Add Zendesk provider (#587)

Resolves #586.

Author: levimatheri

AspNet.Security.OAuth.Providers.sln

@@ -257,6 +257,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNet.Security.OAuth.Mixcl
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNet.Security.OAuth.AdobeIO", "src\AspNet.Security.OAuth.AdobeIO\AspNet.Security.OAuth.AdobeIO.csproj", "{91BB9A49-9C88-4132-96E4-2D6148ACDE77}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "AspNet.Security.OAuth.Zendesk", "src\AspNet.Security.OAuth.Zendesk\AspNet.Security.OAuth.Zendesk.csproj", "{C90BA18B-E6C4-4E84-AFCC-58A4EE13BA40}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -579,6 +581,10 @@ Global
 		{91BB9A49-9C88-4132-96E4-2D6148ACDE77}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{91BB9A49-9C88-4132-96E4-2D6148ACDE77}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{91BB9A49-9C88-4132-96E4-2D6148ACDE77}.Release|Any CPU.Build.0 = Release|Any CPU
+		{C90BA18B-E6C4-4E84-AFCC-58A4EE13BA40}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{C90BA18B-E6C4-4E84-AFCC-58A4EE13BA40}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{C90BA18B-E6C4-4E84-AFCC-58A4EE13BA40}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{C90BA18B-E6C4-4E84-AFCC-58A4EE13BA40}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -669,6 +675,7 @@ Global
 		{DF2786DF-234D-4A8C-B166-0B8F8B7D527B} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 		{7A2EC21F-D411-4B45-AA3B-70143C1A9E2F} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 		{91BB9A49-9C88-4132-96E4-2D6148ACDE77} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
+		{C90BA18B-E6C4-4E84-AFCC-58A4EE13BA40} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {C7B54DE2-6407-4802-AD9C-CE54BF414C8C}

README.md

@@ -1,3 +1,4 @@
+
 # AspNet.Security.OAuth.Providers
 
 **AspNet.Security.OAuth.Providers** is a **collection of security middleware** that you can use in your **ASP.NET Core** application to support social authentication providers like **[GitHub](https://github.com/)**, **[Foursquare](https://foursquare.com/)** or **[Dropbox](https://www.dropbox.com/)**. It is directly inspired by **[Jerrie Pelser](https://github.com/jerriep)**'s initiative, **[Owin.Security.Providers](https://github.com/RockstarLabs/OwinOAuthProviders)**.
@@ -67,6 +68,7 @@ We would love it if you could help contributing to this repository.
 * [Kévin Chalet](https://github.com/kevinchalet)
 * [Konstantin Mamaev](https://github.com/MrMeison)
 * [LeaFrock](https://github.com/LeaFrock)
+* [Levi Muriuki](https://github.com/levimatheri)
 * [Luke Fulliton](https://github.com/lukefulliton)
 * [Mariusz Zieliński](https://github.com/mariozski)
 * [Martin Costello](https://github.com/martincostello)
@@ -189,6 +191,7 @@ If a provider you're looking for does not exist, consider making a PR to add one
 | Yammer | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Yammer?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Yammer/ "Download AspNet.Security.OAuth.Yammer from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Yammer?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Yammer "Download AspNet.Security.OAuth.Yammer from MyGet.org") | [Documentation](https://developer.yammer.com/docs/oauth-2 "Yammer developer documentation") |
 | Yandex | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Yandex?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Yandex/ "Download AspNet.Security.OAuth.Yandex from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Yandex?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Yandex "Download AspNet.Security.OAuth.Yandex from MyGet.org") | [Documentation](https://tech.yandex.com/oauth/ "Yandex developer documentation") |
 | Zalo | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Zalo?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Zalo/ "Download AspNet.Security.OAuth.Zalo from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Zalo?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Zalo "Download AspNet.Security.OAuth.Zalo from MyGet.org") | [Documentation](https://developers.zalo.me/docs/api/social-api-4 "Zalo developer documentation") |
+| Zendesk | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Zendesk?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Zendesk/ "Download AspNet.Security.OAuth.Zendesk from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Zendesk?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Zendesk "Download AspNet.Security.OAuth.Zendesk from MyGet.org") | [Documentation](https://support.zendesk.com/hc/en-us/articles/203663836#topic_ar1_mfs_qk "Zendesk developer documentation") |
 
