Add Sign in with Apple provider #343
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Add shopify provider * Revert sln changes * Apply code review * Fix second core review * Fix ChallentAsync param comment * Fix scope summary * Done pull request review aspnet-contrib#3 * Revert whitespace * Update ShopifyLoopbackRedirectHandler.cs * Update ShopifyAuthenticationExtensions.cs * Update ShopifyAuthenticationHandler.cs * Update ShopifyAuthenticationOptions.cs * Update ShopifyTests.cs * Update README.md * Update README.md
Fix TokenEndpoint format
* Added gitlab oauth * Fixed some minor typos & restored wildcard include * Applied suggested changes from code review * Added missing version var to tests * Added missing release build config * Added Gitlab back to solution * Fix VS auto resolving the references * Revert weird bundle exclude
In this startup file, it previously said "login", but in AuthenticationController the route is defined as "signin"
Add a very basic Sign In with Apple provider based on currently available information.
Fully implement the provider for Sign In with Apple based on current available functionality.
Enable Sign In with Apple in the MVC sample app without hard-coding secrets.
Update the tests for the updated provider implementation. Fix incorrect test method name.
Enable the validation of token lifetimes.
Add [NotNull] attributes to relevant methods.
Pre-validate the ID token has a value. Change catch clause to improve logging.
Extend the integration tests for additional scenarios such as no validation, invalid tokens and using a configured client secret.
Move the configured lifetime for generated client secrets to the options class.
Add validation for the value of ClientSecretExpiresAfter.
Add unit tests for options validation. Improve exception type. Fix incorrect if condition that meant not all values were validated correctly.
Add unit tests for the generated client secret's format.
Make the KeyId option required if GenerateClientSecret is true.
Work around platform differences between Windows and Linux/macOS by supporting .p12/.pfx certificates for Linux/macOS and using p8 for Windows. .NET Core 3.0 adds support for .p8 on both platforms.
Add an option for specifying a password for PFX files. Add a test private key that has a password for use on macOS.
Fix flaky test by setting the expiry to 2 seconds to eliminate rounding issues.
Add UsePrivateKey() extension method that configures a private key file to use to auto-generate client secrets.
Bump System.IdentityModel.Tokens.Jwt to 5.3.0 to ensure that incompatibility with .NET Standard 1.4 doesn't affect consumers.
React to changes Apple have made to the sign-in service, and use form_post as the response mode. This requires reimplementing HandleRemoteAuthenticateAsync() by using either for Form or Query based on whether it is an HTTP POST.
Fix the build by enabling the latest version of C#.
Get the user's name and email address, if available, as claims after signing in with an Apple ID. These details are only available the first time the user signs in; if they are not persisted they cannot currently be obtained again.
Use "Sign in with Apple" instead of "Sign In with Apple".
Use the same approach as the other OAuth handlers and access the Events property via the Options property.
Remove TODO comment. Check whether Trace logging is enabled before logging the Apple token response.
Comment out the Apple provider as it causes the application to fail to start if the values aren't set and/or the key file does not exist.
Update the Sign in with Apple provider to support ASP.NET Core 3.0. Update the .NET Core test SDK version. Fix-up Startup warnings.
Tratcher
reviewed
Sep 20, 2019
| IdentityModelEventSource.ShowPII = true; | ||
| } | ||
|
|
||
| // Required to serve files with no extension in the .well-known folder |
There was a problem hiding this comment.
I've had issues in the past where files in the .well-known folder aren't served, which are needed to do the domain ownership with Apple for things like Sign in with Apple and Apple Pay JS: justeattakeaway/ApplePayJSSample@e17ba6f
If this has since become redundant or there's a different way to get it working I can update it.
There was a problem hiding this comment.
Might make more sense as an app endpoint (or middleware) than a static file?
There was a problem hiding this comment.
Yeah, that might be better way to do it for the 3.0 version. The file names could be configurable and then people can add in extra ones in the future that this doesn't need or they might want extra.
