From ba9ebf3ecb35f134e6d093bb0df2513d7b1b4dd1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C3=A9vin=20Chalet?= <kevinchalet@gmail.com>
Date: Sat, 15 Oct 2022 02:48:48 +0200
Subject: [PATCH] Update the provider generator to support Uri settings and add
 Keycloak support

---
 ...OpenIddictClientWebIntegrationGenerator.cs | 70 ++++++++++++++++---
 .../OpenIddictResources.resx                  |  3 +
 ...penIddictClientWebIntegrationProviders.xml | 12 ++++
 ...penIddictClientWebIntegrationProviders.xsd |  1 +
 4 files changed, 78 insertions(+), 8 deletions(-)

diff --git a/gen/OpenIddict.Client.WebIntegration.Generators/OpenIddictClientWebIntegrationGenerator.cs b/gen/OpenIddict.Client.WebIntegration.Generators/OpenIddictClientWebIntegrationGenerator.cs
index 47e2dccb..5e5fb84c 100644
--- a/gen/OpenIddict.Client.WebIntegration.Generators/OpenIddictClientWebIntegrationGenerator.cs
+++ b/gen/OpenIddict.Client.WebIntegration.Generators/OpenIddictClientWebIntegrationGenerator.cs
@@ -183,6 +183,11 @@ public partial class OpenIddictClientWebIntegrationBuilder
                 throw new ArgumentNullException(nameof(address));
             }
 
+            if (!address.IsAbsoluteUri || !address.IsWellFormedOriginalString())
+            {
+                throw new ArgumentException(SR.GetResourceString(SR.ID0144), nameof(address));
+            }
+
             return Configure(options => options.RedirectUri = address);
         }
 
@@ -198,7 +203,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
                 throw new ArgumentException(SR.GetResourceString(SR.ID0143), nameof(address));
             }
 
-            if (!Uri.TryCreate(address, UriKind.Absolute, out Uri? uri) || !uri.IsWellFormedOriginalString())
+            if (!Uri.TryCreate(address, UriKind.Absolute, out Uri? uri))
             {
                 throw new ArgumentException(SR.GetResourceString(SR.ID0144), nameof(address));
             }
@@ -231,12 +236,12 @@ public partial class OpenIddictClientWebIntegrationBuilder
         {{~ end ~}}
 
         {{~ for setting in provider.settings ~}}
+        {{~ if setting.collection ~}}
         /// <summary>
         /// Configures {{ setting.description }}.
         /// </summary>
         /// <param name=""{{ setting.parameter_name }}"">{{ setting.description | string.capitalize }}.</param>
         /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
-        {{~ if setting.collection ~}}
         public {{ provider.name }} Add{{ setting.property_name }}(params {{ setting.clr_type }}[] {{ setting.parameter_name }})
         {
             if ({{ setting.parameter_name }} is null)
@@ -246,7 +251,52 @@ public partial class OpenIddictClientWebIntegrationBuilder
 
             return Configure(options => options.{{ setting.property_name }}.UnionWith({{ setting.parameter_name }}));
         }
+        {{~ else if setting.clr_type == 'Uri' ~}}
+        /// <summary>
+        /// Configures {{ setting.description }}.
+        /// </summary>
+        /// <param name=""{{ setting.parameter_name }}"">{{ setting.description | string.capitalize }}.</param>
+        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
+        public {{ provider.name }} Set{{ setting.property_name }}(Uri {{ setting.parameter_name }})
+        {
+            if ({{ setting.parameter_name }} is null)
+            {
+                throw new ArgumentNullException(nameof({{ setting.parameter_name }}));
+            }
+
+            if (!{{ setting.parameter_name }}.IsAbsoluteUri || !{{ setting.parameter_name }}.IsWellFormedOriginalString())
+            {
+                throw new ArgumentException(SR.GetResourceString(SR.ID0144), nameof({{ setting.parameter_name }}));
+            }
+
+            return Configure(options => options.{{ setting.property_name }} = {{ setting.parameter_name }});
+        }
+
+        /// <summary>
+        /// Configures {{ setting.description }}.
+        /// </summary>
+        /// <param name=""{{ setting.parameter_name }}"">{{ setting.description | string.capitalize }}.</param>
+        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
+        public {{ provider.name }} Set{{ setting.property_name }}(string {{ setting.parameter_name }})
+        {
+            if (string.IsNullOrEmpty({{ setting.parameter_name }}))
+            {
+                throw new ArgumentException(SR.GetResourceString(SR.ID0143), nameof({{ setting.parameter_name }}));
+            }
+
+            if (!Uri.TryCreate({{ setting.parameter_name }}, UriKind.Absolute, out Uri? uri))
+            {
+                throw new ArgumentException(SR.GetResourceString(SR.ID0144), nameof({{ setting.parameter_name }}));
+            }
+
+            return Set{{ setting.property_name }}(uri);
+        }
         {{~ else ~}}
+        /// <summary>
+        /// Configures {{ setting.description }}.
+        /// </summary>
+        /// <param name=""{{ setting.parameter_name }}"">{{ setting.description | string.capitalize }}.</param>
+        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
         public {{ provider.name }} Set{{ setting.property_name }}({{ setting.clr_type }} {{ setting.parameter_name }})
         {
             if ({{ setting.parameter_name }} is null)
@@ -311,6 +361,7 @@ public partial class OpenIddictClientWebIntegrationBuilder
 
