Added asp.net.identity.owin nuget package

Sevomin.WebFrontend.Controllers/HomeController.cs

@@ -15,4 +15,4 @@ namespace Sevomin.WebFrontend.Controllers
         }
 			
     }
-}
+}

Sevomin.WebFrontend.Controllers/Sevomin.WebFrontend.Controllers.csproj

@@ -33,6 +33,27 @@
     <Reference Include="Microsoft.AspNet.Identity.Core">
       <HintPath>..\packages\Microsoft.AspNet.Identity.Core.1.0.0\lib\net45\Microsoft.AspNet.Identity.Core.dll</HintPath>
     </Reference>
+    <Reference Include="Microsoft.AspNet.Identity.Owin">
+      <HintPath>..\packages\Microsoft.AspNet.Identity.Owin.1.0.0\lib\net45\Microsoft.AspNet.Identity.Owin.dll</HintPath>
+    </Reference>
+    <Reference Include="Microsoft.Owin">
+      <HintPath>..\packages\Microsoft.Owin.2.0.2\lib\net45\Microsoft.Owin.dll</HintPath>
+    </Reference>
+    <Reference Include="Microsoft.Owin.Security">
+      <HintPath>..\packages\Microsoft.Owin.Security.2.0.2\lib\net45\Microsoft.Owin.Security.dll</HintPath>
+    </Reference>
+    <Reference Include="Microsoft.Owin.Security.Cookies">
+      <HintPath>..\packages\Microsoft.Owin.Security.Cookies.2.0.2\lib\net45\Microsoft.Owin.Security.Cookies.dll</HintPath>
+    </Reference>
+    <Reference Include="Microsoft.Owin.Security.OAuth">
+      <HintPath>..\packages\Microsoft.Owin.Security.OAuth.2.0.2\lib\net45\Microsoft.Owin.Security.OAuth.dll</HintPath>
+    </Reference>
+    <Reference Include="Newtonsoft.Json, Version=4.5.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
+      <HintPath>..\packages\Newtonsoft.Json.4.5.11\lib\net40\Newtonsoft.Json.dll</HintPath>
+    </Reference>
+    <Reference Include="Owin">
+      <HintPath>..\packages\Owin.1.0\lib\net40\Owin.dll</HintPath>
+    </Reference>
     <Reference Include="System" />
     <Reference Include="System.Core" />
     <Reference Include="System.Web.Mvc, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">

Sevomin.WebFrontend.Controllers/packages.config

@@ -1,4 +1,11 @@
 <?xml version="1.0" encoding="utf-8"?>
 <packages>
   <package id="Microsoft.AspNet.Identity.Core" version="1.0.0" targetFramework="net451" />
+  <package id="Microsoft.AspNet.Identity.Owin" version="1.0.0" targetFramework="net451" />
+  <package id="Microsoft.Owin" version="2.0.2" targetFramework="net451" />
+  <package id="Microsoft.Owin.Security" version="2.0.2" targetFramework="net451" />
+  <package id="Microsoft.Owin.Security.Cookies" version="2.0.2" targetFramework="net451" />
+  <package id="Microsoft.Owin.Security.OAuth" version="2.0.2" targetFramework="net451" />
+  <package id="Newtonsoft.Json" version="4.5.11" targetFramework="net451" />
+  <package id="Owin" version="1.0" targetFramework="net451" />
 </packages>

Sevomin.WebFrontend/Web.config

@@ -14,4 +14,24 @@
     <compilation debug="true" targetFramework="4.5.1" />
     <httpRuntime targetFramework="4.5.1" />
   </system.web>
+  <runtime>
+    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.Owin.Security.OAuth" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.2.0" newVersion="2.0.2.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.2.0" newVersion="2.0.2.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.Owin.Security" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.2.0" newVersion="2.0.2.0" />
+      </dependentAssembly>
+      <dependentAssembly>
+        <assemblyIdentity name="Microsoft.Owin.Security.Cookies" publicKeyToken="31bf3856ad364e35" culture="neutral" />
+        <bindingRedirect oldVersion="0.0.0.0-2.0.2.0" newVersion="2.0.2.0" />
+      </dependentAssembly>
+    </assemblyBinding>
+  </runtime>
 </configuration>

packages/Microsoft.AspNet.Identity.Owin.1.0.0/Microsoft.AspNet.Identity.Owin.1.0.0.nuspec

@@ -0,0 +1,24 @@
+<?xml version="1.0"?>
+<package xmlns="http://schemas.microsoft.com/packaging/2011/08/nuspec.xsd">
+  <metadata>
+    <id>Microsoft.AspNet.Identity.Owin</id>
+    <version>1.0.0</version>
+    <title>Microsoft ASP.NET Identity Owin</title>
+    <authors>Microsoft</authors>
+    <owners>Microsoft</owners>
+    <licenseUrl>http://www.microsoft.com/web/webpi/eula/aspnetcomponent_rtw_ENU.htm</licenseUrl>
+    <requireLicenseAcceptance>true</requireLicenseAcceptance>
+    <description>Owin implementation for ASP.NET Identity.</description>
+    <summary>Owin implementation for ASP.NET Identity.</summary>
+    <releaseNotes />
+    <copyright>© Microsoft Corporation. All rights reserved.</copyright>
+    <language />
+    <tags>Identity Membership</tags>
+    <dependencies>
+      <dependency id="Microsoft.AspNet.Identity.Core" version="1.0.0" />
+      <dependency id="Microsoft.Owin.Security" version="2.0.0" />
+      <dependency id="Microsoft.Owin.Security.Cookies" version="2.0.0" />
+      <dependency id="Microsoft.Owin.Security.OAuth" version="2.0.0" />
+    </dependencies>
+  </metadata>
+</package>

packages/Microsoft.AspNet.Identity.Owin.1.0.0/lib/net45/Microsoft.AspNet.Identity.Owin.xml

