aspnet-contrib / aspnet.security.openidconnect.server Goto Github PK
View Code? Open in Web Editor NEWOpenID Connect/OAuth2 server framework for OWIN/Katana and ASP.NET Core
aspnet.security.openidconnect.server's People
Contributors
Stargazers
Watchers
Forkers
manfredsteyer jacobrillema moiseyo kevinchalet virajs ryansecret nikhilbharathesh alexzeitler ilmax igorbek ericl85 okusnadi rewso juntaforce afoliaco marc-mueller monkeyjamboree calliflower quxian arksutw funkycoding sverreeh santanaguy smartfire loning gacalves galvesribeiro writecoderepo onuralp sunsided yonglehou jwk24 jgoelten jango2015 austinedeveloper hubaksis johnsonlu vijayaramb sensarg22 devilsuraj srosengren 331564533 leebrandt dovydasnavickas edemx menlalily facugoye vzolotov kerryyao zsvanderlaan celoaiza jackjet870 fengzijun gmarkoss dejobo crael lissbrict foxaaa sergiudamian jackjet michaelmatveev netdragoon fulviocanducci mrphardy danroot austad dhusbands hotor alex-19841 mvanhelmont jmblakl jaisongeorge eriawan aiska crigot cmielke xperiandri c-romeo josephtsui victorjsilva glennneiger vladmee pushsos luckst aidmsu rodalonts howardedidin oneofbestman edidingroup thejoshcrawford akinca valerysntx jhoffmansoftware girish360 onnorokomsoftware sobhanpanda rodcarls thedevopsmachine buibup layth01aspnet.security.openidconnect.server's Issues
Add a new RefreshTokenLifetime property to OpenIdConnectServerOptions
Provide a default value for IdTokenExpireTimeSpan in OpenIdConnectServerOptions
Currently, OpenIdConnectServerOptions's constructor doesn't set any value for IdTokenExpireTimeSpan and this can cause security exceptions when the end dev' has not given his own value.
System.ArgumentException: IDX10401: Expires: '07/12/2014 19:27:49' must be after NotBefore: '07/12/2014 19:27:49'.
at System.IdentityModel.Tokens.JwtSecurityTokenHandler.CreateToken(String issuer, String audience, ClaimsIdentity subject, Nullable1 notBefore, Nullable1 expires, SigningCredentials signingCredentials, SignatureProvider signatureProvider)
at Microsoft.Owin.Security.OpenIdConnect.Server.OpenIdConnectServerHandler.CreateIdToken(ClaimsIdentity identity, AuthenticationProperties authProperties, String clientId, String accessToken, String authorizationCode, String nonce)
We should consider providing a default value.
Replace copyright mentions and change namespace before RTM
Provide a robust solution to support delegation scenarios
OpenIdConnectServerExtensions.CreateIdToken currently uses JwtSecurityTokenHandler.CreateToken without specifying the subject identity parameter (and alters manually the JWT payload using the claims extracted from the ambient identity)
We should consider specifying the subject parameter to allow delegation scenarios (JwtSecurityTokenHandler.CreateToken already takes care of adding an actort claim when a subject.Actor is specified)
This would involve creating a new ClaimsIdentity from the ambient one and manually replacing its claims using ServerClaimsMapper or changing the ServerClaimsMapper extension point - by replacing it by a predicate filter for instance - and directly using the original identity.
Use Sake
Provide a token validation endpoint
Review data protector's "purposes" strings in OpenIdConnectServerMiddleware
Flow important contexts in the environment dictionary to make them easier to access from next middleware
Enable XML documentation
Add support for metadata discovery
Sample not working?
Whenever I start the sample server or client I get an error 500 page no details.
I use visual studio 2015 RC to build and run, debugger won't break on any thing in the starup class.
Getting PinpointTownes mail-address ;-)
Can you let me have your mail-address, so that we can also talk "off the records" ?
Support response_type=id_token
Currently, we can't use id_token alone. We should consider supporting it.
http://openid.net/specs/openid-connect-core-1_0.html#id_tokenExample
Prepare OSOS for ASP.NET vNext
Fix AdditionalResponseParameters handling and array writing
This bug has not been fixed in Katana v3 but I suggest to fix it here before v1:
https://katanaproject.codeplex.com/workitem/289
@manfredsteyer any chance you could work on a fix?
