Update the OWIN/Katana projects to use the new logging stack and unify the log levels

kevinchalet · kevinchalet · commit 24f4a3a22243 · 2016-04-06T19:42:57.000+02:00
diff --git a/src/AspNet.Security.OAuth.Introspection/OAuthIntrospectionHandler.cs b/src/AspNet.Security.OAuth.Introspection/OAuthIntrospectionHandler.cs
@@ -25,15 +25,18 @@ public class OAuthIntrospectionHandler : AuthenticationHandler<OAuthIntrospectio
         protected override async Task<AuthenticateResult> HandleAuthenticateAsync() {
             string header = Request.Headers[HeaderNames.Authorization];
             if (string.IsNullOrEmpty(header)) {
-                return AuthenticateResult.Fail("Authentication failed because the bearer token " +
-                                               "was missing from the 'Authorization' header.");
+                Logger.LogInformation("Authentication was skipped because no bearer token was received.");
+
+                return AuthenticateResult.Skip();
             }
 
             // Ensure that the authorization header contains the mandatory "Bearer" scheme.
             // See https://tools.ietf.org/html/rfc6750#section-2.1
             if (!header.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase)) {
-                return AuthenticateResult.Fail("Authentication failed because an invalid scheme " +
-                                               "was used in the 'Authorization' header.");
+                Logger.LogInformation("Authentication was skipped because an incompatible " +
+                                      "scheme was used in the 'Authorization' header.");
+
+                return AuthenticateResult.Skip();
             }
 
             var token = header.Substring("Bearer ".Length);
diff --git a/src/AspNet.Security.OAuth.Validation/OAuthValidationHandler.cs b/src/AspNet.Security.OAuth.Validation/OAuthValidationHandler.cs
@@ -16,16 +16,18 @@ public class OAuthValidationHandler : AuthenticationHandler<OAuthValidationOptio
         protected override async Task<AuthenticateResult> HandleAuthenticateAsync() {
             string header = Request.Headers[HeaderNames.Authorization];
             if (string.IsNullOrEmpty(header)) {
-                Logger.LogDebug("Authentication was skipped because no bearer token was received.");
+                Logger.LogInformation("Authentication was skipped because no bearer token was received.");
 
                 return AuthenticateResult.Skip();
             }
 
             // Ensure that the authorization header contains the mandatory "Bearer" scheme.
             // See https://tools.ietf.org/html/rfc6750#section-2.1
             if (!header.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase)) {
-                return AuthenticateResult.Fail("Authentication failed because an invalid scheme " +
-                                               "was used in the 'Authorization' header.");
+                Logger.LogInformation("Authentication was skipped because an incompatible " +
+                                      "scheme was used in the 'Authorization' header.");
+
+                return AuthenticateResult.Skip();
             }
 
             var token = header.Substring("Bearer ".Length);
diff --git a/src/Owin.Security.OAuth.Introspection/OAuthIntrospectionHandler.cs b/src/Owin.Security.OAuth.Introspection/OAuthIntrospectionHandler.cs
@@ -14,7 +14,7 @@
 using System.Text;
 using System.Threading.Tasks;
 using Microsoft.Extensions.Caching.Distributed;
-using Microsoft.Owin.Logging;
+using Microsoft.Extensions.Logging;
 using Microsoft.Owin.Security;
 using Microsoft.Owin.Security.Infrastructure;
 using Newtonsoft.Json.Linq;
@@ -24,25 +24,24 @@ public class OAuthIntrospectionHandler : AuthenticationHandler<OAuthIntrospectio
         protected override async Task<AuthenticationTicket> AuthenticateCoreAsync() {
             var header = Request.Headers.Get("Authorization");
             if (string.IsNullOrEmpty(header)) {
-                Options.Logger.WriteError("Authentication failed because the bearer token " +
-                                          "was missing from the 'Authorization' header.");
+                Options.Logger.LogInformation("Authentication was skipped because no bearer token was received.");
 
