Remove unused ADAL dependency (#31484)

* Remove unused dependency

* Remove outdated AAD sample

AspNetCore.sln

@@ -1130,8 +1130,6 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "JwtBearerSample", "src\Secu
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "samples", "samples", "{E19E55A2-1562-47A7-8EA6-B51F2CA0CC4C}"
 EndProject
-Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "OpenIdConnect.AzureAdSample", "src\Security\Authentication\OpenIdConnect\samples\OpenIdConnect.AzureAdSample\OpenIdConnect.AzureAdSample.csproj", "{E3867FCF-70D3-40B0-BCF6-208D4D971666}"
-EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "OpenIdConnectSample", "src\Security\Authentication\OpenIdConnect\samples\OpenIdConnectSample\OpenIdConnectSample.csproj", "{F6B80862-7D74-4362-B5E2-AEBF116F2B19}"
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "WsFederation", "WsFederation", "{602CE06C-E973-401D-8877-90957E613646}"
@@ -5672,18 +5670,6 @@ Global
 		{88C2C45B-ED16-4B85-8498-E3F13679629D}.Release|x64.Build.0 = Release|Any CPU
 		{88C2C45B-ED16-4B85-8498-E3F13679629D}.Release|x86.ActiveCfg = Release|Any CPU
 		{88C2C45B-ED16-4B85-8498-E3F13679629D}.Release|x86.Build.0 = Release|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Debug|x64.ActiveCfg = Debug|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Debug|x64.Build.0 = Debug|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Debug|x86.ActiveCfg = Debug|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Debug|x86.Build.0 = Debug|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Release|Any CPU.Build.0 = Release|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Release|x64.ActiveCfg = Release|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Release|x64.Build.0 = Release|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Release|x86.ActiveCfg = Release|Any CPU
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666}.Release|x86.Build.0 = Release|Any CPU
 		{F6B80862-7D74-4362-B5E2-AEBF116F2B19}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{F6B80862-7D74-4362-B5E2-AEBF116F2B19}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{F6B80862-7D74-4362-B5E2-AEBF116F2B19}.Debug|x64.ActiveCfg = Debug|Any CPU
@@ -8268,7 +8254,6 @@ Global
 		{7FD32066-C831-4E29-978C-9A2215E85C67} = {2AB4FE8F-94FF-4C6E-B12F-9E40A9FAF9AB}
 		{88C2C45B-ED16-4B85-8498-E3F13679629D} = {7FD32066-C831-4E29-978C-9A2215E85C67}
 		{E19E55A2-1562-47A7-8EA6-B51F2CA0CC4C} = {99F9BBC5-46AE-40DC-A675-5E56ACA3C5C8}
-		{E3867FCF-70D3-40B0-BCF6-208D4D971666} = {E19E55A2-1562-47A7-8EA6-B51F2CA0CC4C}
 		{F6B80862-7D74-4362-B5E2-AEBF116F2B19} = {E19E55A2-1562-47A7-8EA6-B51F2CA0CC4C}
 		{602CE06C-E973-401D-8877-90957E613646} = {822D1519-77F0-484A-B9AB-F694C2CC25F1}
 		{BECDA951-C285-485D-BFE6-F770BC8C9EB2} = {602CE06C-E973-401D-8877-90957E613646}

eng/Dependencies.props

@@ -115,7 +115,6 @@ and are generated based on the last package release.
     <LatestPackageReference Include="Microsoft.EntityFrameworkCore" />
     <LatestPackageReference Include="Microsoft.Extensions.Caching.SqlServer" />
     <LatestPackageReference Include="Microsoft.Extensions.Caching.StackExchangeRedis" />
-    <LatestPackageReference Include="Microsoft.IdentityModel.Clients.ActiveDirectory" />
     <LatestPackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" />
     <LatestPackageReference Include="Microsoft.IdentityModel.Protocols.WsFederation" />
     <LatestPackageReference Include="Microsoft.Internal.AspNetCore.H2Spec.All" />

