Added direct references to latest framework and removed no longer supported frameworks.

Added possibility to suppress WWWAuthenticate header globally not only on Ajax request.

Author: msmolka

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2017 Marcin Smółka
+Copyright (c) 2017 - 2020 Marcin Smółka
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -11,6 +11,9 @@ Install using the [ZNetCS.AspNetCore.Authentication.Basic NuGet package](https:/
 ```
 PM> Install-Package ZNetCS.AspNetCore.Authentication.Basic
 ```
+# Changes in 5.0.0
+Added direct references to latest framework and removed no longer supported frameworks.
+Added possibility to suppress WWWAuthenticate header globally not only on Ajax request.
 
 # Important change in 4.0.0
 From now assembly is signed.
@@ -26,7 +29,7 @@ When you install the package, it should be added to your `.csproj`. Alternativel
 
 ```xml
 <ItemGroup>
-    <PackageReference Include="ZNetCS.AspNetCore.Authentication.Basic" Version="4.0.0" />
+    <PackageReference Include="ZNetCS.AspNetCore.Authentication.Basic" Version="5.0.0" />
 </ItemGroup>
 ```
 

ZNetCS.AspNetCore.Authentication.Basic.sln

@@ -1,12 +1,13 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio 15
-VisualStudioVersion = 15.0.26228.4
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.30717.126
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{EC6AC5C8-ACCF-492E-99E6-28E935E993C4}"
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{EBBE213E-359F-4158-9AB8-3C46BDBAA30C}"
 	ProjectSection(SolutionItems) = preProject
+		LICENSE = LICENSE
 		README.md = README.md
 	EndProjectSection
 EndProject
@@ -38,4 +39,7 @@ Global
 		{0C36B232-F48E-4BCC-8F11-840A9694B75D} = {EC6AC5C8-ACCF-492E-99E6-28E935E993C4}
 		{16932A67-81EA-4D76-873C-C22FA81F1A2D} = {3D8699E9-972B-47E0-9A9F-FEA369A9C832}
 	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {C9D04CE8-4159-4CA2-AE7F-8BEF87D7ACC3}
+	EndGlobalSection
 EndGlobal

src/ZNetCS.AspNetCore.Authentication.Basic/AjaxRequestOptions.cs

@@ -30,7 +30,7 @@ public class AjaxRequestOptions
         /// Gets or sets a value indicating whether suppress sending the WWWAuthenticate response header when a request has the
         /// header (X-Requested-With,XMLHttpRequest).
         /// </summary>
-        public bool SuppressWwwAuthenticateHeader { get; set; } = false;
+        public bool SuppressWwwAuthenticateHeader { get; set; }
 
         #endregion
     }

src/ZNetCS.AspNetCore.Authentication.Basic/BasicAuthenticationHandler.cs

@@ -12,6 +12,7 @@ namespace ZNetCS.AspNetCore.Authentication.Basic
     #region Usings
 
     using System;
+    using System.Diagnostics.CodeAnalysis;
     using System.Linq;
     using System.Text;
     using System.Text.Encodings.Web;
@@ -100,7 +101,7 @@ public BasicAuthenticationHandler(IOptionsMonitor<BasicAuthenticationOptions> op
         protected override Task<object> CreateEventsAsync() => Task.FromResult<object>(new BasicAuthenticationEvents());
 
         /// <inheritdoc/>
-        [System.Diagnostics.CodeAnalysis.SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "Just for validation, the quickest")]
+        [SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "Just for validation, the quickest")]
         protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
         {
             // RFC 7230 section 3.2.2
@@ -171,6 +172,11 @@ protected override Task HandleChallengeAsync(AuthenticationProperties context)
         {
             this.Response.StatusCode = StatusCodes.Status401Unauthorized;
 
+            if (this.Options.SuppressWwwAuthenticateHeader)
+            {
+                return Task.CompletedTask;
+            }
+
             if ((this.Options.AjaxRequestOptions?.SuppressWwwAuthenticateHeader == true)
                 && this.Request.Headers.TryGetValue(
                     this.Options.AjaxRequestOptions?.HeaderName ?? BasicAuthenticationDefaults.AjaxRequestHeaderName,

src/ZNetCS.AspNetCore.Authentication.Basic/BasicAuthenticationOptions.cs

@@ -11,8 +11,6 @@ namespace ZNetCS.AspNetCore.Authentication.Basic
 {
     #region Usings
 
-    using System.Diagnostics.CodeAnalysis;
-
     using Microsoft.AspNetCore.Authentication;
 
     using ZNetCS.AspNetCore.Authentication.Basic.Events;
@@ -41,7 +39,7 @@ public BasicAuthenticationOptions()
         #region Public Properties
 
