Skip to content

Commit

Permalink
Merge pull request #261 from Azure-Samples/tibre/sameSiteCookieFix
Browse files Browse the repository at this point in the history 
Same site cookie fix
  • Loading branch information
Tiago Brenck committed Jan 20, 2020
2 parents 2881976 + f03525e commit f25cdbd
Show file tree
Hide file tree
Showing 31 changed files with 149 additions and 29 deletions.
4 changes: 3 additions & 1 deletion 1-WebApp-OIDC/1-1-MyOrg/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

// Sign-in users with the Microsoft identity platform
Expand Down
2 changes: 1 addition & 1 deletion 1-WebApp-OIDC/1-1-MyOrg/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<!--<AspNetCoreHostingModel>InProcess</AspNetCoreHostingModel>-->
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
Expand Down
4 changes: 3 additions & 1 deletion 1-WebApp-OIDC/1-2-AnyOrg/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

// Sign-in users with the Microsoft identity platform
Expand Down
2 changes: 1 addition & 1 deletion 1-WebApp-OIDC/1-2-AnyOrg/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand Down
4 changes: 3 additions & 1 deletion 1-WebApp-OIDC/1-3-AnyOrgOrPersonal/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

// Sign-in users with the Microsoft identity platform
Expand Down
2 changes: 1 addition & 1 deletion 1-WebApp-OIDC/1-3-AnyOrgOrPersonal/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand Down
4 changes: 3 additions & 1 deletion 1-WebApp-OIDC/1-4-Sovereign/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

// Sign-in users with the Microsoft identity platform
Expand Down
2 changes: 1 addition & 1 deletion 1-WebApp-OIDC/1-4-Sovereign/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand Down
5 changes: 4 additions & 1 deletion 1-WebApp-OIDC/1-5-B2C/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
using Microsoft.Identity.Web;

namespace WebApp_OpenIDConnect_DotNet
{
Expand All @@ -49,7 +50,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

// Configuration to sign-in users with Azure AD B2C
Expand Down
6 changes: 5 additions & 1 deletion 1-WebApp-OIDC/1-5-B2C/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand All @@ -21,4 +21,8 @@
<PackageReference Include="Microsoft.AspNetCore.Authentication.AzureADB2C.UI" Version="3.0.0" />
</ItemGroup>

<ItemGroup>
<ProjectReference Include="..\..\Microsoft.Identity.Web\Microsoft.Identity.Web.csproj" />
</ItemGroup>

</Project>
6 changes: 6 additions & 0 deletions 1-WebApp-OIDC/1-5-B2C/WebApp-OpenIDConnect-DotNet.sln
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ VisualStudioVersion = 16.0.29123.89
MinimumVisualStudioVersion = 10.0.40219.1
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "WebApp-OpenIDConnect-DotNet", "WebApp-OpenIDConnect-DotNet.csproj", "{8DCFEEC2-0A85-4C7E-B96A-21C9184470B1}"
EndProject
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Microsoft.Identity.Web", "..\..\Microsoft.Identity.Web\Microsoft.Identity.Web.csproj", "{DDD841C1-4657-4FE4-ABE1-529D02E03235}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Expand All @@ -15,6 +17,10 @@ Global
{8DCFEEC2-0A85-4C7E-B96A-21C9184470B1}.Debug|Any CPU.Build.0 = Debug|Any CPU
{8DCFEEC2-0A85-4C7E-B96A-21C9184470B1}.Release|Any CPU.ActiveCfg = Release|Any CPU
{8DCFEEC2-0A85-4C7E-B96A-21C9184470B1}.Release|Any CPU.Build.0 = Release|Any CPU
{DDD841C1-4657-4FE4-ABE1-529D02E03235}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{DDD841C1-4657-4FE4-ABE1-529D02E03235}.Debug|Any CPU.Build.0 = Debug|Any CPU
{DDD841C1-4657-4FE4-ABE1-529D02E03235}.Release|Any CPU.ActiveCfg = Release|Any CPU
{DDD841C1-4657-4FE4-ABE1-529D02E03235}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
Expand Down
4 changes: 3 additions & 1 deletion 2-WebApp-graph-user/2-1-Call-MSGraph/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

services.AddOptions();
Expand Down
2 changes: 1 addition & 1 deletion 2-WebApp-graph-user/2-1-Call-MSGraph/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand Down
4 changes: 3 additions & 1 deletion 2-WebApp-graph-user/2-2-TokenCache/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

