From 94180c1d311e13a683aad8fcc2f4e69fb04ae4b6 Mon Sep 17 00:00:00 2001 From: Lucca Willi Date: Fri, 9 Sep 2022 08:52:45 +0200 Subject: [PATCH 1/6] Better logs in AuthorizationMiddleware --- .../Policy/src/AuthorizationMiddleware.cs | 18 +++++++-- .../Policy/src/PublicAPI.Shipped.txt | 2 +- .../Policy/src/PublicAPI.Unshipped.txt | 2 +- .../test/AuthorizationMiddlewareTests.cs | 39 ++++++++++++------- .../AuthorizationMiddlewareBenchmark.cs | 8 +++- 5 files changed, 48 insertions(+), 21 deletions(-) diff --git a/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs b/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs index 90395ee338d4..32c458b45ed8 100644 --- a/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs +++ b/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs @@ -6,6 +6,7 @@ using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http.Features.Authentication; using Microsoft.Extensions.DependencyInjection; +using Microsoft.Extensions.Logging; namespace Microsoft.AspNetCore.Authorization; @@ -25,17 +26,22 @@ public class AuthorizationMiddleware private readonly IAuthorizationPolicyProvider _policyProvider; private readonly bool _canCache; private readonly AuthorizationPolicyCache? _policyCache; + private readonly ILogger _logger; /// /// Initializes a new instance of . /// /// The next middleware in the application middleware pipeline. /// The . - public AuthorizationMiddleware(RequestDelegate next, IAuthorizationPolicyProvider policyProvider) + /// The . + public AuthorizationMiddleware(RequestDelegate next, + IAuthorizationPolicyProvider policyProvider, + ILogger logger) { _next = next ?? throw new ArgumentNullException(nameof(next)); _policyProvider = policyProvider ?? throw new ArgumentNullException(nameof(policyProvider)); _canCache = false; + _logger = logger; } /// @@ -44,7 +50,8 @@ public AuthorizationMiddleware(RequestDelegate next, IAuthorizationPolicyProvide /// The next middleware in the application middleware pipeline. /// The . /// The . - public AuthorizationMiddleware(RequestDelegate next, IAuthorizationPolicyProvider policyProvider, IServiceProvider services) : this(next, policyProvider) + /// The . + public AuthorizationMiddleware(RequestDelegate next, IAuthorizationPolicyProvider policyProvider, IServiceProvider services, ILogger logger) : this(next, policyProvider, logger) { ArgumentNullException.ThrowIfNull(services); @@ -108,7 +115,7 @@ public async Task Invoke(HttpContext context) var policyEvaluator = context.RequestServices.GetRequiredService(); var authenticateResult = await policyEvaluator.AuthenticateAsync(policy, context); - + if (authenticateResult?.Succeeded ?? false) { if (context.Features.Get() is IAuthenticateResultFeature authenticateResultFeature) @@ -130,6 +137,11 @@ public async Task Invoke(HttpContext context) return; } + if (authenticateResult != null && !authenticateResult.Succeeded) + { + _logger.LogDebug("Policy authentication schemes {policyName} did not succeed", String.Join(", ", policy.AuthenticationSchemes)); + } + object? resource; if (AppContext.TryGetSwitch(SuppressUseHttpContextAsAuthorizationResource, out var useEndpointAsResource) && useEndpointAsResource) { diff --git a/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt b/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt index 1e144c66992e..d92c603ca803 100644 --- a/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt +++ b/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt @@ -1,6 +1,6 @@ #nullable enable Microsoft.AspNetCore.Authorization.AuthorizationMiddleware -Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider) -> void +Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, Microsoft.Extensions.Logging.ILogger! logger) -> void Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(Microsoft.AspNetCore.Http.HttpContext! context) -> System.Threading.Tasks.Task! Microsoft.AspNetCore.Authorization.IAuthorizationMiddlewareResultHandler Microsoft.AspNetCore.Authorization.IAuthorizationMiddlewareResultHandler.HandleAsync(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Http.HttpContext! context, Microsoft.AspNetCore.Authorization.AuthorizationPolicy! policy, Microsoft.AspNetCore.Authorization.Policy.PolicyAuthorizationResult! authorizeResult) -> System.Threading.Tasks.Task! diff --git a/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt b/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt index 302dcdf9f9ae..2ae11693696c 100644 --- a/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt +++ b/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt @@ -1,5 +1,5 @@ #nullable enable -Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, System.IServiceProvider! services) -> void +Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, System.IServiceProvider! services, Microsoft.Extensions.Logging.ILogger! logger) -> void static Microsoft.AspNetCore.Builder.AuthorizationEndpointConventionBuilderExtensions.RequireAuthorization(this TBuilder builder, Microsoft.AspNetCore.Authorization.AuthorizationPolicy! policy) -> TBuilder static Microsoft.AspNetCore.Builder.AuthorizationEndpointConventionBuilderExtensions.RequireAuthorization(this TBuilder builder, System.Action! configurePolicy) -> TBuilder static Microsoft.Extensions.DependencyInjection.PolicyServiceCollectionExtensions.AddAuthorizationBuilder(this Microsoft.Extensions.DependencyInjection.IServiceCollection! services) -> Microsoft.AspNetCore.Authorization.AuthorizationBuilder! diff --git a/src/Security/Authorization/test/AuthorizationMiddlewareTests.cs b/src/Security/Authorization/test/AuthorizationMiddlewareTests.cs index 4fca44704768..2d8fb8a5700d 100644 --- a/src/Security/Authorization/test/AuthorizationMiddlewareTests.cs +++ b/src/Security/Authorization/test/AuthorizationMiddlewareTests.cs @@ -6,11 +6,11 @@ using Microsoft.AspNetCore.Authorization.Policy; using Microsoft.AspNetCore.Authorization.Test.TestObjects; using Microsoft.AspNetCore.Builder; -using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Routing; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; +using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using Microsoft.Extensions.Primitives; using Moq; @@ -46,8 +46,9 @@ public async Task NoEndpointWithFallback_AnonymousUser_Challenges() var policyProvider = new Mock(); policyProvider.Setup(p => p.GetFallbackPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); + var logger = new Mock>(); - var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); + var middleware = CreateMiddleware(next.Invoke, policyProvider.Object, logger: logger.Object); var context = GetHttpContext(anonymous: true); // Act @@ -85,8 +86,9 @@ public async Task HasEndpointWithFallbackWithoutAuth_AnonymousUser_Challenges() policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy); policyProvider.Setup(p => p.GetFallbackPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); + var logger = new Mock>(); - var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); + var middleware = CreateMiddleware(next.Invoke, policyProvider.Object, logger: logger.Object); var context = GetHttpContext(anonymous: true, endpoint: CreateEndpoint()); // Act @@ -106,8 +108,9 @@ public async Task HasEndpointWithOnlyFallbackAuth_AnonymousUser_Allows() policyProvider.Setup(p => p.GetFallbackPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); var authenticationService = new TestAuthenticationService(); + var logger = new Mock>(); - var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); + var middleware = CreateMiddleware(next.Invoke, policyProvider.Object, logger: logger.Object); var context = GetHttpContext(anonymous: true, endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService); // Act @@ -126,8 +129,9 @@ public async Task HasEndpointWithAuth_AnonymousUser_Challenges() policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); var authenticationService = new TestAuthenticationService(); + var logger = new Mock>(); - var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); + var middleware = CreateMiddleware(next.Invoke, policyProvider.Object, logger: logger.Object); var context = GetHttpContext(anonymous: true, endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService); // Act @@ -147,8 +151,9 @@ public async Task HasEndpointWithAuth_ChallengesAuthenticationSchemes() policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); var authenticationService = new TestAuthenticationService(); + var logger = new Mock>(); - var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); + var middleware = CreateMiddleware(next.Invoke, policyProvider.Object, logger: logger.Object); var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute() { AuthenticationSchemes = "whatever" }), authenticationService: authenticationService); // Act @@ -168,8 +173,9 @@ public async Task HasEndpointWithAuth_AnonymousUser_ChallengePerScheme() policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); var