Replace ServerClaimsMapper by a more robust and flexible solution
Choose code conventions
Now that Owin.Security.OpenIdConnect.Server is meant to be a standalone middleware, we are free to choose our own conventions: let's discuss about that here.
I'm a huge fan of K&R style. What's your favorite one?
Choose an appropriate license before release
Use the OpenIdConnectMessage primitive
I'm currently working on a new approach using the OpenIdConnectMessage primitive instead of OpenIdConnectAuthorizationRequest and OpenIdConnectTokenRequest. This should offer a nicer experience to the end developers, specially when dealing with parameters that were not included in these types. The additional parameters dictionaries will also be removed to favor the strongly-typed OpenIdConnectMessage facade.
You can follow the progress here: https://github.com/PinpointTownes/Owin.Security.OpenIdConnect.Server
Back from Holiday
Hi,
after two weeks, I'm back from holidy and it's great to see, what happened meanwhile!
Wishes,
Manfred
Prevent the token endpoint from issuing access tokens for unknown audiences/resources
Provide a more complete sample using either Nancy or ASP.NET MVC
React to https://katanaproject.codeplex.com/SourceControl/network/forks/jamesholwell/katana/contribution/7137
Include appropriate unit/functional tests
Remove unnecessary dependencies
I suggest removing ASP.NET Identity from the client sample and replacing app.UseExternalSignInCookie by app.UseCookieAuthentication.
Support issuing access tokens in the hybrid flow
Currently, we don't support response_type=code id_token token and response_type=code token.
We should rework ApplyResponseGrantAsync to support it.
Make the issuer address optional and determine it from the current request when necessary
To make app.UseOpenIdConnectServer easier to configure and to match the guidelines adopted for the aspnet/Security project, OpenIdConnectServerOptions.Issuer will be made optional. When missing, it will be automatically computed using Request.Scheme + "://" + Request.Host + Request.PathBase: https://github.com/aspnet/Security/blob/dev/src/Microsoft.AspNet.Authentication.OAuth/OAuthAuthenticationHandler.cs#L175
Add support for logout endpoint
How to configure a new client application in the Mvc.Server sample?
From a JavaScript client I tried to issue a token and used this URI:
http://localhost:54540/connect/authorize?client_id=myClient&redirect_uri=http://localhost:3000/index.html&response_type=id_token&scope=openid&state=1435418504620015784112294204533&nonce=143541850462009592662733048201
This results in an error page:
An OpenID Connect error has occurred invalid_client Invalid redirect_uri
Am I doing something wrong?
The JavaScript client is running on http://localhost:3000/index.html and the OpenId-Server is the one from the /samples/Mvc/Mvc.Server without modifications.
Respect response_mode when returning an error to the client application
This issue is not new and is directly inherited from OAuthAuthorizationServerHandler.
The fix should handle the case described here: http://katanaproject.codeplex.com/discussions/539091
response_mode=form_post without redirect
Add discussed solution for response_mode=form_post, that works without a redirect and without an own razor-file. I've proposed it for Katana and should just add it to this Project.
Destination property check in id token
Great work.
There is a problem of Code flow in Owin.Security.OpenIdConnect.Server, as the properties of claims are not serialized, the destination properties are lost during serialization, when exchanging code for id token, claims that go into id token must have destination property. This is not case for access token, as default claims with no destination property are included in access token. Is this a bug or feature? thanks
index.cshtml in Client-Sample
The Client-Sample lacks of an index.cshtml that requests a Login using oidc and then shows the current user's claims. Something like this:
@{
Layout = null;
var result = Request.GetOwinContext().Authentication.AuthenticateAsync("ExternalCookie").Result;
if (result == null)
{
Request.GetOwinContext().Authentication.Challenge("OIDC");
return;
}
}
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width" />
<title></title>
</head>
<body>
<div>
<h1>Hello, @result.Identity.Name!</h1>
<table>
@foreach (var c in result.Identity.Claims)
{
<tr>
<td>@c.Type</td>
<td>@c.Value</td>
</tr>
}
</table>
</div>
</body>
</html>
Expose OpenIdConnectMessage from Create*Code/Token and Receive*Code/Token
Problems with MVC 6
Hi,
I've just played around with the current ASP.NET-5-Implementation and found out, that the current VS 2015 CTP presents the following error after downloading AspNet.Security.OpenIdConnect.Server via NuGet:
Dependency System.Collections.Specialized >= 4.0.0-beta-22606 could not be resolved SecureWebAPIDemo c:\users\manfred\documents\visual studio 2015\Projects\SecureWebAPIDemo\src\SecureWebAPIDemo\project.json 1
Wishes,
Manfred
Enforce the binding of refresh tokens to the client they were issued to
Enforcing the binding of refresh tokens and authorization codes to the client they were issued to. Client authentication is critical when an authorization code is transmitted to the redirection endpoint over an insecure channel or when the redirection URI has not been registered in full.
