From 3130108fc71a976a9ecc37bad59954e221411635 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C3=A9vin=20Chalet?= <kevinchalet@gmail.com>
Date: Thu, 25 Apr 2024 17:43:18 +0200
Subject: [PATCH] Add FACEIT to the list of supported providers

---
 ...IddictClientWebIntegrationHandlers.Discovery.cs |  6 ++++--
 .../OpenIddictClientWebIntegrationHandlers.cs      | 14 +++++++++++---
 .../OpenIddictClientWebIntegrationProviders.xml    | 14 ++++++++++++++
 3 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Discovery.cs b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Discovery.cs
index 2dfb14f7..1ecaa124 100644
--- a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Discovery.cs
+++ b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Discovery.cs
@@ -108,7 +108,8 @@ public static partial class OpenIddictClientWebIntegrationHandlers
                 // types is amended to include the known supported types for the providers that require it.
 
                 if (context.Registration.ProviderType is
-                    ProviderTypes.Apple or ProviderTypes.LinkedIn or ProviderTypes.QuickBooksOnline)
+                    ProviderTypes.Apple    or ProviderTypes.FaceIt or
+                    ProviderTypes.LinkedIn or ProviderTypes.QuickBooksOnline)
                 {
                     context.Configuration.GrantTypesSupported.Add(GrantTypes.AuthorizationCode);
                     context.Configuration.GrantTypesSupported.Add(GrantTypes.RefreshToken);
@@ -183,7 +184,8 @@ public static partial class OpenIddictClientWebIntegrationHandlers
                 // are manually added to the list of supported code challenge methods by this handler.
 
                 if (context.Registration.ProviderType is
-                    ProviderTypes.Adobe or ProviderTypes.Autodesk or ProviderTypes.Microsoft)
+                    ProviderTypes.Adobe  or ProviderTypes.Autodesk or
+                    ProviderTypes.FaceIt or ProviderTypes.Microsoft)
                 {
                     context.Configuration.CodeChallengeMethodsSupported.Add(CodeChallengeMethods.Plain);
                     context.Configuration.CodeChallengeMethodsSupported.Add(CodeChallengeMethods.Sha256);
diff --git a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.cs b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.cs
index a98f2662..b8a7ec8c 100644
--- a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.cs
+++ b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.cs
@@ -688,9 +688,10 @@ public static partial class OpenIddictClientWebIntegrationHandlers
             context.DisableBackchannelIdentityTokenNonceValidation = context.Registration.ProviderType switch
             {
                 // These providers don't include the nonce in their identity tokens:
-                ProviderTypes.Asana            or ProviderTypes.DocuSign or
-                ProviderTypes.Dropbox          or ProviderTypes.LinkedIn or
-                ProviderTypes.QuickBooksOnline or ProviderTypes.WorldId => true,
+                ProviderTypes.Asana    or ProviderTypes.DocuSign         or
+                ProviderTypes.Dropbox  or ProviderTypes.FaceIt           or
+                ProviderTypes.LinkedIn or ProviderTypes.QuickBooksOnline or
+                ProviderTypes.WorldId => true,
 
                 _ => context.DisableBackchannelIdentityTokenNonceValidation
             };
@@ -1604,6 +1605,13 @@ public static partial class OpenIddictClientWebIntegrationHandlers
                 context.Request.Prompt = settings.Prompt;
             }
 
+            // FaceIt requires sending a custom "redirect_popup" parameter
+            // with the value "true" for the login flow to work correctly.
+            else if (context.Registration.ProviderType is ProviderTypes.FaceIt)
+            {
+                context.Request["redirect_popup"] = true;
+            }
+
             // By default, Google doesn't return a refresh token but allows sending an "access_type"
             // parameter to retrieve one (but it is only returned during the first authorization dance).
             else if (context.Registration.ProviderType is ProviderTypes.Google)
diff --git a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml
index eada1419..cb1e0eb8 100644
--- a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml
+++ b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml
@@ -599,6 +599,20 @@
     </Setting>
   </Provider>
 
+  <!--
+                                              ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                              ██ ▄▄▄█ ▄▄▀██ ▄▄▀██ ▄▄▄█▄ ▄█▄▄ ▄▄██
+                                              ██ ▄▄██ ▀▀ ██ █████ ▄▄▄██ ████ ████
+                                              ██ ████ ██ ██ ▀▀▄██ ▀▀▀█▀ ▀███ ████
+                                              ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
+  -->
+
+  <Provider Name="FaceIt" DisplayName="FACEIT" Id="6523733a-b217-4ad6-afcf-67f320db910f"
+            Documentation="https://developers.faceit.com/docs/auth/oauth2">
+    <Environment Issuer="https://api.faceit.com/auth"
+                 ConfigurationEndpoint="https://api.faceit.com/auth/v1/openid_configuration" />
+  </Provider>
+
   <!--
                                               ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                               ██ ▄▄▄█▄ ▄█▄▄ ▄▄██ ▄▄▀█▄ ▄█▄▄ ▄▄██