NuGet
diff --git a/‎NuGet.Server.sln‎
Lines changed: 71 additions & 0 deletions b/‎NuGet.Server.sln‎
Lines changed: 71 additions & 0 deletions
diff --git a/‎build.cmd‎
Lines changed: 4 additions & 0 deletions b/‎build.cmd‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎samples/NuGet.Server.V2.Samples.OwinHost/BasicAuthentication.cs‎
Lines changed: 102 additions & 0 deletions b/‎samples/NuGet.Server.V2.Samples.OwinHost/BasicAuthentication.cs‎
Lines changed: 102 additions & 0 deletions
diff --git a/‎samples/NuGet.Server.V2.Samples.OwinHost/Controllers/NuGetPrivateODataController.cs‎
Lines changed: 23 additions & 0 deletions b/‎samples/NuGet.Server.V2.Samples.OwinHost/Controllers/NuGetPrivateODataController.cs‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎samples/NuGet.Server.V2.Samples.OwinHost/Controllers/NuGetPublicODataController.cs‎
Lines changed: 21 additions & 0 deletions b/‎samples/NuGet.Server.V2.Samples.OwinHost/Controllers/NuGetPublicODataController.cs‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎samples/NuGet.Server.V2.Samples.OwinHost/Controllers/NuGetVeryPublicODataController.cs‎
Lines changed: 41 additions & 0 deletions b/‎samples/NuGet.Server.V2.Samples.OwinHost/Controllers/NuGetVeryPublicODataController.cs‎
Lines changed: 41 additions & 0 deletions
diff --git a/‎samples/NuGet.Server.V2.Samples.OwinHost/DictionarySettingsProvider.cs‎
Lines changed: 25 additions & 0 deletions b/‎samples/NuGet.Server.V2.Samples.OwinHost/DictionarySettingsProvider.cs‎
Lines changed: 25 additions & 0 deletions
@@ -22,6 +22,14 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{0F277539-E9D
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "NuGet.Server.Core.Tests", "test\NuGet.Server.Core.Tests\NuGet.Server.Core.Tests.csproj", "{FDE8DDFB-E01B-47FD-9945-0A151F3AE589}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "NuGet.Server.V2", "src\NuGet.Server.V2\NuGet.Server.V2.csproj", "{273E4575-4054-4578-9D14-8D4E640A365F}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "samples", "samples", "{D54BB20B-57E8-4D4F-BD9D-CF284CBFAB3B}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "NuGet.Server.V2.Samples.OwinHost", "samples\NuGet.Server.V2.Samples.OwinHost\NuGet.Server.V2.Samples.OwinHost.csproj", "{5CF9DB92-53DE-488E-82F9-4C3F867516B2}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "NuGet.Server.V2.Tests", "test\NuGet.Server.V2.Tests\NuGet.Server.V2.Tests.csproj", "{BE64E341-7D99-43D9-A0D2-A38E977B7D97}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Coverage|Any CPU = Coverage|Any CPU
@@ -116,6 +124,66 @@ Global
 		{FDE8DDFB-E01B-47FD-9945-0A151F3AE589}.Release|Any CPU.Build.0 = Release|Any CPU
 		{FDE8DDFB-E01B-47FD-9945-0A151F3AE589}.Release|Mixed Platforms.ActiveCfg = Release|Any CPU
 		{FDE8DDFB-E01B-47FD-9945-0A151F3AE589}.Release|Mixed Platforms.Build.0 = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Coverage|Any CPU.ActiveCfg = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Coverage|Any CPU.Build.0 = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Coverage|Mixed Platforms.ActiveCfg = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Coverage|Mixed Platforms.Build.0 = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Debug|Mixed Platforms.Build.0 = Debug|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Mono Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Mono Debug|Any CPU.Build.0 = Debug|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Mono Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Mono Debug|Mixed Platforms.Build.0 = Debug|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Mono Release|Any CPU.ActiveCfg = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Mono Release|Any CPU.Build.0 = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Mono Release|Mixed Platforms.ActiveCfg = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Mono Release|Mixed Platforms.Build.0 = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Release|Any CPU.Build.0 = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Release|Mixed Platforms.ActiveCfg = Release|Any CPU
