Migrate the Gitter provider to ASP.NET Core 2.0

Author: haydenhancock

samples/Mvc.Client/Mvc.Client.csproj

@@ -24,6 +24,7 @@
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.Fitbit\AspNet.Security.OAuth.Fitbit.csproj" />
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.Foursquare\AspNet.Security.OAuth.Foursquare.csproj" />
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.GitHub\AspNet.Security.OAuth.GitHub.csproj" />
+    <ProjectReference Include="..\..\src\AspNet.Security.OAuth.Gitter\AspNet.Security.OAuth.Gitter.csproj" />
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.HealthGraph\AspNet.Security.OAuth.HealthGraph.csproj" />
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.Imgur\AspNet.Security.OAuth.Imgur.csproj" />
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.Instagram\AspNet.Security.OAuth.Instagram.csproj" />

src/AspNet.Security.OAuth.Gitter/AspNet.Security.OAuth.Gitter.csproj

@@ -3,19 +3,15 @@
   <Import Project="..\..\build\packages.props" />
 
   <PropertyGroup>
-    <TargetFrameworks>net451;netstandard1.3</TargetFrameworks>
+    <TargetFramework>netstandard2.0</TargetFramework>
   </PropertyGroup>
 
   <PropertyGroup>
     <Description>ASP.NET Core security middleware enabling Gitter authentication.</Description>
-    <Authors>Maxime Roussin-Bélanger</Authors>
+    <Authors>Maxime Roussin-Bélanger;Hayden Hancock</Authors>
     <PackageTags>aspnetcore;authentication;gitter;oauth;security</PackageTags>
   </PropertyGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\AspNet.Security.OAuth.Extensions\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <PackageReference Include="JetBrains.Annotations" Version="$(JetBrainsVersion)" PrivateAssets="All" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.OAuth" Version="$(AspNetCoreVersion)" />

src/AspNet.Security.OAuth.Gitter/GitterAuthenticationDefaults.cs

@@ -4,7 +4,8 @@
  * for more information concerning the license and the contributors participating to this project.
  */
 
-using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
 
 namespace AspNet.Security.OAuth.Gitter
 {
@@ -14,17 +15,17 @@ namespace AspNet.Security.OAuth.Gitter
     public static class GitterAuthenticationDefaults
     {
         /// <summary>
-        /// Default value for <see cref="AuthenticationOptions.AuthenticationScheme"/>.
+        /// Default value for <see cref="AuthenticationScheme.Name"/>.
         /// </summary>
         public const string AuthenticationScheme = "Gitter";
 
         /// <summary>
-        /// Default value for <see cref="RemoteAuthenticationOptions.DisplayName"/>.
+        /// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
         /// </summary>
         public const string DisplayName = "Gitter";
 
         /// <summary>
-        /// Default value for <see cref="AuthenticationOptions.ClaimsIssuer"/>.
+        /// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
         /// </summary>
         public const string Issuer = "Gitter";
 

src/AspNet.Security.OAuth.Gitter/GitterAuthenticationExtensions.cs

@@ -7,64 +7,70 @@
 using System;
 using AspNet.Security.OAuth.Gitter;
 using JetBrains.Annotations;
-using Microsoft.Extensions.Options;
+using Microsoft.AspNetCore.Authentication;
 
-namespace Microsoft.AspNetCore.Builder
+namespace Microsoft.Extensions.DependencyInjection
 {
     /// <summary>
     /// Extension methods to add Gitter authentication capabilities to an HTTP application pipeline.
     /// </summary>
     public static class GitterAuthenticationExtensions
     {
         /// <summary>
-        /// Adds the <see cref="GitterAuthenticationMiddleware"/> middleware to the specified
-        /// <see cref="IApplicationBuilder"/>, which enables GitHub authentication capabilities.
+        /// Adds <see cref="GitterAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Gitter authentication capabilities.
         /// </summary>
-        /// <param name="app">The <see cref="IApplicationBuilder"/> to add the middleware to.</param>
-        /// <param name="options">A <see cref="GitterAuthenticationOptions"/> that specifies options for the middleware.</param>
-        /// <returns>A reference to this instance after the operation has completed.</returns>
-        public static IApplicationBuilder UseGitterAuthentication(
-            [NotNull] this IApplicationBuilder app,
-            [NotNull] GitterAuthenticationOptions options)
+        /// <param name="builder">The authentication builder.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddGitter([NotNull] this AuthenticationBuilder builder)
         {
-            if (app == null)
-            {
-                throw new ArgumentNullException(nameof(app));
-            }
-
-            if (options == null)
-            {
-                throw new ArgumentNullException(nameof(options));
-            }
-
-            return app.UseMiddleware<GitterAuthenticationMiddleware>(Options.Create(options));
+            return builder.AddGitter(GitterAuthenticationDefaults.AuthenticationScheme, options => { });
         }
 
