Merge branch 'dev'

.gitignore

@@ -8,3 +8,5 @@
 /_MvcHybridBackChannelBackChannel.txt
 /_MvcHybridBackChannelTwoBackChannelTwo.txt
 /_StsLogs.txt
+/_logs-**
+/StsServerIdentity/keys/**

ConsoleStandaloneUsingAzureSecrets/ConsoleStandaloneUsingAzureSecrets.csproj

@@ -2,7 +2,7 @@
 
   <PropertyGroup>
     <OutputType>Exe</OutputType>
-    <TargetFramework>net5.0</TargetFramework>
+    <TargetFramework>net8.0</TargetFramework>
     <UserSecretsId>49111a46-3c30-43e7-947e-3089451b73f2</UserSecretsId>
   </PropertyGroup>
 
@@ -11,11 +11,11 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Azure.Extensions.AspNetCore.Configuration.Secrets" Version="1.0.2" />
-    <PackageReference Include="Azure.Identity" Version="1.3.0" />
-    <PackageReference Include="Azure.Security.KeyVault.Certificates" Version="4.1.0" />
+    <PackageReference Include="Azure.Extensions.AspNetCore.Configuration.Secrets" Version="1.3.2" />
+    <PackageReference Include="Azure.Identity" Version="1.12.0" />
+    <PackageReference Include="Azure.Security.KeyVault.Certificates" Version="4.6.0" />
     <PackageReference Include="Microsoft.Azure.Services.AppAuthentication" Version="1.6.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="5.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="8.0.0" />
   </ItemGroup>
 
   <ItemGroup>

ConsoleStandaloneUsingAzureSecrets/Program.cs

@@ -1,74 +1,69 @@
-using System;
-using System.IO;
-using System.Reflection;
-using Azure.Identity;
-using Azure.Security.KeyVault.Secrets;
-using Microsoft.AspNetCore.Hosting;
+using Azure.Identity;
 using Microsoft.Azure.Services.AppAuthentication;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.Hosting;
+using System;
+using System.IO;
+using System.Reflection;
 
-namespace ConsoleStandaloneUsingAzureSecrets
-{
-    class Program
-    {
-        private static IConfigurationRoot _config;
-        private static IServiceProvider _services;
+namespace ConsoleStandaloneUsingAzureSecrets;
 
-        static void Main(string[] args)
-        {
-            Console.WriteLine("Start Application and get key vault values");
+class Program
+{
+    private static IConfigurationRoot _config;
+    private static IServiceProvider _services;
 
-            GetConfigurationsForEnvironment();
+    static void Main(string[] args)
+    {
+        Console.WriteLine("Start Application and get key vault values");
 
-            Console.WriteLine("Read Configurations");
+        GetConfigurationsForEnvironment();
 
-            SetupServices();
+        Console.WriteLine("Read Configurations");
 
-            Console.WriteLine("Services ready");
+        SetupServices();
 
-            // read config value
-            var someSecret = _config["SomeSecret"];
+        Console.WriteLine("Services ready");
 
-            Console.WriteLine($"Read from configuration: {someSecret}");
-            Console.ReadLine();
-        }
+        // read config value
+        var someSecret = _config["SomeSecret"];
 
-        private static void SetupServices()
-        {
-            var serviceCollection = new ServiceCollection();
+        Console.WriteLine($"Read from configuration: {someSecret}");
+        Console.ReadLine();
+    }
 
-            // Do migration, seeding logic or whatever
+    private static void SetupServices()
+    {
+        var serviceCollection = new ServiceCollection();
 
-            _services = serviceCollection.BuildServiceProvider();
-        }
+        // Do migration, seeding logic or whatever
 
-        private static void GetConfigurationsForEnvironment()
-        {
-            var environmentName = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
-            var location = Assembly.GetEntryAssembly().Location;
-            var directory = Path.GetDirectoryName(location);
+        _services = serviceCollection.BuildServiceProvider();
+    }
 
-            Console.WriteLine($"appsettings.json found");
-            Console.WriteLine($"{environmentName}");
+    private static void GetConfigurationsForEnvironment()
+    {
+        var environmentName = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
+        var location = Assembly.GetEntryAssembly().Location;
+        var directory = Path.GetDirectoryName(location);
 
-            var configBuilder = new ConfigurationBuilder()
-           .AddJsonFile($"{directory}{Path.DirectorySeparatorChar}appsettings.json", false, true)
-           .AddJsonFile($"{directory}{Path.DirectorySeparatorChar}appsettings.{environmentName}.json", true, true)
-           .AddEnvironmentVariables();
-            _config = configBuilder.Build();
+        Console.WriteLine($"appsettings.json found");
+        Console.WriteLine($"{environmentName}");
 
