Move AuthZ policy types back into Policy and rejigger AddAuthorization

eng/ProjectReferences.props

@@ -35,6 +35,7 @@
     <ProjectReferenceProvider Include="Microsoft.AspNetCore.Http.Extensions" ProjectPath="$(RepoRoot)src\Http\Http.Extensions\src\Microsoft.AspNetCore.Http.Extensions.csproj" RefProjectPath="$(RepoRoot)src\Http\Http.Extensions\ref\Microsoft.AspNetCore.Http.Extensions.csproj" />
     <ProjectReferenceProvider Include="Microsoft.AspNetCore.Http.Features" ProjectPath="$(RepoRoot)src\Http\Http.Features\src\Microsoft.AspNetCore.Http.Features.csproj" RefProjectPath="$(RepoRoot)src\Http\Http.Features\ref\Microsoft.AspNetCore.Http.Features.csproj" />
     <ProjectReferenceProvider Include="Microsoft.AspNetCore.Http" ProjectPath="$(RepoRoot)src\Http\Http\src\Microsoft.AspNetCore.Http.csproj" RefProjectPath="$(RepoRoot)src\Http\Http\ref\Microsoft.AspNetCore.Http.csproj" />
+    <ProjectReferenceProvider Include="Microsoft.AspNetCore.Metadata" ProjectPath="$(RepoRoot)src\Http\Metadata\src\Microsoft.AspNetCore.Metadata.csproj" RefProjectPath="$(RepoRoot)src\Http\Metadata\ref\Microsoft.AspNetCore.Metadata.csproj" />
     <ProjectReferenceProvider Include="Microsoft.AspNetCore.Owin" ProjectPath="$(RepoRoot)src\Http\Owin\src\Microsoft.AspNetCore.Owin.csproj" RefProjectPath="$(RepoRoot)src\Http\Owin\ref\Microsoft.AspNetCore.Owin.csproj" />
     <ProjectReferenceProvider Include="Microsoft.AspNetCore.Routing.Abstractions" ProjectPath="$(RepoRoot)src\Http\Routing.Abstractions\src\Microsoft.AspNetCore.Routing.Abstractions.csproj" RefProjectPath="$(RepoRoot)src\Http\Routing.Abstractions\ref\Microsoft.AspNetCore.Routing.Abstractions.csproj" />
     <ProjectReferenceProvider Include="Microsoft.AspNetCore.Routing" ProjectPath="$(RepoRoot)src\Http\Routing\src\Microsoft.AspNetCore.Routing.csproj" RefProjectPath="$(RepoRoot)src\Http\Routing\ref\Microsoft.AspNetCore.Routing.csproj" />

eng/SharedFramework.Local.props

@@ -33,6 +33,7 @@
     <AspNetCoreAppReference Include="Microsoft.AspNetCore.Http.Abstractions" />
     <AspNetCoreAppReference Include="Microsoft.AspNetCore.Http.Extensions" />
     <AspNetCoreAppReference Include="Microsoft.AspNetCore.Http" />
+    <AspNetCoreAppReference Include="Microsoft.AspNetCore.Metadata" />
     <AspNetCoreAppReference Include="Microsoft.AspNetCore.Routing.Abstractions" />
     <AspNetCoreAppReference Include="Microsoft.AspNetCore.Routing" />
     <AspNetCoreAppReference Include="Microsoft.AspNetCore.WebUtilities" />

src/Http/Http.Abstractions/ref/Microsoft.AspNetCore.Http.Abstractions.netcoreapp3.0.cs

@@ -1,18 +1,6 @@
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
-namespace Microsoft.AspNetCore.Authorization
-{
-    public partial interface IAllowAnonymous
-    {
-    }
-    public partial interface IAuthorizeData
-    {
-        string AuthenticationSchemes { get; set; }
-        string Policy { get; set; }
-        string Roles { get; set; }
-    }
-}
 namespace Microsoft.AspNetCore.Builder
 {
     public abstract partial class EndpointBuilder

src/Http/Metadata/ref/Microsoft.AspNetCore.Metadata.csproj

@@ -0,0 +1,10 @@
+<!-- This file is automatically generated. -->
+<Project Sdk="Microsoft.NET.Sdk">
+  <PropertyGroup>
+    <TargetFrameworks>netstandard2.0</TargetFrameworks>
+  </PropertyGroup>
+  <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
+    <Compile Include="Microsoft.AspNetCore.Metadata.netstandard2.0.cs" />
+
+  </ItemGroup>
+</Project>

