From 76cb7a38ae4a78bf47b42c928b427871f502cc78 Mon Sep 17 00:00:00 2001 From: Mihir Dilip Date: Fri, 7 Jan 2022 18:43:58 +0000 Subject: [PATCH] - net6.0 support added - Information log on handler is changed to Debug log when IgnoreAuthenticationIfAllowAnonymous is enabled - Readme updated - Copyright year updated on License --- LICENSE.txt | 2 +- README.md | 3 +- ...BasicSamplesClient.postman_collection.json | 127 ++++++++++++++ .../Controllers/ValuesController.cs | 34 ++++ samples/SampleWebApi_6_0/Program.cs | 157 ++++++++++++++++++ .../Properties/launchSettings.json | 21 +++ .../SampleWebApi_6_0/SampleWebApi_6_0.csproj | 18 ++ .../appsettings.Development.json | 8 + samples/SampleWebApi_6_0/appsettings.json | 9 + src/AspNetCore.Authentication.Basic.sln | 17 +- .../AspNetCore.Authentication.Basic.csproj | 17 +- .../BasicHandler.cs | 2 +- ...pNetCore.Authentication.Basic.Tests.csproj | 18 +- 13 files changed, 413 insertions(+), 20 deletions(-) create mode 100644 samples/BasicSamplesClient.postman_collection.json create mode 100644 samples/SampleWebApi_6_0/Controllers/ValuesController.cs create mode 100644 samples/SampleWebApi_6_0/Program.cs create mode 100644 samples/SampleWebApi_6_0/Properties/launchSettings.json create mode 100644 samples/SampleWebApi_6_0/SampleWebApi_6_0.csproj create mode 100644 samples/SampleWebApi_6_0/appsettings.Development.json create mode 100644 samples/SampleWebApi_6_0/appsettings.json diff --git a/LICENSE.txt b/LICENSE.txt index 3f62ea0..f7116cf 100644 --- a/LICENSE.txt +++ b/LICENSE.txt @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2021 Mihir Dilip +Copyright (c) 2022 Mihir Dilip Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index e3dbbe8..58ad342 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ Easy to use and very light weight Microsoft style Basic Scheme Authentication Im ## .NET (Core) Frameworks Supported .NET Framework 4.6.1 and/or NetStandard 2.0 onwards -Multi targeted: net5.0; netcoreapp3.1; netcoreapp3.0; netstandard2.0; net461 +Multi targeted: net6.0; net5.0; netcoreapp3.1; netcoreapp3.0; netstandard2.0; net461
@@ -300,6 +300,7 @@ public void ConfigureServices(IServiceCollection services) ## Release Notes | Version |           Notes | |---------|-------| +|6.0.1 | | |5.1.0 | | |5.0.0 | | |3.1.1 | | diff --git a/samples/BasicSamplesClient.postman_collection.json b/samples/BasicSamplesClient.postman_collection.json new file mode 100644 index 0000000..63f5852 --- /dev/null +++ b/samples/BasicSamplesClient.postman_collection.json @@ -0,0 +1,127 @@ +{ + "info": { + "_postman_id": "0d733eba-f9ef-4512-aacc-a10711586767", + "name": "BasicSamplesClient", + "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" + }, + "item": [ + { + "name": "Get Values No Auth", + "request": { + "auth": { + "type": "noauth" + }, + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/api/values", + "host": [ + "{{base_url}}" + ], + "path": [ + "api", + "values" + ] + } + }, + "response": [] + }, + { + "name": "Get Values", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/api/values", + "host": [ + "{{base_url}}" + ], + "path": [ + "api", + "values" + ] + } + }, + "response": [] + }, + { + "name": "Claims", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/api/values/claims", + "host": [ + "{{base_url}}" + ], + "path": [ + "api", + "values", + "claims" + ] + } + }, + "response": [] + }, + { + "name": "Forbid", + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{base_url}}/api/values/forbid", + "host": [ + "{{base_url}}" + ], + "path": [ + "api", + "values", + "forbid" + ] + } + }, + "response": [] + } + ], + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "1234", + "type": "string" + }, + { + "key": "username", + "value": "TestUser1", + "type": "string" + } + ] + }, + "event": [ + { + "listen": "prerequest", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + }, + { + "listen": "test", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + } + ], + "variable": [ + { + "key": "base_url", + "value": "https://localhost:44304/" + } + ] +} \ No newline at end of file diff --git a/samples/SampleWebApi_6_0/Controllers/ValuesController.cs b/samples/SampleWebApi_6_0/Controllers/ValuesController.cs new file mode 100644 index 0000000..497ad14 --- /dev/null +++ b/samples/SampleWebApi_6_0/Controllers/ValuesController.cs @@ -0,0 +1,34 @@ +using Microsoft.AspNetCore.Mvc; +using System.Text; + +namespace SampleWebApi_6_0.Controllers +{ + [Route("api/[controller]")] + [ApiController] + public class ValuesController : ControllerBase + { + // GET api/values + [HttpGet] + public ActionResult> Get() + { + return new string[] { "value1", "value2" }; + } + + [HttpGet("claims")] + public ActionResult Claims() + { + var sb = new StringBuilder(); + foreach (var claim in User.Claims) + { + sb.AppendLine($"{claim.Type}: {claim.Value}"); + } + return sb.ToString(); + } + + [HttpGet("forbid")] + public new IActionResult Forbid() + { + return base.Forbid(); + } + } +} diff --git a/samples/SampleWebApi_6_0/Program.cs b/samples/SampleWebApi_6_0/Program.cs new file mode 100644 index 0000000..722615d --- /dev/null +++ b/samples/SampleWebApi_6_0/Program.cs @@ -0,0 +1,157 @@ +using AspNetCore.Authentication.Basic; +using Microsoft.AspNetCore.Authorization; +using SampleWebApi.Repositories; +using SampleWebApi.Services; + +var builder = WebApplication.CreateBuilder(args); + +// Add User repository to the dependency container. +builder.Services.AddTransient(); + +// Add the Basic scheme authentication here.. +// It requires Realm to be set in the options if SuppressWWWAuthenticateHeader is not set. +// If an implementation of IBasicUserValidationService interface is registered in the dependency register as well as OnValidateCredentials delegete on options.Events is also set then this delegate will be used instead of an implementation of IBasicUserValidationService. +builder.Services.AddAuthentication(BasicDefaults.AuthenticationScheme) + + // The below AddBasic without type parameter will require OnValidateCredentials delegete on options.Events to be set unless an implementation of IBasicUserValidationService interface is registered in the dependency register. + // Please note if both the delgate and validation server are set then the delegate will be used instead of BasicUserValidationService. + //.AddBasic(options => + + // The below AddBasic with type parameter will add the BasicUserValidationService to the dependency register. + // Please note if OnValidateCredentials delegete on options.Events is also set then this delegate will be used instead of BasicUserValidationService. + .AddBasic(options => + { + options.Realm = "Sample Web API"; + + //// Optional option to suppress the browser login dialog for ajax calls. + //options.SuppressWWWAuthenticateHeader = true; + + //// Optional option to ignore authentication if AllowAnonumous metadata/filter attribute is added to an endpoint. + //options.IgnoreAuthenticationIfAllowAnonymous = true; + + //// Optional events to override the basic original logic with custom logic. + //// Only use this if you know what you are doing at your own