+		{273E4575-4054-4578-9D14-8D4E640A365F}.Release|Mixed Platforms.Build.0 = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Coverage|Any CPU.ActiveCfg = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Coverage|Any CPU.Build.0 = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Coverage|Mixed Platforms.ActiveCfg = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Coverage|Mixed Platforms.Build.0 = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Debug|Mixed Platforms.Build.0 = Debug|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Mono Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Mono Debug|Any CPU.Build.0 = Debug|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Mono Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Mono Debug|Mixed Platforms.Build.0 = Debug|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Mono Release|Any CPU.ActiveCfg = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Mono Release|Any CPU.Build.0 = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Mono Release|Mixed Platforms.ActiveCfg = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Mono Release|Mixed Platforms.Build.0 = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Release|Any CPU.Build.0 = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Release|Mixed Platforms.ActiveCfg = Release|Any CPU
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2}.Release|Mixed Platforms.Build.0 = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Coverage|Any CPU.ActiveCfg = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Coverage|Any CPU.Build.0 = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Coverage|Mixed Platforms.ActiveCfg = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Coverage|Mixed Platforms.Build.0 = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Debug|Mixed Platforms.Build.0 = Debug|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Mono Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Mono Debug|Any CPU.Build.0 = Debug|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Mono Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Mono Debug|Mixed Platforms.Build.0 = Debug|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Mono Release|Any CPU.ActiveCfg = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Mono Release|Any CPU.Build.0 = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Mono Release|Mixed Platforms.ActiveCfg = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Mono Release|Mixed Platforms.Build.0 = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Release|Any CPU.Build.0 = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Release|Mixed Platforms.ActiveCfg = Release|Any CPU
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97}.Release|Mixed Platforms.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -125,5 +193,8 @@ Global
 		{92D18050-3867-4E39-B305-9F9870F66F5E} = {E7B39EAD-EA32-4011-845A-C949A336389A}
 		{1FE62F82-927A-4437-91F1-1A965E51682B} = {0F277539-E9D7-4A06-A731-D525D9AFCE54}
 		{FDE8DDFB-E01B-47FD-9945-0A151F3AE589} = {E7B39EAD-EA32-4011-845A-C949A336389A}
+		{273E4575-4054-4578-9D14-8D4E640A365F} = {0F277539-E9D7-4A06-A731-D525D9AFCE54}
+		{5CF9DB92-53DE-488E-82F9-4C3F867516B2} = {D54BB20B-57E8-4D4F-BD9D-CF284CBFAB3B}
+		{BE64E341-7D99-43D9-A0D2-A38E977B7D97} = {E7B39EAD-EA32-4011-845A-C949A336389A}
 	EndGlobalSection
 EndGlobal
@@ -34,6 +34,8 @@ call :ExecuteCmd packages\xunit.runner.console.2.1.0\tools\xunit.console.exe tes
 IF %ERRORLEVEL% NEQ 0 goto error
 call :ExecuteCmd packages\xunit.runner.console.2.1.0\tools\xunit.console.exe test\NuGet.Server.Tests\bin\%config%\NuGet.Server.Tests.dll
 IF %ERRORLEVEL% NEQ 0 goto error
+call :ExecuteCmd packages\xunit.runner.console.2.1.0\tools\xunit.console.exe test\NuGet.Server.V2.Tests\bin\%config%\NuGet.Server.V2.Tests.dll
+IF %ERRORLEVEL% NEQ 0 goto error
 
 
 REM Package
@@ -43,6 +45,8 @@ call :ExecuteCmd tools\nuget.exe pack "src\NuGet.Server.Core\NuGet.Server.Core.c
 IF %ERRORLEVEL% NEQ 0 goto error
 call :ExecuteCmd tools\nuget.exe pack "src\NuGet.Server\NuGet.Server.csproj" -symbols -o artifacts\packages -p Configuration=%config% %version%
 IF %ERRORLEVEL% NEQ 0 goto error
+call :ExecuteCmd tools\nuget.exe pack "src\NuGet.Server.V2\NuGet.Server.V2.csproj" -symbols -o artifacts\packages -p Configuration=%config% %version%
+IF %ERRORLEVEL% NEQ 0 goto error
 
 
 goto end
 
@@ -0,0 +1,102 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. 
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Claims;
+using System.Text;
+using System.Threading.Tasks;
+using Microsoft.Owin;
+
+namespace NuGet.Server.V2.Samples.OwinHost
+{
+    /// <summary>
+    /// Authenticates all users that supply a non-empty username and password.
+    /// All usernames that starts with 'admin' are assigned to the 'Admin' role.
+    /// For demonstratiion purposes only!
+    /// 
+    /// Modify this class or 
+    ///   - override ValidateUser method to provide a real username/password check.
+    ///   - override GetRolesForUser method to return roles based on usernames.