         /// <summary>
-        /// Adds the <see cref="GitterAuthenticationMiddleware"/> middleware to the specified
-        /// <see cref="IApplicationBuilder"/>, which enables Gitter authentication capabilities.
+        /// Adds <see cref="GitterAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Gitter authentication capabilities.
         /// </summary>
-        /// <param name="app">The <see cref="IApplicationBuilder"/> to add the middleware to.</param>
-        /// <param name="configuration">An action delegate to configure the provided <see cref="GitterAuthenticationOptions"/>.</param>
-        /// <returns>A reference to this instance after the operation has completed.</returns>
-        public static IApplicationBuilder UseGitterAuthentication(
-            [NotNull] this IApplicationBuilder app,
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="configuration">The delegate used to configure the OpenID 2.0 options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddGitter(
+            [NotNull] this AuthenticationBuilder builder,
             [NotNull] Action<GitterAuthenticationOptions> configuration)
         {
-            if (app == null)
-            {
-                throw new ArgumentNullException(nameof(app));
-            }
-
-            if (configuration == null)
-            {
-                throw new ArgumentNullException(nameof(configuration));
-            }
+            return builder.AddGitter(GitterAuthenticationDefaults.AuthenticationScheme, configuration);
+        }
 
-            var options = new GitterAuthenticationOptions();
-            configuration(options);
+        /// <summary>
+        /// Adds <see cref="GitterAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Gitter authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="scheme">The authentication scheme associated with this instance.</param>
+        /// <param name="configuration">The delegate used to configure the Gitter options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddGitter(
+            [NotNull] this AuthenticationBuilder builder, [NotNull] string scheme,
+            [NotNull] Action<GitterAuthenticationOptions> configuration)
+        {
+            return builder.AddGitter(scheme, GitterAuthenticationDefaults.DisplayName, configuration);
+        }
 
-            return app.UseMiddleware<GitterAuthenticationMiddleware>(Options.Create(options));
+        /// <summary>
+        /// Adds <see cref="GitterAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Gitter authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="scheme">The authentication scheme associated with this instance.</param>
+        /// <param name="name">The optional display name associated with this instance.</param>
+        /// <param name="configuration">The delegate used to configure the Gitter options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddGitter(
+            [NotNull] this AuthenticationBuilder builder,
+            [NotNull] string scheme, [CanBeNull] string name,
+            [NotNull] Action<GitterAuthenticationOptions> configuration)
+        {
+            return builder.AddOAuth<GitterAuthenticationOptions, GitterAuthenticationHandler>(scheme, name, configuration);
         }
     }
 }

src/AspNet.Security.OAuth.Gitter/GitterAuthenticationHandler.cs

@@ -7,21 +7,25 @@
 using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Security.Claims;
+using System.Text.Encodings.Web;
 using System.Threading.Tasks;
-using AspNet.Security.OAuth.Extensions;
 using JetBrains.Annotations;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OAuth;
-using Microsoft.AspNetCore.Http.Authentication;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Newtonsoft.Json.Linq;
 
 namespace AspNet.Security.OAuth.Gitter
 {
     public class GitterAuthenticationHandler : OAuthHandler<GitterAuthenticationOptions>
     {
-        public GitterAuthenticationHandler([NotNull] HttpClient client)
-            : base(client)
+        public GitterAuthenticationHandler(
+            [NotNull] IOptionsMonitor<GitterAuthenticationOptions> options,
+            [NotNull] ILoggerFactory logger,
+            [NotNull] UrlEncoder encoder,
+            [NotNull] ISystemClock clock)
+            : base(options, logger, encoder, clock)
         {
         }
 
@@ -30,7 +34,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull]
         {
             var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
-            request.Headers.Authorization = new AuthenticationHeaderValue(tokens.TokenType, tokens.AccessToken);
+            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
             var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
@@ -44,23 +48,14 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull]
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            var payload = JArray.Parse(await response.Content.ReadAsStringAsync());
-            var user = (JObject) payload[0];
-
-            identity.AddOptionalClaim(ClaimTypes.NameIdentifier, GitterAuthenticationHelper.GetIdentifier(user), Options.ClaimsIssuer)
-                    .AddOptionalClaim(ClaimTypes.Name, GitterAuthenticationHelper.GetUsername(user), Options.ClaimsIssuer)
-                    .AddOptionalClaim(ClaimTypes.Webpage, GitterAuthenticationHelper.GetLink(user), Options.ClaimsIssuer)
-                    .AddOptionalClaim("urn:gitter:displayname", GitterAuthenticationHelper.GetDisplayName(user), Options.ClaimsIssuer)
-                    .AddOptionalClaim("urn:gitter:avatarurlsmall", GitterAuthenticationHelper.GetAvatarUrlSmall(user), Options.ClaimsIssuer)
-                    .AddOptionalClaim("urn:gitter:avatarurlmedium", GitterAuthenticationHelper.GetAvatarUrlMedium(user), Options.ClaimsIssuer);
+            var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
 
             var principal = new ClaimsPrincipal(identity);
-            var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload);
+            context.RunClaimActions(payload);
 
-            var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, user);
             await Options.Events.CreatingTicket(context);
-
-            return context.Ticket;
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }