From eac1ace6a7bb67708c6565c9c0dd7ebe0306e8b7 Mon Sep 17 00:00:00 2001 From: Roman Bukin Date: Tue, 7 Jun 2022 03:40:08 +0300 Subject: [PATCH] Add HttpContext to ITicketStore (#41908) (#42063) --- .../src/CookieAuthenticationHandler.cs | 12 +++--- .../Cookies/src/ITicketStore.cs | 39 +++++++++++++++++++ .../Cookies/src/PublicAPI.Unshipped.txt | 4 ++ 3 files changed, 49 insertions(+), 6 deletions(-) diff --git a/src/Security/Authentication/Cookies/src/CookieAuthenticationHandler.cs b/src/Security/Authentication/Cookies/src/CookieAuthenticationHandler.cs index a0abf7a53194..826ff9e6ff93 100644 --- a/src/Security/Authentication/Cookies/src/CookieAuthenticationHandler.cs +++ b/src/Security/Authentication/Cookies/src/CookieAuthenticationHandler.cs @@ -158,7 +158,7 @@ private async Task ReadCookieTicket() return AuthenticateResult.Fail("SessionId missing"); } // Only store _sessionKey if it matches an existing session. Otherwise we'll create a new one. - ticket = await Options.SessionStore.RetrieveAsync(claim.Value, Context.RequestAborted); + ticket = await Options.SessionStore.RetrieveAsync(claim.Value, Context, Context.RequestAborted); if (ticket == null) { return AuthenticateResult.Fail("Identity missing in session store"); @@ -173,7 +173,7 @@ private async Task ReadCookieTicket() { if (Options.SessionStore != null) { - await Options.SessionStore.RemoveAsync(_sessionKey!, Context.RequestAborted); + await Options.SessionStore.RemoveAsync(_sessionKey!, Context, Context.RequestAborted); } return AuthenticateResult.Fail("Ticket expired"); } @@ -247,7 +247,7 @@ protected virtual async Task FinishResponseAsync() if (Options.SessionStore != null && _sessionKey != null) { - await Options.SessionStore.RenewAsync(_sessionKey, ticket, Context.RequestAborted); + await Options.SessionStore.RenewAsync(_sessionKey, ticket, Context, Context.RequestAborted); var principal = new ClaimsPrincipal( new ClaimsIdentity( new[] { new Claim(SessionIdClaim, _sessionKey, ClaimValueTypes.String, Options.ClaimsIssuer) }, @@ -328,11 +328,11 @@ protected override async Task HandleSignInAsync(ClaimsPrincipal user, Authentica if (_sessionKey != null) { // Renew the ticket in cases of multiple requests see: https://github.com/dotnet/aspnetcore/issues/22135 - await Options.SessionStore.RenewAsync(_sessionKey, ticket, Context.RequestAborted); + await Options.SessionStore.RenewAsync(_sessionKey, ticket, Context, Context.RequestAborted); } else { - _sessionKey = await Options.SessionStore.StoreAsync(ticket, Context.RequestAborted); + _sessionKey = await Options.SessionStore.StoreAsync(ticket, Context, Context.RequestAborted); } var principal = new ClaimsPrincipal( @@ -378,7 +378,7 @@ protected override async Task HandleSignOutAsync(AuthenticationProperties? prope var cookieOptions = BuildCookieOptions(); if (Options.SessionStore != null && _sessionKey != null) { - await Options.SessionStore.RemoveAsync(_sessionKey, Context.RequestAborted); + await Options.SessionStore.RemoveAsync(_sessionKey, Context, Context.RequestAborted); } var context = new CookieSigningOutContext( diff --git a/src/Security/Authentication/Cookies/src/ITicketStore.cs b/src/Security/Authentication/Cookies/src/ITicketStore.cs index 4bb1c5e6a6b3..633837a32333 100644 --- a/src/Security/Authentication/Cookies/src/ITicketStore.cs +++ b/src/Security/Authentication/Cookies/src/ITicketStore.cs @@ -1,6 +1,8 @@ // Licensed to the .NET Foundation under one or more agreements. // The .NET Foundation licenses this file to you under the MIT license. +using Microsoft.AspNetCore.Http; + namespace Microsoft.AspNetCore.Authentication.Cookies; /// @@ -25,6 +27,15 @@ public interface ITicketStore /// The key that can be used to retrieve the identity later. Task StoreAsync(AuthenticationTicket ticket, CancellationToken cancellationToken) => StoreAsync(ticket); + /// + /// Store the identity ticket and return the associated key. + /// + /// The identity information to store. + /// The associated with the current request. + /// The used to propagate notifications that the operation should be