eng/Versions.props

@@ -195,7 +195,6 @@
     <MicrosoftCodeAnalysisCSharpWorkspacesVersion>3.8.0</MicrosoftCodeAnalysisCSharpWorkspacesVersion>
     <MicrosoftCodeAnalysisPublicApiAnalyzersVersion>3.3.0</MicrosoftCodeAnalysisPublicApiAnalyzersVersion>
     <MicrosoftCssParserVersion>1.0.0-20200708.1</MicrosoftCssParserVersion>
-    <MicrosoftIdentityModelClientsActiveDirectoryVersion>3.19.8</MicrosoftIdentityModelClientsActiveDirectoryVersion>
     <MicrosoftIdentityModelLoggingVersion>6.10.0</MicrosoftIdentityModelLoggingVersion>
     <MicrosoftIdentityModelProtocolsOpenIdConnectVersion>6.10.0</MicrosoftIdentityModelProtocolsOpenIdConnectVersion>
     <MicrosoftIdentityModelProtocolsWsFederationVersion>6.10.0</MicrosoftIdentityModelProtocolsWsFederationVersion>

src/Security/Authentication/OpenIdConnect/samples/OpenIdConnect.AzureAdSample/AuthPropertiesTokenCache.cs

@@ -1,97 +0,0 @@
-using System;
-using System.Security.Claims;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authentication.Cookies;
-using Microsoft.AspNetCore.Http;
-using Microsoft.IdentityModel.Clients.ActiveDirectory;
-
-namespace OpenIdConnect.AzureAdSample
-{
-    public class AuthPropertiesTokenCache : TokenCache
-    {
-        private const string TokenCacheKey = ".TokenCache";
-
-        private HttpContext _httpContext;
-        private ClaimsPrincipal _principal;
-        private AuthenticationProperties _authProperties;
-        private string _signInScheme;
-
-        private AuthPropertiesTokenCache(AuthenticationProperties authProperties) : base()
-        {
-            _authProperties = authProperties;
-            BeforeAccess = BeforeAccessNotificationWithProperties;
-            AfterAccess = AfterAccessNotificationWithProperties;
-            BeforeWrite = BeforeWriteNotification;
-        }
-
-        private AuthPropertiesTokenCache(HttpContext httpContext, string signInScheme) : base()
-        {
-            _httpContext = httpContext;
-            _signInScheme = signInScheme;
-            BeforeAccess = BeforeAccessNotificationWithContext;
-            AfterAccess = AfterAccessNotificationWithContext;
-            BeforeWrite = BeforeWriteNotification;
-        }
-
-        public static TokenCache ForCodeRedemption(AuthenticationProperties authProperties)
-        {
-            return new AuthPropertiesTokenCache(authProperties);
-        }
-
-        public static TokenCache ForApiCalls(HttpContext httpContext,
-            string signInScheme = CookieAuthenticationDefaults.AuthenticationScheme)
-        {
-            return new AuthPropertiesTokenCache(httpContext, signInScheme);
-        }
-
-        private void BeforeAccessNotificationWithProperties(TokenCacheNotificationArgs args)
-        {
-            string cachedTokensText;
-            if (_authProperties.Items.TryGetValue(TokenCacheKey, out cachedTokensText))
-            {
-                var cachedTokens = Convert.FromBase64String(cachedTokensText);
-                Deserialize(cachedTokens);
-            }
-        }
-
-        private void BeforeAccessNotificationWithContext(TokenCacheNotificationArgs args)
-        {
-            // Retrieve the auth session with the cached tokens
-            var result = _httpContext.AuthenticateAsync(_signInScheme).Result;
-            _authProperties = result.Ticket.Properties;
-            _principal = result.Ticket.Principal;
-
-            BeforeAccessNotificationWithProperties(args);
-        }
-
-        private void AfterAccessNotificationWithProperties(TokenCacheNotificationArgs args)
-        {
-            // if state changed
-            if (HasStateChanged)
-            {
-                var cachedTokens = Serialize();
-                var cachedTokensText = Convert.ToBase64String(cachedTokens);
-                _authProperties.Items[TokenCacheKey] = cachedTokensText;
-            }
-        }
-
-        private void AfterAccessNotificationWithContext(TokenCacheNotificationArgs args)
-        {
-            // if state changed
-            if (HasStateChanged)
-            {
-                AfterAccessNotificationWithProperties(args);
-
-                var cachedTokens = Serialize();
-                var cachedTokensText = Convert.ToBase64String(cachedTokens);
-                _authProperties.Items[TokenCacheKey] = cachedTokensText;
-                _httpContext.SignInAsync(_signInScheme, _principal, _authProperties).Wait();
-            }
-        }
-
-        private void BeforeWriteNotification(TokenCacheNotificationArgs args)
-        {
-            // if you want to ensure that no concurrent write take place, use this notification to place a lock on the entry
-        }
-    }
-}