This was just a quick way to get things up and running for the demo/dev site I stood up in App Service using publish from Visual Studio: https://signinwithapple.azurewebsites.net/ using
martincostello
added a commit
that referenced
this pull request
Sep 23, 2019
* Update providers to ASP.NET Core 3.0 Update all providers to ASP.NET Core 3.0, using preview 6. * Remove KoreBuild Remove usage of KoreBuild as it is obsolete and no longer supports .NET Core 3.0 after preview 5. Add code coverage to test project. * Add shopify provider (#326) * Add shopify provider * Revert sln changes * Apply code review * Fix second core review * Fix ChallentAsync param comment * Fix scope summary * Done pull request review #3 * Revert whitespace * Update ShopifyLoopbackRedirectHandler.cs * Update ShopifyAuthenticationExtensions.cs * Update ShopifyAuthenticationHandler.cs * Update ShopifyAuthenticationOptions.cs * Update ShopifyTests.cs * Update README.md * Update README.md * Update coverlet and ReportGenerator Update to the latest releases of coverlet and ReportGenerator for code coverage metrics. * Shopify - Fix TokenEndpoint format (#330) Fix TokenEndpoint format * Gitlab (#329) * Added gitlab oauth * Fixed some minor typos & restored wildcard include * Applied suggested changes from code review * Added missing version var to tests * Added missing release build config * Added Gitlab back to solution * Fix VS auto resolving the references * Revert weird bundle exclude * Update GitLab for ASP.NET Core 3.0 Update the GitLab provider to support ASP.NET Core 3.0. * Update to ASP.NET Core 3.0 preview 7 Update to preview 7 of ASP.NET Core 3.0. Update NuGet packages to latest versions. Fix code coverage output path. Remove premature disposal in the Zalo provider. * Use latest macOS image Use the latest macOS image. * Add UseAuthorization() Add UseAuthorization() to the README for ASP.NET Core 3.0. * Update to ASP.NET Core 3.0 preview 8 Update to preview 8 of ASP.NET Core 3.0. * Update dependencies Update NuGet packages to their latest versions. * Use Arcade for build (#335) * Use Arcade for build Switch to Arcade to build the project Addresses #321. * Update LICENSE Fix Arcade error from non-compliant license text. * Add +x to scripts * Update appveyor.yml Update packages location. Update version. Disable PR publish. Disabe test discovery. * Move eng to solution items Move the eng folder in the solution to be under Solution Items. * Use newer test SDK Use the latest stable version of the test SDK. * Add files for Visual Studio Code Add assets to build and run tests in Visual Studio Code. * Generate AppVeyor build numbers Generate Arcade "official build Ids" in AppVeyor * Update appveyor.yml Collect test results and upload to AppVeyor. * Update to ASP.NET Core 3.0 preview 9 Update to preview 9 of ASP.NET Core 3.0. * Remove PackageIconUrl Use PackageIcon instead of PackageIconUrl as described by https://github.com/NuGet/Home/wiki/Packaging-Icon-within-the-nupkg as it is considered obsolete. * Update .gitignore Ignore .coverage files from Visual Studio code coverage. * Merge from dev (#339) * Add shopify provider (#326) * Add shopify provider * Revert sln changes * Apply code review * Fix second core review * Fix ChallentAsync param comment * Fix scope summary * Done pull request review #3 * Revert whitespace * Update ShopifyLoopbackRedirectHandler.cs * Update ShopifyAuthenticationExtensions.cs * Update ShopifyAuthenticationHandler.cs * Update ShopifyAuthenticationOptions.cs * Update ShopifyTests.cs * Update README.md * Update README.md * Shopify - Fix TokenEndpoint format (#330) Fix TokenEndpoint format * Gitlab (#329) * Added gitlab oauth * Fixed some minor typos & restored wildcard include * Applied suggested changes from code review * Added missing version var to tests * Added missing release build config * Added Gitlab back to solution * Fix VS auto resolving the references * Revert weird bundle exclude * incorrect LoginPath In this startup file, it previously said "login", but in AuthenticationController the route is defined as "signin" * Add MyGet publish step Add step to publish packages to MyGet again. * Change prerelease label Change the prerelease label to preview 9. * Fix assembly copyrights Apply fix to assembly copyright as-per openiddict/openiddict-core#797. * Update to ASP.NET Core 3.0 RC1 Update to release candidate 1 of ASP.NET Core 3.0. * Add Sign in with Apple provider (#343) * Add shopify provider (#326) * Add shopify provider * Revert sln changes * Apply code review * Fix second core review * Fix ChallentAsync param comment * Fix scope summary * Done pull request review #3 * Revert whitespace * Update ShopifyLoopbackRedirectHandler.cs * Update ShopifyAuthenticationExtensions.cs * Update ShopifyAuthenticationHandler.cs * Update ShopifyAuthenticationOptions.cs * Update ShopifyTests.cs * Update README.md * Update README.md * Shopify - Fix