XRTK · StephenHodgson · Dec 28, 2020 · Dec 29, 2020 · Dec 29, 2020 · Jan 15, 2021
@@ -0,0 +1,63 @@
+// Copyright (c) XRTK. All rights reserved.
+// Licensed under the MIT License. See LICENSE in the project root for license information.
+
+using UnityEngine;
+using XRTK.Attributes;
+using XRTK.Definitions.Utilities;
+using XRTK.Interfaces.Authentication;
+
+namespace XRTK.Definitions.Authentication
+{
+    /// <summary>
+    /// The configuration profile for <see cref="IMixedRealityAuthenticationDataProvider"/>.
+    /// </summary>
+    [CreateAssetMenu(menuName = "Mixed Reality Toolkit/Authentication System/Generic Authentication Data Provider", fileName = "AuthenticationDataProviderProfile", order = (int)CreateProfileMenuItemIndices.AuthenticationSystem)]
+    public class AuthenticationDataProviderProfile : BaseMixedRealityProfile
+    {
+        [SerializeField]
+        [Tooltip("The client ID is the unique application (client) ID assigned to your app by registering your application with the identity provider.")]
+        private string clientId = "";
+
+        /// <summary>
+        /// The client ID is the unique application (client) ID assigned to your app by registering your application with the identity provider.
+        /// </summary>
+        public string ClientId => clientId;
+
+        [SerializeField]
+        [Tooltip("The identity provider url to request OAuth tokens from.")]
+        private string identityProviderUrl = "";
+
+        /// <summary>
+        /// The identity provider url to request OAuth tokens from.
+        /// </summary>
+        public string IdentityProviderUrl => identityProviderUrl;
+
+        [SerializeField]
+        [Tooltip("Scopes or Permissions to request access to.")]
+        private string[] scopes = new string[0];
+
+        /// <summary>
+        /// The Scopes or Permissions to request access to.
+        /// </summary>
+        public string[] Scopes => scopes;
+
+        [SerializeField]
+        [Tooltip("The redirect url is the endpoint the identity provider will send the security tokens back to.")]
+        private string redirectUrl = "";
+
+        /// <summary>
+        /// The redirect url is the endpoint the identity provider will send the security tokens back to.
+        /// </summary>
+        public string RedirectUrl => redirectUrl;
+
+        [SerializeField]
+        [Prefab(typeof(IAuthenticationHandler))]
+        [Tooltip("The login prefab to display when the user is logging in.")]
+        private GameObject loginPrefab = null;
+
+        /// <summary>
+        /// The login prefab to display when the user is logging in.
+        /// </summary>
+        public GameObject LoginPrefab => loginPrefab;
+    }
+}
@@ -0,0 +1,19 @@
+// Copyright (c) XRTK. All rights reserved.
+// Licensed under the MIT License. See LICENSE in the project root for license information.
+
+using UnityEngine;
+using XRTK.Interfaces.Authentication;
+
+namespace XRTK.Definitions.Authentication
+{
+    public class AuthenticationSystemProfile : BaseMixedRealityServiceProfile<IMixedRealityAuthenticationDataProvider>
+    {
+        [SerializeField]
+        private bool cacheUserTokens = true;
+
+        /// <summary>
+        /// Remember previously obtained user tokens.
+        /// </summary>
+        public bool CacheUserTokens => cacheUserTokens;
+    }
+}
@@ -24,6 +24,7 @@ public enum CreateProfileMenuItemIndices
         Networking,
         NetworkingDataProviders,
         Diagnostics,
+        AuthenticationSystem,
         RegisteredServiceProviders,
         Settings
     }

@@ -0,0 +1,26 @@
+// Copyright (c) XRTK. All rights reserved.
+// Licensed under the MIT License. See LICENSE in the project root for license information.
+
+namespace XRTK.Interfaces.Authentication
+{
+    /// <summary>
+    /// Represents an authenticated user account
+    /// </summary>
+    public interface IAuthenticatedAccount
+    {
+        /// <summary>
+        /// The username of the authenticated account
+        /// </summary>
+        string Username { get; }
+
+        /// <summary>
+        /// The access token required for secure access to an online service
+        /// </summary>
+        string AccessToken { get; }
+
+        /// <summary>
+        /// Gets the <see cref="IMixedRealityAuthenticationDataProvider"/> that this account identity is associated with.
+        /// </summary>
+        IMixedRealityAuthenticationDataProvider Provider { get; }
+    }
+}
@@ -0,0 +1,14 @@
+// Copyright (c) XRTK. All rights reserved.
+// Licensed under the MIT License. See LICENSE in the project root for license information.
+
+namespace XRTK.Interfaces.Authentication
+{
+    public interface IAuthenticationHandler : UnityEngine.EventSystems.IEventSystemHandler
+    {
+        /// <summary>
+        /// Display code flow message.
+        /// </summary>
+        /// <param name="message"></param>
+        void DisplayCodeFlowMessage(string message);
+    }
+}
@@ -0,0 +1,55 @@
+// Copyright (c) XRTK. All rights reserved.