src/Security/Authentication/OpenIdConnect/samples/OpenIdConnect.AzureAdSample/OpenIdConnect.AzureAdSample.csproj

@@ -1,16 +0,0 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
-
-  <PropertyGroup>
-    <TargetFrameworks>$(DefaultNetCoreTargetFramework)</TargetFrameworks>
-    <UserSecretsId>aspnet5-OpenIdConnectSample-20151210110318</UserSecretsId>
-    <AspNetCoreHostingModel>OutOfProcess</AspNetCoreHostingModel>
-  </PropertyGroup>
-
-  <ItemGroup>
-    <Reference Include="Microsoft.AspNetCore" />
-    <Reference Include="Microsoft.AspNetCore.Authentication.Cookies" />
-    <Reference Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" />
-    <Reference Include="Microsoft.IdentityModel.Clients.ActiveDirectory" />
-  </ItemGroup>
-
-</Project>

src/Security/Authentication/OpenIdConnect/samples/OpenIdConnect.AzureAdSample/Program.cs

@@ -1,22 +0,0 @@
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Hosting;
-using Microsoft.Extensions.Hosting;
-
-namespace OpenIdConnect.AzureAdSample
-{
-    public static class Program
-    {
-        public static Task Main(string[] args)
-        {
-            var host = Host.CreateDefaultBuilder(args)
-                .ConfigureWebHostDefaults(webHostBuilder =>
-                {
-                    webHostBuilder
-                        .UseStartup<Startup>();
-                })
-                .Build();
-
-            return host.RunAsync();
-        }
-    }
-}

src/Security/Authentication/OpenIdConnect/samples/OpenIdConnect.AzureAdSample/Properties/launchSettings.json

@@ -1,27 +0,0 @@
-{
-  "iisSettings": {
-    "windowsAuthentication": false,
-    "anonymousAuthentication": true,
-    "iisExpress": {
-      "applicationUrl": "https://localhost:44318/",
-      "sslPort": 44318
-    }
-  },
-  "profiles": {
-    "SocialSample": {
-      "commandName": "Project",
-      "launchBrowser": true,
-      "environmentVariables": {
-        "ASPNETCORE_ENVIRONMENT": "Development"
-      },
-      "applicationUrl": "https://localhost:44318/"
-    },
-    "IIS Express": {
-      "commandName": "IISExpress",
-      "launchBrowser": true,
-      "environmentVariables": {
-        "ASPNETCORE_ENVIRONMENT": "Development"
-      }
-    }
-  }
-}

src/Security/Authentication/OpenIdConnect/samples/OpenIdConnect.AzureAdSample/Readme.md

@@ -1,20 +0,0 @@
-# How to set up the sample locally
-
-## Set up [Azure Active Directory](https://azure.microsoft.com/en-us/documentation/services/active-directory/)
-
-1. Create your own Azure Active Directory (AD). Save the "tenent name".
-2. Add a new Application: in the Azure AD portal, select Application, and click Add in the drawer.
-3. Set the sign-on url to `http://localhost:42023`.
-4. Select the newly created Application, navigate to the Configure tab.
-5. Find and save the "Client Id"
-8. In the keys section add a new key. A key value will be generated. Save the value as "Client Secret"
-
-## Configure the local environment
-1. Set environment ASPNETCORE_ENVIRONMENT to DEVELOPMENT. ([Working with Multiple Environments](https://docs.asp.net/en/latest/fundamentals/environments.html))
-2. Set up user secrets:
-```
-dotnet user-secrets set oidc:clientid <Client Id>
-dotnet user-secrets set oidc:clientsecret <Client Secret>
-dotnet user-secrets set oidc:authority https://login.windows.net/<Tenent Name>.onmicrosoft.com
-```
-

src/Security/Authentication/OpenIdConnect/samples/OpenIdConnect.AzureAdSample/Startup.cs

