Update Wilson7 branch #49524
Merged
Update Wilson7 branch #49524
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Default to using new handlers Changes from API review
dotnet-issue-labeler
bot
added
the
area-auth
keegan-caruso
commented
Jul 19, 2023
| @@ -208,5 +209,5 @@ public TokenValidationParameters TokenValidationParameters | |||
| /// <para>The default token handler for JsonWebTokens is a <see cref="JsonWebTokenHandler"/> which is faster than a <see cref="JwtSecurityTokenHandler"/>.</para> | |||
| /// <para>There is an ability to make use of a Last-Known-Good model for metadata that protects applications when metadata is published with errors.</para> | |||
| /// </remarks> | |||
| public bool UseTokenHandlers { get; set; } | |||
| public bool UseSecurityTokenHandlers { get; set; } | |||
There was a problem hiding this comment.
Note: naming is slightly different than what was called out in API review because API review mistakenly used the name 'SecurityTokenValidators ' where for wsfed it is called 'SecurityTokenHandlers'
There was a problem hiding this comment.
which are not the TokenHandler unfortunately.
I wonder if, for the sake of simplicity and uniformity, we shouldn't keep UseSecurityTokenValidators even for WsFed ... just a suggestion.
Although looking at the code .. probably not.
keegan-caruso
commented
Jul 19, 2023
| } | ||
|
|
||
| [Fact] | ||
| public async Task ExpirationAndIssuedWhenMinOrMaxValue() |
There was a problem hiding this comment.
Note: behavior is slightly different than:
As JsonWebToken correctly handles datetimes represented by greater than int32 values
jennyf19
reviewed
Jul 19, 2023
| @@ -111,6 +113,7 @@ public new JwtBearerEvents Events | |||
| /// <summary> | |||
| /// Gets the ordered list of <see cref="ISecurityTokenValidator"/> used to validate access tokens. | |||
| /// </summary> | |||
| [Obsolete("SecurityTokenValidators is no longer used by default. Use TokenHandlers instead. To continue using SecurityTokenValidators, set UseSecurityTokenValidators to true.")] | |||
There was a problem hiding this comment.
do we want to include an aka.ms link w/more details? @jmprieur
There was a problem hiding this comment.
@keegan-caruso @jennyf19
What about: https://aka.ms/aspnetcore8/security-token-changes
(already links to the breaking change announcement)
jennyf19
approved these changes
Jul 19, 2023
Great work, 
jmprieur
approved these changes
Jul 19, 2023
| @@ -208,5 +209,5 @@ public TokenValidationParameters TokenValidationParameters | |||
| /// <para>The default token handler for JsonWebTokens is a <see cref="JsonWebTokenHandler"/> which is faster than a <see cref="JwtSecurityTokenHandler"/>.</para> | |||
| /// <para>There is an ability to make use of a Last-Known-Good model for metadata that protects applications when metadata is published with errors.</para> | |||
| /// </remarks> | |||
| public bool UseTokenHandlers { get; set; } | |||
| public bool UseSecurityTokenHandlers { get; set; } | |||
There was a problem hiding this comment.
which are not the TokenHandler unfortunately.
I wonder if, for the sake of simplicity and uniformity, we shouldn't keep UseSecurityTokenValidators even for WsFed ... just a suggestion.
Although looking at the code .. probably not.
jmprieur
approved these changes
Jul 20, 2023
|
Merging this to the |
wtgodbe
pushed a commit
that referenced
this pull request
Jul 21, 2023
…49542) * Option to use JsonWebTokenHandler in OpenIdConnectHandler * fix sample * split event tests * update IdentityModel to 6.31.0 * Added JsonWebTokenHandler and TokenHandlers (#48857) Co-authored-by: Brent Schmaltz <brentsch@hotmail.com> * adjust for claims mapping remove using System * moved api's to unshipped * Addressed PR comments * Removed setter. * Use 7.0.0-preview for identity model libraries * fix bild break, useTokenHanlders default false. * use var for identitymodel versions * Move new apis to unshipped * Increase key size to 256 bits or HMAC will fail. * update version of identity model libraries (#49349) Co-authored-by: Keegan Caruso <keegancaruso@microsoft.com> * Update Wilson7 branch (#49491) * SymmetricSecurityKey needs 32 bytes * Update source-build-externals dependencies --------- Co-authored-by: Keegan Caruso <keegancaruso@microsoft.com> * Update Wilson7 branch (#49524) * Update Wilson7 branch Default to using new handlers Changes from API review * Handle obsolete members * Handle obsolete members in tests * Add aka.ms link --------- Co-authored-by: Keegan Caruso <keegancaruso@microsoft.com> * Changes from API review * Comments from review --------- Co-authored-by: Keegan Caruso <keegancaruso@microsoft.com> Co-authored-by: Brent Schmaltz <brentsch@hotmail.com> Co-authored-by: BrentSchmaltz <brentschmaltz@hotmail.com> Co-authored-by: Safia Abdalla <safia@microsoft.com>
eerhardt
pushed a commit
that referenced
this pull request
Jul 21, 2023
…49541) * Option to use JsonWebTokenHandler in OpenIdConnectHandler * fix sample * split event tests * update IdentityModel to 6.31.0 * Added JsonWebTokenHandler and TokenHandlers (#48857) Co-authored-by: Brent Schmaltz <brentsch@hotmail.com> * adjust for claims mapping remove using System * moved api's to unshipped * Addressed PR comments * Removed setter. * Use 7.0.0-preview for identity model libraries * fix bild break, useTokenHanlders default false. * use var for identitymodel versions * Move new apis to unshipped * Increase key size to 256 bits or HMAC will fail. * update version of identity model libraries (#49349) Co-authored-by: Keegan Caruso <keegancaruso@microsoft.com> * Update Wilson7 branch (#49491) * SymmetricSecurityKey needs 32 bytes * Update source-build-externals dependencies --------- Co-authored-by: Keegan Caruso <keegancaruso@microsoft.com> * Update Wilson7 branch (#49524) * Update Wilson7 branch Default to using new handlers Changes from API review * Handle obsolete members * Handle obsolete members in tests * Add aka.ms link --------- Co-authored-by: Keegan Caruso <keegancaruso@microsoft.com> * Changes from API review * Comments from review --------- Co-authored-by: Keegan Caruso <keegancaruso@microsoft.com> Co-authored-by: Brent Schmaltz <brentsch@hotmail.com> Co-authored-by: BrentSchmaltz <brentschmaltz@hotmail.com> Co-authored-by: Safia Abdalla <safia@microsoft.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Update Wilson7 branch
Description
Default to using new handlers
Changes from API review