src/Http/Metadata/ref/Microsoft.AspNetCore.Metadata.netstandard2.0.cs

@@ -0,0 +1,15 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+namespace Microsoft.AspNetCore.Authorization
+{
+    public partial interface IAllowAnonymous
+    {
+    }
+    public partial interface IAuthorizeData
+    {
+        string AuthenticationSchemes { get; set; }
+        string Policy { get; set; }
+        string Roles { get; set; }
+    }
+}

src/Http/Metadata/src/Microsoft.AspNetCore.Metadata.csproj

@@ -0,0 +1,12 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <Description>ASP.NET Core metadata.</Description>
+    <TargetFramework>netstandard2.0</TargetFramework>
+    <IsAspNetCoreApp>true</IsAspNetCoreApp>
+    <NoWarn>$(NoWarn);CS1591</NoWarn>
+    <GenerateDocumentationFile>true</GenerateDocumentationFile>
+    <PackageTags>aspnetcore</PackageTags>
+  </PropertyGroup>
+
+</Project>

src/Http/Routing/ref/Microsoft.AspNetCore.Routing.csproj

@@ -5,6 +5,7 @@
   </PropertyGroup>
   <ItemGroup Condition="'$(TargetFramework)' == 'netcoreapp3.0'">
     <Compile Include="Microsoft.AspNetCore.Routing.netcoreapp3.0.cs" />
+    <Reference Include="Microsoft.AspNetCore.Authorization"  />
     <Reference Include="Microsoft.AspNetCore.Http.Extensions"  />
     <Reference Include="Microsoft.AspNetCore.Routing.Abstractions"  />
     <Reference Include="Microsoft.Extensions.HashCodeCombiner.Sources"  />

src/Http/Routing/src/Microsoft.AspNetCore.Routing.csproj

@@ -26,6 +26,7 @@ Microsoft.AspNetCore.Routing.RouteCollection</Description>
   </ItemGroup>
 
   <ItemGroup>
+    <Reference Include="Microsoft.AspNetCore.Authorization"  />
     <Reference Include="Microsoft.AspNetCore.Http.Extensions" />
     <Reference Include="Microsoft.AspNetCore.Routing.Abstractions" />
     <Reference Include="Microsoft.Extensions.HashCodeCombiner.Sources" />

src/Mvc/Mvc.Formatters.Json/src/Properties/AssemblyInfo.cs

@@ -5,4 +5,3 @@
 using Microsoft.AspNetCore.Mvc;
 
 [assembly: TypeForwardedTo(typeof(JsonResult))]
-

src/Security/Authorization/Core/ref/Microsoft.AspNetCore.Authorization.csproj

@@ -1,13 +1,11 @@
 <!-- This file is automatically generated. -->
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <TargetFrameworks>netcoreapp3.0</TargetFrameworks>
+    <TargetFrameworks>netstandard2.0</TargetFrameworks>
   </PropertyGroup>
-  <ItemGroup Condition="'$(TargetFramework)' == 'netcoreapp3.0'">
-    <Compile Include="Microsoft.AspNetCore.Authorization.netcoreapp3.0.cs" />
-    <Reference Include="Microsoft.AspNetCore.Authentication.Abstractions"  />
-    <Reference Include="Microsoft.AspNetCore.Http.Abstractions"  />
-    <Reference Include="Microsoft.AspNetCore.Routing"  />
+  <ItemGroup Condition="'$(TargetFramework)' == 'netstandard2.0'">
+    <Compile Include="Microsoft.AspNetCore.Authorization.netstandard2.0.cs" />
+    <Reference Include="Microsoft.AspNetCore.Metadata"  />
     <Reference Include="Microsoft.Extensions.Logging.Abstractions"  />
     <Reference Include="Microsoft.Extensions.Options"  />
   </ItemGroup>

src/Security/Authorization/Core/ref/Microsoft.AspNetCore.Authorization.netcoreapp3.0.cs → src/Security/Authorization/Core/ref/Microsoft.AspNetCore.Authorization.netstandard2.0.cs