@@ -0,0 +1,198 @@
+<?xml version="1.0" encoding="utf-8"?>
+<doc>
+  <assembly>
+    <name>Microsoft.AspNet.Identity.Owin</name>
+  </assembly>
+  <members>
+    <member name="T:Microsoft.AspNet.Identity.IdentityExtensions">
+      <summary>Extensions making it easier to get the user name/user id claims off of an identity.</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.IdentityExtensions.FindFirstValue(System.Security.Claims.ClaimsIdentity,System.String)">
+      <summary>Return the claim value for the first claim with the specified type if it exists, null otherwise.</summary>
+      <returns>Returns <see cref="T:System.String" />.</returns>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.IdentityExtensions.GetUserId(System.Security.Principal.IIdentity)">
+      <summary>Return the user id using the UserIdClaimType.</summary>
+      <returns>Returns <see cref="T:System.String" />.</returns>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.IdentityExtensions.GetUserName(System.Security.Principal.IIdentity)">
+      <summary>Return the user name using the UserNameClaimType.</summary>
+      <returns>Returns <see cref="T:System.String" />.</returns>
+    </member>
+    <member name="T:Microsoft.AspNet.Identity.Owin.AuthenticationIdentityManager">
+      <summary>Owin aware identity manager that adds sign in/sign out and claims functionality</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationIdentityManager.#ctor(Microsoft.AspNet.Identity.IdentitySettings,Microsoft.AspNet.Identity.IIdentityStore)">
+      <summary>Constructor</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationIdentityManager.#ctor(Microsoft.AspNet.Identity.IIdentityStore)">
+      <summary>Constructor that uses the default settings</summary>
+    </member>
+    <member name="P:Microsoft.AspNet.Identity.Owin.AuthenticationIdentityManager.Authentication">
+      <summary>Authentication APIs (SignIn, SignOut)</summary>
+    </member>
+    <member name="T:Microsoft.AspNet.Identity.Owin.AuthenticationManager">
+      <summary>Authentication APIs (SignIn/SignOut)</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.#ctor(Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions,Microsoft.AspNet.Identity.IdentityManager)">
+      <summary>Constructor</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.CheckPasswordAndSignInAsync(Microsoft.Owin.Security.IAuthenticationManager,System.String,System.String,System.Boolean,System.Threading.CancellationToken)">
+      <summary>Validates that the password matches and then signs the token in</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.ConfirmSignInTokenAsync(System.String,System.Threading.CancellationToken)">
+      <summary>If the token is found, allows the user to sign in</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.CreateAndSignInExternalUserAsync(Microsoft.Owin.Security.IAuthenticationManager,Microsoft.AspNet.Identity.IUser,System.Threading.CancellationToken)">
+      <summary>Create an external user and sign them in</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.CreateApplicationClaimsIdentity(System.Collections.Generic.IEnumerable{System.Security.Claims.Claim})">
+      <summary>Creates a claims identity with the ApplicationAuthenticaitonType, UserNameClaimType and ConfigRole type</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.GetExternalIdentityAsync(Microsoft.Owin.Security.IAuthenticationManager)">
+      <summary>Return the identity associated with the default external authentication type</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.GetUserIdentityClaimsAsync(System.String,System.Collections.Generic.IEnumerable{System.Security.Claims.Claim},System.Threading.CancellationToken)">
+      <summary>Return the claims for a token, which will contain the UserIdClaimType, UserNameClaimType, a claim representing each Role and any claims specified in the UserClaims</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.LinkExternalIdentityAsync(System.Security.Claims.ClaimsIdentity,System.String,System.Threading.CancellationToken)">
+      <summary>Try to link the given identity to the specified token</summary>
+    </member>
+    <member name="P:Microsoft.AspNet.Identity.Owin.AuthenticationManager.Manager">
+      <summary>IdentityManager for operations</summary>
+    </member>
+    <member name="P:Microsoft.AspNet.Identity.Owin.AuthenticationManager.Options">
+      <summary>Config</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.RequireTokenConfirmationForSignInAsync(System.String,System.String,System.DateTime,System.Threading.CancellationToken)">
+      <summary>Create a token for the specified user and disables sign in. ConfirmSignInTokenAsync will confirm this token and reenable sign in.</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.SignInAsync(Microsoft.Owin.Security.IAuthenticationManager,System.String,System.Collections.Generic.IEnumerable{System.Security.Claims.Claim},System.Boolean,System.Threading.CancellationToken)">
+      <summary>Signs in the active principal with a identity that contains claims set to the result of GetUserIdentityClaims and the specified claims</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.SignInExternalIdentityAsync(Microsoft.Owin.Security.IAuthenticationManager,System.Security.Claims.ClaimsIdentity,System.Threading.CancellationToken)">
+      <summary>Signs the identity in if the external identity is already linked</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.AuthenticationManager.UpdateUserDisableSignIn(System.String,System.Boolean,System.Threading.CancellationToken)">
+      <summary>Set the AllowSignIn flag for a user</summary>
+    </member>
+    <member name="T:Microsoft.AspNet.Identity.Owin.IAuthenticationManager">
+      <summary>Authentication APIs (SignIn/SignOut)</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManager.CheckPasswordAndSignInAsync(Microsoft.Owin.Security.IAuthenticationManager,System.String,System.String,System.Boolean,System.Threading.CancellationToken)">
+      <summary>Validates that the password matches and then signs the token in</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManager.ConfirmSignInTokenAsync(System.String,System.Threading.CancellationToken)">
+      <summary>If the token is found, allows the user to sign in</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManager.CreateAndSignInExternalUserAsync(Microsoft.Owin.Security.IAuthenticationManager,Microsoft.AspNet.Identity.IUser,System.Threading.CancellationToken)">
+      <summary>Create an external user and sign them in</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManager.CreateApplicationClaimsIdentity(System.Collections.Generic.IEnumerable{System.Security.Claims.Claim})">
+      <summary>Creates a claims identity with the ApplicationAuthenticaitonType, UserNameClaimType and ConfigRole type</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManager.GetExternalIdentityAsync(Microsoft.Owin.Security.IAuthenticationManager)">
+      <summary>Return the identity associated with the default external authentication type</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManager.GetUserIdentityClaimsAsync(System.String,System.Collections.Generic.IEnumerable{System.Security.Claims.Claim},System.Threading.CancellationToken)">
+      <summary>Return the claims for a token, which will contain the UserIdClaimType, UserNameClaimType, a claim representing each Role and any claims specified in the UserClaims</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManager.LinkExternalIdentityAsync(System.Security.Claims.ClaimsIdentity,System.String,System.Threading.CancellationToken)">
+      <summary>Try to link the given identity to the specified token</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManager.RequireTokenConfirmationForSignInAsync(System.String,System.String,System.DateTime,System.Threading.CancellationToken)">
+      <summary>Require a call to ConfirmSignInToken with the given token before this user can be signed in</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManager.SignInAsync(Microsoft.Owin.Security.IAuthenticationManager,System.String,System.Collections.Generic.IEnumerable{System.Security.Claims.Claim},System.Boolean,System.Threading.CancellationToken)">
+      <summary>Signs in the active principal with a identity that contains claims set to the result of GetUserIdentityClaims and the specified claims</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManager.SignInExternalIdentityAsync(Microsoft.Owin.Security.IAuthenticationManager,System.Security.Claims.ClaimsIdentity,System.Threading.CancellationToken)">
+      <summary>Signs the identity in if the external identity is already linked</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManager.UpdateUserDisableSignIn(System.String,System.Boolean,System.Threading.CancellationToken)">
+      <summary>Set the AllowSignIn flag for a user</summary>
+    </member>
+    <member name="T:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions">
+      <summary>Adds extensions methods related to SignIn using OWIN middleware and the IdentityManager to generate the appropriate user claims</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.CheckPasswordAndSignIn(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,Microsoft.Owin.Security.IAuthenticationManager,System.String,System.String,System.Boolean)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.CheckPasswordAndSignInAsync(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,Microsoft.Owin.Security.IAuthenticationManager,System.String,System.String,System.Boolean)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.ConfirmSignInToken(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,System.String)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.ConfirmSignInTokenAsync(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,System.String)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.CreateAndSignInExternalUser(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,Microsoft.Owin.Security.IAuthenticationManager,Microsoft.AspNet.Identity.IUser)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.CreateAndSignInExternalUserAsync(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,Microsoft.Owin.Security.IAuthenticationManager,Microsoft.AspNet.Identity.IUser)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.GetExternalIdentity(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,Microsoft.Owin.Security.IAuthenticationManager)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.LinkExternalIdentity(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,System.Security.Claims.ClaimsIdentity,System.String)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.LinkExternalIdentityAsync(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,System.Security.Claims.ClaimsIdentity,System.String)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.RequireTokenConfirmationForSignIn(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,System.String,System.String,System.DateTime)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.RequireTokenConfirmationForSignInAsync(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,System.String,System.String,System.DateTime)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.SignIn(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,Microsoft.Owin.Security.IAuthenticationManager,System.String,System.Boolean)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.SignIn(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,Microsoft.Owin.Security.IAuthenticationManager,System.String,System.Collections.Generic.IEnumerable{System.Security.Claims.Claim},System.Boolean)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.SignInAsync(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,Microsoft.Owin.Security.IAuthenticationManager,System.String,System.Boolean)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.SignInAsync(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,Microsoft.Owin.Security.IAuthenticationManager,System.String,System.Boolean,System.Threading.CancellationToken)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.SignInExternalIdentity(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,Microsoft.Owin.Security.IAuthenticationManager,System.Security.Claims.ClaimsIdentity)"></member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IAuthenticationManagerExtensions.SignInExternalIdentityAsync(Microsoft.AspNet.Identity.Owin.IAuthenticationManager,Microsoft.Owin.Security.IAuthenticationManager,System.Security.Claims.ClaimsIdentity)"></member>
+    <member name="T:Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions">
+      <summary>Configuration for the Identity system</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions.#ctor">
+      <summary>Default constructor which uses the built in default options</summary>
+    </member>
+    <member name="P:Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions.ApplicationAuthenticationType">
+      <summary>The AuthenticationType used in the UseSignInCookies extension method for the active signed in identity.</summary>
+    </member>
+    <member name="P:Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions.ClaimsIssuer">
+      <summary>Issuer used for the claims generated</summary>
+    </member>
+    <member name="P:Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions.ExternalAuthenticationType">
+      <summary>The AuthenticationType used by the UseSignInCookies extension method for the external signed in identity.</summary>
+    </member>
+    <member name="P:Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions.LoginPath">
+      <summary>Path to the login page in the app</summary>
+    </member>
+    <member name="P:Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions.LogoutPath">
+      <summary>Path to the logout page in the app</summary>
+    </member>
+    <member name="P:Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions.RoleClaimType">
+      <summary>Claim type used for role claims</summary>
+    </member>
+    <member name="P:Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions.UserIdClaimType">
+      <summary>Claim type used for the user id</summary>
+    </member>
+    <member name="P:Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions.UserNameClaimType">
+      <summary>Claim type used for the user name</summary>
+    </member>
+    <member name="T:Microsoft.AspNet.Identity.Owin.IdentitySettingsExtensions">
+      <summary>Represents the extensions used in identity settings.</summary>
+    </member>
+    <member name="M:Microsoft.AspNet.Identity.Owin.IdentitySettingsExtensions.GetAuthenticationOptions(Microsoft.AspNet.Identity.IdentitySettings)">
+      <summary>Returns the authentication options for the identity.</summary>
+      <returns>The authentication options for the identity.</returns>
+      <param name="settings">The identity settings.</param>
+    </member>
+    <member name="T:Microsoft.Owin.Security.AuthenticationManagerExtensions">
+      <summary>Extensions methods on IAuthenticationManager that add methods for using the default Application and External authentication type constants</summary>
+    </member>
+    <member name="M:Microsoft.Owin.Security.AuthenticationManagerExtensions.GetExternalAuthenticationTypes(Microsoft.Owin.Security.IAuthenticationManager)">
+      <summary>Return the authentication types which are considered external because they have captions</summary>
+    </member>
+    <member name="T:Owin.AppBuilderExtensions">
+      <summary>Extensions off of IAppBuilder to make it easier to configure the SignInCookies</summary>
+    </member>
+    <member name="M:Owin.AppBuilderExtensions.UseExternalSignInCookie(Owin.IAppBuilder)">
+      <summary>Configure the app to use owin middleware based cookie authentication for external identities</summary>
+    </member>
+    <member name="M:Owin.AppBuilderExtensions.UseExternalSignInCookie(Owin.IAppBuilder,System.String)">
+      <summary>Configure the app to use owin middleware based cookie authentication for external identities</summary>
+    </member>
+    <member name="M:Owin.AppBuilderExtensions.UseOAuthBearerTokens(Owin.IAppBuilder,Microsoft.Owin.Security.OAuth.OAuthAuthorizationServerOptions,System.String)">
+      <summary>Configure the app to use owin middleware based oauth bearer tokens</summary>
+    </member>
+    <member name="M:Owin.AppBuilderExtensions.UseSignInCookies(Owin.IAppBuilder)">
+      <summary>Use application and external sign in cookies for the app</summary>
+    </member>
+    <member name="M:Owin.AppBuilderExtensions.UseSignInCookies(Owin.IAppBuilder,Microsoft.AspNet.Identity.Owin.IdentityAuthenticationOptions)">
+      <summary>Configure the app to use owin middleware based cookie authentication for the active identity and external identities</summary>
+    </member>
+  </members>
+</doc>

