From 6efdd30298a150b68e1f009349c0d56e6c5f268f Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sat, 6 Sep 2025 15:23:15 +0200 Subject: [PATCH 01/29] feat(AuthCallbackHandler): Add a AuthCallback Handler instance that can be already used build in Made the Handler specific Methods that use magic numbers (status, messages...) virtual so someone who would like to have other behavior could simply override them and implement it with littlest effort Added ErrorResponse Default uri key names of the official standard document and implemented in the OAuthCallbackHandler --- .../Defaults/OAuthErrorResponseDefaults.cs | 19 ++++ .../Extensions/UriExtensions.cs | 17 ++++ Yllibed.HttpServer/GlobalUsings.cs | 2 + .../Handlers/AuthCallbackHandlerOptions.cs | 13 +++ .../Handlers/IAuthCallbackHandler.cs | 6 ++ .../Handlers/OAuthCallbackHandler.cs | 90 +++++++++++++++++++ 6 files changed, 147 insertions(+) create mode 100644 Yllibed.HttpServer/Defaults/OAuthErrorResponseDefaults.cs create mode 100644 Yllibed.HttpServer/Extensions/UriExtensions.cs create mode 100644 Yllibed.HttpServer/Handlers/AuthCallbackHandlerOptions.cs create mode 100644 Yllibed.HttpServer/Handlers/IAuthCallbackHandler.cs create mode 100644 Yllibed.HttpServer/Handlers/OAuthCallbackHandler.cs diff --git a/Yllibed.HttpServer/Defaults/OAuthErrorResponseDefaults.cs b/Yllibed.HttpServer/Defaults/OAuthErrorResponseDefaults.cs new file mode 100644 index 0000000..07cd5ca --- /dev/null +++ b/Yllibed.HttpServer/Defaults/OAuthErrorResponseDefaults.cs @@ -0,0 +1,19 @@ +namespace Yllibed.HttpServer.Defaults; +/// +/// OAuth Error Response standardized error codes. 4.1.2.1 Error Response +/// +public class OAuthErrorResponseDefaults +{ + public const string ErrorKey = "error"; + public const string ErrorDescriptionKey = "error_description"; + public const string ErrorUriKey = "error_uri"; + + public const string AccessDenied = "access_denied"; + public const string InvalidRequest = "invalid_request"; + public const string UnauthorizedClient = "unauthorized_client"; + public const string InvalidClient = "invalid_client"; + public const string InvalidGrant = "invalid_grant"; + public const string UnsupportedGrantType = "unsupported_grant_type"; + public const string InvalidScope = "invalid_scope"; + public const string TemporarilyUnavailable = "temporarily_unavailable"; +} diff --git a/Yllibed.HttpServer/Extensions/UriExtensions.cs b/Yllibed.HttpServer/Extensions/UriExtensions.cs new file mode 100644 index 0000000..2008277 --- /dev/null +++ b/Yllibed.HttpServer/Extensions/UriExtensions.cs @@ -0,0 +1,17 @@ +using System.Collections.Generic; +using System.Linq; + +namespace Yllibed.HttpServer.Extensions; + +public static class UriExtensions +{ + private static readonly char[] _uriSplitChars = new char[2] { '?', '&' }; + public static IDictionary GetParameters(this Uri uri) + { + + return (from p in uri.OriginalString.Split(_uriSplitChars, StringSplitOptions.RemoveEmptyEntries) + select p.Split('=') into parts + where parts.Length > 1 + select parts).ToDictionary((parts) => parts[0], (parts) => string.Join("=", parts.Skip(1)), StringComparer.Ordinal); + } +} diff --git a/Yllibed.HttpServer/GlobalUsings.cs b/Yllibed.HttpServer/GlobalUsings.cs index 5d894fe..5d48413 100644 --- a/Yllibed.HttpServer/GlobalUsings.cs +++ b/Yllibed.HttpServer/GlobalUsings.cs @@ -5,3 +5,5 @@ global using System.Threading; global using System.Threading.Tasks; global using Yllibed.HttpServer.Extensions; +global using Yllibed.HttpServer.Handlers; +global using Yllibed.HttpServer.Defaults; diff --git a/Yllibed.HttpServer/Handlers/AuthCallbackHandlerOptions.cs b/Yllibed.HttpServer/Handlers/AuthCallbackHandlerOptions.cs new file mode 100644 index 0000000..f36f7dc --- /dev/null +++ b/Yllibed.HttpServer/Handlers/AuthCallbackHandlerOptions.cs @@ -0,0 +1,13 @@ +using System.ComponentModel.DataAnnotations; + +namespace Yllibed.HttpServer.Handlers; +public record AuthCallbackHandlerOptions +{ + public const string SectionName = "AuthCallback"; + /// + /// Configures the expected URI for authentication Callbacks. + /// + [Required, Url] + public Uri? CallbackUri { get; init; } + +} diff --git a/Yllibed.HttpServer/Handlers/IAuthCallbackHandler.cs b/Yllibed.HttpServer/Handlers/IAuthCallbackHandler.cs new file mode 100644 index 0000000..a249aa7 --- /dev/null +++ b/Yllibed.HttpServer/Handlers/IAuthCallbackHandler.cs @@ -0,0 +1,6 @@ +namespace Yllibed.HttpServer.Handlers; + +public interface IAuthCallbackHandler : IHttpHandler +{ + public Uri CallbackUri { get; } +} diff --git a/Yllibed.HttpServer/Handlers/OAuthCallbackHandler.cs b/Yllibed.HttpServer/Handlers/OAuthCallbackHandler.cs new file mode 100644 index 0000000..cc83aa6 --- /dev/null +++ b/Yllibed.HttpServer/Handlers/OAuthCallbackHandler.cs @@ -0,0 +1,90 @@ +using System.Collections.Generic; +using System.Linq; +using Microsoft.Extensions.Options; + +namespace Yllibed.HttpServer.Handlers; +public record OAuthCallbackHandler : IAuthCallbackHandler +{ + private readonly TaskCompletionSource _tcs = new(); + public Uri CallbackUri { get; init; } + public OAuthCallbackHandler(Uri callbackUri) + { + if (callbackUri is null || callbackUri.Scheme != Uri.UriSchemeHttp && callbackUri.Scheme != Uri.UriSchemeHttps) + { + throw new ArgumentException("The CallbackUri must be an absolute URI with HTTP or HTTPS scheme.", nameof(callbackUri)); + } + CallbackUri = callbackUri; + } + [Microsoft.Extensions.DependencyInjection.ActivatorUtilitiesConstructor] + public OAuthCallbackHandler( + IOptions options) + { + if (options?.Value?.CallbackUri is not Uri uri + || uri.Scheme != Uri.UriSchemeHttp && uri.Scheme != Uri.UriSchemeHttps) + { + throw new ArgumentException("The CallbackUri must be an absolute URI with HTTP or HTTPS scheme.", nameof(options)); + } + CallbackUri = uri; + } + + public Task HandleRequest(CancellationToken ct, IHttpServerRequest request, string relativePath) + { + if (request.Url.AbsolutePath.StartsWith(CallbackUri.AbsolutePath, StringComparison.OrdinalIgnoreCase)) + { + + var parameters = request.Url.GetParameters(); + + var statusCode = GetStatusCode(parameters); + + var result = GetWebAuthenticationResult(statusCode, request.Url.OriginalString); + + _tcs.TrySetResult(result); + request.SetResponse( + System.Net.Mime.MediaTypeNames.Text.Plain, + GetWebAuthenticationResponseMessage(result)); + } + + return Task.CompletedTask; + } + protected virtual WebAuthenticationResult GetWebAuthenticationResult(uint statusCode, string requestUriString) + { + return statusCode switch + { + 200 => new WebAuthenticationResult(requestUriString, statusCode, WebAuthenticationStatus.Success), + 403 => new WebAuthenticationResult(requestUriString, statusCode, WebAuthenticationStatus.UserCancel), + _ => new WebAuthenticationResult(requestUriString, statusCode, WebAuthenticationStatus.ErrorHttp), + }; + } + + protected virtual uint GetStatusCode(IDictionary parameters) + { + if (parameters.TryGetValue(OAuthErrorResponseDefaults.ErrorKey, out var error)) + { + return error switch + { + OAuthErrorResponseDefaults.AccessDenied => 403, + OAuthErrorResponseDefaults.InvalidClient or OAuthErrorResponseDefaults.UnauthorizedClient or OAuthErrorResponseDefaults.InvalidScope => 401, + OAuthErrorResponseDefaults.TemporarilyUnavailable => 503, + OAuthErrorResponseDefaults.UnsupportedGrantType => 500, + _ => 400 // For all others: Bad Request + }; + + } + + return 200; + } + protected virtual string GetWebAuthenticationResponseMessage(WebAuthenticationResult result) + { + return result.ResponseStatus switch + { + WebAuthenticationStatus.Success => "Authentication completed successfully - you can close this browser now.", + WebAuthenticationStatus.UserCancel => "Authentication was cancelled by the user.", + WebAuthenticationStatus.ErrorHttp => "Authentication failed due to an error.", + _ => "Authentication completed - you can close this browser now." + }; + } + public Task WaitForCallbackAsync() + { + return _tcs.Task; + } +} From f367dc5d436a0018ae3422ca265885aa565bbaa2 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sat, 6 Sep 2025 15:33:03 +0200 Subject: [PATCH 02/29] chore(UriExtensions): update GetParameter --- Yllibed.HttpServer/Extensions/UriExtensions.cs | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/Yllibed.HttpServer/Extensions/UriExtensions.cs b/Yllibed.HttpServer/Extensions/UriExtensions.cs index 2008277..845259a 100644 --- a/Yllibed.HttpServer/Extensions/UriExtensions.cs +++ b/Yllibed.HttpServer/Extensions/UriExtensions.cs @@ -9,9 +9,11 @@ public static class UriExtensions public static IDictionary GetParameters(this Uri uri) { - return (from p in uri.OriginalString.Split(_uriSplitChars, StringSplitOptions.RemoveEmptyEntries) - select p.Split('=') into parts - where parts.Length > 1 - select parts).ToDictionary((parts) => parts[0], (parts) => string.Join("=", parts.Skip(1)), StringComparer.Ordinal); + return uri + .OriginalString + .Split(_uriSplitChars, StringSplitOptions.RemoveEmptyEntries) + .Select(p => p.Split('=')) + .Where(parts => parts.Length > 1) + .ToDictionary(parts => parts[0], parts => String.Join("=", parts.Skip(1)), StringComparer.Ordinal); } } From 06a0e34c27201758a50c879e8b24981458813a08 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sun, 7 Sep 2025 20:44:03 +0200 Subject: [PATCH 03/29] chore: move AuthCallbackHandler to separate Project --- Directory.Packages.props | 3 ++- .../AuthCallbackHandlerOptions.cs | 2 +- .../Defaults/OAuthErrorResponseDefaults.cs | 0 .../Extensions/UriExtensions.cs | 4 ++-- Yllibed.Handlers.Uno/GlobalUsings.cs | 6 ++++++ .../IAuthCallbackHandler.cs | 2 +- .../OAuthCallbackHandler.cs | 6 +----- .../ServiceCollectionExtensions.cs | 19 +++++++++++++++++++ .../Yllibed.Handlers.Uno.csproj | 18 ++++++++++++++++++ Yllibed.HttpServer.slnx | 1 + Yllibed.HttpServer/GlobalUsings.cs | 1 - global.json | 13 ++++++++----- 12 files changed, 59 insertions(+), 16 deletions(-) rename {Yllibed.HttpServer/Handlers => Yllibed.Handlers.Uno}/AuthCallbackHandlerOptions.cs (88%) rename {Yllibed.HttpServer => Yllibed.Handlers.Uno}/Defaults/OAuthErrorResponseDefaults.cs (100%) rename {Yllibed.HttpServer => Yllibed.Handlers.Uno}/Extensions/UriExtensions.cs (80%) create mode 100644 Yllibed.Handlers.Uno/GlobalUsings.cs rename {Yllibed.HttpServer/Handlers => Yllibed.Handlers.Uno}/IAuthCallbackHandler.cs (70%) rename {Yllibed.HttpServer/Handlers => Yllibed.Handlers.Uno}/OAuthCallbackHandler.cs (96%) create mode 100644 Yllibed.Handlers.Uno/ServiceCollectionExtensions.cs create mode 100644 Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj diff --git a/Directory.Packages.props b/Directory.Packages.props index 19923cb..e84300d 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -14,5 +14,6 @@ + - \ No newline at end of file + diff --git a/Yllibed.HttpServer/Handlers/AuthCallbackHandlerOptions.cs b/Yllibed.Handlers.Uno/AuthCallbackHandlerOptions.cs similarity index 88% rename from Yllibed.HttpServer/Handlers/AuthCallbackHandlerOptions.cs rename to Yllibed.Handlers.Uno/AuthCallbackHandlerOptions.cs index f36f7dc..f7eb32c 100644 --- a/Yllibed.HttpServer/Handlers/AuthCallbackHandlerOptions.cs +++ b/Yllibed.Handlers.Uno/AuthCallbackHandlerOptions.cs @@ -1,6 +1,6 @@ using System.ComponentModel.DataAnnotations; -namespace Yllibed.HttpServer.Handlers; +namespace Yllibed.Handlers.Uno; public record AuthCallbackHandlerOptions { public const string SectionName = "AuthCallback"; diff --git a/Yllibed.HttpServer/Defaults/OAuthErrorResponseDefaults.cs b/Yllibed.Handlers.Uno/Defaults/OAuthErrorResponseDefaults.cs similarity index 100% rename from Yllibed.HttpServer/Defaults/OAuthErrorResponseDefaults.cs rename to Yllibed.Handlers.Uno/Defaults/OAuthErrorResponseDefaults.cs diff --git a/Yllibed.HttpServer/Extensions/UriExtensions.cs b/Yllibed.Handlers.Uno/Extensions/UriExtensions.cs similarity index 80% rename from Yllibed.HttpServer/Extensions/UriExtensions.cs rename to Yllibed.Handlers.Uno/Extensions/UriExtensions.cs index 845259a..94bbafa 100644 --- a/Yllibed.HttpServer/Extensions/UriExtensions.cs +++ b/Yllibed.Handlers.Uno/Extensions/UriExtensions.cs @@ -1,7 +1,7 @@ using System.Collections.Generic; using System.Linq; -namespace Yllibed.HttpServer.Extensions; +namespace Yllibed.Handlers.Uno.Extensions; public static class UriExtensions { @@ -14,6 +14,6 @@ public static IDictionary GetParameters(this Uri uri) .Split(_uriSplitChars, StringSplitOptions.RemoveEmptyEntries) .Select(p => p.Split('=')) .Where(parts => parts.Length > 1) - .ToDictionary(parts => parts[0], parts => String.Join("=", parts.Skip(1)), StringComparer.Ordinal); + .ToDictionary(parts => parts[0], parts => string.Join('=', parts.Skip(1)), StringComparer.Ordinal); } } diff --git a/Yllibed.Handlers.Uno/GlobalUsings.cs b/Yllibed.Handlers.Uno/GlobalUsings.cs new file mode 100644 index 0000000..01ede68 --- /dev/null +++ b/Yllibed.Handlers.Uno/GlobalUsings.cs @@ -0,0 +1,6 @@ +global using Microsoft.Extensions.Logging; +global using Microsoft.Extensions.Options; +global using Windows.Security.Authentication.Web; +global using Yllibed.HttpServer; +global using Yllibed.HttpServer.Handlers; +global using Yllibed.HttpServer.Defaults; diff --git a/Yllibed.HttpServer/Handlers/IAuthCallbackHandler.cs b/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs similarity index 70% rename from Yllibed.HttpServer/Handlers/IAuthCallbackHandler.cs rename to Yllibed.Handlers.Uno/IAuthCallbackHandler.cs index a249aa7..130adbf 100644 --- a/Yllibed.HttpServer/Handlers/IAuthCallbackHandler.cs +++ b/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs @@ -1,4 +1,4 @@ -namespace Yllibed.HttpServer.Handlers; +namespace Yllibed.Handlers.Uno; public interface IAuthCallbackHandler : IHttpHandler { diff --git a/Yllibed.HttpServer/Handlers/OAuthCallbackHandler.cs b/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs similarity index 96% rename from Yllibed.HttpServer/Handlers/OAuthCallbackHandler.cs rename to Yllibed.Handlers.Uno/OAuthCallbackHandler.cs index cc83aa6..28eab18 100644 --- a/Yllibed.HttpServer/Handlers/OAuthCallbackHandler.cs +++ b/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs @@ -1,8 +1,4 @@ -using System.Collections.Generic; -using System.Linq; -using Microsoft.Extensions.Options; - -namespace Yllibed.HttpServer.Handlers; +namespace Yllibed.Handlers.Uno; public record OAuthCallbackHandler : IAuthCallbackHandler { private readonly TaskCompletionSource _tcs = new(); diff --git a/Yllibed.Handlers.Uno/ServiceCollectionExtensions.cs b/Yllibed.Handlers.Uno/ServiceCollectionExtensions.cs new file mode 100644 index 0000000..965fa50 --- /dev/null +++ b/Yllibed.Handlers.Uno/ServiceCollectionExtensions.cs @@ -0,0 +1,19 @@ +using Microsoft.Extensions.DependencyInjection; +using Microsoft.Extensions.Options; + +namespace Yllibed.Handlers.Uno; +public static class ServiceCollectionExtensions +{ + public static IServiceCollection AddYllibedAuthCallbackHandler(this IServiceCollection services) + { + services.AddSingleton(); + return services; + } + public static IServiceCollection AddYllibedAuthCallbackHandler(this IServiceCollection services, Action configureOptions) + where TService : class, IAuthCallbackHandler + { + services.Configure(configureOptions); + services.AddSingleton(); + return services; + } +} diff --git a/Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj b/Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj new file mode 100644 index 0000000..f766afc --- /dev/null +++ b/Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj @@ -0,0 +1,18 @@ + + + + net9.0 + enable + enable + + Logging; + Configuration; + + + + + + + + + diff --git a/Yllibed.HttpServer.slnx b/Yllibed.HttpServer.slnx index a832032..6153465 100644 --- a/Yllibed.HttpServer.slnx +++ b/Yllibed.HttpServer.slnx @@ -8,6 +8,7 @@ + diff --git a/Yllibed.HttpServer/GlobalUsings.cs b/Yllibed.HttpServer/GlobalUsings.cs index 5d48413..917a18b 100644 --- a/Yllibed.HttpServer/GlobalUsings.cs +++ b/Yllibed.HttpServer/GlobalUsings.cs @@ -6,4 +6,3 @@ global using System.Threading.Tasks; global using Yllibed.HttpServer.Extensions; global using Yllibed.HttpServer.Handlers; -global using Yllibed.HttpServer.Defaults; diff --git a/global.json b/global.json index 3c5cf51..c98f44a 100644 --- a/global.json +++ b/global.json @@ -1,7 +1,10 @@ { - "sdk": { - "version": "9.0.0", - "rollForward": "latestMajor", - "allowPrerelease": false - } + "msbuild-sdks": { + "Uno.Sdk": "6.2.29", + "Microsoft.NET.Sdk": "9.0.0" + }, + "sdk": { + "rollForward": "latestMajor", + "allowPrerelease": false + } } From 2aee6841f3318cdc4db26ea24b3d0fd63d9e2343 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sun, 7 Sep 2025 21:50:51 +0200 Subject: [PATCH 04/29] chore: Update UriExtensions along Review suggestions TODO: Decide which of both Query checking Methods should be used --- .../Extensions/UriExtensions.cs | 13 ++++++++++- Yllibed.Handlers.Uno/IAuthCallbackHandler.cs | 1 + Yllibed.Handlers.Uno/OAuthCallbackHandler.cs | 22 +++++++++++++++---- .../Yllibed.Handlers.Uno.csproj | 5 +---- 4 files changed, 32 insertions(+), 9 deletions(-) diff --git a/Yllibed.Handlers.Uno/Extensions/UriExtensions.cs b/Yllibed.Handlers.Uno/Extensions/UriExtensions.cs index 94bbafa..b532fc0 100644 --- a/Yllibed.Handlers.Uno/Extensions/UriExtensions.cs +++ b/Yllibed.Handlers.Uno/Extensions/UriExtensions.cs @@ -1,5 +1,7 @@ using System.Collections.Generic; +using System.Collections.Specialized; using System.Linq; +using System.Web; namespace Yllibed.Handlers.Uno.Extensions; @@ -10,10 +12,19 @@ public static IDictionary GetParameters(this Uri uri) { return uri - .OriginalString + .Query .Split(_uriSplitChars, StringSplitOptions.RemoveEmptyEntries) .Select(p => p.Split('=')) .Where(parts => parts.Length > 1) .ToDictionary(parts => parts[0], parts => string.Join('=', parts.Skip(1)), StringComparer.Ordinal); } + public static NameValueCollection GetQuery(this Uri? redirectUri, Uri callbackUri) // TODO: Check if we maybe should exchange using GetParameters to this method + { + if (redirectUri is null) + return []; + return redirectUri.IsBaseOf(callbackUri) // Reused from Uno.Extensions.Authentication.Web.WebAuthenticationProvider and changed to use Uri instead of string + ? AuthHttpUtility.ExtractArguments(redirectUri.ToString()) // it's a fully qualified url, so need to extract query or fragment + : AuthHttpUtility.ParseQueryString(redirectUri.ToString().TrimStart('#').TrimStart('?')); // it isn't a full url, so just process as query or fragment + + } } diff --git a/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs b/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs index 130adbf..ff64280 100644 --- a/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs +++ b/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs @@ -3,4 +3,5 @@ namespace Yllibed.Handlers.Uno; public interface IAuthCallbackHandler : IHttpHandler { public Uri CallbackUri { get; } + public Task WaitForCallbackAsync(); } diff --git a/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs b/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs index 28eab18..f7a8a91 100644 --- a/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs +++ b/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs @@ -51,7 +51,23 @@ protected virtual WebAuthenticationResult GetWebAuthenticationResult(uint status _ => new WebAuthenticationResult(requestUriString, statusCode, WebAuthenticationStatus.ErrorHttp), }; } + //protected virtual uint GetStatusCode(NameValueCollection parameters) // TODO: Check if we maybe should exchange using GetParameters with return Dictionary to this method + //{ + // if (parameters.Get(OAuthErrorResponseDefaults.ErrorKey) is string error) + // { + // return error switch + // { + // OAuthErrorResponseDefaults.AccessDenied => 403, + // OAuthErrorResponseDefaults.InvalidClient or OAuthErrorResponseDefaults.UnauthorizedClient or OAuthErrorResponseDefaults.InvalidScope => 401, + // OAuthErrorResponseDefaults.TemporarilyUnavailable => 503, + // OAuthErrorResponseDefaults.UnsupportedGrantType => 500, + // _ => 400 // For all others: Bad Request + // }; + // } + + // return 200; + //} protected virtual uint GetStatusCode(IDictionary parameters) { if (parameters.TryGetValue(OAuthErrorResponseDefaults.ErrorKey, out var error)) @@ -79,8 +95,6 @@ protected virtual string GetWebAuthenticationResponseMessage(WebAuthenticationRe _ => "Authentication completed - you can close this browser now." }; } - public Task WaitForCallbackAsync() - { - return _tcs.Task; - } + public Task WaitForCallbackAsync() => _tcs.Task; + } diff --git a/Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj b/Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj index f766afc..5ef093b 100644 --- a/Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj +++ b/Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj @@ -6,12 +6,9 @@ enable Logging; - Configuration; + Authentication; - - - From f96dbca03dc71e196d272d1722c3bf63f3ac2bc8 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sun, 7 Sep 2025 22:20:06 +0200 Subject: [PATCH 05/29] chore: Update to use Registration method --- .../OAuthCallbackExtensions.cs | 44 +++++++++++++++++++ .../ServiceCollectionExtensions.cs | 19 -------- 2 files changed, 44 insertions(+), 19 deletions(-) create mode 100644 Yllibed.Handlers.Uno/OAuthCallbackExtensions.cs delete mode 100644 Yllibed.Handlers.Uno/ServiceCollectionExtensions.cs diff --git a/Yllibed.Handlers.Uno/OAuthCallbackExtensions.cs b/Yllibed.Handlers.Uno/OAuthCallbackExtensions.cs new file mode 100644 index 0000000..9b37a3f --- /dev/null +++ b/Yllibed.Handlers.Uno/OAuthCallbackExtensions.cs @@ -0,0 +1,44 @@ +using Microsoft.Extensions.DependencyInjection; + +namespace Yllibed.Handlers.Uno; +public static class OAuthCallbackExtensions +{ + /// + /// Adds the to the service collection and registers it as an . + /// + /// The to which the handler will be added. + /// The updated instance. + public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection services) + { + services.AddSingleton(sp => new OAuthCallbackHandler(sp.GetRequiredService>())); + services.AddSingleton(sp => sp.GetRequiredService()); // Register as IAuthCallbackHandler so eventual consumers can get it as expected Interface, + // which provides the callback awaiting functionality at registration in WebAuthenticationBrokerProvider + return services; + } + public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection services, Action configureOptions) + where TService : class, IAuthCallbackHandler + { + services.Configure(configureOptions); + return services.AddOAuthCallbackHandler(); + } + public static IServiceCollection AddOAuthCallbackHandlerAndRegister(this IServiceCollection services, Action? configureOptions = null) + where TService : class, IAuthCallbackHandler + { + if (configureOptions != null) + { + services.Configure(configureOptions); + } + services.AddOAuthCallbackHandler(); + // Register a singleton that wires the handler into the server on construction + services.AddSingleton(); + return services; + } + private sealed class OAuthCallbackHandlerRegistration : IDisposable + { + private readonly IDisposable _registration; + public OAuthCallbackHandlerRegistration(Server server, OAuthCallbackHandler handler) => + // Place first by registering now; Server keeps order of registration + _registration = server.RegisterHandler(handler); + public void Dispose() => _registration.Dispose(); + } +} diff --git a/Yllibed.Handlers.Uno/ServiceCollectionExtensions.cs b/Yllibed.Handlers.Uno/ServiceCollectionExtensions.cs deleted file mode 100644 index 965fa50..0000000 --- a/Yllibed.Handlers.Uno/ServiceCollectionExtensions.cs +++ /dev/null @@ -1,19 +0,0 @@ -using Microsoft.Extensions.DependencyInjection; -using Microsoft.Extensions.Options; - -namespace Yllibed.Handlers.Uno; -public static class ServiceCollectionExtensions -{ - public static IServiceCollection AddYllibedAuthCallbackHandler(this IServiceCollection services) - { - services.AddSingleton(); - return services; - } - public static IServiceCollection AddYllibedAuthCallbackHandler(this IServiceCollection services, Action configureOptions) - where TService : class, IAuthCallbackHandler - { - services.Configure(configureOptions); - services.AddSingleton(); - return services; - } -} From 40923cb73e18178aed259c73ba3d8d06b5042f87 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sun, 7 Sep 2025 22:24:20 +0200 Subject: [PATCH 06/29] chore: move Registration Extension to appropriate folder --- .../{ => Extensions}/OAuthCallbackExtensions.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename Yllibed.Handlers.Uno/{ => Extensions}/OAuthCallbackExtensions.cs (92%) diff --git a/Yllibed.Handlers.Uno/OAuthCallbackExtensions.cs b/Yllibed.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs similarity index 92% rename from Yllibed.Handlers.Uno/OAuthCallbackExtensions.cs rename to Yllibed.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs index 9b37a3f..60924ac 100644 --- a/Yllibed.Handlers.Uno/OAuthCallbackExtensions.cs +++ b/Yllibed.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs @@ -1,6 +1,6 @@ using Microsoft.Extensions.DependencyInjection; -namespace Yllibed.Handlers.Uno; +namespace Yllibed.Handlers.Uno.Extensions; public static class OAuthCallbackExtensions { /// @@ -10,7 +10,7 @@ public static class OAuthCallbackExtensions /// The updated instance. public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection services) { - services.AddSingleton(sp => new OAuthCallbackHandler(sp.GetRequiredService>())); + services.AddSingleton(sp => new OAuthCallbackHandler(sp.GetRequiredService>())); services.AddSingleton(sp => sp.GetRequiredService()); // Register as IAuthCallbackHandler so eventual consumers can get it as expected Interface, // which provides the callback awaiting functionality at registration in WebAuthenticationBrokerProvider return services; From f4fdb700244c9bf2489c4f3e5f226a03d79e0b76 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sun, 7 Sep 2025 22:49:40 +0200 Subject: [PATCH 07/29] chore: Add Named Options Registration --- .../AuthCallbackHandlerOptions.cs | 2 +- .../Extensions/OAuthCallbackExtensions.cs | 19 ++++++++++++-- Yllibed.Handlers.Uno/IAuthCallbackHandler.cs | 1 + Yllibed.Handlers.Uno/OAuthCallbackHandler.cs | 25 +++++++++++++++++-- 4 files changed, 42 insertions(+), 5 deletions(-) diff --git a/Yllibed.Handlers.Uno/AuthCallbackHandlerOptions.cs b/Yllibed.Handlers.Uno/AuthCallbackHandlerOptions.cs index f7eb32c..084ec9a 100644 --- a/Yllibed.Handlers.Uno/AuthCallbackHandlerOptions.cs +++ b/Yllibed.Handlers.Uno/AuthCallbackHandlerOptions.cs @@ -3,7 +3,7 @@ namespace Yllibed.Handlers.Uno; public record AuthCallbackHandlerOptions { - public const string SectionName = "AuthCallback"; + public const string DefaultName = "AuthCallback"; /// /// Configures the expected URI for authentication Callbacks. /// diff --git a/Yllibed.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs b/Yllibed.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs index 60924ac..331013f 100644 --- a/Yllibed.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs +++ b/Yllibed.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs @@ -15,20 +15,35 @@ public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection // which provides the callback awaiting functionality at registration in WebAuthenticationBrokerProvider return services; } + /// + /// Registers an Keyed Singleton and its associated dependencies in the service collection with the specified name as Options key and service key. + /// + /// The to which the handler and dependencies will be added. + /// The name used to retrieve the configuration.