@@ -42,12 +42,6 @@ protected AuthorizationHandler() { }
         public virtual System.Threading.Tasks.Task HandleAsync(Microsoft.AspNetCore.Authorization.AuthorizationHandlerContext context) { throw null; }
         protected abstract System.Threading.Tasks.Task HandleRequirementAsync(Microsoft.AspNetCore.Authorization.AuthorizationHandlerContext context, TRequirement requirement, TResource resource);
     }
-    public partial class AuthorizationMiddleware
-    {
-        public AuthorizationMiddleware(Microsoft.AspNetCore.Http.RequestDelegate next, Microsoft.AspNetCore.Authorization.IAuthorizationPolicyProvider policyProvider) { }
-        [System.Diagnostics.DebuggerStepThroughAttribute]
-        public System.Threading.Tasks.Task Invoke(Microsoft.AspNetCore.Http.HttpContext context) { throw null; }
-    }
     public partial class AuthorizationOptions
     {
         public AuthorizationOptions() { }
@@ -220,50 +214,11 @@ public RolesAuthorizationRequirement(System.Collections.Generic.IEnumerable<stri
         protected override System.Threading.Tasks.Task HandleRequirementAsync(Microsoft.AspNetCore.Authorization.AuthorizationHandlerContext context, Microsoft.AspNetCore.Authorization.Infrastructure.RolesAuthorizationRequirement requirement) { throw null; }
     }
 }
-namespace Microsoft.AspNetCore.Authorization.Policy
-{
-    public partial interface IPolicyEvaluator
-    {
-        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult> AuthenticateAsync(Microsoft.AspNetCore.Authorization.AuthorizationPolicy policy, Microsoft.AspNetCore.Http.HttpContext context);
-        System.Threading.Tasks.Task<Microsoft.AspNetCore.Authorization.Policy.PolicyAuthorizationResult> AuthorizeAsync(Microsoft.AspNetCore.Authorization.AuthorizationPolicy policy, Microsoft.AspNetCore.Authentication.AuthenticateResult authenticationResult, Microsoft.AspNetCore.Http.HttpContext context, object resource);
-    }
-    public partial class PolicyAuthorizationResult
-    {
-        internal PolicyAuthorizationResult() { }
-        public bool Challenged { [System.Runtime.CompilerServices.CompilerGeneratedAttribute]get { throw null; } }
-        public bool Forbidden { [System.Runtime.CompilerServices.CompilerGeneratedAttribute]get { throw null; } }
-        public bool Succeeded { [System.Runtime.CompilerServices.CompilerGeneratedAttribute]get { throw null; } }
-        public static Microsoft.AspNetCore.Authorization.Policy.PolicyAuthorizationResult Challenge() { throw null; }
-        public static Microsoft.AspNetCore.Authorization.Policy.PolicyAuthorizationResult Forbid() { throw null; }
-        public static Microsoft.AspNetCore.Authorization.Policy.PolicyAuthorizationResult Success() { throw null; }
-    }
-    public partial class PolicyEvaluator : Microsoft.AspNetCore.Authorization.Policy.IPolicyEvaluator
-    {
-        public PolicyEvaluator(Microsoft.AspNetCore.Authorization.IAuthorizationService authorization) { }
-        [System.Diagnostics.DebuggerStepThroughAttribute]
-        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authentication.AuthenticateResult> AuthenticateAsync(Microsoft.AspNetCore.Authorization.AuthorizationPolicy policy, Microsoft.AspNetCore.Http.HttpContext context) { throw null; }
-        [System.Diagnostics.DebuggerStepThroughAttribute]
-        public virtual System.Threading.Tasks.Task<Microsoft.AspNetCore.Authorization.Policy.PolicyAuthorizationResult> AuthorizeAsync(Microsoft.AspNetCore.Authorization.AuthorizationPolicy policy, Microsoft.AspNetCore.Authentication.AuthenticateResult authenticationResult, Microsoft.AspNetCore.Http.HttpContext context, object resource) { throw null; }
-    }
-}
-namespace Microsoft.AspNetCore.Builder
-{
-    public static partial class AuthorizationAppBuilderExtensions
-    {
-        public static Microsoft.AspNetCore.Builder.IApplicationBuilder UseAuthorization(this Microsoft.AspNetCore.Builder.IApplicationBuilder app) { throw null; }
-    }
-    public static partial class AuthorizationEndpointConventionBuilderExtensions
-    {
-        public static TBuilder RequireAuthorization<TBuilder>(this TBuilder builder) where TBuilder : Microsoft.AspNetCore.Builder.IEndpointConventionBuilder { throw null; }
-        public static TBuilder RequireAuthorization<TBuilder>(this TBuilder builder, params Microsoft.AspNetCore.Authorization.IAuthorizeData[] authorizeData) where TBuilder : Microsoft.AspNetCore.Builder.IEndpointConventionBuilder { throw null; }
-        public static TBuilder RequireAuthorization<TBuilder>(this TBuilder builder, params string[] policyNames) where TBuilder : Microsoft.AspNetCore.Builder.IEndpointConventionBuilder { throw null; }
-    }
-}
 namespace Microsoft.Extensions.DependencyInjection
 {
     public static partial class AuthorizationServiceCollectionExtensions
     {
-        public static Microsoft.Extensions.DependencyInjection.IServiceCollection AddAuthorization(this Microsoft.Extensions.DependencyInjection.IServiceCollection services) { throw null; }
-        public static Microsoft.Extensions.DependencyInjection.IServiceCollection AddAuthorization(this Microsoft.Extensions.DependencyInjection.IServiceCollection services, System.Action<Microsoft.AspNetCore.Authorization.AuthorizationOptions> configure) { throw null; }
+        public static Microsoft.Extensions.DependencyInjection.IServiceCollection AddAuthorizationCore(this Microsoft.Extensions.DependencyInjection.IServiceCollection services) { throw null; }
+        public static Microsoft.Extensions.DependencyInjection.IServiceCollection AddAuthorizationCore(this Microsoft.Extensions.DependencyInjection.IServiceCollection services, System.Action<Microsoft.AspNetCore.Authorization.AuthorizationOptions> configure) { throw null; }
     }
 }

