yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Reintroduced FindFirstValue extension method

Browse Source
This commit is contained in:
Scott Brady
2020-04-30 09:27:34 +01:00
parent 073b28064a
commit 2caab18d29
9 changed files with 73 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
src/Umbraco.Tests/CoreThings/ClaimsIdentityExtensionsTests.cs Normal file
View File

@@ -0,0 +1,49 @@
using System;
using System.Collections.Generic;
using System.Security.Claims;
using NUnit.Framework;
using Umbraco.Web;
namespace Umbraco.Tests.CoreThings
{
public class ClaimsIdentityExtensionsTests
{
[Test]
public void FindFirstValue_WhenIdentityIsNull_ExpectArgumentNullException()
{
ClaimsIdentity identity = null;
Assert.Throws<ArgumentNullException>(() => identity.FindFirstValue("test"));
}
[Test]
public void FindFirstValue_WhenClaimNotPresent_ExpectNull()
{
var identity = new ClaimsIdentity(new List<Claim>());
var value = identity.FindFirstValue("test");
Assert.IsNull(value);
}
[Test]
public void FindFirstValue_WhenMatchingClaimPresent_ExpectCorrectValue()
{
var expectedClaim = new Claim("test", "123", "string", "Umbraco");
var identity = new ClaimsIdentity(new List<Claim> {expectedClaim});
var value = identity.FindFirstValue("test");
Assert.AreEqual(expectedClaim.Value, value);
}
[Test]
public void FindFirstValue_WhenMultipleMatchingClaimsPresent_ExpectFirstValue()
{
var expectedClaim = new Claim("test", "123", "string", "Umbraco");
var dupeClaim = new Claim(expectedClaim.Type, Guid.NewGuid().ToString());
var identity = new ClaimsIdentity(new List<Claim> {expectedClaim, dupeClaim});
var value = identity.FindFirstValue("test");
Assert.AreEqual(expectedClaim.Value, value);
}
}
}

1
src/Umbraco.Tests/Umbraco.Tests.csproj
View File

@@ -124,6 +124,7 @@
<Compile Include="Configurations\GlobalSettingsTests.cs" />
<Compile Include="CoreThings\CallContextTests.cs" />
<Compile Include="Components\ComponentTests.cs" />
<Compile Include="CoreThings\ClaimsIdentityExtensionsTests.cs" />
<Compile Include="CoreThings\EnumExtensionsTests.cs" />
<Compile Include="CoreThings\GuidUtilsTests.cs" />
<Compile Include="CoreThings\HexEncoderTests.cs" />

15
src/Umbraco.Web/ClaimsIdentityExtensions.cs
View File

@@ -13,8 +13,8 @@ namespace Umbraco.Web
string userId = null;
if (identity is ClaimsIdentity claimsIdentity)
{
userId = claimsIdentity.FindFirst(ClaimTypes.NameIdentifier)?.Value
?? claimsIdentity.FindFirst("sub")?.Value;
userId = claimsIdentity.FindFirstValue(ClaimTypes.NameIdentifier)
?? claimsIdentity.FindFirstValue("sub");
}
return userId;
@@ -27,11 +27,18 @@ namespace Umbraco.Web
string username = null;
if (identity is ClaimsIdentity claimsIdentity)
{
username = claimsIdentity.FindFirst(ClaimTypes.Name)?.Value
?? claimsIdentity.FindFirst("preferred_username")?.Value;
username = claimsIdentity.FindFirstValue(ClaimTypes.Name)
?? claimsIdentity.FindFirstValue("preferred_username");
}
return username;
}
public static string FindFirstValue(this ClaimsIdentity identity, string claimType)
{
if (identity == null) throw new ArgumentNullException(nameof(identity));
return identity.FindFirst(claimType)?.Value;
}
}
}

2
src/Umbraco.Web/Security/AuthenticationExtensions.cs
View File

@@ -230,7 +230,7 @@ namespace Umbraco.Web.Security
var claimsIdentity = http.User.Identity as ClaimsIdentity;
if (claimsIdentity != null)
{
var sessionId = claimsIdentity.FindFirst(Constants.Security.SessionIdClaimType)?.Value;
var sessionId = claimsIdentity.FindFirstValue(Constants.Security.SessionIdClaimType);
Guid guidSession;
if (sessionId.IsNullOrWhiteSpace() == false && Guid.TryParse(sessionId, out guidSession))
{

