diff --git a/samples/CookieSessionSample/MemoryCacheSessionStore.cs b/samples/CookieSessionSample/MemoryCacheSessionStore.cs index 07adddd04..e452683d4 100644 --- a/samples/CookieSessionSample/MemoryCacheSessionStore.cs +++ b/samples/CookieSessionSample/MemoryCacheSessionStore.cs @@ -1,8 +1,8 @@ using System; using System.Threading.Tasks; -using Microsoft.AspNet.MemoryCache; using Microsoft.AspNet.Security; using Microsoft.AspNet.Security.Cookies.Infrastructure; +using Microsoft.Framework.Cache.Memory; namespace CookieSessionSample { @@ -33,7 +33,7 @@ public Task RenewAsync(string key, AuthenticationTicket ticket) { context.SetAbsoluteExpiration(expiresUtc.Value); } - context.SetSlidingExpiraiton(TimeSpan.FromHours(1)); // TODO: configurable. + context.SetSlidingExpiration(TimeSpan.FromHours(1)); // TODO: configurable. return (AuthenticationTicket)context.State; }); diff --git a/samples/CookieSessionSample/Startup.cs b/samples/CookieSessionSample/Startup.cs index 32721afb0..890e63116 100644 --- a/samples/CookieSessionSample/Startup.cs +++ b/samples/CookieSessionSample/Startup.cs @@ -17,7 +17,7 @@ public void Configure(IApplicationBuilder app) app.Run(async context => { - if (context.User == null || !context.User.Identity.IsAuthenticated) + if (context.User.Identity == null || !context.User.Identity.IsAuthenticated) { // Make a large identity var claims = new List(1001); diff --git a/samples/CookieSessionSample/project.json b/samples/CookieSessionSample/project.json index 729917712..c5aca5588 100644 --- a/samples/CookieSessionSample/project.json +++ b/samples/CookieSessionSample/project.json @@ -4,12 +4,12 @@ "Microsoft.AspNet.Hosting": "1.0.0-*", "Microsoft.AspNet.Http": "1.0.0-*", "Microsoft.AspNet.HttpFeature": "1.0.0-*", - "Microsoft.AspNet.MemoryCache": "1.0.0-*", "Microsoft.AspNet.PipelineCore": "1.0.0-*", "Microsoft.AspNet.RequestContainer": "1.0.0-*", "Microsoft.AspNet.Security": "1.0.0-*", "Microsoft.AspNet.Security.Cookies": "1.0.0-*", "Microsoft.AspNet.Server.WebListener": "1.0.0-*", + "Microsoft.Framework.Cache.Memory": "1.0.0-*", "Microsoft.Framework.DependencyInjection": "1.0.0-*" }, "commands": { "web": "Microsoft.AspNet.Hosting server=Microsoft.AspNet.Server.WebListener server.urls=http://localhost:12345" }, diff --git a/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationHandler.cs b/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationHandler.cs index 1a2b7eeb8..4a43b58be 100644 --- a/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationHandler.cs +++ b/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationHandler.cs @@ -63,7 +63,7 @@ protected override async Task AuthenticateCoreAsync() Claim claim = ticket.Identity.Claims.FirstOrDefault(c => c.Type.Equals(SessionIdClaim)); if (claim == null) { - _logger.WriteWarning(@"SessoinId missing"); + _logger.WriteWarning(@"SessionId missing"); return null; } _sessionKey = claim.Value; diff --git a/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationMiddleware.cs b/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationMiddleware.cs index 1349ccade..92ab1b122 100644 --- a/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationMiddleware.cs +++ b/src/Microsoft.AspNet.Security.Cookies/CookieAuthenticationMiddleware.cs @@ -4,7 +4,6 @@ using System; using Microsoft.AspNet.Builder; -using Microsoft.AspNet.Http; using Microsoft.AspNet.Security.Cookies.Infrastructure; using Microsoft.AspNet.Security.DataHandler; using Microsoft.AspNet.Security.DataProtection; diff --git a/src/Microsoft.AspNet.Security.Cookies/Infrastructure/ChunkingCookieManager.cs b/src/Microsoft.AspNet.Security.Cookies/Infrastructure/ChunkingCookieManager.cs index d5e48c198..f4d893bd5 100644 --- a/src/Microsoft.AspNet.Security.Cookies/Infrastructure/ChunkingCookieManager.cs +++ b/src/Microsoft.AspNet.Security.Cookies/Infrastructure/ChunkingCookieManager.cs @@ -17,6 +17,8 @@ public class ChunkingCookieManager : ICookieManager { public ChunkingCookieManager() { + // Lowest common denominator. Safari has the lowest known limit (4093), and we leave little extra just in case. + // See http://browsercookielimits.x64.me/. ChunkSize = 4090; ThrowForPartialCookies = true; } @@ -40,9 +42,8 @@ private static int ParseChunksCount(string value) { if (value != null && value.StartsWith("chunks:", StringComparison.Ordinal)) { - string chunksCountString = value.Substring("chunks:".Length); - int chunksCount; - if (int.TryParse(chunksCountString, NumberStyles.None, CultureInfo.InvariantCulture, out chunksCount)) + var chunksCountString = value.Substring("chunks:".Length); + if (int.TryParse(chunksCountString, NumberStyles.None, CultureInfo.InvariantCulture, out var chunksCount)) { return chunksCount; } @@ -57,28 +58,23 @@ private static int ParseChunksCount(string value) /// /// /// The reassembled cookie, if any, or null. - public string GetRequestCookie(HttpContext context, string key) + public string GetRequestCookie([NotNull] HttpContext context, [NotNull] string key) { - if (context == null) - { - throw new ArgumentNullException("context"); - } - - IReadableStringCollection requestCookies = context.Request.Cookies; - string value = requestCookies[key]; - int chunksCount = ParseChunksCount(value); + var requestCookies = context.Request.Cookies; + var value = requestCookies[key]; + var chunksCount = ParseChunksCount(value); if (chunksCount > 0) { - bool quoted = false; - string[] chunks = new string[chunksCount]; - for (int chunkId = 1; chunkId <= chunksCount; chunkId++) + var quoted = false; + var chunks = new string[chunksCount]; + for (var chunkId = 1; chunkId <= chunksCount; chunkId++) { - string chunk = requestCookies[key + "C" + chunkId.ToString(CultureInfo.InvariantCulture)]; + var chunk = requestCookies[key + "C" + chunkId.ToString(CultureInfo.InvariantCulture)]; if (chunk == null) { if (ThrowForPartialCookies) { - int totalSize = 0; + var totalSize = 0; for (int i = 0; i < chunkId - 1; i++) { totalSize += chunks[i].Length; @@ -97,7 +93,7 @@ public string GetRequestCookie(HttpContext context, string key) } chunks[chunkId - 1] = chunk; } - string merged = string.Join(string.Empty, chunks); + var merged = string.Join(string.Empty, chunks); if (quoted) { merged = Quote(merged); @@ -119,25 +115,16 @@ public string GetRequestCookie(HttpContext context, string key) /// /// /// - public void AppendResponseCookie(HttpContext context, string key, string value, CookieOptions options) + public void AppendResponseCookie([NotNull] HttpContext context, [NotNull] string key, string value, [NotNull] CookieOptions options) { - if (context == null) - { - throw new ArgumentNullException("context"); - } - if (options == null) - { - throw new ArgumentNullException("options"); - } + var domainHasValue = !string.IsNullOrEmpty(options.Domain); + var pathHasValue = !string.IsNullOrEmpty(options.Path); + var expiresHasValue = options.Expires.HasValue; - bool domainHasValue = !string.IsNullOrEmpty(options.Domain); - bool pathHasValue = !string.IsNullOrEmpty(options.Path); - bool expiresHasValue = options.Expires.HasValue; + var escapedKey = Uri.EscapeDataString(key); + var prefix = escapedKey + "="; - string escapedKey = Uri.EscapeDataString(key); - string prefix = escapedKey + "="; - - string suffix = string.Concat( + var suffix = string.Concat( !domainHasValue ? null : "; domain=", !domainHasValue ? null : options.Domain, !pathHasValue ? null : "; path=", @@ -148,19 +135,19 @@ public void AppendResponseCookie(HttpContext context, string key, string value, !options.HttpOnly ? null : "; HttpOnly"); value = value ?? string.Empty; - bool quoted = false; + var quoted = false; if (IsQuoted(value)) { quoted = true; value = RemoveQuotes(value); } - string escapedValue = Uri.EscapeDataString(value); + var escapedValue = Uri.EscapeDataString(value); // Normal cookie - IHeaderDictionary responseHeaders = context.Response.Headers; + var responseHeaders = context.Response.Headers; if (!ChunkSize.HasValue || ChunkSize.Value > prefix.Length + escapedValue.Length + suffix.Length + (quoted ? 2 : 0)) { - string setCookieValue = string.Concat( + var setCookieValue = string.Concat( prefix, quoted ? Quote(escapedValue) : escapedValue, suffix); @@ -180,18 +167,18 @@ public void AppendResponseCookie(HttpContext context, string key, string value, // Set-Cookie: CookieNameC1="Segment1"; path=/ // Set-Cookie: CookieNameC2="Segment2"; path=/ // Set-Cookie: CookieNameC3="Segment3"; path=/ - int dataSizePerCookie = ChunkSize.Value - prefix.Length - suffix.Length - (quoted ? 