Upgrade to ASP.NET Core RC2 release.

2025-07-12 13:19:01 -05:00 · 2016-05-19 19:10:24 -04:00
parent d7cb3d47cb
commit 79f507fe68
33 changed files with 289 additions and 231 deletions
--- a/src/Core/Core.xproj
+++ b/src/Core/Core.xproj
@ -4,15 +4,16 @@
    <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
    <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
  </PropertyGroup>
-  <Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.Props" Condition="'$(VSToolsPath)' != ''" />
+  <Import Project="$(VSToolsPath)\DotNet\Microsoft.DotNet.Props" Condition="'$(VSToolsPath)' != ''" />
  <PropertyGroup Label="Globals">
    <ProjectGuid>3973d21b-a692-4b60-9b70-3631c057423a</ProjectGuid>
    <RootNamespace>Bit.Core</RootNamespace>
-    <BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">..\..\artifacts\obj\$(MSBuildProjectName)</BaseIntermediateOutputPath>
-    <OutputPath Condition="'$(OutputPath)'=='' ">..\..\artifacts\bin\$(MSBuildProjectName)\</OutputPath>
+    <BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">.\obj</BaseIntermediateOutputPath>
+    <OutputPath Condition="'$(OutputPath)'=='' ">.\bin\</OutputPath>
+    <TargetFrameworkVersion>v4.6</TargetFrameworkVersion>
  </PropertyGroup>
  <PropertyGroup>
    <SchemaVersion>2.0</SchemaVersion>
  </PropertyGroup>
-  <Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.targets" Condition="'$(VSToolsPath)' != ''" />
+  <Import Project="$(VSToolsPath)\DotNet\Microsoft.DotNet.targets" Condition="'$(VSToolsPath)' != ''" />
 </Project>
--- a/src/Core/Exceptions/BadRequestException.cs
+++ b/src/Core/Exceptions/BadRequestException.cs
@ -1,5 +1,5 @@
 using System;
-using Microsoft.AspNet.Mvc.ModelBinding;
+using Microsoft.AspNetCore.Mvc.ModelBinding;

 namespace Bit.Core.Exceptions
 {
--- a/src/Core/GlobalSettings.cs
+++ b/src/Core/GlobalSettings.cs
@ -7,6 +7,7 @@ namespace Bit.Core
    {
        public virtual string SiteName { get; set; }
        public virtual string BaseVaultUri { get; set; }
+        public virtual string JwtSigningKey { get; set; }
        public virtual DocumentDBSettings DocumentDB { get; set; } = new DocumentDBSettings();
        public virtual SqlServerSettings SqlServer { get; set; } = new SqlServerSettings();
        public virtual MailSettings Mail { get; set; } = new MailSettings();
--- a/src/Core/Identity/AuthenticatorTokenProvider.cs
+++ b/src/Core/Identity/AuthenticatorTokenProvider.cs
@ -1,14 +1,14 @@
 using System;
 using System.Threading.Tasks;
 using Base32;
-using Microsoft.AspNet.Identity;
+using Microsoft.AspNetCore.Identity;
 using Bit.Core.Domains;
 using Bit.Core.Enums;
 using OtpSharp;

