Microsoft.AspNetCore.Authentication.Cookies
Default values related to cookie-based authentication handler
The default value used for CookieAuthenticationOptions.AuthenticationScheme
The prefix used to provide a default CookieAuthenticationOptions.CookieName
The default value used by CookieAuthenticationMiddleware for the
CookieAuthenticationOptions.LoginPath
The default value used by CookieAuthenticationMiddleware for the
CookieAuthenticationOptions.LogoutPath
The default value used by CookieAuthenticationMiddleware for the
CookieAuthenticationOptions.AccessDeniedPath
The default value of the CookieAuthenticationOptions.ReturnUrlParameter
Allows subscribing to events raised during cookie authentication.
Invoked to validate the principal.
Invoked to check if the cookie should be renewed.
Invoked on signing in.
Invoked after sign in has completed.
Invoked on signing out.
Invoked when the client needs to be redirected to the sign in url.
Invoked when the client needs to be redirected to the access denied url.
Invoked when the client is to be redirected to logout.
Invoked when the client is to be redirected after logout.
Invoked to validate the principal.
The .
Invoked to check if the cookie should be renewed.
The .
Invoked during sign in.
The .
Invoked after sign in has completed.
The .
Invoked on sign out.
The .
Invoked when the client is being redirected to the log out url.
The .
Invoked when the client is being redirected to the log in url.
The .
Invoked when the client is being redirected after log out.
The .
Invoked when the client is being redirected to the access denied url.
The .
Implementation for the cookie-based authentication handler.
Initializes a new instance of .
Accessor to .
The .
The .
The .
Initializes a new instance of .
Accessor to .
The .
The .
The handler calls methods on the events which give the application control at certain points where processing is occurring.
If it is not provided a default instance is supplied which does nothing when the methods are called.
Creates a new instance of the events instance.
A new instance of the events instance.
Configuration options for .
Create an instance of the options initialized with the default values
Determines the settings used to create the cookie.
- The default value for cookie is .AspNetCore.Cookies.
This value should be changed if you change the name of the AuthenticationScheme, especially if your
system uses the cookie authentication handler multiple times.
- determines if the browser should allow the cookie to be attached to same-site or cross-site requests.
The default is Lax, which means the cookie is only allowed to be attached to cross-site requests using safe HTTP methods and same-site requests.
- determines if the browser should allow the cookie to be accessed by client-side JavaScript.
The default is true, which means the cookie will only be passed to HTTP requests and is not made available to JavaScript on the page.
- is currently ignored. Use to control lifetime of cookie authentication.
- defaults to .
If set this will be used by the CookieAuthenticationHandler for data protection.
The SlidingExpiration is set to true to instruct the handler to re-issue a new cookie with a new
expiration time any time it processes a request which is more than halfway through the expiration window.
The LoginPath property is used by the handler for the redirection target when handling ChallengeAsync.
The current url which is added to the LoginPath as a query string parameter named by the ReturnUrlParameter.
Once a request to the LoginPath grants a new SignIn identity, the ReturnUrlParameter value is used to redirect
the browser back to the original url.
If the LogoutPath is provided the handler then a request to that path will redirect based on the ReturnUrlParameter.
The AccessDeniedPath property is used by the handler for the redirection target when handling ForbidAsync.
The ReturnUrlParameter determines the name of the query string parameter which is appended by the handler
during a Challenge. This is also the query string parameter looked for when a request arrives on the login
path or logout path, in order to return to the original url after the action is performed.
The Provider may be assigned to an instance of an object created by the application at startup time. The handler
calls methods on the provider which give the application control at certain points where processing is occurring.
If it is not provided a default instance is supplied which does nothing when the methods are called.
The TicketDataFormat is used to protect and unprotect the identity and other properties which are stored in the
cookie value. If not provided one will be created using .
The component used to get cookies from the request or set them on the response.
ChunkingCookieManager will be used by default.
An optional container in which to store the identity across requests. When used, only a session identifier is sent
to the client. This can be used to mitigate potential problems with very large identities.
Controls how much time the authentication ticket stored in the cookie will remain valid from the point it is created.
The expiration information is stored in the protected cookie ticket. Because of that an expired cookie will be ignored
even if it is passed to the server after the browser should have purged it.
This is separate from the value of , which specifies
how long the browser will keep the cookie.
Context object passed to the ICookieAuthenticationEvents method SignedIn.
Creates a new instance of the context object.
The HTTP request context
The scheme data
Initializes Principal property
Initializes Properties property
The handler options
Context object passed to the .
Creates a new instance of the context object.
The HTTP request context
The scheme data
The handler options
Initializes Principal property
The authentication properties.
Initializes options for the authentication cookie.
The options for creating the outgoing cookie.
May be replace or altered during the SigningIn call.
Context object passed to the
The options for creating the outgoing cookie.
May be replace or altered during the SigningOut call.
Context object passed to the CookieAuthenticationEvents OnCheckSlidingExpiration method.
Creates a new instance of the context object.
