Add Naver Provider (#665)

* Add Naver Provider

Author: Chris Sung

AspNet.Security.OAuth.Providers.sln

@@ -278,6 +278,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNet.Security.OAuth.Xero"
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNet.Security.OAuth.DigitalOcean", "src\AspNet.Security.OAuth.DigitalOcean\AspNet.Security.OAuth.DigitalOcean.csproj", "{FAE6E4C3-5A0D-45A5-9D17-57F4F6DA2593}"
 EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNet.Security.OAuth.Naver", "src\AspNet.Security.OAuth.Naver\AspNet.Security.OAuth.Naver.csproj", "{289A91E9-81A9-422D-9CCD-12819081A29A}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -632,6 +634,10 @@ Global
 		{FAE6E4C3-5A0D-45A5-9D17-57F4F6DA2593}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{FAE6E4C3-5A0D-45A5-9D17-57F4F6DA2593}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{FAE6E4C3-5A0D-45A5-9D17-57F4F6DA2593}.Release|Any CPU.Build.0 = Release|Any CPU
+		{289A91E9-81A9-422D-9CCD-12819081A29A}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{289A91E9-81A9-422D-9CCD-12819081A29A}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{289A91E9-81A9-422D-9CCD-12819081A29A}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{289A91E9-81A9-422D-9CCD-12819081A29A}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -730,6 +736,7 @@ Global
 		{82314BA9-8AB2-46B9-AB12-9109619B8331} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 		{1F869094-FAC8-49B5-92A4-706C028CDF93} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 		{FAE6E4C3-5A0D-45A5-9D17-57F4F6DA2593} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
+		{289A91E9-81A9-422D-9CCD-12819081A29A} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {C7B54DE2-6407-4802-AD9C-CE54BF414C8C}

README.md

@@ -52,6 +52,7 @@ We would love it if you could help contributing to this repository.
 * [Andrii Chebukin](https://github.com/xperiandri)
 * [Anthony Yates](https://github.com/AnthonyYates)
 * [Chino Chang](https://github.com/kinosang)
+* [Chris Sung](https://github.com/christallire)
 * [CoCo Lin](https://github.com/linmasaki)
 * [Dave Timmins](https://github.com/davetimmins)
 * [Dmitry Popov](https://github.com/justdmitry)
@@ -162,6 +163,7 @@ If a provider you're looking for does not exist, consider making a PR to add one
 | Mixcloud | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Mixcloud?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Mixcloud/ "Download AspNet.Security.OAuth.Mixcloud from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Mixcloud?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Mixcloud "Download AspNet.Security.OAuth.Mixcloud from MyGet.org") | [Documentation](https://www.mixcloud.com/developers/#authorization "Mixcloud developer documentation") |
 | Moodle | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Moodle?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Moodle/ "Download AspNet.Security.OAuth.Moodle from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Moodle?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Moodle "Download AspNet.Security.OAuth.Moodle from MyGet.org") | [Documentation](https://github.com/HIT-ReFreSH/moodle-local_oauth "Moodle OAuth2 plugin developer documentation") |
 | Myob | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Myob?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Myob/ "Download AspNet.Security.OAuth.Myob from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Myob?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Myob "Download AspNet.Security.OAuth.Myob from MyGet.org") | [Documentation](https://developer.myob.com/api/accountright/api-overview/authentication/ "Myob developer documentation") |
+| Naver | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Naver?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Naver/ "Download AspNet.Security.OAuth.Naver from NuGet.org") |  [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Naver?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Naver "Download AspNet.Security.OAuth.Naver from MyGet.org") |  [Documentation](https://developers.naver.com/docs/login/api/api.md "Naver login API developer documentation") |
 | NetEase  | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.NetEase?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.NetEase/ "Download AspNet.Security.OAuth.NetEase from NuGet.org") |  [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.NetEase?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.NetEase "Download AspNet.Security.OAuth.NetEase from MyGet.org") |  [Documentation](https://reg.163.com/help/help_oauth2.html "NetEase developer documentation") |
 | Nextcloud | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Nextcloud?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Nextcloud/ "Download AspNet.Security.OAuth.Nextcloud from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Nextcloud?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Nextcloud "Download AspNet.Security.OAuth.Nextcloud from MyGet.org") | [Documentation](https://docs.nextcloud.com/server/14/admin_manual/configuration_server/oauth2.html "Nextcloud developer documentation")  [User EndPoint Documentation](https://docs.nextcloud.com/server/15/developer_manual/client_apis/OCS/index.html#user-metadata "Nextcloud developer documentation") |
 | Notion | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Notion?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Notion/ "Download AspNet.Security.OAuth.Notion from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Notion?includePreReleases=true)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Notion "Download AspNet.Security.OAuth.Notion from MyGet.org") | [Documentation](https://developers.notion.com/docs/authorization#authorizing-public-integrations "Notion developer documentation") |

