- Challenge property moved from 'BasicOptions' to 'BasicHandler'.

- Comments added to the code.

Author: mihirdilip

LICENSE renamed to LICENSE.txt

@@ -3,7 +3,13 @@ Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio 15
 VisualStudioVersion = 15.0.27428.2011
 MinimumVisualStudioVersion = 10.0.40219.1
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Mihir.AspNetCore.Authentication.Basic", "Mihir.AspNetCore.Authentication.Basic\Mihir.AspNetCore.Authentication.Basic.csproj", "{F8FEFB06-9F93-4F50-8530-80F5C0A677FC}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Mihir.AspNetCore.Authentication.Basic", "Mihir.AspNetCore.Authentication.Basic\Mihir.AspNetCore.Authentication.Basic.csproj", "{F8FEFB06-9F93-4F50-8530-80F5C0A677FC}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{C704A959-E8CB-4F13-9212-D830FCEDBAEC}"
+	ProjectSection(SolutionItems) = preProject
+		LICENSE.txt = LICENSE.txt
+		README.md = README.md
+	EndProjectSection
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution

Mihir.AspNetCore.Authentication.Basic.sln

@@ -1,8 +1,16 @@
-namespace Mihir.AspNetCore.Authentication.Basic
+// Copyright (c) Mihir Dilip. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+namespace Mihir.AspNetCore.Authentication.Basic
 {
+	/// <summary>
+	/// Default values used by basic authentication.
+	/// </summary>
 	public static class BasicDefaults
 	{
+		/// <summary>
+		/// Default value for AuthenticationScheme 
+		/// </summary>
 		public const string AuthenticationScheme = "Basic";
-		public const string DisplayName = "Basic";
 	}
 }

Mihir.AspNetCore.Authentication.Basic/BasicDefaults.cs

@@ -1,18 +1,34 @@
-using Microsoft.AspNetCore.Authentication;
+// Copyright (c) Mihir Dilip. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using Microsoft.AspNetCore.Authentication;
 using System;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Options;
 
 namespace Mihir.AspNetCore.Authentication.Basic
 {
+	/// <summary>
+	/// Extension methods for basic authentication.
+	/// </summary>
 	public static class BasicExtensions
 	{
+		/// <summary>
+		/// Adds basic authentication scheme to the project. It takes a implementation of <see cref="IBasicUserValidationService"/> as type parameter.
+		/// </summary>
+		/// <typeparam name="TBasicUserValidationService"></typeparam>
+		/// <param name="configureOptions">Sets the <see cref="BasicOptions"/>. Realm option property must be set.</param>
+		/// <returns>The instance of <see cref="AuthenticationBuilder"/></returns>
 		public static AuthenticationBuilder AddBasic<TBasicUserValidationService>(this AuthenticationBuilder builder, Action<BasicOptions> configureOptions)
 			where TBasicUserValidationService : class, IBasicUserValidationService
 		{
+			// Adds post configure options to the pipeline.
 			builder.Services.AddSingleton<IPostConfigureOptions<BasicOptions>, BasicPostConfigureOptions>();
+
+			// Adds implementation of IBasicUserValidationService to the dependency container.
 			builder.Services.AddTransient<IBasicUserValidationService, TBasicUserValidationService>();
 
+			// Adds basic authentication scheme to the pipeline.
 			return builder.AddScheme<BasicOptions, BasicHandler>(BasicDefaults.AuthenticationScheme, configureOptions);
 		}
 	}

Mihir.AspNetCore.Authentication.Basic/BasicExtensions.cs

@@ -1,4 +1,7 @@
-using System;
+// Copyright (c) Mihir Dilip. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using System;
 using System.Net.Http.Headers;
 using System.Security.Claims;
 using System.Text;
@@ -11,6 +14,9 @@
 
 namespace Mihir.AspNetCore.Authentication.Basic
 {
+	/// <summary>
+	/// Inherited from <see cref="AuthenticationHandler{TOptions}"/> for basic authentication.
+	/// </summary>
 	public class BasicHandler : AuthenticationHandler<BasicOptions>
 	{
 		private readonly IBasicUserValidationService _basicUserValidationService;
@@ -21,26 +27,37 @@ public BasicHandler(IOptionsMonitor<BasicOptions> options, ILoggerFactory logger
 			_basicUserValidationService = basicUserValidationService;
 		}
 