authenticationService = new TestAuthenticationService(); + var logger = new Mock>(); - var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); + var middleware = CreateMiddleware(next.Invoke, policyProvider.Object, logger: logger.Object); var context = GetHttpContext(anonymous: true, endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService); // Act @@ -193,7 +199,8 @@ public async Task OnAuthorizationAsync_WillCallPolicyProvider() policyProvider.Setup(p => p.GetFallbackPolicyAsync()).ReturnsAsync(policy) .Callback(() => getFallbackPolicyCount++); var next = new TestRequestDelegate(); - var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); + var logger = new Mock>(); + var middleware = CreateMiddleware(next.Invoke, policyProvider.Object, logger: logger.Object); var context = GetHttpContext(anonymous: true, endpoint: CreateEndpoint(new AuthorizeAttribute("whatever"))); // Act & Assert @@ -235,12 +242,13 @@ public async Task OnAuthorizationAsync_WillNotCallPolicyProviderWithCache() .Callback(() => getFallbackPolicyCount++); policyProvider.Setup(p => p.AllowsCachingPolicies).Returns(true); var next = new TestRequestDelegate(); + var logger = new Mock>(); var endpoint = CreateEndpoint(new AuthorizeAttribute("whatever")); var services = new ServiceCollection() .AddAuthorization() .AddSingleton(CreateDataSource(endpoint)).BuildServiceProvider(); - var middleware = CreateMiddleware(next.Invoke, policyProvider.Object, services); + var middleware = CreateMiddleware(next.Invoke, policyProvider.Object, services, logger.Object); var context = GetHttpContext(anonymous: true, endpoint: endpoint); // Act & Assert @@ -299,7 +307,8 @@ public async Task OnAuthorizationAsync_WillCallDerviedDefaultPolicyProviderCanCa var services = new ServiceCollection() .AddAuthorization() .AddSingleton(CreateDataSource(endpoint)).BuildServiceProvider(); - var middleware = CreateMiddleware(next.Invoke, policyProvider, services); + var logger = new Mock>(); + var middleware = CreateMiddleware(next.Invoke, policyProvider, services, logger.Object); var context = GetHttpContext(anonymous: true, endpoint: endpoint); // Act & Assert @@ -332,7 +341,8 @@ public async Task OnAuthorizationAsync_WillCallCustomPolicyProviderWithCache() policyProvider.Setup(p => p.GetFallbackPolicyAsync()).ReturnsAsync(policy) .Callback(() => getFallbackPolicyCount++); var next = new TestRequestDelegate(); - var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); + var logger = new Mock>(); + var middleware = CreateMiddleware(next.Invoke, policyProvider.Object, logger: logger.Object); var context = GetHttpContext(anonymous: true, endpoint: CreateEndpoint(new AuthorizeAttribute("whatever"))); // Act & Assert @@ -444,8 +454,9 @@ public async Task Invoke_AuthSchemesFailShouldSetEmptyPrincipalOnContext() policyProvider.Setup(p => p.GetDefaultPolicyAsync()).ReturnsAsync(policy); var next = new TestRequestDelegate(); var authenticationService = new TestAuthenticationService(); + var logger = new Mock>(); - var middleware = CreateMiddleware(next.Invoke, policyProvider.Object); + var middleware = CreateMiddleware(next.Invoke, policyProvider.Object, logger: logger.Object); var context = GetHttpContext(endpoint: CreateEndpoint(new AuthorizeAttribute()), authenticationService: authenticationService); // Act @@ -824,11 +835,11 @@ public async Task WebApplicationBuilder_CanRegisterAuthzMiddlewareWithScopedServ Assert.True(app.Properties.ContainsKey("__AuthorizationMiddlewareSet")); } - private AuthorizationMiddleware CreateMiddleware(RequestDelegate requestDelegate = null, IAuthorizationPolicyProvider policyProvider = null, IServiceProvider services = null) + private AuthorizationMiddleware CreateMiddleware(RequestDelegate requestDelegate = null, IAuthorizationPolicyProvider policyProvider = null, IServiceProvider services = null, ILogger logger = null) { requestDelegate = requestDelegate ?? ((context) => Task.CompletedTask); services ??