// This is required to be instantiated before the OpenIdConnectOptions starts getting configured.
Expand Down
2 changes: 1 addition & 1 deletion 2-WebApp-graph-user/2-2-TokenCache/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand Down
4 changes: 3 additions & 1 deletion 2-WebApp-graph-user/2-3-Multi-Tenant/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

services.AddOptions();
Expand Down
2 changes: 1 addition & 1 deletion 2-WebApp-graph-user/2-3-Multi-Tenant/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-99C23405-82C0-4B27-8A15-F3B0744E06BE</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
<RootNamespace>WebApp_OpenIDConnect_DotNet</RootNamespace>
Expand Down
4 changes: 3 additions & 1 deletion 2-WebApp-graph-user/2-4-Sovereign-Call-MSGraph/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

services.AddOptions();
Expand Down
2 changes: 1 addition & 1 deletion 2-WebApp-graph-user/2-4-Sovereign-Call-MSGraph/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand Down
4 changes: 3 additions & 1 deletion 3-WebApp-multi-APIs/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

services.AddOptions();
Expand Down
2 changes: 1 addition & 1 deletion 3-WebApp-multi-APIs/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand Down
4 changes: 3 additions & 1 deletion 4-WebApp-your-API/Client/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

services.AddOptions();
Expand Down
2 changes: 1 addition & 1 deletion 4-WebApp-your-API/Client/TodoListClient.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand Down
2 changes: 1 addition & 1 deletion 4-WebApp-your-API/TodoListService/TodoListService.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-TodoListService-03230DB1-5145-408C-A48B-BE3DAFC56C30</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand Down
4 changes: 3 additions & 1 deletion 5-WebApp-AuthZ/5-1-Roles/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

services.AddOptions();
Expand Down
2 changes: 1 addition & 1 deletion 5-WebApp-AuthZ/5-1-Roles/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand Down
4 changes: 3 additions & 1 deletion 5-WebApp-AuthZ/5-2-Groups/Startup.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,9 @@ public void ConfigureServices(IServiceCollection services)
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
options.MinimumSameSitePolicy = SameSiteMode.Unspecified;
// Handling SameSite cookie according to https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
options.HandleSameSiteCookieCompatibility();
});

// Sign-in users with the Microsoft identity platform
Expand Down
2 changes: 1 addition & 1 deletion 5-WebApp-AuthZ/5-2-Groups/WebApp-OpenIDConnect-DotNet.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk.Web">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
<UserSecretsId>aspnet-WebApp_OpenIDConnect_DotNet-81EA87AD-E64D-4755-A1CC-5EA47F49B5D8</UserSecretsId>
<WebProject_DirectoryAccessLevelKey>0</WebProject_DirectoryAccessLevelKey>
</PropertyGroup>
Expand Down
2 changes: 1 addition & 1 deletion Microsoft.Identity.Web.Test/Microsoft.Identity.Web.Test.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk">

<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>

<IsPackable>false</IsPackable>
</PropertyGroup>
Expand Down
2 changes: 1 addition & 1 deletion Microsoft.Identity.Web/Microsoft.Identity.Web.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@


<PropertyGroup>
<TargetFramework>netcoreapp3.0</TargetFramework>
<TargetFramework>netcoreapp3.1</TargetFramework>
</PropertyGroup>


Expand Down
Loading

0 comments on commit f25cdbd

Please sign in to comment.