         /// <summary>
-        /// Gets or sets the ajax request options.
+        /// Gets or sets the ajax request options. Special authentication header handling for Ajax requests.
         /// </summary>
         public AjaxRequestOptions AjaxRequestOptions { get; set; }
 
@@ -75,9 +73,14 @@ public BasicAuthenticationOptions()
         /// authentication scheme.Note that a response can have multiple
         /// challenges with the same auth-scheme but with different realms.
         /// </remarks>
-        [SuppressMessage("StyleCop.CSharp.DocumentationRules", "SA1650:ElementDocumentationMustBeSpelledCorrectly", Justification = "OK")]
         public string Realm { get; set; }
 
+        /// <summary>
+        /// Gets or sets a value indicating whether suppress sending the WWWAuthenticate response header.
+        /// In some rest scenarios it is not needed, so can be suppressed.
+        /// </summary>
+        public bool SuppressWwwAuthenticateHeader { get; set; }
+
         #endregion
     }
 }

src/ZNetCS.AspNetCore.Authentication.Basic/ZNetCS.AspNetCore.Authentication.Basic.csproj

@@ -4,32 +4,40 @@
     <Description>A simple basic authentication middleware.</Description>
     <Copyright>Marcin Smółka zNET Computer Solutions</Copyright>
     <Authors>Marcin Smółka</Authors>
-    <TargetFrameworks>net461;netstandard2.0;netcoreapp3.0</TargetFrameworks>
-    <GenerateDocumentationFile>true</GenerateDocumentationFile>
+    <TargetFrameworks>net461;netstandard2.0;netcoreapp3.1;net5.0</TargetFrameworks>
     <AssemblyName>ZNetCS.AspNetCore.Authentication.Basic</AssemblyName>
-    <PackageId>ZNetCS.AspNetCore.Authentication.Basic</PackageId>
-    <PackageTags>aspnetcore;aspnetcoremvc;middleware;authentication;basic;ASP.NET;MVC</PackageTags>
-    <PackageProjectUrl>https://github.com/msmolka/ZNetCS.AspNetCore.Authentication.Basic</PackageProjectUrl>
-    <PackageLicenseUrl>https://raw.githubusercontent.com/msmolka/ZNetCS.AspNetCore.Authentication.Basic/master/LICENSE</PackageLicenseUrl>
-    <PackageReleaseNotes>Library is now signed.</PackageReleaseNotes>
-    <RepositoryType>git</RepositoryType>
-    <RepositoryUrl>https://github.com/msmolka/ZNetCS.AspNetCore.Authentication.Basic</RepositoryUrl>
-    <VersionPrefix>4.0.0</VersionPrefix>
-    <NoWarn>$(NoWarn);NU5125</NoWarn>
-    <!-- remove once tools are truly ready for NuGet's new 'license' element -->
+    <VersionPrefix>5.0.0</VersionPrefix>
     <GenerateAssemblyConfigurationAttribute>false</GenerateAssemblyConfigurationAttribute>
     <GenerateAssemblyCompanyAttribute>false</GenerateAssemblyCompanyAttribute>
     <GenerateAssemblyTitleAttribute>false</GenerateAssemblyTitleAttribute>
     <GenerateAssemblyProductAttribute>false</GenerateAssemblyProductAttribute>
     <GenerateAssemblyCopyrightAttribute>false</GenerateAssemblyCopyrightAttribute>
     <CodeAnalysisRuleSet>..\..\CommonRuleSet.ruleset</CodeAnalysisRuleSet>
-    <LangVersion>8.0</LangVersion>
     <SignAssembly>true</SignAssembly>
     <AssemblyOriginatorKeyFile>StrongNameKey.snk</AssemblyOriginatorKeyFile>
+    <LangVersion>Latest</LangVersion>
   </PropertyGroup>
 
+  <PropertyGroup>
+    <PackageId>ZNetCS.AspNetCore.Authentication.Basic</PackageId>
+    <PackageTags>aspnetcore;aspnetcoremvc;middleware;authentication;basic;</PackageTags>
+    <PackageProjectUrl>https://github.com/msmolka/ZNetCS.AspNetCore.Authentication.Basic</PackageProjectUrl>
+    <PackageLicenseFile>LICENSE</PackageLicenseFile>
+    <PackageReleaseNotes>Update support for latest supported frameworks. Allow suppress WWWAuthenticate globally.</PackageReleaseNotes>
+  </PropertyGroup>
+
+  <PropertyGroup>
+    <GenerateDocumentationFile>true</GenerateDocumentationFile>
+    <ContinuousIntegrationBuild>true</ContinuousIntegrationBuild>
+    <EmbedUntrackedSources>true</EmbedUntrackedSources>
+    <RepositoryType>git</RepositoryType>
+    <RepositoryUrl>https://github.com/msmolka/ZNetCS.AspNetCore.Authentication.Basic</RepositoryUrl>
+  </PropertyGroup>
+
+
   <ItemGroup>
     <AdditionalFiles Include="..\..\stylecop.json" Link="stylecop.json" />
+    <None Include="..\..\LICENSE" Pack="true" PackagePath=""/>
   </ItemGroup>
 