src/AspNet.Security.OAuth.Naver/AspNet.Security.OAuth.Naver.csproj

@@ -0,0 +1,24 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <PackageValidationBaselineVersion>6.0.5</PackageValidationBaselineVersion>
+    <TargetFrameworks>$(DefaultNetCoreTargetFramework)</TargetFrameworks>
+  </PropertyGroup>
+
+  <!-- TODO Remove once published to NuGet.org -->
+  <PropertyGroup>
+    <DisablePackageBaselineValidation>true</DisablePackageBaselineValidation>
+  </PropertyGroup>
+
+  <PropertyGroup>
+    <Description>ASP.NET Core security middleware enabling Naver authentication.</Description>
+    <Authors>christallire</Authors>
+    <PackageTags>aspnetcore;authentication;naver;oauth;security</PackageTags>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <FrameworkReference Include="Microsoft.AspNetCore.App" />
+    <PackageReference Include="JetBrains.Annotations" PrivateAssets="All" />
+  </ItemGroup>
+
+</Project>

src/AspNet.Security.OAuth.Naver/NaverAuthenticationConstants.cs

@@ -0,0 +1,36 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+namespace AspNet.Security.OAuth.Naver;
+
+/// <summary>
+/// Contains constants specific to the <see cref="NaverAuthenticationHandler"/>.
+/// </summary>
+public static class NaverAuthenticationConstants
+{
+    public static class Claims
+    {
+        /// <summary>
+        /// The claim for the user's nickname.
+        /// </summary>
+        public const string Nickname = "urn:naver:nickname";
+
+        /// <summary>
+        /// The claim for the user's age range.
+        /// </summary>
+        public const string Age = "urn:naver:age";
+
+        /// <summary>
+        /// The claim for the user's year of birth
+        /// </summary>
+        public const string YearOfBirth = "urn:naver:birthyear";
+
+        /// <summary>
+        /// The claim for the user's profile image url
+        /// </summary>
+        public const string ProfileImage = "urn:naver:profile_image";
+    }
+}

src/AspNet.Security.OAuth.Naver/NaverAuthenticationDefaults.cs

@@ -0,0 +1,48 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+namespace AspNet.Security.OAuth.Naver;
+
+/// <summary>
+/// Default values used by the Naver authentication middleware.
+/// </summary>
+public static class NaverAuthenticationDefaults
+{
+    /// <summary>
+    /// Default value for <see cref="AuthenticationScheme.Name"/>.
+    /// </summary>
+    public const string AuthenticationScheme = "Naver";
+
+    /// <summary>
+    /// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
+    /// </summary>
+    public static readonly string DisplayName = "Naver";
+
+    /// <summary>
+    /// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
+    /// </summary>
+    public static readonly string Issuer = "Naver";
+
+    /// <summary>
+    /// Default value for <see cref="RemoteAuthenticationOptions.CallbackPath"/>.
+    /// </summary>
+    public static readonly string CallbackPath = "/signin-naver";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.AuthorizationEndpoint"/>.
+    /// </summary>
+    public static readonly string AuthorizationEndpoint = "https://nid.naver.com/oauth2.0/authorize";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.TokenEndpoint"/>.
+    /// </summary>
+    public static readonly string TokenEndpoint = "	https://nid.naver.com/oauth2.0/token";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.UserInformationEndpoint"/>.
+    /// </summary>
+    public static readonly string UserInformationEndpoint = "https://openapi.naver.com/v1/nid/me";
+}

src/AspNet.Security.OAuth.Naver/NaverAuthenticationExtensions.cs

@@ -0,0 +1,74 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using AspNet.Security.OAuth.Naver;
+
+namespace Microsoft.Extensions.DependencyInjection;
+
+/// <summary>
+/// Extension methods to add Naver authentication capabilities to an HTTP application pipeline.
+/// </summary>
+public static class NaverAuthenticationExtensions
+{
+    /// <summary>
+    /// Adds <see cref="NaverAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Naver authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddNaver([NotNull] this AuthenticationBuilder builder)
+    {
+        return builder.AddNaver(NaverAuthenticationDefaults.AuthenticationScheme, options => { });
+    }
+
+    /// <summary>
+    /// Adds <see cref="NaverAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Naver authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="configuration">The delegate used to configure the OpenID 2.0 options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddNaver(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] Action<NaverAuthenticationOptions> configuration)
+    {
+        return builder.AddNaver(NaverAuthenticationDefaults.AuthenticationScheme, configuration);
+    }
+
+    /// <summary>
+    /// Adds <see cref="NaverAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Naver authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="scheme">The authentication scheme associated with this instance.</param>
+    /// <param name="configuration">The delegate used to configure the Naver options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddNaver(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] string scheme,
+        [NotNull] Action<NaverAuthenticationOptions> configuration)
+    {
+        return builder.AddNaver(scheme, NaverAuthenticationDefaults.DisplayName, configuration);
+    }
+
+    /// <summary>
+    /// Adds <see cref="NaverAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Naver authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="scheme">The authentication scheme associated with this instance.</param>
+    /// <param name="caption">The optional display name associated with this instance.</param>
+    /// <param name="configuration">The delegate used to configure the Naver options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddNaver(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] string scheme,
+        [CanBeNull] string caption,
+        [NotNull] Action<NaverAuthenticationOptions> configuration)
+    {
+        return builder.AddOAuth<NaverAuthenticationOptions, NaverAuthenticationHandler>(scheme, caption, configuration);
+    }
+}

