Address API review feedback for what was IApiEndpointMetadata #63283
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- We've now added IDisableCookieRedirectMetadata, IAllowCookieRedirectMetadata and corresponding extension methods - We only added one attribute, [AllowCookieRedirect] for now, since [ApiController] adds IDisableCookieRedirectMetadata already - Add's an AppContext swithc to revert to the old behavior and ignore metadata called "Microsoft.AspNetCore.Authentication.Cookies.IgnoreRedirectMetadata"
halter73
requested review from
BrennanConroy,
a team and
captainsafia
as code owners
github-actions
bot
added
the
area-networking
There was a problem hiding this comment.
Pull Request Overview
This PR addresses API review feedback by replacing the previous IApiEndpointMetadata interface with more specific cookie redirect metadata interfaces. The changes introduce IDisableCookieRedirectMetadata and IAllowCookieRedirectMetadata to provide fine-grained control over cookie-based authentication redirect behavior, along with an AppContext switch for backward compatibility.
- Replaces
IApiEndpointMetadatawithIDisableCookieRedirectMetadatathroughout the codebase - Adds
IAllowCookieRedirectMetadatato override disable behavior when needed - Introduces
AllowCookieRedirectAttributeand extension methods for easy configuration - Adds AppContext switch "Microsoft.AspNetCore.Authentication.Cookies.IgnoreRedirectMetadata" to revert to old behavior
Reviewed Changes
Copilot reviewed 114 out of 114 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| src/Http/Http.Abstractions/src/Metadata/IApiEndpointMetadata.cs | Removed old interface |
| src/Http/Http.Abstractions/src/Metadata/IDisableCookieRedirectMetadata.cs | New interface for disabling cookie redirects |
| src/Http/Http.Abstractions/src/Metadata/IAllowCookieRedirectMetadata.cs | New interface for allowing cookie redirects |
| src/Security/Authentication/Cookies/src/CookieAuthenticationEvents.cs | Updated logic to use new metadata interfaces with AppContext switch |
| src/Http/Http.Extensions/src/CookieRedirectEndpointConventionBuilderExtensions.cs | New extension methods for configuring redirect behavior |
| src/Http/Http.Extensions/src/AllowCookieRedirectAttribute.cs | New attribute implementing IAllowCookieRedirectMetadata |
| Multiple test files | Updated test assertions to use new interface names |
| Multiple source files | Replaced ApiEndpointMetadata.Instance with DisableCookieRedirectMetadata.Instance |
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
src/Http/Http.Extensions/test/CookieRedirectEndpointConventionBuilderExtensionsTests.cs
Outdated
Show resolved
Hide resolved
BrennanConroy
approved these changes
Aug 15, 2025
halter73
commented
Aug 15, 2025
src/Http/Http.Extensions/test/CookieRedirectEndpointConventionBuilderExtensionsTests.cs
Outdated
Show resolved
Hide resolved
wtgodbe
added a commit
that referenced
this pull request
Aug 18, 2025
* Avoid race that can cause Kestrel's RequestAborted to not fire (#62385) * Send Keep-Alive Ping Immediately When Previous Ping Is Overdue (#63195) * Make new validations consistent with System.ComponentModel.DataAnnotations behavior (#63231) * Add support for type-level validation attributes, update validation ordering * Code review fix, test fix * Fix trimming annotation * Fix trimming annotation * Separate caches for property and type attributes * Fix typo Co-authored-by: Brennan <[email protected]> * Fix typo Co-authored-by: Brennan <[email protected]> * Fix and simplify the emitted code * Update src/Validation/test/Microsoft.Extensions.Validation.GeneratorTests/ValidationsGeneratorTestBase.cs --------- Co-authored-by: Brennan <[email protected]> Co-authored-by: Safia Abdalla <[email protected]> * Search for slnx files when setting solution-relative content root (#61305) * Address API review feedback for what was IApiEndpointMetadata (#63283) --------- Co-authored-by: Stephen Halter <[email protected]> Co-authored-by: Reagan Yuan <[email protected]> Co-authored-by: Ondřej Roztočil <[email protected]> Co-authored-by: Brennan <[email protected]> Co-authored-by: Safia Abdalla <[email protected]> Co-authored-by: Jacob Bundgaard <[email protected]>
1 task
3 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #62883