Fix exception handling with AuthenticationSchemeDelegateSelector

Author: stephentoub

src/System.Net.HttpListener/src/System.Net.HttpListener.csproj

@@ -84,6 +84,9 @@
     <Compile Include="$(CommonPath)\System\Net\CaseInsensitiveAscii.cs">
       <Link>Common\System\Net\CaseInsensitiveAscii.cs</Link>
     </Compile>
+    <Compile Include="$(CommonPath)\System\Net\ExceptionCheck.cs">
+      <Link>Common\System\Net\ExceptionCheck.cs</Link>
+    </Compile>
     <Compile Include="$(CommonPath)\System\Net\HttpStatusDescription.cs">
       <Link>Common\System\Net\HttpStatusDescription.cs</Link>
     </Compile>
@@ -122,9 +125,6 @@
     <Compile Include="$(CommonPath)\System\Net\DebugSafeHandle.cs">
       <Link>Common\System\Net\DebugSafeHandle.cs</Link>
     </Compile>
-    <Compile Include="$(CommonPath)\System\Net\ExceptionCheck.cs">
-      <Link>Common\System\Net\ExceptionCheck.cs</Link>
-    </Compile>
     <Compile Include="$(CommonPath)\System\Net\InternalException.cs">
       <Link>Common\System\Net\InternalException.cs</Link>
     </Compile>

src/System.Net.HttpListener/src/System/Net/HttpListenerContext.cs

@@ -18,6 +18,9 @@ public sealed unsafe partial class HttpListenerContext
 
         public IPrincipal User => _user;
 
+        // This can be used to cache the results of HttpListener.AuthenticationSchemeSelectorDelegate.
+        internal AuthenticationSchemes AuthenticationSchemes { get; set; }
+
         public HttpListenerResponse Response
         {
             get

src/System.Net.HttpListener/src/System/Net/Managed/HttpListener.Managed.cs

@@ -339,8 +339,7 @@ public HttpListenerContext EndGetContext(IAsyncResult asyncResult)
             }
 
             HttpListenerContext context = ares.GetContext();
-            context.ParseAuthentication(SelectAuthenticationScheme(context));
-
+            context.ParseAuthentication(context.AuthenticationSchemes);
             return context;
         }
 

src/System.Net.HttpListener/src/System/Net/Managed/ListenerAsyncResult.Managed.cs

@@ -112,11 +112,30 @@ internal void Complete(HttpListenerContext context, bool synch)
             _context = context;
             lock (_locker)
             {
-                AuthenticationSchemes schemes = context._listener.SelectAuthenticationScheme(context);
-                if ((schemes == AuthenticationSchemes.Basic || context._listener.AuthenticationSchemes == AuthenticationSchemes.Negotiate) && context.Request.Headers["Authorization"] == null)
+                bool selectionFailure = false;
+                try
                 {
-                    context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
-                    context.Response.Headers["WWW-Authenticate"] = schemes + " realm=\"" + context._listener.Realm + "\"";
+                    context.AuthenticationSchemes = context._listener.SelectAuthenticationScheme(context);
+                }
+                catch (OutOfMemoryException oom)
+                {
+                    context.AuthenticationSchemes = AuthenticationSchemes.Anonymous;
+                    _exception = oom;
+                }
+                catch
+                {
+                    selectionFailure = true;
+                    context.Response.StatusCode = (int)HttpStatusCode.InternalServerError;
+                }
+
+                if (selectionFailure || 
+                    ((context.AuthenticationSchemes == AuthenticationSchemes.Basic || context._listener.AuthenticationSchemes == AuthenticationSchemes.Negotiate) && context.Request.Headers["Authorization"] == null))
+                {
+                    if (!selectionFailure)
+                    {
+                        context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
+                        context.Response.Headers["WWW-Authenticate"] = context.AuthenticationSchemes + " realm=\"" + context._listener.Realm + "\"";
+                    }
                     context.Response.OutputStream.Close();
                     IAsyncResult ares = context._listener.BeginGetContext(_cb, _state);
                     _forward = (ListenerAsyncResult)ares;

src/System.Net.HttpListener/src/System/Net/Windows/HttpListenerContext.Windows.cs

@@ -34,9 +34,6 @@ internal void SetIdentity(IPrincipal principal, string mutualAuthentication)
             if (NetEventSource.IsEnabled) NetEventSource.Info(this, $"mutual: {(mutualAuthentication == null ? "<null>" : mutualAuthentication)}, Principal: {principal}");
         }
 
-        // This can be used to cache the results of HttpListener.AuthenticationSchemeSelectorDelegate.
-        internal AuthenticationSchemes AuthenticationSchemes { get; set; }
-
         // This can be used to cache the results of HttpListener.ExtendedProtectionSelectorDelegate.
         internal ExtendedProtectionPolicy ExtendedProtectionPolicy { get; set; }
 

src/System.Net.HttpListener/tests/AuthenticationTests.cs

@@ -229,7 +229,7 @@ public async Task AuthenticationSchemeSelectorDelegate_ReturnsInvalidAuthenticat
             }
         }
 
-        [ConditionalFact(nameof(Helpers) + "." + nameof(Helpers.IsWindowsImplementation))] // [ActiveIssue(20100, TestPlatforms.AnyUnix)]
+        [ConditionalFact(nameof(PlatformDetection) + "." + nameof(PlatformDetection.IsNotOneCoreUAP))]
         public async Task AuthenticationSchemeSelectorDelegate_ThrowsException_SendsInternalServerErrorToClient()
         {
             _listener.AuthenticationSchemes = AuthenticationSchemes.Basic;
@@ -241,7 +241,7 @@ public async Task AuthenticationSchemeSelectorDelegate_ThrowsException_SendsInte
             }
         }
 
-        [ConditionalFact(nameof(Helpers) + "." + nameof(Helpers.IsWindowsImplementation))] // [ActiveIssue(20100, TestPlatforms.AnyUnix)]
+        [ConditionalFact(nameof(PlatformDetection) + "." + nameof(PlatformDetection.IsNotOneCoreUAP))]
         public void AuthenticationSchemeSelectorDelegate_ThrowsOutOfMemoryException_RethrowsException()
         {
             _listener.AuthenticationSchemes = AuthenticationSchemes.Basic;