Contains the initial values for identity and extra data
The amount of time that has elapsed since the cookie was issued or renewed.
The amount of time left until the cookie expires.
If true, the cookie will be renewed. The initial value will be true if the elapsed time
is greater than the remaining time (e.g. more than 50% expired).
Context object passed to the CookieAuthenticationEvents ValidatePrincipal method.
Creates a new instance of the context object.
Contains the initial values for identity and extra data
If true, the cookie will be renewed
Called to replace the claims principal. The supplied principal will replace the value of the
Principal property, which determines the identity of the authenticated request.
The used as the replacement
Called to reject the incoming principal. This may be done if the application has determined the
account is no longer active, and the request should be treated as if it was anonymous.
This is used by the CookieAuthenticationMiddleware to process request and response cookies.
It is abstracted from the normal cookie APIs to allow for complex operations like chunking.
Retrieve a cookie of the given name from the request.
Append the given cookie to the response.
Append a delete cookie to the response.
This provides an abstract storage mechanic to preserve identity information on the server
while only sending a simple identifier key to the client. This is most commonly used to mitigate
issues with serializing large identities into cookies.
Store the identity ticket and return the associated key.
The identity information to store.
The key that can be used to retrieve the identity later.
Store the identity ticket and return the associated key.
The identity information to store.
The used to propagate notifications that the operation should be canceled.
The key that can be used to retrieve the identity later.
Store the identity ticket and return the associated key.
The identity information to store.
The associated with the current request.
The used to propagate notifications that the operation should be canceled.
The key that can be used to retrieve the identity later.
Tells the store that the given identity should be updated.
Tells the store that the given identity should be updated.
The used to propagate notifications that the operation should be canceled.
Tells the store that the given identity should be updated.
The used to propagate notifications that the operation should be canceled.
Retrieves an identity from the store for the given key.
The key associated with the identity.
The identity associated with the given key, or null if not found.
Retrieves an identity from the store for the given key.
The key associated with the identity.
The used to propagate notifications that the operation should be canceled.
The identity associated with the given key, or null if not found.
Retrieves an identity from the store for the given key.
The key associated with the identity.
The associated with the current request.
The used to propagate notifications that the operation should be canceled.
The identity associated with the given key, or null if not found.
Remove the identity associated with the given key.
The key associated with the identity.
Remove the identity associated with the given key.
The key associated with the identity.
The used to propagate notifications that the operation should be canceled.
Remove the identity associated with the given key.
The key associated with the identity.
The associated with the current request.
The used to propagate notifications that the operation should be canceled.
Used to setup defaults for all .
Initializes a new instance of .
The .
Invoked to post configure a TOptions instance.
The name of the options instance being configured.
The options instance to configure.
This handles cookies that are limited by per cookie length. It breaks down long cookies for responses, and reassembles them
from requests.
The default maximum size of characters in a cookie to send back to the client.
Initializes a new instance of .
The maximum size of cookie to send back to the client. If a cookie exceeds this size it will be broken down into multiple
cookies. Set this value to null to disable this behavior. The default is 4050 characters, which is supported by all
common browsers.
Note that browsers may also have limits on the total size of all cookies per domain, and on the number of cookies per domain.
Throw if not all chunks of a cookie are available on a request for re-assembly.
Get the reassembled cookie. Non chunked cookies are returned normally.
Cookies with missing chunks just have their "chunks-XX" header returned.
The reassembled cookie, if any, or null.
Appends a new response cookie to the Set-Cookie header. If the cookie is larger than the given size limit
then it will be broken down into multiple cookies as follows:
Set-Cookie: CookieName=chunks-3; path=/
Set-Cookie: CookieNameC1=Segment1; path=/
Set-Cookie: CookieNameC2=Segment2; path=/
Set-Cookie: CookieNameC3=Segment3; path=/
Deletes the cookie with the given key by setting an expired state. If a matching chunked cookie exists on
the request, delete each chunk.
Extension methods to configure cookie authentication.
Adds cookie authentication to using the default scheme.
The default scheme is specified by .
Cookie authentication uses a HTTP cookie persisted in the client to perform authentication.
The .
A reference to after the operation has completed.
Adds cookie authentication to using the specified scheme.
Cookie authentication uses a HTTP cookie persisted in the client to perform authentication.
The .
The authentication scheme.
A reference to after the operation has completed.
Adds cookie authentication to using the default scheme.
The default scheme is specified by .
Cookie authentication uses a HTTP cookie persisted in the client to perform authentication.
The .
A delegate to configure .
A reference to after the operation has completed.
Adds cookie authentication to using the specified scheme.
Cookie authentication uses a HTTP cookie persisted in the client to perform authentication.
The .
The authentication scheme.
A delegate to configure .
A reference to after the operation has completed.
Adds cookie authentication to using the specified scheme.
Cookie authentication uses a HTTP cookie persisted in the client to perform authentication.
The .
The authentication scheme.
A display name for the authentication handler.
A delegate to configure .
A reference to after the operation has completed.