+    /// </summary>
+    public class BasicAuthentication : OwinMiddleware
+    {
+        public BasicAuthentication(OwinMiddleware next) :
+            base(next)
+        {
+
+        }
+
+        public override async Task Invoke(IOwinContext context)
+        {
+            var response = context.Response;
+            var request = context.Request;
+
+            response.OnSendingHeaders(state =>
+            {
+                var owinResponse = (OwinResponse)state;
+
+                if (owinResponse.StatusCode == 401)
+                {
+                    owinResponse.Headers.Add("WWW-Authenticate", new[] { "Basic" });
+                }
+            }, response);
+
+            var header = request.Headers["Authorization"];
+
+            if (!String.IsNullOrWhiteSpace(header))
+            {
+                var authHeader = System.Net.Http.Headers.AuthenticationHeaderValue.Parse(header);
+
+                if ("Basic".Equals(authHeader.Scheme, StringComparison.OrdinalIgnoreCase))
+                {
+                    var parameter = Encoding.UTF8.GetString(Convert.FromBase64String(authHeader.Parameter));
+
+                    var parts = parameter.Split(':');
+
+                    var username = parts[0];
+                    var password = parts[1];
+
+                    if(ValidateUser(username, password))
+                    {
+                        SetClaimsIdentity(request, username);
+                    }
+                }
+            }
+
+            await Next.Invoke(context);
+        }
+
+        protected virtual void SetClaimsIdentity(IOwinRequest request, string username)
+        {
+            var claims = new [] 
+            {
+                new Claim(ClaimTypes.Name, username)
+            }
+            .Concat(
+                GetRolesForUser(username).Select(r=>new Claim(ClaimTypes.Role, r))
+                );
+
+            var id = new ClaimsIdentity(claims, "Basic");
+            request.User = new ClaimsPrincipal(id);
+        }
+
+        protected virtual IEnumerable<string> GetRolesForUser(string username)
+        {
+            if (username.ToLower().StartsWith("admin"))
+                return new[] { "Admin" };
+
+            return Enumerable.Empty<string>();
+        }
+
+        protected virtual bool ValidateUser(string username, string password)
+        {
+            if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
+            {
+                return false;
+            }
+
+            return true;
+        }
+    }
+}
@@ -0,0 +1,23 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. 
+using System.Web.Http;
+using NuGet.Server.V2.Controllers;
+
+namespace NuGet.Server.V2.Samples.OwinHost.Controllers
+{
+    /// <summary>
+    /// Controller that exposes Program.NuGetPrivateRepository as NuGet OData feed
+    /// that allows read/download access for all authenticated users.
+    /// delete/upload is not allowed (no authenticationservice is passed to NuGetODataControllers constructor)
+    /// </summary>
+    [Authorize]
+    public class NuGetPrivateODataController : NuGetODataController
+    {
+        public NuGetPrivateODataController()
+            : base(Program.NuGetPrivateRepository)
+            // Replace line above with the one below to allow upload/delete for all authenticated users
+            // : base(Program.NuGetPrivateRepository, new ApiKeyPackageAuthenticationService(false, null))
+        {
+        }
+    }
+}
@@ -0,0 +1,21 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. 
+using NuGet.Server.Core.Infrastructure;
+using NuGet.Server.V2.Controllers;
+
+namespace NuGet.Server.V2.Samples.OwinHost.Controllers
+{
+    /// <summary>
+    /// Controller that exposes Program.NuGetPublicRepository as NuGet OData feed
+    /// that allows unauthenticated read/download access.
+    /// Delete/upload requires user supplied ApiKey to match Program.ApiKey.
+    /// </summary>
+    public class NuGetPublicODataController : NuGetODataController
+    {
+        public NuGetPublicODataController()
+            : base(Program.NuGetPublicRepository, new ApiKeyPackageAuthenticationService(true,Program.ApiKey))
+        {
+
+        }
+    }
+}
@@ -0,0 +1,41 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. 
+using NuGet.Server.Core.Infrastructure;
+using NuGet.Server.V2.Controllers;
+
+namespace NuGet.Server.V2.Samples.OwinHost.Controllers
+{
+    /// <summary>
+    /// Controller that exposes Program.NuGetPublicRepository as NuGet OData feed
+    /// that allows unauthenticated read/download access.
+    /// Delete/upload is allowed without authentication or apikey.
+    /// </summary>
+    public class NuGetVeryPublicODataController : NuGetODataController
+    {
+        static IPackageAuthenticationService CreateAuthenticationService()
+        {
+            //Allows write access without apikey
+            return new ApiKeyPackageAuthenticationService(false, null);
+        }
+
+        public NuGetVeryPublicODataController()
+            : base(Program.NuGetVeryPublicRepository, CreateAuthenticationService())
+        {           
+           
+        }
+
+        //Uncomment lines below to only allow delete for authorized users in Admin role
+        //[Authorize(Roles = "Admin")]
+        //public override Task<HttpResponseMessage> UploadPackage()
+        //{
+        //    return base.UploadPackage();
+        //}
+
+        //Uncomment lines below to only allow delete for authorized users in Admin role
+        //[Authorize(Roles = "Admin")]
+        //public override HttpResponseMessage DeletePackage(string id, string version)
+        //{
+        //    return base.DeletePackage(id, version);
+        //}
+    }
+}
@@ -0,0 +1,25 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. 
+using System.Collections.Generic;
+using NuGet.Server.Core.Infrastructure;
+
+namespace NuGet.Server.V2.Samples.OwinHost
+{
+    public class DictionarySettingsProvider : ISettingsProvider
+    {
+        readonly Dictionary<string, bool> _settings;
+
+        public DictionarySettingsProvider(Dictionary<string, bool> settings)
+        {
+            _settings = settings;
+        }
+
+
+        public bool GetBoolSetting(string key, bool defaultValue)
+        {
+            System.Diagnostics.Debug.WriteLine("getSetting: " + key);
+            return _settings.ContainsKey(key) ? _settings[key] : defaultValue;
+
+        }
+    }
+}