 namespace Bit.Core.Identity
 {
-    public class AuthenticatorTokenProvider : IUserTokenProvider<User>
+    public class AuthenticatorTokenProvider : IUserTwoFactorTokenProvider<User>
    {
        public Task<bool> CanGenerateTwoFactorTokenAsync(UserManager<User> manager, User user)
        {
--- a/src/Core/Identity/JwtBearerAppBuilderExtensions.cs
+++ b/src/Core/Identity/JwtBearerAppBuilderExtensions.cs
@ -0,0 +1,60 @@
+using System;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Options;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+
+namespace Bit.Core.Identity
+{
+    public static class JwtBearerAppBuilderExtensions
+    {
+        public static IApplicationBuilder UseJwtBearerIdentity(this IApplicationBuilder app)
+        {
+            if(app == null)
+            {
+                throw new ArgumentNullException(nameof(app));
+            }
+
+            var marker = app.ApplicationServices.GetService<IdentityMarkerService>();
+            if(marker == null)
+            {
+                throw new InvalidOperationException("Must Call AddJwtBearerIdentity");
+            }
+
+            var jwtOptions = app.ApplicationServices.GetRequiredService<IOptions<JwtBearerIdentityOptions>>().Value;
+
+            var options = new JwtBearerOptions();
+
+            // Basic settings - signing key to validate with, audience and issuer.
+            options.TokenValidationParameters.IssuerSigningKey = jwtOptions.SigningCredentials.Key;
+            options.TokenValidationParameters.ValidAudience = jwtOptions.Audience;
+            options.TokenValidationParameters.ValidIssuer = jwtOptions.Issuer;
+
+            options.TokenValidationParameters.RequireExpirationTime = true;
+            options.TokenValidationParameters.RequireSignedTokens = false;
+
+            // When receiving a token, check that we've signed it.
+            options.TokenValidationParameters.RequireSignedTokens = false;
+
+            //// When receiving a token, check that it is still valid.
+            options.TokenValidationParameters.ValidateLifetime = true;
+
+            // This defines the maximum allowable clock skew - i.e. provides a tolerance on the token expiry time 
+            // when validating the lifetime. As we're creating the tokens locally and validating them on the same 
+            // machines which should have synchronised time, this can be set to zero. Where external tokens are
+            // used, some leeway here could be useful.
+            options.TokenValidationParameters.ClockSkew = TimeSpan.FromMinutes(0);
+
+            options.Events = new JwtBearerEvents
+            {
+                OnTokenValidated = JwtBearerEventImplementations.ValidatedTokenAsync,
+                OnAuthenticationFailed = JwtBearerEventImplementations.AuthenticationFailedAsync
+            };
+
+            app.UseJwtBearerAuthentication(options);
+
+            return app;
+        }
+    }
+}
--- a/src/Core/Identity/JwtBearerBuilderExtensions.cs
+++ b/src/Core/Identity/JwtBearerBuilderExtensions.cs
@ -1,59 +0,0 @@
-using System;
-using Microsoft.AspNet.Builder;
-using Microsoft.AspNet.Identity;
-using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.OptionsModel;
-using Microsoft.AspNet.Authentication.JwtBearer;
-
-namespace Bit.Core.Identity
-{
-    public static class JwtBearerBuilderExtensions
-    {
-        public static IApplicationBuilder UseJwtBearerIdentity(this IApplicationBuilder app)
-        {
-            if(app == null)
-            {
-                throw new ArgumentNullException(nameof(app));
-            }
-
-            var marker = app.ApplicationServices.GetService<IdentityMarkerService>();
-            if(marker == null)
-            {
-                throw new InvalidOperationException("Must Call AddJwtBearerIdentity");
-            }
-
-            var jwtOptions = app.ApplicationServices.GetRequiredService<IOptions<JwtBearerIdentityOptions>>().Value;
-            var jwtSignInManager = app.ApplicationServices.GetRequiredService<JwtBearerSignInManager>();
-            app.UseJwtBearerAuthentication(options =>
-            {
-                // Basic settings - signing key to validate with, audience and issuer.
-                //options.TokenValidationParameters.IssuerSigningKey = key;
-                options.TokenValidationParameters.ValidAudience = jwtOptions.Audience;
-                options.TokenValidationParameters.ValidIssuer = jwtOptions.Issuer;
-
-                options.TokenValidationParameters.RequireExpirationTime = true;
-                options.TokenValidationParameters.RequireSignedTokens = false;
-
-                // When receiving a token, check that we've signed it.
-                options.TokenValidationParameters.ValidateSignature = false;
-
-                //// When receiving a token, check that it is still valid.
-                options.TokenValidationParameters.ValidateLifetime = true;
-
-                // This defines the maximum allowable clock skew - i.e. provides a tolerance on the token expiry time 
-                // when validating the lifetime. As we're creating the tokens locally and validating them on the same 
-                // machines which should have synchronised time, this can be set to zero. Where external tokens are
-                // used, some leeway here could be useful.
-                options.TokenValidationParameters.ClockSkew = TimeSpan.FromMinutes(0);
-
-                options.Events = new JwtBearerEvents
-                {
-                    OnValidatedToken = JwtBearerEventImplementations.ValidatedTokenAsync,
-                    OnAuthenticationFailed = JwtBearerEventImplementations.AuthenticationFailedAsync
-                };
-            });
-
-            return app;
-        }
-    }
-}
--- a/src/Core/Identity/JwtBearerEventImplementations.cs
+++ b/src/Core/Identity/JwtBearerEventImplementations.cs
@ -1,18 +1,20 @@
 using System;
 using System.Security.Claims;
 using System.Threading.Tasks;
-using Microsoft.AspNet.Authentication.JwtBearer;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.Extensions.DependencyInjection;
-using System.IdentityModel.Tokens;
 using Bit.Core.Repositories;
-using Microsoft.AspNet.Authentication;
-using Microsoft.AspNet.Http.Authentication;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http.Authentication;
+using Microsoft.IdentityModel.Tokens;
+using Microsoft.AspNetCore.Identity;
+using Bit.Core.Domains;

