From a5fa58e0a6c356c300c7458663c3ffc14dd0468c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C3=A9vin=20Chalet?= <kevinchalet@gmail.com>
Date: Sun, 25 Jun 2023 17:11:47 +0200
Subject: [PATCH] Add Webex to the list of supported providers

---
 ...tClientWebIntegrationHandlers.Discovery.cs |  5 +++++
 ...ClientWebIntegrationHandlers.Protection.cs |  5 +++++
 ...penIddictClientWebIntegrationProviders.xml | 20 +++++++++++++++++++
 3 files changed, 30 insertions(+)

diff --git a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Discovery.cs b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Discovery.cs
index a6d4b215..cf776d49 100644
--- a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Discovery.cs
+++ b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Discovery.cs
@@ -66,6 +66,11 @@ public static partial class OpenIddictClientWebIntegrationHandlers
                         string.Equals(tenant, "organizations", StringComparison.OrdinalIgnoreCase) ? "https://login.microsoftonline.com/organizations/v2.0" :
                         context.Response[Metadata.Issuer],
 
+                    // Note: the issuer returned in the Webex server configuration metadata is region-specific and
+                    // varies dynamically depending on the location of the client making the discovery request.
+                    // Since the returned issuer is not stable, a hardcoded value is used instead.
+                    ProviderTypes.Webex => "https://www.webex.com/",
+
                     _ => context.Response[Metadata.Issuer]
                 };
 
diff --git a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Protection.cs b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Protection.cs
index f56870b5..833564a5 100644
--- a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Protection.cs
+++ b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Protection.cs
@@ -66,6 +66,11 @@ public static partial class OpenIddictClientWebIntegrationHandlers
                          string.Equals(tenant, "organizations", StringComparison.OrdinalIgnoreCase))
                         => false,
 
+                    // Note: the issuer returned in the Webex server configuration metadata is region-specific and
+                    // varies dynamically depending on the location of the client making the discovery request.
+                    // Since the returned issuer is not stable, issuer validation is always disabled for Webex.
+                    ProviderTypes.Webex => false,
+
                     _ => context.TokenValidationParameters.ValidateIssuer
                 };
 
diff --git a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml
index ab52bba1..9296ff73 100644
--- a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml
+++ b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml
@@ -1212,6 +1212,26 @@
     </Environment>
   </Provider>
 
+  <!--
+                                            ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                            ██ ███ ██ ▄▄▄██ ▄▄▀██ ▄▄▄█▄▀█▀▄██
+                                            ██ █ █ ██ ▄▄▄██ ▄▄▀██ ▄▄▄███ ████
+                                            ██▄▀▄▀▄██ ▀▀▀██ ▀▀ ██ ▀▀▀█▀▄█▄▀██
+                                            ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
+  -->
+
+  <Provider Name="Webex" Id="80d58673-86d2-45c6-b553-340e23e40caf"
+            Documentation="https://developer.webex.com/docs/login-with-webex">
+    <!--
+      Note: the issuer returned in the Webex server configuration metadata is region-specific and
+      varies dynamically depending on the location of the client making the discovery request.
+
+      Since the returned issuer is not stable, the hardcoded "https://www.webex.com/" is used instead.
+    -->    
+
+    <Environment Issuer="https://www.webex.com/" ConfigurationEndpoint="https://webexapis.com/v1/.well-known/openid-configuration" />
+  </Provider>
+
   <!--
                                 ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                 ██ ███ ██ ▄▄▄ ██ ▄▄▀██ ▄▄▀██ ▄▄ ██ ▄▄▀██ ▄▄▄██ ▄▄▄ ██ ▄▄▄ ██