@@ -1,193 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text.Encodings.Web;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authentication.Cookies;
-using Microsoft.AspNetCore.Authentication.OpenIdConnect;
-using Microsoft.AspNetCore.Builder;
-using Microsoft.AspNetCore.Hosting;
-using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Http.Extensions;
-using Microsoft.Extensions.Configuration;
-using Microsoft.Extensions.DependencyInjection;
-using Microsoft.IdentityModel.Clients.ActiveDirectory;
-using Microsoft.IdentityModel.Protocols.OpenIdConnect;
-
-namespace OpenIdConnect.AzureAdSample
-{
-    public class Startup
-    {
-        public Startup(IConfiguration config)
-        {
-            Configuration = config;
-        }
-
-        public IConfiguration Configuration { get; set; }
-
-        private string ClientId => Configuration["oidc:clientid"];
-        private string ClientSecret => Configuration["oidc:clientsecret"];
-        private string Authority => Configuration["oidc:authority"];
-        private string Resource => "https://graph.windows.net";
-
-        public void ConfigureServices(IServiceCollection services)
-        {
-            services.AddAuthentication(sharedOptions =>
-            {
-                sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
-                sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
-            })
-                .AddCookie()
-                .AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, "AAD", o =>
-            {
-                o.ClientId = ClientId;
-                o.ClientSecret = ClientSecret; // for code flow
-                o.Authority = Authority;
-                o.ResponseType = OpenIdConnectResponseType.CodeIdToken;
-                o.SignedOutRedirectUri = "/signed-out";
-                // GetClaimsFromUserInfoEndpoint = true,
-                o.Events = new OpenIdConnectEvents()
-                {
-                    OnAuthorizationCodeReceived = async context =>
-                    {
-                        var request = context.HttpContext.Request;
-                        var currentUri = UriHelper.BuildAbsolute(request.Scheme, request.Host, request.PathBase, request.Path);
-                        var credential = new ClientCredential(ClientId, ClientSecret);
-                        var authContext = new AuthenticationContext(Authority, AuthPropertiesTokenCache.ForCodeRedemption(context.Properties));
-
-                        var result = await authContext.AcquireTokenByAuthorizationCodeAsync(
-                            context.ProtocolMessage.Code, new Uri(currentUri), credential, Resource);
-
-                        context.HandleCodeRedemption(result.AccessToken, result.IdToken);
-                    }
-                };
-            });
-        }
-
-        public void Configure(IApplicationBuilder app)
-        {
-            app.UseDeveloperExceptionPage();
-
-            app.UseAuthentication();
-
-            app.Run(async context =>
-            {
-                if (context.Request.Path.Equals("/signin"))
-                {
-                    if (context.User.Identities.Any(identity => identity.IsAuthenticated))
-                    {
-                        // User has already signed in
-                        context.Response.Redirect("/");
-                        return;
-                    }
-
-                    await context.ChallengeAsync(new AuthenticationProperties { RedirectUri = "/" });
-                }
-                else if (context.Request.Path.Equals("/signout"))
-                {
-                    await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
-                    await WriteHtmlAsync(context.Response,
-                        async response =>
-                        {
-                            await response.WriteAsync($"<h1>Signed out locally: {HtmlEncode(context.User.Identity.Name)}</h1>");
-                            await response.WriteAsync("<a class=\"btn btn-primary\" href=\"/\">Sign In</a>");
-                        });
-                }
-                else if (context.Request.Path.Equals("/signout-remote"))
-                {
-                    await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
-                    await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme);
-                }
-                else if (context.Request.Path.Equals("/signed-out"))
-                {
-                    await WriteHtmlAsync(context.Response,
-                        async response =>
-                        {
-                            await response.WriteAsync($"<h1>You have been signed out.</h1>");
