Comments (11)
HaoK
commented on August 28, 2024
@PinpointTownes does your PR address everything here?
from security.
kevinchalet
commented on August 28, 2024
@HaoK not really. This ticket was about unifying I*AuthenticationProvider and *AuthenticationNotifications, but I*AuthenticationProvider has since been replaced by I*AuthenticationNotifications.
The question is now: do we want to have...
- an
I*AuthenticationNotificationsinterface and a default*AuthenticationNotificationsclass exposingFuncproperties like the OAuth2 client middleware https://github.com/aspnet/Security/blob/dev/src/Microsoft.AspNet.Authentication.OAuth/Notifications/IOAuthAuthenticationNotifications.cs and https://github.com/aspnet/Security/blob/dev/src/Microsoft.AspNet.Authentication.OAuth/Notifications/OAuthAuthenticationNotifications.cs - or a single
*AuthenticationNotificationsclass that doesn't have any method and simply exposesFuncproperties, like the OIDC client middleware: https://github.com/aspnet/Security/blob/dev/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectAuthenticationNotifications.cs
The first approach is definitely less DRY but seems more flexible and allows advanced scenarios like interface interception via Dynamic Proxy.
from security.
Tratcher
commented on August 28, 2024
I recommend the second approach. It's much cleaner and I have never seen anyone utilize the extensibility provided by the first approach.
from security.
kevinchalet
commented on August 28, 2024
@Tratcher here's a sample of subclassing a default *AuthenticationProvider class: https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/blob/vNext/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs#L11
Overriding a method is much cleaner than assigning a delegate.
from security.
analogrelay
commented on August 28, 2024
@HaoK We need to do design on this. @glennc can assign an existing design meeting slot for this.
from security.
kevinchalet
commented on August 28, 2024
Do we finally have an agreement on the definitive notification pattern?
(related topic: IdentityServer/IdentityServer3#1437)
from security.
Tratcher
commented on August 28, 2024
Nope...
from security.
Tratcher
commented on August 28, 2024
Notes:
- Rename *Notifications -> Events
- Change OIDC notifications -> use the I*Notifications pattern (see cookies)
- Move all of the OIDC base notification objects from Authentication/Notifications to ODIC/Notifications, squash the generic. Rename to *Context.
- Rename OAuthBearer to OAuthJWTBearer or something similar? Its not generic bearer, itβs JWT IdentityModel bearer.
Iβll file separate bugs for these.
from security.
Tratcher
commented on August 28, 2024
Filed #413 for OAuthBearer. The others are all interrelated and can be handled together as part of this #.
from security.
kevinchalet
commented on August 28, 2024
Nice!
from security.
Tratcher
commented on August 28, 2024
Related: #307
from security.
Related Issues (20)
- About policy in Multiple Schemes 403 problem HOT 2
- AVRO serialization error - Could not find any matching known type for 'Newtonsoft.Json.Linq.JToken' using c# HOT 3
- How to Validate AccessToken in WebAPI core 2.0 getting from IdentityServer3 HOT 1
- Multiple refresh for authentication on server HOT 33
- Oauth MicrosoftAccount Token Request Issue HOT 6
- OAuth redirect_uri using http instead of https on Azure App Service Linux HOT 9
- Is there a way to Decrypt encrypted SAML token?? HOT 9
- Set redirect from authorization handler HOT 5
- JWT payload "unique_name" not mapped correctly HOT 2
- .
- HttpContext.SignInAsync sets null to Identity claims data HOT 3
- Handling incomplete remote signouts HOT 15
- .net core api authentication using ws-federation HOT 7
- AuthenticationProperties object is not passed to ChallengeAsync / ForbidAsync HOT 11
- [Net Core 2.0] AccessDeniedPath ignored in cookie authentication HOT 1
- Docker Swarm + nginx + WS-Federation: multiple redirection issue HOT 33
- SSO for Microsoft Outlook using auth0 HOT 6
- Redirect URI is ignored HOT 2
- Wctx parameter getting overridden, breaking functionality HOT 8
- ASP.NET Core OpenId Authentication in Container with TLS Termination in WAF HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from security.