risk. Any of the events can be assigned. + options.Events = new BasicEvents + { + + //// A delegate assigned to this property will be invoked just before validating credentials. + //OnValidateCredentials = async (context) => + //{ + // // custom code to handle credentials, create principal and call Success method on context. + // var userRepository = context.HttpContext.RequestServices.GetRequiredService(); + // var user = await userRepository.GetUserByUsername(context.Username); + // var isValid = user != null && user.Password == context.Password; + // if (isValid) + // { + // context.Response.Headers.Add("ValidationCustomHeader", "From OnValidateCredentials"); + // var claims = new[] + // { + // new Claim(ClaimTypes.NameIdentifier, context.Username, ClaimValueTypes.String, context.Options.ClaimsIssuer), + // new Claim(ClaimTypes.Name, context.Username, ClaimValueTypes.String, context.Options.ClaimsIssuer), + // new Claim("CustomClaimType", "Custom Claim Value - from OnValidateCredentials") + // }; + // context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, context.Scheme.Name)); + // context.Success(); + // } + // else + // { + // context.NoResult(); + // } + //}, + + //// A delegate assigned to this property will be invoked just before validating credentials. + //// NOTE: Same as above delegate but slightly different implementation which will give same result. + //OnValidateCredentials = async (context) => + //{ + // // custom code to handle credentials, create principal and call Success method on context. + // var userRepository = context.HttpContext.RequestServices.GetRequiredService(); + // var user = await userRepository.GetUserByUsername(context.Username); + // var isValid = user != null && user.Password == context.Password; + // if (isValid) + // { + // context.Response.Headers.Add("ValidationCustomHeader", "From OnValidateCredentials"); + // var claims = new[] + // { + // new Claim("CustomClaimType", "Custom Claim Value - from OnValidateCredentials") + // }; + // context.ValidationSucceeded(claims); // claims are optional + // } + // else + // { + // context.ValidationFailed(); + // } + //}, + + //// A delegate assigned to this property will be invoked before a challenge is sent back to the caller when handling unauthorized response. + //OnHandleChallenge = async (context) => + //{ + // // custom code to handle authentication challenge unauthorized response. + // context.Response.StatusCode = StatusCodes.Status401Unauthorized; + // context.Response.Headers.Add("ChallengeCustomHeader", "From OnHandleChallenge"); + // await context.Response.WriteAsync("{\"CustomBody\":\"From OnHandleChallenge\"}"); + // context.Handled(); // important! do not forget to call this method at the end. + //}, + + //// A delegate assigned to this property will be invoked if Authorization fails and results in a Forbidden response. + //OnHandleForbidden = async (context) => + //{ + // // custom code to handle forbidden response. + // context.Response.StatusCode = StatusCodes.Status403Forbidden; + // context.Response.Headers.Add("ForbidCustomHeader", "From OnHandleForbidden"); + // await context.Response.WriteAsync("{\"CustomBody\":\"From OnHandleForbidden\"}"); + // context.Handled(); // important! do not forget to call this method at the end. + //}, + + //// A delegate assigned to this property will be invoked when the authentication succeeds. It will not be called if OnValidateCredentials delegate is assigned. + //// It can be used for adding claims, headers, etc to the response. + //OnAuthenticationSucceeded = (context) => + //{ + // //custom code to add extra bits to the success response. + // context.Response.Headers.Add("SuccessCustomHeader", "From OnAuthenticationSucceeded"); + // var customClaims = new List + // { + // new Claim("CustomClaimType", "Custom Claim Value - from OnAuthenticationSucceeded") + // }; + // context.AddClaims(customClaims); + // //or can add like this - context.Principal.AddIdentity(new ClaimsIdentity(customClaims)); + // return Task.CompletedTask; + //}, + + //// A delegate assigned to this property will be invoked when the authentication fails. + //OnAuthenticationFailed = (context) => + //{ + // // custom code to handle failed authentication. + // context.Fail("Failed to authenticate"); + // return Task.CompletedTask; + //} + + }; + }); + +builder.Services.AddControllers(options => +{ + // ALWAYS USE HTTPS (SSL) protocol in production when using ApiKey authentication. + //options.Filters.Add(); + +}); //.AddXmlSerializerFormatters() // To enable XML along with JSON; + +// All the requests will need to be authorized. +// Alternatively, add [Authorize] attribute to Controller or Action Method where necessary. +builder.Services.AddAuthorization(options => +{ + options.FallbackPolicy = new AuthorizationPolicyBuilder() + .RequireAuthenticatedUser() + .Build(); +}); + +var app = builder.Build(); + +app.UseHttpsRedirection(); + +app.UseAuthentication(); // NOTE: DEFAULT TEMPLATE DOES NOT HAVE THIS, THIS LINE IS REQUIRED AND HAS TO BE ADDED!!! + +app.UseAuthorization(); + +app.MapControllers(); + +app.Run(); diff --git a/samples/SampleWebApi_6_0/Properties/launchSettings.json b/samples/SampleWebApi_6_0/Properties/launchSettings.json new file mode 100644 index 0000000..68138e4 --- /dev/null +++ b/samples/SampleWebApi_6_0/Properties/launchSettings.json @@ -0,0 +1,21 @@ +{ + "$schema": "https://json.schemastore.org/launchsettings.json", + "iisSettings": { + "windowsAuthentication": false, + "anonymousAuthentication": true, + "iisExpress": { + "applicationUrl": "http://localhost:3920", + "sslPort": 44304 + } + }, + "profiles": { + "IIS Express": { + "commandName": "IISExpress", + "launchBrowser": true, + "launchUrl": "api/values", + "environmentVariables": { + "ASPNETCORE_ENVIRONMENT": "Development" + } + } + } +} diff --git a/samples/SampleWebApi_6_0/SampleWebApi_6_0.csproj b/samples/SampleWebApi_6_0/SampleWebApi_6_0.csproj new file mode 100644 index 0000000..0f3fd52 --- /dev/null +++ b/samples/SampleWebApi_6_0/SampleWebApi_6_0.csproj @@ -0,0 +1,18 @@ + + + + net6.0 + enable + enable + + + + + + + + + + diff --git a/samples/SampleWebApi_6_0/appsettings.Development.json b/samples/SampleWebApi_6_0/appsettings.Development.json new file mode 100644 index 0000000..0c208ae --- /dev/null +++ b/samples/SampleWebApi_6_0/appsettings.Development.json @@ -0,0 +1,8 @@ +{ + "Logging": { + "LogLevel": { + "Default": "Information", + "Microsoft.AspNetCore": "Warning" + } + } +} diff --git a/samples/SampleWebApi_6_0/appsettings.json b/samples/SampleWebApi_6_0/appsettings.json new file mode 100644 index 0000000..10f68b8 --- /dev/null +++ b/samples/SampleWebApi_6_0/appsettings.json @@ -0,0 +1,9 @@ +{ + "Logging": { + "LogLevel": { + "Default": "Information", + "Microsoft.AspNetCore": "Warning" + } + }, + "AllowedHosts": "*" +} diff --git a/src/AspNetCore.Authentication.Basic.sln b/src/AspNetCore.Authentication.Basic.sln index 03ab123..ec48415 100644 --- a/src/AspNetCore.Authentication.Basic.sln +++ b/src/AspNetCore.Authentication.Basic.sln @@ -1,9 +1,12 @@  Microsoft Visual Studio Solution File, Format Version 12.00 -# Visual Studio Version 16 -VisualStudioVersion = 16.0.29418.71 +# Visual Studio Version 17 +VisualStudioVersion = 17.0.32014.148 MinimumVisualStudioVersion = 10.0.40219.1 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Samples", "Samples", "{CF13271D-BF3F-4167-BEBA-DD02D33992F2}" + ProjectSection(SolutionItems) = preProject + ..