Update the discovery endpoint to expose the supported external providers

10 years ago · 6086c92379
5 changed files with 51 additions and 0 deletions
--- a/src/OpenIddict.Core/OpenIddictConstants.cs
+++ b/src/OpenIddict.Core/OpenIddictConstants.cs
@ -20,6 +20,10 @@ namespace OpenIddict.Core {
            public const string LogoutRequest = "openiddict-logout-request:";
        }

+        public static class Metadata {
+            public const string ExternalProvidersSupported = "external_providers_supported";
+        }
+
        public static class Scopes {
            public const string Roles = "roles";
        }
--- a/src/OpenIddict/OpenIddictProvider.Discovery.cs
+++ b/src/OpenIddict/OpenIddictProvider.Discovery.cs
@ -4,6 +4,7 @@
 * the license and the contributors participating to this project.
 */

+using System.Linq;
 using System.Threading.Tasks;
 using AspNet.Security.OpenIdConnect.Primitives;
 using AspNet.Security.OpenIdConnect.Server;
@ -11,6 +12,7 @@ using JetBrains.Annotations;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Options;
+using Newtonsoft.Json.Linq;
 using OpenIddict.Core;

 namespace OpenIddict {
@ -49,6 +51,11 @@ namespace OpenIddict {
                context.Scopes.Add(OpenIdConnectConstants.Scopes.OfflineAccess);
            }

+            context.Metadata[OpenIddictConstants.Metadata.ExternalProvidersSupported] = JArray.FromObject(
+                from provider in context.HttpContext.Authentication.GetAuthenticationSchemes()
+                where !string.IsNullOrEmpty(provider.DisplayName)
+                select provider.AuthenticationScheme);
+
            return Task.FromResult(0);
        }
    }
--- a/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs
+++ b/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs
@ -2,6 +2,9 @@
 using System.Threading.Tasks;
 using AspNet.Security.OpenIdConnect.Client;
 using AspNet.Security.OpenIdConnect.Primitives;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authentication.Facebook;
+using Microsoft.AspNetCore.Authentication.Google;
 using Microsoft.AspNetCore.Builder;
 using OpenIddict.Core;
 using Xunit;
@ -103,5 +106,22 @@ namespace OpenIddict.Tests {
            Assert.DoesNotContain(OpenIdConnectConstants.Scopes.OfflineAccess,
                response[OpenIdConnectConstants.Metadata.ScopesSupported].Values<string>());
        }
+
+        [Fact]
+        public async Task HandleConfigurationRequest_ExternalProvidersAreCorrectlyReturned() {
+            // Arrange
+            var server = CreateAuthorizationServer();
+
+            var client = new OpenIdConnectClient(server.CreateClient());
+
+            // Act
+            var response = await client.GetAsync(ConfigurationEndpoint);
+            var providers = response[OpenIddictConstants.Metadata.ExternalProvidersSupported].Values<string>();
+
+            // Assert
+            Assert.DoesNotContain(CookieAuthenticationDefaults.AuthenticationScheme, providers);
+            Assert.Contains(FacebookDefaults.AuthenticationScheme, providers);
+            Assert.Contains(GoogleDefaults.AuthenticationScheme, providers);
+        }
    }
 }
--- a/test/OpenIddict.Tests/OpenIddictProviderTests.cs
+++ b/test/OpenIddict.Tests/OpenIddictProviderTests.cs
@ -6,6 +6,7 @@ using AspNet.Security.OpenIdConnect.Extensions;
 using AspNet.Security.OpenIdConnect.Primitives;
 using AspNet.Security.OpenIdConnect.Server;
 using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.DataProtection;
 using Microsoft.AspNetCore.Diagnostics;
@ -100,6 +101,22 @@ namespace OpenIddict.Tests {
                    return next(context);
                });

+                app.UseCookieAuthentication();
+
+                // Note: the following client_id/client_secret are fake and are only
+                // used to test the metadata returned by the discovery endpoint.
+                app.UseFacebookAuthentication(new FacebookOptions {
+                    ClientId = "16018790-E88E-4553-8036-BB342579FF19",
+                    ClientSecret = "3D6499AF-5607-489B-815A-F3ACF1617296",
+                    SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme
+                });
+
+                app.UseGoogleAuthentication(new GoogleOptions {
+                    ClientId = "BAF437A5-87FA-4D06-8EFD-F9BA96CCEDC4",
+                    ClientSecret = "27DF07D3-6B03-4EE0-95CD-3AC16782216B",
+                    SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme
+                });
+
                app.UseOpenIddict();

                app.Run(context => {
--- a/test/OpenIddict.Tests/project.json
+++ b/test/OpenIddict.Tests/project.json
@ -10,6 +10,9 @@
  "dependencies": {
    "AspNet.Security.OpenIdConnect.Client": "1.0.0-beta7-final",
    "dotnet-test-xunit": "2.2.0-preview2-build1029",
+    "Microsoft.AspNetCore.Authentication.Cookies": "1.0.0",
+    "Microsoft.AspNetCore.Authentication.Facebook": "1.0.0",
+    "Microsoft.AspNetCore.Authentication.Google": "1.0.0",
    "Microsoft.AspNetCore.Diagnostics": "1.0.0",
    "Microsoft.AspNetCore.TestHost": "1.0.0",
    "Microsoft.Extensions.Caching.Memory": "1.0.0",