Merge pull request #77 from codez-one/tmfr/Fix_HandleAuthenticateAsync

tomfrenzel · web-flow · commit 2be5ffde5aa3 · 2023-09-01T10:58:33.000+02:00
Fix HandleAuthenticateAsync &amp; Update packages
diff --git a/samples/CZ.AspNetCore.EasyAuthAuthentication.Samples.Client/CZ.AspNetCore.EasyAuthAuthentication.Samples.Client.csproj b/samples/CZ.AspNetCore.EasyAuthAuthentication.Samples.Client/CZ.AspNetCore.EasyAuthAuthentication.Samples.Client.csproj
@@ -6,7 +6,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.IdentityModel.Clients.ActiveDirectory" Version="5.2.9" />
+    <PackageReference Include="Microsoft.Identity.Client" Version="4.55.0" />
   </ItemGroup>
 
 </Project>
diff --git a/samples/CZ.AspNetCore.EasyAuthAuthentication.Samples.Client/Program.cs b/samples/CZ.AspNetCore.EasyAuthAuthentication.Samples.Client/Program.cs
@@ -5,7 +5,7 @@ namespace CZ.AspNetCore.EasyAuthAuthentication.Samples.Webs.Client
     using System.Net;
     using System.Text;
     using System.Threading.Tasks;
-    using Microsoft.IdentityModel.Clients.ActiveDirectory;
+    using Microsoft.Identity.Client;
 
     public class Program
     {
@@ -21,13 +21,16 @@ private static void Main(string[] args)
 
         private static async Task Work()
         {
-            var authContext = new AuthenticationContext(System.Environment.GetEnvironmentVariable("authority"));
-            var credentials = new ClientCredential(System.Environment.GetEnvironmentVariable("clientId"), System.Environment.GetEnvironmentVariable("clientSecret"));
-            var token = await authContext.AcquireTokenAsync(System.Environment.GetEnvironmentVariable("resource"), credentials);
-            Console.WriteLine(token.AccessTokenType + " " + token.AccessToken);
+            var authContext = ConfidentialClientApplicationBuilder
+                .Create(Environment.GetEnvironmentVariable("clientId"))
+                .WithAuthority(Environment.GetEnvironmentVariable("authority"))
+                .WithClientSecret(Environment.GetEnvironmentVariable("clientSecret"))
+                .Build();
+            var token = await authContext.AcquireTokenForClient(new string[] { $"{Environment.GetEnvironmentVariable("resource")}/.default" }).ExecuteAsync();
+            Console.WriteLine("Bearer " + token.AccessToken);
             var headerName = "Authorization";
             var httpRequest = WebRequest.Create("https://sampleappauth.azurewebsites.net/api/SampleData/UserName");
-            httpRequest.Headers.Add(headerName, token.AccessTokenType + " " + token.AccessToken);
+            httpRequest.Headers.Add(headerName, "Bearer " + token.AccessToken);
             var response = httpRequest.GetResponse();
             var stream = response.GetResponseStream();
             var reader = new StreamReader(stream);
diff --git a/samples/CZ.AspNetCore.EasyAuthAuthentication.Samples.Web/CZ.AspNetCore.EasyAuthAuthentication.Samples.Web.csproj b/samples/CZ.AspNetCore.EasyAuthAuthentication.Samples.Web/CZ.AspNetCore.EasyAuthAuthentication.Samples.Web.csproj
@@ -14,7 +14,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.SpaServices.Extensions" Version="3.1.30" />
+    <PackageReference Include="Microsoft.AspNetCore.SpaServices.Extensions" Version="3.1.32" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/src/CZ.AspNetCore.EasyAuthAuthentication/CZ.AspNetCore.EasyAuthAuthentication.csproj b/src/CZ.AspNetCore.EasyAuthAuthentication/CZ.AspNetCore.EasyAuthAuthentication.csproj
@@ -49,10 +49,10 @@
   <ItemGroup>
     <PackageReference Include="Microsoft.AspNetCore.Authentication" Version="2.2.0" />
     <PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="2.2.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration" Version="6.0.1" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="6.0.0" />
-    <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />
-    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.24.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration" Version="7.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="7.0.4" />
+    <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.32.2" />
     <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.1.1" PrivateAssets="All" />
   </ItemGroup>
 </Project>
diff --git a/src/CZ.AspNetCore.EasyAuthAuthentication/EasyAuthAuthenticationHandler.cs b/src/CZ.AspNetCore.EasyAuthAuthentication/EasyAuthAuthenticationHandler.cs
@@ -79,32 +79,39 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
 