https://tools.ietf.org/html/rfc6749#section-3.2.1
The Authorization Server MUST validate the Refresh Token, MUST verify that it was issued to the Client, and must verify that the Client successfully authenticated it has a Client Authentication method.
http://openid.net/specs/openid-connect-core-1_0.html#RefreshingAccessToken
(this check was already absent from Katana: https://katanaproject.codeplex.com/SourceControl/latest#src/Microsoft.Owin.Security.OAuth/OAuthAuthorizationServerHandler.cs)
Remove packages from the repository and use NuGet package restore
We should remove packages from the repository to limit the time required to clone it.
Make Options.SigningCredentials optional
OpenIdConnectServerHandler should work in a degraded mode instead of requiring signing credentials: in this case, requests containing the id_token response_type should be rejected but pure OAuth2 requests should be served, given that Options.SigningCredentials are only needed to create the identity token.
The configuration metadata and the keys endpoint should also be updated to include these changes.
Support POST on the authorization endpoint
Unlike OAuth2, OIDC servers must now support both GET and POST requests to be specs-compliant:
Authorization Servers MUST support the use of the HTTP GET and POST methods defined in RFC 2616 [RFC2616] at the Authorization Endpoint. Clients MAY use the HTTP GET or POST methods to send the Authorization Request to the Authorization Server. If using the HTTP GET method, the request parameters are serialized using URI Query String Serialization, per Section 13.1. If using the HTTP POST method, the request parameters are serialized using Form Serialization, per Section 13.2.
We should consider implementing POST support for v1.
Support AuthenticationProperties.ExpiresUtc
Currently, OpenIdConnectServerExtensions.CreateIdToken doesn't use AuthenticationProperties.ExpiresUtc to determine the identity token expiration date.
OpenIdConnectServerOptions.IdTokenExpireTimeSpan should only be used as a fallback value.
Make 'dev' the default branch until release
Add a new check to prevent issuing access tokens for unknown scopes
Reuse the same logic adopted for resources/audiences to validate the optional "scope" parameter flowed during the token request: #83
Add support for user-info-endpoint
Improve the built-in errors/log messages
Publish Owin.Security.OpenIdConnect.Server on NuGet.org when ready
Log code/token validation exceptions in Receive*CodeAsync/Receive*TokenAsync
Token and code validation exceptions are currently swallowed in Receive*CodeAsync/Receive*TokenAsync but not logged in the catch blocks, which makes debugging harder.
e.g:
try {
SecurityToken securityToken;
var principal = handler.ValidateToken(token, parameters, out securityToken);
// Parameters stored in AuthenticationProperties are lost
// when the identity token is serialized using a security token handler.
// To mitigate that, they are inferred from the claims or the security token.
var properties = new AuthenticationProperties {
ExpiresUtc = securityToken.ValidTo,
IssuedUtc = securityToken.ValidFrom
};
var audiences = principal.FindAll(JwtRegisteredClaimNames.Aud);
if (audiences.Any()) {
properties.SetAudiences(audiences.Select(claim => claim.Value));
}
return new AuthenticationTicket(principal, properties, Options.AuthenticationScheme);
}
catch { return null; }
Automatically add refresh_token to grant_types_supported when the token endpoint is enabled
Does the current implementation support refresh tokens?
.well-known/openid-configuration says
grant_types_supported: [
"implicit",
"authorization_code"
]
But I've seen some other issues refering to refresh tokens so I'm not sure....
