Introduce a force_verify option in the Twitch provider

zAfLu · kevinchalet · commit 1909b75cc8fa · 2019-01-20T13:56:59.000+01:00
diff --git a/README.md b/README.md
@@ -60,6 +60,7 @@ We would love it if you could help contributing to this repository.
 * [Tathagata Chakraborty](https://github.com/tatx)
 * [Tommy Parnell](https://github.com/tparnell8)
 * [Yannic Smeets](https://github.com/yannicsmeets)
+* [zAfLu](https://github.com/zAfLu)
 * [zhengchun](https://github.com/zhengchun)
 
 ## Support
diff --git a/src/AspNet.Security.OAuth.Twitch/TwitchAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Twitch/TwitchAuthenticationHandler.cs
@@ -4,6 +4,7 @@
  * for more information concerning the license and the contributors participating to this project.
  */
 
+using System.Collections.Generic;
 using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Security.Claims;
@@ -12,6 +13,7 @@
 using JetBrains.Annotations;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OAuth;
+using Microsoft.AspNetCore.WebUtilities;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Newtonsoft.Json.Linq;
@@ -29,6 +31,17 @@ public TwitchAuthenticationHandler(
         {
         }
 
+        protected override string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri)
+            => QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, new Dictionary<string, string>
+            {
+                ["client_id"] = Options.ClientId,
+                ["scope"] = FormatScope(),
+                ["response_type"] = "code",
+                ["redirect_uri"] = redirectUri,
+                ["state"] = Options.StateDataFormat.Protect(properties),
+                ["force_verify"] = Options.ForceVerify ? "true" : "false"
+            });
+
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
diff --git a/src/AspNet.Security.OAuth.Twitch/TwitchAuthenticationOptions.cs b/src/AspNet.Security.OAuth.Twitch/TwitchAuthenticationOptions.cs
@@ -73,5 +73,12 @@ public TwitchAuthenticationOptions()
                 return user["data"]?[0]?.Value<string>("offline_image_url");
             });
         }
+
+        /// <summary>
+        /// Gets or sets a boolean indicating whether the "force_verify=true" flag should be sent to Twitch.
+        /// When set to <c>true</c>, Twitch displays the consent screen for every authorization request.
+        /// When left to <c>false</c>, the consent screen is skipped if the user is already logged in.
+        /// </summary>
+        public bool ForceVerify { get; set; }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -73,5 +73,12 @@ public TwitchAuthenticationOptions()`
`73`	`73`	`return user["data"]?[0]?.Value<string>("offline_image_url");`
`74`	`74`	`});`
`75`	`75`	`}`
	`76`	`+`
	`77`	`+ /// <summary>`
	`78`	`+ /// Gets or sets a boolean indicating whether the "force_verify=true" flag should be sent to Twitch.`
	`79`	`+ /// When set to <c>true</c>, Twitch displays the consent screen for every authorization request.`
	`80`	`+ /// When left to <c>false</c>, the consent screen is skipped if the user is already logged in.`
	`81`	`+ /// </summary>`
	`82`	`+ public bool ForceVerify { get; set; }`
`76`	`83`	`}`
`77`	`84`	`}`