-
Notifications
You must be signed in to change notification settings - Fork 538
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
10 changed files
with
424 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
24 changes: 24 additions & 0 deletions
24
src/AspNet.Security.OAuth.Zoom/AspNet.Security.OAuth.Zoom.csproj
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
<Project Sdk="Microsoft.NET.Sdk"> | ||
|
||
<PropertyGroup> | ||
<PackageValidationBaselineVersion>8.0.1</PackageValidationBaselineVersion> | ||
<TargetFrameworks>$(DefaultNetCoreTargetFramework)</TargetFrameworks> | ||
</PropertyGroup> | ||
|
||
<!-- TODO Enable once this provider is published to NuGet.org --> | ||
<PropertyGroup> | ||
<DisablePackageBaselineValidation>true</DisablePackageBaselineValidation> | ||
</PropertyGroup> | ||
|
||
<PropertyGroup> | ||
<Description>ASP.NET Core security middleware enabling Zoom authentication.</Description> | ||
<Authors>Christian Oluwawibe</Authors> | ||
<PackageTags>aspnetcore;authentication;zoom;oauth;security</PackageTags> | ||
</PropertyGroup> | ||
|
||
<ItemGroup> | ||
<FrameworkReference Include="Microsoft.AspNetCore.App" /> | ||
<PackageReference Include="JetBrains.Annotations" PrivateAssets="All" /> | ||
</ItemGroup> | ||
|
||
</Project> |
93 changes: 93 additions & 0 deletions
93
src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationConstants.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
/* | ||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) | ||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers | ||
* for more information concerning the license and the contributors participating to this project. | ||
*/ | ||
|
||
namespace AspNet.Security.OAuth.Zoom; | ||
|
||
/// <summary> | ||
/// Contains constants specific to the <see cref="ZoomAuthenticationHandler"/>. | ||
/// </summary> | ||
public static class ZoomAuthenticationConstants | ||
{ | ||
public static class Claims | ||
{ | ||
public const string Picture = "picture"; | ||
|
||
public const string Email = "email"; | ||
|
||
public const string NameIdentifier = "id"; | ||
|
||
public const string Name = "name"; | ||
|
||
public const string GivenName = "given_name"; | ||
|
||
public const string FamilyName = "family_name"; | ||
|
||
public const string PhoneNumber = "phone_number"; | ||
|
||
public const string Status = "account_status"; | ||
|
||
public const string Verified = "verified"; | ||
|
||
public const string PersonalMeetingUrl = "personal_meeting_url"; | ||
} | ||
|
||
/// <summary> | ||
/// Available profile fields after a Zoom authentication. | ||
/// See <a>https://developers.zoom.us/docs/api/rest/reference/user/methods/#operation/user</a> | ||
/// </summary> | ||
public static class ProfileFields | ||
{ | ||
/// <summary> | ||
/// The Unique identifier of the user | ||
/// </summary> | ||
public const string Id = "id"; | ||
|
||
/// <summary> | ||
/// Display name of the user. | ||
/// </summary> | ||
public const string Name = "display_name"; | ||
|
||
/// <summary> | ||
/// Given/First name of the user. | ||
/// </summary> | ||
public const string GivenName = "first_name"; | ||
|
||
/// <summary> | ||
/// Last name of the user. | ||
/// </summary> | ||
public const string FamilyName = "last_name"; | ||
|
||
/// <summary> | ||
/// Email address of the user. | ||
/// </summary> | ||
public const string Email = "email"; | ||
|
||
/// <summary> | ||
/// Phone number of the user. | ||
/// </summary> | ||
public const string PhoneNumber = "phone_number"; | ||
|
||
/// <summary> | ||
/// Picture URL of the user. | ||
/// </summary> | ||
public const string PictureUrl = "pic_url"; | ||
|
||
/// <summary> | ||
/// AccountStatus of the user. | ||
/// </summary> | ||
public const string Status = "status"; | ||
|
||
/// <summary> | ||
/// Verification status of the user. | ||
/// </summary> | ||
public const string Verified = "verified"; | ||
|
||
/// <summary> | ||
/// Personal meeting URL of the user. | ||
/// </summary> | ||
public const string PersonalMeetingUrl = "personal_meeting_url"; | ||
} | ||
} |
48 changes: 48 additions & 0 deletions
48
src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationDefaults.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
/* | ||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) | ||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers | ||
* for more information concerning the license and the contributors participating to this project. | ||
*/ | ||
|
||
namespace AspNet.Security.OAuth.Zoom; | ||
|
||
/// <summary> | ||
/// Default values used by the Zoom authentication middleware. | ||
/// </summary> | ||
public class ZoomAuthenticationDefaults | ||
{ | ||
/// <summary> | ||
/// Default value for <see cref="AuthenticationScheme.Name"/>. | ||
/// </summary> | ||
public const string AuthenticationScheme = "Zoom"; | ||
|
||
/// <summary> | ||