2 : 0) - 3; // Budget 3 chars for the chunkid. - int cookieChunkCount = (int)Math.Ceiling(escapedValue.Length * 1.0 / dataSizePerCookie); + var dataSizePerCookie = ChunkSize.Value - prefix.Length - suffix.Length - (quoted ? 2 : 0) - 3; // Budget 3 chars for the chunkid. + var cookieChunkCount = (int)Math.Ceiling(escapedValue.Length * 1.0 / dataSizePerCookie); responseHeaders.AppendValues(Constants.Headers.SetCookie, prefix + "chunks:" + cookieChunkCount.ToString(CultureInfo.InvariantCulture) + suffix); - - string[] chunks = new string[cookieChunkCount]; - int offset = 0; - for (int chunkId = 1; chunkId <= cookieChunkCount; chunkId++) + + var chunks = new string[cookieChunkCount]; + var offset = 0; + for (var chunkId = 1; chunkId <= cookieChunkCount; chunkId++) { - int remainingLength = escapedValue.Length - offset; - int length = Math.Min(dataSizePerCookie, remainingLength); - string segment = escapedValue.Substring(offset, length); + var remainingLength = escapedValue.Length - offset; + var length = Math.Min(dataSizePerCookie, remainingLength); + var segment = escapedValue.Substring(offset, length); offset += length; chunks[chunkId - 1] = string.Concat( @@ -215,34 +202,25 @@ public void AppendResponseCookie(HttpContext context, string key, string value, /// /// /// - public void DeleteCookie(HttpContext context, string key, CookieOptions options) + public void DeleteCookie([NotNull] HttpContext context, [NotNull] string key, [NotNull] CookieOptions options) { - if (context == null) - { - throw new ArgumentNullException("context"); - } - if (options == null) - { - throw new ArgumentNullException("options"); - } - - string escapedKey = Uri.EscapeDataString(key); - List keys = new List(); + var escapedKey = Uri.EscapeDataString(key); + var keys = new List(); keys.Add(escapedKey + "="); - string requestCookie = context.Request.Cookies[key]; - int chunks = ParseChunksCount(requestCookie); + var requestCookie = context.Request.Cookies[key]; + var chunks = ParseChunksCount(requestCookie); if (chunks > 0) { for (int i = 1; i <= chunks + 1; i++) { - string subkey = escapedKey + "C" + i.ToString(CultureInfo.InvariantCulture); + var subkey = escapedKey + "C" + i.ToString(CultureInfo.InvariantCulture); keys.Add(subkey + "="); } } - bool domainHasValue = !string.IsNullOrEmpty(options.Domain); - bool pathHasValue = !string.IsNullOrEmpty(options.Path); + var domainHasValue = !string.IsNullOrEmpty(options.Domain); + var pathHasValue = !string.IsNullOrEmpty(options.Path); Func rejectPredicate; Func predicate = value => keys.Any(k => value.StartsWith(k, StringComparison.OrdinalIgnoreCase)); @@ -259,8 +237,8 @@ public void DeleteCookie(HttpContext context, string key, CookieOptions options) rejectPredicate = value => predicate(value); } - IHeaderDictionary responseHeaders = context.Response.Headers; - IList existingValues = responseHeaders.GetValues(Constants.Headers.SetCookie); + var responseHeaders = context.Response.Headers; + var existingValues = responseHeaders.GetValues(Constants.Headers.SetCookie); if (existingValues != null) { responseHeaders.SetValues(Constants.Headers.SetCookie, existingValues.Where(value => !rejectPredicate(value)).ToArray()); @@ -270,7 +248,7 @@ public void DeleteCookie(HttpContext context, string key, CookieOptions options) context, key, string.Empty, - new CookieOptions + new CookieOptions() { Path = options.Path, Domain = options.Domain, @@ -283,7 +261,7 @@ public void DeleteCookie(HttpContext context, string key, CookieOptions options) context, key + "C" + i.ToString(CultureInfo.InvariantCulture), string.Empty, - new CookieOptions + new CookieOptions() { Path = options.Path, Domain = options.Domain, @@ -292,17 +270,17 @@ public void DeleteCookie(HttpContext context, string key, CookieOptions options) } } - private static bool IsQuoted(string value) + private static bool IsQuoted([NotNull] string value) { return value.Length >= 2 && value[0] == '"' && value[value.Length - 1] == '"'; } - private static string RemoveQuotes(string value) + private static string RemoveQuotes([NotNull] string value) { return value.Substring(1, value.Length - 2); } - private static string Quote(string value) + private static string Quote([NotNull] string value) { return '"' + value + '"'; }