                 return null;
             }
 
             // Ensure that the authorization header contains the mandatory "Bearer" scheme.
             // See https://tools.ietf.org/html/rfc6750#section-2.1
             if (!header.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase)) {
-                Options.Logger.WriteError("Authentication failed because an invalid scheme " +
-                                          "was used in the 'Authorization' header.");
+                Options.Logger.LogInformation("Authentication was skipped because an incompatible " +
+                                              "scheme was used in the 'Authorization' header.");
 
                 return null;
             }
 
             var token = header.Substring("Bearer ".Length);
             if (string.IsNullOrWhiteSpace(token)) {
-                Options.Logger.WriteError("Authentication failed because the bearer token " +
-                                          "was missing from the 'Authorization' header.");
+                Options.Logger.LogError("Authentication failed because the bearer token " +
+                                        "was missing from the 'Authorization' header.");
 
                 return null;
             }
@@ -55,17 +54,17 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync() {
                 // request failed or if the "active" claim was false.
                 var payload = await GetIntrospectionPayloadAsync(token);
                 if (payload == null || !payload.Value<bool>(OAuthIntrospectionConstants.Claims.Active)) {
-                    Options.Logger.WriteError("Authentication failed because the authorization " +
-                                              "server rejected the access token.");
+                    Options.Logger.LogError("Authentication failed because the authorization " +
+                                            "server rejected the access token.");
 
                     return null;
                 }
 
                 // Ensure that the access token was issued
                 // to be used with this resource server.
                 if (!await ValidateAudienceAsync(payload)) {
-                    Options.Logger.WriteError("Authentication failed because the access token " +
-                                              "was not valid for this resource server.");
+                    Options.Logger.LogError("Authentication failed because the access token " +
+                                            "was not valid for this resource server.");
 
                     return null;
                 }
@@ -81,7 +80,7 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync() {
             // Ensure that the authentication ticket is still valid.
             if (ticket.Properties.ExpiresUtc.HasValue &&
                 ticket.Properties.ExpiresUtc.Value < Options.SystemClock.UtcNow) {
-                Options.Logger.WriteError("Authentication failed because the access token was expired.");
+                Options.Logger.LogError("Authentication failed because the access token was expired.");
 
                 return null;
             }
@@ -100,9 +99,11 @@ protected virtual async Task<string> ResolveIntrospectionEndpointAsync(string is
 
             var response = await Options.HttpClient.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Request.CallCancelled);
             if (!response.IsSuccessStatusCode) {
-                Options.Logger.WriteError("An error occurred when retrieving the issuer metadata: the remote server " +
-                                         $"returned a {response.StatusCode} response with the following payload: " +
-                                         $"{response.Headers.ToString()} {await response.Content.ReadAsStringAsync()}.");
+                Options.Logger.LogError("An error occurred when retrieving the issuer metadata: the remote server " +
+                                        "returned a {Status} response with the following payload: {Headers} {Body}.",
+                                        /* Status: */ response.StatusCode,
+                                        /* Headers: */ response.Headers.ToString(),
+                                        /* Body: */ await response.Content.ReadAsStringAsync());
 
                 return null;
             }
@@ -143,9 +144,11 @@ protected virtual async Task<JObject> GetIntrospectionPayloadAsync(string token)
 
             var response = await Options.HttpClient.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Request.CallCancelled);
             if (!response.IsSuccessStatusCode) {
-                Options.Logger.WriteError("An error occurred when validating an access token: the remote server " +
-                                         $"returned a {response.StatusCode} response with the following payload: " +
-                                         $"{response.Headers.ToString()} {await response.Content.ReadAsStringAsync()}.");
+                Options.Logger.LogError("An error occurred when validating an access token: the remote server " +
+                                        "returned a {Status} response with the following payload: {Headers} {Body}.",
+                                        /* Status: */ response.StatusCode,
+                                        /* Headers: */ response.Headers.ToString(),
+                                        /* Body: */ await response.Content.ReadAsStringAsync());
 
                 return null;
             }
diff --git a/src/Owin.Security.OAuth.Introspection/OAuthIntrospectionMiddleware.cs b/src/Owin.Security.OAuth.Introspection/OAuthIntrospectionMiddleware.cs
@@ -6,15 +6,19 @@
 