= new ServiceCollection().BuildServiceProvider(); - return new AuthorizationMiddleware(requestDelegate, policyProvider, services); + return new AuthorizationMiddleware(requestDelegate, policyProvider, services, logger); } private Endpoint CreateEndpoint(params object[] metadata) diff --git a/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs b/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs index 6cc5177e0468..b964ca09df11 100644 --- a/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs +++ b/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs @@ -1,10 +1,11 @@ -// Licensed to the .NET Foundation under one or more agreements. +// Licensed to the .NET Foundation under one or more agreements. // The .NET Foundation licenses this file to you under the MIT license. using BenchmarkDotNet.Attributes; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http.Features; +using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; namespace Microsoft.AspNetCore.Security; @@ -19,7 +20,10 @@ public class AuthorizationMiddlewareBenchmark public void Setup() { var policyProvider = new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())); - _authorizationMiddleware = new AuthorizationMiddleware((context) => Task.CompletedTask, policyProvider); + var logger = LoggerFactory + .Create(logging => { }) + .CreateLogger(); + _authorizationMiddleware = new AuthorizationMiddleware((context) => Task.CompletedTask, policyProvider, logger); _httpContextNoEndpoint = new DefaultHttpContext(); From 012821eb16be55c06f860b785f375ad506b6a069 Mon Sep 17 00:00:00 2001 From: Lucca Willi Date: Tue, 13 Sep 2022 07:26:39 +0200 Subject: [PATCH 2/6] Apply comment --- .../Policy/src/AuthorizationMiddleware.cs | 36 ++++++++++++++++--- .../Policy/src/PublicAPI.Shipped.txt | 1 + .../Policy/src/PublicAPI.Unshipped.txt | 1 + 3 files changed, 33 insertions(+), 5 deletions(-) diff --git a/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs b/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs index 32c458b45ed8..d09f5895085a 100644 --- a/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs +++ b/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs @@ -26,7 +26,7 @@ public class AuthorizationMiddleware private readonly IAuthorizationPolicyProvider _policyProvider; private readonly bool _canCache; private readonly AuthorizationPolicyCache? _policyCache; - private readonly ILogger _logger; + private readonly ILogger? _logger; /// /// Initializes a new instance of . @@ -36,12 +36,22 @@ public class AuthorizationMiddleware /// The . public AuthorizationMiddleware(RequestDelegate next, IAuthorizationPolicyProvider policyProvider, - ILogger logger) + ILogger logger) : this(next, policyProvider) + { + _logger = logger; + } + + /// + /// Initializes a new instance of . + /// + /// The next middleware in the application middleware pipeline. + /// The . + public AuthorizationMiddleware(RequestDelegate next, + IAuthorizationPolicyProvider policyProvider) { _next = next ?? throw new ArgumentNullException(nameof(next)); _policyProvider = policyProvider ?? throw new ArgumentNullException(nameof(policyProvider)); _canCache = false; - _logger = logger; } /// @@ -51,7 +61,23 @@ public AuthorizationMiddleware(RequestDelegate next, /// The . /// The . /// The . - public AuthorizationMiddleware(RequestDelegate next, IAuthorizationPolicyProvider policyProvider, IServiceProvider services, ILogger logger) : this(next, policyProvider, logger) + public AuthorizationMiddleware(RequestDelegate next, + IAuthorizationPolicyProvider policyProvider, + IServiceProvider services, + ILogger logger) : this(next, policyProvider, services) + { + _logger = logger; + } + + /// + /// Initializes a new instance of . + /// + /// The next middleware in the application middleware pipeline. + /// The . + /// The . + public AuthorizationMiddleware(RequestDelegate next, + IAuthorizationPolicyProvider policyProvider, + IServiceProvider services) : this(next, policyProvider) { ArgumentNullException.ThrowIfNull(services); @@ -139,7 +165,7 @@ public async Task Invoke(HttpContext context) if (authenticateResult != null && !authenticateResult.Succeeded) { - _logger.LogDebug("Policy authentication schemes {policyName} did not succeed", String.Join(", ", policy.AuthenticationSchemes)); + _logger?.LogDebug("Policy authentication schemes {policyName} did not succeed", String.Join(", ", policy.AuthenticationSchemes)); } object? resource; diff --git a/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt b/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt index d92c603ca803..650ecf6d1c6b 100644 --- a/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt +++ b/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt @@ -1,5 +1,6 @@ #nullable enable Microsoft.AspNetCore.Authorization.AuthorizationMiddleware +Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider) -> void Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, Microsoft.Extensions.Logging.ILogger! logger) -> void Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(Microsoft.AspNetCore.Http.HttpContext! context) -> System.Threading.Tasks.Task! Microsoft.AspNetCore.Authorization.IAuthorizationMiddlewareResultHandler