packages/Microsoft.Owin.2.0.2/Microsoft.Owin.2.0.2.nuspec

@@ -0,0 +1,18 @@
+<?xml version="1.0"?>
+<package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
+  <metadata>
+    <id>Microsoft.Owin</id>
+    <version>2.0.2</version>
+    <title>Microsoft.Owin</title>
+    <authors>Microsoft</authors>
+    <owners>Microsoft</owners>
+    <licenseUrl>http://www.microsoft.com/web/webpi/eula/aspnetcomponent_rtw_enu.htm</licenseUrl>
+    <projectUrl>http://katanaproject.codeplex.com/</projectUrl>
+    <requireLicenseAcceptance>true</requireLicenseAcceptance>
+    <description>Provides a set of helper types and abstractions for simplifying the creation of OWIN components.</description>
+    <tags>Microsoft OWIN Katana</tags>
+    <dependencies>
+      <dependency id="Owin" version="1.0" />
+    </dependencies>
+  </metadata>
+</package>

packages/Microsoft.Owin.Security.2.0.2/Microsoft.Owin.Security.2.0.2.nuspec

@@ -0,0 +1,19 @@
+<?xml version="1.0"?>
+<package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
+  <metadata>
+    <id>Microsoft.Owin.Security</id>
+    <version>2.0.2</version>
+    <title>Microsoft.Owin.Security</title>
+    <authors>Microsoft</authors>
+    <owners>Microsoft</owners>
+    <licenseUrl>http://www.microsoft.com/web/webpi/eula/aspnetcomponent_rtw_enu.htm</licenseUrl>
+    <projectUrl>http://katanaproject.codeplex.com/</projectUrl>
+    <requireLicenseAcceptance>true</requireLicenseAcceptance>
+    <description>Common types which are shared by the various authentication middleware components.</description>
+    <tags>Microsoft OWIN Katana</tags>
+    <dependencies>
+      <dependency id="Owin" version="1.0" />
+      <dependency id="Microsoft.Owin" version="2.0.2" />
+    </dependencies>
+  </metadata>
+</package>

