Migrate the VisualStudio provider to ASP.NET Core 2.0

Author: kinosang

samples/Mvc.Client/Mvc.Client.csproj

@@ -41,6 +41,7 @@
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.Twitch\AspNet.Security.OAuth.Twitch.csproj" />
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.Untappd\AspNet.Security.OAuth.Untappd.csproj" />
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.Vimeo\AspNet.Security.OAuth.Vimeo.csproj" />
+    <ProjectReference Include="..\..\src\AspNet.Security.OAuth.VisualStudio\AspNet.Security.OAuth.VisualStudio.csproj" />
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.Vkontakte\AspNet.Security.OAuth.Vkontakte.csproj" />
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.Weibo\AspNet.Security.OAuth.Weibo.csproj" />
     <ProjectReference Include="..\..\src\AspNet.Security.OAuth.Weixin\AspNet.Security.OAuth.Weixin.csproj" />

src/AspNet.Security.OAuth.VisualStudio/AspNet.Security.OAuth.VisualStudio.csproj

@@ -3,7 +3,7 @@
   <Import Project="..\..\build\packages.props" />
 
   <PropertyGroup>
-    <TargetFrameworks>net451;netstandard1.3</TargetFrameworks>
+    <TargetFramework>netstandard2.0</TargetFramework>
   </PropertyGroup>
 
   <PropertyGroup>
@@ -12,10 +12,6 @@
     <PackageTags>aspnetcore;authentication;oauth;security;visualstudio</PackageTags>
   </PropertyGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\AspNet.Security.OAuth.Extensions\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <PackageReference Include="JetBrains.Annotations" Version="$(JetBrainsVersion)" PrivateAssets="All" />
     <PackageReference Include="Microsoft.AspNetCore.Authentication.OAuth" Version="$(AspNetCoreVersion)" />

src/AspNet.Security.OAuth.VisualStudio/VisualStudioAuthenticationDefaults.cs

@@ -4,7 +4,8 @@
  * for more information concerning the license and the contributors participating to this project.
  */
 
-using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
 
 namespace AspNet.Security.OAuth.VisualStudio
 {
@@ -14,17 +15,17 @@ namespace AspNet.Security.OAuth.VisualStudio
     public static class VisualStudioAuthenticationDefaults
     {
         /// <summary>
-        /// Default value for <see cref="AuthenticationOptions.AuthenticationScheme"/>.
+        /// Default value for <see cref="AuthenticationScheme.Name"/>.
         /// </summary>
         public const string AuthenticationScheme = "Visual Studio Online";
 
         /// <summary>
-        /// Default value for <see cref="RemoteAuthenticationOptions.DisplayName"/>.
+        /// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
         /// </summary>
         public const string DisplayName = "Visual Studio Online";
 
         /// <summary>
-        /// Default value for <see cref="AuthenticationOptions.ClaimsIssuer"/>.
+        /// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
         /// </summary>
         public const string Issuer = "Visual Studio Online";
 

src/AspNet.Security.OAuth.VisualStudio/VisualStudioAuthenticationExtensions.cs

@@ -1,70 +1,76 @@
 /*
  * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
- * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * See https://VisualStudio.com/aspnet-contrib/AspNet.Security.OAuth.Providers
  * for more information concerning the license and the contributors participating to this project.
  */
 
 using System;
 using AspNet.Security.OAuth.VisualStudio;
 using JetBrains.Annotations;
-using Microsoft.Extensions.Options;
+using Microsoft.AspNetCore.Authentication;
 