diff --git a/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt b/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt index 2ae11693696c..4388b0c584c1 100644 --- a/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt +++ b/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt @@ -1,4 +1,5 @@ #nullable enable +Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, System.IServiceProvider! services) -> void Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, System.IServiceProvider! services, Microsoft.Extensions.Logging.ILogger! logger) -> void static Microsoft.AspNetCore.Builder.AuthorizationEndpointConventionBuilderExtensions.RequireAuthorization(this TBuilder builder, Microsoft.AspNetCore.Authorization.AuthorizationPolicy! policy) -> TBuilder static Microsoft.AspNetCore.Builder.AuthorizationEndpointConventionBuilderExtensions.RequireAuthorization(this TBuilder builder, System.Action! configurePolicy) -> TBuilder From a62ef8bb663847adf25a859b3626b73b6ffe605e Mon Sep 17 00:00:00 2001 From: Lucca Willi Date: Thu, 15 Sep 2022 12:18:06 +0200 Subject: [PATCH 3/6] Remove from Shipped --- src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt | 1 - src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt b/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt index 650ecf6d1c6b..1e144c66992e 100644 --- a/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt +++ b/src/Security/Authorization/Policy/src/PublicAPI.Shipped.txt @@ -1,7 +1,6 @@ #nullable enable Microsoft.AspNetCore.Authorization.AuthorizationMiddleware Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider) -> void -Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, Microsoft.Extensions.Logging.ILogger! logger) -> void Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(Microsoft.AspNetCore.Http.HttpContext! context) -> System.Threading.Tasks.Task! Microsoft.AspNetCore.Authorization.IAuthorizationMiddlewareResultHandler Microsoft.AspNetCore.Authorization.IAuthorizationMiddlewareResultHandler.HandleAsync(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Http.HttpContext! context, Microsoft.AspNetCore.Authorization.AuthorizationPolicy! policy, Microsoft.AspNetCore.Authorization.Policy.PolicyAuthorizationResult! authorizeResult) -> System.Threading.Tasks.Task! diff --git a/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt b/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt index 4388b0c584c1..afc092c2fe86 100644 --- a/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt +++ b/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt @@ -1,6 +1,7 @@ #nullable enable Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, System.IServiceProvider! services) -> void Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, System.IServiceProvider! services, Microsoft.Extensions.Logging.ILogger! logger) -> void +Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, Microsoft.Extensions.Logging.ILogger! logger) -> void static Microsoft.AspNetCore.Builder.AuthorizationEndpointConventionBuilderExtensions.RequireAuthorization(this TBuilder builder, Microsoft.AspNetCore.Authorization.AuthorizationPolicy! policy) -> TBuilder static Microsoft.AspNetCore.Builder.AuthorizationEndpointConventionBuilderExtensions.RequireAuthorization(this TBuilder builder, System.Action! configurePolicy) -> TBuilder static Microsoft.Extensions.DependencyInjection.PolicyServiceCollectionExtensions.AddAuthorizationBuilder(this Microsoft.Extensions.DependencyInjection.IServiceCollection! services) -> Microsoft.AspNetCore.Authorization.AuthorizationBuilder! From 85e57501a17295a9467e5ded7cf48917e0509ee6 Mon Sep 17 00:00:00 2001 From: Lucca Willi <37955556+luccawilli@users.noreply.github.com> Date: Tue, 4 Oct 2022 13:24:47 +0200 Subject: [PATCH 4/6] Update src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs Co-authored-by: Stephen Halter --- src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs b/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs index d09f5895085a..0b8cc6e11cb0 100644 --- a/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs +++ b/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs @@ -141,7 +141,6 @@ public async Task Invoke(HttpContext context) var policyEvaluator = context.RequestServices.GetRequiredService(); var authenticateResult = await