 <!--
 | CHANGEME | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.CHANGEME?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.CHANGEME/ "Download AspNet.Security.OAuth.CHANGEME from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.CHANGEME?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.CHANGEME "Download AspNet.Security.OAuth.CHANGEME from MyGet.org") | [Documentation](CHANGEME "CHANGEME developer documentation") |

docs/zendesk.md

@@ -0,0 +1,23 @@
+# Integrating the Zendesk Provider
+
+## Example
+
+```csharp
+services.AddAuthentication(options => /* Auth configuration */)
+        .AddZendesk(options =>
+        {
+            options.ClientId = "my-client-id";
+            options.ClientSecret = "my-client-secret";
+            options.Domain = "https://glowingwaffle.zendesk.com";
+        });
+```
+
+## Required Additional Settings
+
+| Property Name | Property Type | Description | Default Value |
+|:--|:--|:--|:--|
+| `Domain` | `string?` | The Zendesk domain (_Account URL_) to use for authentication. | `null` |
+
+## Optional Settings
+
+_None._

src/AspNet.Security.OAuth.Zendesk/AspNet.Security.OAuth.Zendesk.csproj

@@ -0,0 +1,18 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>$(DefaultNetCoreTargetFramework)</TargetFramework>
+  </PropertyGroup>
+
+  <PropertyGroup>
+    <Description>ASP.NET Core security middleware enabling Zendesk authentication.</Description>
+    <Authors>Levi Muriuki</Authors>
+    <PackageTags>aspnetcore;authentication;oauth;security;zendesk</PackageTags>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <FrameworkReference Include="Microsoft.AspNetCore.App" />
+    <PackageReference Include="JetBrains.Annotations" PrivateAssets="All" />
+  </ItemGroup>
+
+</Project>

src/AspNet.Security.OAuth.Zendesk/ZendeskAuthenticationDefaults.cs

@@ -0,0 +1,52 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
+
+namespace AspNet.Security.OAuth.Zendesk
+{
+    /// <summary>
+    /// Default values used by the Zendesk authentication middleware.
+    /// </summary>
+    public static class ZendeskAuthenticationDefaults
+    {
+        /// <summary>
+        /// Default value for <see cref="AuthenticationScheme.Name"/>.
+        /// </summary>
+        public const string AuthenticationScheme = "Zendesk";
+
+        /// <summary>
+        /// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
+        /// </summary>
+        public const string DisplayName = "Zendesk";
+
+        /// <summary>
+        /// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
+        /// </summary>
+        public const string Issuer = "Zendesk";
+
+        /// <summary>
+        /// Default value for <see cref="RemoteAuthenticationOptions.CallbackPath"/>.
+        /// </summary>
+        public const string CallbackPath = "/signin-zendesk";
+
+        /// <summary>
+        /// Default path for <see cref="OAuthOptions.AuthorizationEndpoint"/>.
+        /// </summary>
+        public const string AuthorizationEndpointPath = "/oauth/authorizations/new";
+
+        /// <summary>
+        /// Default path for <see cref="OAuthOptions.TokenEndpoint"/>.
+        /// </summary>
+        public const string TokenEndpointPath = "/oauth/tokens";
+
+        /// <summary>
+        /// Default path for <see cref="OAuthOptions.UserInformationEndpoint"/>.
+        /// </summary>
+        public const string UserInformationEndpointPath = "/api/v2/users/me";
+    }
+}

src/AspNet.Security.OAuth.Zendesk/ZendeskAuthenticationExtensions.cs

@@ -0,0 +1,81 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System;
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.DependencyInjection.Extensions;
+using Microsoft.Extensions.Options;
+
+namespace AspNet.Security.OAuth.Zendesk
+{
+    /// <summary>
+    /// Extension methods to add Zendesk authentication capabilities to an HTTP application pipeline.
+    /// </summary>
+    public static class ZendeskAuthenticationExtensions
+    {
+        /// <summary>
+        /// Adds <see cref="ZendeskAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Zendesk authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <returns>A reference to this instance after the operation has completed.</returns>
+        public static AuthenticationBuilder AddZendesk([NotNull] this AuthenticationBuilder builder)
+        {
+            return builder.AddZendesk(ZendeskAuthenticationDefaults.AuthenticationScheme, options => { });
+        }
+
+        /// <summary>
+        /// Adds <see cref="ZendeskAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Zendesk authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="configuration">The delegate used to configure the OpenID 2.0 options.</param>
+        /// <returns>A reference to this instance after the operation has completed.</returns>
+        public static AuthenticationBuilder AddZendesk(
+            [NotNull] this AuthenticationBuilder builder,
+            [NotNull] Action<ZendeskAuthenticationOptions> configuration)
+        {
+            return builder.AddZendesk(ZendeskAuthenticationDefaults.AuthenticationScheme, configuration);
+        }
+
+        /// <summary>
+        /// Adds <see cref="ZendeskAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Zendesk authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="scheme">The authentication scheme associated with this instance.</param>
+        /// <param name="configuration">The delegate used to configure the Zendesk options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddZendesk(
+            [NotNull] this AuthenticationBuilder builder,
+            [NotNull] string scheme,
+            [NotNull] Action<ZendeskAuthenticationOptions> configuration)
+        {
+            return builder.AddZendesk(scheme, ZendeskAuthenticationDefaults.DisplayName, configuration);
+        }
+
+        /// <summary>
+        /// Adds <see cref="ZendeskAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Zendesk authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="scheme">The authentication scheme associated with this instance.</param>
+        /// <param name="caption">The optional display name associated with this instance.</param>
+        /// <param name="configuration">The delegate used to configure the Zendesk options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddZendesk(
+            [NotNull] this AuthenticationBuilder builder,
+            [NotNull] string scheme,
+            [CanBeNull] string caption,
+            [NotNull] Action<ZendeskAuthenticationOptions> configuration)
+        {
+            builder.Services.TryAddSingleton<IPostConfigureOptions<ZendeskAuthenticationOptions>, ZendeskPostConfigureOptions>();
+            return builder.AddOAuth<ZendeskAuthenticationOptions, ZendeskAuthenticationHandler>(scheme, caption, configuration);
+        }
+    }
+}