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|AnyCPU'">
@@ -38,7 +46,7 @@
 
   <ItemGroup>
     <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.0.0" PrivateAssets="all" />
-    <PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="2.9.8">
+    <PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="3.3.1">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
@@ -48,7 +56,7 @@
     </PackageReference>
   </ItemGroup>
 
-  <ItemGroup Condition="'$(TargetFramework)' == 'netcoreapp3.0'">
+  <ItemGroup Condition="'$(TargetFramework)' == 'netcoreapp3.1' OR '$(TargetFramework)' == 'net5.0'">
     <FrameworkReference Include="Microsoft.AspNetCore.App" />
   </ItemGroup>
 

test/ZNetCS.AspNetCore.Authentication.BasicTests/AuthorizationTest.cs

@@ -268,6 +268,30 @@ public async Task UnauthorizedMyRealmTestAjaxRequestSuppressed()
             Assert.IsNull(wwwAuth, "No header should be sent back on ajax request");
         }
 
+        /// <summary>
+        /// The unauthorized basic realm via ajax.
+        /// </summary>
+        [TestMethod]
+        public async Task UnauthorizedMyRealmTestRequestSuppressed()
+        {
+            using var server = new TestServer(WebHostBuilderHelper.CreateBuilder(o =>
+            {
+                o.Realm = "My realm";
+                o.SuppressWwwAuthenticateHeader = true;
+            }));
+
+            using HttpClient client = server.CreateClient();
+
+            // Act
+            HttpResponseMessage response = await client.GetAsync("api/test");
+
+            // Assert
+            AuthenticationHeaderValue wwwAuth = response.Headers.WwwAuthenticate.SingleOrDefault();
+
+            Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode, "StatusCode != Unauthorized");
+            Assert.IsNull(wwwAuth, "No header should be sent back on ajax request");
+        }
+
         #endregion
     }
 }

…ore.Authentication.BasicTests/Startup.cs …re.Authentication.BasicTests/Startup1.cstest/ZNetCS.AspNetCore.Authentication.BasicTests/Startup.cs renamed to test/ZNetCS.AspNetCore.Authentication.BasicTests/Startup1.cs test/ZNetCS.AspNetCore.Authentication.BasicTests/Startup.cs renamed to test/ZNetCS.AspNetCore.Authentication.BasicTests/Startup1.cs

@@ -1,13 +1,13 @@
 // --------------------------------------------------------------------------------------------------------------------
-// <copyright file="Startup.cs" company="Marcin Smółka zNET Computer Solutions">
+// <copyright file="Startup1.cs" company="Marcin Smółka zNET Computer Solutions">
 //   Copyright (c) Marcin Smółka zNET Computer Solutions. All rights reserved.
 // </copyright>
 // <summary>
 //   The startup.
 // </summary>
 // --------------------------------------------------------------------------------------------------------------------
 
-#if !NETCOREAPP3_0
+#if !NETCOREAPP3_1 && !NET5_0
 namespace ZNetCS.AspNetCore.Authentication.BasicTests
 {
     #region Usings

…re.Authentication.BasicTests/Startup3.cs …re.Authentication.BasicTests/Startup2.cstest/ZNetCS.AspNetCore.Authentication.BasicTests/Startup3.cs renamed to test/ZNetCS.AspNetCore.Authentication.BasicTests/Startup2.cs test/ZNetCS.AspNetCore.Authentication.BasicTests/Startup3.cs renamed to test/ZNetCS.AspNetCore.Authentication.BasicTests/Startup2.cs

@@ -1,13 +1,13 @@
 // --------------------------------------------------------------------------------------------------------------------
-// <copyright file="Startup3.cs" company="Marcin Smółka zNET Computer Solutions">
+// <copyright file="Startup2.cs" company="Marcin Smółka zNET Computer Solutions">
 //   Copyright (c) Marcin Smółka zNET Computer Solutions. All rights reserved.
 // </copyright>
 // <summary>
 //   The startup.
 // </summary>
 // --------------------------------------------------------------------------------------------------------------------
 
-#if NETCOREAPP3_0
+#if NETCOREAPP3_1 || NET5_0
 namespace ZNetCS.AspNetCore.Authentication.BasicTests
 {
     #region Usings