+ /// Defaults to . + /// The updated instance. + public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection services, string name = AuthCallbackHandlerOptions.DefaultName) + { + services.AddSingleton(sp => new OAuthCallbackHandler(sp.GetRequiredService>().Get(name))); + services.AddKeyedSingleton(name, (sp, _) => sp.GetRequiredService()); // Register as IAuthCallbackHandler so eventual consumers can get it as expected Interface, + // which provides the callback awaiting functionality at registration in WebAuthenticationBrokerProvider + return services; + } + public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection services, Action configureOptions) where TService : class, IAuthCallbackHandler { services.Configure(configureOptions); return services.AddOAuthCallbackHandler(); } - public static IServiceCollection AddOAuthCallbackHandlerAndRegister(this IServiceCollection services, Action? configureOptions = null) + public static IServiceCollection AddOAuthCallbackHandlerAndRegister(this IServiceCollection services, string name = AuthCallbackHandlerOptions.DefaultName, Action? configureOptions = null) where TService : class, IAuthCallbackHandler { if (configureOptions != null) { services.Configure(configureOptions); } - services.AddOAuthCallbackHandler(); + services.AddOAuthCallbackHandler(name); // Register a singleton that wires the handler into the server on construction services.AddSingleton(); return services; diff --git a/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs b/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs index ff64280..24e8445 100644 --- a/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs +++ b/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs @@ -2,6 +2,7 @@ namespace Yllibed.Handlers.Uno; public interface IAuthCallbackHandler : IHttpHandler { + public string Name { get; } public Uri CallbackUri { get; } public Task WaitForCallbackAsync(); } diff --git a/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs b/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs index f7a8a91..dc202c1 100644 --- a/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs +++ b/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs @@ -1,25 +1,46 @@ +using Microsoft.Extensions.DependencyInjection; + namespace Yllibed.Handlers.Uno; public record OAuthCallbackHandler : IAuthCallbackHandler { private readonly TaskCompletionSource _tcs = new(); public Uri CallbackUri { get; init; } - public OAuthCallbackHandler(Uri callbackUri) + + public string Name { get; init; } + + public OAuthCallbackHandler(Uri callbackUri, string name = AuthCallbackHandlerOptions.DefaultName) { if (callbackUri is null || callbackUri.Scheme != Uri.UriSchemeHttp && callbackUri.Scheme != Uri.UriSchemeHttps) { throw new ArgumentException("The CallbackUri must be an absolute URI with HTTP or HTTPS scheme.", nameof(callbackUri)); } + Name = name; CallbackUri = callbackUri; } + + public OAuthCallbackHandler( + AuthCallbackHandlerOptions options, + [ServiceKey] string name = AuthCallbackHandlerOptions.DefaultName) + { + if (options?.CallbackUri is not Uri uri + || uri.Scheme != Uri.UriSchemeHttp && uri.Scheme != Uri.UriSchemeHttps) + { + throw new ArgumentException("The CallbackUri must be an absolute URI with HTTP or HTTPS scheme.", nameof(options)); + } + Name = name; + CallbackUri = uri; + } [Microsoft.Extensions.DependencyInjection.ActivatorUtilitiesConstructor] public OAuthCallbackHandler( - IOptions options) + IOptions options, + [ServiceKey] string name = AuthCallbackHandlerOptions.DefaultName) { if (options?.Value?.CallbackUri is not Uri uri || uri.Scheme != Uri.UriSchemeHttp && uri.Scheme != Uri.UriSchemeHttps) { throw new ArgumentException("The CallbackUri must be an absolute URI with HTTP or HTTPS scheme.", nameof(options)); } + Name = name; CallbackUri = uri; } From 1f37d7128cc7108d80b296e37028246f244f20dc Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Tue, 11 Nov 2025 15:52:41 +0100 Subject: [PATCH 08/29] chore: adjust sdk version setup in global.json --- global.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global.json b/global.json index c98f44a..27dd118 100644 --- a/global.json +++ b/global.json @@ -1,9 +1,9 @@ { "msbuild-sdks": { - "Uno.Sdk": "6.2.29", - "Microsoft.NET.Sdk": "9.0.0" + "Uno.Sdk": "6.3.28" }, "sdk": { + "version": "9.0.100", "rollForward": "latestMajor", "allowPrerelease": false } From 9895989a3f3cd58ce9486e81b7187259907e9ed8 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Tue, 11 Nov 2025 15:53:31 +0100 Subject: [PATCH 09/29] chore(deps): Apply required Version Bump for logging packages --- Directory.Packages.props | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/Directory.Packages.props b/Directory.Packages.props index e84300d..bc71a07 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -6,14 +6,16 @@ - + - + - + + + From 5ab684423d767c736ffb92d92fa8597fafaaf7a5 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Tue, 11 Nov 2025 15:55:01 +0100 Subject: [PATCH 10/29] chore: Update Project and Namespace naming to match solution structure --- .../Extensions/UriExtensions.cs | 30 ------- .../AuthCallbackHandlerOptions.cs | 5 +- .../Defaults/OAuthErrorResponseDefaults.cs | 2 +- .../Extensions/OAuthCallbackExtensions.cs | 3 +- .../Extensions/UriExtensions.cs | 33 +++++++ .../GlobalUsings.cs | 3 - .../IAuthCallbackHandler.cs | 2 +- .../OAuthCallbackHandler.cs | 28 ++---- .../Yllibed.HttpServer.Handlers.Uno.csproj | 1 + .../OAuthCallbackExtensionsTests.cs | 88 +++++++++++++++++++ Yllibed.HttpServer.slnx | 2 +- 11 files changed, 138 insertions(+), 59 deletions(-) delete mode 100644 Yllibed.Handlers.Uno/Extensions/UriExtensions.cs rename {Yllibed.Handlers.Uno => Yllibed.HttpServer.Handlers.Uno}/AuthCallbackHandlerOptions.cs (74%) rename {Yllibed.Handlers.Uno => Yllibed.HttpServer.Handlers.Uno}/Defaults/OAuthErrorResponseDefaults.cs (94%) rename {Yllibed.Handlers.Uno => Yllibed.HttpServer.Handlers.Uno}/Extensions/OAuthCallbackExtensions.cs (98%) create mode 100644 Yllibed.HttpServer.Handlers.Uno/Extensions/UriExtensions.cs rename {Yllibed.Handlers.Uno => Yllibed.HttpServer.Handlers.Uno}/GlobalUsings.cs (54%) rename {Yllibed.Handlers.Uno => Yllibed.HttpServer.Handlers.Uno}/IAuthCallbackHandler.cs (80%) rename {Yllibed.Handlers.Uno => Yllibed.HttpServer.Handlers.Uno}/OAuthCallbackHandler.cs (80%) rename Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj => Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj (88%) create mode 100644 Yllibed.HttpServer.Uno.Handlers.Tests/OAuthCallbackExtensionsTests.cs diff --git a/Yllibed.Handlers.Uno/Extensions/UriExtensions.cs b/Yllibed.Handlers.Uno/Extensions/UriExtensions.cs deleted file mode 100644 index b532fc0..0000000 --- a/Yllibed.Handlers.Uno/Extensions/UriExtensions.cs +++ /dev/null @@ -1,30 +0,0 @@ -using System.Collections.Generic; -using System.Collections.Specialized; -using System.Linq; -using System.Web; - -namespace Yllibed.Handlers.Uno.Extensions; - -public static class UriExtensions -{ - private static readonly char[] _uriSplitChars = new char[2] { '?', '&' }; - public static IDictionary GetParameters(this Uri uri) - { - - return uri - .Query - .Split(_uriSplitChars, StringSplitOptions.RemoveEmptyEntries) - .Select(p => p.Split('=')) - .Where(parts => parts.Length > 1) - .ToDictionary(parts => parts[0], parts => string.Join('=', parts.Skip(1)), StringComparer.Ordinal); - } - public static NameValueCollection GetQuery(this Uri? redirectUri, Uri callbackUri) // TODO: Check if we maybe should exchange using GetParameters to this method - { - if (redirectUri is null) - return []; - return redirectUri.IsBaseOf(callbackUri) // Reused from Uno.Extensions.Authentication.Web.WebAuthenticationProvider and changed to use Uri instead of string - ? AuthHttpUtility.ExtractArguments(redirectUri.ToString()) // it's a fully qualified url, so need to extract query or fragment - : AuthHttpUtility.ParseQueryString(redirectUri.ToString().TrimStart('#').TrimStart('?')); // it isn't a full url, so just process as query or fragment - - } -} diff --git a/Yllibed.Handlers.Uno/AuthCallbackHandlerOptions.cs b/Yllibed.HttpServer.Handlers.Uno/AuthCallbackHandlerOptions.cs similarity index 74% rename from Yllibed.Handlers.Uno/AuthCallbackHandlerOptions.cs rename to Yllibed.HttpServer.Handlers.Uno/AuthCallbackHandlerOptions.cs index 084ec9a..8f0f7b3 100644 --- a/Yllibed.Handlers.Uno/AuthCallbackHandlerOptions.cs +++ b/Yllibed.HttpServer.Handlers.Uno/AuthCallbackHandlerOptions.cs @@ -1,6 +1,7 @@ using System.ComponentModel.DataAnnotations; -namespace Yllibed.Handlers.Uno; +namespace Yllibed.HttpServer.Handlers.Uno; + public record AuthCallbackHandlerOptions { public const string DefaultName = "AuthCallback"; @@ -8,6 +9,6 @@ public record AuthCallbackHandlerOptions /// Configures the expected URI for authentication Callbacks. /// [Required, Url] - public Uri? CallbackUri { get; init; } + public string? CallbackUri { get; init; } } diff --git a/Yllibed.Handlers.Uno/Defaults/OAuthErrorResponseDefaults.cs b/Yllibed.HttpServer.Handlers.Uno/Defaults/OAuthErrorResponseDefaults.cs similarity index 94% rename from Yllibed.Handlers.Uno/Defaults/OAuthErrorResponseDefaults.cs rename to Yllibed.HttpServer.Handlers.Uno/Defaults/OAuthErrorResponseDefaults.cs index 07cd5ca..5c74080 100644 --- a/Yllibed.Handlers.Uno/Defaults/OAuthErrorResponseDefaults.cs +++ b/Yllibed.HttpServer.Handlers.Uno/Defaults/OAuthErrorResponseDefaults.cs @@ -1,4 +1,4 @@ -namespace Yllibed.HttpServer.Defaults; +namespace Yllibed.HttpServer.Handlers.Uno.Defaults; /// /// OAuth Error Response standardized error codes. 4.1.2.1 Error Response /// diff --git a/Yllibed.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs b/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs similarity index 98% rename from Yllibed.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs rename to Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs index 331013f..eb33b9b 100644 --- a/Yllibed.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs +++ b/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs @@ -1,6 +1,7 @@ using Microsoft.Extensions.DependencyInjection; -namespace Yllibed.Handlers.Uno.Extensions; +namespace Yllibed.HttpServer.Handlers.Uno.Extensions; + public static class OAuthCallbackExtensions { /// diff --git a/Yllibed.HttpServer.Handlers.Uno/Extensions/UriExtensions.cs b/Yllibed.HttpServer.Handlers.Uno/Extensions/UriExtensions.cs new file mode 100644 index 0000000..4b57788 --- /dev/null +++ b/Yllibed.HttpServer.Handlers.Uno/Extensions/UriExtensions.cs @@ -0,0 +1,33 @@ +using System.Text.RegularExpressions; + +namespace Yllibed.HttpServer.Handlers.Uno.Extensions; + +public static partial class UriExtensions +{ +#if NET7_0_OR_GREATER + // Regex source generator: parses key=value pairs in a query string. Last value wins on duplicates. + [GeneratedRegex(@"([^?&=]+)=([^&]*)", RegexOptions.Compiled | RegexOptions.CultureInvariant | RegexOptions.ExplicitCapture | RegexOptions.NonBacktracking)] + private static partial Regex QueryParameterRegex(); +#else + // Older frameworks don't have RegexOptions.NonBacktracking; fall back to equivalent safe options + private static readonly Regex _queryParameterRegex = new(@"([^?