Add a new provider for Paypal

AspNet.Security.OAuth.Providers.sln

@@ -53,6 +53,8 @@ Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "AspNet.Security.OAuth.Vimeo
 EndProject
 Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "AspNet.Security.OAuth.Beam", "src\AspNet.Security.OAuth.Beam\AspNet.Security.OAuth.Beam.xproj", "{5D24AAFC-5E31-45B6-A5C0-F2BAC88F3E20}"
 EndProject
+Project("{8BB2217D-0F2D-49D1-97BC-3654ED321F3B}") = "AspNet.Security.OAuth.Paypal", "src\AspNet.Security.OAuth.Paypal\AspNet.Security.OAuth.Paypal.xproj", "{9AA5F2CD-3AC4-4177-A8FE-82D67A0F36AC}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -151,6 +153,10 @@ Global
 		{5D24AAFC-5E31-45B6-A5C0-F2BAC88F3E20}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{5D24AAFC-5E31-45B6-A5C0-F2BAC88F3E20}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{5D24AAFC-5E31-45B6-A5C0-F2BAC88F3E20}.Release|Any CPU.Build.0 = Release|Any CPU
+		{9AA5F2CD-3AC4-4177-A8FE-82D67A0F36AC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{9AA5F2CD-3AC4-4177-A8FE-82D67A0F36AC}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{9AA5F2CD-3AC4-4177-A8FE-82D67A0F36AC}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{9AA5F2CD-3AC4-4177-A8FE-82D67A0F36AC}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -179,5 +185,6 @@ Global
 		{6BC54AC2-5273-417E-B7E5-EF990F7A4A37} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 		{AC651C2B-C879-41E2-96E0-78D3F0888246} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 		{5D24AAFC-5E31-45B6-A5C0-F2BAC88F3E20} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
+		{9AA5F2CD-3AC4-4177-A8FE-82D67A0F36AC} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 	EndGlobalSection
 EndGlobal

samples/Mvc.Client/project.json

@@ -18,6 +18,7 @@
         "AspNet.Security.OAuth.Imgur": "1.0.0-*",
         "AspNet.Security.OAuth.LinkedIn": "1.0.0-*",
         "AspNet.Security.OAuth.Onshape": "1.0.0-*",
+        "AspNet.Security.OAuth.Paypal": "1.0.0-*",
         "AspNet.Security.OAuth.Reddit": "1.0.0-*",
         "AspNet.Security.OAuth.Slack": "1.0.0-*",
         "AspNet.Security.OAuth.SoundCloud": "1.0.0-*",

src/AspNet.Security.OAuth.Paypal/AspNet.Security.OAuth.Paypal.xproj

@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <VisualStudioVersion Condition="'$(VisualStudioVersion)' == ''">14.0</VisualStudioVersion>
+    <VSToolsPath Condition="'$(VSToolsPath)' == ''">$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)</VSToolsPath>
+  </PropertyGroup>
+  <Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.Props" Condition="'$(VSToolsPath)' != ''" />
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>9aa5f2cd-3ac4-4177-a8fe-82d67a0f36ac</ProjectGuid>
+    <RootNamespace>AspNet.Security.OAuth.Paypal</RootNamespace>
+    <BaseIntermediateOutputPath Condition="'$(BaseIntermediateOutputPath)'=='' ">..\..\artifacts\obj\$(MSBuildProjectName)</BaseIntermediateOutputPath>
+    <OutputPath Condition="'$(OutputPath)'=='' ">..\..\artifacts\bin\$(MSBuildProjectName)\</OutputPath>
+  </PropertyGroup>
+  <PropertyGroup>
+    <SchemaVersion>2.0</SchemaVersion>
+  </PropertyGroup>
+  <Import Project="$(VSToolsPath)\DNX\Microsoft.DNX.targets" Condition="'$(VSToolsPath)' != ''" />
+</Project>

src/AspNet.Security.OAuth.Paypal/PaypalAuthenticationDefaults.cs

@@ -0,0 +1,50 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using Microsoft.AspNet.Authentication;
+using Microsoft.AspNet.Authentication.OAuth;
+
+namespace AspNet.Security.OAuth.Paypal {
+    /// <summary>
+    /// Default values used by the Paypal authentication middleware.
+    /// </summary>
+    public static class PaypalAuthenticationDefaults {
+        /// <summary>
+        /// Default value for <see cref="AuthenticationOptions.AuthenticationScheme"/>.
+        /// </summary>
+        public const string AuthenticationScheme = "Paypal";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.DisplayName"/>.
+        /// </summary>
+        public const string DisplayName = "Paypal";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.ClaimsIssuer"/>.
+        /// </summary>
+        public const string Issuer = "Paypal";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.CallbackPath"/>.
+        /// </summary>
+        public const string CallbackPath = "/signin-paypal";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.AuthorizationEndpoint"/>.
+        /// </summary>
+        public const string AuthorizationEndpoint = "https://www.paypal.com/webapps/auth/protocol/openidconnect/v1/authorize";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.TokenEndpoint"/>.
+        /// </summary>
+        public const string TokenEndpoint = "https://api.paypal.com/v1/identity/openidconnect/tokenservice";
+
+        /// <summary>
+        /// Default value for <see cref="OAuthOptions.UserInformationEndpoint"/>.
+        /// </summary>
+        public const string UserInformationEndpoint = "https://api.paypal.com/v1/identity/openidconnect/userinfo?schema=openid";
+    }
+}