Sample not working on Linux
I tried the following (@ Mvc.Server):
dnvm install 1.0.0-beta5-11781 -u -f
dnvm use 1.0.0-beta5-11781
dnu restore
dnx . kestrel
Result:
Microsoft.Framework.Runtime.Roslyn.RoslynCompilationException: /home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Startup.cs(112,17): error CS1061: 'IApplicationBuilder' does not contain a definition for 'UseInMemorySession' and no extension method 'UseInMemorySession' accepting a first argument of type 'IApplicationBuilder' could be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Startup.cs(114,13): error CS0246: The type or namespace name 'IApplicationBuilder' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Controllers/AuthorizationController.cs(32,28): error CS0246: The type or namespace name 'OpenIdConnectMessage' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Controllers/AuthorizationController.cs(39,27): error CS0246: The type or namespace name 'OpenIdConnectMessage' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Controllers/AuthorizationController.cs(56,37): error CS0246: The type or namespace name 'OpenIdConnectMessage' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Controllers/AuthorizationController.cs(83,27): error CS0246: The type or namespace name 'OpenIdConnectMessage' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Controllers/AuthorizationController.cs(146,27): error CS0246: The type or namespace name 'OpenIdConnectMessage' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Controllers/AuthorizationController.cs(157,13): error CS0246: The type or namespace name 'HttpContext' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Controllers/AuthorizationController.cs(176,28): error CS0246: The type or namespace name 'OpenIdConnectMessage' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Controllers/AuthorizationController.cs(187,27): error CS0246: The type or namespace name 'OpenIdConnectMessage' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(17,31): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(19,30): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(27,40): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(27,40): error CS1061: 'ValidateClientAuthenticationNotification' does not contain a definition for 'HttpContext' and no extension method 'HttpContext' accepting a first argument of type 'ValidateClientAuthenticationNotification' could be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(32,87): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(32,87): error CS1061: 'ValidateClientAuthenticationNotification' does not contain a definition for 'HttpContext' and no extension method 'HttpContext' accepting a first argument of type 'ValidateClientAuthenticationNotification' could be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(35,30): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(43,30): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(50,26): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(54,40): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(54,40): error CS1061: 'ValidateClientRedirectUriNotification' does not contain a definition for 'HttpContext' and no extension method 'HttpContext' accepting a first argument of type 'ValidateClientRedirectUriNotification' could be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(59,87): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(59,87): error CS1061: 'ValidateClientRedirectUriNotification' does not contain a definition for 'HttpContext' and no extension method 'HttpContext' accepting a first argument of type 'ValidateClientRedirectUriNotification' could be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(62,30): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(71,34): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(79,26): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(83,40): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(83,40): error CS1061: 'ValidateClientLogoutRedirectUriNotification' does not contain a definition for 'HttpContext' and no extension method 'HttpContext' accepting a first argument of type 'ValidateClientLogoutRedirectUriNotification' could be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(86,30): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(93,26): error CS0246: The type or namespace name 'BaseContext<TOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(100,75): error CS0246: The type or namespace name 'EndpointContext<OpenIdConnectServerOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(100,75): error CS1061: 'MatchEndpointNotification' does not contain a definition for 'Options' and no extension method 'Options' accepting a first argument of type 'MatchEndpointNotification' could be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(100,30): error CS0246: The type or namespace name 'EndpointContext<OpenIdConnectServerOptions>' could not be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(100,30): error CS1061: 'MatchEndpointNotification' does not contain a definition for 'Request' and no extension method 'Request' accepting a first argument of type 'MatchEndpointNotification' could be found (are you missing a using directive or an assembly reference?)
