From ed1a221629fe05ca0ceedd471f8ba06144ccb3be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Chalet?= Date: Sat, 5 Mar 2016 14:50:21 +0100 Subject: [PATCH] React to API/naming changes in aspnet/Security and aspnet/Identity https://github.com/aspnet/Security/commit/ace166fa31af61a6c9924873e6bdcb45e7785d5d https://github.com/aspnet/Security/commit/ef6dd4138400e443aba56c4372270c132d541dd4 https://github.com/aspnet/Identity/commit/c8849685cfc24a1137142c24e248a4b02be0e9d4 --- .../Mvc.Client/Controllers/HomeController.cs | 20 ++++++++----------- samples/Mvc.Client/Startup.cs | 2 +- src/OpenIddict.Mvc/OpenIddictController.cs | 5 +++-- 3 files changed, 12 insertions(+), 15 deletions(-) diff --git a/samples/Mvc.Client/Controllers/HomeController.cs b/samples/Mvc.Client/Controllers/HomeController.cs index f5d8a4e3..9bc078db 100644 --- a/samples/Mvc.Client/Controllers/HomeController.cs +++ b/samples/Mvc.Client/Controllers/HomeController.cs @@ -3,6 +3,7 @@ using System.Net.Http; using System.Net.Http.Headers; using System.Threading; using System.Threading.Tasks; +using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; @@ -16,8 +17,14 @@ namespace Mvc.Client.Controllers { [Authorize, HttpPost("~/")] public async Task Index(CancellationToken cancellationToken) { using (var client = new HttpClient()) { + var token = await HttpContext.Authentication.GetTokenAsync("access_token"); + if (string.IsNullOrEmpty(token)) { + throw new InvalidOperationException("The access token cannot be found in the authentication ticket. " + + "Make sure that SaveTokens is set to true in the OIDC options."); + } + var request = new HttpRequestMessage(HttpMethod.Get, "http://localhost:54540/api/message"); - request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", AccessToken); + request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token); var response = await client.SendAsync(request, cancellationToken); response.EnsureSuccessStatusCode(); @@ -25,16 +32,5 @@ namespace Mvc.Client.Controllers { return View("Home", model: await response.Content.ReadAsStringAsync()); } } - - protected string AccessToken { - get { - var claim = HttpContext.User?.FindFirst("access_token"); - if (claim == null) { - throw new InvalidOperationException(); - } - - return claim.Value; - } - } } } \ No newline at end of file diff --git a/samples/Mvc.Client/Startup.cs b/samples/Mvc.Client/Startup.cs index 5d9a0614..b22bba7f 100644 --- a/samples/Mvc.Client/Startup.cs +++ b/samples/Mvc.Client/Startup.cs @@ -62,7 +62,7 @@ namespace Mvc.Client { RequireHttpsMetadata = false, GetClaimsFromUserInfoEndpoint = true, - SaveTokensAsClaims = true, + SaveTokens = true, // Use the authorization code flow. ResponseType = OpenIdConnectResponseTypes.Code, diff --git a/src/OpenIddict.Mvc/OpenIddictController.cs b/src/OpenIddict.Mvc/OpenIddictController.cs index b01d2d6d..fc12cfb2 100644 --- a/src/OpenIddict.Mvc/OpenIddictController.cs +++ b/src/OpenIddict.Mvc/OpenIddictController.cs @@ -16,6 +16,7 @@ using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Http.Authentication; +using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using Microsoft.IdentityModel.Protocols.OpenIdConnect; @@ -199,11 +200,11 @@ namespace OpenIddict.Mvc { } [HttpPost, ValidateAntiForgeryToken] - public virtual async Task Logout(CancellationToken cancellationToken) { + public virtual async Task Logout([FromServices] SignInManager manager, CancellationToken cancellationToken) { // Instruct the cookies middleware to delete the local cookie created // when the user agent is redirected from the external identity provider // after a successful authentication flow (e.g Google or Facebook). - await HttpContext.Authentication.SignOutAsync("Microsoft.AspNetCore.Identity.Application"); + await manager.SignOutAsync(); // Redirect the user agent to the post_logout_redirect_uri specified by the client application. await HttpContext.Authentication.SignOutAsync(Options.AuthenticationScheme);