Add a Vkontakte provider

Author: serber

AspNet.Security.OAuth.Providers.sln

@@ -1,7 +1,7 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio 14
-VisualStudioVersion = 14.0.23107.0
+VisualStudioVersion = 14.0.25123.0
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}"
 EndProject
@@ -63,6 +63,8 @@ Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "AspNet.Security.OAuth.Sales
 EndProject
 Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "AspNet.Security.OAuth.Gitter", "src\AspNet.Security.OAuth.Gitter\AspNet.Security.OAuth.Gitter.xproj", "{EDD1BA76-D656-4513-BC65-FEC688CBB9F8}"
 EndProject
+Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "AspNet.Security.OAuth.Vkontakte", "src\AspNet.Security.OAuth.Vkontakte\AspNet.Security.OAuth.Vkontakte.xproj", "{B332222F-43B4-4B3E-8EB3-9BCE29901043}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -181,6 +183,10 @@ Global
 		{EDD1BA76-D656-4513-BC65-FEC688CBB9F8}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{EDD1BA76-D656-4513-BC65-FEC688CBB9F8}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{EDD1BA76-D656-4513-BC65-FEC688CBB9F8}.Release|Any CPU.Build.0 = Release|Any CPU
+		{B332222F-43B4-4B3E-8EB3-9BCE29901043}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{B332222F-43B4-4B3E-8EB3-9BCE29901043}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{B332222F-43B4-4B3E-8EB3-9BCE29901043}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{B332222F-43B4-4B3E-8EB3-9BCE29901043}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -214,5 +220,6 @@ Global
 		{1302E67D-5448-407B-8B8D-709A0BA458E8} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 		{5881BB63-89BD-4397-A61C-69B1844F7615} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 		{EDD1BA76-D656-4513-BC65-FEC688CBB9F8} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
+		{B332222F-43B4-4B3E-8EB3-9BCE29901043} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 	EndGlobalSection
 EndGlobal

samples/Mvc.Client/project.json

@@ -39,6 +39,7 @@
     "AspNet.Security.OAuth.Spotify": { "target": "project" },
     "AspNet.Security.OAuth.Twitch": { "target": "project" },
     "AspNet.Security.OAuth.Vimeo": { "target": "project" },
+    "AspNet.Security.OAuth.Vkontakte": { "target": "project" },
     "AspNet.Security.OAuth.WordPress": { "target": "project" },
     "AspNet.Security.OAuth.Yahoo": { "target": "project" },
     "Microsoft.AspNetCore.Authentication.Cookies": "1.0.0-*",

src/AspNet.Security.OAuth.Vkontakte/AspNet.Security.OAuth.Vkontakte.xproj

@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
+    <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+  </PropertyGroup>
+  <Import Project="$(VSToolsPath)\DotNet\Microsoft.DotNet.Props" Condition="'$(VSToolsPath)' != ''" />
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>b332222f-43b4-4b3e-8eb3-9bce29901043</ProjectGuid>
+	<RootNamespace>AspNet.Security.OAuth.Vkontakte</RootNamespace>
+    <BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">.\obj</BaseIntermediateOutputPath>
+    <OutputPath Condition="'$(OutputPath)'=='' ">.\bin\</OutputPath>
+  </PropertyGroup>
+  <PropertyGroup>
+    <SchemaVersion>2.0</SchemaVersion>
+  </PropertyGroup>
+  <Import Project="$(VSToolsPath)\DotNet\Microsoft.DotNet.targets" Condition="'$(VSToolsPath)' != ''" />
+</Project>

src/AspNet.Security.OAuth.Vkontakte/VkontakteAuthenticationDefault.cs

@@ -0,0 +1,49 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using Microsoft.AspNetCore.Builder;
+
+namespace AspNet.Security.OAuth.Vkontakte {
+    /// <summary>
+    /// Default values used by the Vkontakte authentication middleware.
+    /// </summary>
+    public static class VkontakteAuthenticationDefault {
+        /// <summary>
+        /// Default value for <see cref="AuthenticationOptions.AuthenticationScheme"/>.
+        /// </summary>
+        public const string AuthenticationScheme = "Vkontakte";
+
+        /// <summary>
+        /// Default value for <see cref="RemoteAuthenticationOptions.DisplayName"/>.
+        /// </summary>
+        public const string DisplayName = "Vkontakte";
+
+        /// <summary>
+        /// Default value for <see cref="AuthenticationOptions.ClaimsIssuer"/>.
+        /// </summary>
+        public const string Issuer = "Vkontakte";
+
+        /// <summary>
+        /// Default value for <see cref="RemoteAuthenticationOptions.CallbackPath"/>.
+        /// </summary>
+        public const string CallbackPath = "/signin-vkontakte";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.AuthorizationEndpoint"/>.
+        /// </summary>
+        public const string AuthorizationEndpoint = "https://oauth.vk.com/authorize";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.TokenEndpoint"/>.
+        /// </summary>
+        public const string TokenEndpoint = "https://oauth.vk.com/access_token";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.UserInformationEndpoint"/>.
+        /// </summary>
+        public const string UserInformationEndpoint = "https://api.vk.com/method/users.get.json";
+    }
+}