 namespace Bit.Core.Identity
 {
    public static class JwtBearerEventImplementations
    {
-        public async static Task ValidatedTokenAsync(ValidatedTokenContext context)
+        public async static Task ValidatedTokenAsync(TokenValidatedContext context)
        {
            if(context.HttpContext.RequestServices == null)
            {
@ -20,13 +22,14 @@ namespace Bit.Core.Identity
            }

            var userRepository = context.HttpContext.RequestServices.GetRequiredService<IUserRepository>();
-            var manager = context.HttpContext.RequestServices.GetRequiredService<JwtBearerSignInManager>();
+            var userManager = context.HttpContext.RequestServices.GetRequiredService<UserManager<User>>();
+            var signInManager = context.HttpContext.RequestServices.GetRequiredService<JwtBearerSignInManager>();

-            var userId = context.AuthenticationTicket.Principal.GetUserId();
+            var userId = userManager.GetUserId(context.Ticket.Principal);
            var user = await userRepository.GetByIdAsync(userId);

            // validate security token
-            if(!await manager.ValidateSecurityStampAsync(user, context.AuthenticationTicket.Principal))
+            if(!await signInManager.ValidateSecurityStampAsync(user, context.Ticket.Principal))
            {
                throw new SecurityTokenValidationException("Bad security stamp.");
            }
@ -41,7 +44,7 @@ namespace Bit.Core.Identity
            if(!context.HttpContext.User.Identity.IsAuthenticated)
            {
                context.State = EventResultState.HandledResponse;
-                context.AuthenticationTicket = new AuthenticationTicket(context.HttpContext.User, new AuthenticationProperties(), context.Options.AuthenticationScheme);
+                context.Ticket = new AuthenticationTicket(context.HttpContext.User, new AuthenticationProperties(), context.Options.AuthenticationScheme);
            }

            return Task.FromResult(0);
--- a/src/Core/Identity/JwtBearerIdentityOptions.cs
+++ b/src/Core/Identity/JwtBearerIdentityOptions.cs
@ -1,5 +1,5 @@
 using System;
-using System.IdentityModel.Tokens;
+using Microsoft.IdentityModel.Tokens;

 namespace Bit.Core.Identity
 {
--- a/src/Core/Identity/JwtBearerIdentityServiceCollectionExtensions.cs
+++ b/src/Core/Identity/JwtBearerIdentityServiceCollectionExtensions.cs
@ -1,14 +1,16 @@
 using System;
-using Microsoft.AspNet.Identity;
+using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using Bit.Core.Domains;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Http;

 namespace Bit.Core.Identity
 {
    public static class JwtBearerIdentityServiceCollectionExtensions
    {
-        public static IdentityBuilder AddJwtBearerIdentit(
+        public static IdentityBuilder AddJwtBearerIdentity(
            this IServiceCollection services)
        {
            return services.AddJwtBearerIdentity(setupAction: null, jwtBearerSetupAction: null);
@ -23,6 +25,8 @@ namespace Bit.Core.Identity
            services.AddOptions();
            services.AddAuthentication();

+            // Hosting doesn't add IHttpContextAccessor by default
+            services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
            // Identity services
            services.TryAddSingleton<IdentityMarkerService>();
            services.TryAddScoped<IUserValidator<User>, UserValidator<User>>();
--- a/src/Core/Identity/JwtBearerSignInManager.cs
+++ b/src/Core/Identity/JwtBearerSignInManager.cs
@ -2,12 +2,13 @@
 using System.Linq;
 using System.Security.Claims;
 using System.Threading.Tasks;
-using Microsoft.AspNet.Authentication.JwtBearer;
-using Microsoft.AspNet.Http;
-using Microsoft.AspNet.Identity;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.OptionsModel;
+using Microsoft.Extensions.Options;
 using Bit.Core.Domains;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.IdentityModel.Tokens;

 namespace Bit.Core.Identity
 {
@ -123,12 +124,16 @@ namespace Bit.Core.Identity
                }
            }