+// Licensed under the MIT License. See LICENSE in the project root for license information.
+
+using System;
+using System.Threading.Tasks;
+using XRTK.Definitions.Authentication;
+
+namespace XRTK.Interfaces.Authentication
+{
+    /// <summary>
+    /// Interface contract for specific identity provider implementations for use in the <see cref="IMixedRealityAuthenticationSystem"/>.
+    /// </summary>
+    public interface IMixedRealityAuthenticationDataProvider : IMixedRealityDataProvider
+    {
+        /// <summary>
+        /// Event called when a user has successfully logged in.
+        /// </summary>
+        event Action<IAuthenticatedAccount> OnLoggedIn;
+
+        /// <summary>
+        /// Event called when a user has logged out.
+        /// </summary>
+        event Action<IAuthenticatedAccount> OnLoggedOut;
+
+        /// <summary>
+        /// The <see cref="IAuthenticatedAccount"/>. Null if no user is logged in.
+        /// </summary>
+        IAuthenticatedAccount AuthenticatedAccount { get; }
+
+        /// <summary>
+        /// Is there currently a valid user logged in with a valid token?
+        /// </summary>
+        bool IsUserLoggedIn { get; }
+
+        /// <summary>
+        /// Start Login task.
+        /// </summary>
+        /// <remarks>
+        /// This may prompt the user to authenticate with the <see cref="AuthenticationDataProviderProfile.LoginPrefab"/>
+        /// </remarks>
+        /// <returns>Completed <see cref="Task"/>.</returns>
+        Task<IAuthenticatedAccount> LoginAsync();
+
+        /// <summary>
+        /// Log the user out.
+        /// </summary>
+        /// <param name="reAuthenticate"></param>
+        void Logout(bool reAuthenticate = true);
+
+        /// <summary>
+        /// Removes all account tokens from the cache.
+        /// </summary>
+        void ClearTokenCache();
+    }
+}
@@ -0,0 +1,65 @@
+// Copyright (c) XRTK. All rights reserved.
+// Licensed under the MIT License. See LICENSE in the project root for license information.
+
+using System;
+using System.Collections.Generic;
+using System.Threading.Tasks;
+using XRTK.Definitions.Authentication;
+
+namespace XRTK.Interfaces.Authentication
+{
+    /// <summary>
+    /// Provider agnostic Interface contract for user authentication with <see href="https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-acquire-cache-tokens#public-client-applications">public client applications</see>.
+    /// </summary>
+    public interface IMixedRealityAuthenticationSystem : IMixedRealitySystem
+    {
+        /// <summary>
+        /// Signals when the user has been logged in
+        /// </summary>
+        event Action<IMixedRealityAuthenticationDataProvider, IAuthenticatedAccount> OnLoggedIn;
+
+        /// <summary>
+        /// Signals when the user has been logged out.
+        /// </summary>
+        event Action<IMixedRealityAuthenticationDataProvider, IAuthenticatedAccount> OnLoggedOut;
+
+        /// <summary>
+        /// Should the login tokens be cached?
+        /// </summary>
+        bool CacheUserTokens { get; set; }
+
+        /// <summary>
+        /// Gets the currently logged in <see cref="IAuthenticatedAccount"/>s.
+        /// </summary>
+        IReadOnlyCollection<IAuthenticatedAccount> ActiveAccounts { get; }
+
+        /// <summary>
+        /// All of the currently active <see cref="IMixedRealityAuthenticationDataProvider"/>s.
+        /// </summary>
+        IReadOnlyCollection<IMixedRealityAuthenticationDataProvider> ActiveAuthenticationProviders { get; }
+
+        /// <summary>
+        /// Register a <see cref="IMixedRealityAuthenticationDataProvider"/> with the system.
+        /// </summary>
+        /// <param name="provider">The <see cref="IMixedRealityAuthenticationDataProvider"/> to register.</param>
+        /// <returns>True, if the <see cref="IMixedRealityAuthenticationDataProvider"/> was successfully registered, otherwise false.</returns>
+        bool RegisterAuthenticationDataProvider(IMixedRealityAuthenticationDataProvider provider);
+
+        /// <summary>
+        /// Unregister a <see cref="IMixedRealityAuthenticationDataProvider"/> with the system.
+        /// </summary>
+        /// <param name="provider">The <see cref="IMixedRealityAuthenticationDataProvider"/> to unregister.</param>
+        /// <returns>True, if the <see cref="IMixedRealityAuthenticationDataProvider"/> was successfully unregistered, otherwise false.</returns>
+        bool UnregisterAuthenticationDataProvider(IMixedRealityAuthenticationDataProvider provider);
+
+        /// <summary>
+        /// Logs out of all active sessions in all active <see cref="IMixedRealityAuthenticationDataProvider"/>s.
+        /// </summary>
+        void LogOutAllSessions();
+
+        /// <summary>
+        /// Clears out all of the token caches for all active <see cref="IMixedRealityAuthenticationDataProvider"/>s.
+        /// </summary>
+        void ClearAllTokenCaches();
+    }
+}