src/AspNet.Security.OAuth.Paypal/PaypalAuthenticationExtensions.cs

@@ -0,0 +1,28 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System;
+using AspNet.Security.OAuth.Paypal;
+using Microsoft.Extensions.Internal;
+
+namespace Microsoft.AspNet.Builder {
+    public static class PaypalAuthenticationExtensions {
+        public static IApplicationBuilder UsePaypalAuthentication(
+            [NotNull] this IApplicationBuilder app,
+            [NotNull] PaypalAuthenticationOptions options) {
+            return app.UseMiddleware<PaypalAuthenticationMiddleware>(options);
+        }
+
+        public static IApplicationBuilder UsePaypalAuthentication(
+            [NotNull] this IApplicationBuilder app,
+            [NotNull] Action<PaypalAuthenticationOptions> configuration) {
+            var options = new PaypalAuthenticationOptions();
+            configuration(options);
+
+            return app.UseMiddleware<PaypalAuthenticationMiddleware>(options);
+        }
+    }
+}

src/AspNet.Security.OAuth.Paypal/PaypalAuthenticationHandler.cs

@@ -0,0 +1,55 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Net.Http;
+using System.Net.Http.Headers;
+using System.Security.Claims;
+using System.Threading.Tasks;
+using AspNet.Security.OAuth.Extensions;
+using Microsoft.AspNet.Authentication;
+using Microsoft.AspNet.Authentication.OAuth;
+using Microsoft.AspNet.Http.Authentication;
+using Microsoft.Extensions.Internal;
+using Newtonsoft.Json.Linq;
+
+namespace AspNet.Security.OAuth.Paypal {
+    public class PaypalAuthenticationHandler : OAuthHandler<PaypalAuthenticationOptions> {
+        public PaypalAuthenticationHandler([NotNull] HttpClient client)
+            : base(client) {
+        }
+
+        protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
+            [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) {
+            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
+            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
+
+            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            response.EnsureSuccessStatusCode();
+
+            var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
+
+            identity.AddOptionalClaim(ClaimTypes.NameIdentifier, PaypalAuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer)
+                    .AddOptionalClaim(ClaimTypes.Name, PaypalAuthenticationHelper.GetFullName(payload), Options.ClaimsIssuer)
+                    .AddOptionalClaim(ClaimTypes.GivenName, PaypalAuthenticationHelper.GetGivenName(payload), Options.ClaimsIssuer)
+                    .AddOptionalClaim(ClaimTypes.Surname, PaypalAuthenticationHelper.GetFamilyName(payload), Options.ClaimsIssuer)
+                    .AddOptionalClaim(ClaimTypes.Email, PaypalAuthenticationHelper.GetEmail(payload), Options.ClaimsIssuer);
+
+            var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload) {
+                Principal = new ClaimsPrincipal(identity),
+                Properties = properties
+            };
+
+            await Options.Events.CreatingTicket(context);
+
+            if (context.Principal?.Identity == null) {
+                return null;
+            }
+
+            return new AuthenticationTicket(context.Principal, context.Properties, context.Options.AuthenticationScheme);
+        }
+    }
+}

