From 7ff565bfe038d9ca8258b2377d73885ab27dfb22 Mon Sep 17 00:00:00 2001 From: Kristian Hellang Date: Tue, 1 Oct 2019 15:40:14 +0200 Subject: [PATCH] Removed obsolete code --- .../BuilderExtensions/Core.cs | 5 --- .../Options/AuthenticationOptions.cs | 7 --- .../IdentityServerAuthenticationService.cs | 20 +-------- .../Infrastructure/BackChannelHttpClient.cs | 43 ------------------- .../Services/Default/DefaultUserSession.cs | 28 +----------- .../DefaultClientConfigurationValidator.cs | 37 ++++++---------- .../Common/MockHttpContextAccessor.cs | 7 ++- .../Default/DefaultUserSessionTests.cs | 2 - 8 files changed, 22 insertions(+), 127 deletions(-) delete mode 100644 src/IdentityServer4/src/Infrastructure/BackChannelHttpClient.cs diff --git a/src/IdentityServer4/src/Configuration/DependencyInjection/BuilderExtensions/Core.cs b/src/IdentityServer4/src/Configuration/DependencyInjection/BuilderExtensions/Core.cs index 3bfbf6a5e7..4e266f5e2d 100644 --- a/src/IdentityServer4/src/Configuration/DependencyInjection/BuilderExtensions/Core.cs +++ b/src/IdentityServer4/src/Configuration/DependencyInjection/BuilderExtensions/Core.cs @@ -126,11 +126,6 @@ public static IIdentityServerBuilder AddCoreServices(this IIdentityServerBuilder builder.Services.AddTransient(); builder.Services.AddTransient(); - // todo: remove in 3.0 -#pragma warning disable CS0618 // Type or member is obsolete - builder.Services.AddTransient(); -#pragma warning restore CS0618 // Type or member is obsolete - builder.Services.AddTransient(); builder.Services.AddTransient(); diff --git a/src/IdentityServer4/src/Configuration/DependencyInjection/Options/AuthenticationOptions.cs b/src/IdentityServer4/src/Configuration/DependencyInjection/Options/AuthenticationOptions.cs index 7f4e81a09a..e007818d59 100644 --- a/src/IdentityServer4/src/Configuration/DependencyInjection/Options/AuthenticationOptions.cs +++ b/src/IdentityServer4/src/Configuration/DependencyInjection/Options/AuthenticationOptions.cs @@ -40,13 +40,6 @@ public class AuthenticationOptions /// public string CheckSessionCookieName { get; set; } = IdentityServerConstants.DefaultCheckSessionCookieName; - /// - /// Gets or sets the timeout on the back channel logout HTTP call. - /// - // todo: remove in 3.0 - [Obsolete("Replaced by the use of BackChannelLogoutHttpClient. Use the new AddBackChannelLogoutHttpClient to configure the HttpClient settings.")] - public TimeSpan BackChannelLogoutTimeOut { get; set; } = TimeSpan.FromSeconds(30); - /// /// If set, will require frame-src CSP headers being emitting on the end session callback endpoint which renders iframes to clients for front-channel signout notification. /// diff --git a/src/IdentityServer4/src/Hosting/IdentityServerAuthenticationService.cs b/src/IdentityServer4/src/Hosting/IdentityServerAuthenticationService.cs index f60b75ebb2..2a2cfc0466 100644 --- a/src/IdentityServer4/src/Hosting/IdentityServerAuthenticationService.cs +++ b/src/IdentityServer4/src/Hosting/IdentityServerAuthenticationService.cs @@ -50,26 +50,10 @@ public IdentityServerAuthenticationService( _logger = logger; } - // todo: remove this in 3.0 and use extension method on http context - private async Task GetCookieAuthenticationSchemeAsync() - { - if (_options.Authentication.CookieAuthenticationScheme != null) - { - return _options.Authentication.CookieAuthenticationScheme; - } - - var scheme = await _schemes.GetDefaultAuthenticateSchemeAsync(); - if (scheme == null) - { - throw new InvalidOperationException("No DefaultAuthenticateScheme found."); - } - return scheme.Name; - } - public async Task SignInAsync(HttpContext context, string scheme, ClaimsPrincipal principal, AuthenticationProperties properties) { var defaultScheme = await _schemes.GetDefaultSignInSchemeAsync(); - var cookieScheme = await GetCookieAuthenticationSchemeAsync(); + var cookieScheme = await context.GetCookieAuthenticationSchemeAsync(); if ((scheme == null && defaultScheme?.Name == cookieScheme) || scheme == cookieScheme) { @@ -93,7 +77,7 @@ private void AugmentPrincipal(ClaimsPrincipal principal) public async Task SignOutAsync(HttpContext context, string scheme, AuthenticationProperties properties) { var defaultScheme = await _schemes.GetDefaultSignOutSchemeAsync(); - var cookieScheme = await GetCookieAuthenticationSchemeAsync(); + var cookieScheme = await context.GetCookieAuthenticationSchemeAsync(); if ((scheme == null && defaultScheme?.Name == cookieScheme) || scheme == cookieScheme) { diff --git