/// Default value for <see cref="AuthenticationScheme.DisplayName"/>. | ||
/// </summary> | ||
public static readonly string DisplayName = "Zoom"; | ||
|
||
/// <summary> | ||
/// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>. | ||
/// </summary> | ||
public static readonly string Issuer = "Zoom"; | ||
|
||
/// <summary> | ||
/// Default value for <see cref="RemoteAuthenticationOptions.CallbackPath"/>. | ||
/// </summary> | ||
public static readonly string CallbackPath = "/signin-zoom"; | ||
|
||
/// <summary> | ||
/// Default value for <see cref="OAuthOptions.AuthorizationEndpoint"/>. | ||
/// </summary> | ||
public static readonly string AuthorizationEndpoint = "https://zoom.us/oauth/authorize"; | ||
|
||
/// <summary> | ||
/// Default value for <see cref="OAuthOptions.TokenEndpoint"/>. | ||
/// </summary> | ||
public static readonly string TokenEndpoint = "https://zoom.us/oauth/token"; | ||
|
||
/// <summary> | ||
/// Default value for <see cref="OAuthOptions.UserInformationEndpoint"/>. | ||
/// </summary> | ||
public static readonly string UserInformationEndpoint = "https://api.zoom.us/v2/users/me"; | ||
} |
74 changes: 74 additions & 0 deletions
74
src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationExtensions.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
/* | ||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) | ||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers | ||
* for more information concerning the license and the contributors participating to this project. | ||
*/ | ||
|
||
using AspNet.Security.OAuth.Zoom; | ||
|
||
namespace Microsoft.Extensions.DependencyInjection; | ||
|
||
/// <summary> | ||
/// Extension methods to add Zoom authentication capabilities to an HTTP application pipeline. | ||
/// </summary> | ||
public static class ZoomAuthenticationExtensions | ||
{ | ||
/// <summary> | ||
/// Adds <see cref="ZoomAuthenticationHandler"/> to the specified | ||
/// <see cref="AuthenticationBuilder"/>, which enables Zoom authentication capabilities. | ||
/// </summary> | ||
/// <param name="builder">The <see cref="AuthenticationBuilder"/> to add the middleware to.</param> | ||
/// <returns>A reference to this instance after the operation has completed.</returns> | ||
public static AuthenticationBuilder AddZoom([NotNull] this AuthenticationBuilder builder) | ||
{ | ||
return builder.AddZoom(ZoomAuthenticationDefaults.AuthenticationScheme, options => { }); | ||
} | ||
|
||
/// <summary> | ||
/// Adds <see cref="ZoomAuthenticationHandler"/> to the specified | ||
/// <see cref="AuthenticationBuilder"/>, which enables Zoom authentication capabilities. | ||
/// </summary> | ||
/// <param name="builder">The <see cref="AuthenticationBuilder"/> to add the middleware to.</param> | ||
/// <param name="configuration">The delegate used to configure the OpenID 2.0 options.</param> | ||
/// <returns>A reference to this instance after the operation has completed.</returns> | ||
public static AuthenticationBuilder AddZoom( | ||
[NotNull] this AuthenticationBuilder builder, | ||
[NotNull] Action<ZoomAuthenticationOptions> configuration) | ||
{ | ||
return builder.AddZoom(ZoomAuthenticationDefaults.AuthenticationScheme, configuration); | ||
} | ||
|
||
/// <summary> | ||
/// Adds <see cref="ZoomAuthenticationHandler"/> to the specified | ||
/// <see cref="AuthenticationBuilder"/>, which enables Zoom authentication capabilities. | ||
/// </summary> | ||
/// <param name="builder">The authentication builder.</param> | ||
/// <param name="scheme">The authentication scheme associated with this instance.</param> | ||
/// <param name="configuration">The delegate used to configure the Zoom options.</param> | ||
/// <returns>The <see cref="AuthenticationBuilder"/>.</returns> | ||
public static AuthenticationBuilder AddZoom( | ||
[NotNull] this AuthenticationBuilder builder, | ||
[NotNull] string scheme, | ||
[NotNull] Action<ZoomAuthenticationOptions> configuration) | ||
{ | ||
return builder.AddZoom(scheme, ZoomAuthenticationDefaults.DisplayName, configuration); | ||
} | ||
|
||
/// <summary> | ||
/// Adds <see cref="ZoomAuthenticationHandler"/> to the specified | ||
/// <see cref="AuthenticationBuilder"/>, which enables Zoom authentication capabilities. | ||
/// </summary> | ||
/// <param name="builder">The authentication builder.</param> | ||
/// <param name="scheme">The authentication scheme associated with this instance.</param> | ||
/// <param name="caption">The optional display name associated with this instance.</param> | ||
/// <param name="configuration">The delegate used to configure the Zoom options.</param> | ||
/// <returns>The <see cref="AuthenticationBuilder"/>.</returns> | ||
public static AuthenticationBuilder AddZoom( | ||
[NotNull] this AuthenticationBuilder builder, | ||
[NotNull] string scheme, | ||
[CanBeNull] string caption, | ||
[NotNull] Action<ZoomAuthenticationOptions> configuration) | ||
{ | ||