&=]+)=([^&]*)", RegexOptions.Compiled | RegexOptions.CultureInvariant | RegexOptions.ExplicitCapture); + private static Regex QueryParameterRegex() => _queryParameterRegex; +#endif + + /// + /// Parses the query parameters from the given into a dictionary. + /// + /// The from which to extract query parameters. + /// A containing the query parameters as key-value pairs. + public static IDictionary GetParameters(this Uri uri) + { + return QueryParameterRegex() + .Matches(uri.Query) + .Cast() + .Select(m => new KeyValuePair( + Uri.UnescapeDataString(m.Groups[1].Value), + Uri.UnescapeDataString(m.Groups[2].Value))) + .GroupBy(kv => kv.Key, StringComparer.Ordinal) + .ToDictionary(g => g.Key, g => g.Last().Value, StringComparer.Ordinal); + } +} diff --git a/Yllibed.Handlers.Uno/GlobalUsings.cs b/Yllibed.HttpServer.Handlers.Uno/GlobalUsings.cs similarity index 54% rename from Yllibed.Handlers.Uno/GlobalUsings.cs rename to Yllibed.HttpServer.Handlers.Uno/GlobalUsings.cs index 01ede68..112a9bf 100644 --- a/Yllibed.Handlers.Uno/GlobalUsings.cs +++ b/Yllibed.HttpServer.Handlers.Uno/GlobalUsings.cs @@ -1,6 +1,3 @@ global using Microsoft.Extensions.Logging; global using Microsoft.Extensions.Options; global using Windows.Security.Authentication.Web; -global using Yllibed.HttpServer; -global using Yllibed.HttpServer.Handlers; -global using Yllibed.HttpServer.Defaults; diff --git a/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs b/Yllibed.HttpServer.Handlers.Uno/IAuthCallbackHandler.cs similarity index 80% rename from Yllibed.Handlers.Uno/IAuthCallbackHandler.cs rename to Yllibed.HttpServer.Handlers.Uno/IAuthCallbackHandler.cs index 24e8445..ff0e90f 100644 --- a/Yllibed.Handlers.Uno/IAuthCallbackHandler.cs +++ b/Yllibed.HttpServer.Handlers.Uno/IAuthCallbackHandler.cs @@ -1,4 +1,4 @@ -namespace Yllibed.Handlers.Uno; +namespace Yllibed.HttpServer.Handlers.Uno; public interface IAuthCallbackHandler : IHttpHandler { diff --git a/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs b/Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs similarity index 80% rename from Yllibed.Handlers.Uno/OAuthCallbackHandler.cs rename to Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs index dc202c1..674edf2 100644 --- a/Yllibed.Handlers.Uno/OAuthCallbackHandler.cs +++ b/Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs @@ -1,6 +1,8 @@ using Microsoft.Extensions.DependencyInjection; +using Yllibed.HttpServer.Handlers.Uno.Defaults; + +namespace Yllibed.HttpServer.Handlers.Uno; -namespace Yllibed.Handlers.Uno; public record OAuthCallbackHandler : IAuthCallbackHandler { private readonly TaskCompletionSource _tcs = new(); @@ -22,7 +24,8 @@ public OAuthCallbackHandler( AuthCallbackHandlerOptions options, [ServiceKey] string name = AuthCallbackHandlerOptions.DefaultName) { - if (options?.CallbackUri is not Uri uri + if (options.CallbackUri is null + || !Uri.TryCreate(options?.CallbackUri, UriKind.Absolute, out var uri) || uri.Scheme != Uri.UriSchemeHttp && uri.Scheme != Uri.UriSchemeHttps) { throw new ArgumentException("The CallbackUri must be an absolute URI with HTTP or HTTPS scheme.", nameof(options)); @@ -30,12 +33,13 @@ public OAuthCallbackHandler( Name = name; CallbackUri = uri; } - [Microsoft.Extensions.DependencyInjection.ActivatorUtilitiesConstructor] + [ActivatorUtilitiesConstructor] public OAuthCallbackHandler( IOptions options, [ServiceKey] string name = AuthCallbackHandlerOptions.DefaultName) { - if (options?.Value?.CallbackUri is not Uri uri + if (options.Value.CallbackUri is null + || !Uri.TryCreate(options.Value.CallbackUri, UriKind.Absolute, out var uri) || uri.Scheme != Uri.UriSchemeHttp && uri.Scheme != Uri.UriSchemeHttps) { throw new ArgumentException("The CallbackUri must be an absolute URI with HTTP or HTTPS scheme.", nameof(options)); @@ -72,23 +76,7 @@ protected virtual WebAuthenticationResult GetWebAuthenticationResult(uint status _ => new WebAuthenticationResult(requestUriString, statusCode, WebAuthenticationStatus.ErrorHttp), }; } - //protected virtual uint GetStatusCode(NameValueCollection parameters) // TODO: Check if we maybe should exchange using GetParameters with return Dictionary to this method - //{ - // if (parameters.Get(OAuthErrorResponseDefaults.ErrorKey) is string error) - // { - // return error switch - // { - // OAuthErrorResponseDefaults.AccessDenied => 403, - // OAuthErrorResponseDefaults.InvalidClient or OAuthErrorResponseDefaults.UnauthorizedClient or OAuthErrorResponseDefaults.InvalidScope => 401, - // OAuthErrorResponseDefaults.TemporarilyUnavailable => 503, - // OAuthErrorResponseDefaults.UnsupportedGrantType => 500, - // _ => 400 // For all others: Bad Request - // }; - - // } - // return 200; - //} protected virtual uint GetStatusCode(IDictionary parameters) { if (parameters.TryGetValue(OAuthErrorResponseDefaults.ErrorKey, out var error)) diff --git a/Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj b/Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj similarity index 88% rename from Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj rename to Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj index 5ef093b..b2266aa 100644 --- a/Yllibed.Handlers.Uno/Yllibed.Handlers.Uno.csproj +++ b/Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj @@ -4,6 +4,7 @@ net9.0 enable enable + $(Authors);Sonja Schweitzer Logging; Authentication; diff --git a/Yllibed.HttpServer.Uno.Handlers.Tests/OAuthCallbackExtensionsTests.cs b/Yllibed.HttpServer.Uno.Handlers.Tests/OAuthCallbackExtensionsTests.cs new file mode 100644 index 0000000..2e62c4d --- /dev/null +++ b/Yllibed.HttpServer.Uno.Handlers.Tests/OAuthCallbackExtensionsTests.cs @@ -0,0 +1,88 @@ +using Xunit; +using Shouldly; +using Yllibed.HttpServer.Handlers.Uno.Extensions; +using Microsoft.Extensions.Options; +using Microsoft.Extensions.DependencyInjection; + +namespace Yllibed.HttpServer.Handlers.Uno.Tests; + +public class OAuthCallbackExtensionsTests +{ + private sealed class TestOptionsSnapshot : IOptionsSnapshot + { + private readonly Dictionary _map; + public TestOptionsSnapshot(Dictionary map) => _map = map; + public AuthCallbackHandlerOptions Value => Get(AuthCallbackHandlerOptions.DefaultName); + public AuthCallbackHandlerOptions Get(string? name) => _map.TryGetValue(name ?? AuthCallbackHandlerOptions.DefaultName, out var v) + ? v + : new AuthCallbackHandlerOptions { CallbackUri = "http://localhost/invalid" }; + } + + [Fact] + public void AddOAuthCallbackHandler_RegistersHandlerAndInterface() + { + var services = new ServiceCollection(); + services.AddOptions(); + services.AddSingleton(Options.Create(new AuthCallbackHandlerOptions { CallbackUri = "http://localhost/callback" })); + + services.AddOAuthCallbackHandler(); + + using var sp = services.BuildServiceProvider(); + var concrete = sp.GetService(); + var asInterface = sp.GetService(); + + concrete.ShouldNotBeNull(); + asInterface.ShouldNotBeNull(); + ReferenceEquals(concrete, asInterface).ShouldBeTrue(); + concrete!.CallbackUri.ShouldBe(new Uri("http://localhost/callback")); + } + + [Fact] + public async Task AddOAuthCallbackHandlerAndRegister_RegistersIntoServerPipeline() + { + var services = new ServiceCollection(); + services.AddOptions(); + services.AddLogging(); + // Provide named options via custom snapshot to satisfy init-only property + services.AddSingleton>( + new TestOptionsSnapshot(new Dictionary(StringComparer.Ordinal) + { + [AuthCallbackHandlerOptions.DefaultName] = new AuthCallbackHandlerOptions { CallbackUri = "http://localhost/callback" } + })); + services.AddSingleton(Options.Create(new ServerOptions())); + services.AddSingleton(); + services.AddOAuthCallbackHandlerAndRegister(); + + using var sp = services.BuildServiceProvider(); + var server = sp.GetRequiredService(); + var (uri4, _) = server.Start(); + var callbackUri = new Uri(uri4, "/callback?code=abc"); + + var client = new HttpClient(); + var response = await client.GetAsync(callbackUri); + response.StatusCode.ShouldBe(HttpStatusCode.OK); + + var handler = sp.GetRequiredService(); + var result = await handler.WaitForCallbackAsync(); + result.ResponseErrorDetail.ShouldBe((uint)200); + result.ResponseData.ShouldNotBeNull(); + result.ResponseData!.ShouldContain("code=abc"); + } + + [Fact] + public void AddOAuthCallbackHandler_KeyedNameResolvesOptions() + { + var services = new ServiceCollection(); + services.AddOptions(); + services.AddSingleton>( + new TestOptionsSnapshot(new Dictionary(StringComparer.Ordinal) + { + ["Custom"] = new AuthCallbackHandlerOptions { CallbackUri = "http://localhost/customcb" } + })); + services.AddOAuthCallbackHandler("Custom"); + + using var sp = services.BuildServiceProvider(); + var handler = sp.GetRequiredKeyedService("Custom"); + handler.CallbackUri.ShouldBe(new Uri("http://localhost/customcb")); + } +} diff --git a/Yllibed.HttpServer.slnx b/Yllibed.HttpServer.slnx index 6153465..d0782c2 100644 --- a/Yllibed.HttpServer.slnx +++ b/Yllibed.HttpServer.slnx @@ -8,7 +8,7 @@ - + From 0523e30adb2e84ee11973771dfafb89dac4271d4 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Tue, 11 Nov 2025 15:56:20 +0100 Subject: [PATCH 11/29] test(UnoAuthHandler): Add Test Project to solution --- ...libed.HttpServer.Handlers.Uno.Tests.csproj | 35 +++++++++++++++++++ Yllibed.HttpServer.slnx | 1 + 2 files changed, 36 insertions(+) create mode 100644 Yllibed.HttpServer.Uno.Handlers.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj diff --git a/Yllibed.HttpServer.Uno.Handlers.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj b/Yllibed.HttpServer.Uno.Handlers.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj new file mode 100644 index 0000000..bb29f3a --- /dev/null +++ b/Yllibed.HttpServer.Uno.Handlers.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj @@ -0,0 +1,35 @@ + + + + net9.0 + enable + enable + false + + + + + + + + + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + all + runtime; build; native; contentfiles; analyzers; buildtransitive + + + + + + + + + + + + diff --git a/Yllibed.HttpServer.slnx b/Yllibed.HttpServer.slnx index d0782c2..d54506c 100644 --- a/Yllibed.HttpServer.slnx +++ b/Yllibed.HttpServer.slnx @@ -12,5 +12,6 @@ + \ No newline at end of file From 4f4e09d4cb67416f0bdb1c67ea6fdefabe133edc Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Wed, 12 Nov 2025 12:07:29 +0100 Subject: [PATCH 12/29] chore(OAuthHandlerExt): Align with GuardExtensions --- Directory.Packages.props | 9 ++- .../Extensions/OAuthCallbackExtensions.cs | 63 +++++++++---------- Yllibed.HttpServer.slnx | 4 +- 3 files changed, 39 insertions(+), 37 deletions(-) diff --git a/Directory.Packages.props b/Directory.Packages.props index bc71a07..2f22826 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -14,8 +14,11 @@ - - - + + + + + + diff --git a/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs b/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs index eb33b9b..95e5659 100644 --- a/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs +++ b/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs @@ -1,60 +1,59 @@ using Microsoft.Extensions.DependencyInjection; +using Microsoft.Extensions.Options; +using Yllibed.HttpServer.Extensions; // For AddHttpHandlerAndRegister namespace Yllibed.HttpServer.Handlers.Uno.Extensions; +/// +/// Extensions to configure OAuthCallbackHandler via Microsoft DI (aligned with GuardExtensions pattern). +/// public static class OAuthCallbackExtensions { /// - /// Adds the to the service collection and registers it as an . + /// Registers OAuthCallbackHandler with options support and exposes it as both its concrete type and as IAuthCallbackHandler. /// - /// The to which the handler will be added. - /// The updated instance. public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection services) { - services.AddSingleton(sp => new OAuthCallbackHandler(sp.GetRequiredService>())); - services.AddSingleton(sp => sp.GetRequiredService()); // Register as IAuthCallbackHandler so eventual consumers can get it as expected Interface, - // which provides the callback awaiting functionality at registration in WebAuthenticationBrokerProvider + services.AddSingleton(sp => new OAuthCallbackHandler(sp.GetRequiredService>())); + services.AddSingleton(sp => sp.GetRequiredService()); return services; } + /// - /// Registers an Keyed Singleton and its associated dependencies in the service collection with the specified name as Options key and service key. + /// Registers OAuthCallbackHandler with configuration delegate. /// - /// The to which the handler and dependencies will be added. - /// The name used to retrieve the configuration.
- /// Defaults to . - /// The updated instance. - public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection services, string name = AuthCallbackHandlerOptions.DefaultName) - { - services.AddSingleton(sp => new OAuthCallbackHandler(sp.GetRequiredService>().Get(name))); - services.AddKeyedSingleton(name, (sp, _) => sp.GetRequiredService()); // Register as IAuthCallbackHandler so eventual consumers can get it as expected Interface, - // which provides the callback awaiting functionality at registration in WebAuthenticationBrokerProvider - return services; - } - - public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection services, Action configureOptions) - where TService : class, IAuthCallbackHandler + public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection services, Action configure) { - services.Configure(configureOptions); + services.Configure(configure); return services.AddOAuthCallbackHandler(); } - public static IServiceCollection AddOAuthCallbackHandlerAndRegister(this IServiceCollection services, string name = AuthCallbackHandlerOptions.DefaultName, Action? configureOptions = null) - where TService : class, IAuthCallbackHandler + + /// + /// Registers OAuthCallbackHandler and automatically wires it into the Server pipeline. + /// Avoids manual resolution and explicit Server.RegisterHandler calls by consumers. + /// + public static IServiceCollection AddOAuthCallbackHandlerAndRegister(this IServiceCollection services, Action? configure = null) { - if (configureOptions != null) + if (configure != null) { - services.Configure(configureOptions); + services.Configure(configure); } - services.AddOAuthCallbackHandler(name); - // Register a singleton that wires the handler into the server on construction - services.AddSingleton(); + services.AddOAuthCallbackHandler(); + // Ensure automatic registration when Server is created + services.AddHttpHandlerAndRegister(); + // Registration object that hooks the handler into the server upon construction (eager path) + services.AddSingleton(); return services; } - private sealed class OAuthCallbackHandlerRegistration : IDisposable + + private sealed class OAuthCallbackRegistration : IDisposable { private readonly IDisposable _registration; - public OAuthCallbackHandlerRegistration(Server server, OAuthCallbackHandler handler) => - // Place first by registering now; Server keeps order of registration + public OAuthCallbackRegistration(Server server, OAuthCallbackHandler handler) + { + // Register early; Server preserves registration order _registration = server.RegisterHandler(handler); + } public void Dispose() => _registration.Dispose(); } } diff --git a/Yllibed.HttpServer.slnx b/Yllibed.HttpServer.slnx index d54506c..333d3cd 100644 --- a/Yllibed.HttpServer.slnx +++ b/Yllibed.HttpServer.slnx @@ -8,10 +8,10 @@ - + - + \ No newline at