Merge branch 'netcore/feature/websecurity' into netcore/feature/get-remaining-seconds

2020-06-03 18:11:59 +10:00
parent 6004a0fb44 4ca87d8923
commit 0d0b3324fb
5 changed files with 32 additions and 43 deletions
--- a/src/Umbraco.Infrastructure/BackOffice/BackOfficeClaimsPrincipalFactory.cs
+++ b/src/Umbraco.Infrastructure/BackOffice/BackOfficeClaimsPrincipalFactory.cs
@@ -35,5 +35,18 @@ namespace Umbraco.Core.BackOffice

            return new ClaimsPrincipal(umbracoIdentity);
        }
+
+        protected override async Task<ClaimsIdentity> GenerateClaimsAsync(TUser user)
+        {
+            // TODO: Have a look at the base implementation https://github.com/dotnet/aspnetcore/blob/master/src/Identity/Extensions.Core/src/UserClaimsPrincipalFactory.cs#L79
+            // since it's setting an authentication type that is probably not what we want.
+            // also, this is the method that we should be returning our UmbracoBackOfficeIdentity from , not the method above,
+            // the method above just returns a principal that wraps the identity and we dont use a custom principal,
+            // see https://github.com/dotnet/aspnetcore/blob/master/src/Identity/Extensions.Core/src/UserClaimsPrincipalFactory.cs#L66
+
+            var identity = await base.GenerateClaimsAsync(user);
+
+            return identity;
+        }
    }
 }
--- a/src/Umbraco.Tests.UnitTests/Umbraco.Core/BackOffice/BackOfficeClaimsPrincipalFactoryTests.cs
+++ b/src/Umbraco.Tests.UnitTests/Umbraco.Core/BackOffice/BackOfficeClaimsPrincipalFactoryTests.cs
@@ -17,6 +17,11 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Core.BackOffice
    [TestFixture]
    public class BackOfficeClaimsPrincipalFactoryTests
    {
+        private const int _testUserId = 2;
+        private const string _testUserName = "bob";
+        private const string _testUserGivenName = "Bob";
+        private const string _testUserCulture = "en-US";
+        private const string _testUserSecurityStamp = "B6937738-9C17-4C7D-A25A-628A875F5177";
        private BackOfficeIdentityUser _testUser;
        private Mock<UserManager<BackOfficeIdentityUser>> _mockUserManager;

@@ -65,46 +70,16 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Core.BackOffice
            Assert.IsNotNull(umbracoBackOfficeIdentity);
        }

-        [Test]
-        public async Task CreateAsync_Should_Create_NameId()
+        [TestCase(ClaimTypes.NameIdentifier, _testUserId)]
+        [TestCase(ClaimTypes.Name, _testUserName)]        
+        public async Task CreateAsync_Should_Include_Claim(string expectedClaimType, object expectedClaimValue)
        {
-            const string expectedClaimType = ClaimTypes.NameIdentifier;
-            var expectedClaimValue = _testUser.Id.ToString();
-
            var sut = CreateSut();

            var claimsPrincipal = await sut.CreateAsync(_testUser);

-            Assert.True(claimsPrincipal.HasClaim(expectedClaimType, expectedClaimValue));
-            Assert.True(claimsPrincipal.GetUmbracoIdentity().Actor.HasClaim(expectedClaimType, expectedClaimValue));
-        }
-
-        [Test]
-        public async Task CreateAsync_Should_Create_Name()
-        {
-            const string expectedClaimType = ClaimTypes.Name;
-            var expectedClaimValue = _testUser.UserName;
-
-            var sut = CreateSut();
-
-            var claimsPrincipal = await sut.CreateAsync(_testUser);
-
-            Assert.True(claimsPrincipal.HasClaim(expectedClaimType, expectedClaimValue));
-            Assert.True(claimsPrincipal.GetUmbracoIdentity().Actor.HasClaim(expectedClaimType, expectedClaimValue));
-        }
-
-        [Test]
-        public async Task CreateAsync_Should_Create_IdentityProvider()
-        {
-            const string expectedClaimType = "http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider";
-            const string expectedClaimValue = "ASP.NET Identity";
-
-            var sut = CreateSut();
-
-            var claimsPrincipal = await sut.CreateAsync(_testUser);
-
-            Assert.True(claimsPrincipal.HasClaim(expectedClaimType, expectedClaimValue));
-            Assert.True(claimsPrincipal.GetUmbracoIdentity().Actor.HasClaim(expectedClaimType, expectedClaimValue));
+            Assert.True(claimsPrincipal.HasClaim(expectedClaimType, expectedClaimValue.ToString()));
+            Assert.True(claimsPrincipal.GetUmbracoIdentity().Actor.HasClaim(expectedClaimType, expectedClaimValue.ToString()));
        }