-            var dnsNameKeyVault = _config["DNSNameKeyVault"];
+        var configBuilder = new ConfigurationBuilder()
+       .AddJsonFile($"{directory}{Path.DirectorySeparatorChar}appsettings.json", false, true)
+       .AddJsonFile($"{directory}{Path.DirectorySeparatorChar}appsettings.{environmentName}.json", true, true)
+       .AddEnvironmentVariables();
+        _config = configBuilder.Build();
 
-            if (!string.IsNullOrWhiteSpace(dnsNameKeyVault))
-            {
-                var azureServiceTokenProvider = new AzureServiceTokenProvider();
-                configBuilder.AddAzureKeyVault(new Uri(dnsNameKeyVault), new DefaultAzureCredential());
+        var dnsNameKeyVault = _config["DNSNameKeyVault"];
 
+        if (!string.IsNullOrWhiteSpace(dnsNameKeyVault))
+        {
+            var azureServiceTokenProvider = new AzureServiceTokenProvider();
+            configBuilder.AddAzureKeyVault(new Uri(dnsNameKeyVault), new DefaultAzureCredential());
 
-                _config = configBuilder.Build();
-            }
+            _config = configBuilder.Build();
         }
     }
 }

MvcHybridBackChannel/AuthConfiguration.cs

@@ -1,9 +1,7 @@
-namespace MvcHybridBackChannel
-{
-    public class AuthConfiguration
-    {
-        public string StsServerIdentityUrl { get; set; }
+namespace MvcHybridBackChannel;
 
-        public string Audience { get; set; }
-    }
+public class AuthConfiguration
+{
+    public string StsServerIdentityUrl { get; set; } = string.Empty;
+    public string Audience { get; set; } = string.Empty;
 }

MvcHybridBackChannel/BackChannelLogout/BackchannelLogoutSession.cs

@@ -1,18 +1,17 @@
-namespace MvcHybridBackChannel.BackChannelLogout
+namespace MvcHybridBackChannel.BackChannelLogout;
+
+public partial class LogoutSessionManager
 {
-    public partial class LogoutSessionManager
+    private class BackchannelLogoutSession
     {
-        private class BackchannelLogoutSession
-        {
-            public string Sub { get; set; }
-            public string Sid { get; set; }
+        public string? Sub { get; set; }
+        public string? Sid { get; set; }
 
-            public bool IsMatch(string sub, string sid)
-            {
-                return (Sid == sid && Sub == sub) ||
-                       (Sid == sid && Sub == null) ||
-                       (Sid == null && Sub == sub);
-            }
+        public bool IsMatch(string sub, string sid)
+        {
+            return (Sid == sid && Sub == sub) ||
+                   (Sid == sid && Sub == null) ||
+                   (Sid == null && Sub == sub);
         }
     }
 }

MvcHybridBackChannel/BackChannelLogout/CookieEventHandler.cs

@@ -1,34 +1,31 @@
-using Microsoft.AspNetCore.Authentication.Cookies;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.Extensions.Logging;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
 
-namespace MvcHybridBackChannel.BackChannelLogout
+namespace MvcHybridBackChannel.BackChannelLogout;
+
+public class CookieEventHandler : CookieAuthenticationEvents
 {
-    public class CookieEventHandler : CookieAuthenticationEvents
+    private readonly LogoutSessionManager _logoutSessionManager;
+    private readonly ILogger<CookieEventHandler> _logger;
+
+    public CookieEventHandler(LogoutSessionManager logoutSessions, ILoggerFactory loggerFactory)
     {
-        private readonly LogoutSessionManager _logoutSessionManager;
-        private readonly ILogger<CookieEventHandler> _logger;
+        _logoutSessionManager = logoutSessions;
+        _logger = loggerFactory.CreateLogger<CookieEventHandler>();
+    }
 
-        public CookieEventHandler(LogoutSessionManager logoutSessions, ILoggerFactory loggerFactory)
+    public override async Task ValidatePrincipal(CookieValidatePrincipalContext context)
+    {
+        if (context.Principal!.Identity!.IsAuthenticated)
         {
-            _logoutSessionManager = logoutSessions;
-            _logger = loggerFactory.CreateLogger<CookieEventHandler>();
-        }
+            _logger.LogInformation($"BC ValidatePrincipal: {context.Principal.Identity.IsAuthenticated}");
+            var sub = context.Principal.FindFirst("sub")?.Value;
+            var sid = context.Principal.FindFirst("sid")?.Value;
 
-        public override async Task ValidatePrincipal(CookieValidatePrincipalContext context)
-        {
-            if (context.Principal.Identity.IsAuthenticated)
+            if (await _logoutSessionManager.IsLoggedOutAsync(sub, sid))
             {
-                _logger.LogInformation($"BC ValidatePrincipal: {context.Principal.Identity.IsAuthenticated}");
-                var sub = context.Principal.FindFirst("sub")?.Value;
-                var sid = context.Principal.FindFirst("sid")?.Value;
-
-                if (await _logoutSessionManager.IsLoggedOutAsync(sub, sid))
-                {
-                    context.RejectPrincipal();
-                    await context.HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
-                }
+                context.RejectPrincipal();
+                await context.HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
             }
         }
     }