                                     "String" => "string",
                                     "StringHashSet" => "HashSet<string>",
+                                    "Uri" => "Uri",
 
                                     string value => value
                                 }
@@ -458,14 +509,9 @@ public partial class OpenIddictClientWebIntegrationConfiguration
                 throw new InvalidOperationException(SR.FormatID0332(nameof(options.ClientId), Providers.{{ provider.name }}));
             }
 
-            if (options.RedirectUri is null)
-            {
-                throw new InvalidOperationException(SR.FormatID0332(nameof(options.RedirectUri), Providers.{{ provider.name }}));
-            }
-
             {{~ for setting in provider.settings ~}}
             {{~ if setting.required ~}}
-            {{~ if setting.type == 'String' ~}} 
+            {{~ if setting.type == 'String' ~}}
             if (string.IsNullOrEmpty(options.{{ setting.property_name }}))
             {{~ else ~}}
             if (options.{{ setting.property_name }} is null)
@@ -474,6 +520,13 @@ public partial class OpenIddictClientWebIntegrationConfiguration
                 throw new InvalidOperationException(SR.FormatID0332(nameof(options.{{ setting.property_name }}), Providers.{{ provider.name }}));
             }
             {{~ end ~}}
+
+            {{~ if setting.type == 'Uri' ~}}
+            if (!options.{{ setting.property_name }}.IsAbsoluteUri || !options.{{ setting.property_name }}.IsWellFormedOriginalString())
+            {
+                throw new InvalidOperationException(SR.FormatID0350(nameof(options.{{ setting.property_name }}), Providers.{{ provider.name }}));
+            }
+            {{~ end ~}}
             {{~ end ~}}
         }
 
@@ -837,6 +890,7 @@ public partial class OpenIddictClientWebIntegrationOptions
 
                                     "String" => "string",
                                     "StringHashSet" => "HashSet<string>",
+                                    "Uri" => "Uri",
 
                                     string value => value
                                 }
diff --git a/src/OpenIddict.Abstractions/OpenIddictResources.resx b/src/OpenIddict.Abstractions/OpenIddictResources.resx
index fe6a6565..e4641e06 100644
--- a/src/OpenIddict.Abstractions/OpenIddictResources.resx
+++ b/src/OpenIddict.Abstractions/OpenIddictResources.resx
@@ -1340,6 +1340,9 @@ Alternatively, you can disable the token storage feature by calling 'services.Ad
   <data name="ID0349" xml:space="preserve">
     <value>The issuer associated with the resolved client registration doesn't match the specified provider name.</value>
   </data>
+  <data name="ID0350" xml:space="preserve">
+    <value>The '{0}' setting required by the {1} provider integration must be a valid absolute URI.</value>
+  </data>
   <data name="ID2000" xml:space="preserve">
     <value>The security token is missing.</value>
   </data>
diff --git a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml
index 222d930b..4a48d8e4 100644
--- a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml
+++ b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml
@@ -25,6 +25,18 @@
     <Environment Issuer="https://accounts.google.com/" />
   </Provider>
 
+  <Provider Name="Keycloak" Documentation="https://www.keycloak.org/getting-started/getting-started-docker">
+    <!--
+      Note: Keycloak is a self-hosted-only identity provider that doesn't have a generic issuer address.
+      As such, the complete address must always be set in the options and include the realm, if applicable.
+    -->
+
+    <Environment Issuer="{issuer}" />
+
+    <Setting PropertyName="Issuer" ParameterName="issuer" Type="Uri" Required="true"
+             Description="The address used to access the Keycloak identity provider (including the realm, if applicable)" />
+  </Provider>
+
   <Provider Name="LinkedIn" Documentation="https://learn.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/sign-in-with-linkedin">
     <Environment Issuer="https://www.linkedin.com/">
       <Configuration AuthorizationEndpoint="https://www.linkedin.com/oauth/v2/authorization"
diff --git a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xsd b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xsd
index d731191a..0bd868c0 100644
--- a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xsd
+++ b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xsd
@@ -373,6 +373,7 @@
                         <xs:enumeration value="EncryptionKey" />
                         <xs:enumeration value="SigningKey" />
                         <xs:enumeration value="String" />
+                        <xs:enumeration value="Uri" />
                       </xs:restriction>
                     </xs:simpleType>
                   </xs:attribute>