policyEvaluator.AuthenticateAsync(policy, context); - if (authenticateResult?.Succeeded ?? false) { if (context.Features.Get() is IAuthenticateResultFeature authenticateResultFeature) From c64d4bb7a7852dd365c622037a63fcd1b5742a66 Mon Sep 17 00:00:00 2001 From: Lucca Willi Date: Tue, 4 Oct 2022 13:39:19 +0200 Subject: [PATCH 5/6] Remove ctors --- .../Policy/src/AuthorizationMiddleware.cs | 13 ------------- .../Policy/src/PublicAPI.Unshipped.txt | 1 - .../AuthorizationMiddlewareBenchmark.cs | 2 +- 3 files changed, 1 insertion(+), 15 deletions(-) diff --git a/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs b/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs index 0b8cc6e11cb0..5a3c17a4d52c 100644 --- a/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs +++ b/src/Security/Authorization/Policy/src/AuthorizationMiddleware.cs @@ -28,19 +28,6 @@ public class AuthorizationMiddleware private readonly AuthorizationPolicyCache? _policyCache; private readonly ILogger? _logger; - /// - /// Initializes a new instance of . - /// - /// The next middleware in the application middleware pipeline. - /// The . - /// The . - public AuthorizationMiddleware(RequestDelegate next, - IAuthorizationPolicyProvider policyProvider, - ILogger logger) : this(next, policyProvider) - { - _logger = logger; - } - /// /// Initializes a new instance of . /// diff --git a/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt b/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt index afc092c2fe86..4388b0c584c1 100644 --- a/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt +++ b/src/Security/Authorization/Policy/src/PublicAPI.Unshipped.txt @@ -1,7 +1,6 @@ #nullable enable Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, System.IServiceProvider! services) -> void Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, System.IServiceProvider! services, Microsoft.Extensions.Logging.ILogger! logger) -> void -Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate! next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider! policyProvider, Microsoft.Extensions.Logging.ILogger! logger) -> void static Microsoft.AspNetCore.Builder.AuthorizationEndpointConventionBuilderExtensions.RequireAuthorization(this TBuilder builder, Microsoft.AspNetCore.Authorization.AuthorizationPolicy! policy) -> TBuilder static Microsoft.AspNetCore.Builder.AuthorizationEndpointConventionBuilderExtensions.RequireAuthorization(this TBuilder builder, System.Action! configurePolicy) -> TBuilder static Microsoft.Extensions.DependencyInjection.PolicyServiceCollectionExtensions.AddAuthorizationBuilder(this Microsoft.Extensions.DependencyInjection.IServiceCollection! services) -> Microsoft.AspNetCore.Authorization.AuthorizationBuilder! diff --git a/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs b/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs index b964ca09df11..656497066bdb 100644 --- a/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs +++ b/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs @@ -23,7 +23,7 @@ public void Setup() var logger = LoggerFactory .Create(logging => { }) .CreateLogger(); - _authorizationMiddleware = new AuthorizationMiddleware((context) => Task.CompletedTask, policyProvider, logger); + _authorizationMiddleware = new AuthorizationMiddleware((context) => Task.CompletedTask, policyProvider); _httpContextNoEndpoint = new DefaultHttpContext(); From 62afbf8c7b29c7f901051c403a158c591c0e0747 Mon Sep 17 00:00:00 2001 From: Lucca Willi Date: Tue, 4 Oct 2022 13:40:32 +0200 Subject: [PATCH 6/6] Remove logger from Benchmark --- .../perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs b/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs index 656497066bdb..7c8d832cf3dd 100644 --- a/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs +++ b/src/Security/perf/Microbenchmarks/AuthorizationMiddlewareBenchmark.cs @@ -5,7 +5,6 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http.Features; -using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; namespace Microsoft.AspNetCore.Security; @@ -20,9 +19,6 @@ public class AuthorizationMiddlewareBenchmark public void Setup() { var policyProvider = new DefaultAuthorizationPolicyProvider(Options.Create(new AuthorizationOptions())); - var logger = LoggerFactory - .Create(logging => { }) - .CreateLogger(); _authorizationMiddleware = new AuthorizationMiddleware((context) => Task.CompletedTask, policyProvider); _httpContextNoEndpoint = new DefaultHttpContext();