return builder.AddOAuth<ZoomAuthenticationOptions, ZoomAuthenticationHandler>(scheme, caption, configuration); | ||
} | ||
} |
71 changes: 71 additions & 0 deletions
71
src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationHandler.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
/* | ||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) | ||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers | ||
* for more information concerning the license and the contributors participating to this project. | ||
*/ | ||
|
||
using System.Net.Http.Headers; | ||
using System.Security.Claims; | ||
using System.Text.Encodings.Web; | ||
using System.Text.Json; | ||
using Microsoft.Extensions.Logging; | ||
using Microsoft.Extensions.Options; | ||
|
||
namespace AspNet.Security.OAuth.Zoom; | ||
|
||
public partial class ZoomAuthenticationHandler : OAuthHandler<ZoomAuthenticationOptions> | ||
{ | ||
public ZoomAuthenticationHandler( | ||
[NotNull] IOptionsMonitor<ZoomAuthenticationOptions> options, | ||
[NotNull] ILoggerFactory logger, | ||
[NotNull] UrlEncoder encoder) | ||
: base(options, logger, encoder) | ||
{ | ||
} | ||
|
||
protected override async Task<AuthenticationTicket> CreateTicketAsync( | ||
[NotNull] ClaimsIdentity identity, | ||
[NotNull] AuthenticationProperties properties, | ||
[NotNull] OAuthTokenResponse tokens) | ||
{ | ||
var requestUri = Options.UserInformationEndpoint; | ||
|
||
using var request = new HttpRequestMessage(HttpMethod.Get, requestUri); | ||
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); | ||
|
||
using var response = await Backchannel.SendAsync(request, Context.RequestAborted); | ||
if (!response.IsSuccessStatusCode) | ||
{ | ||
await Log.UserProfileErrorAsync(Logger, response, Context.RequestAborted); | ||
throw new HttpRequestException("An error occurred while retrieving the user profile."); | ||
} | ||
|
||
using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted)); | ||
|
||
var principal = new ClaimsPrincipal(identity); | ||
var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement); | ||
context.RunClaimActions(); | ||
|
||
await Events.CreatingTicket(context); | ||
return new AuthenticationTicket(context.Principal!, context.Properties, Scheme.Name); | ||
} | ||
|
||
private static partial class Log | ||
{ | ||
internal static async Task UserProfileErrorAsync(ILogger logger, HttpResponseMessage response, CancellationToken cancellationToken) | ||
{ | ||
UserProfileError( | ||
logger, | ||
response.StatusCode, | ||
response.Headers.ToString(), | ||
await response.Content.ReadAsStringAsync(cancellationToken)); | ||
} | ||
|
||
[LoggerMessage(1, LogLevel.Error, "An error occurred while retrieving the user profile: the remote server returned a {Status} response with the following payload: {Headers} {Body}.")] | ||
static partial void UserProfileError( | ||
ILogger logger, | ||
System.Net.HttpStatusCode status, | ||
string headers, | ||
string body); | ||
} | ||
} |
38 changes: 38 additions & 0 deletions
38
src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationOptions.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
/* | ||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) | ||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers | ||
* for more information concerning the license and the contributors participating to this project. | ||
*/ | ||
|
||
using System.Security.Claims; | ||
using static AspNet.Security.OAuth.Zoom.ZoomAuthenticationConstants; | ||
|
||
namespace AspNet.Security.OAuth.Zoom; | ||
|
||
/// <summary> | ||
/// Defines a set of options used by <see cref="ZoomAuthenticationHandler"/>. | ||
/// </summary> | ||
public class ZoomAuthenticationOptions : OAuthOptions | ||
{ | ||
public ZoomAuthenticationOptions() | ||
{ | ||
ClaimsIssuer = ZoomAuthenticationDefaults.Issuer; | ||
CallbackPath = ZoomAuthenticationDefaults.CallbackPath; | ||
|
||
AuthorizationEndpoint = ZoomAuthenticationDefaults.AuthorizationEndpoint; | ||
TokenEndpoint = ZoomAuthenticationDefaults.TokenEndpoint; | ||
UserInformationEndpoint = ZoomAuthenticationDefaults.UserInformationEndpoint; | ||
UsePkce = true; | ||
|
||
ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, ProfileFields.Id); | ||
ClaimActions.MapJsonKey(ClaimTypes.Name, ProfileFields.Name); | ||
ClaimActions.MapJsonKey(ClaimTypes.Email, ProfileFields.Email); | ||
ClaimActions.MapJsonKey(ClaimTypes.GivenName, ProfileFields.GivenName); | ||
ClaimActions.MapJsonKey(ClaimTypes.Surname, ProfileFields.FamilyName); | ||
ClaimActions.MapJsonKey(Claims.Picture, ProfileFields.PictureUrl); | ||
ClaimActions.MapJsonKey(ClaimTypes.MobilePhone, ProfileFields.PhoneNumber); | ||
ClaimActions.MapJsonKey(Claims.Status, ProfileFields.Status); | ||
ClaimActions.MapJsonKey(Claims.Verified, ProfileFields.Verified); | ||
ClaimActions.MapJsonKey(Claims.PersonalMeetingUrl, ProfileFields.PersonalMeetingUrl); | ||
} | ||
} |
Oops, something went wrong.