             var authService = this.authenticationServices.FirstOrDefault(d => d.CanHandleAuthentification(this.Context));
             var enabledProviders = this.Options.ProviderOptions.Where(d => d.Enabled == true);
-            if (authService != null && enabledProviders.Any(d => d.ProviderName == authService.GetType().Name))
+            try
             {
-                this.Logger.LogInformation($"use the {authService.GetType().Name} as auth handler.");
-                return authService.AuthUser(this.Context, this.Options.ProviderOptions.FirstOrDefault(d => d.ProviderName == authService.GetType().Name));
-            }
-            else if (CanUseEasyAuthJson(this.Context.Request.Headers, this.Context.User, this.Context.Request, this.Options))
-            {
-                var service = new LocalAuthMeService(this.Logger,
-                    this.Context.Request.Scheme,
-                    this.Context.Request.Host.ToString(),
-                    this.Context.Request.Cookies,
-                    this.Context.Request.Headers);
-                return await service.AuthUser(this.Context, this.Options.LocalProviderOption);
-            }
-            else
-            {
-                if (IsContextUserNotAuthenticated(this.Context.User))
+                if (authService != null && enabledProviders.Any(d => d.ProviderName == authService.GetType().Name))
                 {
-                    this.Logger.LogInformation("The identity isn't set by easy auth.");
+                    this.Logger.LogInformation($"use the {authService.GetType().Name} as auth handler.");
+                    return authService.AuthUser(this.Context, this.Options.ProviderOptions.FirstOrDefault(d => d.ProviderName == authService.GetType().Name));
                 }
-                else
+                else if (CanUseEasyAuthJson(this.Context.Request.Headers, this.Context.User, this.Context.Request, this.Options))
                 {
-                    this.Logger.LogInformation("identity already set, skipping middleware");
+                    var service = new LocalAuthMeService(this.Logger,
+                        this.Context.Request.Scheme,
+                        this.Context.Request.Host.ToString(),
+                        this.Context.Request.Cookies,
+                        this.Context.Request.Headers);
+                    return await service.AuthUser(this.Context, this.Options.LocalProviderOption);
                 }
+                else
+                {
+                    if (IsContextUserNotAuthenticated(this.Context.User))
+                    {
+                        this.Logger.LogInformation("The identity isn't set by easy auth.");
+                    }
+                    else
+                    {
+                        this.Logger.LogInformation("identity already set, skipping middleware");
+                    }
 
-                return AuthenticateResult.NoResult();
+                    return AuthenticateResult.NoResult();
+                }
+            } 
+            catch (Exception ex)
+            {
+                return AuthenticateResult.Fail(ex);
             }
         }
     }
diff --git a/src/CZ.AspNetCore.EasyAuthAuthentication/Services/EasyAuthForAuthorizationTokenService.cs b/src/CZ.AspNetCore.EasyAuthAuthentication/Services/EasyAuthForAuthorizationTokenService.cs
@@ -66,7 +66,7 @@ private AuthenticateResult AuthUser(HttpContext context, ProviderOptions? option
         /// <inheritdoc/>
         private bool CanHandleAuthentification(HttpContext httpContext) =>
             IsHeaderSet(httpContext.Request.Headers, AuthorizationHeader) &&
-            httpContext.Request.Headers[AuthorizationHeader].FirstOrDefault().Contains(JWTIdentifier);
+            httpContext.Request.Headers[AuthorizationHeader].FirstOrDefault()?.Contains(JWTIdentifier) == true;
 
         private IEnumerable<AADClaimsModel> BuildFromAuthToken(JObject xMsClientPrincipal, ProviderOptions options)
         {
diff --git a/test/CZ.AspNetCore.EasyAuthAuthentication.Test/CZ.AspNetCore.EasyAuthAuthentication.Test.csproj b/test/CZ.AspNetCore.EasyAuthAuthentication.Test/CZ.AspNetCore.EasyAuthAuthentication.Test.csproj
@@ -5,11 +5,11 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="6.0.1" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="6.0.1" />
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.3.2" />
-    <PackageReference Include="xunit" Version="2.4.2" />
-    <PackageReference Include="xunit.runner.visualstudio" Version="2.4.5">
+    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="7.0.0" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="7.0.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.7.2" />
+    <PackageReference Include="xunit" Version="2.5.0" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="2.5.0">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ private AuthenticateResult AuthUser(HttpContext context, ProviderOptions? option`
`66`	`66`	`/// <inheritdoc/>`
`67`	`67`	`private bool CanHandleAuthentification(HttpContext httpContext) =>`
`68`	`68`	`IsHeaderSet(httpContext.Request.Headers, AuthorizationHeader) &&`
`69`		`- httpContext.Request.Headers[AuthorizationHeader].FirstOrDefault().Contains(JWTIdentifier);`
	`69`	`+ httpContext.Request.Headers[AuthorizationHeader].FirstOrDefault()?.Contains(JWTIdentifier) == true;`
`70`	`70`
`71`	`71`	`private IEnumerable<AADClaimsModel> BuildFromAuthToken(JObject xMsClientPrincipal, ProviderOptions options)`
`72`	`72`	`{`