From 6086c9237962f0e969c0e3ae2c91d28c8cbc6355 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Chalet?= Date: Thu, 27 Oct 2016 17:16:40 +0200 Subject: [PATCH] Update the discovery endpoint to expose the supported external providers --- src/OpenIddict.Core/OpenIddictConstants.cs | 4 ++++ .../OpenIddictProvider.Discovery.cs | 7 +++++++ .../OpenIddictProviderTests.Discovery.cs | 20 +++++++++++++++++++ .../OpenIddictProviderTests.cs | 17 ++++++++++++++++ test/OpenIddict.Tests/project.json | 3 +++ 5 files changed, 51 insertions(+) diff --git a/src/OpenIddict.Core/OpenIddictConstants.cs b/src/OpenIddict.Core/OpenIddictConstants.cs index 2c340b1f..b6f7d0be 100644 --- a/src/OpenIddict.Core/OpenIddictConstants.cs +++ b/src/OpenIddict.Core/OpenIddictConstants.cs @@ -20,6 +20,10 @@ namespace OpenIddict.Core { public const string LogoutRequest = "openiddict-logout-request:"; } + public static class Metadata { + public const string ExternalProvidersSupported = "external_providers_supported"; + } + public static class Scopes { public const string Roles = "roles"; } diff --git a/src/OpenIddict/OpenIddictProvider.Discovery.cs b/src/OpenIddict/OpenIddictProvider.Discovery.cs index 43dffe56..96613bd7 100644 --- a/src/OpenIddict/OpenIddictProvider.Discovery.cs +++ b/src/OpenIddict/OpenIddictProvider.Discovery.cs @@ -4,6 +4,7 @@ * the license and the contributors participating to this project. */ +using System.Linq; using System.Threading.Tasks; using AspNet.Security.OpenIdConnect.Primitives; using AspNet.Security.OpenIdConnect.Server; @@ -11,6 +12,7 @@ using JetBrains.Annotations; using Microsoft.AspNetCore.Builder; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Options; +using Newtonsoft.Json.Linq; using OpenIddict.Core; namespace OpenIddict { @@ -49,6 +51,11 @@ namespace OpenIddict { context.Scopes.Add(OpenIdConnectConstants.Scopes.OfflineAccess); } + context.Metadata[OpenIddictConstants.Metadata.ExternalProvidersSupported] = JArray.FromObject( + from provider in context.HttpContext.Authentication.GetAuthenticationSchemes() + where !string.IsNullOrEmpty(provider.DisplayName) + select provider.AuthenticationScheme); + return Task.FromResult(0); } } diff --git a/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs b/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs index 0081af37..e7ed6143 100644 --- a/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs +++ b/test/OpenIddict.Tests/OpenIddictProviderTests.Discovery.cs @@ -2,6 +2,9 @@ using System.Threading.Tasks; using AspNet.Security.OpenIdConnect.Client; using AspNet.Security.OpenIdConnect.Primitives; +using Microsoft.AspNetCore.Authentication.Cookies; +using Microsoft.AspNetCore.Authentication.Facebook; +using Microsoft.AspNetCore.Authentication.Google; using Microsoft.AspNetCore.Builder; using OpenIddict.Core; using Xunit; @@ -103,5 +106,22 @@ namespace OpenIddict.Tests { Assert.DoesNotContain(OpenIdConnectConstants.Scopes.OfflineAccess, response[OpenIdConnectConstants.Metadata.ScopesSupported].Values()); } + + [Fact] + public async Task HandleConfigurationRequest_ExternalProvidersAreCorrectlyReturned() { + // Arrange + var server = CreateAuthorizationServer(); + + var client = new OpenIdConnectClient(server.CreateClient()); + + // Act + var response = await client.GetAsync(ConfigurationEndpoint); + var providers = response[OpenIddictConstants.Metadata.ExternalProvidersSupported].Values(); + + // Assert + Assert.DoesNotContain(CookieAuthenticationDefaults.AuthenticationScheme, providers); + Assert.Contains(FacebookDefaults.AuthenticationScheme, providers); + Assert.Contains(GoogleDefaults.AuthenticationScheme, providers); + } } } diff --git a/test/OpenIddict.Tests/OpenIddictProviderTests.cs b/test/OpenIddict.Tests/OpenIddictProviderTests.cs index 43c7e0ee..1a2ffebd 100644 --- a/test/OpenIddict.Tests/OpenIddictProviderTests.cs +++ b/test/OpenIddict.Tests/OpenIddictProviderTests.cs @@ -6,6 +6,7 @@ using AspNet.Security.OpenIdConnect.Extensions; using AspNet.Security.OpenIdConnect.Primitives; using AspNet.Security.OpenIdConnect.Server; using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.Diagnostics; @@ -100,6 +101,22 @@ namespace OpenIddict.Tests { return next(context); }); + app.UseCookieAuthentication(); + + // Note: the following client_id/client_secret are fake and are only + // used to test the metadata returned by the discovery endpoint. + app.UseFacebookAuthentication(new FacebookOptions { + ClientId = "16018790-E88E-4553-8036-BB342579FF19", + ClientSecret = "3D6499AF-5607-489B-815A-F3ACF1617296", + SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme + }); + + app.UseGoogleAuthentication(new GoogleOptions { + ClientId = "BAF437A5-87FA-4D06-8EFD-F9BA96CCEDC4", + ClientSecret = "27DF07D3-6B03-4EE0-95CD-3AC16782216B", + SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme + }); + app.UseOpenIddict(); app.Run(context => { diff --git a/test/OpenIddict.Tests/project.json b/test/OpenIddict.Tests/project.json index 74c65031..562f5d87 100644 --- a/test/OpenIddict.Tests/project.json +++ b/test/OpenIddict.Tests/project.json @@ -10,6 +10,9 @@ "dependencies": { "AspNet.Security.OpenIdConnect.Client": "1.0.0-beta7-final", "dotnet-test-xunit": "2.2.0-preview2-build1029", + "Microsoft.AspNetCore.Authentication.Cookies": "1.0.0", + "Microsoft.AspNetCore.Authentication.Facebook": "1.0.0", + "Microsoft.AspNetCore.Authentication.Google": "1.0.0", "Microsoft.AspNetCore.Diagnostics": "1.0.0", "Microsoft.AspNetCore.TestHost": "1.0.0", "Microsoft.Extensions.Caching.Memory": "1.0.0",