packages/Microsoft.Owin.Security.2.0.2/lib/net45/Microsoft.Owin.Security.XML

@@ -0,0 +1,435 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Microsoft.Owin.Security</name>
+    </assembly>
+    <members>
+        <member name="T:Microsoft.Owin.Security.AppBuilderSecurityExtensions">
+            <summary>
+            Provides extensions methods for app.Property values that are only needed by implementations of authentication middleware.
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.AppBuilderSecurityExtensions.GetDefaultSignInAsAuthenticationType(Owin.IAppBuilder)">
+            <summary>
+            Returns the previously set AuthenticationType that external sign in middleware should use when the
+            browser navigates back to their return url.
+            </summary>
+            <param name="app">App builder passed to the application startup code</param>
+            <returns></returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.AppBuilderSecurityExtensions.SetDefaultSignInAsAuthenticationType(Owin.IAppBuilder,System.String)">
+            <summary>
+            Called by middleware to change the name of the AuthenticationType that external middleware should use
+            when the browser navigates back to their return url.
+            </summary>
+            <param name="app">App builder passed to the application startup code</param>
+            <param name="authenticationType">AuthenticationType that external middleware should sign in as.</param>
+        </member>
+        <member name="T:Microsoft.Owin.Security.AuthenticationMode">
+            <summary>
+            Controls the behavior of authentication middleware
+            </summary>
+        </member>
+        <member name="F:Microsoft.Owin.Security.AuthenticationMode.Active">
+            <summary>
+            In Active mode the authentication middleware will alter the user identity as the request arrives, and
+            will also alter a plain 401 as the response leaves.
+            </summary>
+        </member>
+        <member name="F:Microsoft.Owin.Security.AuthenticationMode.Passive">
+            <summary>
+            In Passive mode the authentication middleware will only provide user identity when asked, and will only
+            alter 401 responses where the authentication type named in the extra challenge data.
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.AuthenticationOptions">
+            <summary>
+            Base Options for all authentication middleware
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.AuthenticationOptions.#ctor(System.String)">
+            <summary>
+            Initialize properties of AuthenticationOptions base class
+            </summary>
+            <param name="authenticationType">Assigned to the AuthenticationType property</param>
+        </member>
+        <member name="P:Microsoft.Owin.Security.AuthenticationOptions.AuthenticationType">
+            <summary>
+            The AuthenticationType in the options corresponds to the IIdentity AuthenticationType property. A different
+            value may be assigned in order to use the same authentication middleware type more than once in a pipeline.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.AuthenticationOptions.AuthenticationMode">
+            <summary>
+            If Active the authentication middleware alter the request user coming in and
+            alter 401 Unauthorized responses going out. If Passive the authentication middleware will only provide
+            identity and alter responses when explicitly indicated by the AuthenticationType.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.AuthenticationOptions.Description">
+            <summary>
+            Additional information about the authentication type which is made available to the application.
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Constants">
+            <summary>
+            String constants used only by the Security assembly
+            </summary>
+        </member>
+        <member name="F:Microsoft.Owin.Security.Constants.DefaultSignInAsAuthenticationType">
+            <summary>
+            Used by middleware extension methods to coordinate the default value Options property SignInAsAuthenticationType
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.DataProtection.IDataProtectionProvider">
+            <summary>
+            Factory used to create IDataProtection instances
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.DataProtection.IDataProtectionProvider.Create(System.String[])">
+            <summary>
+            Returns a new instance of IDataProtection for the provider.
+            </summary>
+            <param name="purposes">Additional entropy used to ensure protected data may only be unprotected for the correct purposes.</param>
+            <returns>An instance of a data protection service</returns>
+        </member>
+        <member name="T:Microsoft.Owin.Security.DataProtection.IDataProtector">
+            <summary>
+            Service used to protect and unprotect data
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.DataProtection.IDataProtector.Protect(System.Byte[])">
+            <summary>
+            Called to protect user data.
+            </summary>
+            <param name="userData">The original data that must be protected</param>
+            <returns>A different byte array that may be unprotected or altered only by software that has access to 
+            the an identical IDataProtection service.</returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.DataProtection.IDataProtector.Unprotect(System.Byte[])">
+            <summary>
+            Called to unprotect user data
+            </summary>
+            <param name="protectedData">The byte array returned by a call to Protect on an identical IDataProtection service.</param>
+            <returns>The byte array identical to the original userData passed to Protect.</returns>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Infrastructure.AuthenticationHandler`1">
+            <summary>
+            Base class for the per-request work performed by most authentication middleware.
+            </summary>
+            <typeparam name="TOptions">Specifies which type for of AuthenticationOptions property</typeparam>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Infrastructure.AuthenticationHandler">
+            <summary>
+            Base class for the per-request work performed by most authentication middleware.
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.TeardownAsync">
+            <summary>
+            Called once per request after Initialize and Invoke. 
+            </summary>
+            <returns>async completion</returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.InvokeAsync">
+            <summary>
+            Called once by common code after initialization. If an authentication middleware responds directly to
+            specifically known paths it must override this virtual, compare the request path to it's known paths, 
+            provide any response information as appropriate, and true to stop further processing.
+            </summary>
+            <returns>Returning false will cause the common code to call the next middleware in line. Returning true will
+            cause the common code to begin the async completion journey without calling the rest of the middleware
+            pipeline.</returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.AuthenticateAsync">
+            <summary>
+            Causes the authentication logic in AuthenticateCore to be performed for the current request 
+            at most once and returns the results. Calling Authenticate more than once will always return 
+            the original value. 
+            
+            This method should always be called instead of calling AuthenticateCore directly.
+            </summary>
+            <returns>The ticket data provided by the authentication logic</returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.AuthenticateCoreAsync">
+            <summary>
+            The core authentication logic which must be provided by the handler. Will be invoked at most
+            once per request. Do not call directly, call the wrapping Authenticate method instead.
+            </summary>
+            <returns>The ticket data provided by the authentication logic</returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.ApplyResponseAsync">
+            <summary>
+            Causes the ApplyResponseCore to be invoked at most once per request. This method will be
+            invoked either earlier, when the response headers are sent as a result of a response write or flush,
+            or later, as the last step when the original async call to the middleware is returning.
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.ApplyResponseCoreAsync">
+            <summary>
+            Core method that may be overridden by handler. The default behavior is to call two common response 
+            activities, one that deals with sign-in/sign-out concerns, and a second to deal with 401 challenges.
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.ApplyResponseGrantAsync">
+            <summary>
+            Override this method to dela with sign-in/sign-out concerns, if an authentication scheme in question
+            deals with grant/revoke as part of it's request flow. (like setting/deleting cookies)
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.ApplyResponseChallengeAsync">
+            <summary>
+            Override this method to dela with 401 challenge concerns, if an authentication scheme in question
+            deals an authentication interaction as part of it's request flow. (like adding a response header, or
+            changing the 401 result to 302 of a login page or external sign-in location.)
+            </summary>
+            <returns></returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.AuthenticationHandler`1.Initialize(`0,Microsoft.Owin.IOwinContext)">
+            <summary>
+            Initialize is called once per request to contextualize this instance with appropriate state.
+            </summary>
+            <param name="options">The original options passed by the application control behavior</param>
+            <param name="context">The utility object to observe the current request and response</param>
+            <returns>async completion</returns>
+        </member>
+        <member name="T:Microsoft.Owin.Security.ICertificateValidator">
+            <summary>
+            Interface for providing pinned certificate validation, which checks HTTPS 
+            communication against a known good list of certificates to protect against 
+            compromised or rogue CAs issuing certificates for hosts without the 
+            knowledge of the host owner.
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.ICertificateValidator.Validate(System.Object,System.Security.Cryptography.X509Certificates.X509Certificate,System.Security.Cryptography.X509Certificates.X509Chain,System.Net.Security.SslPolicyErrors)">
+            <summary>
+            Verifies the remote Secure Sockets Layer (SSL) certificate used for authentication.
+            </summary>
+            <param name="sender">An object that contains state information for this validation.</param>
+            <param name="certificate">The certificate used to authenticate the remote party.</param>
+            <param name="chain">The chain of certificate authorities associated with the remote certificate.</param>
+            <param name="sslPolicyErrors">One or more errors associated with the remote certificate.</param>
+            <returns>A Boolean value that determines whether the specified certificate is accepted for authentication.</returns>
+        </member>
+        <member name="T:Microsoft.Owin.Security.CertificateThumbprintValidator">
+            <summary>
+            Provides pinned certificate validation based on the certificate thumbprint.
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.CertificateThumbprintValidator.#ctor(System.Collections.Generic.IEnumerable{System.String})">
+            <summary>
+            Initializes a new instance of the <see cref="T:Microsoft.Owin.Security.CertificateThumbprintValidator"/> class.
+            </summary>