-            var securityToken = handler.CreateToken(
-                issuer: JwtIdentityOptions.Issuer,
-                audience: JwtIdentityOptions.Audience,
-                signingCredentials: JwtIdentityOptions.SigningCredentials,
-                subject: userPrincipal.Identities.First(),
-                expires: tokenExpiration);
+            var descriptor = new SecurityTokenDescriptor
+            {
+                Issuer = JwtIdentityOptions.Issuer,
+                SigningCredentials = JwtIdentityOptions.SigningCredentials,
+                Audience = JwtIdentityOptions.Audience,
+                Subject = userPrincipal.Identities.First(),
+                Expires = tokenExpiration
+            };
+
+            var securityToken = handler.CreateToken(descriptor);

            return handler.WriteToken(securityToken);
        }
--- a/src/Core/Identity/LowerInvariantLookupNormalizer.cs
+++ b/src/Core/Identity/LowerInvariantLookupNormalizer.cs
@ -1,4 +1,4 @@
-using Microsoft.AspNet.Identity;
+using Microsoft.AspNetCore.Identity;

 namespace Bit.Core.Identity
 {
--- a/src/Core/Identity/RoleStore.cs
+++ b/src/Core/Identity/RoleStore.cs
@ -1,7 +1,7 @@
 using System;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.AspNet.Identity;
+using Microsoft.AspNetCore.Identity;
 using Bit.Core.Domains;

 namespace Bit.Core.Identity
--- a/src/Core/Identity/UserStore.cs
+++ b/src/Core/Identity/UserStore.cs
@ -4,7 +4,7 @@ using System.Linq;
 using System.Security.Claims;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.AspNet.Identity;
+using Microsoft.AspNetCore.Identity;
 using Bit.Core.Domains;
 using Bit.Core.Repositories;
 using Bit.Core.Services;
--- a/src/Core/Services/IUserService.cs
+++ b/src/Core/Services/IUserService.cs
@ -1,7 +1,7 @@
 using System;
 using System.Collections.Generic;
 using System.Threading.Tasks;
-using Microsoft.AspNet.Identity;
+using Microsoft.AspNetCore.Identity;
 using Bit.Core.Domains;

 namespace Bit.Core.Services
--- a/src/Core/Services/UserService.cs
+++ b/src/Core/Services/UserService.cs
@ -1,15 +1,16 @@
 using System;
 using System.Collections.Generic;
 using System.Threading.Tasks;
-using Microsoft.AspNet.Http;
-using Microsoft.AspNet.Identity;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Identity;
 using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.OptionsModel;
+using Microsoft.Extensions.Options;
 using Bit.Core.Domains;
 using Bit.Core.Repositories;
 using OtpSharp;
 using Base32;
 using System.Linq;
+using Microsoft.AspNetCore.Builder;

 namespace Bit.Core.Services
 {
@ -35,8 +36,7 @@ namespace Bit.Core.Services
            ILookupNormalizer keyNormalizer,
            IdentityErrorDescriber errors,
            IServiceProvider services,
-            ILogger<UserManager<User>> logger,
-            IHttpContextAccessor contextAccessor)
+            ILogger<UserManager<User>> logger)
            : base(
                  store,
                  optionsAccessor,
@ -46,8 +46,7 @@ namespace Bit.Core.Services
                  keyNormalizer,
                  errors,
                  services,
-                  logger,
-                  contextAccessor)
+                  logger)
        {
            _userRepository = userRepository;
            _cipherRepository = cipherRepository;
--- a/src/Core/project.json
+++ b/src/Core/project.json
@ -2,21 +2,23 @@
    "version": "0.0.1-*",
    "description": "bitwarden Core Library",
    "authors": [ "Kyle Spearrin" ],
-    "tags": [ "" ],
-    "projectUrl": "",
-    "licenseUrl": "",

    "dependencies": {
-        "Microsoft.AspNet.Identity": "3.0.0-rc1-final",
-        "Microsoft.AspNet.Authentication.JwtBearer": "1.0.0-rc1-final",
+        "Microsoft.AspNetCore.Identity": "1.0.0-rc2-final",
+        "Microsoft.AspNetCore.Authentication.JwtBearer": "1.0.0-rc2-final",
        "OtpSharp": "1.3.0.4",
-        "Microsoft.AspNet.Mvc.Abstractions": "6.0.0-rc1-final",
-        "Sendgrid": "6.3.4",
+        "Microsoft.AspNetCore.Mvc.Abstractions": "1.0.0-rc2-final",
        "Dapper": "1.42.0",
-        "DataTableProxy": "1.2.0"
+        "DataTableProxy": "1.2.0",
+        "Sendgrid": "6.3.4"
    },

    "frameworks": {
-        "dnx451": { }
+        "net46": {
+            "frameworkAssemblies": {
+                "System.ComponentModel.DataAnnotations": "4.0.0.0",
+                "System.Data": "4.0.0.0"
+            }
+        }
    }
 }