\samples\BasicSamplesClient.postman_collection.json = ..\samples\BasicSamplesClient.postman_collection.json + EndProjectSection EndProject Project("{D954291E-2A0B-460D-934E-DC6B0785DB48}") = "SampleWebApi.Shared", "..\samples\SampleWebApi.Shared\SampleWebApi.Shared.shproj", "{E544FB20-29F3-41F5-A78E-6164F9C43B3C}" EndProject @@ -26,13 +29,16 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "SampleWebApi_5_0", "..\samp EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "test", "test", "{F7494366-ED1D-4342-AE5D-DD6BE67C63DF}" EndProject -Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "AspNetCore.Authentication.Basic.Tests", "..\test\AspNetCore.Authentication.Basic.Tests\AspNetCore.Authentication.Basic.Tests.csproj", "{335B0D1F-A428-4D2E-AF87-269C75F5F138}" +Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNetCore.Authentication.Basic.Tests", "..\test\AspNetCore.Authentication.Basic.Tests\AspNetCore.Authentication.Basic.Tests.csproj", "{335B0D1F-A428-4D2E-AF87-269C75F5F138}" +EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SampleWebApi_6_0", "..\samples\SampleWebApi_6_0\SampleWebApi_6_0.csproj", "{9232DA41-CA69-4FE3-B0C9-D8D85FEC272A}" EndProject Global GlobalSection(SharedMSBuildProjectFiles) = preSolution ..\samples\SampleWebApi.Shared\SampleWebApi.Shared.projitems*{0801aed9-ea38-4e7e-af4d-26e9b67e5254}*SharedItemsImports = 5 ..\samples\SampleWebApi.Shared\SampleWebApi.Shared.projitems*{2705db4c-3bce-4cfc-9a30-b4bfd1f28c56}*SharedItemsImports = 5 ..\samples\SampleWebApi.Shared\SampleWebApi.Shared.projitems*{897e5c9c-8c0a-4fb6-960c-4d11aafd4491}*SharedItemsImports = 5 + ..\samples\SampleWebApi.Shared\SampleWebApi.Shared.projitems*{9232da41-ca69-4fe3-b0c9-d8d85fec272a}*SharedItemsImports = 5 ..\samples\SampleWebApi.Shared\SampleWebApi.Shared.projitems*{b82830a0-fdfc-469d-b2a8-d657cd216451}*SharedItemsImports = 5 ..\samples\SampleWebApi.Shared\SampleWebApi.Shared.projitems*{e544fb20-29f3-41f5-a78e-6164f9c43b3c}*SharedItemsImports = 13 EndGlobalSection @@ -65,6 +71,10 @@ Global {335B0D1F-A428-4D2E-AF87-269C75F5F138}.Debug|Any CPU.Build.0 = Debug|Any CPU {335B0D1F-A428-4D2E-AF87-269C75F5F138}.Release|Any CPU.ActiveCfg = Release|Any CPU {335B0D1F-A428-4D2E-AF87-269C75F5F138}.Release|Any CPU.Build.0 = Release|Any CPU + {9232DA41-CA69-4FE3-B0C9-D8D85FEC272A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {9232DA41-CA69-4FE3-B0C9-D8D85FEC272A}.Debug|Any CPU.Build.0 = Debug|Any CPU + {9232DA41-CA69-4FE3-B0C9-D8D85FEC272A}.Release|Any CPU.ActiveCfg = Release|Any CPU + {9232DA41-CA69-4FE3-B0C9-D8D85FEC272A}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE @@ -76,6 +86,7 @@ Global {2705DB4C-3BCE-4CFC-9A30-B4BFD1F28C56} = {CF13271D-BF3F-4167-BEBA-DD02D33992F2} {B82830A0-FDFC-469D-B2A8-D657CD216451} = {CF13271D-BF3F-4167-BEBA-DD02D33992F2} {335B0D1F-A428-4D2E-AF87-269C75F5F138} = {F7494366-ED1D-4342-AE5D-DD6BE67C63DF} + {9232DA41-CA69-4FE3-B0C9-D8D85FEC272A} = {CF13271D-BF3F-4167-BEBA-DD02D33992F2} EndGlobalSection GlobalSection(ExtensibilityGlobals) = postSolution SolutionGuid = {70815049-1680-480A-BF5A-00536D6C9C20} diff --git a/src/AspNetCore.Authentication.Basic/AspNetCore.Authentication.Basic.csproj