Skip to content
This repository has been archived by the owner on Dec 14, 2018. It is now read-only.

Commit

Permalink
[Fixes #4112 #911] Adding support for custom SSL port
Browse files Browse the repository at this point in the history
New optional MvcOptions.SslPort. If not defined the redirection uses an empty port (default),
otherwise the custom port is used.
  • Loading branch information
sebastienros committed Feb 18, 2016
1 parent b557ca5 commit c943458
Show file tree
Hide file tree
Showing 3 changed files with 79 additions and 2 deletions.
6 changes: 6 additions & 0 deletions src/Microsoft.AspNetCore.Mvc.Core/MvcOptions.cs
Original file line number Diff line number Diff line change
Expand Up @@ -127,5 +127,11 @@ public int MaxModelValidationErrors
/// Gets a list of <see cref="IValueProviderFactory"/> used by this application.
/// </summary>
public IList<IValueProviderFactory> ValueProviderFactories { get; }

/// <summary>
/// Gets or sets the SSL port that is used by this application when <see cref="RequireHttpsAttribute"/>
/// is used. If not set the port won't be specified in the secured URL e.g. https://localhost/path.
/// </summary>
public int? SslPort { get; set; }
}
}
11 changes: 11 additions & 0 deletions src/Microsoft.AspNetCore.Mvc.Core/RequireHttpsAttribute.cs
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
using System;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options;

namespace Microsoft.AspNetCore.Mvc
{
Expand Down Expand Up @@ -35,6 +37,8 @@ protected virtual void HandleNonHttpsRequest(AuthorizationFilterContext filterCo
}
else
{
var optionsAccessor = filterContext.HttpContext.RequestServices.GetRequiredService<IOptions<MvcOptions>>();

var request = filterContext.HttpContext.Request;
var newUrl = string.Concat(
"https://",
Expand All @@ -43,6 +47,13 @@ protected virtual void HandleNonHttpsRequest(AuthorizationFilterContext filterCo
request.Path.ToUriComponent(),
request.QueryString.ToUriComponent());

// use a specific SSL port if it is provided in the options,
// clear it otherwise to use an empty default.
var uri = new UriBuilder(newUrl);
uri.Port = optionsAccessor.Value.SslPort ?? -1;

newUrl = uri.ToString();

// redirect to HTTPS version of page
filterContext.Result = new RedirectResult(newUrl, permanent: true);
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,11 +1,14 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.

using System;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Internal;
using Microsoft.AspNetCore.Mvc.Abstractions;
using Microsoft.AspNetCore.Mvc.Filters;
using Microsoft.AspNetCore.Routing;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Options;
using Xunit;

namespace Microsoft.AspNetCore.Mvc
Expand All @@ -16,6 +19,8 @@ public class RequireHttpsAttributeTests
public void OnAuthorization_AllowsTheRequestIfItIsHttps()
{
// Arrange
var options = new TestOptionsManager<MvcOptions>();

var requestContext = new DefaultHttpContext();
requestContext.Request.Scheme = "https";

Expand All @@ -36,8 +41,8 @@ public static TheoryData<string, string, string, string, string> RedirectToHttpE
// host, pathbase, path, query, expectedRedirectUrl
return new TheoryData<string, string, string, string, string>
{
{ "localhost", null, null, null, "https://localhost" },
{ "localhost:5000", null, null, null, "https://localhost:5000" },
{ "localhost", null, null, null, "https://localhost/" },
{ "localhost:5000", null, null, null, "https://localhost/" },
{ "localhost", "/pathbase", null, null, "https://localhost/pathbase" },
{ "localhost", "/pathbase", "/path", null, "https://localhost/pathbase/path" },
{ "localhost", "/pathbase", "/path", "?foo=bar", "https://localhost/pathbase/path?foo=bar" },
Expand Down Expand Up @@ -67,6 +72,7 @@ public void OnAuthorization_RedirectsToHttpsEndpoint_ForNonHttpsGetRequests(
{
// Arrange
var requestContext = new DefaultHttpContext();
requestContext.RequestServices = CreateServices();
requestContext.Request.Scheme = "http";
requestContext.Request.Method = "GET";
requestContext.Request.Host = HostString.FromUriComponent(host);
Expand Down Expand Up @@ -109,6 +115,7 @@ public void OnAuthorization_SignalsBadRequestStatusCode_ForNonHttpsAndNonGetRequ
{
// Arrange
var requestContext = new DefaultHttpContext();
requestContext.RequestServices = CreateServices();
requestContext.Request.Scheme = "http";
requestContext.Request.Method = method;
var authContext = CreateAuthorizationContext(requestContext);
Expand All @@ -128,6 +135,7 @@ public void HandleNonHttpsRequestExtensibility()
{
// Arrange
var requestContext = new DefaultHttpContext();
requestContext.RequestServices = CreateServices();
requestContext.Request.Scheme = "http";

