Merge pull request #1820 from damianh/v2-claims

Replacing current "user" objects with ClaimsPrincipal/ClaimsIdentity

rakefile.rb

@@ -55,7 +55,7 @@
 desc "Compile solution file for Mono"
 xbuild :compilemono => [:assembly_info] do |xb|
     xb.solution = SOLUTION_FILE
-    xb.properties = { :configuration => CONFIGURATIONMONO, "TargetFrameworkProfile" => "", "TargetFrameworkVersion" => "v4.0" }
+    xb.properties = { :configuration => CONFIGURATIONMONO, "TargetFrameworkProfile" => "", "TargetFrameworkVersion" => "v4.5" }
 end
 
 desc "Gathers output files and copies them to the output folder"

src/Nancy.Authentication.Basic.Tests/BasicAuthenticationFixture.cs

@@ -2,13 +2,13 @@
 {
     using System;
     using System.Collections.Generic;
+    using System.Security.Claims;
     using System.Text;
     using System.Threading;
 
     using FakeItEasy;
 
     using Nancy.Bootstrapper;
-    using Nancy.Security;
     using Nancy.Tests;
     using Nancy.Tests.Fakes;
 
@@ -252,7 +252,7 @@ public void Should_set_user_in_context_with_valid_username_in_auth_header()
             var fakePipelines = new Pipelines();
 
             var validator = A.Fake<IUserValidator>();
-            var fakeUser = A.Fake<IUserIdentity>();
+            var fakeUser = A.Fake<ClaimsPrincipal>();
             A.CallTo(() => validator.Validate("foo", "bar")).Returns(fakeUser);
 
             var cfg = new BasicAuthenticationConfiguration(validator, "realm");

src/Nancy.Authentication.Basic/IUserValidator.cs

@@ -1,18 +1,18 @@
 namespace Nancy.Authentication.Basic
 {
-    using Nancy.Security;
+    using System.Security.Claims;
 
     /// <summary>
-	/// Provides a way to validate the username and password
-	/// </summary>
-	public interface IUserValidator
-	{
-		/// <summary>
-		/// Validates the username and password
-		/// </summary>
-		/// <param name="username">Username</param>
-		/// <param name="password">Password</param>
-		/// <returns>A value representing the authenticated user, null if the user was not authenticated.</returns>
-		IUserIdentity Validate(string username, string password);
-	}
-}
+    ///     Provides a way to validate the username and password
+    /// </summary>
+    public interface IUserValidator
+    {
+        /// <summary>
+        ///     Validates the username and password
+        /// </summary>
+        /// <param name="username">Username</param>
+        /// <param name="password">Password</param>
+        /// <returns>A value representing the authenticated user, null if the user was not authenticated.</returns>
+        ClaimsPrincipal Validate(string username, string password);
+    }
+}

src/Nancy.Authentication.Forms.Tests/FormsAuthenticationFixture.cs

@@ -2,11 +2,12 @@ namespace Nancy.Authentication.Forms.Tests
 {
     using System;
     using System.Linq;
+    using System.Security.Claims;
+    using System.Security.Principal;
     using System.Threading;
 
     using FakeItEasy;
 
-    using Nancy.Authentication.Forms.Tests.Fakes;
     using Nancy.Bootstrapper;
     using Nancy.Cryptography;
     using Nancy.Helpers;
@@ -379,7 +380,7 @@ public void Should_have_expired_empty_authentication_cookie_in_logout_response_w
             var result = FormsAuthentication.LogOutResponse();
 
