Add Basecamp provider (#406)

* Adding Luke Fulliton as a contributor.

* Added new provider, Basecamp.

* Moved the basecamp provider project location to the same location that the other providers reside.

* Added Basecamp Tests.  Basecamp Tests pass successfully.

* Updated the README.md file

* Removed unnecessary JSON property check in the BasecampAuthenticationHandler.

Author: lukefulliton

AspNet.Security.OAuth.Providers.sln

@@ -185,6 +185,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "docs", "docs", "{C2CA4B38-A
 		docs\sign-in-with-apple.md = docs\sign-in-with-apple.md
 	EndProjectSection
 EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNet.Security.OAuth.Basecamp", "src\AspNet.Security.OAuth.Basecamp\AspNet.Security.OAuth.Basecamp.csproj", "{42306484-B2BF-4B52-B950-E0CDFA58B02A}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -435,6 +437,10 @@ Global
 		{E82424B3-0E73-4954-B6A6-BFF1029A08DE}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{E82424B3-0E73-4954-B6A6-BFF1029A08DE}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{E82424B3-0E73-4954-B6A6-BFF1029A08DE}.Release|Any CPU.Build.0 = Release|Any CPU
+		{42306484-B2BF-4B52-B950-E0CDFA58B02A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{42306484-B2BF-4B52-B950-E0CDFA58B02A}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{42306484-B2BF-4B52-B950-E0CDFA58B02A}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{42306484-B2BF-4B52-B950-E0CDFA58B02A}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -506,6 +512,7 @@ Global
 		{0D9EB03D-99AF-4A80-B7CE-2302A8D3747B} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 		{E82424B3-0E73-4954-B6A6-BFF1029A08DE} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 		{C2CA4B38-AA21-4CA4-8799-2E8C8C06754F} = {E9DAB098-A902-4EF5-9AEE-CF735DF31E35}
+		{42306484-B2BF-4B52-B950-E0CDFA58B02A} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {C7B54DE2-6407-4802-AD9C-CE54BF414C8C}

README.md

@@ -67,6 +67,7 @@ We would love it if you could help contributing to this repository.
 * [Jordan Knight](https://github.com/jakkaj)
 * [Kévin Chalet](https://github.com/kevinchalet)
 * [Konstantin Mamaev](https://github.com/MrMeison)
+* [Luke Fulliton](https://github.com/lukefulliton)
 * [Mariusz Zieliński](https://github.com/mariozski)
 * [Martin Costello](https://github.com/martincostello)
 * [Maxime Roussin-Bélanger](https://github.com/Lorac)
@@ -113,6 +114,7 @@ If a provider you're looking for does not exist, consider making a PR to add one
 | Autodesk | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Autodesk?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Autodesk/ "Download AspNet.Security.OAuth.Autodesk from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Autodesk?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Autodesk "Download AspNet.Security.OAuth.Autodesk from MyGet.org") | [Documentation](https://forge.autodesk.com/en/docs/oauth/v2/developers_guide/overview/ "Autodesk developer documentation") |
 | Automatic | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Automatic?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Automatic/ "Download AspNet.Security.OAuth.Automatic from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Automatic?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Automatic "Download AspNet.Security.OAuth.Automatic from MyGet.org") | [Documentation](https://developer.automatic.com/documentation/ "Automatic developer documentation") |
 | Baidu | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Baidu?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Baidu/ "Download AspNet.Security.OAuth.Baidu from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Baidu?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Baidu "Download AspNet.Security.OAuth.Baidu from MyGet.org") | [Documentation](https://developer.baidu.com/ "Baidu developer documentation") |
+| Basecamp | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Basecamp?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Basecamp/ "Download AspNet.Security.OAuth.Basecamp from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Basecamp?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Basecamp "Download AspNet.Security.OAuth.Basecamp from MyGet.org") | [Documentation](https://github.com/basecamp/api/blob/master/sections/authentication.md "Basecamp developer documentation") |
 | BattleNet | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.BattleNet?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.BattleNet/ "Download AspNet.Security.OAuth.BattleNet from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.BattleNet?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.BattleNet "Download AspNet.Security.OAuth.BattleNet from MyGet.org") | [Documentation](https://develop.battle.net/documentation/guides/using-oauth "BattleNet developer documentation") |
 | Beam (Mixer) | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Beam?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Beam/ "Download AspNet.Security.OAuth.Beam from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Beam?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Beam "Download AspNet.Security.OAuth.Beam from MyGet.org") | [Documentation](https://dev.mixer.com/reference/oauth "Mixer developer documentation") |
 | Bitbucket | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Bitbucket?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Bitbucket/ "Download AspNet.Security.OAuth.Bitbucket from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Bitbucket?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Bitbucket "Download AspNet.Security.OAuth.Bitbucket from MyGet.org") | [Documentation](https://developer.atlassian.com/bitbucket/api/2/reference/meta/authentication "Bitbucket developer documentation") |

