Add HttpContext to ITicketStore (dotnet#41908) (dotnet#42063)

captainsafia · Jun 13, 2022 · eac1ace · eac1ace
1 parent e4e60d6
commit eac1ace
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 6 deletions.
diff --git a/src/Security/Authentication/Cookies/src/CookieAuthenticationHandler.cs b/src/Security/Authentication/Cookies/src/CookieAuthenticationHandler.cs
@@ -158,7 +158,7 @@ private async Task<AuthenticateResult> ReadCookieTicket()
                 return AuthenticateResult.Fail("SessionId missing");
             }
             // Only store _sessionKey if it matches an existing session. Otherwise we'll create a new one.
-            ticket = await Options.SessionStore.RetrieveAsync(claim.Value, Context.RequestAborted);
+            ticket = await Options.SessionStore.RetrieveAsync(claim.Value, Context, Context.RequestAborted);
             if (ticket == null)
             {
                 return AuthenticateResult.Fail("Identity missing in session store");
@@ -173,7 +173,7 @@ private async Task<AuthenticateResult> ReadCookieTicket()
         {
             if (Options.SessionStore != null)
             {
-                await Options.SessionStore.RemoveAsync(_sessionKey!, Context.RequestAborted);
+                await Options.SessionStore.RemoveAsync(_sessionKey!, Context, Context.RequestAborted);
             }
             return AuthenticateResult.Fail("Ticket expired");
         }
@@ -247,7 +247,7 @@ protected virtual async Task FinishResponseAsync()
 
             if (Options.SessionStore != null && _sessionKey != null)
             {
-                await Options.SessionStore.RenewAsync(_sessionKey, ticket, Context.RequestAborted);
+                await Options.SessionStore.RenewAsync(_sessionKey, ticket, Context, Context.RequestAborted);
                 var principal = new ClaimsPrincipal(
                     new ClaimsIdentity(
                         new[] { new Claim(SessionIdClaim, _sessionKey, ClaimValueTypes.String, Options.ClaimsIssuer) },
@@ -328,11 +328,11 @@ protected override async Task HandleSignInAsync(ClaimsPrincipal user, Authentica
             if (_sessionKey != null)
             {
                 // Renew the ticket in cases of multiple requests see: https://github.com/dotnet/aspnetcore/issues/22135
-                await Options.SessionStore.RenewAsync(_sessionKey, ticket, Context.RequestAborted);
+                await Options.SessionStore.RenewAsync(_sessionKey, ticket, Context, Context.RequestAborted);
             }
             else
             {
-                _sessionKey = await Options.SessionStore.StoreAsync(ticket, Context.RequestAborted);
+                _sessionKey = await Options.SessionStore.StoreAsync(ticket, Context, Context.RequestAborted);
             }
 
             var principal = new ClaimsPrincipal(
@@ -378,7 +378,7 @@ protected override async Task HandleSignOutAsync(AuthenticationProperties? prope
         var cookieOptions = BuildCookieOptions();
         if (Options.SessionStore != null && _sessionKey != null)
         {
-            await Options.SessionStore.RemoveAsync(_sessionKey, Context.RequestAborted);
+            await Options.SessionStore.RemoveAsync(_sessionKey, Context, Context.RequestAborted);
         }
 
         var context = new CookieSigningOutContext(

diff --git a/src/Security/Authentication/Cookies/src/ITicketStore.cs b/src/Security/Authentication/Cookies/src/ITicketStore.cs
@@ -1,6 +1,8 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
+using Microsoft.AspNetCore.Http;
+
 namespace Microsoft.AspNetCore.Authentication.Cookies;
 
 /// <summary>
@@ -25,6 +27,15 @@ public interface ITicketStore
     /// <returns>The key that can be used to retrieve the identity later.</returns>
     Task<string> StoreAsync(AuthenticationTicket ticket, CancellationToken cancellationToken) => StoreAsync(ticket);
 
+    /// <summary>
+    /// Store the identity ticket and return the associated key.
+    /// </summary>
+    /// <param name="ticket">The identity information to store.</param>
+    /// <param name="httpContext">The <see cref="HttpContext"/> associated with the current request.</param>
+    /// <param name="cancellationToken">The <see cref="CancellationToken"/> used to propagate notifications that the operation should be canceled.</param>
+    /// <returns>The key that can be used to retrieve the identity later.</returns>
+    Task<string> StoreAsync(AuthenticationTicket ticket, HttpContext httpContext, CancellationToken cancellationToken) => StoreAsync(ticket, cancellationToken);
+
     /// <summary>
     /// Tells the store that the given identity should be updated.
     /// </summary>
@@ -42,6 +53,16 @@ public interface ITicketStore
     /// <returns></returns>
     Task RenewAsync(string key, AuthenticationTicket ticket, CancellationToken cancellationToken) => RenewAsync(key, ticket);
 