src/AspNet.Security.OAuth.Paypal/PaypalAuthenticationHelper.cs

@@ -0,0 +1,50 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Linq;
+using Microsoft.Extensions.Internal;
+using Newtonsoft.Json.Linq;
+
+namespace AspNet.Security.OAuth.Paypal {
+    /// <summary>
+    /// Contains static methods that allow to extract user's information from a <see cref="JObject"/>
+    /// instance retrieved from Paypal after a successful authentication process.
+    /// </summary>
+    public static class PaypalAuthenticationHelper {
+        /// <summary>
+        /// Gets the identifier corresponding to the authenticated user.
+        /// </summary>
+        public static string GetIdentifier([NotNull] JObject user) => user.Value<string>("user_id")
+                                                                         ?.Split('/')
+                                                                         ?.LastOrDefault();
+
+        /// <summary>
+        /// Gets the full name corresponding to the authenticated user.
+        /// </summary>
+        public static string GetFullName([NotNull] JObject user) => user.Value<string>("name");
+
+        /// <summary>
+        /// Gets the given name corresponding to the authenticated user.
+        /// </summary>
+        public static string GetGivenName([NotNull] JObject user) => user.Value<string>("given_name");
+
+        /// <summary>
+        /// Gets the family name corresponding to the authenticated user.
+        /// </summary>
+        public static string GetFamilyName([NotNull] JObject user) => user.Value<string>("family_name");
+
+        /// <summary>
+        /// Gets the email address corresponding to the authenticated user.
+        /// </summary>
+        public static string GetEmail([NotNull] JObject user) => user.Value<string>("email");
+
+        /// <summary>
+        /// Gets the URL corresponding to the authenticated user.
+        /// </summary>
+        public static string GetLink([NotNull] JObject user) => user.Value<string>("user_id");
+
+    }
+}

src/AspNet.Security.OAuth.Paypal/PaypalAuthenticationMiddleware.cs

@@ -0,0 +1,32 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Text.Encodings.Web;
+using Microsoft.AspNet.Authentication;
+using Microsoft.AspNet.Authentication.OAuth;
+using Microsoft.AspNet.DataProtection;
+using Microsoft.AspNet.Http;
+using Microsoft.Extensions.Internal;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.OptionsModel;
+
+namespace AspNet.Security.OAuth.Paypal {
+    public class PaypalAuthenticationMiddleware : OAuthMiddleware<PaypalAuthenticationOptions> {
+        public PaypalAuthenticationMiddleware(
+            [NotNull] RequestDelegate next,
+            [NotNull] PaypalAuthenticationOptions options,
+            [NotNull] IDataProtectionProvider dataProtectionProvider,
+            [NotNull] ILoggerFactory loggerFactory,
+            [NotNull] UrlEncoder encoder,
+            [NotNull] IOptions<SharedAuthenticationOptions> externalOptions)
+            : base(next, dataProtectionProvider, loggerFactory, encoder, externalOptions, options) {
+        }
+
+        protected override AuthenticationHandler<PaypalAuthenticationOptions> CreateHandler() {
+            return new PaypalAuthenticationHandler(Backchannel);
+        }
+    }
+}

src/AspNet.Security.OAuth.Paypal/PaypalAuthenticationOptions.cs

@@ -0,0 +1,33 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using Microsoft.AspNet.Authentication.OAuth;
+using Microsoft.AspNet.Http;
+
+namespace AspNet.Security.OAuth.Paypal {
+    /// <summary>
+    /// Defines a set of options used by <see cref="PaypalAuthenticationHandler"/>.
+    /// </summary>
+    public class PaypalAuthenticationOptions : OAuthOptions {
+        public PaypalAuthenticationOptions() {
+            AuthenticationScheme = PaypalAuthenticationDefaults.AuthenticationScheme;
+            DisplayName = PaypalAuthenticationDefaults.DisplayName;
+            ClaimsIssuer = PaypalAuthenticationDefaults.Issuer;
+
+            CallbackPath = new PathString(PaypalAuthenticationDefaults.CallbackPath);
+
+            AuthorizationEndpoint = PaypalAuthenticationDefaults.AuthorizationEndpoint;
+            TokenEndpoint = PaypalAuthenticationDefaults.TokenEndpoint;
+            UserInformationEndpoint = PaypalAuthenticationDefaults.UserInformationEndpoint;
+
+            Scope.Add("openid");
+            Scope.Add("profile");
+            Scope.Add("email");
+
+            SaveTokensAsClaims = false;
+        }
+    }
+}

src/AspNet.Security.OAuth.Paypal/project.json

@@ -0,0 +1,33 @@
+{
+    "version": "1.0.0-*",
+    "description": "ASP.NET 5 security middleware enabling Paypal authentication.",
+    "authors": [ "Yannic Smeets" ],
+    "owners": [ "Kévin Chalet", "Jerrie Pelser" ],
+
+    "projectUrl": "https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers",
+    "licenseUrl": "http://www.apache.org/licenses/LICENSE-2.0.html",
+
+    "dependencies": {
+        "AspNet.Security.OAuth.Extensions": {
+            "type": "build",
+            "version": "1.0.0-*"
+        },
+
+        "Microsoft.AspNet.Authentication.OAuth": "1.0.0-*",
+
+        "Microsoft.Extensions.NotNullAttribute.Sources": {
+            "type": "build",
+            "version": "1.0.0-*"
+        }
+    },
+
+    "frameworks": {
+        "dnx451": { },
+
+        "dnxcore50": {
+            "dependencies": {
+                "System.Security.Claims": "4.0.1-*"
+            }
+        }
+    }
+}