TokenEndpoint format (#330) Fix TokenEndpoint format * Gitlab (#329) * Added gitlab oauth * Fixed some minor typos & restored wildcard include * Applied suggested changes from code review * Added missing version var to tests * Added missing release build config * Added Gitlab back to solution * Fix VS auto resolving the references * Revert weird bundle exclude * incorrect LoginPath In this startup file, it previously said "login", but in AuthenticationController the route is defined as "signin" * Basic Apple provider Add a very basic Sign In with Apple provider based on currently available information. * Implement Apple provider Fully implement the provider for Sign In with Apple based on current available functionality. * Enable Sign In with Apple Enable Sign In with Apple in the MVC sample app without hard-coding secrets. * Update tests Update the tests for the updated provider implementation. Fix incorrect test method name. * Enable token lifetime validation Enable the validation of token lifetimes. * Add null annotations Add [NotNull] attributes to relevant methods. * Improve exception handling Pre-validate the ID token has a value. Change catch clause to improve logging. * Extend integration tests Extend the integration tests for additional scenarios such as no validation, invalid tokens and using a configured client secret. * Move expiry period to options Move the configured lifetime for generated client secrets to the options class. * Add ClientSecretExpiresAfter validation Add validation for the value of ClientSecretExpiresAfter. * Add tests for options validation Add unit tests for options validation. Improve exception type. Fix incorrect if condition that meant not all values were validated correctly. * Add unit tests for client secret Add unit tests for the generated client secret's format. * Make KeyId required Make the KeyId option required if GenerateClientSecret is true. * Fix test Fix the expiry not being set. * Fix Linux and macOS secret generation Work around platform differences between Windows and Linux/macOS by supporting .p12/.pfx certificates for Linux/macOS and using p8 for Windows. .NET Core 3.0 adds support for .p8 on both platforms. * Add password option for pfx files Add an option for specifying a password for PFX files. Add a test private key that has a password for use on macOS. * Fix flaky test Fix flaky test by setting the expiry to 2 seconds to eliminate rounding issues. * Add UsePrivateKey() method Add UsePrivateKey() extension method that configures a private key file to use to auto-generate client secrets. * Bump System.IdentityModel.Tokens.Jwt Bump System.IdentityModel.Tokens.Jwt to 5.3.0 to ensure that incompatibility with .NET Standard 1.4 doesn't affect consumers. * Set response_mode to form_post React to changes Apple have made to the sign-in service, and use form_post as the response mode. This requires reimplementing HandleRemoteAuthenticateAsync() by using either for Form or Query based on whether it is an HTTP POST. * Use latest C# version Fix the build by enabling the latest version of C#. * Retrieve user details after sign-in Get the user's name and email address, if available, as claims after signing in with an Apple ID. These details are only available the first time the user signs in; if they are not persisted they cannot currently be obtained again. * Update branding Use "Sign in with Apple" instead of "Sign In with Apple". * Access events via options Use the same approach as the other OAuth handlers and access the Events property via the Options property. * Resolve logging TODO Remove TODO comment. Check whether Trace logging is enabled before logging the Apple token response. * Comment out Apple option Comment out the Apple provider as it causes the application to fail to start if the values aren't set and/or the key file does not exist. * Update Sign in with Apple provider for ASP.NET Core 3.0 Update the Sign in with Apple provider to support ASP.NET Core 3.0. Update the .NET Core test SDK version. Fix-up Startup warnings. * Add Nextcloud provider (#325) * Add Nextcloud provider and unit test * updated according to suggestions * Change ClaimTypes.Name to Claims.Username * Update Nextcloud for ASP.NET Core 3.0 Update the Nextcloud provider to support ASP.NET Core 3.0. * Add missing usings Add missing usings to request and response in GitLab handler. * Use LangVersion latest Stop using preview versions of C# now that C# 8 is the default for the .NET Core 3.0 SDK. * Update to ASP.NET Core 3.0 Update to ASP.NET Core 3.0 final packages and SDK. * Remove additional NuGet feeds Remove extra NuGet feeds not needed now 3.0.0 packages are in NuGet.org. * Add authorization Add authorization middleware.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR merges
devintodev-3.0.0to add the Sign in with Apple provider for ASP.NET Core 3.0.0 from #318.It also updates the .NET Core test SDK to 16.3.0.