src/AspNet.Security.OAuth.Vkontakte/VkontakteAuthenticationExtensions.cs

@@ -0,0 +1,60 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System;
+using AspNet.Security.OAuth.Vkontakte;
+using JetBrains.Annotations;
+using Microsoft.Extensions.Options;
+
+namespace Microsoft.AspNetCore.Builder {
+    /// <summary>
+    /// Extension methods to add Vkontakte authentication capabilities to an HTTP application pipeline.
+    /// </summary>
+    public static class VkontakteAuthenticationExtensions {
+        /// <summary>
+        /// Adds the <see cref="VkontakteAuthenticationMiddleware"/> middleware to the specified <see cref="IApplicationBuilder"/>, which enables Vkontakte authentication capabilities.
+        /// </summary>
+        /// <param name="app">The <see cref="IApplicationBuilder"/> to add the middleware to.</param>
+        /// <param name="options">A <see cref="VkontakteAuthenticationOptions"/> that specifies options for the middleware.</param>
+        /// <returns>A reference to this instance after the operation has completed.</returns>
+        public static IApplicationBuilder UseVkontakteAuthentication(
+            [NotNull] this IApplicationBuilder app,
+            [NotNull] VkontakteAuthenticationOptions options) {
+            if (app == null) {
+                throw new ArgumentNullException(nameof(app));
+            }
+
+            if (options == null) {
+                throw new ArgumentNullException(nameof(options));
+            }
+
+            return app.UseMiddleware<VkontakteAuthenticationMiddleware>(Options.Create(options));
+        }
+
+        /// <summary>
+        /// Adds the <see cref="VkontakteAuthenticationMiddleware"/> middleware to the specified <see cref="IApplicationBuilder"/>, which enables Vkontakte authentication capabilities.
+        /// </summary>
+        /// <param name="app">The <see cref="IApplicationBuilder"/> to add the middleware to.</param>
+        /// <param name="configuration">An action delegate to configure the provided <see cref="VkontakteAuthenticationOptions"/>.</param>
+        /// <returns>A reference to this instance after the operation has completed.</returns>
+        public static IApplicationBuilder UseLinkedInAuthentication(
+            [NotNull] this IApplicationBuilder app,
+            [NotNull] Action<VkontakteAuthenticationOptions> configuration) {
+            if (app == null) {
+                throw new ArgumentNullException(nameof(app));
+            }
+
+            if (configuration == null) {
+                throw new ArgumentNullException(nameof(configuration));
+            }
+
+            var options = new VkontakteAuthenticationOptions();
+            configuration(options);
+
+            return app.UseMiddleware<VkontakteAuthenticationMiddleware>(Options.Create(options));
+        }
+    }
+}

src/AspNet.Security.OAuth.Vkontakte/VkontakteAuthenticationHandler.cs

@@ -0,0 +1,60 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Net.Http;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using AspNet.Security.OAuth.Extensions;
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
+using Microsoft.AspNetCore.Http.Authentication;
+using Microsoft.AspNetCore.WebUtilities;
+using Microsoft.Extensions.Logging;
+using Newtonsoft.Json.Linq;
+
+namespace AspNet.Security.OAuth.Vkontakte {
+    public class VkontakteAuthenticationHandler : OAuthHandler<VkontakteAuthenticationOptions> {
+        public VkontakteAuthenticationHandler(HttpClient client)
+            : base(client) {
+        }
+
+        protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity, [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) {
+            var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken);
+
+            if (Options.Fields.Count != 0) {
+                address = QueryHelpers.AddQueryString(address, "fields", string.Join(",", Options.Fields));
+            }
+
+            var response = await Backchannel.GetAsync(address, Context.RequestAborted);
+            if (!response.IsSuccessStatusCode) {
+                Logger.LogError("An error occurred when retrieving the user profile: the remote server " +
+                                "returned a {Status} response with the following payload: {Headers} {Body}.",
+                                /* Status: */ response.StatusCode,
+                                /* Headers: */ response.Headers.ToString(),
+                                /* Body: */ await response.Content.ReadAsStringAsync());
+
+                throw new HttpRequestException("An error occurred when retrieving the user profile.");
+            }
+
+            var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
+            var user = (JObject) payload["response"][0];
+
+            var ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), properties, Options.AuthenticationScheme);
+            var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, user);
+
+            identity.AddOptionalClaim(ClaimTypes.NameIdentifier, VkontakteAuthenticationHelper.GetId(user), Options.ClaimsIssuer)
+                    .AddOptionalClaim(ClaimTypes.GivenName, VkontakteAuthenticationHelper.GetFirstName(user), Options.ClaimsIssuer)
+                    .AddOptionalClaim(ClaimTypes.Surname, VkontakteAuthenticationHelper.GetLastName(user), Options.ClaimsIssuer)
+                    .AddOptionalClaim(ClaimTypes.Name, VkontakteAuthenticationHelper.GetScreenName(user), Options.ClaimsIssuer)
+                    .AddOptionalClaim("urn:vkontakte:link", VkontakteAuthenticationHelper.GetPhoto(user), Options.ClaimsIssuer);
+
+            await Options.Events.CreatingTicket(context);
+
+            return context.Ticket;
+        }
+    }
+}