src/AspNet.Security.OAuth.Naver/NaverAuthenticationHandler.cs

@@ -0,0 +1,76 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Net.Http.Headers;
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using System.Text.Json;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+
+namespace AspNet.Security.OAuth.Naver;
+
+public partial class NaverAuthenticationHandler : OAuthHandler<NaverAuthenticationOptions>
+{
+    public NaverAuthenticationHandler(
+        [NotNull] IOptionsMonitor<NaverAuthenticationOptions> options,
+        [NotNull] ILoggerFactory logger,
+        [NotNull] UrlEncoder encoder,
+        [NotNull] ISystemClock clock)
+        : base(options, logger, encoder, clock)
+    {
+    }
+
+    protected override async Task<AuthenticationTicket> CreateTicketAsync(
+        [NotNull] ClaimsIdentity identity,
+        [NotNull] AuthenticationProperties properties,
+        [NotNull] OAuthTokenResponse tokens)
+    {
+        using JsonDocument userProfile = await GetUserProfileAsync(tokens);
+        var principal = new ClaimsPrincipal(identity);
+        var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, userProfile.RootElement);
+        context.RunClaimActions(userProfile.RootElement.GetProperty("response"));
+
+        await Events.CreatingTicket(context);
+        return new AuthenticationTicket(context.Principal!, context.Properties, Scheme.Name);
+    }
+
+    private async Task<JsonDocument> GetUserProfileAsync(
+        [NotNull] OAuthTokenResponse tokens)
+    {
+        using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+        request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
+        request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
+
+        using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+        if (!response.IsSuccessStatusCode)
+        {
+            await Log.UserProfileErrorAsync(Logger, response, Context.RequestAborted);
+            throw new HttpRequestException("An error occurred while retrieving the user profile.");
+        }
+
+        return JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+    }
+
+    private static partial class Log
+    {
+        internal static async Task UserProfileErrorAsync(ILogger logger, HttpResponseMessage response, CancellationToken cancellationToken)
+        {
+            UserProfileError(
+                logger,
+                response.StatusCode,
+                response.Headers.ToString(),
+                await response.Content.ReadAsStringAsync(cancellationToken));
+        }
+
+        [LoggerMessage(1, LogLevel.Error, "An error occurred while retrieving the user profile: the remote server returned a {Status} response with the following payload: {Headers} {Body}.")]
+        private static partial void UserProfileError(
+            ILogger logger,
+            System.Net.HttpStatusCode status,
+            string headers,
+            string body);
+    }
+}

src/AspNet.Security.OAuth.Naver/NaverAuthenticationOptions.cs

@@ -0,0 +1,38 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Security.Claims;
+using System.Text.Json;
+using static AspNet.Security.OAuth.Naver.NaverAuthenticationConstants;
+
+namespace AspNet.Security.OAuth.Naver;
+
+/// <summary>
+/// Defines a set of options used by <see cref="NaverAuthenticationHandler"/>.
+/// </summary>
+public class NaverAuthenticationOptions : OAuthOptions
+{
+    public NaverAuthenticationOptions()
+    {
+        ClaimsIssuer = NaverAuthenticationDefaults.Issuer;
+        CallbackPath = NaverAuthenticationDefaults.CallbackPath;
+
+        AuthorizationEndpoint = NaverAuthenticationDefaults.AuthorizationEndpoint;
+        TokenEndpoint = NaverAuthenticationDefaults.TokenEndpoint;
+        UserInformationEndpoint = NaverAuthenticationDefaults.UserInformationEndpoint;
+
+        ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
+        ClaimActions.MapJsonKey(Claims.Nickname, "nickname");
+        ClaimActions.MapJsonKey(ClaimTypes.Name, "name");
+        ClaimActions.MapJsonKey(ClaimTypes.Email, "email");
+        ClaimActions.MapJsonKey(ClaimTypes.Gender, "gender");
+        ClaimActions.MapJsonKey(Claims.Age, "age");
+        ClaimActions.MapJsonKey(ClaimTypes.DateOfBirth, "birthday");
+        ClaimActions.MapJsonKey(Claims.ProfileImage, "profile_image");
+        ClaimActions.MapJsonKey(Claims.YearOfBirth, "birthyear");
+        ClaimActions.MapJsonKey(ClaimTypes.MobilePhone, "mobile");
+    }
+}