 using System;
 using System.Net.Http;
+using JetBrains.Annotations;
 using Microsoft.Extensions.Caching.Distributed;
 using Microsoft.Extensions.Caching.Memory;
+using Microsoft.Extensions.Logging;
 using Microsoft.Owin;
-using Microsoft.Owin.Logging;
 using Microsoft.Owin.Security.Infrastructure;
 
 namespace Owin.Security.OAuth.Introspection {
     public class OAuthIntrospectionMiddleware : AuthenticationMiddleware<OAuthIntrospectionOptions> {
-        public OAuthIntrospectionMiddleware(OwinMiddleware next, IAppBuilder app, OAuthIntrospectionOptions options)
+        public OAuthIntrospectionMiddleware(
+            [NotNull] OwinMiddleware next,
+            [NotNull] IAppBuilder app,
+            [NotNull] OAuthIntrospectionOptions options)
             : base(next, options) {
             if (string.IsNullOrEmpty(options.Authority) &&
                 string.IsNullOrEmpty(options.IntrospectionEndpoint)) {
@@ -33,7 +37,7 @@ public OAuthIntrospectionMiddleware(OwinMiddleware next, IAppBuilder app, OAuthI
             }
 
             if (options.Logger == null) {
-                options.Logger = app.CreateLogger<OAuthIntrospectionMiddleware>();
+                options.Logger = new LoggerFactory().CreateLogger<OAuthIntrospectionMiddleware>();
             }
 
             if (options.HttpClient == null) {
diff --git a/src/Owin.Security.OAuth.Introspection/OAuthIntrospectionOptions.cs b/src/Owin.Security.OAuth.Introspection/OAuthIntrospectionOptions.cs
@@ -7,8 +7,8 @@
 using System.Collections.Generic;
 using System.Net.Http;
 using Microsoft.Extensions.Caching.Distributed;
+using Microsoft.Extensions.Logging;
 using Microsoft.Owin.Infrastructure;
-using Microsoft.Owin.Logging;
 using Microsoft.Owin.Security;
 using Microsoft.Owin.Security.DataHandler.Serializer;
 
diff --git a/src/Owin.Security.OAuth.Introspection/project.json b/src/Owin.Security.OAuth.Introspection/project.json
@@ -30,6 +30,7 @@
   "dependencies": {
     "JetBrains.Annotations": { "type": "build", "version": "10.1.2-eap" },
     "Microsoft.Extensions.Caching.Memory": "1.0.0-*",
+    "Microsoft.Extensions.Logging": "1.0.0-*",
     "Microsoft.Owin.Security": "3.0.1",
     "Newtonsoft.Json": "8.0.3"
   },
diff --git a/src/Owin.Security.OAuth.Validation/OAuthValidationHandler.cs b/src/Owin.Security.OAuth.Validation/OAuthValidationHandler.cs
@@ -7,7 +7,7 @@
 using System;
 using System.Linq;
 using System.Threading.Tasks;
-using Microsoft.Owin.Logging;
+using Microsoft.Extensions.Logging;
 using Microsoft.Owin.Security;
 using Microsoft.Owin.Security.Infrastructure;
 
@@ -16,24 +16,24 @@ public class OAuthValidationHandler : AuthenticationHandler<OAuthValidationOptio
         protected override async Task<AuthenticationTicket> AuthenticateCoreAsync() {
             var header = Request.Headers.Get("Authorization");
             if (string.IsNullOrEmpty(header)) {
-                Options.Logger.WriteVerbose("Authentication was skipped because no bearer token was received.");
+                Options.Logger.LogInformation("Authentication was skipped because no bearer token was received.");
 
                 return null;
             }
 
             // Ensure that the authorization header contains the mandatory "Bearer" scheme.
             // See https://tools.ietf.org/html/rfc6750#section-2.1
             if (!header.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase)) {
-                Options.Logger.WriteWarning("Authentication failed because an invalid scheme " +
-                                            "was used in the 'Authorization' header.");
+                Options.Logger.LogInformation("Authentication was skipped because an incompatible " +
+                                              "scheme was used in the 'Authorization' header.");
 