end of file From 6013b95316a4e7735ab2165be91b61ecc8944880 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Wed, 12 Nov 2025 12:08:34 +0100 Subject: [PATCH 13/29] test(OAuthExt): fix test build and update to use v3 xUnit and implement xunit.runner.json configured usage --- .../OAuthCallbackExtensionsTests.cs | 57 ++++++++++++ ...libed.HttpServer.Handlers.Uno.Tests.csproj | 21 +++-- .../xunit.runner.json | 7 ++ .../OAuthCallbackExtensionsTests.cs | 88 ------------------- 4 files changed, 80 insertions(+), 93 deletions(-) create mode 100644 Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackExtensionsTests.cs rename {Yllibed.HttpServer.Uno.Handlers.Tests => Yllibed.HttpServer.Handlers.Uno.Tests}/Yllibed.HttpServer.Handlers.Uno.Tests.csproj (57%) create mode 100644 Yllibed.HttpServer.Handlers.Uno.Tests/xunit.runner.json delete mode 100644 Yllibed.HttpServer.Uno.Handlers.Tests/OAuthCallbackExtensionsTests.cs diff --git a/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackExtensionsTests.cs b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackExtensionsTests.cs new file mode 100644 index 0000000..fb38dd7 --- /dev/null +++ b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackExtensionsTests.cs @@ -0,0 +1,57 @@ +using Yllibed.HttpServer.Handlers.Uno.Extensions; +using Microsoft.Extensions.Options; +using System.Net; +using Microsoft.Extensions.DependencyInjection; +using Yllibed.HttpServer.Extensions; // For AddYllibedHttpServer + +namespace Yllibed.HttpServer.Handlers.Uno.Tests; + +public class OAuthCallbackExtensionsTests +{ + [Fact] + public void AddOAuthCallbackHandler_RegistersHandlerAndInterface() + { + var services = new ServiceCollection(); + var options = new AuthCallbackHandlerOptions { CallbackUri = "http://localhost/callback" }; + services.AddSingleton(Options.Create(options)); + + services.AddOAuthCallbackHandler(); + + using var sp = services.BuildServiceProvider(); + var concrete = sp.GetService(); + var asInterface = sp.GetService(); + + concrete.ShouldNotBeNull(); + asInterface.ShouldNotBeNull(); + ReferenceEquals(concrete, asInterface).ShouldBeTrue(); + concrete!.CallbackUri.ShouldBe(new Uri("http://localhost/callback")); + } + + [Fact] + public async Task AddOAuthCallbackHandlerAndRegister_RegistersIntoServerPipeline() + { + var services = new ServiceCollection(); + services.AddLogging(); + + var namedOptions = new AuthCallbackHandlerOptions { CallbackUri = "http://localhost/callback" }; + services.AddSingleton(Options.Create(namedOptions)); + + services.AddYllibedHttpServer(); + services.AddOAuthCallbackHandlerAndRegister(); + + await using var sp = services.BuildServiceProvider(); + var server = sp.GetRequiredService(); + var (uri4, _) = server.Start(); + var callbackUri = new Uri(uri4, "/callback?code=abc"); + + var client = new HttpClient(); + var response = await client.GetAsync(callbackUri, TestContext.Current.CancellationToken); + response.StatusCode.ShouldBe(HttpStatusCode.OK); + + var handler = sp.GetRequiredService(); + var result = await handler.WaitForCallbackAsync(); + result.ResponseErrorDetail.ShouldBe((uint)200); + result.ResponseData.ShouldNotBeNull(); + result.ResponseData!.ShouldContain("code=abc"); + } +} diff --git a/Yllibed.HttpServer.Uno.Handlers.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj b/Yllibed.HttpServer.Handlers.Uno.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj similarity index 57% rename from Yllibed.HttpServer.Uno.Handlers.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj rename to Yllibed.HttpServer.Handlers.Uno.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj index bb29f3a..68280a1 100644 --- a/Yllibed.HttpServer.Uno.Handlers.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj +++ b/Yllibed.HttpServer.Handlers.Uno.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj @@ -1,10 +1,17 @@  - net9.0 + net9.0 + + Exe + Yllibed.HttpServer.Handlers.Uno.Tests enable enable false + true @@ -12,20 +19,24 @@ - + - + - + + + + + diff --git a/Yllibed.HttpServer.Handlers.Uno.Tests/xunit.runner.json b/Yllibed.HttpServer.Handlers.Uno.Tests/xunit.runner.json new file mode 100644 index 0000000..f3cb7c3 --- /dev/null +++ b/Yllibed.HttpServer.Handlers.Uno.Tests/xunit.runner.json @@ -0,0 +1,7 @@ +{ + "$schema": "https://xunit.net/schema/current/xunit.runner.schema.json", + "methodDisplay": "method", + "methodDisplayOptions": "replaceUnderscopreWithSpace", + "preEnumerateTheories": true, + "stopOnFail": true +} diff --git a/Yllibed.HttpServer.Uno.Handlers.Tests/OAuthCallbackExtensionsTests.cs b/Yllibed.HttpServer.Uno.Handlers.Tests/OAuthCallbackExtensionsTests.cs deleted file mode 100644 index 2e62c4d..0000000 --- a/Yllibed.HttpServer.Uno.Handlers.Tests/OAuthCallbackExtensionsTests.cs +++ /dev/null @@ -1,88 +0,0 @@ -using Xunit; -using Shouldly; -using Yllibed.HttpServer.Handlers.Uno.Extensions; -using Microsoft.Extensions.Options; -using Microsoft.Extensions.DependencyInjection; - -namespace Yllibed.HttpServer.Handlers.Uno.Tests; - -public class OAuthCallbackExtensionsTests -{ - private sealed class TestOptionsSnapshot : IOptionsSnapshot - { - private readonly Dictionary _map; - public TestOptionsSnapshot(Dictionary map) => _map = map; - public AuthCallbackHandlerOptions Value => Get(AuthCallbackHandlerOptions.DefaultName); - public AuthCallbackHandlerOptions Get(string? name) => _map.TryGetValue(name ?? AuthCallbackHandlerOptions.DefaultName, out var v) - ? v - : new AuthCallbackHandlerOptions { CallbackUri = "http://localhost/invalid" }; - } - - [Fact] - public void AddOAuthCallbackHandler_RegistersHandlerAndInterface() - { - var services = new ServiceCollection(); - services.AddOptions(); - services.AddSingleton(Options.Create(new AuthCallbackHandlerOptions { CallbackUri = "http://localhost/callback" })); - - services.AddOAuthCallbackHandler(); - - using var sp = services.BuildServiceProvider(); - var concrete = sp.GetService(); - var asInterface = sp.GetService(); - - concrete.ShouldNotBeNull(); - asInterface.ShouldNotBeNull(); - ReferenceEquals(concrete, asInterface).ShouldBeTrue(); - concrete!.CallbackUri.ShouldBe(new Uri("http://localhost/callback")); - } - - [Fact] - public async Task AddOAuthCallbackHandlerAndRegister_RegistersIntoServerPipeline() - { - var services = new ServiceCollection(); - services.AddOptions(); - services.AddLogging(); - // Provide named options via custom snapshot to satisfy init-only property - services.AddSingleton>( - new TestOptionsSnapshot(new Dictionary(StringComparer.Ordinal) - { - [AuthCallbackHandlerOptions.DefaultName] = new AuthCallbackHandlerOptions { CallbackUri = "http://localhost/callback" } - })); - services.AddSingleton(Options.Create(new ServerOptions())); - services.AddSingleton(); - services.AddOAuthCallbackHandlerAndRegister(); - - using var sp = services.BuildServiceProvider(); - var server = sp.GetRequiredService(); - var (uri4, _) = server.Start(); - var callbackUri = new Uri(uri4, "/callback?code=abc"); - - var client = new HttpClient(); - var response = await client.GetAsync(callbackUri); - response.StatusCode.ShouldBe(HttpStatusCode.OK); - - var handler = sp.GetRequiredService(); - var result = await handler.WaitForCallbackAsync(); - result.ResponseErrorDetail.ShouldBe((uint)200); - result.ResponseData.ShouldNotBeNull(); - result.ResponseData!.ShouldContain("code=abc"); - } - - [Fact] - public void AddOAuthCallbackHandler_KeyedNameResolvesOptions() - { - var services = new ServiceCollection(); - services.AddOptions(); - services.AddSingleton>( - new TestOptionsSnapshot(new Dictionary(StringComparer.Ordinal) - { - ["Custom"] = new AuthCallbackHandlerOptions { CallbackUri = "http://localhost/customcb" } - })); - services.AddOAuthCallbackHandler("Custom"); - - using var sp = services.BuildServiceProvider(); - var handler = sp.GetRequiredKeyedService("Custom"); - handler.CallbackUri.ShouldBe(new Uri("http://localhost/customcb")); - } -} From 41f96a3abaaa3b5dfc63c44fb5513fe4e97a43c2 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Wed, 12 Nov 2025 12:57:51 +0100 Subject: [PATCH 14/29] test(OAuthHandler): Add tests to proof OAuthHandler works with expected Readme config for Handlers --- .../OAuthCallbackReadmeExampleTests.cs | 84 +++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100644 Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs diff --git a/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs new file mode 100644 index 0000000..a0af752 --- /dev/null +++ b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs @@ -0,0 +1,84 @@ +using System.Net; +using Microsoft.Extensions.DependencyInjection; +using Microsoft.Extensions.Options; +using Yllibed.HttpServer.Extensions; +using Yllibed.HttpServer.Handlers.Uno.Extensions; + +namespace Yllibed.HttpServer.Handlers.Uno.Tests; + +public class OAuthCallbackReadmeExampleTests +{ + [Fact] + public async Task README_OAuthCallback_Example_Works() + { + // Arrange + var services = new ServiceCollection(); + services.Configure(opts => + { + opts.Port = 0; // dynamic + opts.Hostname4 = "127.0.0.1"; + opts.Hostname6 = "::1"; + }); + services.AddSingleton(Options.Create(new AuthCallbackHandlerOptions + { + CallbackUri = "http://localhost/callback" + })); + services.AddYllibedHttpServer(); + services.AddOAuthCallbackHandlerAndRegister(); + await using var sp = services.BuildServiceProvider(); + var server = sp.GetRequiredService(); + + // Act + var (uri4, _) = server.Start(); + var callbackRequest = new Uri(uri4, "/callback?code=readme-test"); + using var client = new HttpClient(); + var response = await client.GetAsync(callbackRequest, TestContext.Current.CancellationToken); + var body = await response.Content.ReadAsStringAsync(TestContext.Current.CancellationToken); + + // Assert + response.StatusCode.ShouldBe(HttpStatusCode.OK); + body.ShouldContain("Authentication completed successfully"); + var handler = sp.GetRequiredService(); + var result = await handler.WaitForCallbackAsync(); + result.ResponseErrorDetail.ShouldBe((uint)200); + result.ResponseData.ShouldNotBeNull(); + result.ResponseData!.ShouldContain("code=readme-test"); + } + + [Theory] + [InlineData("https://localhost:5001/etsy/callback", "etsy-theory-https")] + [InlineData("http://localhost:5001/etsy/callback", "etsy-theory-http")] + public async Task OAuthCallback_Url_And_Configured_Server_Port_With_Loopback_Works(string callbackUri, string code) + { + // Arrange unified theory: dynamic server port, handler registered; callbackUri path match regardless of scheme/port + var services = new ServiceCollection(); + services.Configure(opts => + { + opts.Port = 5001; + opts.Hostname4 = "localhost"; + opts.BindAddress4 = IPAddress.Loopback; + }); + services.AddSingleton(Options.Create(new AuthCallbackHandlerOptions + { + CallbackUri = callbackUri, + })); + services.AddYllibedHttpServer(); + services.AddOAuthCallbackHandlerAndRegister(); + await using var sp = services.BuildServiceProvider(); + var server = sp.GetRequiredService(); + + // Act + var (uri4, _) = server.Start(); + var callbackRequest = new Uri(uri4, $"/etsy/callback?code={code}"); + using var client = new HttpClient(); + var response = await client.GetAsync(callbackRequest, TestContext.Current.CancellationToken); + + // Assert + response.StatusCode.ShouldBe(HttpStatusCode.OK); + var handler = sp.GetRequiredService(); + var result = await handler.WaitForCallbackAsync(); + result.ResponseErrorDetail.ShouldBe((uint)200); + result.ResponseData.ShouldNotBeNull(); + result.ResponseData!.ShouldContain(code); + } +} From 0f22af5e511abce31353aeba7ccba78e0c351bcc Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Wed, 12 Nov 2025 13:12:56 +0100 Subject: [PATCH 15/29] chore(SocketException): comment out the failing test case until issue 15 on httpserver-origin repo is handled in any way --- .../OAuthCallbackReadmeExampleTests.