        [Test]
@@ -165,12 +140,13 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Core.BackOffice
            var mockGlobalSettings = new Mock<IGlobalSettings>();
            mockGlobalSettings.Setup(x => x.DefaultUILanguage).Returns("test");

-            _testUser = new BackOfficeIdentityUser(mockGlobalSettings.Object, 2, new List<IReadOnlyUserGroup>())
+            _testUser = new BackOfficeIdentityUser(mockGlobalSettings.Object, _testUserId, new List<IReadOnlyUserGroup>())
            {
-                UserName = "bob",
-                Name = "Bob",
+                UserName = _testUserName,
+                Name = _testUserGivenName,
                Email = "bob@umbraco.test",
-                SecurityStamp = "B6937738-9C17-4C7D-A25A-628A875F5177"
+                SecurityStamp = _testUserSecurityStamp,
+                Culture = _testUserCulture
            };

            _mockUserManager = new Mock<UserManager<BackOfficeIdentityUser>>(new Mock<IUserStore<BackOfficeIdentityUser>>().Object,
--- a/src/Umbraco.Tests.UnitTests/Umbraco.Core/BackOffice/UmbracoBackOfficeIdentityTests.cs
+++ b/src/Umbraco.Tests.UnitTests/Umbraco.Core/BackOffice/UmbracoBackOfficeIdentityTests.cs
@@ -48,7 +48,7 @@ namespace Umbraco.Tests.UnitTests.Umbraco.Core.BackOffice
            Assert.AreEqual("en-us", backofficeIdentity.Culture);
            Assert.IsTrue(new[] { "admin" }.SequenceEqual(backofficeIdentity.Roles));

-            Assert.AreEqual(12, backofficeIdentity.Claims.Count());
+            Assert.AreEqual(11, backofficeIdentity.Claims.Count());
        }

        [Test]
--- a/src/Umbraco.Tests/Umbraco.Tests.csproj
+++ b/src/Umbraco.Tests/Umbraco.Tests.csproj
@@ -269,7 +269,6 @@
    <Compile Include="Composing\ComposingTestBase.cs" />
    <Compile Include="Routing\RoutesCacheTests.cs" />
    <Compile Include="Routing\UrlRoutingTestBase.cs" />
-    <Compile Include="Security\BackOfficeCookieManagerTests.cs" />
    <Compile Include="Services\ContentTypeServiceExtensionsTests.cs" />
    <Compile Include="Services\PublicAccessServiceTests.cs" />
    <Compile Include="StringNewlineExtensions.cs" />
--- a/src/Umbraco.Web.BackOffice/Filters/ValidateAngularAntiForgeryTokenAttribute.cs
+++ b/src/Umbraco.Web.BackOffice/Filters/ValidateAngularAntiForgeryTokenAttribute.cs
@@ -10,6 +10,7 @@ using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.Filters;
 using Umbraco.Core;
 using Umbraco.Core.Logging;
+using Umbraco.Web.BackOffice.Security;

 namespace Umbraco.Web.BackOffice.Filters
 {
@@ -24,10 +25,10 @@ namespace Umbraco.Web.BackOffice.Filters
    public sealed class ValidateAngularAntiForgeryTokenAttribute : ActionFilterAttribute
    {
        private readonly ILogger _logger;
-        private readonly IAntiforgery _antiforgery;
+        private readonly IBackOfficeAntiforgery _antiforgery;
        private readonly ICookieManager _cookieManager;

-        public ValidateAngularAntiForgeryTokenAttribute(ILogger logger, IAntiforgery antiforgery, ICookieManager cookieManager)
+        public ValidateAngularAntiForgeryTokenAttribute(ILogger logger, IBackOfficeAntiforgery antiforgery, ICookieManager cookieManager)
        {
            _logger = logger;
            _antiforgery = antiforgery;