2
src/Umbraco.Web/Security/AuthenticationManagerExtensions.cs
View File

@@ -28,7 +28,7 @@ namespace Umbraco.Web.Security
name = name.Replace(" ", "");
}
var email = result.Identity.FindFirst(ClaimTypes.Email)?.Value;
var email = result.Identity.FindFirstValue(ClaimTypes.Email);
return new ExternalLoginInfo
{
ExternalIdentity = result.Identity,

2
src/Umbraco.Web/Security/BackOfficeCookieAuthenticationProvider.cs
View File

@@ -57,7 +57,7 @@ namespace Umbraco.Web.Security
if (context?.OwinContext?.Authentication?.User?.Identity != null)
{
var claimsIdentity = context.OwinContext.Authentication.User.Identity as ClaimsIdentity;
var sessionId = claimsIdentity.FindFirst(Core.Constants.Security.SessionIdClaimType)?.Value;
var sessionId = claimsIdentity.FindFirstValue(Constants.Security.SessionIdClaimType);
if (sessionId.IsNullOrWhiteSpace() == false && Guid.TryParse(sessionId, out var guidSession))
{
_userService.ClearLoginSession(guidSession);

2
src/Umbraco.Web/Security/SessionIdValidator.cs
View File

@@ -95,7 +95,7 @@ namespace Umbraco.Web.Security
if (user == null)
return false;
var sessionId = currentIdentity.FindFirst(Constants.Security.SessionIdClaimType)?.Value;
var sessionId = currentIdentity.FindFirstValue(Constants.Security.SessionIdClaimType);
if (await manager.ValidateSessionIdAsync(userId, sessionId) == false)
return false;

13
src/Umbraco.Web/Security/UmbracoBackOfficeIdentity.cs
View File

@@ -2,6 +2,7 @@
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using Umbraco.Web;
namespace Umbraco.Core.Security
{
@@ -203,17 +204,17 @@ namespace Umbraco.Core.Security
private string[] _allowedApplications;
public string[] AllowedApplications => _allowedApplications ?? (_allowedApplications = FindAll(x => x.Type == Constants.Security.AllowedApplicationsClaimType).Select(app => app.Value).ToArray());
public int Id => int.Parse(this.FindFirst(ClaimTypes.NameIdentifier)?.Value);
public int Id => int.Parse(this.FindFirstValue(ClaimTypes.NameIdentifier));
public string RealName => this.FindFirst(ClaimTypes.GivenName)?.Value;
public string RealName => this.FindFirstValue(ClaimTypes.GivenName);
public string Username => this.FindFirst(ClaimTypes.Name)?.Value;
public string Username => this.FindFirstValue(ClaimTypes.Name);
public string Culture => this.FindFirst(ClaimTypes.Locality)?.Value;
public string Culture => this.FindFirstValue(ClaimTypes.Locality);
public string SessionId
{
get => this.FindFirst(Constants.Security.SessionIdClaimType)?.Value;
get => this.FindFirstValue(Constants.Security.SessionIdClaimType);
set
{
var existing = FindFirst(Constants.Security.SessionIdClaimType);
@@ -223,7 +224,7 @@ namespace Umbraco.Core.Security
}
}
public string SecurityStamp => this.FindFirst(Constants.Web.SecurityStampClaimType)?.Value;
public string SecurityStamp => this.FindFirstValue(Constants.Web.SecurityStampClaimType);
public string[] Roles => this.FindAll(x => x.Type == DefaultRoleClaimType).Select(role => role.Value).ToArray();

2
src/Umbraco.Web/Security/UmbracoSecurityStampValidator.cs
View File

@@ -54,7 +54,7 @@ namespace Umbraco.Web.Security
// Refresh the identity if the stamp matches, otherwise reject
if (user != null && manager.SupportsUserSecurityStamp)
{
var securityStamp = context.Identity.FindFirst(Constants.Web.SecurityStampClaimType)?.Value;
var securityStamp = context.Identity.FindFirstValue(Constants.Web.SecurityStampClaimType);
var newSecurityStamp = await manager.GetSecurityStampAsync(user);
if (securityStamp == newSecurityStamp)