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs index a0af752..11d8ac2 100644 --- a/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs +++ b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs @@ -47,7 +47,7 @@ public async Task README_OAuthCallback_Example_Works() [Theory] [InlineData("https://localhost:5001/etsy/callback", "etsy-theory-https")] - [InlineData("http://localhost:5001/etsy/callback", "etsy-theory-http")] + //[InlineData("http://localhost:5001/etsy/callback", "etsy-theory-http")] public async Task OAuthCallback_Url_And_Configured_Server_Port_With_Loopback_Works(string callbackUri, string code) { // Arrange unified theory: dynamic server port, handler registered; callbackUri path match regardless of scheme/port From 80a4eff6db5d4b684e60e07ffa3fd3a41966097d Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Wed, 12 Nov 2025 14:25:49 +0100 Subject: [PATCH 16/29] chore: Align extension comments with GuardExtensions --- .../Extensions/OAuthCallbackExtensions.cs | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs b/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs index 95e5659..2dee614 100644 --- a/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs +++ b/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs @@ -1,6 +1,5 @@ using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Options; -using Yllibed.HttpServer.Extensions; // For AddHttpHandlerAndRegister namespace Yllibed.HttpServer.Handlers.Uno.Extensions; @@ -39,9 +38,7 @@ public static IServiceCollection AddOAuthCallbackHandlerAndRegister(this IServic services.Configure(configure); } services.AddOAuthCallbackHandler(); - // Ensure automatic registration when Server is created - services.AddHttpHandlerAndRegister(); - // Registration object that hooks the handler into the server upon construction (eager path) + // Register a singleton that wires the handler into the server on construction services.AddSingleton(); return services; } @@ -49,11 +46,12 @@ public static IServiceCollection AddOAuthCallbackHandlerAndRegister(this IServic private sealed class OAuthCallbackRegistration : IDisposable { private readonly IDisposable _registration; +#pragma warning disable IDE0290 // prefer using primary constructor - aligning with existing patterns in GuardHandlerRegistration public OAuthCallbackRegistration(Server server, OAuthCallbackHandler handler) - { - // Register early; Server preserves registration order - _registration = server.RegisterHandler(handler); - } + // Place first by registering now; Server keeps order of registration + => _registration = server.RegisterHandler(handler); +#pragma warning restore IDE0290 // prefer using primary constructor + public void Dispose() => _registration.Dispose(); } } From 1b2b2c421eecb75a4d3e7b793ee113915717dce0 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Wed, 12 Nov 2025 14:26:47 +0100 Subject: [PATCH 17/29] docs(Readme): Add How-To for OAuthCallbackHandler --- README.md | 75 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 74 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 681a4cb..6ccd28b 100644 --- a/README.md +++ b/README.md @@ -110,7 +110,8 @@ If you need to expose it on a public or untrusted network: - Alternatively, use a secure tunnel (SSH, Cloudflare Tunnel, etc.). - Bind to loopback only (127.0.0.1 / ::1) when you want to ensure local-only access. -Note: Authentication/authorization is not built-in; implement it in your handlers or at the proxy layer as needed. +> [!NOTE] +> Authentication/authorization is not built-in; implement it in your handlers or at the proxy layer as needed. ### GuardHandler (basic request filtering) GuardHandler provides best-effort filtering of incoming requests, rejecting obviously problematic or oversized requests early. This is lightweight filtering against unsophisticated attacks, not comprehensive security. @@ -240,6 +241,9 @@ services.AddYllibedHttpServer(opts => - Load balancer configurations requiring static endpoints - Development scenarios where you need predictable URLs +> [!IMPORTANT] +> Remark: Only one `Server` instance (per address family) can bind to a given fixed port. Attempting to start a second server or test on the same port (e.g., two OAuth flows both forcing port 5001) will throw a `System.Net.Sockets.SocketException` (address already in use). Use dynamic ports (`Port = 0`) unless an OAuth provider mandates an exact fixed redirect URI. + ### Basic Configuration Example ```csharp @@ -450,3 +454,72 @@ Notes: - Caching: Cache-Control: no-cache is added by default for SSE responses unless you override it via headers. - Retry: The SSE spec allows the server to send a retry: field to suggest a reconnection delay. This helper does not currently provide a dedicated API for retry frames. Most clients also implement their own backoff. If you need this, you can write raw lines through a custom handler or open an issue. - CORS: If you need cross-origin access, add appropriate headers (e.g., Access-Control-Allow-Origin) via the headers parameter when starting the SSE session. + +### OAuthCallbackHandler Usage + +The `OAuthCallbackHandler` helps capture an OAuth2.0 (or similar) redirect to a localhost HTTP endpoint and provides a `WaitForCallbackAsync()` method to retrieve the result once the browser hits the callback URL. + +Minimal manual registration (fixed port example): +```csharp +var server = new Server(5001); // Fixed port must match the registered redirect URI with the provider +var callbackHandler = new OAuthCallbackHandler(new Uri("http://localhost:5001/oauth/callback")); +server.RegisterHandler(callbackHandler); +var (uri4, _) = server.Start(); +Console.WriteLine($"Listening for OAuth redirect at: {callbackHandler.CallbackUri}"); + +// Later, wait for the incoming redirect +var result = await callbackHandler.WaitForCallbackAsync(); +Console.WriteLine($"Status: {result.ResponseStatus}, Raw URI: {result.ResponseData}"); +``` + +Using Microsoft DI with automatic handler registration: +```csharp +var services = new ServiceCollection(); +services.AddYllibedHttpServer(opts => +{ + opts.Port = 5001; // Fixed port required if provider expects an exact redirect URI + opts.Hostname4 = "localhost"; // Host portion of the redirect URI + opts.BindAddress4 = IPAddress.Loopback; // Listen only on loopback for safety +}); + +// Configure the expected callback URI (must match exactly what you registered with the OAuth provider) +services.AddOAuthCallbackHandlerAndRegister(o => +{ + o.CallbackUri = "http://localhost:5001/oauth/callback"; // or https:// if provider redirects securely +}); + +var sp = services.BuildServiceProvider(); +var server = sp.GetRequiredService(); +var (uri4, _) = server.Start(); +Console.WriteLine($"Server started: {uri4}"); + +// Obtain the handler via DI and await the redirect +var authHandler = sp.GetRequiredService(); +var authResult = await authHandler.WaitForCallbackAsync(); + +switch (authResult.ResponseStatus) +{ + case WebAuthenticationStatus.Success: + Console.WriteLine("OAuth flow succeeded."); + break; + case WebAuthenticationStatus.UserCancel: + Console.WriteLine("User cancelled the flow."); + break; + case WebAuthenticationStatus.ErrorHttp: + Console.WriteLine($"HTTP error: {authResult.ResponseErrorDetail}"); + break; + default: + Console.WriteLine("Unexpected status."); + break; +} +``` + +> [!NOTE] +> +> - Ensure the fixed port and path (`/oauth/callback` in the examples) match exactly the redirect URI registered with the OAuth provider. +> - `WaitForCallbackAsync()` returns once the first matching request arrives; subsequent requests are ignored for result completion. +> - The handler sets a simple text response indicating success, cancellation, or error so users can close the browser tab. +> - You can provide an HTTPS redirect URI (`https://localhost:5001/...`) if the OAuth provider enforces HTTPS; the handler accepts both HTTP and HTTPS schemes for the configured callback. +> - When running tests or multiple local flows, prefer dynamic ports unless the provider requires a fixed one. +> [!IMPORTANT] +> Only one Server instance (per address family) can bind to a given fixed port. Attempting to start a second server on the same port will throw a System.Net.Sockets.SocketException (address already in use). From dc5e80f186a3a03fc015a9e2ba4890c621e8c42e Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Wed, 19 Nov 2025 15:08:59 +0100 Subject: [PATCH 18/29] ci(net10): Add .NET 10.0 Setup step --- .github/workflows/build.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 648ea8f..095c83e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -26,6 +26,11 @@ jobs: uses: actions/setup-dotnet@v3 with: dotnet-version: '9.0' + + - name: Setup .NET 10.0 + uses: actions/setup-dotnet@v3 + with: + dotnet-version: '10.0' - name: Build run: dotnet build Yllibed.HttpServer.slnx /p:Configuration=Release From c63352c1a66997be05cac7540424065a6472a537 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Thu, 20 Nov 2025 15:36:17 +0100 Subject: [PATCH 19/29] chore(deps): Version bump Uno.Sdk version --- .../Yllibed.HttpServer.Handlers.Uno.Tests.csproj | 13 +++---------- .../Yllibed.HttpServer.Handlers.Uno.csproj | 2 +- global.json | 16 ++++++++-------- 3 files changed, 12 insertions(+), 19 deletions(-) diff --git a/Yllibed.HttpServer.Handlers.Uno.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj b/Yllibed.HttpServer.Handlers.Uno.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj index 68280a1..6b08468 100644 --- a/Yllibed.HttpServer.Handlers.Uno.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj +++ b/Yllibed.HttpServer.Handlers.Uno.Tests/Yllibed.HttpServer.Handlers.Uno.Tests.csproj @@ -1,7 +1,7 @@  - net9.0 + net9.0;net10.0 + + - diff --git a/Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj b/Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj index b2266aa..486a9ef 100644 --- a/Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj +++ b/Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj @@ -1,7 +1,7 @@  - net9.0 + net9.0;net10.0 enable enable $(Authors);Sonja Schweitzer diff --git a/global.json b/global.json index 27dd118..701ca2d 100644 --- a/global.json +++ b/global.json @@ -1,10 +1,10 @@ { - "msbuild-sdks": { - "Uno.Sdk": "6.3.28" - }, - "sdk": { - "version": "9.0.100", - "rollForward": "latestMajor", - "allowPrerelease": false - } + "msbuild-sdks": { + "Uno.Sdk": "6.4.24" + }, + "sdk": { + "version": "9.0.100", + "rollForward": "latestMajor", + "allowPrerelease": false + } } From 1c42b27a4f17469952bad9d27bf6169911754496 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sat, 6 Dec 2025 23:12:30 +0100 Subject: [PATCH 20/29] chore: Remove Service Key and name from AuthCallbackHandler --- Yllibed.HttpServer.Handlers.Uno/GlobalUsings.cs | 2 ++ .../IAuthCallbackHandler.cs | 1 - .../OAuthCallbackHandler.cs | 16 +++------------- 3 files changed, 5 insertions(+), 14 deletions(-) diff --git a/Yllibed.HttpServer.Handlers.Uno/GlobalUsings.cs b/Yllibed.HttpServer.Handlers.Uno/GlobalUsings.cs index 112a9bf..c9ddf37 100644 --- a/Yllibed.HttpServer.Handlers.Uno/GlobalUsings.cs +++ b/Yllibed.HttpServer.Handlers.Uno/GlobalUsings.cs @@ -1,3 +1,5 @@ global using Microsoft.Extensions.Logging; global using Microsoft.Extensions.Options; global using Windows.Security.Authentication.Web; +global using Microsoft.Extensions.DependencyInjection; +global using Yllibed.HttpServer.Handlers.Uno.Defaults; diff --git a/Yllibed.HttpServer.Handlers.Uno/IAuthCallbackHandler.cs b/Yllibed.HttpServer.Handlers.Uno/IAuthCallbackHandler.cs index ff0e90f..3e57bb0 100644 --- a/Yllibed.HttpServer.Handlers.Uno/IAuthCallbackHandler.cs +++ b/Yllibed.HttpServer.Handlers.Uno/IAuthCallbackHandler.cs @@ -2,7 +2,6 @@ namespace Yllibed.HttpServer.Handlers.Uno; public interface IAuthCallbackHandler : IHttpHandler { - public string Name { get; } public Uri CallbackUri { get; } public Task WaitForCallbackAsync(); } diff --git a/Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs b/Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs index 674edf2..decc95c 100644 --- a/Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs +++ b/Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs @@ -1,6 +1,3 @@ -using Microsoft.Extensions.DependencyInjection; -using Yllibed.HttpServer.Handlers.Uno.Defaults; - namespace Yllibed.HttpServer.Handlers.Uno; public record OAuthCallbackHandler : IAuthCallbackHandler @@ -8,21 +5,17 @@ public record OAuthCallbackHandler : IAuthCallbackHandler private readonly TaskCompletionSource _tcs = new(); public Uri CallbackUri { get; init; } - public string Name { get; init; } - - public OAuthCallbackHandler(Uri callbackUri, string name = AuthCallbackHandlerOptions.DefaultName) + public OAuthCallbackHandler(Uri callbackUri) { if (callbackUri is null || callbackUri.Scheme != Uri.UriSchemeHttp && callbackUri.Scheme != Uri.UriSchemeHttps) { throw new ArgumentException("The CallbackUri must be an absolute URI with HTTP or HTTPS scheme.", nameof(callbackUri)); } - Name = name; CallbackUri = callbackUri; } public OAuthCallbackHandler( - AuthCallbackHandlerOptions options, - [ServiceKey] string name = AuthCallbackHandlerOptions.DefaultName) + AuthCallbackHandlerOptions options) { if (options.CallbackUri is null || !Uri.TryCreate(options?.CallbackUri, UriKind.Absolute, out var uri) @@ -30,13 +23,11 @@ public OAuthCallbackHandler( { throw new ArgumentException("The CallbackUri must be an absolute URI with HTTP or HTTPS scheme.", nameof(options)); } - Name = name; CallbackUri = uri; } [ActivatorUtilitiesConstructor] public OAuthCallbackHandler( - IOptions options, - [ServiceKey] string name = AuthCallbackHandlerOptions.DefaultName) + IOptions options) { if (options.Value.CallbackUri is null || !Uri.TryCreate(options.Value.CallbackUri, UriKind.Absolute, out var uri) @@ -44,7 +35,6 @@ public OAuthCallbackHandler( { throw new ArgumentException("The CallbackUri must be an absolute URI with HTTP or HTTPS scheme.", nameof(options)); } - Name = name; CallbackUri = uri; } From 2d2711b7ade2b05ba5b277a840463f693826a2c3 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sat, 6 Dec 2025 23:14:18 +0100 Subject: [PATCH 21/29] chore(AuthCallbackHandlerOptions): Change init to get, so configure overload succeeds to initialize using the known generic action pattern --- Yllibed.HttpServer.Handlers.Uno/AuthCallbackHandlerOptions.