yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ext method for authn back office scheme with null check, fixing tests

Browse Source
This commit is contained in:
Shannon
2020-12-02 15:49:28 +11:00
parent e297bc8c8d
commit d0e17d16bc
4 changed files with 26 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs
View File

@@ -218,7 +218,7 @@ namespace Umbraco.Web.BackOffice.Controllers
public async Task<double> GetRemainingTimeoutSeconds() public async Task<double> GetRemainingTimeoutSeconds()
{ {
// force authentication to occur since this is not an authorized endpoint // force authentication to occur since this is not an authorized endpoint
var result = await HttpContext.AuthenticateAsync(Constants.Security.BackOfficeAuthenticationType); var result = await this.AuthenticateBackOfficeAsync();
if (!result.Succeeded) if (!result.Succeeded)
{ {
return 0; return 0;
@@ -250,7 +250,7 @@ namespace Umbraco.Web.BackOffice.Controllers
public async Task<bool> IsAuthenticated() public async Task<bool> IsAuthenticated()
{ {
// force authentication to occur since this is not an authorized endpoint // force authentication to occur since this is not an authorized endpoint
var result = await HttpContext.AuthenticateAsync(Constants.Security.BackOfficeAuthenticationType); var result = await this.AuthenticateBackOfficeAsync();
return result.Succeeded; return result.Succeeded;
} }
@@ -572,7 +572,7 @@ namespace Umbraco.Web.BackOffice.Controllers
public async Task<IActionResult> PostLogout() public async Task<IActionResult> PostLogout()
{ {
// force authentication to occur since this is not an authorized endpoint // force authentication to occur since this is not an authorized endpoint
var result = await HttpContext.AuthenticateAsync(Constants.Security.BackOfficeAuthenticationType); var result = await this.AuthenticateBackOfficeAsync();
if (!result.Succeeded) return Ok(); if (!result.Succeeded) return Ok();
await _signInManager.SignOutAsync(); await _signInManager.SignOutAsync();

6
src/Umbraco.Web.BackOffice/Controllers/BackOfficeController.cs
View File

@@ -104,7 +104,7 @@ namespace Umbraco.Web.BackOffice.Controllers
public async Task<IActionResult> Default() public async Task<IActionResult> Default()
{ {
// force authentication to occur since this is not an authorized endpoint // force authentication to occur since this is not an authorized endpoint
var result = await HttpContext.AuthenticateAsync(Constants.Security.BackOfficeAuthenticationType); var result = await this.AuthenticateBackOfficeAsync();
var viewPath = Path.Combine(_globalSettings.UmbracoPath , Constants.Web.Mvc.BackOfficeArea, nameof(Default) + ".cshtml") var viewPath = Path.Combine(_globalSettings.UmbracoPath , Constants.Web.Mvc.BackOfficeArea, nameof(Default) + ".cshtml")
.Replace("\\", "/"); // convert to forward slashes since it's a virtual path .Replace("\\", "/"); // convert to forward slashes since it's a virtual path
@@ -119,7 +119,7 @@ namespace Umbraco.Web.BackOffice.Controllers
[AllowAnonymous] [AllowAnonymous]
public async Task<IActionResult> VerifyInvite(string invite) public async Task<IActionResult> VerifyInvite(string invite)
{ {
var authenticate = await HttpContext.AuthenticateAsync(Constants.Security.BackOfficeAuthenticationType); var authenticate = await this.AuthenticateBackOfficeAsync();
//if you are hitting VerifyInvite, you're already signed in as a different user, and the token is invalid //if you are hitting VerifyInvite, you're already signed in as a different user, and the token is invalid
//you'll exit on one of the return RedirectToAction(nameof(Default)) but you're still logged in so you just get //you'll exit on one of the return RedirectToAction(nameof(Default)) but you're still logged in so you just get
@@ -190,7 +190,7 @@ namespace Umbraco.Web.BackOffice.Controllers
public async Task<IActionResult> AuthorizeUpgrade() public async Task<IActionResult> AuthorizeUpgrade()
{ {
// force authentication to occur since this is not an authorized endpoint // force authentication to occur since this is not an authorized endpoint
var result = await HttpContext.AuthenticateAsync(Constants.Security.BackOfficeAuthenticationType); var result = await this.AuthenticateBackOfficeAsync();
var viewPath = Path.Combine(_globalSettings.UmbracoPath, Constants.Web.Mvc.BackOfficeArea, nameof(AuthorizeUpgrade) + ".cshtml"); var viewPath = Path.Combine(_globalSettings.UmbracoPath, Constants.Web.Mvc.BackOfficeArea, nameof(AuthorizeUpgrade) + ".cshtml");

19
src/Umbraco.Web.Common/Extensions/ControllerExtensions.cs
View File

@@ -1,10 +1,29 @@
using System; using System;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Umbraco.Core;
namespace Umbraco.Extensions namespace Umbraco.Extensions
{ {
public static class ControllerExtensions public static class ControllerExtensions
{ {
/// <summary>
/// Runs the authentication process
/// </summary>
/// <param name="controller"></param>
/// <returns></returns>
public static async Task<AuthenticateResult> AuthenticateBackOfficeAsync(this ControllerBase controller)
{
if (controller.HttpContext == null)
{
return AuthenticateResult.NoResult();
}
var result = await controller.HttpContext.AuthenticateAsync(Constants.Security.BackOfficeAuthenticationType);
return result;
}
/// <summary> /// <summary>
/// Return the controller name from the controller type /// Return the controller name from the controller type
/// </summary> /// </summary>

2
src/Umbraco.Web.Common/Install/InstallController.cs
View File

@@ -74,7 +74,7 @@ namespace Umbraco.Web.Common.Install
// Update ClientDependency version and delete its temp directories to make sure we get fresh caches // Update ClientDependency version and delete its temp directories to make sure we get fresh caches
_runtimeMinifier.Reset(); _runtimeMinifier.Reset();
var authResult = await HttpContext.AuthenticateAsync(Core.Constants.Security.BackOfficeAuthenticationType); var authResult = await this.AuthenticateBackOfficeAsync();
if (!authResult.Succeeded) if (!authResult.Succeeded)
{ {