+            <param name="validThumbprints">A set of thumbprints which are valid for an HTTPS request.</param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.CertificateThumbprintValidator.Validate(System.Object,System.Security.Cryptography.X509Certificates.X509Certificate,System.Security.Cryptography.X509Certificates.X509Chain,System.Net.Security.SslPolicyErrors)">
+            <summary>
+            Validates that the certificate thumbprints in the signing chain match at least one whitelisted thumbprint.
+            </summary>
+            <param name="sender">An object that contains state information for this validation.</param>
+            <param name="certificate">The certificate used to authenticate the remote party.</param>
+            <param name="chain">The chain of certificate authorities associated with the remote certificate.</param>
+            <param name="sslPolicyErrors">One or more errors associated with the remote certificate.</param>
+            <returns>A Boolean value that determines whether the specified certificate is accepted for authentication.</returns>
+        </member>
+        <member name="T:Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider">
+            <summary>
+            Used to provide the data protection services that are derived from the Data Protection API. It is the best choice of
+            data protection when you application is not hosted by ASP.NET and all processes are running as the same domain identity. 
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider.#ctor">
+            <summary>
+            Initializes a new DpapiDataProtectionProvider with a random application
+            name. This is only useful to protect data for the duration of the
+            current application execution.
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider.#ctor(System.String)">
+            <summary>
+            Initializes a new DpapiDataProtectionProvider which uses the given
+            appName as part of the protection algorithm
+            </summary>
+            <param name="appName">A user provided value needed to round-trip secured
+            data. The default value comes from the IAppBuilder.Properties["owin.AppName"] 
+            when self-hosted.</param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider.Create(System.String[])">
+            <summary>
+            Returns a new instance of IDataProtection for the provider.
+            </summary>
+            <param name="purposes">Additional entropy used to ensure protected data may only be unprotected for the correct purposes.</param>
+            <returns>An instance of a data protection service</returns>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Infrastructure.SecurityHelper">
+            <summary>
+            Helper code used when implementing authentication middleware
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.SecurityHelper.#ctor(Microsoft.Owin.IOwinContext)">
+            <summary>
+            Helper code used when implementing authentication middleware
+            </summary>
+            <param name="request"></param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.SecurityHelper.AddUserIdentity(System.Security.Principal.IIdentity)">
+            <summary>
+            Add an additional ClaimsIdentity to the ClaimsPrincipal in the "server.User" environment key
+            </summary>
+            <param name="identity"></param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.SecurityHelper.LookupChallenge(System.String,Microsoft.Owin.Security.AuthenticationMode)">
+            <summary>
+            Find response challenge details for a specific authentication middleware
+            </summary>
+            <param name="authenticationType">The authentication type to look for</param>
+            <param name="authenticationMode">The authentication mode the middleware is running under</param>
+            <returns>The information instructing the middleware how it should behave</returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.SecurityHelper.LookupSignIn(System.String)">
+            <summary>
+            Find response sign-in details for a specific authentication middleware
+            </summary>
+            <param name="authenticationType">The authentication type to look for</param>
+            <returns>The information instructing the middleware how it should behave</returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Infrastructure.SecurityHelper.LookupSignOut(System.String,Microsoft.Owin.Security.AuthenticationMode)">
+            <summary>
+            Find response sign-out details for a specific authentication middleware
+            </summary>
+            <param name="authenticationType">The authentication type to look for</param>
+            <param name="authenticationMode">The authentication mode the middleware is running under</param>
+            <returns>The information instructing the middleware how it should behave</returns>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Provider.BaseContext`1">
+            <summary>
+            Base class used for certain event contexts
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Provider.EndpointContext`1">
+            <summary>
+            Base class used for certain event contexts
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Provider.EndpointContext`1.#ctor(Microsoft.Owin.IOwinContext,`0)">
+            <summary>
+            Creates an instance of this context
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Provider.EndpointContext`1.RequestCompleted">
+            <summary>
+            Prevents the request from being processed further by other components. 
+            IsRequestCompleted becomes true after calling.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Provider.EndpointContext`1.IsRequestCompleted">
+            <summary>
+            True if the request should not be processed further by other components.
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Resources">
+            <summary>
+              A strongly-typed resource class, for looking up localized strings, etc.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Resources.ResourceManager">
+            <summary>
+              Returns the cached ResourceManager instance used by this class.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Resources.Culture">
+            <summary>
+              Overrides the current thread's CurrentUICulture property for all
+              resource lookups using this strongly typed resource class.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Resources.Exception_AuthenticationTokenDoesNotProvideSyncMethods">
+            <summary>
+              Looks up a localized string similar to The AuthenticationTokenProvider&apos;s required synchronous events have not been registered..
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Resources.Exception_DefaultDpapiRequiresAppNameKey">
+            <summary>
+              Looks up a localized string similar to The default data protection provider may only be used when the IAppBuilder.Properties contains an appropriate &apos;host.AppName&apos; key..
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Resources.Exception_MissingDefaultSignInAsAuthenticationType">
+            <summary>
+              Looks up a localized string similar to A default value for SignInAsAuthenticationType was not found in IAppBuilder Properties. This can happen if your authentication middleware are added in the wrong order, or if one is missing..
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Resources.Exception_UnhookAuthenticationStateType">
+            <summary>
+              Looks up a localized string similar to The state passed to UnhookAuthentication may only be the return value from HookAuthentication..
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Resources.Warning_CookieNotFound">
+            <summary>
+              Looks up a localized string similar to {0} cookie not found..
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Resources.Warning_CookieStateMismatch">
+            <summary>
+              Looks up a localized string similar to {0} correlation cookie and state property mismatch..
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Resources.Warning_StateNotFound">
+            <summary>
+              Looks up a localized string similar to {0} state property not found..
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.CertificateSubjectKeyIdentifierValidator">
+            <summary>
+            Provides pinned certificate validation based on the subject key identifier of the certificate.
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.CertificateSubjectKeyIdentifierValidator.#ctor(System.Collections.Generic.IEnumerable{System.String})">
+            <summary>
+            Initializes a new instance of the <see cref="T:Microsoft.Owin.Security.CertificateSubjectKeyIdentifierValidator"/> class.
+            </summary>
+            <param name="validSubjectKeyIdentifiers">A set of subject key identifiers which are valid for an HTTPS request.</param>
+        </member>
+        <member name="T:Microsoft.Owin.Security.SubjectPublicKeyInfoAlgorithm">
+            <summary>
+            The algorithm used to generate the subject public key information blob hashes.
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.CertificateSubjectPublicKeyInfoValidator">
+            <summary>
+            Implements a cert pinning validator passed on 
+            http://datatracker.ietf.org/doc/draft-ietf-websec-key-pinning/?include_text=1
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.CertificateSubjectPublicKeyInfoValidator.#ctor(System.Collections.Generic.IEnumerable{System.String},Microsoft.Owin.Security.SubjectPublicKeyInfoAlgorithm)">
+            <summary>
+            Initializes a new instance of the <see cref="T:Microsoft.Owin.Security.CertificateSubjectPublicKeyInfoValidator"/> class.
+            </summary>
+            <param name="validBase64EncodedSubjectPublicKeyInfoHashes">A collection of valid base64 encoded hashes of the certificate public key information blob.</param>
+            <param name="algorithm">The algorithm used to generate the hashes.</param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.CertificateSubjectPublicKeyInfoValidator.Validate(System.Object,System.Security.Cryptography.X509Certificates.X509Certificate,System.Security.Cryptography.X509Certificates.X509Chain,System.Net.Security.SslPolicyErrors)">
+            <summary>
+            Validates at least one SPKI hash is known.
+            </summary>
+            <param name="sender">An object that contains state information for this validation.</param>
+            <param name="certificate">The certificate used to authenticate the remote party.</param>
+            <param name="chain">The chain of certificate authorities associated with the remote certificate.</param>
+            <param name="sslPolicyErrors">One or more errors associated with the remote certificate.</param>
+            <returns>A Boolean value that determines whether the specified certificate is accepted for authentication.</returns>
+        </member>
+        <member name="M:Microsoft.Win32.NativeMethods.CryptEncodeObject(System.UInt32,System.IntPtr,Microsoft.Win32.NativeMethods.CERT_PUBLIC_KEY_INFO@,System.Byte[],System.UInt32@)">
+            <summary>
+            Encodes a structure of the type indicated by the value of the lpszStructType parameter.
+            </summary>
+            <param name="dwCertEncodingType">Type of encoding used.</param>
+            <param name="lpszStructType">The high-order word is zero, the low-order word specifies the integer identifier for the type of the specified structure so
+            we can use the constants in http://msdn.microsoft.com/en-us/library/windows/desktop/aa378145%28v=vs.85%29.aspx</param>
+            <param name="pvStructInfo">A pointer to the structure to be encoded.</param>
+            <param name="pbEncoded">A pointer to a buffer to receive the encoded structure. This parameter can be NULL to retrieve the size of this information for memory allocation purposes.</param>
+            <param name="pcbEncoded">A pointer to a DWORD variable that contains the size, in bytes, of the buffer pointed to by the pbEncoded parameter.</param>
+            <returns></returns>
+        </member>
+    </members>
+</doc>