src/AspNet.Security.OAuth.Vkontakte/VkontakteAuthenticationHelper.cs

@@ -0,0 +1,41 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using JetBrains.Annotations;
+using Newtonsoft.Json.Linq;
+
+namespace AspNet.Security.OAuth.Vkontakte {
+    /// <summary>
+    /// Contains static methods that allow to extract user's information from a <see cref="JObject"/>
+    /// instance retrieved from Vkontakte after a successful authentication process.
+    /// </summary>
+    public static class VkontakteAuthenticationHelper {
+        /// <summary>
+        /// Gets the identifier associated with the logged in user.
+        /// </summary>
+        public static string GetId([NotNull] JObject user) => user.Value<string>("uid");
+
+        /// <summary>
+        /// Gets the first name associated with the logged in user.
+        /// </summary>
+        public static string GetFirstName([NotNull] JObject user) => user.Value<string>("first_name");
+
+        /// <summary>
+        /// Gets the last name associated with the logged in user.
+        /// </summary>
+        public static string GetLastName([NotNull] JObject user) => user.Value<string>("last_name");
+
+        /// <summary>
+        /// Gets the screen name associated with the logged in user.
+        /// </summary>
+        public static string GetScreenName([NotNull] JObject user) => user.Value<string>("screen_name");
+
+        /// <summary>
+        /// Gets the photo associated with the logged in user.
+        /// </summary>
+        public static string GetPhoto([NotNull] JObject user) => user.Value<string>("photo_50");
+    }
+}

src/AspNet.Security.OAuth.Vkontakte/VkontakteAuthenticationMiddleware.cs

@@ -0,0 +1,32 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Text.Encodings.Web;
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
+using Microsoft.AspNetCore.DataProtection;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+
+namespace AspNet.Security.OAuth.Vkontakte {
+    public class VkontakteAuthenticationMiddleware : OAuthMiddleware<VkontakteAuthenticationOptions> {
+        public VkontakteAuthenticationMiddleware(
+            [NotNull] RequestDelegate next,
+            [NotNull] IOptions<VkontakteAuthenticationOptions> options,
+            [NotNull] IDataProtectionProvider dataProtectionProvider,
+            [NotNull] ILoggerFactory loggerFactory,
+            [NotNull] UrlEncoder encoder,
+            [NotNull] IOptions<SharedAuthenticationOptions> sharedOptions)
+            : base(next, dataProtectionProvider, loggerFactory, encoder, sharedOptions, options) {
+        }
+
+        protected override AuthenticationHandler<VkontakteAuthenticationOptions> CreateHandler() {
+            return new VkontakteAuthenticationHandler(Backchannel);
+        }
+    }
+}

src/AspNet.Security.OAuth.Vkontakte/VkontakteAuthenticationOptions.cs

@@ -0,0 +1,43 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Collections.Generic;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Http;
+
+namespace AspNet.Security.OAuth.Vkontakte {
+    /// <summary>
+    /// Configuration options for <see cref="VkontakteAuthenticationMiddleware"/>.
+    /// </summary>
+    public class VkontakteAuthenticationOptions : OAuthOptions {
+        /// <summary>
+        /// Initializes a new <see cref="VkontakteAuthenticationOptions"/>.
+        /// </summary>
+        public VkontakteAuthenticationOptions() {
+            AuthenticationScheme = VkontakteAuthenticationDefault.AuthenticationScheme;
+            DisplayName = VkontakteAuthenticationDefault.DisplayName;
+            ClaimsIssuer = VkontakteAuthenticationDefault.Issuer;
+
+            CallbackPath = new PathString("/signin-vkontakte");
+
+            AuthorizationEndpoint = VkontakteAuthenticationDefault.AuthorizationEndpoint;
+            TokenEndpoint = VkontakteAuthenticationDefault.TokenEndpoint;
+            UserInformationEndpoint = VkontakteAuthenticationDefault.UserInformationEndpoint;
+        }
+
+        /// <summary>
+        /// Gets the list of fields to retrieve from the user information endpoint.
+        /// See https://vk.com/dev/fields for more information.
+        /// </summary>
+        public ICollection<string> Fields { get; } = new HashSet<string> {
+            "uid",
+            "first_name",
+            "last_name",
+            "screen_name",
+            "photo_50"
+        };
+    }
+}