add new @login endpoint to return available external login options

news/1757.feature

@@ -0,0 +1,2 @@
+Add a @login endpoint to get external login services' links
+[erral]

src/plone/restapi/interfaces.py

@@ -240,3 +240,14 @@ class IBlockVisitor(Interface):
 
     def __call__(self, block):
         """Return an iterable of sub-blocks found inside `block`."""
+
+
+class IExternalLoginProviders(Interface):
+    """An interface needed to be implemented by providers that want to be listed
+    in the @login endpoint
+    """
+
+    def get_providers():
+        """
+        return a list of login providers, with its id, title, plugin and url
+        """

src/plone/restapi/services/auth/configure.zcml

@@ -3,6 +3,13 @@
     xmlns:plone="http://namespaces.plone.org/plone"
     xmlns:zcml="http://namespaces.zope.org/zcml"
     >
+  <plone:service
+      method="GET"
+      factory=".get.Login"
+      for="Products.CMFPlone.interfaces.IPloneSiteRoot"
+      permission="zope.Public"
+      name="@login"
+      />
 
   <plone:service
       method="POST"

src/plone/restapi/services/auth/get.py

@@ -0,0 +1,14 @@
+# -*- coding: utf-8 -*-
+from plone.restapi.interfaces import IExternalLoginProviders
+from plone.restapi.services import Service
+from zope.component import getAdapters
+
+
+class Login(Service):
+    def reply(self):
+        adapters = getAdapters(self.context, IExternalLoginProviders)
+        external_providers = []
+        for adapter in adapters:
+            external_providers.extend(adapter.get_providers())
+
+        return {"options": external_providers}

src/plone/restapi/tests/test_auth.py

@@ -7,6 +7,9 @@
 from zExceptions import Unauthorized
 from zope.event import notify
 from ZPublisher.pubevents import PubStart
+from zope.component import provideAdapter
+from plone.restapi.interfaces import IExternalLoginProviders
+from Products.CMFPlone.interfaces import IPloneSiteRoot
 
 
 class TestLogin(TestCase):
@@ -208,3 +211,50 @@ def test_renew_fails_on_invalid_token(self):
         self.assertEqual(
             res["error"]["type"], "Invalid or expired authentication token"
         )
+
+
+class MyExternalLinks:
+    def get_providers(self):
+        return [
+            {
+                "id": "myprovider",
+                "title": "Provider",
+                "plugin": "myprovider",
+                "url": "https://some.example.com/login-url",
+            },
+            {
+                "id": "github",
+                "title": "GitHub",
+                "plugin": "github",
+                "url": "https://some.example.com/login-authomatic/github",
+            },
+        ]
+
+
+class TestExternalLoginServices(TestCase):
+    layer = PLONE_RESTAPI_DX_INTEGRATION_TESTING
+
+    def setUp(self):
+        self.portal = self.layer["portal"]
+        self.request = self.layer["request"]
+
+        provideAdapter(
+            MyExternalLinks, adapts=(IPloneSiteRoot,), provides=IExternalLoginProviders
+        )
+
+    def traverse(self, path="/plone/@login", accept="application/json", method="GET"):
+        request = self.layer["request"]
+        request.environ["PATH_INFO"] = path
+        request.environ["PATH_TRANSLATED"] = path
+        request.environ["HTTP_ACCEPT"] = accept
+        request.environ["REQUEST_METHOD"] = method
+        notify(PubStart(request))
+        return request.traverse(path)
+
+    def test_provider_returns_list(self):
+        service = self.traverse()
+        res = service.reply()
+        self.assertEqual(service.request.response.status, 200)
+        self.assertTrue(isinstance(res, dict))
+        self.assertIn("options", res)
+        self.assertTrue(isinstance(res.get("options"), list))