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Yllibed.HttpServer.Handlers.Uno/AuthCallbackHandlerOptions.cs b/Yllibed.HttpServer.Handlers.Uno/AuthCallbackHandlerOptions.cs index 8f0f7b3..663c77e 100644 --- a/Yllibed.HttpServer.Handlers.Uno/AuthCallbackHandlerOptions.cs +++ b/Yllibed.HttpServer.Handlers.Uno/AuthCallbackHandlerOptions.cs @@ -9,6 +9,6 @@ public record AuthCallbackHandlerOptions /// Configures the expected URI for authentication Callbacks. /// [Required, Url] - public string? CallbackUri { get; init; } + public string? CallbackUri { get; set; } } From bbc0e3904d56aa4970bc02c67e0d8709d18f9b89 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sat, 6 Dec 2025 23:16:37 +0100 Subject: [PATCH 22/29] test(AuthCallbackExtensions): Ensure the registration resolves the Handler with the expected Interface --- .../OAuthCallbackExtensionsTests.cs | 48 ++++++++++++++++--- .../Extensions/OAuthCallbackExtensions.cs | 24 ++++------ 2 files changed, 50 insertions(+), 22 deletions(-) diff --git a/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackExtensionsTests.cs b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackExtensionsTests.cs index fb38dd7..9897082 100644 --- a/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackExtensionsTests.cs +++ b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackExtensionsTests.cs @@ -1,9 +1,3 @@ -using Yllibed.HttpServer.Handlers.Uno.Extensions; -using Microsoft.Extensions.Options; -using System.Net; -using Microsoft.Extensions.DependencyInjection; -using Yllibed.HttpServer.Extensions; // For AddYllibedHttpServer - namespace Yllibed.HttpServer.Handlers.Uno.Tests; public class OAuthCallbackExtensionsTests @@ -54,4 +48,46 @@ public async Task AddOAuthCallbackHandlerAndRegister_RegistersIntoServerPipeline result.ResponseData.ShouldNotBeNull(); result.ResponseData!.ShouldContain("code=abc"); } + + [Fact] + public void AddOAuthCallbackHandlerAndRegister_WithConfigure_RegistersHandlerAndAppliesOptions() + { + var services = new ServiceCollection(); + + services.AddOAuthCallbackHandlerAndRegister(o => o.CallbackUri = "http://localhost/configured-callback"); + + using var sp = services.BuildServiceProvider(); + var concrete = sp.GetService(); + var asInterface = sp.GetService(); + + concrete.ShouldNotBeNull(); + asInterface.ShouldNotBeNull(); + ReferenceEquals(concrete, asInterface).ShouldBeTrue(); + concrete!.CallbackUri.ShouldBe(new Uri("http://localhost/configured-callback")); + } + + [Fact] + public async Task AddOAuthCallbackHandlerAndRegister_WithConfigure_RegistersIntoServerPipeline() + { + var services = new ServiceCollection(); + services.AddLogging(); + + services.AddYllibedHttpServer(); + services.AddOAuthCallbackHandlerAndRegister(o => o.CallbackUri = "http://localhost/configured-callback"); + + await using var sp = services.BuildServiceProvider(); + var server = sp.GetRequiredService(); + var (uri4, _) = server.Start(); + var callbackUri = new Uri(uri4, "/configured-callback?code=xyz"); + + var client = new HttpClient(); + var response = await client.GetAsync(callbackUri, TestContext.Current.CancellationToken); + response.StatusCode.ShouldBe(HttpStatusCode.OK); + + var handler = sp.GetRequiredService(); + var result = await handler.WaitForCallbackAsync(); + result.ResponseErrorDetail.ShouldBe((uint)200); + result.ResponseData.ShouldNotBeNull(); + result.ResponseData!.ShouldContain("code=xyz"); + } } diff --git a/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs b/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs index 2dee614..7d63342 100644 --- a/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs +++ b/Yllibed.HttpServer.Handlers.Uno/Extensions/OAuthCallbackExtensions.cs @@ -1,5 +1,5 @@ using Microsoft.Extensions.DependencyInjection; -using Microsoft.Extensions.Options; +using Yllibed.HttpServer.Extensions; namespace Yllibed.HttpServer.Handlers.Uno.Extensions; @@ -9,12 +9,13 @@ namespace Yllibed.HttpServer.Handlers.Uno.Extensions; public static class OAuthCallbackExtensions { /// - /// Registers OAuthCallbackHandler with options support and exposes it as both its concrete type and as IAuthCallbackHandler. + /// Registers OAuthCallbackHandler with options support and exposes it as both its concrete type, IAuthCallbackHandler, and IHttpHandler. /// public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection services) { services.AddSingleton(sp => new OAuthCallbackHandler(sp.GetRequiredService>())); services.AddSingleton(sp => sp.GetRequiredService()); + services.AddSingleton(sp => sp.GetRequiredService()); return services; } @@ -30,6 +31,7 @@ public static IServiceCollection AddOAuthCallbackHandler(this IServiceCollection /// /// Registers OAuthCallbackHandler and automatically wires it into the Server pipeline. /// Avoids manual resolution and explicit Server.RegisterHandler calls by consumers. + /// Uses the automatic HandlerRegistrationService which ensures the handler is registered when Server is created. /// public static IServiceCollection AddOAuthCallbackHandlerAndRegister(this IServiceCollection services, Action? configure = null) { @@ -38,20 +40,10 @@ public static IServiceCollection AddOAuthCallbackHandlerAndRegister(this IServic services.Configure(configure); } services.AddOAuthCallbackHandler(); - // Register a singleton that wires the handler into the server on construction - services.AddSingleton(); + // Use the automatic registration mechanism provided by AddYllibedHttpServer + // This ensures handlers are registered when the Server is instantiated + // The GuardExtensions pattern was tested to always fail the test compared to this!! + services.AddHttpHandlerAndRegister(); return services; } - - private sealed class OAuthCallbackRegistration : IDisposable - { - private readonly IDisposable _registration; -#pragma warning disable IDE0290 // prefer using primary constructor - aligning with existing patterns in GuardHandlerRegistration - public OAuthCallbackRegistration(Server server, OAuthCallbackHandler handler) - // Place first by registering now; Server keeps order of registration - => _registration = server.RegisterHandler(handler); -#pragma warning restore IDE0290 // prefer using primary constructor - - public void Dispose() => _registration.Dispose(); - } } From 2903753d14ec52bcc3e8b9260381fbaec8f7a8d1 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sat, 6 Dec 2025 23:22:33 +0100 Subject: [PATCH 23/29] chore: lower Accessor level of methods to correctly encapsulate the Handler --- Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs b/Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs index decc95c..d1b95cc 100644 --- a/Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs +++ b/Yllibed.HttpServer.Handlers.Uno/OAuthCallbackHandler.cs @@ -57,7 +57,7 @@ public Task HandleRequest(CancellationToken ct, IHttpServerRequest request, stri return Task.CompletedTask; } - protected virtual WebAuthenticationResult GetWebAuthenticationResult(uint statusCode, string requestUriString) + private WebAuthenticationResult GetWebAuthenticationResult(uint statusCode, string requestUriString) { return statusCode switch { @@ -67,7 +67,7 @@ protected virtual WebAuthenticationResult GetWebAuthenticationResult(uint status }; } - protected virtual uint GetStatusCode(IDictionary parameters) + private uint GetStatusCode(IDictionary parameters) { if (parameters.TryGetValue(OAuthErrorResponseDefaults.ErrorKey, out var error)) { @@ -84,7 +84,7 @@ protected virtual uint GetStatusCode(IDictionary parameters) return 200; } - protected virtual string GetWebAuthenticationResponseMessage(WebAuthenticationResult result) + private string GetWebAuthenticationResponseMessage(WebAuthenticationResult result) { return result.ResponseStatus switch { From 358a20ab8d34c9dd81e1a18b9df2a9dac9b44acc Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sat, 6 Dec 2025 23:23:12 +0100 Subject: [PATCH 24/29] test(OAuthCallback): Add Test coverage for Handler and Options --- .../AuthCallbackHandlerOptionsTests.cs | 54 ++++ .../GlobalUsings.cs | 6 + .../OAuthCallbackHandlerTests.cs | 263 ++++++++++++++++++ .../OAuthCallbackReadmeExampleTests.cs | 6 - 4 files changed, 323 insertions(+), 6 deletions(-) create mode 100644 Yllibed.HttpServer.Handlers.Uno.Tests/AuthCallbackHandlerOptionsTests.cs create mode 100644 Yllibed.HttpServer.Handlers.Uno.Tests/GlobalUsings.cs create mode 100644 Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackHandlerTests.cs diff --git a/Yllibed.HttpServer.Handlers.Uno.Tests/AuthCallbackHandlerOptionsTests.cs b/Yllibed.HttpServer.Handlers.Uno.Tests/AuthCallbackHandlerOptionsTests.cs new file mode 100644 index 0000000..c0e0928 --- /dev/null +++ b/Yllibed.HttpServer.Handlers.Uno.Tests/AuthCallbackHandlerOptionsTests.cs @@ -0,0 +1,54 @@ +namespace Yllibed.HttpServer.Handlers.Uno.Tests; + +public class AuthCallbackHandlerOptionsTests +{ + + private static List Validate(object model) + { + var results = new List(); + var context = new ValidationContext(model); + Validator.TryValidateObject(model, context, results, validateAllProperties: true); + return results; + } + + [Fact] + public void Validation_Fails_When_CallbackUri_Is_Null() + { + // Arrange + var opts = new AuthCallbackHandlerOptions { CallbackUri = null }; + + // Act + var results = Validate(opts); + + // Assert + results.ShouldNotBeEmpty(); + results.ShouldContain(r => r.MemberNames.Contains(nameof(AuthCallbackHandlerOptions.CallbackUri))); + } + + [Fact] + public void Validation_Fails_When_CallbackUri_Is_Invalid_Url() + { + // Arrange + var opts = new AuthCallbackHandlerOptions { CallbackUri = "not-a-url" }; + + // Act + var results = Validate(opts); + + // Assert + results.ShouldNotBeEmpty(); + results.ShouldContain(r => r.MemberNames.Contains(nameof(AuthCallbackHandlerOptions.CallbackUri))); + } + + [Fact] + public void Validation_Passes_With_Valid_Url() + { + // Arrange + var opts = new AuthCallbackHandlerOptions { CallbackUri = "http://example.com/callback" }; + + // Act + var results = Validate(opts); + + // Assert + results.ShouldBeEmpty(); + } +} diff --git a/Yllibed.HttpServer.Handlers.Uno.Tests/GlobalUsings.cs b/Yllibed.HttpServer.Handlers.Uno.Tests/GlobalUsings.cs new file mode 100644 index 0000000..a889de4 --- /dev/null +++ b/Yllibed.HttpServer.Handlers.Uno.Tests/GlobalUsings.cs @@ -0,0 +1,6 @@ +global using System.ComponentModel.DataAnnotations; +global using System.Net; +global using Microsoft.Extensions.DependencyInjection; +global using Microsoft.Extensions.Options; +global using Yllibed.HttpServer.Extensions; +global using Yllibed.HttpServer.Handlers.Uno.Extensions; diff --git a/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackHandlerTests.cs b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackHandlerTests.cs new file mode 100644 index 0000000..00c49c6 --- /dev/null +++ b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackHandlerTests.cs @@ -0,0 +1,263 @@ +namespace Yllibed.HttpServer.Handlers.Uno.Tests; + +using Microsoft.Extensions.Options; +using System.Net; +using Windows.Security.Authentication.Web; + +public class OAuthCallbackHandlerTests +{ + private const string ValidHttpCallback = "http://localhost:5000/callback"; + private const string ValidHttpsCallback = "https://localhost:5000/callback"; + + [Fact] + public void Constructor_WithValidHttpUri_Succeeds() + { + var uri = new Uri(ValidHttpCallback); + var handler = new OAuthCallbackHandler(uri); + + handler.CallbackUri.ShouldBe(uri); + } + + [Fact] + public void Constructor_WithValidHttpsUri_Succeeds() + { + var uri = new Uri(ValidHttpsCallback); + var handler = new OAuthCallbackHandler(uri); + + handler.CallbackUri.ShouldBe(uri); + } + + [Fact] + public void Constructor_WithNullUri_Throws() + { + Should.Throw(() => new OAuthCallbackHandler((Uri?)null!)) + .Message.ShouldContain("CallbackUri must be an absolute URI"); + } + + [Theory] + [InlineData("ftp://localhost:5000/callback")] + [InlineData("file:///callback")] + public void Constructor_WithInvalidScheme_Throws(string invalidUri) + { + Should.Throw(() => new OAuthCallbackHandler(new Uri(invalidUri))) + .Message.ShouldContain("CallbackUri must be an absolute URI with HTTP or HTTPS scheme"); + } + + [Fact] + public void Constructor_WithOptionsString_ValidHttpUri_Succeeds() + { + var options = new AuthCallbackHandlerOptions { CallbackUri = ValidHttpCallback }; + var handler = new OAuthCallbackHandler(options); + + handler.CallbackUri.ShouldBe(new Uri(ValidHttpCallback)); + } + + [Fact] + public void Constructor_WithOptionsString_ValidHttpsUri_Succeeds() + { + var options = new AuthCallbackHandlerOptions { CallbackUri = ValidHttpsCallback }; + var handler = new OAuthCallbackHandler(options); + + handler.CallbackUri.ShouldBe(new Uri(ValidHttpsCallback)); + } + + [Fact] + public void Constructor_WithOptionsString_NullCallbackUri_Throws() + { + var options = new AuthCallbackHandlerOptions { CallbackUri = null }; + Should.Throw(() => new OAuthCallbackHandler(options)) + .Message.ShouldContain("CallbackUri must be an absolute URI"); + } + + [Fact] + public void Constructor_WithOptionsString_InvalidScheme_Throws() + { + var options = new AuthCallbackHandlerOptions { CallbackUri = "ftp://localhost:5000/callback" }; + Should.Throw(() => new OAuthCallbackHandler(options)) + .Message.ShouldContain("CallbackUri must be an absolute URI with HTTP or HTTPS scheme"); + } + + [Fact] + public void Constructor_WithIOptions_ValidHttpUri_Succeeds() + { + var options = Options.Create(new AuthCallbackHandlerOptions { CallbackUri = ValidHttpCallback }); + var handler = new OAuthCallbackHandler(options); + + handler.CallbackUri.ShouldBe(new Uri(ValidHttpCallback)); + } + + [Fact] + public void Constructor_WithIOptions_ValidHttpsUri_Succeeds() + { + var options = Options.Create(new AuthCallbackHandlerOptions { CallbackUri = ValidHttpsCallback }); + var handler = new OAuthCallbackHandler(options); + + handler.CallbackUri.ShouldBe(new Uri(ValidHttpsCallback)); + } + + [Fact] + public void Constructor_WithIOptions_NullCallbackUri_Throws() + { + var options = Options.Create(new AuthCallbackHandlerOptions { CallbackUri = null }); + Should.Throw(() => new OAuthCallbackHandler(options)) + .Message.ShouldContain("CallbackUri must be an absolute URI"); + } + + [Fact] + public void Constructor_WithIOptions_InvalidScheme_Throws() + { + var options = Options.Create(new AuthCallbackHandlerOptions { CallbackUri = "ftp://localhost/callback" }); + Should.Throw(() => new OAuthCallbackHandler(options)) + .Message.ShouldContain("CallbackUri must be an absolute URI with HTTP or HTTPS