Upgrade EntityFramework.Host to use implicit usings

alexhiggins732 · Feb 16, 2024 · 46c4744 · 46c4744
1 parent dd4afed
commit 46c4744
Show file tree

Hide file tree

Showing 41 changed files with 299 additions and 505 deletions.
diff --git a/Directory.Build.props b/Directory.Build.props
@@ -3,7 +3,7 @@
     <PropertyGroup>
         <TargetFramework>net8.0</TargetFramework>
         <!--always bump /version.json and /docs/conf.py to <Version>X.Y.Z</Version>to keep nuget, build and document versions in sync-->
-        <Version>8.0.4-alpha.3</Version>
+        <Version>8.0.4-alpha.4</Version>
 		<IdentityServerVersion>8.0.4-alpha.3</IdentityServerVersion>
         <PackageId>HigginsSoft.$(MSBuildProjectName)</PackageId>
         <Title>$(MSBuildProjectName)</Title>

diff --git a/src/EntityFramework/host/GlobalUsings.cs b/src/EntityFramework/host/GlobalUsings.cs
@@ -0,0 +1,38 @@
+/*
+ Copyright (c) 2024 HigginsSoft, Alexander Higgins - https://github.com/alexhiggins732/ 
+
+ Copyright (c) 2018, Brock Allen & Dominick Baier. All rights reserved.
+
+ Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. 
+ Source code and license this software can be found 
+
+ The above copyright notice and this permission notice shall be included in all
+ copies or substantial portions of the Software.
+*/
+
+global using IdentityModel;
+global using IdentityServer8;
+global using IdentityServer8.Configuration;
+global using IdentityServer8.Events;
+global using IdentityServer8.Extensions;
+global using IdentityServer8.Models;
+global using IdentityServer8.Services;
+global using IdentityServer8.Stores;
+global using IdentityServer8.Test;
+global using IdentityServer8.Validation;
+global using IdentityServerHost.Quickstart.UI;
+global using Microsoft.AspNetCore.Authentication;
+global using Microsoft.AspNetCore.Authorization;
+global using Microsoft.AspNetCore.Mvc;
+global using Microsoft.AspNetCore.Mvc.Filters;
+global using Microsoft.Extensions.Options;
+global using Newtonsoft.Json;
+global using Serilog;
+global using Serilog.Events;
+global using Serilog.Sinks.SystemConsole.Themes;
+global using System.ComponentModel.DataAnnotations;
+global using System.Diagnostics;
+global using System.Security.Claims;
+global using System.Text;
+global using ILogger = Microsoft.Extensions.Logging.ILogger;
+global using ClaimValueTypes = System.Security.Claims.ClaimValueTypes;
diff --git a/src/EntityFramework/host/Host.csproj b/src/EntityFramework/host/Host.csproj
@@ -1,19 +1,15 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
-  <PropertyGroup>
-    <TargetFramework>netcoreapp3.1</TargetFramework>
-  </PropertyGroup>
-  <ItemGroup>
-    <PackageReference Include="Serilog" Version="2.9.0" />
-    <PackageReference Include="Serilog.AspNetCore" Version="3.2.0" />
-    <PackageReference Include="Serilog.Sinks.Console" Version="3.1.1" />
-    <PackageReference Include="Serilog.Sinks.File" Version="4.1.0" />
-  </ItemGroup>
+
 
   <ItemGroup>
     <ProjectReference Include="..\src\IdentityServer8.EntityFramework.csproj" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.Certificate" />
+
+    <PackageReference Include="Serilog.AspNetCore" />
 
     <PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" PrivateAssets="All" />
     <PackageReference Include="System.Security.Principal.Windows" />
   </ItemGroup>
 

diff --git a/src/EntityFramework/host/Program.cs b/src/EntityFramework/host/Program.cs
@@ -10,22 +10,10 @@ The above copyright notice and this permission notice shall be included in all
  copies or substantial portions of the Software.
 */
 
-// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
-// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+namespace IdentityServerHost;
 
-
-using Microsoft.AspNetCore.Hosting;
-using Microsoft.Extensions.Hosting;
-using Serilog;
-using Serilog.Events;
-using Serilog.Sinks.SystemConsole.Themes;
-using System;
-using System.Diagnostics;
-
-namespace IdentityServerHost
+public class Program
 {
-    public class Program
-    {
         public static int Main(string[] args)
         {
             Console.Title = "IdentityServer8.EntityFramework";
@@ -73,5 +61,4 @@ public static IHostBuilder CreateHostBuilder(string[] args) =>
                 {
                     webBuilder.UseStartup<Startup>();
                 });
-    }
 }
diff --git a/src/EntityFramework/host/Quickstart/Account/AccountController.cs b/src/EntityFramework/host/Quickstart/Account/AccountController.cs
@@ -10,37 +10,17 @@ The above copyright notice and this permission notice shall be included in all
  copies or substantial portions of the Software.
 */
 
-// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
-// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
-
-
-using IdentityModel;
-using IdentityServer8;
-using IdentityServer8.Events;
-using IdentityServer8.Extensions;
-using IdentityServer8.Models;
-using IdentityServer8.Services;
-using IdentityServer8.Stores;
-using IdentityServer8.Test;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Mvc;
-using System;
-using System.Linq;
-using System.Threading.Tasks;
-
-namespace IdentityServerHost.Quickstart.UI
+namespace IdentityServerHost.Quickstart.UI;
+
+/// <summary>
+/// This sample controller implements a typical login/logout/provision workflow for local and external accounts.
+/// The login service encapsulates the interactions with the user data store. This data store is in-memory only and cannot be used for production!
+/// The interaction service provides a way for the UI to communicate with identityserver for validation and context retrieval
+/// </summary>
+[SecurityHeaders]
+[AllowAnonymous]
+public class AccountController : Controller
 {
-    /// <summary>
-    /// This sample controller implements a typical login/logout/provision workflow for local and external accounts.
-    /// The login service encapsulates the interactions with the user data store. This data store is in-memory only and cannot be used for production!
-    /// The interaction service provides a way for the UI to communicate with identityserver for validation and context retrieval
-    /// </summary>
-    [SecurityHeaders]
-    [AllowAnonymous]
-    public class AccountController : Controller
-    {
         private readonly TestUserStore _users;
         private readonly IIdentityServerInteractionService _interaction;
         private readonly IClientStore _clientStore;
@@ -76,7 +56,7 @@ public async Task<IActionResult> Login(string returnUrl)
             if (vm.IsExternalLoginOnly)
             {
                 // we only have one option for logging in and it's an external provider
-                return RedirectToAction("Challenge", "External", new { scheme = vm.ExternalLoginScheme, returnUrl });
+            return returnUrl.IsAllowedRedirect() ? RedirectToAction("Challenge", "External", new { scheme = vm.ExternalLoginScheme, returnUrl = returnUrl.SanitizeForRedirect() }) : Forbid();
             }
 
             return View(vm);
@@ -87,38 +67,11 @@ public async Task<IActionResult> Login(string returnUrl)
         /// </summary>
         [HttpPost]
         [ValidateAntiForgeryToken]
-        public async Task<IActionResult> Login(LoginInputModel model, string button)
+    public async Task<IActionResult> Login(LoginInputModel model)
         {
             // check if we are in the context of an authorization request
             var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
 
-            // the user clicked the "cancel" button
-            if (button != "login")
-            {
-                if (context != null)
-                {
-                    // if the user cancels, send a result back into IdentityServer as if they 
-                    // denied the consent (even if this client does not require consent).
-                    // this will send back an access denied OIDC error response to the client.
-                    await _interaction.DenyAuthorizationAsync(context, AuthorizationError.AccessDenied);
-
-                    // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
-                    if (context.IsNativeClient())
-                    {
-                        // The client is native, so this change in how to
-                        // return the response is for better UX for the end user.
-                        return this.LoadingPage("Redirect", model.ReturnUrl);
-                    }
-
-                    return Redirect(model.ReturnUrl);
-                }
-                else
-                {
-                    // since we don't have a valid context, then we just go back to the home page
-                    return Redirect("~/");
-                }
-            }
-
             if (ModelState.IsValid)
             {
                 // validate username/password against in-memory store
@@ -153,21 +106,21 @@ public async Task<IActionResult> Login(LoginInputModel model, string button)
                         {
                             // The client is native, so this change in how to
                             // return the response is for better UX for the end user.
-                            return this.LoadingPage("Redirect", model.ReturnUrl);
+                        return model.ReturnUrl.IsAllowedRedirect() ? this.LoadingPage("Redirect", model.ReturnUrl.SanitizeForRedirect()) : Forbid();
                         }
 
                         // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
-                        return Redirect(model.ReturnUrl);
+                    return model.ReturnUrl.IsAllowedRedirect() ? Redirect(model.ReturnUrl.SanitizeForRedirect()) : Forbid();
                     }
 
                     // request for a local page
                     if (Url.IsLocalUrl(model.ReturnUrl))
                     {
-                        return Redirect(model.ReturnUrl);
+                    return model.ReturnUrl.IsAllowedRedirect() ? Redirect(model.ReturnUrl.SanitizeForRedirect()) : Forbid();
                     }
                     else if (string.IsNullOrEmpty(model.ReturnUrl))
                     {
-                        return Redirect("~/");
+                    return model.ReturnUrl.IsAllowedRedirect() ? Redirect("~/") : Forbid();
                     }
                     else
                     {
@@ -176,7 +129,7 @@ public async Task<IActionResult> Login(LoginInputModel model, string button)
                     }
                 }
 
-                await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials", clientId:context?.Client.ClientId));
+            await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials", clientId: context?.Client.ClientId));
                 ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage);
             }
 
@@ -185,6 +138,40 @@ public async Task<IActionResult> Login(LoginInputModel model, string button)
             return View(vm);
         }
 