src/AspNet.Security.OAuth.Basecamp/AspNet.Security.OAuth.Basecamp.csproj

@@ -0,0 +1,18 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFrameworks>netcoreapp3.1</TargetFrameworks>
+  </PropertyGroup>
+
+  <PropertyGroup>
+    <Description>ASP.NET Core security middleware enabling Basecamp authentication.</Description>
+    <Authors>Luke Fulliton</Authors>
+    <PackageTags>basecamp;37signal;aspnetcore;authentication;oauth;security</PackageTags>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <FrameworkReference Include="Microsoft.AspNetCore.App" />
+    <PackageReference Include="JetBrains.Annotations" Version="$(JetBrainsVersion)" PrivateAssets="All" />
+  </ItemGroup>
+
+</Project>

src/AspNet.Security.OAuth.Basecamp/BasecampAuthenticationDefaults.cs

@@ -0,0 +1,52 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
+
+namespace AspNet.Security.OAuth.Basecamp
+{
+    /// <summary>
+    /// Default values used by the Basecamp authentication middleware.
+    /// </summary>
+    public static class BasecampAuthenticationDefaults
+    {
+        /// <summary>
+        /// Default value for <see cref="AuthenticationScheme.Name"/>.
+        /// </summary>
+        public const string AuthenticationScheme = "Basecamp";
+
+        /// <summary>
+        /// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
+        /// </summary>
+        public const string DisplayName = "Basecamp";
+
+        /// <summary>
+        /// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
+        /// </summary>
+        public const string Issuer = "Basecamp";
+
+        /// <summary>
+        /// Default value for <see cref="RemoteAuthenticationOptions.CallbackPath"/>.
+        /// </summary>
+        public const string CallbackPath = "/signin-basecamp";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.AuthorizationEndpoint"/>.
+        /// </summary>
+        public const string AuthorizationEndpoint = "https://launchpad.37signals.com/authorization/new?type=web_server";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.TokenEndpoint"/>.
+        /// </summary>
+        public const string TokenEndpoint = "https://launchpad.37signals.com/authorization/token?type=web_server";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.UserInformationEndpoint"/>.
+        /// </summary>
+        public const string UserInformationEndpoint = "https://launchpad.37signals.com/authorization.json";
+    }
+}

src/AspNet.Security.OAuth.Basecamp/BasecampAuthenticationExtensions.cs

@@ -0,0 +1,78 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System;
+using AspNet.Security.OAuth.Basecamp;
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+
+namespace Microsoft.Extensions.DependencyInjection
+{
+    /// <summary>
+    /// Extension methods to add Basecamp authentication capabilities to an HTTP application pipeline.
+    /// </summary>
+    public static class BasecampAuthenticationExtensions
+    {
+        /// <summary>
+        /// Adds <see cref="BasecampAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Basecamp authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <returns>A reference to this instance after the operation has completed.</returns>
+        public static AuthenticationBuilder AddBasecamp([NotNull] this AuthenticationBuilder builder)
+        {
+            return builder.AddBasecamp(BasecampAuthenticationDefaults.AuthenticationScheme, options => { });
+        }
+
+        /// <summary>
+        /// Adds <see cref="BasecampAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Basecamp authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="configuration">The delegate used to configure the OpenID 2.0 options.</param>
+        /// <returns>A reference to this instance after the operation has completed.</returns>
+        public static AuthenticationBuilder AddBasecamp(
+            [NotNull] this AuthenticationBuilder builder,
+            [NotNull] Action<BasecampAuthenticationOptions> configuration)
+        {
+            return builder.AddBasecamp(BasecampAuthenticationDefaults.AuthenticationScheme, configuration);
+        }
+
+        /// <summary>
+        /// Adds <see cref="BasecampAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Basecamp authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="scheme">The authentication scheme associated with this instance.</param>
+        /// <param name="configuration">The delegate used to configure the Basecamp options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddBasecamp(
+            [NotNull] this AuthenticationBuilder builder,
+            [NotNull] string scheme,
+            [NotNull] Action<BasecampAuthenticationOptions> configuration)
+        {
+            return builder.AddBasecamp(scheme, BasecampAuthenticationDefaults.DisplayName, configuration);
+        }
+
+        /// <summary>
+        /// Adds <see cref="BasecampAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables Basecamp authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="scheme">The authentication scheme associated with this instance.</param>
+        /// <param name="caption">The optional display name associated with this instance.</param>
+        /// <param name="configuration">The delegate used to configure the Basecamp options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddBasecamp(
+            [NotNull] this AuthenticationBuilder builder,
+            [NotNull] string scheme,
+            [CanBeNull] string caption,
+            [NotNull] Action<BasecampAuthenticationOptions> configuration)
+        {
+            return builder.AddOAuth<BasecampAuthenticationOptions, BasecampAuthenticationHandler>(scheme, caption, configuration);
+        }
+    }
+}

