterModule" image="%IIS_BIN%\filter.dll" />
-            <add name="CgiModule" image="%IIS_BIN%\cgi.dll" />
-            <add name="FastCgiModule" image="%IIS_BIN%\iisfcgi.dll" />
-<!--            <add name="WebDAVModule" image="%IIS_BIN%\webdav.dll" /> -->
-            <add name="RewriteModule" image="%IIS_BIN%\rewrite.dll" />
-            <add name="ConfigurationValidationModule" image="%IIS_BIN%\validcfg.dll" />
-            <add name="WebSocketModule" image="%IIS_BIN%\iiswsock.dll" />
-            <add name="WebMatrixSupportModule" image="%IIS_BIN%\webmatrixsup.dll" />
-            <add name="ManagedEngine" image="%windir%\Microsoft.NET\Framework\v2.0.50727\webengine.dll" preCondition="integratedMode,runtimeVersionv2.0,bitness32" />
-            <add name="ManagedEngine64" image="%windir%\Microsoft.NET\Framework64\v2.0.50727\webengine.dll" preCondition="integratedMode,runtimeVersionv2.0,bitness64" />
-            <add name="ManagedEngineV4.0_32bit" image="%windir%\Microsoft.NET\Framework\v4.0.30319\webengine4.dll" preCondition="integratedMode,runtimeVersionv4.0,bitness32" />
-            <add name="ManagedEngineV4.0_64bit" image="%windir%\Microsoft.NET\Framework64\v4.0.30319\webengine4.dll" preCondition="integratedMode,runtimeVersionv4.0,bitness64" />
-            <add name="ApplicationInitializationModule" image="%IIS_BIN%\warmup.dll" />
-        </globalModules>
-
-        <httpCompression directory="%TEMP%\iisexpress\IIS Temporary Compressed Files">
-            <scheme name="gzip" dll="%IIS_BIN%\gzip.dll" />
-            <dynamicTypes>
-                <add mimeType="text/*" enabled="true" />
-                <add mimeType="message/*" enabled="true" />
-                <add mimeType="application/javascript" enabled="true" />
-                <add mimeType="application/atom+xml" enabled="true" />
-                <add mimeType="application/xaml+xml" enabled="true" />
-                <add mimeType="*/*" enabled="false" />
-            </dynamicTypes>
-            <staticTypes>
-                <add mimeType="text/*" enabled="true" />
-                <add mimeType="message/*" enabled="true" />
-                <add mimeType="application/javascript" enabled="true" />
-                <add mimeType="application/atom+xml" enabled="true" />
-                <add mimeType="application/xaml+xml" enabled="true" />
-                <add mimeType="*/*" enabled="false" />
-            </staticTypes>
-        </httpCompression>
-
-        <httpErrors lockAttributes="allowAbsolutePathsWhenDelegated,defaultPath">
-            <error statusCode="401" prefixLanguageFilePath="%IIS_BIN%\custerr" path="401.htm" />
-            <error statusCode="403" prefixLanguageFilePath="%IIS_BIN%\custerr" path="403.htm" />
-            <error statusCode="404" prefixLanguageFilePath="%IIS_BIN%\custerr" path="404.htm" />
-            <error statusCode="405" prefixLanguageFilePath="%IIS_BIN%\custerr" path="405.htm" />
-            <error statusCode="406" prefixLanguageFilePath="%IIS_BIN%\custerr" path="406.htm" />
-            <error statusCode="412" prefixLanguageFilePath="%IIS_BIN%\custerr" path="412.htm" />
-            <error statusCode="500" prefixLanguageFilePath="%IIS_BIN%\custerr" path="500.htm" />
-            <error statusCode="501" prefixLanguageFilePath="%IIS_BIN%\custerr" path="501.htm" />
-            <error statusCode="502" prefixLanguageFilePath="%IIS_BIN%\custerr" path="502.htm" />
-        </httpErrors>
-
-        <httpLogging dontLog="false" />
-
-        <httpProtocol>
-            <customHeaders>
-                <clear />
-                <add name="X-Powered-By" value="ASP.NET" />
-            </customHeaders>
-            <redirectHeaders>
-                <clear />
-            </redirectHeaders>
-        </httpProtocol>
-
-        <httpRedirect enabled="false" />
-
-        <httpTracing>
-        </httpTracing>
-
-        <isapiFilters>
-            <filter name="ASP.Net_2.0.50727-64" path="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_filter.dll" enableCache="true" preCondition="bitness64,runtimeVersionv2.0" />
-            <filter name="ASP.Net_2.0.50727.0" path="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll" enableCache="true" preCondition="bitness32,runtimeVersionv2.0" />
-            <filter name="ASP.Net_2.0_for_v1.1" path="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll" enableCache="true" preCondition="runtimeVersionv1.1" />
-            <filter name="ASP.Net_4.0_32bit" path="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_filter.dll" enableCache="true" preCondition="bitness32,runtimeVersionv4.0" />
-            <filter name="ASP.Net_4.0_64bit" path="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_filter.dll" enableCache="true" preCondition="bitness64,runtimeVersionv4.0" />
-        </isapiFilters>
-
-        <odbcLogging />
-
-        <security>
-
-            <access sslFlags="None" />
-
-            <applicationDependencies>
-                <application name="Active Server Pages" groupId="ASP" />
-            </applicationDependencies>
-
-            <authentication>
-
-                <anonymousAuthentication enabled="true" userName="" />
-
-                <basicAuthentication enabled="false" />
-
-                <clientCertificateMappingAuthentication enabled="false" />
-
-                <digestAuthentication enabled="false" />
-
-                <iisClientCertificateMappingAuthentication enabled="false">
-                </iisClientCertificateMappingAuthentication>
-
-                <windowsAuthentication enabled="false">
-                    <providers>
-                        <add value="Negotiate" />
-                        <add value="NTLM" />
-                    </providers>
-                </windowsAuthentication>
-
-            </authentication>
-
-            <authorization>
-                <add accessType="Allow" users="*" />
-            </authorization>
-
-            <ipSecurity allowUnlisted="true" />
-
-            <isapiCgiRestriction notListedIsapisAllowed="true" notListedCgisAllowed="true">
-                <add path="%windir%\Microsoft.NET\Framework64\v4.0.30319\webengine4.dll" allowed="true" groupId="ASP.NET_v4.0" description="ASP.NET_v4.0" />
-                <add path="%windir%\Microsoft.NET\Framework\v4.0.30319\webengine4.dll" allowed="true" groupId="ASP.NET_v4.0" description="ASP.NET_v4.0" />
-                <add path="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" allowed="true" groupId="ASP.NET v2.0.50727" description="ASP.NET v2.0.50727" />
-                <add path="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" allowed="true" groupId="ASP.NET v2.0.50727" description="ASP.NET v2.0.50727" />
-            </isapiCgiRestriction>
-
-            <requestFiltering>
-                <fileExtensions allowUnlisted="true" applyToWebDAV="true">
-                    <add fileExtension=".asax" allowed="false" />
-                    <add fileExtension=".ascx" allowed="false" />
-                    <add fileExtension=".master" allowed="false" />
-                    <add fileExtension=".skin" allowed="false" />
-                    <add fileExtension=".browser" allowed="false" />
-                    <add fileExtension=".sitemap" allowed="false" />
-                    <add fileExtension=".config" allowed="false" />
-                    <add fileExtension=".cs" allowed="false" />
-                    <add fileExtension=".csproj" allowed="false" />
-                    <add fileExtension=".vb" allowed="false" />
-                    <add fileExtension=".vbproj" allowed="false" />
-                    <add fileExtension=".webinfo" allowed="false" />
-                    <add fileExtension=".licx" allowed="false" />
-                    <add fileExtension=".resx" allowed="false" />
-                    <add fileExtension=".resources" allowed="false" />
-                    <add fileExtension=".mdb" allowed="false" />
-                    <add fileExtension=".vjsproj" allowed="false" />
-                    <add fileExtension=".java" allowed="false" />
-                    <add fileExtension=".jsl" allowed="false" />
-                    <add fileExtension=".ldb" allowed="false" />
-                    <add fileExtension=".dsdgm" allowed="false" />
-                    <add fileExtension=".ssdgm" allowed="false" />
-                    <add fileExtension=".lsad" allowed="false" />
-                    <add fileExtension=".ssmap" allowed="false" />
-                    <add fileExtension=".cd" allowed="false" />
-                    <add fileExtension=".dsprototype" allowed="false" />
-                    <add fileExtension=".lsaprototype" allowed="false" />
-                    <add fileExtension=".sdm" allowed="false" />
-                    <add fileExtension=".sdmDocument" allowed="false" />
-                    <add fileExtension=".mdf" allowed="false" />
-                    <add fileExtension=".ldf" allowed="false" />
-                    <add fileExtension=".ad" allowed="false" />
-                    <add fileExtension=".dd" allowed="false" />
-                    <add fileExtension=".ldd" allowed="false" />
-                    <add fileExtension=".sd" allowed="false" />
-                    <add fileExtension=".adprototype" allowed="false" />
-                    <add fileExtension=".lddprototype" allowed="false" />
-                    <add fileExtension=".exclude" allowed="false" />
-                    <add fileExtension=".refresh" allowed="false" />
-                    <add fileExtension=".compiled" allowed="false" />
-                    <add fileExtension=".msgx" allowed="false" />
-                    <add fileExtension=".vsdisco" allowed="false" />
-                    <add fileExtension=".rules" allowed="false" />