b/src/AspNetCore.Authentication.Basic/AspNetCore.Authentication.Basic.csproj index 535f6ec..c7ba2f0 100644 --- a/src/AspNetCore.Authentication.Basic/AspNetCore.Authentication.Basic.csproj +++ b/src/AspNetCore.Authentication.Basic/AspNetCore.Authentication.Basic.csproj @@ -1,17 +1,20 @@  - net5.0;netcoreapp3.1;netcoreapp3.0;netstandard2.0;net461 - 5.1.0 + net6.0;net5.0;netcoreapp3.1;netcoreapp3.0;netstandard2.0;net461 + 6.0.1 https://github.com/mihirdilip/aspnetcore-authentication-basic/tree/$(Version) https://github.com/mihirdilip/aspnetcore-authentication-basic/tree/$(Version) - aspnetcore, security, authentication, microsoft, microsoft.aspnetcore.authentication, microsoft-aspnetcore-authentication, microsoft.aspnetcore.authentication.basic, microsoft-aspnetcore-authentication-basic, asp-net-core, netstandard, netstandard20, basic-authentication, basicauthentication, dotnetcore, dotnetcore3.1, net5, net5.0, asp-net-core-basic-authentication, aspnetcore-basic-authentication, net5-basic-authentication, asp-net-core-authentication, aspnetcore-authentication, net5-authentication, asp, aspnet, basic, authentication-scheme - - Visibility of all the handlers changed to public + aspnetcore, security, authentication, microsoft, microsoft.aspnetcore.authentication, microsoft-aspnetcore-authentication, microsoft.aspnetcore.authentication.basic, microsoft-aspnetcore-authentication-basic, asp-net-core, netstandard, netstandard20, basic-authentication, basicauthentication, dotnetcore, dotnetcore3.1, net5, net5.0, net6, net6.0, asp-net-core-basic-authentication, aspnetcore-basic-authentication, net5-basic-authentication, asp-net-core-authentication, aspnetcore-authentication, net5-authentication, asp, aspnet, basic, authentication-scheme + - net6.0 support added +- Information log on handler is changed to Debug log when IgnoreAuthenticationIfAllowAnonymous is enabled +- Readme updated +- Copyright year updated on License Easy to use and very light weight Microsoft style Basic Scheme Authentication implementation for ASP.NET Core. Mihir Dilip Mihir Dilip - Copyright (c) 2021 Mihir Dilip + Copyright (c) 2022 Mihir Dilip true $(AssemblyName) git @@ -40,7 +43,7 @@ - + @@ -59,7 +62,7 @@ - + diff --git a/src/AspNetCore.Authentication.Basic/BasicHandler.cs b/src/AspNetCore.Authentication.Basic/BasicHandler.cs index ff9f03d..70f3559 100644 --- a/src/AspNetCore.Authentication.Basic/BasicHandler.cs +++ b/src/AspNetCore.Authentication.Basic/BasicHandler.cs @@ -53,7 +53,7 @@ protected override async Task HandleAuthenticateAsync() { if (IgnoreAuthenticationIfAllowAnonymous()) { - Logger.LogInformation("AllowAnonymous found on the endpoint so request was not authenticated."); + Logger.LogDebug("AllowAnonymous found on the endpoint so request was not authenticated."); return AuthenticateResult.NoResult(); } diff --git a/test/AspNetCore.Authentication.Basic.Tests/AspNetCore.Authentication.Basic.Tests.csproj b/test/AspNetCore.Authentication.Basic.Tests/AspNetCore.Authentication.Basic.Tests.csproj index 0ea5b0e..2c30006 100644 --- a/test/AspNetCore.Authentication.Basic.Tests/AspNetCore.Authentication.Basic.Tests.csproj +++ b/test/AspNetCore.Authentication.Basic.Tests/AspNetCore.Authentication.Basic.Tests.csproj @@ -1,7 +1,7 @@ - + - net5.0;netcoreapp3.1;netcoreapp3.0;netcoreapp2.1;net461 + net6.0;net5.0;netcoreapp3.1;netcoreapp3.0;netcoreapp2.1;net461 false latest @@ -14,20 +14,24 @@ - + runtime; build; native; contentfiles; analyzers; buildtransitive all - + runtime; build; native; contentfiles; analyzers; buildtransitive all + + + + - + @@ -46,10 +50,10 @@ - + - +