+    /// <summary>
+    /// Handle postback from username/password login
+    /// </summary>
+    [HttpPost]
+    [ValidateAntiForgeryToken]
+    public async Task<IActionResult> LoginCancel(LoginInputModel model)
+    {
+        // check if we are in the context of an authorization request
+        var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
+
+        if (context != null)
+        {
+            // if the user cancels, send a result back into IdentityServer as if they 
+            // denied the consent (even if this client does not require consent).
+            // this will send back an access denied OIDC error response to the client.
+            await _interaction.DenyAuthorizationAsync(context, AuthorizationError.AccessDenied);
+
+            // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
+            if (context.IsNativeClient())
+            {
+                // The client is native, so this change in how to
+                // return the response is for better UX for the end user.
+                return model.ReturnUrl.IsAllowedRedirect() ? this.LoadingPage("Redirect", model.ReturnUrl.SanitizeForRedirect()) : Forbid();
+            }
+
+            return model.ReturnUrl.IsAllowedRedirect() ? Redirect(model.ReturnUrl.SanitizeForRedirect()) : Forbid();
+        }
+        else
+        {
+            // since we don't have a valid context, then we just go back to the home page
+            return model.ReturnUrl.IsAllowedRedirect() ? Redirect("~/") : Forbid();
+        }
+
+    }
 
         /// <summary>
         /// Show logout page
@@ -375,6 +362,5 @@ private async Task<LoggedOutViewModel> BuildLoggedOutViewModelAsync(string logou
             }
 
             return vm;
-        }
     }
 }
diff --git a/src/EntityFramework/host/Quickstart/Account/AccountOptions.cs b/src/EntityFramework/host/Quickstart/Account/AccountOptions.cs
@@ -10,23 +10,16 @@ The above copyright notice and this permission notice shall be included in all
  copies or substantial portions of the Software.
 */
 
-// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
-// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+namespace IdentityServerHost.Quickstart.UI;
 
-
-using System;
-
-namespace IdentityServerHost.Quickstart.UI
+public class AccountOptions
 {
-    public class AccountOptions
-    {
-        public static bool AllowLocalLogin = true;
-        public static bool AllowRememberLogin = true;
-        public static TimeSpan RememberMeLoginDuration = TimeSpan.FromDays(30);
+    public static bool AllowLocalLogin = true;
+    public static bool AllowRememberLogin = true;
+    public static TimeSpan RememberMeLoginDuration = TimeSpan.FromDays(30);
 
-        public static bool ShowLogoutPrompt = true;
-        public static bool AutomaticRedirectAfterSignOut = false;
+    public static bool ShowLogoutPrompt = true;
+    public static bool AutomaticRedirectAfterSignOut = false;
 
-        public static string InvalidCredentialsErrorMessage = "Invalid username or password";
-    }
+    public static string InvalidCredentialsErrorMessage = "Invalid username or password";
 }
diff --git a/src/EntityFramework/host/Quickstart/Account/ExternalController.cs b/src/EntityFramework/host/Quickstart/Account/ExternalController.cs
@@ -10,29 +10,12 @@ The above copyright notice and this permission notice shall be included in all
  copies or substantial portions of the Software.
 */
 
-using IdentityModel;
-using IdentityServer8;
-using IdentityServer8.Events;
-using IdentityServer8.Services;
-using IdentityServer8.Stores;
-using IdentityServer8.Test;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Logging;
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Security.Claims;
-using System.Threading.Tasks;
-
-namespace IdentityServerHost.Quickstart.UI
+namespace IdentityServerHost.Quickstart.UI;
+
+[SecurityHeaders]
+[AllowAnonymous]
+public class ExternalController : Controller
 {
-    [SecurityHeaders]
-    [AllowAnonymous]
-    public class ExternalController : Controller
-    {
         private readonly TestUserStore _users;
         private readonly IIdentityServerInteractionService _interaction;
         private readonly IClientStore _clientStore;
@@ -202,7 +185,6 @@ private void ProcessLoginCallback(AuthenticateResult externalResult, List<Claim>
             if (idToken != null)
             {
                 localSignInProps.StoreTokens(new[] { new AuthenticationToken { Name = "id_token", Value = idToken } });
-            }
         }
     }
 }
diff --git a/src/EntityFramework/host/Quickstart/Account/ExternalProvider.cs b/src/EntityFramework/host/Quickstart/Account/ExternalProvider.cs
@@ -10,15 +10,10 @@ The above copyright notice and this permission notice shall be included in all
  copies or substantial portions of the Software.
 */
 
-// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
-// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+namespace IdentityServerHost.Quickstart.UI;
 
-
-namespace IdentityServerHost.Quickstart.UI
+public class ExternalProvider
 {
-    public class ExternalProvider
-    {
-        public string DisplayName { get; set; }
-        public string AuthenticationScheme { get; set; }
-    }
+    public string DisplayName { get; set; }
+    public string AuthenticationScheme { get; set; }
 }