-                </fileExtensions>
-                <verbs allowUnlisted="true" applyToWebDAV="true" />
-                <hiddenSegments applyToWebDAV="true">
-                    <add segment="web.config" />
-                    <add segment="bin" />
-                    <add segment="App_code" />
-                    <add segment="App_GlobalResources" />
-                    <add segment="App_LocalResources" />
-                    <add segment="App_WebReferences" />
-                    <add segment="App_Data" />
-                    <add segment="App_Browsers" />
-                </hiddenSegments>
-            </requestFiltering>
-
-        </security>
-
-        <serverSideInclude ssiExecDisable="false" />
-
-        <staticContent lockAttributes="isDocFooterFileName">
-            <mimeMap fileExtension=".323" mimeType="text/h323" />
-            <mimeMap fileExtension=".3g2" mimeType="video/3gpp2" />
-            <mimeMap fileExtension=".3gp2" mimeType="video/3gpp2" />
-            <mimeMap fileExtension=".3gp" mimeType="video/3gpp" />
-            <mimeMap fileExtension=".3gpp" mimeType="video/3gpp" />
-            <mimeMap fileExtension=".aac" mimeType="audio/aac" />
-            <mimeMap fileExtension=".aaf" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".aca" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".accdb" mimeType="application/msaccess" />
-            <mimeMap fileExtension=".accde" mimeType="application/msaccess" />
-            <mimeMap fileExtension=".accdt" mimeType="application/msaccess" />
-            <mimeMap fileExtension=".acx" mimeType="application/internet-property-stream" />
-            <mimeMap fileExtension=".adt" mimeType="audio/vnd.dlna.adts" />
-            <mimeMap fileExtension=".adts" mimeType="audio/vnd.dlna.adts" />
-            <mimeMap fileExtension=".afm" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".ai" mimeType="application/postscript" />
-            <mimeMap fileExtension=".aif" mimeType="audio/x-aiff" />
-            <mimeMap fileExtension=".aifc" mimeType="audio/aiff" />
-            <mimeMap fileExtension=".aiff" mimeType="audio/aiff" />
-            <mimeMap fileExtension=".appcache" mimeType="text/cache-manifest" />
-            <mimeMap fileExtension=".application" mimeType="application/x-ms-application" />
-            <mimeMap fileExtension=".art" mimeType="image/x-jg" />
-            <mimeMap fileExtension=".asd" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".asf" mimeType="video/x-ms-asf" />
-            <mimeMap fileExtension=".asi" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".asm" mimeType="text/plain" />
-            <mimeMap fileExtension=".asr" mimeType="video/x-ms-asf" />
-            <mimeMap fileExtension=".asx" mimeType="video/x-ms-asf" />
-            <mimeMap fileExtension=".atom" mimeType="application/atom+xml" />
-            <mimeMap fileExtension=".au" mimeType="audio/basic" />
-            <mimeMap fileExtension=".avi" mimeType="video/msvideo" />
-            <mimeMap fileExtension=".axs" mimeType="application/olescript" />
-            <mimeMap fileExtension=".bas" mimeType="text/plain" />
-            <mimeMap fileExtension=".bcpio" mimeType="application/x-bcpio" />
-            <mimeMap fileExtension=".bin" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".bmp" mimeType="image/bmp" />
-            <mimeMap fileExtension=".c" mimeType="text/plain" />
-            <mimeMap fileExtension=".cab" mimeType="application/vnd.ms-cab-compressed" />
-            <mimeMap fileExtension=".calx" mimeType="application/vnd.ms-office.calx" />
-            <mimeMap fileExtension=".cat" mimeType="application/vnd.ms-pki.seccat" />
-            <mimeMap fileExtension=".cdf" mimeType="application/x-cdf" />
-            <mimeMap fileExtension=".chm" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".class" mimeType="application/x-java-applet" />
-            <mimeMap fileExtension=".clp" mimeType="application/x-msclip" />
-            <mimeMap fileExtension=".cmx" mimeType="image/x-cmx" />
-            <mimeMap fileExtension=".cnf" mimeType="text/plain" />
-            <mimeMap fileExtension=".cod" mimeType="image/cis-cod" />
-            <mimeMap fileExtension=".cpio" mimeType="application/x-cpio" />
-            <mimeMap fileExtension=".cpp" mimeType="text/plain" />
-            <mimeMap fileExtension=".crd" mimeType="application/x-mscardfile" />
-            <mimeMap fileExtension=".crl" mimeType="application/pkix-crl" />
-            <mimeMap fileExtension=".crt" mimeType="application/x-x509-ca-cert" />
-            <mimeMap fileExtension=".csh" mimeType="application/x-csh" />
-            <mimeMap fileExtension=".css" mimeType="text/css" />
-            <mimeMap fileExtension=".csv" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".cur" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".dcr" mimeType="application/x-director" />
-            <mimeMap fileExtension=".deploy" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".der" mimeType="application/x-x509-ca-cert" />
-            <mimeMap fileExtension=".dib" mimeType="image/bmp" />
-            <mimeMap fileExtension=".dir" mimeType="application/x-director" />
-            <mimeMap fileExtension=".disco" mimeType="text/xml" />
-            <mimeMap fileExtension=".dll" mimeType="application/x-msdownload" />
-            <mimeMap fileExtension=".dll.config" mimeType="text/xml" />
-            <mimeMap fileExtension=".dlm" mimeType="text/dlm" />
-            <mimeMap fileExtension=".doc" mimeType="application/msword" />
-            <mimeMap fileExtension=".docm" mimeType="application/vnd.ms-word.document.macroEnabled.12" />
-            <mimeMap fileExtension=".docx" mimeType="application/vnd.openxmlformats-officedocument.wordprocessingml.document" />
-            <mimeMap fileExtension=".dot" mimeType="application/msword" />
-            <mimeMap fileExtension=".dotm" mimeType="application/vnd.ms-word.template.macroEnabled.12" />
-            <mimeMap fileExtension=".dotx" mimeType="application/vnd.openxmlformats-officedocument.wordprocessingml.template" />
-            <mimeMap fileExtension=".dsp" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".dtd" mimeType="text/xml" />
-            <mimeMap fileExtension=".dvi" mimeType="application/x-dvi" />
-            <mimeMap fileExtension=".dvr-ms" mimeType="video/x-ms-dvr" />
-            <mimeMap fileExtension=".dwf" mimeType="drawing/x-dwf" />
-            <mimeMap fileExtension=".dwp" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".dxr" mimeType="application/x-director" />
-            <mimeMap fileExtension=".eml" mimeType="message/rfc822" />
-            <mimeMap fileExtension=".emz" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".eot" mimeType="application/vnd.ms-fontobject" />
-            <mimeMap fileExtension=".eps" mimeType="application/postscript" />
-            <mimeMap fileExtension=".etx" mimeType="text/x-setext" />
-            <mimeMap fileExtension=".evy" mimeType="application/envoy" />
-            <mimeMap fileExtension=".exe" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".exe.config" mimeType="text/xml" />
-            <mimeMap fileExtension=".fdf" mimeType="application/vnd.fdf" />
-            <mimeMap fileExtension=".fif" mimeType="application/fractals" />
-            <mimeMap fileExtension=".fla" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".flr" mimeType="x-world/x-vrml" />
-            <mimeMap fileExtension=".flv" mimeType="video/x-flv" />
-            <mimeMap fileExtension=".gif" mimeType="image/gif" />
-            <mimeMap fileExtension=".gtar" mimeType="application/x-gtar" />
-            <mimeMap fileExtension=".gz" mimeType="application/x-gzip" />
-            <mimeMap fileExtension=".h" mimeType="text/plain" />
-            <mimeMap fileExtension=".hdf" mimeType="application/x-hdf" />
-            <mimeMap fileExtension=".hdml" mimeType="text/x-hdml" />
-            <mimeMap fileExtension=".hhc" mimeType="application/x-oleobject" />
-            <mimeMap fileExtension=".hhk" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".hhp" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".hlp" mimeType="application/winhlp" />
-            <mimeMap fileExtension=".hqx" mimeType="application/mac-binhex40" />
-            <mimeMap fileExtension=".hta" mimeType="application/hta" />
-            <mimeMap fileExtension=".htc" mimeType="text/x-component" />
-            <mimeMap fileExtension=".htm" mimeType="text/html" />
-            <mimeMap fileExtension=".html" mimeType="text/html" />
-            <mimeMap fileExtension=".htt" mimeType="text/webviewhtml" />
-            <mimeMap fileExtension=".hxt" mimeType="text/html" />
-            <mimeMap fileExtension=".ico" mimeType="image/x-icon" />
-            <mimeMap fileExtension=".ics" mimeType="text/calendar" />
-            <mimeMap fileExtension=".ief" mimeType="image/ief" />
-            <mimeMap fileExtension=".iii" mimeType="application/x-iphone" />
-            <mimeMap fileExtension=".inf" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".ins" mimeType="application/x-internet-signup" />
-            <mimeMap fileExtension=".isp" mimeType="application/x-internet-signup" />
-            <mimeMap fileExtension=".IVF" mimeType="video/x-ivf" />
-            <mimeMap fileExtension=".jar" mimeType="application/java-archive" />
-            <mimeMap fileExtension=".java" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".jck" mimeType="application/liquidmotion" />
-            <mimeMap fileExtension=".jcz" mimeType="application/liquidmotion" />
-            <mimeMap fileExtension=".jfif" mimeType="image/pjpeg" />
-            <mimeMap fileExtension=".jpb" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".jpe" mimeType="image/jpeg" />