+		private string Challenge => $"{BasicDefaults.AuthenticationScheme} realm=\"{Options.Realm}\", charset=\"UTF-8\"";
+
 		//protected new BasicEvents Events { get => (BasicEvents)base.Events; set => base.Events = value; }
 		//protected override Task<object> CreateEventsAsync() => Task.FromResult<object>(new BasicEvents());
 
+		/// <summary>
+		/// Searches the 'Authorization' header for 'Basic' scheme with base64 encoded username:password string value of which is validated using implementation of <see cref="IBasicUserValidationService"/> passed as type parameter when setting up basic authentication in the Startup.cs 
+		/// </summary>
+		/// <returns></returns>
 		protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
 		{
 			if (!Request.Headers.ContainsKey(HeaderNames.Authorization))
 			{
+				// No 'Authorization' header found in the request.
 				return AuthenticateResult.NoResult();
 			}
 
 			if (!AuthenticationHeaderValue.TryParse(Request.Headers[HeaderNames.Authorization], out var headerValue))
 			{
+				// No valid 'Authorization' header found in the request.
 				return AuthenticateResult.NoResult();
 			}
 
+			
 			if (!headerValue.Scheme.Equals(BasicDefaults.AuthenticationScheme, StringComparison.OrdinalIgnoreCase))
 			{
+				// 'Authorization' header found but the scheme is not a basic scheme.
 				return AuthenticateResult.NoResult();
 			}
 
+			// Convert the base64 encoded 'username:password' to normal string and parse username and password from colon(:) separated string.
 			var usernameAndPassword = Encoding.UTF8.GetString(Convert.FromBase64String(headerValue.Parameter));
 			var usernameAndPasswordSplit = usernameAndPassword.Split(':');
 			if (usernameAndPasswordSplit.Length != 2)
@@ -50,22 +67,32 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
 			var username = usernameAndPasswordSplit[0];
 			var password = usernameAndPasswordSplit[1];
 
+			// Validate username and password by using the implementation of IBasicUserValidationService.
 			var isValidUser = await _basicUserValidationService.IsValidAsync(username, password);
 			if (!isValidUser)
 			{
 				return AuthenticateResult.Fail("Invalid username or password");
 			}
 
+			// Create 'AuthenticationTicket' and return as success if the above validation was successful.
 			var claims = new[] { new Claim(ClaimTypes.Name, username) };
 			var identity = new ClaimsIdentity(claims, Scheme.Name);
 			var principal = new ClaimsPrincipal(identity);
 			var ticket = new AuthenticationTicket(principal, Scheme.Name);
 			return AuthenticateResult.Success(ticket);
 		}
 
+		/// <summary>
+		/// Handles the un-authenticated requests. 
+		/// Returns 401 status code in response.
+		/// Adds 'WWW-Authenticate' with 'Basic' authentication scheme and 'Realm' in the response header 
+		/// to let the client know that 'Basic' authentication scheme is being used by the system.
+		/// </summary>
+		/// <param name="properties"></param>
+		/// <returns></returns>
 		protected override async Task HandleChallengeAsync(AuthenticationProperties properties)
 		{
-			Response.Headers[HeaderNames.WWWAuthenticate] = Options.Challenge;
+			Response.Headers[HeaderNames.WWWAuthenticate] = Challenge;
 			await base.HandleChallengeAsync(properties);
 		}
 	}

Mihir.AspNetCore.Authentication.Basic/BasicHandler.cs

@@ -1,13 +1,20 @@
-using Microsoft.AspNetCore.Authentication;
+// Copyright (c) Mihir Dilip. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using Microsoft.AspNetCore.Authentication;
 
 namespace Mihir.AspNetCore.Authentication.Basic
 {
+	/// <summary>
+	/// Inherited from <see cref="AuthenticationSchemeOptions"/> to allow extra option properties for 'Basic' authentication.
+	/// </summary>
 	public class BasicOptions : AuthenticationSchemeOptions
 	{
+		/// <summary>
+		/// This is required property. It is used when challenging un-authenticated requests.
+		/// </summary>
 		public string Realm { get; set; }
 
