#306 Consistently use WindowsPrincipal

Tratcher · Tratcher · commit c328e2269962 · 2017-03-22T13:43:45.000-07:00
diff --git a/src/Microsoft.AspNetCore.Server.HttpSys/AuthenticationHandler.cs b/src/Microsoft.AspNetCore.Server.HttpSys/AuthenticationHandler.cs
@@ -4,6 +4,7 @@
 using System;
 using System.Collections.Generic;
 using System.Security.Claims;
+using System.Security.Principal;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http.Features.Authentication;
 using Microsoft.Extensions.Internal;
@@ -25,7 +26,7 @@ internal AuthenticationHandler(RequestContext requestContext)
 
         public Task AuthenticateAsync(AuthenticateContext context)
         {
-            var identity = (ClaimsIdentity)_requestContext.User?.Identity;
+            var identity = _requestContext.User?.Identity;
 
             foreach (var authType in ListEnabledAuthSchemes())
             {
@@ -35,7 +36,7 @@ public Task AuthenticateAsync(AuthenticateContext context)
                     if (identity != null && identity.IsAuthenticated
                         && string.Equals(authScheme, identity.AuthenticationType, StringComparison.Ordinal))
                     {
-                        context.Authenticated(new ClaimsPrincipal(identity), properties: null, description: GetDescription(authScheme));
+                        context.Authenticated(_requestContext.User, properties: null, description: null);
                     }
                     else
                     {
diff --git a/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/NativeRequestContext.cs b/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/NativeRequestContext.cs
@@ -212,7 +212,7 @@ internal bool CheckAuthenticated()
             return false;
         }
 
-        internal ClaimsPrincipal GetUser()
+        internal WindowsPrincipal GetUser()
         {
             var requestInfo = NativeRequestV2->pRequestInfo;
             var infoCount = NativeRequestV2->RequestInfoCount;
@@ -228,7 +228,8 @@ internal ClaimsPrincipal GetUser()
                         GetAuthTypeFromRequest(info->pInfo->AuthType).ToString()));
                 }
             }
-            return new ClaimsPrincipal(new ClaimsIdentity()); // Anonymous / !IsAuthenticated
+
+            return new WindowsPrincipal(WindowsIdentity.GetAnonymous()); // Anonymous / !IsAuthenticated
         }
 
         private static AuthenticationSchemes GetAuthTypeFromRequest(HttpApi.HTTP_REQUEST_AUTH_TYPE input)
diff --git a/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/Request.cs b/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/Request.cs
@@ -7,6 +7,7 @@
 using System.Net;
 using System.Security.Claims;
 using System.Security.Cryptography.X509Certificates;
+using System.Security.Principal;
 using System.Threading;
 using System.Threading.Tasks;
 
@@ -214,7 +215,7 @@ private SocketAddress LocalEndPoint
         // HTTP.Sys allows you to upgrade anything to opaque unless content-length > 0 or chunked are specified.
         internal bool IsUpgradable => !HasEntityBody && ComNetOS.IsWin8orLater;
 
-        internal ClaimsPrincipal User { get; }
+        internal WindowsPrincipal User { get; }
 
         // Populates the client certificate.  The result may be null if there is no client cert.
         // TODO: Does it make sense for this to be invoked multiple times (e.g. renegotiate)? Client and server code appear to
diff --git a/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/RequestContext.cs b/src/Microsoft.AspNetCore.Server.HttpSys/RequestProcessing/RequestContext.cs
@@ -6,6 +6,7 @@
 using System.IO;
 using System.Security.Authentication.ExtendedProtection;
 using System.Security.Claims;
+using System.Security.Principal;
 using System.Threading;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http;
@@ -39,7 +40,7 @@ internal RequestContext(HttpSysListener server, NativeRequestContext memoryBlob)
 
         public Response Response { get; }
 
-        public ClaimsPrincipal User => Request.User;
+        public WindowsPrincipal User => Request.User;
 
         public CancellationToken DisconnectToken
         {

Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,7 @@`
`4`	`4`	`using System;`
`5`	`5`	`using System.Collections.Generic;`
`6`	`6`	`using System.Security.Claims;`
	`7`	`+using System.Security.Principal;`
`7`	`8`	`using System.Threading.Tasks;`
`8`	`9`	`using Microsoft.AspNetCore.Http.Features.Authentication;`
`9`	`10`	`using Microsoft.Extensions.Internal;`
`@@ -25,7 +26,7 @@ internal AuthenticationHandler(RequestContext requestContext)`
`25`	`26`
`26`	`27`	`public Task AuthenticateAsync(AuthenticateContext context)`
`27`	`28`	`{`
`28`		`- var identity = (ClaimsIdentity)_requestContext.User?.Identity;`
	`29`	`+ var identity = _requestContext.User?.Identity;`
`29`	`30`
`30`	`31`	`foreach (var authType in ListEnabledAuthSchemes())`
`31`	`32`	`{`
`@@ -35,7 +36,7 @@ public Task AuthenticateAsync(AuthenticateContext context)`
`35`	`36`	`if (identity != null && identity.IsAuthenticated`
`36`	`37`	`&& string.Equals(authScheme, identity.AuthenticationType, StringComparison.Ordinal))`
`37`	`38`	`{`
`38`		`- context.Authenticated(new ClaimsPrincipal(identity), properties: null, description: GetDescription(authScheme));`
	`39`	`+ context.Authenticated(_requestContext.User, properties: null, description: null);`
`39`	`40`	`}`
`40`	`41`	`else`
`41`	`42`	`{`
Original file line number	Diff line number	Diff line change
`@@ -212,7 +212,7 @@ internal bool CheckAuthenticated()`
`212`	`212`	`return false;`
`213`	`213`	`}`
`214`	`214`
`215`		`- internal ClaimsPrincipal GetUser()`
	`215`	`+ internal WindowsPrincipal GetUser()`
`216`	`216`	`{`
`217`	`217`	`var requestInfo = NativeRequestV2->pRequestInfo;`
`218`	`218`	`var infoCount = NativeRequestV2->RequestInfoCount;`
`@@ -228,7 +228,8 @@ internal ClaimsPrincipal GetUser()`
`228`	`228`	`GetAuthTypeFromRequest(info->pInfo->AuthType).ToString()));`
`229`	`229`	`}`
`230`	`230`	`}`
`231`		`- return new ClaimsPrincipal(new ClaimsIdentity()); // Anonymous / !IsAuthenticated`
	`231`	`+`
	`232`	`+ return new WindowsPrincipal(WindowsIdentity.GetAnonymous()); // Anonymous / !IsAuthenticated`
`232`	`233`	`}`
`233`	`234`
`234`	`235`	`private static AuthenticationSchemes GetAuthTypeFromRequest(HttpApi.HTTP_REQUEST_AUTH_TYPE input)`