-            <mimeMap fileExtension=".jpeg" mimeType="image/jpeg" />
-            <mimeMap fileExtension=".jpg" mimeType="image/jpeg" />
-            <mimeMap fileExtension=".js" mimeType="application/javascript" />
-            <mimeMap fileExtension=".json" mimeType="application/json" />
-            <mimeMap fileExtension=".jsonld" mimeType="application/ld+json" />
-            <mimeMap fileExtension=".jsx" mimeType="text/jscript" />
-            <mimeMap fileExtension=".latex" mimeType="application/x-latex" />
-            <mimeMap fileExtension=".less" mimeType="text/css" />
-            <mimeMap fileExtension=".lit" mimeType="application/x-ms-reader" />
-            <mimeMap fileExtension=".lpk" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".lsf" mimeType="video/x-la-asf" />
-            <mimeMap fileExtension=".lsx" mimeType="video/x-la-asf" />
-            <mimeMap fileExtension=".lzh" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".m13" mimeType="application/x-msmediaview" />
-            <mimeMap fileExtension=".m14" mimeType="application/x-msmediaview" />
-            <mimeMap fileExtension=".m1v" mimeType="video/mpeg" />
-            <mimeMap fileExtension=".m2ts" mimeType="video/vnd.dlna.mpeg-tts" />
-            <mimeMap fileExtension=".m3u" mimeType="audio/x-mpegurl" />
-            <mimeMap fileExtension=".m4a" mimeType="audio/mp4" />
-            <mimeMap fileExtension=".m4v" mimeType="video/mp4" />
-            <mimeMap fileExtension=".man" mimeType="application/x-troff-man" />
-            <mimeMap fileExtension=".manifest" mimeType="application/x-ms-manifest" />
-            <mimeMap fileExtension=".map" mimeType="text/plain" />
-            <mimeMap fileExtension=".mdb" mimeType="application/x-msaccess" />
-            <mimeMap fileExtension=".mdp" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".me" mimeType="application/x-troff-me" />
-            <mimeMap fileExtension=".mht" mimeType="message/rfc822" />
-            <mimeMap fileExtension=".mhtml" mimeType="message/rfc822" />
-            <mimeMap fileExtension=".mid" mimeType="audio/mid" />
-            <mimeMap fileExtension=".midi" mimeType="audio/mid" />
-            <mimeMap fileExtension=".mix" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".mmf" mimeType="application/x-smaf" />
-            <mimeMap fileExtension=".mno" mimeType="text/xml" />
-            <mimeMap fileExtension=".mny" mimeType="application/x-msmoney" />
-            <mimeMap fileExtension=".mov" mimeType="video/quicktime" />
-            <mimeMap fileExtension=".movie" mimeType="video/x-sgi-movie" />
-            <mimeMap fileExtension=".mp2" mimeType="video/mpeg" />
-            <mimeMap fileExtension=".mp3" mimeType="audio/mpeg" />
-            <mimeMap fileExtension=".mp4" mimeType="video/mp4" />
-            <mimeMap fileExtension=".mp4v" mimeType="video/mp4" />
-            <mimeMap fileExtension=".mpa" mimeType="video/mpeg" />
-            <mimeMap fileExtension=".mpe" mimeType="video/mpeg" />
-            <mimeMap fileExtension=".mpeg" mimeType="video/mpeg" />
-            <mimeMap fileExtension=".mpg" mimeType="video/mpeg" />
-            <mimeMap fileExtension=".mpp" mimeType="application/vnd.ms-project" />
-            <mimeMap fileExtension=".mpv2" mimeType="video/mpeg" />
-            <mimeMap fileExtension=".ms" mimeType="application/x-troff-ms" />
-            <mimeMap fileExtension=".msi" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".mso" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".mvb" mimeType="application/x-msmediaview" />
-            <mimeMap fileExtension=".mvc" mimeType="application/x-miva-compiled" />
-            <mimeMap fileExtension=".nc" mimeType="application/x-netcdf" />
-            <mimeMap fileExtension=".nsc" mimeType="video/x-ms-asf" />
-            <mimeMap fileExtension=".nws" mimeType="message/rfc822" />
-            <mimeMap fileExtension=".ocx" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".oda" mimeType="application/oda" />
-            <mimeMap fileExtension=".odc" mimeType="text/x-ms-odc" />
-            <mimeMap fileExtension=".ods" mimeType="application/oleobject" />
-            <mimeMap fileExtension=".oga" mimeType="audio/ogg" />
-            <mimeMap fileExtension=".ogg" mimeType="video/ogg" />
-            <mimeMap fileExtension=".ogv" mimeType="video/ogg" />
-            <mimeMap fileExtension=".one" mimeType="application/onenote" />
-            <mimeMap fileExtension=".onea" mimeType="application/onenote" />
-            <mimeMap fileExtension=".onetoc" mimeType="application/onenote" />
-            <mimeMap fileExtension=".onetoc2" mimeType="application/onenote" />
-            <mimeMap fileExtension=".onetmp" mimeType="application/onenote" />
-            <mimeMap fileExtension=".onepkg" mimeType="application/onenote" />
-            <mimeMap fileExtension=".osdx" mimeType="application/opensearchdescription+xml" />
-            <mimeMap fileExtension=".otf" mimeType="font/otf" />
-            <mimeMap fileExtension=".p10" mimeType="application/pkcs10" />
-            <mimeMap fileExtension=".p12" mimeType="application/x-pkcs12" />
-            <mimeMap fileExtension=".p7b" mimeType="application/x-pkcs7-certificates" />
-            <mimeMap fileExtension=".p7c" mimeType="application/pkcs7-mime" />
-            <mimeMap fileExtension=".p7m" mimeType="application/pkcs7-mime" />
-            <mimeMap fileExtension=".p7r" mimeType="application/x-pkcs7-certreqresp" />
-            <mimeMap fileExtension=".p7s" mimeType="application/pkcs7-signature" />
-            <mimeMap fileExtension=".pbm" mimeType="image/x-portable-bitmap" />
-            <mimeMap fileExtension=".pcx" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".pcz" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".pdf" mimeType="application/pdf" />
-            <mimeMap fileExtension=".pfb" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".pfm" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".pfx" mimeType="application/x-pkcs12" />
-            <mimeMap fileExtension=".pgm" mimeType="image/x-portable-graymap" />
-            <mimeMap fileExtension=".pko" mimeType="application/vnd.ms-pki.pko" />
-            <mimeMap fileExtension=".pma" mimeType="application/x-perfmon" />
-            <mimeMap fileExtension=".pmc" mimeType="application/x-perfmon" />
-            <mimeMap fileExtension=".pml" mimeType="application/x-perfmon" />
-            <mimeMap fileExtension=".pmr" mimeType="application/x-perfmon" />
-            <mimeMap fileExtension=".pmw" mimeType="application/x-perfmon" />
-            <mimeMap fileExtension=".png" mimeType="image/png" />
-            <mimeMap fileExtension=".pnm" mimeType="image/x-portable-anymap" />
-            <mimeMap fileExtension=".pnz" mimeType="image/png" />
-            <mimeMap fileExtension=".pot" mimeType="application/vnd.ms-powerpoint" />
-            <mimeMap fileExtension=".potm" mimeType="application/vnd.ms-powerpoint.template.macroEnabled.12" />
-            <mimeMap fileExtension=".potx" mimeType="application/vnd.openxmlformats-officedocument.presentationml.template" />
-            <mimeMap fileExtension=".ppam" mimeType="application/vnd.ms-powerpoint.addin.macroEnabled.12" />
-            <mimeMap fileExtension=".ppm" mimeType="image/x-portable-pixmap" />
-            <mimeMap fileExtension=".pps" mimeType="application/vnd.ms-powerpoint" />
-            <mimeMap fileExtension=".ppsm" mimeType="application/vnd.ms-powerpoint.slideshow.macroEnabled.12" />
-            <mimeMap fileExtension=".ppsx" mimeType="application/vnd.openxmlformats-officedocument.presentationml.slideshow" />
-            <mimeMap fileExtension=".ppt" mimeType="application/vnd.ms-powerpoint" />
-            <mimeMap fileExtension=".pptm" mimeType="application/vnd.ms-powerpoint.presentation.macroEnabled.12" />
-            <mimeMap fileExtension=".pptx" mimeType="application/vnd.openxmlformats-officedocument.presentationml.presentation" />
-            <mimeMap fileExtension=".prf" mimeType="application/pics-rules" />
-            <mimeMap fileExtension=".prm" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".prx" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".ps" mimeType="application/postscript" />
-            <mimeMap fileExtension=".psd" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".psm" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".psp" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".pub" mimeType="application/x-mspublisher" />
-            <mimeMap fileExtension=".qt" mimeType="video/quicktime" />
-            <mimeMap fileExtension=".qtl" mimeType="application/x-quicktimeplayer" />
-            <mimeMap fileExtension=".qxd" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".ra" mimeType="audio/x-pn-realaudio" />
-            <mimeMap fileExtension=".ram" mimeType="audio/x-pn-realaudio" />
-            <mimeMap fileExtension=".rar" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".ras" mimeType="image/x-cmu-raster" />
-            <mimeMap fileExtension=".rf" mimeType="image/vnd.rn-realflash" />
-            <mimeMap fileExtension=".rgb" mimeType="image/x-rgb" />
-            <mimeMap fileExtension=".rm" mimeType="application/vnd.rn-realmedia" />
-            <mimeMap fileExtension=".rmi" mimeType="audio/mid" />
-            <mimeMap fileExtension=".roff" mimeType="application/x-troff" />
-            <mimeMap fileExtension=".rpm" mimeType="audio/x-pn-realaudio-plugin" />
-            <mimeMap fileExtension=".rtf" mimeType="application/rtf" />
-            <mimeMap fileExtension=".rtx" mimeType="text/richtext" />
-            <mimeMap fileExtension=".scd" mimeType="application/x-msschedule" />
-            <mimeMap fileExtension=".sct" mimeType="text/scriptlet" />