scheme"); + } + + [Fact] + public async Task HandleRequest_WithSuccessCode_ReturnsSuccess() + { + var handler = new OAuthCallbackHandler(new Uri("http://localhost/callback")); + using var server = new Server(); + server.RegisterHandler(handler); + server.RegisterHandler(new StaticHandler("/fallback", "text/plain", "fallback")); + var (uri, _) = server.Start(); + var callbackUri = new Uri(uri, "/callback?code=auth-code-123"); + + using var client = new HttpClient(); + var response = await client.GetAsync(callbackUri, TestContext.Current.CancellationToken); + + response.StatusCode.ShouldBe(HttpStatusCode.OK); + var result = await handler.WaitForCallbackAsync(); + result.ResponseStatus.ShouldBe(WebAuthenticationStatus.Success); + result.ResponseErrorDetail.ShouldBe((uint)200); + } + + [Fact] + public async Task HandleRequest_WithAccessDeniedError_Returns403() + { + var handler = new OAuthCallbackHandler(new Uri("http://localhost/callback")); + using var server = new Server(); + server.RegisterHandler(handler); + var (uri, _) = server.Start(); + var callbackUri = new Uri(uri, "/callback?error=access_denied"); + + using var client = new HttpClient(); + await client.GetAsync(callbackUri, TestContext.Current.CancellationToken); + + var result = await handler.WaitForCallbackAsync(); + result.ResponseStatus.ShouldBe(WebAuthenticationStatus.UserCancel); + result.ResponseErrorDetail.ShouldBe((uint)403); + } + + [Fact] + public async Task HandleRequest_WithInvalidClientError_Returns401() + { + var handler = new OAuthCallbackHandler(new Uri("http://localhost/callback")); + using var server = new Server(); + server.RegisterHandler(handler); + var (uri, _) = server.Start(); + var callbackUri = new Uri(uri, "/callback?error=invalid_client"); + + using var client = new HttpClient(); + await client.GetAsync(callbackUri, TestContext.Current.CancellationToken); + + var result = await handler.WaitForCallbackAsync(); + result.ResponseErrorDetail.ShouldBe((uint)401); + } + + [Fact] + public async Task HandleRequest_WithUnauthorizedClientError_Returns401() + { + var handler = new OAuthCallbackHandler(new Uri("http://localhost/callback")); + using var server = new Server(); + server.RegisterHandler(handler); + var (uri, _) = server.Start(); + var callbackUri = new Uri(uri, "/callback?error=unauthorized_client"); + + using var client = new HttpClient(); + await client.GetAsync(callbackUri, TestContext.Current.CancellationToken); + + var result = await handler.WaitForCallbackAsync(); + result.ResponseErrorDetail.ShouldBe((uint)401); + } + + [Fact] + public async Task HandleRequest_WithInvalidScopeError_Returns401() + { + var handler = new OAuthCallbackHandler(new Uri("http://localhost/callback")); + using var server = new Server(); + server.RegisterHandler(handler); + var (uri, _) = server.Start(); + var callbackUri = new Uri(uri, "/callback?error=invalid_scope"); + + using var client = new HttpClient(); + await client.GetAsync(callbackUri, TestContext.Current.CancellationToken); + + var result = await handler.WaitForCallbackAsync(); + result.ResponseErrorDetail.ShouldBe((uint)401); + } + + [Fact] + public async Task HandleRequest_WithTemporarilyUnavailableError_Returns503() + { + var handler = new OAuthCallbackHandler(new Uri("http://localhost/callback")); + using var server = new Server(); + server.RegisterHandler(handler); + var (uri, _) = server.Start(); + var callbackUri = new Uri(uri, "/callback?error=temporarily_unavailable"); + + using var client = new HttpClient(); + await client.GetAsync(callbackUri, TestContext.Current.CancellationToken); + + var result = await handler.WaitForCallbackAsync(); + result.ResponseErrorDetail.ShouldBe((uint)503); + } + + [Fact] + public async Task HandleRequest_WithUnsupportedGrantTypeError_Returns500() + { + var handler = new OAuthCallbackHandler(new Uri("http://localhost/callback")); + using var server = new Server(); + server.RegisterHandler(handler); + var (uri, _) = server.Start(); + var callbackUri = new Uri(uri, "/callback?error=unsupported_grant_type"); + + using var client = new HttpClient(); + await client.GetAsync(callbackUri, TestContext.Current.CancellationToken); + + var result = await handler.WaitForCallbackAsync(); + result.ResponseErrorDetail.ShouldBe((uint)500); + } + + [Fact] + public async Task HandleRequest_WithUnknownError_Returns400() + { + var handler = new OAuthCallbackHandler(new Uri("http://localhost/callback")); + using var server = new Server(); + server.RegisterHandler(handler); + var (uri, _) = server.Start(); + var callbackUri = new Uri(uri, "/callback?error=unknown_error"); + + using var client = new HttpClient(); + await client.GetAsync(callbackUri, TestContext.Current.CancellationToken); + + var result = await handler.WaitForCallbackAsync(); + result.ResponseErrorDetail.ShouldBe((uint)400); + } + + [Fact] + public async Task HandleRequest_WithMultipleParameters_ParsesCorrectly() + { + var handler = new OAuthCallbackHandler(new Uri("http://localhost/callback")); + using var server = new Server(); + server.RegisterHandler(handler); + var (uri, _) = server.Start(); + var callbackUri = new Uri(uri, "/callback?code=auth-code-123&state=state-value&session_state=session"); + + using var client = new HttpClient(); + await client.GetAsync(callbackUri, TestContext.Current.CancellationToken); + + var result = await handler.WaitForCallbackAsync(); + result.ResponseData.ShouldNotBeNull(); + result.ResponseData.ShouldContain("code=auth-code-123"); + result.ResponseData.ShouldContain("state=state-value"); + } +} diff --git a/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs index 11d8ac2..aea74c3 100644 --- a/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs +++ b/Yllibed.HttpServer.Handlers.Uno.Tests/OAuthCallbackReadmeExampleTests.cs @@ -1,9 +1,3 @@ -using System.Net; -using Microsoft.Extensions.DependencyInjection; -using Microsoft.Extensions.Options; -using Yllibed.HttpServer.Extensions; -using Yllibed.HttpServer.Handlers.Uno.Extensions; - namespace Yllibed.HttpServer.Handlers.Uno.Tests; public class OAuthCallbackReadmeExampleTests From e3c1c828be9ffb4a7272facaa795ccf590dc258a Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sat, 6 Dec 2025 23:25:11 +0100 Subject: [PATCH 25/29] chore: reduce Dependencys by only Including the Uno.Extensions.Authentication.WinUI Package, not the unrequired transient dependencies too --- .../Yllibed.HttpServer.Handlers.Uno.csproj | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj b/Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj index 486a9ef..582e240 100644 --- a/Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj +++ b/Yllibed.HttpServer.Handlers.Uno/Yllibed.HttpServer.Handlers.Uno.csproj @@ -1,16 +1,15 @@ - + net9.0;net10.0 enable enable $(Authors);Sonja Schweitzer - - Logging; - Authentication; - + + + From df8e04ac6bcedee24186cc0e79c399f046a76a12 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sat, 6 Dec 2025 23:27:32 +0100 Subject: [PATCH 26/29] chore: Add Uno Auth WinUI Package also in Directory.Packages.props --- Directory.Packages.props | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Directory.Packages.props b/Directory.Packages.props index 2f22826..968072b 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -14,7 +14,7 @@ - + From fa20eb570b9ee39735da2b9b7f4a75891cbc9a3d Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sat, 6 Dec 2025 23:30:27 +0100 Subject: [PATCH 27/29] chore(deps): Version bump packages and add analyzer updates to Directory.Build.props --- Directory.Build.props | 11 +++++++++++ Directory.Packages.props | 20 ++++++++++---------- 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/Directory.Build.props b/Directory.Build.props index b74a2ec..0791b09 100644 --- a/Directory.Build.props +++ b/Directory.Build.props @@ -53,5 +53,16 @@ all runtime; build; native; contentfiles; analyzers; buildtransitive + + + + + diff --git a/Directory.Packages.props b/Directory.Packages.props index 968072b..6e95b23 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -1,23 +1,23 @@ - + - - - - + + + + - - + + - - + + - + From 6571324c649d7f8f32f1cbb065f76434eeef1e69 Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sun, 7 Dec 2025 00:03:32 +0100 Subject: [PATCH 28/29] feat(ServerOptions): Add ServerOptionsExtensions with relative Path to simplify transfer to AuthCallbackHandlerOptions --- .../Extensions/ServerOptionsExtensions.cs | 63 +++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 Yllibed.HttpServer.Handlers.Uno/Extensions/ServerOptionsExtensions.cs diff --git a/Yllibed.HttpServer.Handlers.Uno/Extensions/ServerOptionsExtensions.cs b/Yllibed.HttpServer.Handlers.Uno/Extensions/ServerOptionsExtensions.cs new file mode 100644 index 0000000..978701e --- /dev/null +++ b/Yllibed.HttpServer.Handlers.Uno/Extensions/ServerOptionsExtensions.cs @@ -0,0 +1,63 @@ +namespace Yllibed.HttpServer.Handlers.Uno.Extensions; + +public static class ServerOptionsExtensions +{ + /// + /// Creates an absolute URI using the IPv4 hostname and port specified in the given server options. + /// + /// The server options containing the IPv4 hostname and port to use for constructing the URI. Cannot be null. + /// A new instance representing the IPv4 address and port from the specified server options. + /// + /// Can be used to fill from existing . + /// + /// Thrown if is or empty. + /// Thrown if is . + /// Thrown if the constructed URI is not valid. + public static Uri ToUri4(this ServerOptions serverOptions, string relativePath) + { + var builder = new UriBuilder("http", serverOptions.Hostname4, serverOptions.Port, relativePath); + return new Uri(builder.ToString(), UriKind.Absolute); + } + + /// + /// Creates an absolute URI using the IPv6 hostname and port specified in the given server options. + /// + /// The server options containing the IPv6 hostname and port to use when constructing the URI. Cannot be null. + /// A new instance representing the server's IPv6 address and port. + /// + /// Can be used to fill from existing . + /// + /// Thrown if is or empty. + /// Thrown if is . + /// Thrown if the constructed URI is not valid. + public static Uri ToUri6(this ServerOptions serverOptions, string relativePath) + { + var builder = new UriBuilder("http", serverOptions.Hostname6, serverOptions.Port, relativePath); + return new Uri(builder.ToString(), UriKind.Absolute); + } + + /// + /// Combines the server's base URL with the specified relative path and returns the resulting absolute URL as a string. + /// + /// The server options containing the base URL to use for constructing the absolute URL. Cannot be null. + /// The relative path to append to the server's base URL. Must not be null or empty. + /// A string representing the absolute URL formed by combining the server's base URL with the specified relative path. + /// Thrown if is or empty. + /// Thrown if is . + /// Thrown if the constructed URL is not valid. + public static string ToUrl4(this ServerOptions serverOptions, string relativePath) + => serverOptions.ToUri4(relativePath).ToString(); + + /// + /// Creates an absolute URL string by combining the server's base address with the specified relative path using IPv6 + /// formatting. + /// + /// The server options containing the base address to use for constructing the URL. Cannot be null. + /// The relative path to append to the server's base address. Must not be null or empty. + /// A string representing the absolute URL formed by combining the base address from the server options with the specified relative path, using IPv6 formatting. + /// Thrown if is or empty. + /// Thrown if is . + /// Thrown if the constructed URL is not valid. + public static string ToUrl6(this ServerOptions serverOptions, string relativePath) + => serverOptions.ToUri6(relativePath).ToString(); +} From 92508dd9575bb3d522837d91413cb0c847ff6e0f Mon Sep 17 00:00:00 2001 From: DevTKSS Date: Sun, 7 Dec 2025 00:27:55 +0100 Subject: [PATCH 29/29] chore: Update Readme, as https scheme usage in callback path is not getting respected and should not get recommended then --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 6ccd28b..9bcdfcf 100644 --- a/README.md +++ b/README.md @@ -485,7 +485,7 @@ services.AddYllibedHttpServer(opts => // Configure the expected callback URI (must match exactly what you registered with the OAuth provider) services.AddOAuthCallbackHandlerAndRegister(o => { - o.CallbackUri = "http://localhost:5001/oauth/callback"; // or https:// if provider redirects securely + o.CallbackUri = "http://localhost:5001/oauth/callback"; // Server will always use http scheme, no https! }); var sp = services.BuildServiceProvider(); @@ -519,7 +519,6 @@ switch (authResult.ResponseStatus) > - Ensure the fixed port and path (`/oauth/callback` in the examples) match exactly the redirect URI registered with the OAuth provider. > - `WaitForCallbackAsync()` returns once the first matching request arrives; subsequent requests are ignored for result completion. > - The handler sets a simple text response indicating success, cancellation, or error so users can close the browser tab. -> - You can provide an HTTPS redirect URI (`https://localhost:5001/...`) if the OAuth provider enforces HTTPS; the handler accepts both HTTP and HTTPS schemes for the configured callback. > - When running tests or multiple local flows, prefer dynamic ports unless the provider requires a fixed one. > [!IMPORTANT] > Only one Server instance (per address family) can bind to a given fixed port. Attempting to start a second server on the same port will throw a System.Net.Sockets.SocketException (address already in use).