MvcHybridBackChannel/BackChannelLogout/LogoutSessionManager.cs

@@ -1,63 +1,59 @@
 using Microsoft.Extensions.Caching.Distributed;
-using Microsoft.Extensions.Logging;
 using Newtonsoft.Json;
-using System;
-using System.Threading.Tasks;
 
-namespace MvcHybridBackChannel.BackChannelLogout
-{
-    public partial class LogoutSessionManager
-    {
-        private static readonly Object _lock = new Object();
-        private readonly ILogger<LogoutSessionManager> _logger;
-        private IDistributedCache _cache;
+namespace MvcHybridBackChannel.BackChannelLogout;
 
-        // Amount of time to check for old sessions. If this is to long, the cache will increase, 
-        // or if you have many user sessions, this will increase to much.
-        private const int cacheExpirationInDays = 8;
+public partial class LogoutSessionManager
+{
+    private static readonly object _lock = new();
+    private readonly ILogger<LogoutSessionManager> _logger;
+    private readonly IDistributedCache _cache;
 
-        public LogoutSessionManager(ILoggerFactory loggerFactory, IDistributedCache cache)
-        {
-            _cache = cache;
-            _logger = loggerFactory.CreateLogger<LogoutSessionManager>();
-        }
+    // Amount of time to check for old sessions. If this is to long, the cache will increase, 
+    // or if you have many user sessions, this will increase to much.
+    private const int cacheExpirationInDays = 8;
 
-        public void Add(string sub, string sid)
-        {
-            _logger.LogWarning($"BC Add a logout to the session: sub: {sub}, sid: {sid}");
-            var options = new DistributedCacheEntryOptions().SetSlidingExpiration(TimeSpan.FromDays(cacheExpirationInDays));
+    public LogoutSessionManager(ILoggerFactory loggerFactory, IDistributedCache cache)
+    {
+        _cache = cache;
+        _logger = loggerFactory.CreateLogger<LogoutSessionManager>();
+    }
 
-            lock (_lock)
-            {
-                var key = sub + sid;
-                var logoutSession = _cache.GetString(key);
-                _logger.LogInformation($"BC logoutSession: {logoutSession}");
-                if (logoutSession != null)
-                {
-                    var session = JsonConvert.DeserializeObject<BackchannelLogoutSession>(logoutSession);
-                }
-                else
-                {
-                    var newSession = new BackchannelLogoutSession { Sub = sub, Sid = sid };
-                    _cache.SetString(key, JsonConvert.SerializeObject(newSession), options);
-                }
-            }
-        }
+    public void Add(string sub, string sid)
+    {
+        _logger.LogWarning("BC Add a logout to the session: sub: {sub}, sid: {sid}", sub, sid);
+        var options = new DistributedCacheEntryOptions().SetSlidingExpiration(TimeSpan.FromDays(cacheExpirationInDays));
 
-        public async Task<bool> IsLoggedOutAsync(string sub, string sid)
+        lock (_lock)
         {
-            _logger.LogInformation($"BC IsLoggedOutAsync: sub: {sub}, sid: {sid}");
             var key = sub + sid;
-            var matches = false;
-            var logoutSession = await _cache.GetStringAsync(key);
+            var logoutSession = _cache.GetString(key);
+            _logger.LogInformation("BC logoutSession: {logoutSession}", logoutSession);
             if (logoutSession != null)
             {
                 var session = JsonConvert.DeserializeObject<BackchannelLogoutSession>(logoutSession);
-                matches = session.IsMatch(sub, sid);
-                _logger.LogInformation($"BC Logout session exists T/F {matches} : {sub}, sid: {sid}");
             }
+            else
+            {
+                var newSession = new BackchannelLogoutSession { Sub = sub, Sid = sid };
+                _cache.SetString(key, JsonConvert.SerializeObject(newSession), options);
+            }
+        }
+    }
 
-            return matches;
+    public async Task<bool> IsLoggedOutAsync(string sub, string sid)
+    {
+        _logger.LogInformation("BC IsLoggedOutAsync: sub: {sub}, sid: {sid}", sub, sid);
+        var key = sub + sid;
+        var matches = false;
+        var logoutSession = await _cache.GetStringAsync(key);
+        if (logoutSession != null)
+        {
+            var session = JsonConvert.DeserializeObject<BackchannelLogoutSession>(logoutSession);
+            matches = session.IsMatch(sub, sid);
+            _logger.LogInformation("BC Logout session exists T/F {matches} : {sub}, sid: {sid}", matches, sub, sid);
         }
+
+        return matches;
     }
 }