src/AspNet.Security.OAuth.Basecamp/BasecampAuthenticationHandler.cs

@@ -0,0 +1,63 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Net.Http;
+using System.Net.Http.Headers;
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using System.Text.Json;
+using System.Threading.Tasks;
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+
+namespace AspNet.Security.OAuth.Basecamp
+{
+    public class BasecampAuthenticationHandler : OAuthHandler<BasecampAuthenticationOptions>
+    {
+        public BasecampAuthenticationHandler(
+            [NotNull] IOptionsMonitor<BasecampAuthenticationOptions> options,
+            [NotNull] ILoggerFactory logger,
+            [NotNull] UrlEncoder encoder,
+            [NotNull] ISystemClock clock)
+            : base(options, logger, encoder, clock)
+        {
+        }
+
+        protected override async Task<AuthenticationTicket> CreateTicketAsync(
+            [NotNull] ClaimsIdentity identity,
+            [NotNull] AuthenticationProperties properties,
+            [NotNull] OAuthTokenResponse tokens)
+        {
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
+            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
+
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            if (!response.IsSuccessStatusCode)
+            {
+                Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
+                                "returned a {Status} response with the following payload: {Headers} {Body}.",
+                                /* Status: */ response.StatusCode,
+                                /* Headers: */ response.Headers.ToString(),
+                                /* Body: */ await response.Content.ReadAsStringAsync());
+
+                throw new HttpRequestException("An error occurred while retrieving the user profile.");
+            }
+
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
+        }
+    }
+}

src/AspNet.Security.OAuth.Basecamp/BasecampAuthenticationOptions.cs

@@ -0,0 +1,32 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Security.Claims;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
+
+namespace AspNet.Security.OAuth.Basecamp
+{
+    /// <summary>
+    /// Defines a set of options used by <see cref="BasecampAuthenticationHandler"/>.
+    /// </summary>
+    public class BasecampAuthenticationOptions : OAuthOptions
+    {
+        public BasecampAuthenticationOptions()
+        {
+            ClaimsIssuer = BasecampAuthenticationDefaults.Issuer;
+            CallbackPath = BasecampAuthenticationDefaults.CallbackPath;
+            AuthorizationEndpoint = BasecampAuthenticationDefaults.AuthorizationEndpoint;
+            TokenEndpoint = BasecampAuthenticationDefaults.TokenEndpoint;
+            UserInformationEndpoint = BasecampAuthenticationDefaults.UserInformationEndpoint;
+
+            ClaimActions.MapJsonSubKey(ClaimTypes.NameIdentifier, "identity", "id");
+            ClaimActions.MapJsonSubKey(ClaimTypes.GivenName, "identity", "first_name");
+            ClaimActions.MapJsonSubKey(ClaimTypes.Surname, "identity", "last_name");
+            ClaimActions.MapJsonSubKey(ClaimTypes.Email, "identity", "email_address");
+        }
+    }
+}

test/AspNet.Security.OAuth.Providers.Tests/Basecamp/BasecampTests.cs

@@ -0,0 +1,47 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Security.Claims;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.DependencyInjection;
+using Xunit;
+using Xunit.Abstractions;
+
+namespace AspNet.Security.OAuth.Basecamp
+{
+    public class BasecampTests : OAuthTests<BasecampAuthenticationOptions>
+    {
+        public BasecampTests(ITestOutputHelper outputHelper)
+        {
+            OutputHelper = outputHelper;
+        }
+
+        public override string DefaultScheme => BasecampAuthenticationDefaults.AuthenticationScheme;
+
+        protected internal override void RegisterAuthentication(AuthenticationBuilder builder)
+        {
+            builder.AddBasecamp(options => ConfigureDefaults(builder, options));
+        }
+
+        [Theory]
+        [InlineData(ClaimTypes.NameIdentifier, "12345678")]
+        [InlineData(ClaimTypes.GivenName, "John")]
+        [InlineData(ClaimTypes.Surname, "Smith")]
+        [InlineData(ClaimTypes.Email, "[email protected]")]
+        public async Task Can_Sign_In_Using_Basecamp(string claimType, string claimValue)
+        {
+            // Arrange
+            using var server = CreateTestServer();
+
+            // Act
+            var claims = await AuthenticateUserAsync(server);
+
+            // Assert
+            AssertClaim(claims, claimType, claimValue);
+        }
+    }
+}