Finished events - Build error fixes and exclusion of .build folder from tracked files.

Squashed commits:

[6e9a9fe] Finished work on Introspection and Validation events except for tests on a couple of the Introspection events. Also fixed the RootNamespaces of all of the projects. (+3 squashed commit)

Squashed commit:

[c572f5b] Whitespace changes mostly

[c1ea6bc] Wrote some tests but missing AuthenticationFailedContext tests and tests for exceptions thrown.

[f8ae71c] Finished events for the Validation middleware. Tests need to be created. (+1 squashed commits)

Squashed commits:

[36b8003] Finished events for the Validation middleware. Tests need to be created.

Author: MonkeyJamboree

.gitignore

@@ -21,6 +21,7 @@ x64/
 build/
 [Bb]in/
 [Oo]bj/
+.build/
 
 # Enable "build/" folder in the NuGet Packages folder since NuGet packages use it for MSBuild targets
 !packages/*/build/

src/AspNet.Security.OAuth.Introspection/AspNet.Security.OAuth.Introspection.xproj

@@ -4,17 +4,15 @@
     <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
     <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
   </PropertyGroup>
-
   <Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.Props" Condition="'$(VSToolsPath)' != ''" />
   <PropertyGroup Label="Globals">
     <ProjectGuid>a8569260-142c-427a-8b14-a8df56cc15b7</ProjectGuid>
-    <RootNamespace>AspNet.Security.OpenIdConnect.Introspection</RootNamespace>
+    <RootNamespace>AspNet.Security.OAuth.Introspection</RootNamespace>
     <BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">..\..\artifacts\obj\$(MSBuildProjectName)</BaseIntermediateOutputPath>
     <OutputPath Condition="'$(OutputPath)'=='' ">..\..\artifacts\bin\$(MSBuildProjectName)\</OutputPath>
   </PropertyGroup>
-
   <PropertyGroup>
     <SchemaVersion>2.0</SchemaVersion>
   </PropertyGroup>
   <Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.targets" Condition="'$(VSToolsPath)' != ''" />
-</Project>
+</Project>

src/AspNet.Security.OAuth.Introspection/Events/AuthenticationFailedContext.cs

@@ -0,0 +1,14 @@
+using Microsoft.AspNetCore.Http;
+using System;
+
+namespace AspNet.Security.OAuth.Introspection {
+    public class AuthenticationFailedContext : BaseIntrospectionContext {
+        public AuthenticationFailedContext(
+            HttpContext context,
+            OAuthIntrospectionOptions options)
+            : base(context, options) {
+        }
+
+        public Exception Exception { get; set; }
+    }
+}

src/AspNet.Security.OAuth.Introspection/Events/BaseIntrospectionContext.cs

@@ -0,0 +1,17 @@
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http;
+
+namespace AspNet.Security.OAuth.Introspection
+{
+    public abstract class BaseIntrospectionContext : BaseControlContext
+    {
+        public BaseIntrospectionContext(
+            HttpContext context, 
+            OAuthIntrospectionOptions options) 
+            : base(context) {
+            Options = options;
+        }
+
+        public OAuthIntrospectionOptions Options { get; }
+    }
+}

src/AspNet.Security.OAuth.Introspection/Events/CreateTicketContext.cs

@@ -0,0 +1,16 @@
+using Microsoft.AspNetCore.Http;
+using Newtonsoft.Json.Linq;
+
+namespace AspNet.Security.OAuth.Introspection {
+    public class CreateTicketContext : BaseIntrospectionContext {
+        public CreateTicketContext(
+            HttpContext context,
+            OAuthIntrospectionOptions options,
+            JObject payload)
+            : base(context, options) {
+            Payload = payload;
+        }
+
+        public JObject Payload { get; set; }
+    }
+}

src/AspNet.Security.OAuth.Introspection/Events/IOAuthIntrospectionEvents.cs

@@ -0,0 +1,35 @@
+using System.Threading.Tasks;
+
+namespace AspNet.Security.OAuth.Introspection {
+    public interface IOAuthIntrospectionEvents {
+        /// <summary>
+        /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
+        /// </summary>
+        Task AuthenticationFailed(AuthenticationFailedContext context);
+
+        /// <summary>
+        /// Invoked when a ticket is to be created from an introspection response.
+        /// </summary>
+        Task CreateTicket(CreateTicketContext context);
+
+        /// <summary>
+        /// Invoked when a token is to be sent to the authorization server for introspection.
+        /// </summary>
+        Task IntrospectToken(IntrospectTokenContext context);
+
+        /// <summary>
+        /// Invoked when a protocol message is first received.
+        /// </summary>
+        Task MessageRecieved(MessageReceivedContext context);
+
+        /// <summary>
+        /// Invoked after processing, when a token has been validated.
+        /// </summary>
+        Task TokenValidated(TokenValidatedContext context);
+
+        /// <summary>
+        /// Invoked when audiences are to be validated for a message.
+        /// </summary>
+        Task ValidateAudience(ValidateAudienceContext context);
+    }
+}

src/AspNet.Security.OAuth.Introspection/Events/IntrospectTokenContext.cs

@@ -0,0 +1,18 @@
+using Microsoft.AspNetCore.Http;
+using Newtonsoft.Json.Linq;
+
+namespace AspNet.Security.OAuth.Introspection {
+    public class IntrospectTokenContext : BaseIntrospectionContext {
+        public IntrospectTokenContext(
+            HttpContext context,
+            OAuthIntrospectionOptions options,
+            string token)
+            : base(context, options) {
+            Token = token;
+        }
+
+        public string Token { get; }
+
+        public JObject Payload { get; set; }
+    }
+}