-            <mimeMap fileExtension=".sea" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".setpay" mimeType="application/set-payment-initiation" />
-            <mimeMap fileExtension=".setreg" mimeType="application/set-registration-initiation" />
-            <mimeMap fileExtension=".sgml" mimeType="text/sgml" />
-            <mimeMap fileExtension=".sh" mimeType="application/x-sh" />
-            <mimeMap fileExtension=".shar" mimeType="application/x-shar" />
-            <mimeMap fileExtension=".sit" mimeType="application/x-stuffit" />
-            <mimeMap fileExtension=".sldm" mimeType="application/vnd.ms-powerpoint.slide.macroEnabled.12" />
-            <mimeMap fileExtension=".sldx" mimeType="application/vnd.openxmlformats-officedocument.presentationml.slide" />
-            <mimeMap fileExtension=".smd" mimeType="audio/x-smd" />
-            <mimeMap fileExtension=".smi" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".smx" mimeType="audio/x-smd" />
-            <mimeMap fileExtension=".smz" mimeType="audio/x-smd" />
-            <mimeMap fileExtension=".snd" mimeType="audio/basic" />
-            <mimeMap fileExtension=".snp" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".spc" mimeType="application/x-pkcs7-certificates" />
-            <mimeMap fileExtension=".spl" mimeType="application/futuresplash" />
-            <mimeMap fileExtension=".spx" mimeType="audio/ogg" />
-            <mimeMap fileExtension=".src" mimeType="application/x-wais-source" />
-            <mimeMap fileExtension=".ssm" mimeType="application/streamingmedia" />
-            <mimeMap fileExtension=".sst" mimeType="application/vnd.ms-pki.certstore" />
-            <mimeMap fileExtension=".stl" mimeType="application/vnd.ms-pki.stl" />
-            <mimeMap fileExtension=".sv4cpio" mimeType="application/x-sv4cpio" />
-            <mimeMap fileExtension=".sv4crc" mimeType="application/x-sv4crc" />
-            <mimeMap fileExtension=".svg" mimeType="image/svg+xml" />
-            <mimeMap fileExtension=".svgz" mimeType="image/svg+xml" />
-            <mimeMap fileExtension=".swf" mimeType="application/x-shockwave-flash" />
-            <mimeMap fileExtension=".t" mimeType="application/x-troff" />
-            <mimeMap fileExtension=".tar" mimeType="application/x-tar" />
-            <mimeMap fileExtension=".tcl" mimeType="application/x-tcl" />
-            <mimeMap fileExtension=".tex" mimeType="application/x-tex" />
-            <mimeMap fileExtension=".texi" mimeType="application/x-texinfo" />
-            <mimeMap fileExtension=".texinfo" mimeType="application/x-texinfo" />
-            <mimeMap fileExtension=".tgz" mimeType="application/x-compressed" />
-            <mimeMap fileExtension=".thmx" mimeType="application/vnd.ms-officetheme" />
-            <mimeMap fileExtension=".thn" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".tif" mimeType="image/tiff" />
-            <mimeMap fileExtension=".tiff" mimeType="image/tiff" />
-            <mimeMap fileExtension=".toc" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".tr" mimeType="application/x-troff" />
-            <mimeMap fileExtension=".trm" mimeType="application/x-msterminal" />
-            <mimeMap fileExtension=".ts" mimeType="video/vnd.dlna.mpeg-tts" />
-            <mimeMap fileExtension=".tsv" mimeType="text/tab-separated-values" />
-            <mimeMap fileExtension=".ttf" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".tts" mimeType="video/vnd.dlna.mpeg-tts" />
-            <mimeMap fileExtension=".txt" mimeType="text/plain" />
-            <mimeMap fileExtension=".u32" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".uls" mimeType="text/iuls" />
-            <mimeMap fileExtension=".ustar" mimeType="application/x-ustar" />
-            <mimeMap fileExtension=".vbs" mimeType="text/vbscript" />
-            <mimeMap fileExtension=".vcf" mimeType="text/x-vcard" />
-            <mimeMap fileExtension=".vcs" mimeType="text/plain" />
-            <mimeMap fileExtension=".vdx" mimeType="application/vnd.ms-visio.viewer" />
-            <mimeMap fileExtension=".vml" mimeType="text/xml" />
-            <mimeMap fileExtension=".vsd" mimeType="application/vnd.visio" />
-            <mimeMap fileExtension=".vss" mimeType="application/vnd.visio" />
-            <mimeMap fileExtension=".vst" mimeType="application/vnd.visio" />
-            <mimeMap fileExtension=".vsto" mimeType="application/x-ms-vsto" />
-            <mimeMap fileExtension=".vsw" mimeType="application/vnd.visio" />
-            <mimeMap fileExtension=".vsx" mimeType="application/vnd.visio" />
-            <mimeMap fileExtension=".vtx" mimeType="application/vnd.visio" />
-            <mimeMap fileExtension=".wav" mimeType="audio/wav" />
-            <mimeMap fileExtension=".wax" mimeType="audio/x-ms-wax" />
-            <mimeMap fileExtension=".wbmp" mimeType="image/vnd.wap.wbmp" />
-            <mimeMap fileExtension=".wcm" mimeType="application/vnd.ms-works" />
-            <mimeMap fileExtension=".wdb" mimeType="application/vnd.ms-works" />
-            <mimeMap fileExtension=".webm" mimeType="video/webm" />
-            <mimeMap fileExtension=".wks" mimeType="application/vnd.ms-works" />
-            <mimeMap fileExtension=".wm" mimeType="video/x-ms-wm" />
-            <mimeMap fileExtension=".wma" mimeType="audio/x-ms-wma" />
-            <mimeMap fileExtension=".wmd" mimeType="application/x-ms-wmd" />
-            <mimeMap fileExtension=".wmf" mimeType="application/x-msmetafile" />
-            <mimeMap fileExtension=".wml" mimeType="text/vnd.wap.wml" />
-            <mimeMap fileExtension=".wmlc" mimeType="application/vnd.wap.wmlc" />
-            <mimeMap fileExtension=".wmls" mimeType="text/vnd.wap.wmlscript" />
-            <mimeMap fileExtension=".wmlsc" mimeType="application/vnd.wap.wmlscriptc" />
-            <mimeMap fileExtension=".wmp" mimeType="video/x-ms-wmp" />
-            <mimeMap fileExtension=".wmv" mimeType="video/x-ms-wmv" />
-            <mimeMap fileExtension=".wmx" mimeType="video/x-ms-wmx" />
-            <mimeMap fileExtension=".wmz" mimeType="application/x-ms-wmz" />
-            <mimeMap fileExtension=".woff" mimeType="font/x-woff" />
-            <mimeMap fileExtension=".woff2" mimeType="application/font-woff2" />
-            <mimeMap fileExtension=".wps" mimeType="application/vnd.ms-works" />
-            <mimeMap fileExtension=".wri" mimeType="application/x-mswrite" />
-            <mimeMap fileExtension=".wrl" mimeType="x-world/x-vrml" />
-            <mimeMap fileExtension=".wrz" mimeType="x-world/x-vrml" />
-            <mimeMap fileExtension=".wsdl" mimeType="text/xml" />
-            <mimeMap fileExtension=".wtv" mimeType="video/x-ms-wtv" />
-            <mimeMap fileExtension=".wvx" mimeType="video/x-ms-wvx" />
-            <mimeMap fileExtension=".x" mimeType="application/directx" />
-            <mimeMap fileExtension=".xaf" mimeType="x-world/x-vrml" />
-            <mimeMap fileExtension=".xaml" mimeType="application/xaml+xml" />
-            <mimeMap fileExtension=".xap" mimeType="application/x-silverlight-app" />
-            <mimeMap fileExtension=".xbap" mimeType="application/x-ms-xbap" />
-            <mimeMap fileExtension=".xbm" mimeType="image/x-xbitmap" />
-            <mimeMap fileExtension=".xdr" mimeType="text/plain" />
-            <mimeMap fileExtension=".xht" mimeType="application/xhtml+xml" />
-            <mimeMap fileExtension=".xhtml" mimeType="application/xhtml+xml" />
-            <mimeMap fileExtension=".xla" mimeType="application/vnd.ms-excel" />
-            <mimeMap fileExtension=".xlam" mimeType="application/vnd.ms-excel.addin.macroEnabled.12" />
-            <mimeMap fileExtension=".xlc" mimeType="application/vnd.ms-excel" />
-            <mimeMap fileExtension=".xlm" mimeType="application/vnd.ms-excel" />
-            <mimeMap fileExtension=".xls" mimeType="application/vnd.ms-excel" />
-            <mimeMap fileExtension=".xlsb" mimeType="application/vnd.ms-excel.sheet.binary.macroEnabled.12" />
-            <mimeMap fileExtension=".xlsm" mimeType="application/vnd.ms-excel.sheet.macroEnabled.12" />
-            <mimeMap fileExtension=".xlsx" mimeType="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" />
-            <mimeMap fileExtension=".xlt" mimeType="application/vnd.ms-excel" />
-            <mimeMap fileExtension=".xltm" mimeType="application/vnd.ms-excel.template.macroEnabled.12" />
-            <mimeMap fileExtension=".xltx" mimeType="application/vnd.openxmlformats-officedocument.spreadsheetml.template" />
-            <mimeMap fileExtension=".xlw" mimeType="application/vnd.ms-excel" />
-            <mimeMap fileExtension=".xml" mimeType="text/xml" />
-            <mimeMap fileExtension=".xof" mimeType="x-world/x-vrml" />
-            <mimeMap fileExtension=".xpm" mimeType="image/x-xpixmap" />
-            <mimeMap fileExtension=".xps" mimeType="application/vnd.ms-xpsdocument" />
-            <mimeMap fileExtension=".xsd" mimeType="text/xml" />
-            <mimeMap fileExtension=".xsf" mimeType="text/xml" />
-            <mimeMap fileExtension=".xsl" mimeType="text/xml" />
-            <mimeMap fileExtension=".xslt" mimeType="text/xml" />
-            <mimeMap fileExtension=".xsn" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".xtp" mimeType="application/octet-stream" />
-            <mimeMap fileExtension=".xwd" mimeType="image/x-xwindowdump" />
-            <mimeMap fileExtension=".z" mimeType="application/x-compress" />
-            <mimeMap fileExtension=".zip" mimeType="application/x-zip-compressed" />
-        </staticContent>
-
-        <tracing>
-
-             <traceProviderDefinitions>
-                <add name="WWW Server" guid="{3a2a4e84-4c21-4981-ae10-3fda0d9b0f83}">