+    /// <summary>
+    /// Tells the store that the given identity should be updated.
+    /// </summary>
+    /// <param name="key"></param>
+    /// <param name="ticket"></param>
+    /// <param name="httpContext"></param>
+    /// <param name="cancellationToken">The <see cref="CancellationToken"/> used to propagate notifications that the operation should be canceled.</param>
+    /// <returns></returns>
+    Task RenewAsync(string key, AuthenticationTicket ticket, HttpContext httpContext, CancellationToken cancellationToken) => RenewAsync(key, ticket, cancellationToken);
+
     /// <summary>
     /// Retrieves an identity from the store for the given key.
     /// </summary>
@@ -57,6 +78,15 @@ public interface ITicketStore
     /// <returns>The identity associated with the given key, or <c>null</c> if not found.</returns>
     Task<AuthenticationTicket?> RetrieveAsync(string key, CancellationToken cancellationToken) => RetrieveAsync(key);
 
+    /// <summary>
+    /// Retrieves an identity from the store for the given key.
+    /// </summary>
+    /// <param name="key">The key associated with the identity.</param>
+    /// <param name="httpContext">The <see cref="HttpContext"/> associated with the current request.</param>
+    /// <param name="cancellationToken">The <see cref="CancellationToken"/> used to propagate notifications that the operation should be canceled.</param>
+    /// <returns>The identity associated with the given key, or <c>null</c> if not found.</returns>
+    Task<AuthenticationTicket?> RetrieveAsync(string key, HttpContext httpContext, CancellationToken cancellationToken) => RetrieveAsync(key, cancellationToken);
+
     /// <summary>
     /// Remove the identity associated with the given key.
     /// </summary>
@@ -71,4 +101,13 @@ public interface ITicketStore
     /// <param name="cancellationToken">The <see cref="CancellationToken"/> used to propagate notifications that the operation should be canceled.</param>
     /// <returns></returns>
     Task RemoveAsync(string key, CancellationToken cancellationToken) => RemoveAsync(key);
+
+    /// <summary>
+    /// Remove the identity associated with the given key.
+    /// </summary>
+    /// <param name="key">The key associated with the identity.</param>
+    /// <param name="httpContext">The <see cref="HttpContext"/> associated with the current request.</param>
+    /// <param name="cancellationToken">The <see cref="CancellationToken"/> used to propagate notifications that the operation should be canceled.</param>
+    /// <returns></returns>
+    Task RemoveAsync(string key, HttpContext httpContext, CancellationToken cancellationToken) => RemoveAsync(key, cancellationToken);
 }
diff --git a/src/Security/Authentication/Cookies/src/PublicAPI.Unshipped.txt b/src/Security/Authentication/Cookies/src/PublicAPI.Unshipped.txt
@@ -1,4 +1,8 @@
 #nullable enable
 *REMOVED*Microsoft.AspNetCore.Authentication.Cookies.PostConfigureCookieAuthenticationOptions.PostConfigure(string! name, Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationOptions! options) -> void
+Microsoft.AspNetCore.Authentication.Cookies.ITicketStore.RemoveAsync(string! key, Microsoft.AspNetCore.Http.HttpContext! httpContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task!
+Microsoft.AspNetCore.Authentication.Cookies.ITicketStore.RenewAsync(string! key, Microsoft.AspNetCore.Authentication.AuthenticationTicket! ticket, Microsoft.AspNetCore.Http.HttpContext! httpContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task!
+Microsoft.AspNetCore.Authentication.Cookies.ITicketStore.RetrieveAsync(string! key, Microsoft.AspNetCore.Http.HttpContext! httpContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticationTicket?>!
+Microsoft.AspNetCore.Authentication.Cookies.ITicketStore.StoreAsync(Microsoft.AspNetCore.Authentication.AuthenticationTicket! ticket, Microsoft.AspNetCore.Http.HttpContext! httpContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<string!>!
 Microsoft.AspNetCore.Authentication.Cookies.PostConfigureCookieAuthenticationOptions.PostConfigure(string? name, Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationOptions! options) -> void
 virtual Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationEvents.CheckSlidingExpiration(Microsoft.AspNetCore.Authentication.Cookies.CookieSlidingExpirationContext! context) -> System.Threading.Tasks.Task!