Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
author Roja Ennam <roennam@microsoft.com> 1650579606 -0700 committer brentschmaltz <brentschmaltz@hotmail.com> 1652933215 -0700 Creating EcdhKeyExchangeProvider Adding target for net core 3.1 This reverts commit 5c51220. Adding immediate retry on network failure + better logging during configuation retrieval (#1784) * Adding immediate retry on network failure to the token validation flow using ConfigurationManager (specifically inside of HttpDocumentRetriever) * Adding better logging during configuration retrieval Adding more information on key location to error messages (#1786) rename JwtHandler -> JsonWebTokenHandler adjust tests to throw invalid signature Simplify the EventBasedLRUCache and Allows Skipping LRU (#1783) * simplify the EventBasedLRUCache bit and added the _maintainLRU flag to skip the maintenance of LRU * resolved review comments * 1. let the event queue task continue to run for 2 min after the queue is empty 2. stop the task when the InMemoryCryptoProviderCache.Dispose() is called * skip all operations on _doubleLinkedList when _maintainLRU = false * fixed the failed test MaintainLRUOrder (_maintainLRU needs to set to true) Update DisposableObjectPool to dispose on Free() when full When the internal `items` array of DisposableObjectPool is full, calls to Free() (that are trying to return over-allocated instances during a spike in calls to Allocate() "drop" the object by doing nothing. Since the object is not disposed, before it can be garbage collected it has to wait in the finalization queue for finalization to call dispose. This change updates Free() to directly dispose those objects which can't be returned to the pool, allowing them to avoid a potentially long wait in the finalizer queue. param check for null fix check for tenantId (#1801) update version to 6.15.2 Adding LKG feature into JwtSecurityTokenHandler Adding tests for SignatureValidatorUsingConfiguration address comment add IsRecoverableConfiguration mark metadata address as non-PII Make M.IM.Tokens visible to S2S.Tokens (#1807) added the ValidateTokenAsyc() and ReadToken() methods to all token handlers (#1810) * added the ValidateTokenAsyc() method to all token handlers * implement the ValidateTokenAsync() for JwtSecurityTokenHandler * added the TokenHandler.ReadToken() method * return async result via .ConfigureAwait(false).GetAwaiter().GetResult(), and don't catch general Exception * added expected exceptions to the TokenHandler.cs() and removed CA1031 from GlobalSuppression as we are now caching specific exceptions * added more comments * updated all token handlers to catch the general exception (like in JsonWebTokenHandler) to be consistent * updated comments * always return the first ClaimsIdentity from the ClaimsPrincipal as TokenValidationResult.ClaimsIdentity * return the first identity from the ClaimsPrincipal in Saml2SecurityTokenHandler.ValidateTokenAsync() so it is consistent with Saml1 update version to 6.16.1 (#1811) update patch version after release of 6.16.0 Configuration validator (#1825) Introduce an ConfigurationValidator class that can be used to apply validation rules to a retrieved configuration. Simplify strings comparison with Ordinal option update version update version for next release Add 'cty' claim to JWE header Address comments Fix tests (#1838) Fix DEF test (#1839) Copying work from broken topic branch EcdsaKeyWrap Provider Constants Ecdh test Creating EcdhKeyExchangeProvider Removed unnecesary code and comments from ReferenceTests Created Ecdh Security Key Removing EcdhSecurityKey since ECDsaSecurityKey is the same thing Modifying ctor for EcdhKeyExchangeProvider Refactoring + overloads for ctrs in KeyExchangeProvider Differentiate in between ECDH-ES and ECDH-ES+A{128|192|256}KW. Setting AlgorithmID accordingly to alg and enc values. Returning CEK as SecurityKey Changes to Reference test to reflect the changes enc is not optional for key exchange provider apu and apv can be null/empty for generate cek added comments to guide ECDH-ES Adding Jwt header params for epk, apu and apv Adding supported algorithms for symmetric keywrap Adding ECDH-ES logic/cases to JsonWebTokenHandler added test for creating a JWE Test cases for Jwe using Ecdh-ES Reference test clean up Use of apv and apu included Aes192KW inclusion LogMessages update in EcdhEs Key Exchange Provider Removed unsued ctors Added direct tests for EcdhEsKeyExchangeProvider Cleaned up reference test Refactoring ctors in EcdhEsKeyExchangeProvider, including new LogMessage Removed unused file that was part of an earlier commit Addressing feed back from PR EcdhKeyExchangeProvider's constructor refactoring: Params for keys are both SecurityKeys, new error message to better describe when we were unable to obtain ECParameters, and some refactoring for readbility. Refactoring for JsonWebTokenHandler.ResolveTokenDecryptionKey for string comparison JwtTokenUtulities.GetSecurityKey refactor for readbility, null clauses for apu amd apv being null, and changed the creating of SymmetricSecurityKey to match with what is already in place for difference cases. Test case scenario for the metnioned above. Removed unnecesary code Adding target for net core 3.1 Copying work from broken topic branch EcdsaKeyWrap Provider Constants Ecdh test Creating EcdhKeyExchangeProvider Removed unnecesary code and comments from ReferenceTests Created Ecdh Security Key Removing EcdhSecurityKey since ECDsaSecurityKey is the same thing Modifying ctor for EcdhKeyExchangeProvider Refactoring + overloads for ctrs in KeyExchangeProvider Differentiate in between ECDH-ES and ECDH-ES+A{128|192|256}KW. Setting AlgorithmID accordingly to alg and enc values. Returning CEK as SecurityKey Changes to Reference test to reflect the changes enc is not optional for key exchange provider apu and apv can be null/empty for generate cek added test for creating a JWE Test cases for Jwe using Ecdh-ES Reference test clean up Use of apv and apu included Aes192KW inclusion LogMessages update in EcdhEs Key Exchange Provider Removed unsued ctors Added direct tests for EcdhEsKeyExchangeProvider Cleaned up reference test Refactoring ctors in EcdhEsKeyExchangeProvider, including new LogMessage Removed unused file that was part of an earlier commit Addressing feed back from PR EcdhKeyExchangeProvider's constructor refactoring: Params for keys are both SecurityKeys, new error message to better describe when we were unable to obtain ECParameters, and some refactoring for readbility. Refactoring for JsonWebTokenHandler.ResolveTokenDecryptionKey for string comparison JwtTokenUtulities.GetSecurityKey refactor for readbility, null clauses for apu amd apv being null, and changed the creating of SymmetricSecurityKey to match with what is already in place for difference cases. Test case scenario for the metnioned above. Removed unnecesary code Adding target for net core 3.1 removing extra letter from rebase Adding NET_CORE defined when using netcore 3.1 Fixing dupe code from rebase onto
- Loading branch information
1 parent
087f414
commit 4cfe7de