Added ExchangeCodeAsync method for Untappd (#530)

* Added ExchangeCodeAsync Method.
Fix for the JSON structure.
Changed bundle.json for the tests.

* Update src/AspNet.Security.OAuth.Untappd/UntappdAuthenticationHandler.cs

Newer initializer syntax as per suggestion

Co-authored-by: Martin Costello <[email protected]>

* Update src/AspNet.Security.OAuth.Untappd/UntappdAuthenticationHandler.cs

add using as per suggestion

Co-authored-by: Martin Costello <[email protected]>

* Update src/AspNet.Security.OAuth.Untappd/UntappdAuthenticationHandler.cs

add using as per suggestion

Co-authored-by: Martin Costello <[email protected]>

* Changed ParseQueryString to QueryHelpers

* Adapted to failure handling pattern

* indentation

* Fixed test

* Apply suggestions from code review

Minor formatting changes.

Co-authored-by: Martin Costello <[email protected]>

Author: PatGet

src/AspNet.Security.OAuth.Untappd/UntappdAuthenticationHandler.cs

@@ -1,18 +1,23 @@
-/*
+/*
  * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
  * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
  * for more information concerning the license and the contributors participating to this project.
  */
 
+using System;
+using System.Collections.Generic;
 using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Security.Claims;
+using System.Text;
 using System.Text.Encodings.Web;
 using System.Text.Json;
 using System.Threading.Tasks;
+using System.Web;
 using JetBrains.Annotations;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OAuth;
+using Microsoft.AspNetCore.WebUtilities;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 
@@ -29,6 +34,58 @@ public UntappdAuthenticationHandler(
         {
         }
 
+        protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] OAuthCodeExchangeContext context)
+        {
+            var tokenRequestParameters = new Dictionary<string, string>()
+            {
+                ["client_id"] = Options.ClientId,
+                ["redirect_uri"] = context.RedirectUri,
+                ["client_secret"] = Options.ClientSecret,
+                ["code"] = context.Code,
+                ["grant_type"] = "authorization_code",
+            };
+
+            // PKCE https://tools.ietf.org/html/rfc7636#section-4.5, see BuildChallengeUrl
+            if (context.Properties.Items.TryGetValue(OAuthConstants.CodeVerifierKey, out var codeVerifier))
+            {
+                tokenRequestParameters.Add(OAuthConstants.CodeVerifierKey, codeVerifier!);
+                context.Properties.Items.Remove(OAuthConstants.CodeVerifierKey);
+            }
+
+            using var requestContent = new FormUrlEncodedContent(tokenRequestParameters!);
+
+            string address = QueryHelpers.AddQueryString(Options.TokenEndpoint,
+                new Dictionary<string, string?>
+                {
+                    ["client_id"] = Options.ClientId,
+                    ["redirect_uri"] = context.RedirectUri,
+                    ["client_secret"] = Options.ClientSecret,
+                    ["code"] = context.Code
+                });
+
+            using var requestMessage = new HttpRequestMessage(HttpMethod.Get, address);
+            requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
+            requestMessage.Content = requestContent;
+            requestMessage.Version = Backchannel.DefaultRequestVersion;
+
+            using var response = await Backchannel.SendAsync(requestMessage, Context.RequestAborted);
+            if (response.IsSuccessStatusCode)
+            {
+                var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+                return OAuthTokenResponse.Success(payload);
+            }
+            else
+            {
+                Logger.LogWarning("An error occurred while exchanging token codes. " +
+                                  "the remote server returned a {Status} response with the following payload: {Headers} {Body}.",
+                                  /* Status: */ response.StatusCode,
+                                  /* Headers: */ response.Headers.ToString(),
+                                  /* Body: */ await response.Content.ReadAsStringAsync(Context.RequestAborted));
+
+                throw new HttpRequestException("An error occurred while exchanging token codes.");
+            }
+        }
+
         protected override async Task<AuthenticationTicket> CreateTicketAsync(
             [NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties,
@@ -54,7 +111,8 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync(
 
             var principal = new ClaimsPrincipal(identity);
             var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-            context.RunClaimActions(payload.RootElement.GetProperty("user"));
+
+            context.RunClaimActions(payload.RootElement.GetProperty("response").GetProperty("user"));
 
             await Options.Events.CreatingTicket(context);
             return new AuthenticationTicket(context.Principal!, context.Properties, Scheme.Name);

test/AspNet.Security.OAuth.Providers.Tests/Untappd/bundle.json

@@ -12,20 +12,33 @@
         "expires_in": "300"
       }
     },
+    {
+      "uri": "https://untappd.com/oauth/authorize?client_id=my-client-id&redirect_uri=http%3A%2F%2Flocalhost%2Fsignin-untappd&client_secret=my-client-secret&code=a6ed8e7f-471f-44f1-903b-65946475f351",
+      "method": "GET",
+      "contentFormat": "json",
+      "contentJson": {
+        "access_token": "secret-access-token",
+        "token_type": "access",
+        "refresh_token": "secret-refresh-token",
+        "expires_in": "300"
+      }
+    },
     {
       "uri": "https://api.untappd.com/v4/user/info",
       "contentFormat": "json",
       "contentJson": {
-        "user": {
-          "id": "my-id",
-          "first_name": "John",
-          "last_name": "Smith",
-          "user_name": "John Smith",
-          "email": "[email protected]",
-          "url": "https://untappd.local/JohnSmith",
-          "user_avatar": "https://untappd.local/john-smith.png"
+        "response": {
+          "user": {
+            "id": "my-id",
+            "first_name": "John",
+            "last_name": "Smith",
+            "user_name": "John Smith",
+            "email": "[email protected]",
+            "url": "https://untappd.local/JohnSmith",
+            "user_avatar": "https://untappd.local/john-smith.png"
+          }
         }
-      }
-    }
+       }
+     }
   ]
 }