-                    <areas>
-                        <clear />
-                        <add name="Authentication" value="2" />
-                        <add name="Security" value="4" />
-                        <add name="Filter" value="8" />
-                        <add name="StaticFile" value="16" />
-                        <add name="CGI" value="32" />
-                        <add name="Compression" value="64" />
-                        <add name="Cache" value="128" />
-                        <add name="RequestNotifications" value="256" />
-                        <add name="Module" value="512" />
-                        <add name="Rewrite" value="1024" />
-                        <add name="FastCGI" value="4096" />
-                        <add name="WebSocket" value="16384" />
-                    </areas>
-                </add>
-                <add name="ASP" guid="{06b94d9a-b15e-456e-a4ef-37c984a2cb4b}">
-                    <areas>
-                        <clear />
-                    </areas>
-                </add>
-                <add name="ISAPI Extension" guid="{a1c2040e-8840-4c31-ba11-9871031a19ea}">
-                    <areas>
-                        <clear />
-                    </areas>
-                </add>
-                <add name="ASPNET" guid="{AFF081FE-0247-4275-9C4E-021F3DC1DA35}">
-                    <areas>
-                        <add name="Infrastructure" value="1" />
-                        <add name="Module" value="2" />
-                        <add name="Page" value="4" />
-                        <add name="AppServices" value="8" />
-                    </areas>
-                </add>
-            </traceProviderDefinitions>
-
-            <traceFailedRequests>
-                <add path="*">
-                    <traceAreas>
-                        <add provider="ASP" verbosity="Verbose" />
-                        <add provider="ASPNET" areas="Infrastructure,Module,Page,AppServices" verbosity="Verbose" />
-                        <add provider="ISAPI Extension" verbosity="Verbose" />
-                        <add provider="WWW Server" areas="Authentication,Security,Filter,StaticFile,CGI,Compression,Cache,RequestNotifications,Module,Rewrite,WebSocket" verbosity="Verbose" />
-                    </traceAreas>
-                    <failureDefinitions statusCodes="200-999" />
-                </add>
-            </traceFailedRequests>
-
-        </tracing>
-
-        <urlCompression />
-
-        <validation />
-        <webdav>
-            <globalSettings>
-                <propertyStores>
-                    <add name="webdav_simple_prop" image="%IIS_BIN%\webdav_simple_prop.dll" image32="%IIS_BIN%\webdav_simple_prop.dll" />
-                </propertyStores>
-                <lockStores>
-                    <add name="webdav_simple_lock" image="%IIS_BIN%\webdav_simple_lock.dll" image32="%IIS_BIN%\webdav_simple_lock.dll" />
-                </lockStores>
-
-            </globalSettings>
-            <authoring>
-                <locks enabled="true" lockStore="webdav_simple_lock" />
-            </authoring>
-            <authoringRules />
-        </webdav>
-        <webSocket />
-        <applicationInitialization />
-
-    </system.webServer>
-    <location path="" overrideMode="Allow">
-        <system.webServer>
-            <modules>
-                <add name="IsapiFilterModule" lockItem="true" />
-                <add name="BasicAuthenticationModule" lockItem="true" />
-                <add name="IsapiModule" lockItem="true" />
-                <add name="HttpLoggingModule" lockItem="true" />
-<!--
-                <add name="HttpCacheModule" lockItem="true" />
--->
-                <add name="DynamicCompressionModule" lockItem="true" />
-                <add name="StaticCompressionModule" lockItem="true" />
-                <add name="DefaultDocumentModule" lockItem="true" />
-                <add name="DirectoryListingModule" lockItem="true" />
-                <add name="ProtocolSupportModule" lockItem="true" />
-                <add name="HttpRedirectionModule" lockItem="true" />
-                <add name="ServerSideIncludeModule" lockItem="true" />
-                <add name="StaticFileModule" lockItem="true" />
-                <add name="AnonymousAuthenticationModule" lockItem="true" />
-                <add name="CertificateMappingAuthenticationModule" lockItem="true" />
-                <add name="UrlAuthorizationModule" lockItem="true" />
-                <add name="WindowsAuthenticationModule" lockItem="true" />
-<!--
-                <add name="DigestAuthenticationModule" lockItem="true" />
--->
-                <add name="IISCertificateMappingAuthenticationModule" lockItem="true" />
-                <add name="WebMatrixSupportModule" lockItem="true" />
-                <add name="IpRestrictionModule" lockItem="true" />
-                <add name="DynamicIpRestrictionModule" lockItem="true" />
-                <add name="RequestFilteringModule" lockItem="true" />
-                <add name="CustomLoggingModule" lockItem="true" />
-                <add name="CustomErrorModule" lockItem="true" />
-                <add name="FailedRequestsTracingModule" lockItem="true" />
-                <add name="CgiModule" lockItem="true" />
-                <add name="FastCgiModule" lockItem="true" />
-<!--                <add name="WebDAVModule" /> -->
-                <add name="RewriteModule" /> 
-                <add name="OutputCache" type="System.Web.Caching.OutputCacheModule" preCondition="managedHandler" />
-                <add name="Session" type="System.Web.SessionState.SessionStateModule" preCondition="managedHandler" />
-                <add name="WindowsAuthentication" type="System.Web.Security.WindowsAuthenticationModule" preCondition="managedHandler" />
-                <add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" preCondition="managedHandler" />
-                <add name="DefaultAuthentication" type="System.Web.Security.DefaultAuthenticationModule" preCondition="managedHandler" />
-                <add name="RoleManager" type="System.Web.Security.RoleManagerModule" preCondition="managedHandler" />
-                <add name="UrlAuthorization" type="System.Web.Security.UrlAuthorizationModule" preCondition="managedHandler" />
-                <add name="FileAuthorization" type="System.Web.Security.FileAuthorizationModule" preCondition="managedHandler" />
-                <add name="AnonymousIdentification" type="System.Web.Security.AnonymousIdentificationModule" preCondition="managedHandler" />
-                <add name="Profile" type="System.Web.Profile.ProfileModule" preCondition="managedHandler" />
-                <add name="UrlMappingsModule" type="System.Web.UrlMappingsModule" preCondition="managedHandler" />
-                <add name="ApplicationInitializationModule" lockItem="true" />
-                <add name="WebSocketModule" lockItem="true" />
-                <add name="ServiceModel-4.0" type="System.ServiceModel.Activation.ServiceHttpModule,System.ServiceModel.Activation,Version=4.0.0.0,Culture=neutral,PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler,runtimeVersionv4.0" />
-                <add name="ConfigurationValidationModule" lockItem="true" />
-                <add name="UrlRoutingModule-4.0" type="System.Web.Routing.UrlRoutingModule" preCondition="managedHandler,runtimeVersionv4.0" />
-                <add name="ScriptModule-4.0" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler,runtimeVersionv4.0" />
-            </modules>
-            <handlers accessPolicy="Read, Script">
-<!--                <add name="WebDAV" path="*" verb="PROPFIND,PROPPATCH,MKCOL,PUT,COPY,DELETE,MOVE,LOCK,UNLOCK" modules="WebDAVModule" resourceType="Unspecified" requireAccess="None" /> -->
-                <add name="AXD-ISAPI-4.0_64bit" path="*.axd" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="PageHandlerFactory-ISAPI-4.0_64bit" path="*.aspx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="SimpleHandlerFactory-ISAPI-4.0_64bit" path="*.ashx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="WebServiceHandlerFactory-ISAPI-4.0_64bit" path="*.asmx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="HttpRemotingHandlerFactory-rem-ISAPI-4.0_64bit" path="*.rem" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="HttpRemotingHandlerFactory-soap-ISAPI-4.0_64bit" path="*.soap" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="svc-ISAPI-4.0_64bit" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
-                <add name="rules-ISAPI-4.0_64bit" path="*.rules" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
-                <add name="xoml-ISAPI-4.0_64bit" path="*.xoml" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
-                <add name="xamlx-ISAPI-4.0_64bit" path="*.xamlx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
-                <add name="aspq-ISAPI-4.0_64bit" path="*.aspq" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="cshtm-ISAPI-4.0_64bit" path="*.cshtm" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="cshtml-ISAPI-4.0_64bit" path="*.cshtml" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="vbhtm-ISAPI-4.0_64bit" path="*.vbhtm" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="vbhtml-ISAPI-4.0_64bit" path="*.vbhtml" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="AXD-ISAPI-4.0_32bit" path="*.axd" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="PageHandlerFactory-ISAPI-4.0_32bit" path="*.aspx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="SimpleHandlerFactory-ISAPI-4.0_32bit" path="*.ashx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="WebServiceHandlerFactory-ISAPI-4.0_32bit" path="*.asmx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="HttpRemotingHandlerFactory-rem-ISAPI-4.0_32bit" path="*.rem" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="HttpRemotingHandlerFactory-soap-ISAPI-4.0_32bit" path="*.soap" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="svc-ISAPI-4.0_32bit" path="*.svc" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