src/AspNet.Security.OAuth.Zendesk/ZendeskAuthenticationHandler.cs

@@ -0,0 +1,63 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Net.Http;
+using System.Net.Http.Headers;
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using System.Text.Json;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+
+namespace AspNet.Security.OAuth.Zendesk
+{
+    public class ZendeskAuthenticationHandler : OAuthHandler<ZendeskAuthenticationOptions>
+    {
+        public ZendeskAuthenticationHandler(
+            [NotNull] IOptionsMonitor<ZendeskAuthenticationOptions> options,
+            [NotNull] ILoggerFactory logger,
+            [NotNull] UrlEncoder encoder,
+            [NotNull] ISystemClock clock)
+            : base(options, logger, encoder, clock)
+        {
+        }
+
+        protected override async Task<AuthenticationTicket> CreateTicketAsync(
+            [NotNull] ClaimsIdentity identity,
+            [NotNull] AuthenticationProperties properties,
+            [NotNull] OAuthTokenResponse tokens)
+        {
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
+            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
+
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            if (!response.IsSuccessStatusCode)
+            {
+                Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
+                                "returned a {Status} response with the following payload: {Headers} {Body}.",
+                                /* Status: */ response.StatusCode,
+                                /* Headers: */ response.Headers.ToString(),
+                                /* Body: */ await response.Content.ReadAsStringAsync(Context.RequestAborted));
+
+                throw new HttpRequestException("An error occurred while retrieving the user profile.");
+            }
+
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement.GetProperty("user"));
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal!, context.Properties, Scheme.Name);
+        }
+    }
+}

src/AspNet.Security.OAuth.Zendesk/ZendeskAuthenticationOptions.cs

@@ -0,0 +1,64 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System;
+using System.Security.Claims;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
+
+namespace AspNet.Security.OAuth.Zendesk
+{
+    public class ZendeskAuthenticationOptions : OAuthOptions
+    {
+        /// <summary>
+        /// Defines a set of options used by <see cref="ZendeskAuthenticationHandler"/>.
+        /// </summary>
+        public ZendeskAuthenticationOptions()
+        {
+            ClaimsIssuer = ZendeskAuthenticationDefaults.Issuer;
+            CallbackPath = ZendeskAuthenticationDefaults.CallbackPath;
+
+            ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
+            ClaimActions.MapJsonKey(ClaimTypes.Name, "name");
+            ClaimActions.MapJsonKey(ClaimTypes.Email, "email");
+
+            Scope.Add("read");
+        }
+
+        /// <summary>
+        /// Gets or sets the Zendesk domain name.
+        /// For example: <c>glowingwaffle.zendesk.com</c>.
+        /// </summary>
+        public string? Domain { get; set; }
+
+        /// <inheritdoc/>
+        public override void Validate()
+        {
+            base.Validate();
+
+            if (!Uri.TryCreate(AuthorizationEndpoint, UriKind.Absolute, out _))
+            {
+                throw new ArgumentException(
+                    $"The '{nameof(AuthorizationEndpoint)}' option must be set to a valid URI.",
+                    nameof(AuthorizationEndpoint));
+            }
+
+            if (!Uri.TryCreate(TokenEndpoint, UriKind.Absolute, out _))
+            {
+                throw new ArgumentException(
+                    $"The '{nameof(TokenEndpoint)}' option must be set to a valid URI.",
+                    nameof(TokenEndpoint));
+            }
+
+            if (!Uri.TryCreate(UserInformationEndpoint, UriKind.Absolute, out _))
+            {
+                throw new ArgumentException(
+                    $"The '{nameof(UserInformationEndpoint)}' option must be set to a valid URI.",
+                    nameof(UserInformationEndpoint));
+            }
+        }
+    }
+}