packages/Microsoft.Owin.Security.Cookies.2.0.2/Microsoft.Owin.Security.Cookies.2.0.2.nuspec

@@ -0,0 +1,20 @@
+<?xml version="1.0"?>
+<package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
+  <metadata>
+    <id>Microsoft.Owin.Security.Cookies</id>
+    <version>2.0.2</version>
+    <title>Microsoft.Owin.Security.Cookies</title>
+    <authors>Microsoft</authors>
+    <owners>Microsoft</owners>
+    <licenseUrl>http://www.microsoft.com/web/webpi/eula/aspnetcomponent_rtw_enu.htm</licenseUrl>
+    <projectUrl>http://katanaproject.codeplex.com/</projectUrl>
+    <requireLicenseAcceptance>true</requireLicenseAcceptance>
+    <description>Middleware that enables an application to use cookie based authentication, similar to ASP.NET's forms authentication.</description>
+    <tags>Microsoft OWIN Katana</tags>
+    <dependencies>
+      <dependency id="Owin" version="1.0" />
+      <dependency id="Microsoft.Owin" version="2.0.2" />
+      <dependency id="Microsoft.Owin.Security" version="2.0.2" />
+    </dependencies>
+  </metadata>
+</package>

packages/Microsoft.Owin.Security.Cookies.2.0.2/lib/net45/Microsoft.Owin.Security.Cookies.xml