-                <add name="rules-ISAPI-4.0_32bit" path="*.rules" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
-                <add name="xoml-ISAPI-4.0_32bit" path="*.xoml" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
-                <add name="xamlx-ISAPI-4.0_32bit" path="*.xamlx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
-                <add name="aspq-ISAPI-4.0_32bit" path="*.aspq" verb="*" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="cshtm-ISAPI-4.0_32bit" path="*.cshtm" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="cshtml-ISAPI-4.0_32bit" path="*.cshtml" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="vbhtm-ISAPI-4.0_32bit" path="*.vbhtm" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="vbhtml-ISAPI-4.0_32bit" path="*.vbhtml" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="TraceHandler-Integrated-4.0" path="trace.axd" verb="GET,HEAD,POST,DEBUG" type="System.Web.Handlers.TraceHandler" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="WebAdminHandler-Integrated-4.0" path="WebAdmin.axd" verb="GET,DEBUG" type="System.Web.Handlers.WebAdminHandler" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="AssemblyResourceLoader-Integrated-4.0" path="WebResource.axd" verb="GET,DEBUG" type="System.Web.Handlers.AssemblyResourceLoader" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="PageHandlerFactory-Integrated-4.0" path="*.aspx" verb="GET,HEAD,POST,DEBUG" type="System.Web.UI.PageHandlerFactory" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="SimpleHandlerFactory-Integrated-4.0" path="*.ashx" verb="GET,HEAD,POST,DEBUG" type="System.Web.UI.SimpleHandlerFactory" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="WebServiceHandlerFactory-Integrated-4.0" path="*.asmx" verb="GET,HEAD,POST,DEBUG" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="HttpRemotingHandlerFactory-rem-Integrated-4.0" path="*.rem" verb="GET,HEAD,POST,DEBUG" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory, System.Runtime.Remoting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="HttpRemotingHandlerFactory-soap-Integrated-4.0" path="*.soap" verb="GET,HEAD,POST,DEBUG" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory, System.Runtime.Remoting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="svc-Integrated-4.0" path="*.svc" verb="*" type="System.ServiceModel.Activation.ServiceHttpHandlerFactory, System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="rules-Integrated-4.0" path="*.rules" verb="*" type="System.ServiceModel.Activation.ServiceHttpHandlerFactory, System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="xoml-Integrated-4.0" path="*.xoml" verb="*" type="System.ServiceModel.Activation.ServiceHttpHandlerFactory, System.ServiceModel.Activation, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="xamlx-Integrated-4.0" path="*.xamlx" verb="GET,HEAD,POST,DEBUG" type="System.Xaml.Hosting.XamlHttpHandlerFactory, System.Xaml.Hosting, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="aspq-Integrated-4.0" path="*.aspq" verb="GET,HEAD,POST,DEBUG" type="System.Web.HttpForbiddenHandler" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="cshtm-Integrated-4.0" path="*.cshtm" verb="GET,HEAD,POST,DEBUG" type="System.Web.HttpForbiddenHandler" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="cshtml-Integrated-4.0" path="*.cshtml" verb="GET,HEAD,POST,DEBUG" type="System.Web.HttpForbiddenHandler" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="vbhtm-Integrated-4.0" path="*.vbhtm" verb="GET,HEAD,POST,DEBUG" type="System.Web.HttpForbiddenHandler" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="vbhtml-Integrated-4.0" path="*.vbhtml" verb="GET,HEAD,POST,DEBUG" type="System.Web.HttpForbiddenHandler" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="ScriptHandlerFactoryAppServices-Integrated-4.0" path="*_AppService.axd" verb="*" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="ScriptResourceIntegrated-4.0" path="*ScriptResource.axd" verb="GET,HEAD" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" preCondition="integratedMode,runtimeVersionv4.0" />
-                <add name="ASPClassic" path="*.asp" verb="GET,HEAD,POST" modules="IsapiModule" scriptProcessor="%IIS_BIN%\asp.dll" resourceType="File" />
-                <add name="SecurityCertificate" path="*.cer" verb="GET,HEAD,POST" modules="IsapiModule" scriptProcessor="%IIS_BIN%\asp.dll" resourceType="File" />
-                <add name="ISAPI-dll" path="*.dll" verb="*" modules="IsapiModule" resourceType="File" requireAccess="Execute" allowPathInfo="true" />
-                <add name="TraceHandler-Integrated" path="trace.axd" verb="GET,HEAD,POST,DEBUG" type="System.Web.Handlers.TraceHandler" preCondition="integratedMode,runtimeVersionv2.0" />
-                <add name="WebAdminHandler-Integrated" path="WebAdmin.axd" verb="GET,DEBUG" type="System.Web.Handlers.WebAdminHandler" preCondition="integratedMode,runtimeVersionv2.0" />
-                <add name="AssemblyResourceLoader-Integrated" path="WebResource.axd" verb="GET,DEBUG" type="System.Web.Handlers.AssemblyResourceLoader" preCondition="integratedMode,runtimeVersionv2.0" />
-                <add name="PageHandlerFactory-Integrated" path="*.aspx" verb="GET,HEAD,POST,DEBUG" type="System.Web.UI.PageHandlerFactory" preCondition="integratedMode,runtimeVersionv2.0" />
-                <add name="SimpleHandlerFactory-Integrated" path="*.ashx" verb="GET,HEAD,POST,DEBUG" type="System.Web.UI.SimpleHandlerFactory" preCondition="integratedMode,runtimeVersionv2.0" />
-                <add name="WebServiceHandlerFactory-Integrated" path="*.asmx" verb="GET,HEAD,POST,DEBUG" type="System.Web.Services.Protocols.WebServiceHandlerFactory,System.Web.Services,Version=2.0.0.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a" preCondition="integratedMode,runtimeVersionv2.0" />
-                <add name="HttpRemotingHandlerFactory-rem-Integrated" path="*.rem" verb="GET,HEAD,POST,DEBUG" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory,System.Runtime.Remoting,Version=2.0.0.0,Culture=neutral,PublicKeyToken=b77a5c561934e089" preCondition="integratedMode,runtimeVersionv2.0" />
-                <add name="HttpRemotingHandlerFactory-soap-Integrated" path="*.soap" verb="GET,HEAD,POST,DEBUG" type="System.Runtime.Remoting.Channels.Http.HttpRemotingHandlerFactory,System.Runtime.Remoting,Version=2.0.0.0,Culture=neutral,PublicKeyToken=b77a5c561934e089" preCondition="integratedMode,runtimeVersionv2.0" />
-                <add name="AXD-ISAPI-2.0" path="*.axd" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
-                <add name="PageHandlerFactory-ISAPI-2.0" path="*.aspx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
-                <add name="SimpleHandlerFactory-ISAPI-2.0" path="*.ashx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
-                <add name="WebServiceHandlerFactory-ISAPI-2.0" path="*.asmx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
-                <add name="HttpRemotingHandlerFactory-rem-ISAPI-2.0" path="*.rem" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
-                <add name="HttpRemotingHandlerFactory-soap-ISAPI-2.0" path="*.soap" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness32" responseBufferLimit="0" />
-                <add name="AXD-ISAPI-2.0-64" path="*.axd" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
-                <add name="PageHandlerFactory-ISAPI-2.0-64" path="*.aspx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
-                <add name="SimpleHandlerFactory-ISAPI-2.0-64" path="*.ashx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
-                <add name="WebServiceHandlerFactory-ISAPI-2.0-64" path="*.asmx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
-                <add name="HttpRemotingHandlerFactory-rem-ISAPI-2.0-64" path="*.rem" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
-                <add name="HttpRemotingHandlerFactory-soap-ISAPI-2.0-64" path="*.soap" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv2.0,bitness64" responseBufferLimit="0" />
-                <add name="CGI-exe" path="*.exe" verb="*" modules="CgiModule" resourceType="File" requireAccess="Execute" allowPathInfo="true" />
-                <add name="SSINC-stm" path="*.stm" verb="GET,HEAD,POST" modules="ServerSideIncludeModule" resourceType="File" />
-                <add name="SSINC-shtm" path="*.shtm" verb="GET,HEAD,POST" modules="ServerSideIncludeModule" resourceType="File" />
-                <add name="SSINC-shtml" path="*.shtml" verb="GET,HEAD,POST" modules="ServerSideIncludeModule" resourceType="File" />
-                <add name="TRACEVerbHandler" path="*" verb="TRACE" modules="ProtocolSupportModule" requireAccess="None" />
-                <add name="OPTIONSVerbHandler" path="*" verb="OPTIONS" modules="ProtocolSupportModule" requireAccess="None" />
-                <add name="ExtensionlessUrl-ISAPI-4.0_32bit" path="*." verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
-                <add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
-                <add name="ExtensionlessUrl-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" responseBufferLimit="0" />
-                <add name="StaticFile" path="*" verb="*" modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule" resourceType="Either" requireAccess="Read" />
-            </handlers>
-        </system.webServer>
-    </location>
-</configuration>