-namespace Microsoft.AspNetCore.Builder
+namespace Microsoft.Extensions.DependencyInjection
 {
     /// <summary>
-    /// Extension methods to add VisualStudio authentication capabilities to an HTTP application pipeline.
+    /// Extension methods to add  authentication capabilities to an HTTP application pipeline.
     /// </summary>
     public static class VisualStudioAuthenticationExtensions
     {
         /// <summary>
-        /// Adds the <see cref="VisualStudioAuthenticationMiddleware"/> middleware to the specified
-        /// <see cref="IApplicationBuilder"/>, which enables VisualStudio authentication capabilities.
+        /// Adds <see cref="VisualStudioAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables VisualStudio authentication capabilities.
         /// </summary>
-        /// <param name="app">The <see cref="IApplicationBuilder"/> to add the middleware to.</param>
-        /// <param name="options">A <see cref="VisualStudioAuthenticationOptions"/> that specifies options for the middleware.</param>
-        /// <returns>A reference to this instance after the operation has completed.</returns>
-        public static IApplicationBuilder UseVisualStudioAuthentication(
-            [NotNull] this IApplicationBuilder app,
-            [NotNull] VisualStudioAuthenticationOptions options)
+        /// <param name="builder">The authentication builder.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddVisualStudio([NotNull] this AuthenticationBuilder builder)
         {
-            if (app == null)
-            {
-                throw new ArgumentNullException(nameof(app));
-            }
-
-            if (options == null)
-            {
-                throw new ArgumentNullException(nameof(options));
-            }
-
-            return app.UseMiddleware<VisualStudioAuthenticationMiddleware>(Options.Create(options));
+            return builder.AddVisualStudio(VisualStudioAuthenticationDefaults.AuthenticationScheme, options => { });
         }
 
         /// <summary>
-        /// Adds the <see cref="VisualStudioAuthenticationMiddleware"/> middleware to the specified
-        /// <see cref="IApplicationBuilder"/>, which enables VisualStudio authentication capabilities.
+        /// Adds <see cref="VisualStudioAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables VisualStudio authentication capabilities.
         /// </summary>
-        /// <param name="app">The <see cref="IApplicationBuilder"/> to add the middleware to.</param>
-        /// <param name="configuration">An action delegate to configure the provided <see cref="VisualStudioAuthenticationOptions"/>.</param>
-        /// <returns>A reference to this instance after the operation has completed.</returns>
-        public static IApplicationBuilder UseVisualStudioAuthentication(
-            [NotNull] this IApplicationBuilder app,
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="configuration">The delegate used to configure the OpenID 2.0 options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddVisualStudio(
+            [NotNull] this AuthenticationBuilder builder,
             [NotNull] Action<VisualStudioAuthenticationOptions> configuration)
         {
-            if (app == null)
-            {
-                throw new ArgumentNullException(nameof(app));
-            }
-
-            if (configuration == null)
-            {
-                throw new ArgumentNullException(nameof(configuration));
-            }
+            return builder.AddVisualStudio(VisualStudioAuthenticationDefaults.AuthenticationScheme, configuration);
+        }
 
-            var options = new VisualStudioAuthenticationOptions();
-            configuration(options);
+        /// <summary>
+        /// Adds <see cref="VisualStudioAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables VisualStudio authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="scheme">The authentication scheme associated with this instance.</param>
+        /// <param name="configuration">The delegate used to configure the VisualStudio options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddVisualStudio(
+            [NotNull] this AuthenticationBuilder builder, [NotNull] string scheme,
+            [NotNull] Action<VisualStudioAuthenticationOptions> configuration)
+        {
+            return builder.AddVisualStudio(scheme, VisualStudioAuthenticationDefaults.DisplayName, configuration);
+        }
 