@@ -0,0 +1,356 @@
+<?xml version="1.0"?>
+<doc>
+    <assembly>
+        <name>Microsoft.Owin.Security.Cookies</name>
+    </assembly>
+    <members>
+        <member name="T:Microsoft.Owin.Security.Cookies.CookieAuthenticationDefaults">
+            <summary>
+            Default values related to cookie-based authentication middleware
+            </summary>
+        </member>
+        <member name="F:Microsoft.Owin.Security.Cookies.CookieAuthenticationDefaults.AuthenticationType">
+            <summary>
+            The default value used for CookieAuthenticationOptions.AuthenticationType
+            </summary>
+        </member>
+        <member name="F:Microsoft.Owin.Security.Cookies.CookieAuthenticationDefaults.CookiePrefix">
+            <summary>
+            The prefix used to provide a default CookieAuthenticationOptions.CookieName
+            </summary>
+        </member>
+        <member name="F:Microsoft.Owin.Security.Cookies.CookieAuthenticationDefaults.ReturnUrlParameter">
+            <summary>
+            The default value of the CookieAuthenticationOptions.ReturnUrlParameter
+            </summary>
+        </member>
+        <member name="F:Microsoft.Owin.Security.Cookies.CookieAuthenticationDefaults.LoginPath">
+            <summary>
+            The default value used by UseApplicationSignInCookie for the
+            CookieAuthenticationOptions.LoginPath
+            </summary>
+        </member>
+        <member name="F:Microsoft.Owin.Security.Cookies.CookieAuthenticationDefaults.LogoutPath">
+            <summary>
+            The default value used by UseApplicationSignInCookie for the
+            CookieAuthenticationOptions.LogoutPath
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Cookies.CookieSecureOption">
+            <summary>
+            Determines how the identity cookie's security property is set.
+            </summary>
+        </member>
+        <member name="F:Microsoft.Owin.Security.Cookies.CookieSecureOption.SameAsRequest">
+            <summary>
+            If the URI that provides the cookie is HTTPS, then the cookie will only be returned to the server on 
+            subsequent HTTPS requests. Otherwise if the URI that provides the cookie is HTTP, then the cookie will 
+            be returned to the server on all HTTP and HTTPS requests. This is the default value because it ensures
+            HTTPS for all authenticated requests on deployed servers, and also supports HTTP for localhost development 
+            and for servers that do not have HTTPS support.
+            </summary>
+        </member>
+        <member name="F:Microsoft.Owin.Security.Cookies.CookieSecureOption.Never">
+            <summary>
+            CookieOptions.Secure is never marked true. Use this value when your login page is HTTPS, but other pages
+            on the site which are HTTP also require authentication information. This setting is not recommended because
+            the authentication information provided with an HTTP request may be observed and used by other computers
+            on your local network or wireless connection.
+            </summary>
+        </member>
+        <member name="F:Microsoft.Owin.Security.Cookies.CookieSecureOption.Always">
+            <summary>
+            CookieOptions.Secure is always marked true. Use this value when your login page and all subsequent pages
+            requiring the authenticated identity are HTTPS. Local development will also need to be done with HTTPS urls.
+            </summary>
+        </member>
+        <member name="T:Owin.CookieAuthenticationExtensions">
+            <summary>
+            Extension methods provided by the cookies authentication middleware
+            </summary>
+        </member>
+        <member name="M:Owin.CookieAuthenticationExtensions.UseCookieAuthentication(Owin.IAppBuilder,Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions)">
+            <summary>
+            Adds a cookie-based authentication middleware to your web application pipeline.
+            </summary>
+            <param name="app">The IAppBuilder passed to your configuration method</param>
+            <param name="options">An options class that controls the middleware behavior</param>
+            <returns>The original app parameter</returns>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions">
+            <summary>
+            Contains the options used by the CookiesAuthenticationMiddleware
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.#ctor">
+            <summary>
+            Create an instance of the options initialized with the default values
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.CookieName">
+            <summary>
+            Determines the cookie name used to persist the identity. The default value is ".AspNet.Cookies".
+            This value should be changed if you change the name of the AuthenticationType, especially if your
+            system uses the cookie authentication middleware multiple times.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.CookieDomain">
+            <summary>
+            Determines the domain used to create the cookie. Is not provided by default.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.CookiePath">
+            <summary>
+            Determines the path used to create the cookie. The default value is "/" for highest browser compatability.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.CookieHttpOnly">
+            <summary>
+            Determines if the browser should allow the cookie to be accessed by client-side javascript. The
+            default is true, which means the cookie will only be passed to http requests and is not made available
+            to script on the page.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.CookieSecure">
+            <summary>
+            Determines if the cookie should only be transmitted on HTTPS request. The default is to limit the cookie
+            to HTTPS requests if the page which is doing the SignIn is also HTTPS. If you have an HTTPS sign in page
+            and portions of your site are HTTP you may need to change this value.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.ExpireTimeSpan">
+            <summary>
+            Controls how much time the cookie will remain valid from the point it is created. The expiration
+            information is in the protected cookie ticket. Because of that an expired cookie will be ignored 
+            even if it is passed to the server after the browser should have purged it 
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.SlidingExpiration">
+            <summary>
+            The SlidingExpiration is set to true to instruct the middleware to re-issue a new cookie with a new
+            expiration time any time it processes a request which is more than halfway through the expiration window.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.LoginPath">
+            <summary>
+            The LoginPath property informs the middleware that it should change an outgoing 401 Unauthorized status
+            code into a 302 redirection onto the given login path. The current url which generated the 401 is added
+            to the LoginPath as a query string parameter named by the ReturnUrlParameter. Once a request to the
+            LoginPath grants a new SignIn identity, the ReturnUrlParameter value is used to redirect the browser back  
+            to the url which caused the original unauthorized status code.
+            
+            If the LoginPath is null or empty, the middleware will not look for 401 Unauthorized status codes, and it will
+            not redirect automatically when a login occurs.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.LogoutPath">
+            <summary>
+            If the LogoutPath is provided the middleware then a request to that path will redirect based on the ReturnUrlParameter.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.ReturnUrlParameter">
+            <summary>
+            The ReturnUrlParameter determines the name of the query string parameter which is appended by the middleware
+            when a 401 Unauthorized status code is changed to a 302 redirect onto the login path. This is also the query 
+            string parameter looked for when a request arrives on the login path or logout path, in order to return to the 
+            original url after the action is performed.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.Provider">
+            <summary>
+            The Provider may be assigned to an instance of an object created by the application at startup time. The middleware
+            calls methods on the provider which give the application control at certain points where processing is occuring. 
+            If it is not provided a default instance is supplied which does nothing when the methods are called.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.TicketDataFormat">
+            <summary>
+            The TicketDataFormat is used to protect and unprotect the identity and other properties which are stored in the
+            cookie value. If it is not provided a default data handler is created using the data protection service contained
+            in the IAppBuilder.Properties. The default data protection service is based on machine key when running on ASP.NET, 
+            and on DPAPI when running in a different process.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions.SystemClock">
+            <summary>
+            The SystemClock provides access to the system's current time coordinates. If it is not provided a default instance is
+            used which calls DateTimeOffset.UtcNow. This is typically not replaced except for unit testing. 
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Cookies.CookieApplyRedirectContext">
+            <summary>
+            Context passed when a Challenge, SignIn, or SignOut causes a redirect in the cookie middleware 
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieApplyRedirectContext.#ctor(Microsoft.Owin.IOwinContext,Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions,System.String)">
+            <summary>
+            Creates a new context object.
+            </summary>
+            <param name="context">The OWIN request context</param>
+            <param name="options">The cookie middleware options</param>
+            <param name="redirectUri">The initial redirect URI</param>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieApplyRedirectContext.RedirectUri">
+            <summary>
+            Gets or Sets the URI used for the redirect operation.
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Cookies.CookieAuthenticationProvider">
+            <summary>
+            This default implementation of the ICookieAuthenticationProvider may be used if the 
+            application only needs to override a few of the interface methods. This may be used as a base class
+            or may be instantiated directly.
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Cookies.ICookieAuthenticationProvider">
+            <summary>
+            Specifies callback methods which the <see cref="T:Microsoft.Owin.Security.Cookies.CookieAuthenticationMiddleware"></see> invokes to enable developer control over the authentication process. /&gt;
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.ICookieAuthenticationProvider.ValidateIdentity(Microsoft.Owin.Security.Cookies.CookieValidateIdentityContext)">
+            <summary>
+            Called each time a request identity has been validated by the middleware. By implementing this method the
+            application may alter or reject the identity which has arrived with the request.
+            </summary>
+            <param name="context">Contains information about the login session as well as the user <see cref="T:System.Security.Claims.ClaimsIdentity"/>.</param>
+            <returns>A <see cref="T:System.Threading.Tasks.Task"/> representing the completed operation.</returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.ICookieAuthenticationProvider.ResponseSignIn(Microsoft.Owin.Security.Cookies.CookieResponseSignInContext)">
+            <summary>
+            Called when an endpoint has provided sign in information before it is converted into a cookie. By
+            implementing this method the claims and extra information that go into the ticket may be altered.
+            </summary>
+            <param name="context">Contains information about the login session as well as the user <see cref="T:System.Security.Claims.ClaimsIdentity"/>.</param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.ICookieAuthenticationProvider.ApplyRedirect(Microsoft.Owin.Security.Cookies.CookieApplyRedirectContext)">
+            <summary>
+            Called when a Challenge, SignIn, or SignOut causes a redirect in the cookie middleware
+            </summary>
+            <param name="context">Contains information about the event</param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieAuthenticationProvider.#ctor">
+            <summary>
+            Create a new instance of the default provider.
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieAuthenticationProvider.ValidateIdentity(Microsoft.Owin.Security.Cookies.CookieValidateIdentityContext)">
+            <summary>
+            Implements the interface method by invoking the related delegate method
+            </summary>
+            <param name="context"></param>
+            <returns></returns>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieAuthenticationProvider.ResponseSignIn(Microsoft.Owin.Security.Cookies.CookieResponseSignInContext)">
+            <summary>
+            Implements the interface method by invoking the related delegate method
+            </summary>
+            <param name="context"></param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieAuthenticationProvider.ApplyRedirect(Microsoft.Owin.Security.Cookies.CookieApplyRedirectContext)">
+            <summary>
+            Called when a Challenge, SignIn, or SignOut causes a redirect in the cookie middleware
+            </summary>
+            <param name="context">Contains information about the event</param>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationProvider.OnValidateIdentity">
+            <summary>
+            A delegate assigned to this property will be invoked when the related method is called
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationProvider.OnResponseSignIn">
+            <summary>
+            A delegate assigned to this property will be invoked when the related method is called
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieAuthenticationProvider.OnApplyRedirect">
+            <summary>
+            A delegate assigned to this property will be invoked when the related method is called
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Cookies.CookieResponseSignInContext">
+            <summary>
+            Context object passed to the ICookieAuthenticationProvider method ResponseSignIn.
+            </summary>    
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieResponseSignInContext.#ctor(Microsoft.Owin.IOwinRequest,Microsoft.Owin.IOwinResponse,System.String,System.Security.Claims.ClaimsIdentity,Microsoft.Owin.Security.AuthenticationProperties)">
+            <summary>
+            Creates a new instance of the context object.
+            </summary>
+            <param name="request">Initializes Request property</param>
+            <param name="response">Initializes Response property</param>
+            <param name="authenticationType">Initializes AuthenticationType property</param>
+            <param name="identity">Initializes Identity property</param>
+            <param name="properties">Initializes Extra property</param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieResponseSignInContext.#ctor(Microsoft.Owin.IOwinContext,Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions,System.String,System.Security.Claims.ClaimsIdentity,Microsoft.Owin.Security.AuthenticationProperties)">
+            <summary>
+            Creates a new instance of the context object.
+            </summary>
+            <param name="context">The OWIN request context</param>
+            <param name="options">The middleware options</param>
+            <param name="authenticationType">Initializes AuthenticationType property</param>
+            <param name="identity">Initializes Identity property</param>
+            <param name="properties">Initializes Extra property</param>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieResponseSignInContext.AuthenticationType">
+            <summary>
+            The name of the AuthenticationType creating a cookie
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieResponseSignInContext.Identity">
+            <summary>
+            Contains the claims about to be converted into the outgoing cookie.
+            May be replaced or altered during the ResponseSignIn call.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieResponseSignInContext.Properties">
+            <summary>
+            Contains the extra data about to be contained in the outgoing cookie.
+            May be replaced or altered during the ResponseSignIn call.
+            </summary>
+        </member>
+        <member name="T:Microsoft.Owin.Security.Cookies.CookieValidateIdentityContext">
+            <summary>
+            Context object passed to the ICookieAuthenticationProvider method ValidateIdentity.
+            </summary>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieValidateIdentityContext.#ctor(Microsoft.Owin.Security.AuthenticationTicket)">
+            <summary>
+            Creates a new instance of the context object.
+            </summary>
+            <param name="ticket">Contains the initial values for identity and extra data</param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieValidateIdentityContext.#ctor(Microsoft.Owin.IOwinContext,Microsoft.Owin.Security.AuthenticationTicket,Microsoft.Owin.Security.Cookies.CookieAuthenticationOptions)">
+            <summary>
+            Creates a new instance of the context object.
+            </summary>
+            <param name="context"></param>
+            <param name="ticket">Contains the initial values for identity and extra data</param>
+            <param name="options"></param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieValidateIdentityContext.ReplaceIdentity(System.Security.Principal.IIdentity)">
+            <summary>
+            Called to replace the claims identity. The supplied identity will replace the value of the 
+            Identity property, which determines the identity of the authenticated request.
+            </summary>
+            <param name="identity">The identity used as the replacement</param>
+        </member>
+        <member name="M:Microsoft.Owin.Security.Cookies.CookieValidateIdentityContext.RejectIdentity">
+            <summary>
+            Called to reject the incoming identity. This may be done if the application has determined the
+            account is no longer active, and the request should be treated as if it was anonymous.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieValidateIdentityContext.Identity">
+            <summary>
+            Contains the claims identity arriving with the request. May be altered to change the 
+            details of the authenticated user.
+            </summary>
+        </member>
+        <member name="P:Microsoft.Owin.Security.Cookies.CookieValidateIdentityContext.Properties">
+            <summary>
+            Contains the extra metadata arriving with the request ticket. May be altered.
+            </summary>
+        </member>
+    </members>
+</doc>