-		public string Challenge => $"{BasicDefaults.AuthenticationScheme} realm=\"{Realm}\", charset=\"UTF-8\"";
-
 		//public new BasicEvents Events
 		//{
 		//	get => (BasicEvents)base.Events;

Mihir.AspNetCore.Authentication.Basic/BasicOptions.cs

@@ -1,8 +1,14 @@
-using System;
+// Copyright (c) Mihir Dilip. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using System;
 using Microsoft.Extensions.Options;
 
 namespace Mihir.AspNetCore.Authentication.Basic
 {
+	/// <summary>
+	/// This post configure options checks whether the required option property <see cref="BasicOptions.Realm" /> is set or not on <see cref="BasicOptions"/>.
+	/// </summary>
 	class BasicPostConfigureOptions : IPostConfigureOptions<BasicOptions>
 	{
 		public void PostConfigure(string name, BasicOptions options)

Mihir.AspNetCore.Authentication.Basic/BasicPostConfigureOptions.cs

@@ -1,9 +1,21 @@
-using System.Threading.Tasks;
+// Copyright (c) Mihir Dilip. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+using System.Threading.Tasks;
 
 namespace Mihir.AspNetCore.Authentication.Basic
 {
+	/// <summary>
+	/// Implemention of this interface will be used by the 'Basic' authentication handler to validated the username and password.
+	/// </summary>
 	public interface IBasicUserValidationService
 	{
+		/// <summary>
+		/// Implementation of the username & password validation logic.
+		/// </summary>
+		/// <param name="username"></param>
+		/// <param name="password"></param>
+		/// <returns></returns>
 		Task<bool> IsValidAsync(string username, string password);
 	}
 }

Mihir.AspNetCore.Authentication.Basic/IBasicUserValidationService.cs

@@ -4,9 +4,19 @@
     <TargetFramework>netstandard2.0</TargetFramework>
     <Authors>Mihir Dilip</Authors>
     <Company>Mihir Dilip</Company>
-    <Description>Basic Scheme Authentication implementation for ASP.NET core</Description>
+    <Description>Basic Scheme Authentication Implementation for ASP.NET Core 2.0</Description>
     <RepositoryUrl>https://github.com/mihirdilip/Mihir.AspNetCore.Authentication.Basic</RepositoryUrl>
     <GeneratePackageOnBuild>true</GeneratePackageOnBuild>
+    <PackageProjectUrl>https://github.com/mihirdilip/Mihir.AspNetCore.Authentication.Basic</PackageProjectUrl>
+    <Version>1.0.1</Version>
+    <Copyright>Copyright (c) 2018 Mihir Dilip</Copyright>
+    <PackageLicenseUrl>https://github.com/mihirdilip/Mihir.AspNetCore.Authentication.Basic/blob/master/LICENSE.txt</PackageLicenseUrl>
+    <RepositoryType>GitHub</RepositoryType>
+    <PackageIconUrl />
+    <PackageTags>asp-net-core, aspnetcore, netstandard, netstandard20, basic-authentication, basicauthentication</PackageTags>
+    <NeutralLanguage />
+    <PackageRequireLicenseAcceptance>true</PackageRequireLicenseAcceptance>
+    <PackageReleaseNotes>- Challenge property moved from BasicOptions to BasicHandler</PackageReleaseNotes>
   </PropertyGroup>
 
   <ItemGroup>

Mihir.AspNetCore.Authentication.Basic/Mihir.AspNetCore.Authentication.Basic.csproj

@@ -89,4 +89,4 @@ public class BasicUserValidationService : IBasicUserValidationService
 - [RFC 7617: Technical spec for HTTP Basic](https://tools.ietf.org/html/rfc7617)
 
 ## License
-[MIT License](LICENSE)
+[MIT License](LICENSE.txt)