src/Security/Authorization/Core/src/AuthorizationOptions.cs

@@ -29,10 +29,10 @@ public class AuthorizationOptions
 
         /// <summary>
         /// Gets or sets the fallback authorization policy used by <see cref="AuthorizationPolicy.CombineAsync(IAuthorizationPolicyProvider, IEnumerable{IAuthorizeData})"/>
-        /// when no IAuthorizeData have been provided. As a result, the <see cref="AuthorizationMiddleware"/> uses the fallback policy
+        /// when no IAuthorizeData have been provided. As a result, the AuthorizationMiddleware uses the fallback policy
         /// if there are no <see cref="IAuthorizeData"/> instances for a resource. If a resource has any <see cref="IAuthorizeData"/>
         /// then they are evaluated instead of the fallback policy. By default the fallback policy is null, and usually will have no 
-        /// effect unless you have the <see cref="AuthorizationMiddleware"/> middleware in your pipeline. It is not used in any way by the 
+        /// effect unless you have the AuthorizationMiddleware in your pipeline. It is not used in any way by the 
         /// default <see cref="IAuthorizationService"/>.
         /// </summary>
         public AuthorizationPolicy FallbackPolicy { get; set; }

src/Security/Authorization/Core/src/AuthorizationServiceCollectionExtensions.cs

@@ -4,7 +4,6 @@
 using System;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Authorization.Infrastructure;
-using Microsoft.AspNetCore.Authorization.Policy;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 
 namespace Microsoft.Extensions.DependencyInjection
@@ -19,7 +18,7 @@ public static class AuthorizationServiceCollectionExtensions
         /// </summary>
         /// <param name="services">The <see cref="IServiceCollection" /> to add services to.</param>
         /// <returns>The <see cref="IServiceCollection"/> so that additional calls can be chained.</returns>
-        public static IServiceCollection AddAuthorization(this IServiceCollection services)
+        public static IServiceCollection AddAuthorizationCore(this IServiceCollection services)
         {
             if (services == null)
             {
@@ -32,11 +31,6 @@ public static IServiceCollection AddAuthorization(this IServiceCollection servic
             services.TryAdd(ServiceDescriptor.Transient<IAuthorizationEvaluator, DefaultAuthorizationEvaluator>());
             services.TryAdd(ServiceDescriptor.Transient<IAuthorizationHandlerContextFactory, DefaultAuthorizationHandlerContextFactory>());
             services.TryAddEnumerable(ServiceDescriptor.Transient<IAuthorizationHandler, PassThroughAuthorizationHandler>());
-            services.TryAddSingleton<AuthorizationMarkerService>();
-
-            // Policy
-            services.TryAdd(ServiceDescriptor.Transient<IPolicyEvaluator, PolicyEvaluator>());
-
             return services;
         }
 