packages/Microsoft.Owin.Security.OAuth.2.0.2/Microsoft.Owin.Security.OAuth.2.0.2.nuspec

@@ -0,0 +1,21 @@
+<?xml version="1.0"?>
+<package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
+  <metadata>
+    <id>Microsoft.Owin.Security.OAuth</id>
+    <version>2.0.2</version>
+    <title>Microsoft.Owin.Security.OAuth</title>
+    <authors>Microsoft</authors>
+    <owners>Microsoft</owners>
+    <licenseUrl>http://www.microsoft.com/web/webpi/eula/aspnetcomponent_rtw_enu.htm</licenseUrl>
+    <projectUrl>http://katanaproject.codeplex.com/</projectUrl>
+    <requireLicenseAcceptance>true</requireLicenseAcceptance>
+    <description>Middleware that enables an application to support any standard OAuth 2.0 authentication workflow.</description>
+    <tags>Microsoft OWIN Katana</tags>
+    <dependencies>
+      <dependency id="Owin" version="1.0" />
+      <dependency id="Microsoft.Owin" version="2.0.2" />
+      <dependency id="Newtonsoft.Json" version="4.5.11" />
+      <dependency id="Microsoft.Owin.Security" version="2.0.2" />
+    </dependencies>
+  </metadata>
+</package>

packages/Newtonsoft.Json.4.5.11/Newtonsoft.Json.4.5.11.nuspec

@@ -0,0 +1,16 @@
+<?xml version="1.0"?>
+<package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
+  <metadata>
+    <id>Newtonsoft.Json</id>
+    <version>4.5.11</version>
+    <title>Json.NET</title>
+    <authors>James Newton-King</authors>
+    <owners>James Newton-King</owners>
+    <licenseUrl>http://json.codeplex.com/license</licenseUrl>
+    <projectUrl>http://james.newtonking.com/projects/json-net.aspx</projectUrl>
+    <requireLicenseAcceptance>false</requireLicenseAcceptance>
+    <description>Json.NET is a popular high-performance JSON framework for .NET</description>
+    <language>en-US</language>
+    <tags>json</tags>
+  </metadata>
+</package>

packages/Owin.1.0/Owin.1.0.nuspec

@@ -0,0 +1,15 @@
+<?xml version="1.0"?>
+<package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
+  <metadata>
+    <id>Owin</id>
+    <version>1.0</version>
+    <title>OWIN</title>
+    <authors>OWIN startup components contributors</authors>
+    <owners>OWIN startup components contributors</owners>
+    <licenseUrl>https://github.com/owin-contrib/owin-hosting/blob/master/LICENSE.txt</licenseUrl>
+    <projectUrl>https://github.com/owin-contrib/owin-hosting/</projectUrl>
+    <requireLicenseAcceptance>false</requireLicenseAcceptance>
+    <description>OWIN IAppBuilder startup interface</description>
+    <tags>OWIN</tags>
+  </metadata>
+</package>