a/src/IdentityServer4/src/Infrastructure/BackChannelHttpClient.cs b/src/IdentityServer4/src/Infrastructure/BackChannelHttpClient.cs deleted file mode 100644 index 5b23834e3a..0000000000 --- a/src/IdentityServer4/src/Infrastructure/BackChannelHttpClient.cs +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. -// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. - - -using System; -using System.Net.Http; -using IdentityServer4.Configuration; - -namespace IdentityServer4.Infrastructure -{ - /// - /// Used to model back-channel HTTP calls for back-channel logout spec. - /// - /// - // todo: remove in 3.0 - [Obsolete("This class is no longer used. IHttpClientFactory will be used instead. See the new BackChannelHttpFactoryClientName property on the IdentityServer AuthenticationOptions.")] - public class BackChannelHttpClient : HttpClient - { - /// - /// Initializes a new instance of the class. - /// - public BackChannelHttpClient() - { - } - - /// - /// Initializes a new instance of the class. - /// - /// The options. - public BackChannelHttpClient(IdentityServerOptions options) - { - Timeout = options.Authentication.BackChannelLogoutTimeOut; - } - - /// - /// Initializes a new instance of the class. - /// - /// The HTTP handler stack to use for sending requests. - public BackChannelHttpClient(HttpMessageHandler handler) : base(handler) - { - } - } -} diff --git a/src/IdentityServer4/src/Services/Default/DefaultUserSession.cs b/src/IdentityServer4/src/Services/Default/DefaultUserSession.cs index 174a561fb2..dfce7c1db5 100644 --- a/src/IdentityServer4/src/Services/Default/DefaultUserSession.cs +++ b/src/IdentityServer4/src/Services/Default/DefaultUserSession.cs @@ -27,11 +27,6 @@ public class DefaultUserSession : IUserSession /// protected readonly IHttpContextAccessor HttpContextAccessor; - /// - /// The schemes - /// - protected readonly IAuthenticationSchemeProvider Schemes; - /// /// The handlers /// @@ -89,37 +84,18 @@ public class DefaultUserSession : IUserSession /// The logger. public DefaultUserSession( IHttpContextAccessor httpContextAccessor, - IAuthenticationSchemeProvider schemes, IAuthenticationHandlerProvider handlers, IdentityServerOptions options, ISystemClock clock, ILogger logger) { HttpContextAccessor = httpContextAccessor; - Schemes = schemes; Handlers = handlers; Options = options; Clock = clock; Logger = logger; } - // todo: remove this in 3.0 and use extension method on http context - private async Task GetCookieSchemeAsync() - { - if (Options.Authentication.CookieAuthenticationScheme != null) - { - return Options.Authentication.CookieAuthenticationScheme; - } - - var defaultScheme = await Schemes.GetDefaultAuthenticateSchemeAsync(); - if (defaultScheme == null) - { - throw new InvalidOperationException("No DefaultAuthenticateScheme found."); - } - - return defaultScheme.Name; - } - // we need this helper (and can't call HttpContext.AuthenticateAsync) so we don't run // claims transformation when we get the principal. this also ensures that we don't // re-issue a cookie that includes the claims from claims transformation. @@ -137,7 +113,7 @@ protected virtual async Task AuthenticateAsync() { if (Principal == null || Properties == null) { - var scheme = await GetCookieSchemeAsync(); + var scheme = await HttpContext.GetCookieAuthenticationSchemeAsync(); var handler = await Handlers.GetHandlerAsync(HttpContext, scheme); if (handler == null) @@ -359,7 +335,7 @@ private async Task SetClientListPropertyValueAsync(string value) Properties.Items[ClientListKey] = value; } - var scheme = await GetCookieSchemeAsync(); + var scheme = await HttpContext.GetCookieAuthenticationSchemeAsync(); await HttpContext.SignInAsync(scheme, Principal, Properties); } diff --git a/src/IdentityServer4/src/Validation/Default/DefaultClientConfigurationValidator.cs b/src/IdentityServer4/src/Validation/Default/DefaultClientConfigurationValidator.cs index e54505e4e5..f291371677 100644 --- a/src/IdentityServer4/src/Validation/Default/DefaultClientConfigurationValidator.cs +++ b/src/IdentityServer4/src/Validation/Default/DefaultClientConfigurationValidator.cs @@ -14,15 +14,6 @@ public class DefaultClientConfigurationValidator : IClientConfigurationValidator { private readonly IdentityServerOptions _options; - // todo: default ctor for backwards compat; remove in 3.0 - - /// - /// Constructor for DefaultClientConfigurationValidator - /// - public DefaultClientConfigurationValidator() - { - } - /// /// Constructor for DefaultClientConfigurationValidator /// @@ -193,30 +184,26 @@ protected virtual Task ValidateAllowedCorsOriginsAsync(ClientConfigurationValida /// protected virtual Task ValidateUriSchemesAsync(ClientConfigurationValidationContext context) { - // todo: null check for backwards compat; remove in 3.0 - if (_options != null) + if (context.Client.RedirectUris?.Any() == true) { - if (context.Client.RedirectUris?.Any() == true) + foreach (var uri in context.Client.RedirectUris) { - foreach (var uri in context.Client.RedirectUris) + if (_options.Validation.InvalidRedirectUriPrefixes + .Any(scheme => uri?.StartsWith(scheme, StringComparison.OrdinalIgnoreCase) == true)) { - if (_options.Validation.InvalidRedirectUriPrefixes - .Any(scheme => uri?.StartsWith(scheme, StringComparison.OrdinalIgnoreCase) == true)) - { - context.SetError($"RedirectUri '{uri}' uses invalid scheme. If this scheme should be allowed, then configure it via ValidationOptions."); - } + context.SetError($"RedirectUri '{uri}' uses invalid scheme. If this scheme should be allowed, then configure it via ValidationOptions."); } } + } - if (context.Client.PostLogoutRedirectUris?.Any() == true) + if (context.Client.PostLogoutRedirectUris?.Any() == true) + { + foreach (var uri in context.Client.PostLogoutRedirectUris) { - foreach (var uri in context.Client.PostLogoutRedirectUris) + if (_options.Validation.InvalidRedirectUriPrefixes + .Any(scheme => uri.StartsWith(scheme, StringComparison.OrdinalIgnoreCase))) { - if (_options.Validation.InvalidRedirectUriPrefixes - .Any(scheme => uri.StartsWith(scheme, StringComparison.OrdinalIgnoreCase))) - { - context.SetError($"PostLogoutRedirectUri '{uri}' uses invalid scheme. If this scheme should be allowed, then configure it via ValidationOptions."); - } + context.SetError($"PostLogoutRedirectUri '{uri}' uses invalid scheme. If this scheme should be allowed, then configure it via ValidationOptions."); } } } diff --git a/src/IdentityServer4/test/IdentityServer.UnitTests/Common/MockHttpContextAccessor.cs b/src/IdentityServer4/test/IdentityServer.UnitTests/Common/MockHttpContextAccessor.cs index 576aae9293..64654768e4 100644 --- a/src/IdentityServer4/test/IdentityServer.UnitTests/Common/MockHttpContextAccessor.cs +++ b/src/IdentityServer4/test/IdentityServer.UnitTests/Common/MockHttpContextAccessor.cs @@ -9,6 +9,7 @@ using IdentityServer4.Stores; using IdentityServer4.Models; using Microsoft.AspNetCore.Authentication; +using IdentityServer.UnitTests.Common; namespace IdentityServer4.UnitTests.Common { @@ -17,6 +18,8 @@ internal class MockHttpContextAccessor : IHttpContextAccessor private HttpContext _context = new DefaultHttpContext(); public MockAuthenticationService AuthenticationService { get; set; } = new MockAuthenticationService(); + public MockAuthenticationSchemeProvider Schemes { get; set; } = new MockAuthenticationSchemeProvider(); + public MockHttpContextAccessor( IdentityServerOptions options = null, IUserSession userSession = null, @@ -27,10 +30,12 @@ public MockHttpContextAccessor( var services = new ServiceCollection(); services.AddSingleton(options); + services.AddSingleton(Schemes); services.AddSingleton(AuthenticationService); + services.AddAuthentication(auth => { - auth.DefaultAuthenticateScheme = "foo"; + auth.DefaultAuthenticateScheme = Schemes.Default; }); if (userSession == null) diff --git a/src/IdentityServer4/test/IdentityServer.UnitTests/Services/Default/DefaultUserSessionTests.cs b/src/IdentityServer4/test/IdentityServer.UnitTests/Services/Default/DefaultUserSessionTests.cs index dfe1027363..bc68503f3c 100644 --- a/src/IdentityServer4/test/IdentityServer.UnitTests/Services/Default/DefaultUserSessionTests.cs +++ b/src/IdentityServer4/test/IdentityServer.UnitTests/Services/Default/DefaultUserSessionTests.cs @@ -22,7 +22,6 @@ public class DefaultUserSessionTests { private DefaultUserSession _subject; private MockHttpContextAccessor _mockHttpContext = new MockHttpContextAccessor(); - private MockAuthenticationSchemeProvider _mockAuthenticationSchemeProvider = new MockAuthenticationSchemeProvider(); private MockAuthenticationHandlerProvider _mockAuthenticationHandlerProvider = new MockAuthenticationHandlerProvider(); private MockAuthenticationHandler _mockAuthenticationHandler = new MockAuthenticationHandler(); @@ -37,7 +36,6 @@ public DefaultUserSessionTests() _user = new IdentityServerUser("123").CreatePrincipal(); _subject = new DefaultUserSession( _mockHttpContext, - _mockAuthenticationSchemeProvider, _mockAuthenticationHandlerProvider, _options, new StubClock(),