-                            await response.WriteAsync("<a class=\"btn btn-primary\" href=\"/signin\">Sign In</a>");
-                        });
-                }
-                else if (context.Request.Path.Equals("/remote-signedout"))
-                {
-                    await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
-                    await WriteHtmlAsync(context.Response,
-                        async response =>
-                        {
-                            await response.WriteAsync($"<h1>Signed out remotely: {HtmlEncode(context.User.Identity.Name)}</h1>");
-                            await response.WriteAsync("<a class=\"btn btn-primary\" href=\"/\">Sign In</a>");
-                        });
-                }
-                else
-                {
-                    if (!context.User.Identities.Any(identity => identity.IsAuthenticated))
-                    {
-                        await context.ChallengeAsync(new AuthenticationProperties { RedirectUri = "/" });
-                        return;
-                    }
-
-                    await WriteHtmlAsync(context.Response, async response =>
-                    {
-                        await response.WriteAsync($"<h1>Hello Authenticated User {HtmlEncode(context.User.Identity.Name)}</h1>");
-                        await response.WriteAsync("<a class=\"btn btn-default\" href=\"/signout\">Sign Out Locally</a>");
-                        await response.WriteAsync("<a class=\"btn btn-default\" href=\"/signout-remote\">Sign Out Remotely</a>");
-
-                        await response.WriteAsync("<h2>Claims:</h2>");
-                        await WriteTableHeader(response, new string[] { "Claim Type", "Value" }, context.User.Claims.Select(c => new string[] { c.Type, c.Value }));
-
-                        await response.WriteAsync("<h2>Tokens:</h2>");
-                        try
-                        {
-                            // Use ADAL to get the right token
-                            var authContext = new AuthenticationContext(Authority, AuthPropertiesTokenCache.ForApiCalls(context, CookieAuthenticationDefaults.AuthenticationScheme));
-                            var credential = new ClientCredential(ClientId, ClientSecret);
-                            string userObjectID = context.User.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
-                            var result = await authContext.AcquireTokenSilentAsync(Resource, credential, new UserIdentifier(userObjectID, UserIdentifierType.UniqueId));
-
-                            await response.WriteAsync($"<h3>access_token</h3><code>{HtmlEncode(result.AccessToken)}</code><br>");
-                        }
-                        catch (Exception ex)
-                        {
-                            await response.WriteAsync($"AcquireToken error: {ex.Message}");
-                        }
-                    });
-                }
-            });
-        }
-
-        private static async Task WriteHtmlAsync(HttpResponse response, Func<HttpResponse, Task> writeContent)
-        {
-            var bootstrap = "<link rel=\"stylesheet\" href=\"https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css\" integrity=\"sha384-HSMxcRTRxnN+Bdg0JdbxYKrThecOKuH5zCYotlSAcp1+c8xmyTe9GYg1l9a69psu\" crossorigin=\"anonymous\">";
-
-            response.ContentType = "text/html";
-            await response.WriteAsync($"<html><head>{bootstrap}</head><body><div class=\"container\">");
-            await writeContent(response);
-            await response.WriteAsync("</div></body></html>");
-        }
-
-        private static async Task WriteTableHeader(HttpResponse response, IEnumerable<string> columns, IEnumerable<IEnumerable<string>> data)
-        {
-            await response.WriteAsync("<table class=\"table table-condensed\">");
-            await response.WriteAsync("<tr>");
-            foreach (var column in columns)
-            {
-                await response.WriteAsync($"<th>{HtmlEncode(column)}</th>");
-            }
-            await response.WriteAsync("</tr>");
-            foreach (var row in data)
-            {
-                await response.WriteAsync("<tr>");
-                foreach (var column in row)
-                {
-                    await response.WriteAsync($"<td>{HtmlEncode(column)}</td>");
-                }
-                await response.WriteAsync("</tr>");
-            }
-            await response.WriteAsync("</table>");
-        }
-
-        private static string HtmlEncode(string content) =>
-            string.IsNullOrEmpty(content) ? string.Empty : HtmlEncoder.Default.Encode(content);
-    }
-}
-