From abd67c19bde17f6786ba07f200f162878defe7db Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Sun, 14 Jun 2015 16:16:19 -0700
Subject: [PATCH 18/19] Cleanup

---
 samples/OpenIdConnectSample/Startup.cs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/samples/OpenIdConnectSample/Startup.cs b/samples/OpenIdConnectSample/Startup.cs
index 3c3119b78..2077d802b 100644
--- a/samples/OpenIdConnectSample/Startup.cs
+++ b/samples/OpenIdConnectSample/Startup.cs
@@ -5,6 +5,7 @@
 using Microsoft.AspNet.Authentication.Cookies;
 using Microsoft.AspNet.Authentication.OpenIdConnect;
 using Microsoft.Framework.DependencyInjection;
+using Microsoft.Framework.Logging;
 
 namespace OpenIdConnectSample
 {

From 37208ce93f2b749e549363b60e4d0a08e4e18f4c Mon Sep 17 00:00:00 2001
From: tushar gupta <tushargupta51@gmail.com>
Date: Tue, 16 Jun 2015 18:24:27 -0700
Subject: [PATCH 19/19] updating the redirect uri, adding test for getuserInfo
 and some other minor changes.

---
 .../OpenIdConnectAuthenticationHandler.cs     |  61 ++++++-----
 .../OpenIdConnectHandlerTests.cs              | 103 +++++++++++++++++-
 2 files changed, 134 insertions(+), 30 deletions(-)

diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
index ebde50eeb..61a9f87e5 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationHandler.cs
@@ -193,6 +193,12 @@ protected override async Task ApplyResponseChallengeAsync()
                 State = OpenIdConnectAuthenticationDefaults.AuthenticationPropertiesKey + "=" + UrlEncoder.UrlEncode(Options.StateDataFormat.Protect(properties))
             };
 
+            // if response_type=code, nonce is not required.
+            if (Options.ResponseType.Equals(OpenIdConnectResponseTypes.Code))
+            {
+                Options.ProtocolValidator.RequireNonce = false;
+            }
+
             if (Options.ProtocolValidator.RequireNonce)
             {
                 message.Nonce = Options.ProtocolValidator.GenerateNonce();
@@ -317,8 +323,8 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                     return null;
                 }
 
-                var isCodeOnlyFlow = (properties.Items.ContainsKey(OpenIdConnectParameterNames.ResponseType) ? 
-                    (properties.Items[OpenIdConnectParameterNames.ResponseType] == OpenIdConnectResponseTypes.CodeOnly) : false);
+                var isCodeOnlyFlow = properties.Items.ContainsKey(OpenIdConnectParameterNames.ResponseType) ?
+                    (properties.Items[OpenIdConnectParameterNames.ResponseType] == OpenIdConnectResponseTypes.Code) : false;
 
                 // devs will need to hook AuthenticationFailedNotification to avoid having 'raw' runtime errors displayed to users.
                 if (!string.IsNullOrWhiteSpace(message.Error))
@@ -341,7 +347,10 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                 {
                     Logger.LogDebug(Resources.OIDCH_0037_Redeeming_Auth_Code, message.Code);
 
-                    tokens = await RedeemAuthorizationCode(message.Code);
+                    var redirectUri = properties.Items.ContainsKey(OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey) ? 
+                       properties.Items[OpenIdConnectAuthenticationDefaults.RedirectUriUsedForCodeKey] : Options.RedirectUri;
+
+                    tokens = await RedeemAuthorizationCode(message.Code, redirectUri);
                     if (tokens != null)
                     {
                         message.IdToken = tokens.IdToken;
@@ -462,33 +471,31 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
                         return null;
                     }
 
-                    string nonce = jwt.Payload.Nonce;
-                    if (Options.NonceCache != null)
+                    // If id_token is received using code only flow, no need to validate chash and nonce.
+                    if (!isCodeOnlyFlow)
                     {
-                        // if the nonce cannot be removed, it was used
-                        if (!Options.NonceCache.TryRemoveNonce(nonce))
+                        string nonce = jwt.Payload.Nonce;
+                        if (Options.NonceCache != null)
                         {
-                            nonce = null;
+                            // if the nonce cannot be removed, it was used
+                            if (!Options.NonceCache.TryRemoveNonce(nonce))
+                            {
+                                nonce = null;
+                            }
+                        }
+                        else
+                        {
+                            nonce = ReadNonceCookie(nonce);
                         }
-                    }
-                    else
-                    {
-                        nonce = ReadNonceCookie(nonce);
-                    }
 