/home/alex/src/AspNet.Security.OpenIdConnect.Server/samples/Mvc/Mvc.Server/Providers/AuthorizationProvider.cs(101,30): error CS0246: The type or namespace name 'EndpointContext<OpenIdConnectServerOptions>' could not be found (are you missing a using directive or an assembly reference?)
at Microsoft.Framework.Runtime.Roslyn.RoslynProjectReference.Load (IAssemblyLoadContext loadContext) [0x00000] in <filename unknown>:0
at Microsoft.Framework.Runtime.Loader.ProjectAssemblyLoader.Load (System.String name, IAssemblyLoadContext loadContext) [0x00000] in <filename unknown>:0
at Microsoft.Framework.Runtime.Loader.ProjectAssemblyLoader.Load (System.String name) [0x00000] in <filename unknown>:0
at dnx.host.LoaderContainer.Load (System.String name) [0x00000] in <filename unknown>:0
at dnx.host.DefaultLoadContext.LoadAssembly (System.String name) [0x00000] in <filename unknown>:0
at Microsoft.Framework.Runtime.Loader.AssemblyLoaderCache.GetOrAdd (System.String name, System.Func`2 factory) [0x00000] in <filename unknown>:0
at Microsoft.Framework.Runtime.Loader.LoadContext.LoadAssemblyImpl (System.String name) [0x00000] in <filename unknown>:0
at Microsoft.Framework.Runtime.Loader.LoadContext.ResolveAssembly (System.Object sender, System.ResolveEventArgs args) [0x00000] in <filename unknown>:0
at System.AppDomain.DoAssemblyResolve (System.String name, System.Reflection.Assembly requestingAssembly, Boolean refonly) [0x00000] in <filename unknown>:0
at (wrapper managed-to-native) System.AppDomain:LoadAssembly (System.AppDomain,string,System.Security.Policy.Evidence,bool)
at System.AppDomain.Load (System.Reflection.AssemblyName assemblyRef, System.Security.Policy.Evidence assemblySecurity) [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) System.AppDomain:Load (System.Reflection.AssemblyName,System.Security.Policy.Evidence)
at System.AppDomain.Load (System.Reflection.AssemblyName assemblyRef) [0x00000] in <filename unknown>:0
at (wrapper remoting-invoke-with-check) System.AppDomain:Load (System.Reflection.AssemblyName)
at System.Reflection.Assembly.Load (System.Reflection.AssemblyName assemblyRef) [0x00000] in <filename unknown>:0
at Microsoft.AspNet.Hosting.Startup.StartupLoader.FindStartupType (System.String startupAssemblyName, IList`1 diagnosticMessages) [0x00000] in <filename unknown>:0
at Microsoft.AspNet.Hosting.Internal.HostingEngine.EnsureStartup () [0x00000] in <filename unknown>:0
at Microsoft.AspNet.Hosting.Internal.HostingEngine.EnsureApplicationServices () [0x00000] in <filename unknown>:0
at Microsoft.AspNet.Hosting.Internal.HostingEngine.Start () [0x00000] in <filename unknown>:0
at Microsoft.AspNet.Hosting.Program.Main (System.String[] args) [0x00000] in <filename unknown>:0
at (wrapper managed-to-native) System.Reflection.MonoMethod:InternalInvoke (System.Reflection.MonoMethod,object,object[],System.Exception&)
at System.Reflection.MonoMethod.Invoke (System.Object obj, BindingFlags invokeAttr, System.Reflection.Binder binder, System.Object[] parameters, System.Globalization.CultureInfo culture) [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at Microsoft.Framework.Runtime.Common.EntryPointExecutor.Execute (System.Reflection.Assembly assembly, System.String[] args, IServiceProvider serviceProvider) [0x00000] in <filename unknown>:0
at Microsoft.Framework.ApplicationHost.Program.ExecuteMain (Microsoft.Framework.Runtime.DefaultHost host, System.String applicationName, System.String[] args) [0x00000] in <filename unknown>:0
at Microsoft.Framework.ApplicationHost.Program.Main (System.String[] args) [0x00000] in <filename unknown>:0
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x00000] in <filename unknown>:0
at Microsoft.Framework.Runtime.Common.EntryPointExecutor.Execute (System.Reflection.Assembly assembly, System.String[] args, IServiceProvider serviceProvider) [0x00000] in <filename unknown>:0
at dnx.host.Bootstrapper.RunAsync (System.Collections.Generic.List`1 args) [0x00000] in <filename unknown>:0
Mvc.Client can be run using dnx . kestrel (yet not fully tested as the server is missing).
Filtering claims in handler
I've noticed that the handler filters out claims without a destination. What's the reason for that?
Wishes,
Manfred
Change Katana references to target V3 RTM
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.