@@ -46,20 +40,19 @@ public static IServiceCollection AddAuthorization(this IServiceCollection servic
         /// <param name="services">The <see cref="IServiceCollection" /> to add services to.</param>
         /// <param name="configure">An action delegate to configure the provided <see cref="AuthorizationOptions"/>.</param>
         /// <returns>The <see cref="IServiceCollection"/> so that additional calls can be chained.</returns>
-        public static IServiceCollection AddAuthorization(this IServiceCollection services, Action<AuthorizationOptions> configure)
+        public static IServiceCollection AddAuthorizationCore(this IServiceCollection services, Action<AuthorizationOptions> configure)
         {
             if (services == null)
             {
                 throw new ArgumentNullException(nameof(services));
             }
 
-            if (configure == null)
+            if (configure != null)
             {
-                throw new ArgumentNullException(nameof(configure));
+                services.Configure(configure);
             }
 
-            services.Configure(configure);
-            return services.AddAuthorization();
+            return services.AddAuthorizationCore();
         }
     }
 }

src/Security/Authorization/Core/src/Microsoft.AspNetCore.Authorization.csproj

@@ -1,25 +1,19 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
     <Description>ASP.NET Core authorization classes.
 Commonly used types:
 Microsoft.AspNetCore.Authorization.AllowAnonymousAttribute
 Microsoft.AspNetCore.Authorization.AuthorizeAttribute</Description>
-    <TargetFramework>netcoreapp3.0</TargetFramework>
+    <TargetFramework>netstandard2.0</TargetFramework>
     <IsAspNetCoreApp>true</IsAspNetCoreApp>
     <NoWarn>$(NoWarn);CS1591</NoWarn>
     <GenerateDocumentationFile>true</GenerateDocumentationFile>
     <PackageTags>aspnetcore;authorization</PackageTags>
   </PropertyGroup>
 
   <ItemGroup>
-    <Compile Include="$(SharedSourceRoot)SecurityHelper\**\*.cs" />
-  </ItemGroup>
-
-  <ItemGroup>
-    <Reference Include="Microsoft.AspNetCore.Authentication.Abstractions" />
-    <Reference Include="Microsoft.AspNetCore.Http.Abstractions" />
-    <Reference Include="Microsoft.AspNetCore.Routing" />
+    <Reference Include="Microsoft.AspNetCore.Metadata" />
     <Reference Include="Microsoft.Extensions.Logging.Abstractions" />
     <Reference Include="Microsoft.Extensions.Options" />
   </ItemGroup>

src/Security/Authorization/Core/src/Properties/AssemblyInfo.cs

@@ -1,9 +1,10 @@
+
 // Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System.Runtime.CompilerServices;
 using Microsoft.AspNetCore.Authorization;
 
-// Microsoft.AspNetCore.Http.Abstractions
+// Microsoft.AspNetCore.Metadata
 [assembly: TypeForwardedTo(typeof(IAuthorizeData))]
 [assembly: TypeForwardedTo(typeof(IAllowAnonymous))]

src/Security/Authorization/Core/src/Resources.resx

@@ -126,7 +126,4 @@
   <data name="Exception_RoleRequirementEmpty" xml:space="preserve">
     <value>At least one role must be specified.</value>
   </data>
-  <data name="Exception_UnableToFindServices" xml:space="preserve">
-    <value>Unable to find the required services. Please add all the required services by calling '{0}.{1}' inside the call to '{2}' in the application startup code.</value>
-  </data>
 </root>

src/Security/Authorization/Policy/ref/Microsoft.AspNetCore.Authorization.Policy.csproj

@@ -6,5 +6,8 @@
   <ItemGroup Condition="'$(TargetFramework)' == 'netcoreapp3.0'">
     <Compile Include="Microsoft.AspNetCore.Authorization.Policy.netcoreapp3.0.cs" />
     <Reference Include="Microsoft.AspNetCore.Authorization"  />
+    <Reference Include="Microsoft.AspNetCore.Authentication.Abstractions"  />
+    <Reference Include="Microsoft.AspNetCore.Http.Abstractions"  />
+    <Reference Include="Microsoft.AspNetCore.Routing"  />
   </ItemGroup>
 </Project>