canceled. + /// The key that can be used to retrieve the identity later. + Task StoreAsync(AuthenticationTicket ticket, HttpContext httpContext, CancellationToken cancellationToken) => StoreAsync(ticket, cancellationToken); + /// /// Tells the store that the given identity should be updated. /// @@ -42,6 +53,16 @@ public interface ITicketStore /// Task RenewAsync(string key, AuthenticationTicket ticket, CancellationToken cancellationToken) => RenewAsync(key, ticket); + /// + /// Tells the store that the given identity should be updated. + /// + /// + /// + /// + /// The used to propagate notifications that the operation should be canceled. + /// + Task RenewAsync(string key, AuthenticationTicket ticket, HttpContext httpContext, CancellationToken cancellationToken) => RenewAsync(key, ticket, cancellationToken); + /// /// Retrieves an identity from the store for the given key. /// @@ -57,6 +78,15 @@ public interface ITicketStore /// The identity associated with the given key, or null if not found. Task RetrieveAsync(string key, CancellationToken cancellationToken) => RetrieveAsync(key); + /// + /// Retrieves an identity from the store for the given key. + /// + /// The key associated with the identity. + /// The associated with the current request. + /// The used to propagate notifications that the operation should be canceled. + /// The identity associated with the given key, or null if not found. + Task RetrieveAsync(string key, HttpContext httpContext, CancellationToken cancellationToken) => RetrieveAsync(key, cancellationToken); + /// /// Remove the identity associated with the given key. /// @@ -71,4 +101,13 @@ public interface ITicketStore /// The used to propagate notifications that the operation should be canceled. /// Task RemoveAsync(string key, CancellationToken cancellationToken) => RemoveAsync(key); + + /// + /// Remove the identity associated with the given key. + /// + /// The key associated with the identity. + /// The associated with the current request. + /// The used to propagate notifications that the operation should be canceled. + /// + Task RemoveAsync(string key, HttpContext httpContext, CancellationToken cancellationToken) => RemoveAsync(key, cancellationToken); } diff --git a/src/Security/Authentication/Cookies/src/PublicAPI.Unshipped.txt b/src/Security/Authentication/Cookies/src/PublicAPI.Unshipped.txt index 899d7d284315..656e195c1a7b 100644 --- a/src/Security/Authentication/Cookies/src/PublicAPI.Unshipped.txt +++ b/src/Security/Authentication/Cookies/src/PublicAPI.Unshipped.txt @@ -1,4 +1,8 @@ #nullable enable *REMOVED*Microsoft.AspNetCore.Authentication.Cookies.PostConfigureCookieAuthenticationOptions.PostConfigure(string! name, Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationOptions! options) -> void +Microsoft.AspNetCore.Authentication.Cookies.ITicketStore.RemoveAsync(string! key, Microsoft.AspNetCore.Http.HttpContext! httpContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task! +Microsoft.AspNetCore.Authentication.Cookies.ITicketStore.RenewAsync(string! key, Microsoft.AspNetCore.Authentication.AuthenticationTicket! ticket, Microsoft.AspNetCore.Http.HttpContext! httpContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task! +Microsoft.AspNetCore.Authentication.Cookies.ITicketStore.RetrieveAsync(string! key, Microsoft.AspNetCore.Http.HttpContext! httpContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task! +Microsoft.AspNetCore.Authentication.Cookies.ITicketStore.StoreAsync(Microsoft.AspNetCore.Authentication.AuthenticationTicket! ticket, Microsoft.AspNetCore.Http.HttpContext! httpContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task! Microsoft.AspNetCore.Authentication.Cookies.PostConfigureCookieAuthenticationOptions.PostConfigure(string? name, Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationOptions! options) -> void virtual Microsoft.AspNetCore.Authentication.Cookies.CookieAuthenticationEvents.CheckSlidingExpiration(Microsoft.AspNetCore.Authentication.Cookies.CookieSlidingExpirationContext! context) -> System.Threading.Tasks.Task!