             // Then
-            var cookie = result.Cookies.Where(c => c.Name == FormsAuthentication.FormsAuthenticationCookieName).First();
+            var cookie = result.Cookies.First(c => c.Name == FormsAuthentication.FormsAuthenticationCookieName);
             cookie.Value.ShouldBeEmpty();
             cookie.Expires.ShouldNotBeNull();
             (cookie.Expires < DateTime.Now).ShouldBeTrue();
@@ -405,7 +406,7 @@ public void Should_set_user_in_context_with_valid_cookie()
         {
             var fakePipelines = new Pipelines();
             var fakeMapper = A.Fake<IUserMapper>();
-            var fakeUser = new FakeUserIdentity {UserName = "Bob"};
+            var fakeUser = new ClaimsPrincipal(new GenericIdentity("Bob"));
             A.CallTo(() => fakeMapper.GetUserFromIdentifier(this.userGuid, this.context)).Returns(fakeUser);
             this.config.UserMapper = fakeMapper;
             FormsAuthentication.Enable(fakePipelines, this.config);
@@ -421,7 +422,7 @@ public void Should_not_set_user_in_context_with_empty_cookie()
         {
             var fakePipelines = new Pipelines();
             var fakeMapper = A.Fake<IUserMapper>();
-            var fakeUser = new FakeUserIdentity {UserName = "Bob"};
+            var fakeUser = new ClaimsPrincipal(new GenericIdentity("Bob"));
             A.CallTo(() => fakeMapper.GetUserFromIdentifier(this.userGuid, this.context)).Returns(fakeUser);
             this.config.UserMapper = fakeMapper;
             FormsAuthentication.Enable(fakePipelines, this.config);
@@ -437,7 +438,7 @@ public void Should_not_set_user_in_context_with_invalid_hmac()
         {
             var fakePipelines = new Pipelines();
             var fakeMapper = A.Fake<IUserMapper>();
-            var fakeUser = new FakeUserIdentity { UserName = "Bob" };
+            var fakeUser = new ClaimsPrincipal(new GenericIdentity("Bob"));
             A.CallTo(() => fakeMapper.GetUserFromIdentifier(this.userGuid, this.context)).Returns(fakeUser);
             this.config.UserMapper = fakeMapper;
             FormsAuthentication.Enable(fakePipelines, this.config);
@@ -453,7 +454,7 @@ public void Should_not_set_user_in_context_with_empty_hmac()
         {
             var fakePipelines = new Pipelines();
             var fakeMapper = A.Fake<IUserMapper>();
-            var fakeUser = new FakeUserIdentity { UserName = "Bob" };
+            var fakeUser = new ClaimsPrincipal(new GenericIdentity("Bob"));
             A.CallTo(() => fakeMapper.GetUserFromIdentifier(this.userGuid, this.context)).Returns(fakeUser);
             this.config.UserMapper = fakeMapper;
             FormsAuthentication.Enable(fakePipelines, this.config);
@@ -469,7 +470,7 @@ public void Should_not_set_user_in_context_with_no_hmac()
         {
             var fakePipelines = new Pipelines();
             var fakeMapper = A.Fake<IUserMapper>();
-            var fakeUser = new FakeUserIdentity { UserName = "Bob" };
+            var fakeUser = new ClaimsPrincipal(new GenericIdentity("Bob"));
             A.CallTo(() => fakeMapper.GetUserFromIdentifier(this.userGuid, this.context)).Returns(fakeUser);
             this.config.UserMapper = fakeMapper;
             FormsAuthentication.Enable(fakePipelines, this.config);
@@ -485,7 +486,7 @@ public void Should_not_set_username_in_context_with_broken_encryption_data()
         {
             var fakePipelines = new Pipelines();
             var fakeMapper = A.Fake<IUserMapper>();
-            var fakeUser = new FakeUserIdentity { UserName = "Bob" };
+            var fakeUser = new ClaimsPrincipal(new GenericIdentity("Bob"));
             A.CallTo(() => fakeMapper.GetUserFromIdentifier(this.userGuid, this.context)).Returns(fakeUser);
             this.config.UserMapper = fakeMapper;
             FormsAuthentication.Enable(fakePipelines, this.config);

src/Nancy.Authentication.Forms.Tests/Nancy.Authentication.Forms.Tests.csproj

@@ -173,7 +173,6 @@
     <Compile Include="..\SharedAssemblyInfo.cs">
       <Link>Properties\SharedAssemblyInfo.cs</Link>
     </Compile>
-    <Compile Include="Fakes\FakeUserIdentity.cs" />
     <Compile Include="FormsAuthenticationConfigurationFixture.cs" />
     <Compile Include="FormsAuthenticationFixture.cs" />
   </ItemGroup>

src/Nancy.Authentication.Forms/IUserMapper.cs

@@ -1,8 +1,7 @@
 namespace Nancy.Authentication.Forms
 {
     using System;
-
-    using Nancy.Security;
+    using System.Security.Claims;
 
     /// <summary>
     /// Provides a mapping between forms auth guid identifiers and
@@ -16,6 +15,6 @@ public interface IUserMapper
         /// <param name="identifier">User identifier</param>
         /// <param name="context">The current NancyFx context</param>
         /// <returns>Matching populated IUserIdentity object, or empty</returns>
-        IUserIdentity GetUserFromIdentifier(Guid identifier, NancyContext context);
+        ClaimsPrincipal GetUserFromIdentifier(Guid identifier, NancyContext context);
     }
 }

src/Nancy.Authentication.Stateless/StatelessAuthenticationConfiguration.cs

@@ -1,22 +1,21 @@
 namespace Nancy.Authentication.Stateless
 {
     using System;
-
-    using Nancy.Security;
+    using System.Security.Claims;
 
     /// <summary>
     /// Configuration options for stateless authentication
     /// </summary>
     public class StatelessAuthenticationConfiguration
     {
-        internal Func<NancyContext, IUserIdentity> GetUserIdentity;
+        internal readonly Func<NancyContext, ClaimsPrincipal> GetUserIdentity;
 
         /// <summary>
         /// Initializes a new instance of the <see cref="StatelessAuthenticationConfiguration"/> class.
         /// </summary>
-        public StatelessAuthenticationConfiguration(Func<NancyContext, IUserIdentity> getUserIdentity)
+        public StatelessAuthenticationConfiguration(Func<NancyContext, ClaimsPrincipal> getUserIdentity)
         {
-            GetUserIdentity = getUserIdentity;
+            this.GetUserIdentity = getUserIdentity;
         }
 
         /// <summary>