-            return app.UseMiddleware<VisualStudioAuthenticationMiddleware>(Options.Create(options));
+        /// <summary>
+        /// Adds <see cref="VisualStudioAuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables VisualStudio authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="scheme">The authentication scheme associated with this instance.</param>
+        /// <param name="name">The optional display name associated with this instance.</param>
+        /// <param name="configuration">The delegate used to configure the VisualStudio options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder AddVisualStudio(
+            [NotNull] this AuthenticationBuilder builder,
+            [NotNull] string scheme, [CanBeNull] string name,
+            [NotNull] Action<VisualStudioAuthenticationOptions> configuration)
+        {
+            return builder.AddOAuth<VisualStudioAuthenticationOptions, VisualStudioAuthenticationHandler>(scheme, name, configuration);
         }
     }
-}
+}

src/AspNet.Security.OAuth.VisualStudio/VisualStudioAuthenticationHandler.cs

@@ -9,22 +9,26 @@
 using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Security.Claims;
+using System.Text.Encodings.Web;
 using System.Threading.Tasks;
-using AspNet.Security.OAuth.Extensions;
 using JetBrains.Annotations;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OAuth;
-using Microsoft.AspNetCore.Http.Authentication;
 using Microsoft.AspNetCore.WebUtilities;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Newtonsoft.Json.Linq;
 
 namespace AspNet.Security.OAuth.VisualStudio
 {
     public class VisualStudioAuthenticationHandler : OAuthHandler<VisualStudioAuthenticationOptions>
     {
-        public VisualStudioAuthenticationHandler([NotNull] HttpClient client)
-            : base(client)
+        public VisualStudioAuthenticationHandler(
+            [NotNull] IOptionsMonitor<VisualStudioAuthenticationOptions> options,
+            [NotNull] ILoggerFactory logger,
+            [NotNull] UrlEncoder encoder,
+            [NotNull] ISystemClock clock)
+            : base(options, logger, encoder, clock)
         {
         }
 
@@ -50,17 +54,12 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull]
             var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
 
             var principal = new ClaimsPrincipal(identity);
-            var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload);
+            context.RunClaimActions(payload);
 
-            identity.AddOptionalClaim(ClaimTypes.NameIdentifier, VisualStudioAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer)
-                    .AddOptionalClaim(ClaimTypes.Email, VisualStudioAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer)
-                    .AddOptionalClaim(ClaimTypes.Name, VisualStudioAuthenticationHelper.GetLogin(payload), Options.ClaimsIssuer)
-                    .AddOptionalClaim(ClaimTypes.GivenName, VisualStudioAuthenticationHelper.GetName(payload), Options.ClaimsIssuer);
-
-            var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload);
             await Options.Events.CreatingTicket(context);
 
-            return context.Ticket;
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] string code, [NotNull] string redirectUri)

src/AspNet.Security.OAuth.VisualStudio/VisualStudioAuthenticationHelper.cs

@@ -4,7 +4,9 @@
  * for more information concerning the license and the contributors participating to this project.
  */
 
-using Microsoft.AspNetCore.Builder;
+using System.Security.Claims;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
 using Microsoft.AspNetCore.Http;
 
 namespace AspNet.Security.OAuth.VisualStudio
@@ -16,15 +18,18 @@ public class VisualStudioAuthenticationOptions : OAuthOptions
     {
         public VisualStudioAuthenticationOptions()
         {
-            AuthenticationScheme = VisualStudioAuthenticationDefaults.AuthenticationScheme;
-            DisplayName = VisualStudioAuthenticationDefaults.DisplayName;
             ClaimsIssuer = VisualStudioAuthenticationDefaults.Issuer;
 
             CallbackPath = new PathString(VisualStudioAuthenticationDefaults.CallbackPath);
 
             AuthorizationEndpoint = VisualStudioAuthenticationDefaults.AuthorizationEndpoint;
             TokenEndpoint = VisualStudioAuthenticationDefaults.TokenEndpoint;
             UserInformationEndpoint = VisualStudioAuthenticationDefaults.UserInformationEndpoint;
+
+            ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
+            ClaimActions.MapJsonKey(ClaimTypes.Email, "emailAddress");
+            ClaimActions.MapJsonKey(ClaimTypes.Name, "publicAlias");
+            ClaimActions.MapJsonKey(ClaimTypes.GivenName, "displayName");
         }
     }
 }