-                    var protocolValidationContext = new OpenIdConnectProtocolValidationContext
-                    {
-                        AuthorizationCode = message.Code,
-                        Nonce = nonce,
-                    };
-                    
-                    // If id_token is received using code only flow, no need to validate chash as it is not returned in the response. Setting authorizationCode to null will skip the validation of chash.
-                    if (isCodeOnlyFlow)
-                    {
-                        protocolValidationContext.AuthorizationCode = null;
-                    }
+                        var protocolValidationContext = new OpenIdConnectProtocolValidationContext
+                        {
+                            AuthorizationCode = message.Code,
+                            Nonce = nonce,
+                        };
 
-                    Options.ProtocolValidator.Validate(jwt, protocolValidationContext);
+                        Options.ProtocolValidator.Validate(jwt, protocolValidationContext);
+                    }
                 }
 
                 if (message.Code != null)
@@ -559,7 +566,7 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync()
             }
         }
 
-        protected virtual async Task<OpenIdConnectMessage> RedeemAuthorizationCode(string authorizationCode)
+        protected virtual async Task<OpenIdConnectMessage> RedeemAuthorizationCode(string authorizationCode, string redirectUri)
         {
             var openIdMessage = new OpenIdConnectMessage()
             {
@@ -567,7 +574,7 @@ protected virtual async Task<OpenIdConnectMessage> RedeemAuthorizationCode(strin
                 ClientSecret = Options.ClientSecret,
                 Code = authorizationCode,
                 GrantType = "authorization_code",
-                RedirectUri = Options.RedirectUri
+                RedirectUri = redirectUri
             };
 
             var requestMessage = new HttpRequestMessage(HttpMethod.Post, _configuration.TokenEndpoint);
diff --git a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
index 6cf85f8ce..6cc2afd4a 100644
--- a/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
+++ b/test/Microsoft.AspNet.Authentication.Test/OpenIdConnect/OpenIdConnectHandlerTests.cs
@@ -7,6 +7,8 @@
 
 using System;
 using System.Collections.Generic;
+using System.Collections.ObjectModel;
+using System.IdentityModel.Tokens;
 using System.Net.Http;
 using System.Security.Claims;
 using System.Threading.Tasks;
@@ -64,7 +66,8 @@ static OpenIdConnectHandlerTests()
                     { "OIDCH_0019:", LogLevel.Debug },
                     { "OIDCH_0020:", LogLevel.Debug },
                     { "OIDCH_0026:", LogLevel.Error },
-                    { "OIDCH_0037:", LogLevel.Debug }
+                    { "OIDCH_0037:", LogLevel.Debug },
+                    { "OIDCH_0039:", LogLevel.Debug }
                 };
 
             BuildLogEntryList();
@@ -164,6 +167,9 @@ public async Task AuthenticateCore()
             logsEntriesExpected = new int[] { 0, 1, 7, 22, 20, 8};
             await RunVariation(LogLevel.Debug, message, CodeReceivedAndRedeemedHandledOptions, errors, logsEntriesExpected);
 
+            logsEntriesExpected = new int[] { 0, 1, 7, 22, 20, 23, 12 };
+            await RunVariation(LogLevel.Debug, message, GetUserInfoFromUIEndpoint, errors, logsEntriesExpected);
+
 #if _Verbose
             Console.WriteLine("\n ===== \n");
             DisplayErrors(errors);
@@ -327,7 +333,8 @@ private static void CodeReceivedHandledOptions(OpenIdConnectAuthenticationOption
         private static void CodeReceivedAndRedeemedHandledOptions(OpenIdConnectAuthenticationOptions options)
         {
             DefaultOptions(options);
-            options.ResponseType = OpenIdConnectResponseTypes.CodeOnly;
+            options.ResponseType = OpenIdConnectResponseTypes.Code;
+            options.StateDataFormat = new CodeOnlyAuthenticationPropertiesFormater();
             options.Notifications =
                 new OpenIdConnectAuthenticationNotifications
                 {
@@ -361,6 +368,29 @@ private static void DefaultOptions(OpenIdConnectAuthenticationOptions options)
 
         }
 
+        private static void GetUserInfoFromUIEndpoint(OpenIdConnectAuthenticationOptions options)
+        {
+            DefaultOptions(options);
+            options.ResponseType = OpenIdConnectResponseTypes.Code;
+            options.StateDataFormat = new CodeOnlyAuthenticationPropertiesFormater();
+            options.GetClaimsFromUserInfoEndpoint = true;
+            options.SecurityTokenValidators = new Collection<ISecurityTokenValidator> { new CustomSecurityTokenValidator() };
+            options.Notifications =
+                new OpenIdConnectAuthenticationNotifications
+                {
+                    SecurityTokenValidated = (notification) =>
+                    {
+                        var claimValue = notification.AuthenticationTicket.Principal.FindFirst("test claim");
+                        if (!claimValue.Value.Equals("test value"))
+                        {
+                            throw new Exception("GetUserInformationAsync: claim added from UI endpoint does not match.");
+                        }
+                        notification.HandleResponse();
+                        return Task.FromResult<object>(null);
+                    }
+                };
+        }
+
         private static void MessageReceivedHandledOptions(OpenIdConnectAuthenticationOptions options)
         {
             DefaultOptions(options);
@@ -597,7 +627,7 @@ protected override async Task ApplyResponseChallengeAsync()
             await Options.Notifications.RedirectToIdentityProvider(redirectToIdentityProviderNotification);
         }
 
-        protected override async Task<OpenIdConnectMessage> RedeemAuthorizationCode(string authorizationCode)
+        protected override async Task<OpenIdConnectMessage> RedeemAuthorizationCode(string authorizationCode, string redirectUri)
         {
             return new OpenIdConnectMessage()
             {
@@ -605,6 +635,19 @@ protected override async Task<OpenIdConnectMessage> RedeemAuthorizationCode(stri
             };
         }
 
+        protected override async Task<AuthenticationTicket> GetUserInformationAsync(AuthenticationProperties properties, OpenIdConnectMessage message, AuthenticationTicket ticket)
+        {
+            var claimsIdentity = (ClaimsIdentity)ticket.Principal.Identity;
+            if (claimsIdentity == null)
+            {
+                claimsIdentity = new ClaimsIdentity();
+            }
+            claimsIdentity.AddClaim(new Claim("test claim", "test value"));
+            ticket.Principal.AddIdentity(claimsIdentity);
+            return ticket;
+        }
+
+
     }
 
     /// <summary>
@@ -758,6 +801,25 @@ AuthenticationProperties ISecureDataFormat<AuthenticationProperties>.Unprotect(s
         }
     }
 
+    /// <summary>
+    /// Processing a <see cref="OpenIdConnectMessage"/> requires 'unprotecting' the state.
+    /// This class side-steps that process.
+    /// </summary>
+    public class CodeOnlyAuthenticationPropertiesFormater : ISecureDataFormat<AuthenticationProperties>
+    {
+        public string Protect(AuthenticationProperties data)
+        {
+            return "protectedData";
+        }
+
+        AuthenticationProperties ISecureDataFormat<AuthenticationProperties>.Unprotect(string protectedText)
+        {
+            var properties = new AuthenticationProperties();
+            properties.Items.Add(OpenIdConnectParameterNames.ResponseType, OpenIdConnectResponseTypes.Code);
+            return properties;
+        }
+    }
+
     /// <summary>
     /// Used to set up different configurations of metadata for different tests
     /// </summary>
@@ -771,4 +833,39 @@ static public IConfigurationManager<OpenIdConnectConfiguration> DefaultStaticCon
            get { return new StaticConfigurationManager<OpenIdConnectConfiguration>(new OpenIdConnectConfiguration()); }
         }
     }
+
+    public class CustomSecurityTokenValidator : ISecurityTokenValidator
+    {
+        public bool CanValidateToken
+        {
+            get
+            {
+                return true;
+            }
+        }
+
+        public int MaximumTokenSizeInBytes
+        {
+            get
+            {
+                return TokenValidationParameters.DefaultMaximumTokenSizeInBytes;
+            }
+
+            set
+            {
+                MaximumTokenSizeInBytes = value;
+            }
+        }
+
+        public bool CanReadToken(string securityToken)
+        {
+            return true;
+        }
+
+        public ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, out SecurityToken validatedToken)
+        {
+            validatedToken = new JwtSecurityToken();
+            return new ClaimsPrincipal();
+        }
+    }
 }