                 return null;
             }
 
             var token = header.Substring("Bearer ".Length);
             if (string.IsNullOrWhiteSpace(token)) {
-                Options.Logger.WriteWarning("Authentication failed because the bearer token " +
-                                            "was missing from the 'Authorization' header.");
+                Options.Logger.LogError("Authentication failed because the bearer token " +
+                                        "was missing from the 'Authorization' header.");
 
                 return null;
             }
@@ -42,24 +42,24 @@ protected override async Task<AuthenticationTicket> AuthenticateCoreAsync() {
             // if the ticket can't be decrypted or validated.
             var ticket = Options.AccessTokenFormat.Unprotect(token);
             if (ticket == null) {
-                Options.Logger.WriteWarning("Authentication failed because the access token was invalid.");
+                Options.Logger.LogError("Authentication failed because the access token was invalid.");
 
                 return null;
             }
 
             // Ensure that the access token was issued
             // to be used with this resource server.
             if (!await ValidateAudienceAsync(ticket)) {
-                Options.Logger.WriteWarning("Authentication failed because the access token " +
-                                            "was not valid for this resource server.");
+                Options.Logger.LogError("Authentication failed because the access token " +
+                                        "was not valid for this resource server.");
 
                 return null;
             }
 
             // Ensure that the authentication ticket is still valid.
             if (ticket.Properties.ExpiresUtc.HasValue &&
                 ticket.Properties.ExpiresUtc.Value < Options.SystemClock.UtcNow) {
-                Options.Logger.WriteWarning("Authentication failed because the access token was expired.");
+                Options.Logger.LogError("Authentication failed because the access token was expired.");
 
                 return null;
             }
diff --git a/src/Owin.Security.OAuth.Validation/OAuthValidationMiddleware.cs b/src/Owin.Security.OAuth.Validation/OAuthValidationMiddleware.cs
@@ -5,17 +5,21 @@
  */
 
 using System;
+using JetBrains.Annotations;
 using Microsoft.AspNetCore.DataProtection;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Logging;
 using Microsoft.Owin;
 using Microsoft.Owin.BuilderProperties;
-using Microsoft.Owin.Logging;
 using Microsoft.Owin.Security.Infrastructure;
 using Microsoft.Owin.Security.Interop;
 
 namespace Owin.Security.OAuth.Validation {
     public class OAuthValidationMiddleware : AuthenticationMiddleware<OAuthValidationOptions> {
-        public OAuthValidationMiddleware(OwinMiddleware next, IAppBuilder app, OAuthValidationOptions options)
+        public OAuthValidationMiddleware(
+            [NotNull] OwinMiddleware next,
+            [NotNull] IAppBuilder app,
+            [NotNull] OAuthValidationOptions options)
             : base(next, options) {
             if (options.DataProtectionProvider == null) {
                 // Create a new DI container and register
@@ -51,7 +55,7 @@ public OAuthValidationMiddleware(OwinMiddleware next, IAppBuilder app, OAuthVali
             }
 
             if (options.Logger == null) {
-                options.Logger = app.CreateLogger<OAuthValidationMiddleware>();
+                options.Logger = new LoggerFactory().CreateLogger<OAuthValidationMiddleware>();
             }
         }
 
diff --git a/src/Owin.Security.OAuth.Validation/OAuthValidationOptions.cs b/src/Owin.Security.OAuth.Validation/OAuthValidationOptions.cs
@@ -6,8 +6,8 @@
 
 using System.Collections.Generic;
 using Microsoft.AspNetCore.DataProtection;
+using Microsoft.Extensions.Logging;
 using Microsoft.Owin.Infrastructure;
-using Microsoft.Owin.Logging;
 using Microsoft.Owin.Security;
 
 namespace Owin.Security.OAuth.Validation {
diff --git a/src/Owin.Security.OAuth.Validation/project.json b/src/Owin.Security.OAuth.Validation/project.json
@@ -29,6 +29,7 @@
 
   "dependencies": {
     "JetBrains.Annotations": { "type": "build", "version": "10.1.2-eap" },
+    "Microsoft.Extensions.Logging": "1.0.0-*",
     "Microsoft.Owin.Security.Interop": "1.0.0-*"
   },
 
