React to API/naming changes in aspnet/Security and aspnet/Identity

ace166fa31 ef6dd41384 c8849685cf
10 years ago · ed1a221629
3 changed files with 12 additions and 15 deletions
--- a/samples/Mvc.Client/Controllers/HomeController.cs
+++ b/samples/Mvc.Client/Controllers/HomeController.cs
@ -3,6 +3,7 @@ using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Threading;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;

@ -16,8 +17,14 @@ namespace Mvc.Client.Controllers {
        [Authorize, HttpPost("~/")]
        public async Task<ActionResult> Index(CancellationToken cancellationToken) {
            using (var client = new HttpClient()) {
+                var token = await HttpContext.Authentication.GetTokenAsync("access_token");
+                if (string.IsNullOrEmpty(token)) {
+                    throw new InvalidOperationException("The access token cannot be found in the authentication ticket. " +
+                                                        "Make sure that SaveTokens is set to true in the OIDC options.");
+                }
+
                var request = new HttpRequestMessage(HttpMethod.Get, "http://localhost:54540/api/message");
-                request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", AccessToken);
+                request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);

                var response = await client.SendAsync(request, cancellationToken);
                response.EnsureSuccessStatusCode();
@ -25,16 +32,5 @@ namespace Mvc.Client.Controllers {
                return View("Home", model: await response.Content.ReadAsStringAsync());
            }
        }
-
-        protected string AccessToken {
-            get {
-                var claim = HttpContext.User?.FindFirst("access_token");
-                if (claim == null) {
-                    throw new InvalidOperationException();
-                }
-
-                return claim.Value;
-            }
-        }
    }
 }
--- a/samples/Mvc.Client/Startup.cs
+++ b/samples/Mvc.Client/Startup.cs
@ -62,7 +62,7 @@ namespace Mvc.Client {

                RequireHttpsMetadata = false,
                GetClaimsFromUserInfoEndpoint = true,
-                SaveTokensAsClaims = true,
+                SaveTokens = true,

                // Use the authorization code flow.
                ResponseType = OpenIdConnectResponseTypes.Code,
--- a/src/OpenIddict.Mvc/OpenIddictController.cs
+++ b/src/OpenIddict.Mvc/OpenIddictController.cs
@ -16,6 +16,7 @@ using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Http.Authentication;
+using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.IdentityModel.Protocols.OpenIdConnect;

@ -199,11 +200,11 @@ namespace OpenIddict.Mvc {
        }

        [HttpPost, ValidateAntiForgeryToken]
-        public virtual async Task Logout(CancellationToken cancellationToken) {
+        public virtual async Task Logout([FromServices] SignInManager<TUser> manager, CancellationToken cancellationToken) {
            // Instruct the cookies middleware to delete the local cookie created
            // when the user agent is redirected from the external identity provider
            // after a successful authentication flow (e.g Google or Facebook).
-            await HttpContext.Authentication.SignOutAsync("Microsoft.AspNetCore.Identity.Application");
+            await manager.SignOutAsync();

            // Redirect the user agent to the post_logout_redirect_uri specified by the client application.
            await HttpContext.Authentication.SignOutAsync(Options.AuthenticationScheme);