var authContext = CreateAuthorizationContext(requestContext);
Expand All @@ -141,6 +149,47 @@ public void HandleNonHttpsRequestExtensibility()
Assert.Equal(StatusCodes.Status404NotFound, result.StatusCode);
}

[Theory]
[InlineData("http://localhost", null, "https://localhost/")]
[InlineData("http://localhost:5000", null, "https://localhost/")]
[InlineData("http://[2001:db8:a0b:12f0::1]", null, "https://[2001:db8:a0b:12f0::1]/")]
[InlineData("http://[2001:db8:a0b:12f0::1]:5000", null, "https://[2001:db8:a0b:12f0::1]/")]
[InlineData("http://localhost:5000/path", null, "https://localhost/path")]
[InlineData("http://localhost", 44380, "https://localhost:44380/")]
[InlineData("http://localhost:5000", 44380, "https://localhost:44380/")]
[InlineData("http://[2001:db8:a0b:12f0::1]", 44380, "https://[2001:db8:a0b:12f0::1]:44380/")]
[InlineData("http://[2001:db8:a0b:12f0::1]:5000", 44380, "https://[2001:db8:a0b:12f0::1]:44380/")]
[InlineData("http://localhost:5000/path", 44380, "https://localhost:44380/path")]
public void OnAuthorization_RedirectsToHttpsEndpoint_ForCustomSslPort(
string url,
int? sslPort,
string expectedUrl)
{
// Arrange
var options = new TestOptionsManager<MvcOptions>();
var uri = new Uri(url);

var requestContext = new DefaultHttpContext();
requestContext.RequestServices = CreateServices(sslPort);
requestContext.Request.Scheme = "http";
requestContext.Request.Method = "GET";
requestContext.Request.Host = HostString.FromUriComponent(uri);
requestContext.Request.Path = PathString.FromUriComponent(uri);
requestContext.Request.QueryString = QueryString.FromUriComponent(uri);

var authContext = CreateAuthorizationContext(requestContext);
var attr = new RequireHttpsAttribute();

// Act
attr.OnAuthorization(authContext);

// Assert
Assert.NotNull(authContext.Result);
var result = Assert.IsType<RedirectResult>(authContext.Result);

Assert.Equal(expectedUrl, result.Url);
}

private class CustomRequireHttpsAttribute : RequireHttpsAttribute
{
protected override void HandleNonHttpsRequest(AuthorizationFilterContext filterContext)
Expand All @@ -154,5 +203,16 @@ private static AuthorizationFilterContext CreateAuthorizationContext(HttpContext
var actionContext = new ActionContext(ctx, new RouteData(), new ActionDescriptor());
return new AuthorizationFilterContext(actionContext, new IFilterMetadata[0]);
}

private static IServiceProvider CreateServices(int? sslPort = null)
{
var options = new TestOptionsManager<MvcOptions>();
options.Value.SslPort = sslPort;

var services = new ServiceCollection();
services.AddSingleton<IOptions<MvcOptions>>(options);

return services.BuildServiceProvider();
}
}
}

0 comments on commit c943458

Please sign in to comment.