src/AspNet.Security.OAuth.Introspection/Events/MessageReceivedContext.cs

@@ -0,0 +1,16 @@
+using Microsoft.AspNetCore.Http;
+
+namespace AspNet.Security.OAuth.Introspection {
+    public class MessageReceivedContext : BaseIntrospectionContext {
+        public MessageReceivedContext(
+            HttpContext context, 
+            OAuthIntrospectionOptions options)
+            : base(context, options) {
+        }
+
+        /// <summary>
+        /// Gets or sets the access token.
+        /// </summary>
+        public string Token { get; set; }
+    }
+}

src/AspNet.Security.OAuth.Introspection/Events/OAuthIntrospectionEvents.cs

@@ -0,0 +1,66 @@
+using System;
+using System.Threading.Tasks;
+
+namespace AspNet.Security.OAuth.Introspection {
+    public class OAuthIntrospectionEvents : IOAuthIntrospectionEvents {
+        /// <summary>
+        /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
+        /// </summary>
+        public Func<AuthenticationFailedContext, Task> OnAuthenticationFailed { get; set; } = context => Task.FromResult(0);
+
+        /// <summary>
+        /// Invoked when a ticket is to be created from an introspection response.
+        /// </summary>
+        public Func<CreateTicketContext, Task> OnCreateTicket { get; set; } = context => Task.FromResult(0);
+
+        /// <summary>
+        /// Invoked when a token is to be sent to the authorization server for introspection.
+        /// </summary>
+        public Func<IntrospectTokenContext, Task> OnIntrospectToken { get; set; } = context => Task.FromResult(0);
+
+        /// <summary>
+        /// Invoked when a protocol message is first received.
+        /// </summary>
+        public Func<MessageReceivedContext, Task> OnMessageReceived { get; set; } = context => Task.FromResult(0);
+        
+        /// <summary>
+        /// Invoked after processing, when a token has been validated.
+        /// </summary>
+        public Func<TokenValidatedContext, Task> OnTokenValidated { get; set; } = context => Task.FromResult(0);
+
+        /// <summary>
+        /// Invoked when audiences are to be validated for a message.
+        /// </summary>
+        public Func<ValidateAudienceContext, Task> OnValidateAudience { get; set; } = context => Task.FromResult(0);
+
+        /// <summary>
+        /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
+        /// </summary>
+        public virtual Task AuthenticationFailed(AuthenticationFailedContext context) => OnAuthenticationFailed(context);
+
+        /// <summary>
+        /// Invoked when a ticket is to be created from an introspection response.
+        /// </summary>
+        public virtual Task CreateTicket(CreateTicketContext context) => OnCreateTicket(context);
+
+        /// <summary>
+        /// Invoked when a token is to be sent to the authorization server for introspection.
+        /// </summary>
+        public virtual Task IntrospectToken(IntrospectTokenContext context) => OnIntrospectToken(context);
+
+        /// <summary>
+        /// Invoked when a protocol message is first received.
+        /// </summary>
+        public virtual Task MessageRecieved(MessageReceivedContext context) => OnMessageReceived(context);
+        
+        /// <summary>
+        /// Invoked after processing, when a token has been validated.
+        /// </summary>
+        public virtual Task TokenValidated(TokenValidatedContext context) => OnTokenValidated(context);
+
+        /// <summary>
+        /// Invoked when audiences are to be validated for a message.
+        /// </summary>
+        public virtual Task ValidateAudience(ValidateAudienceContext context) => OnValidateAudience(context);
+    }
+}

src/AspNet.Security.OAuth.Introspection/Events/TokenValidatedContext.cs

@@ -0,0 +1,14 @@
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http;
+
+namespace AspNet.Security.OAuth.Introspection {
+    public class TokenValidatedContext : BaseIntrospectionContext {
+        public TokenValidatedContext(
+            HttpContext context,
+            OAuthIntrospectionOptions options,
+            AuthenticationTicket ticket) 
+            : base(context, options) {
+            Ticket = ticket;
+        }
+    }
+}

src/AspNet.Security.OAuth.Introspection/Events/ValidateAudienceContext.cs

@@ -0,0 +1,42 @@
+using Microsoft.AspNetCore.Http;
+using Newtonsoft.Json.Linq;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+
+namespace AspNet.Security.OAuth.Introspection {
+    public class ValidateAudienceContext : BaseIntrospectionContext {
+        public ValidateAudienceContext(
+            HttpContext context, 
+            OAuthIntrospectionOptions options,
+            JToken payload) 
+            : base(context, options) {
+            Payload = payload;
+            var audiences = payload[OAuthIntrospectionConstants.Claims.Audience];
+            if(audiences != null) {
+                if(audiences.Type == JTokenType.String) {
+                    Audiences = payload.Value<JArray>(OAuthIntrospectionConstants.Claims.Audience)
+                                           .Select(audience => audience.Value<string>());
+                }
+                else if (audiences.Type == JTokenType.Array) {
+                    Audiences = new[] { payload.Value<string>(OAuthIntrospectionConstants.Claims.Audience) };
+                }
+            }
+            Validate();
+        }
+
+        public IEnumerable<string> Audiences { get; set; }
+
+        public JToken Payload { get; }
+
+        public bool IsValid { get; set; }
+
+        public bool Validate() {
+            return IsValid = Validate(Audiences);
+        }
+
+        public bool Validate(IEnumerable<string> audiences) {
+            return IsValid = Options.Audiences.Count == 0 || !audiences.Intersect(Options.Audiences, StringComparer.Ordinal).Any();
+        }
+    }
+}