Update for ASP.NET Core 2.0

Update the generator to produce providers for ASP.NET Core 2.0.

Author: martincostello

generators/app/index.js

@@ -6,10 +6,10 @@ var yosay = require('yosay');
 module.exports = yeoman.generators.Base.extend({
   initializing: function() {
     this.templatedata = {};
-    
-    this.log(yosay('Welcome to the classy ' + chalk.yellow('ASP.NET OAuth Provider') + ' generator!'));    
+
+    this.log(yosay('Welcome to the classy ' + chalk.yellow('ASP.NET OAuth Provider') + ' generator!'));
   },
-  
+
   prompting: function () {
     var done = this.async();
 
@@ -18,7 +18,7 @@ module.exports = yeoman.generators.Base.extend({
       name: 'name',
       message: 'What is the name of the provider you want to create?',
       store: true
-    },   
+    },
     {
       type: 'input',
       name: 'authorname',
@@ -50,22 +50,19 @@ module.exports = yeoman.generators.Base.extend({
       this.templatedata.authorizationendpoint = props.authorizationendpoint;
       this.templatedata.tokenendpoint = props.tokenendpoint;
       this.templatedata.userinformationendpoint = props.userinformationendpoint;
-      
+
       this.name = props.name;
       this.applicationname = 'AspNet.Security.OAuth.' + props.name
-      
+
       done();
     }.bind(this));
   },
 
   writing: function() {
-    this.fs.copyTpl(this.templatePath('project.json'), this.applicationname + '/project.json', this.templatedata)
-    this.fs.copyTpl(this.templatePath('Project.xproj'), this.applicationname + '/' + this.applicationname + '.xproj', this.templatedata)
+    this.fs.copyTpl(this.templatePath('Project.csproj'), this.applicationname + '/' + this.applicationname + '.csproj', this.templatedata)
     this.fs.copyTpl(this.templatePath('AuthenticationDefaults.cs'), this.applicationname + '/' + this.name + 'AuthenticationDefaults.cs', this.templatedata)
     this.fs.copyTpl(this.templatePath('AuthenticationExtensions.cs'), this.applicationname + '/' + this.name + 'AuthenticationExtensions.cs', this.templatedata)
     this.fs.copyTpl(this.templatePath('AuthenticationHandler.cs'), this.applicationname + '/' + this.name + 'AuthenticationHandler.cs', this.templatedata)
-    this.fs.copyTpl(this.templatePath('AuthenticationHelper.cs'), this.applicationname + '/' + this.name + 'AuthenticationHelper.cs', this.templatedata)
-    this.fs.copyTpl(this.templatePath('AuthenticationMiddleware.cs'), this.applicationname + '/' + this.name + 'AuthenticationMiddleware.cs', this.templatedata)
     this.fs.copyTpl(this.templatePath('AuthenticationOptions.cs'), this.applicationname + '/' + this.name + 'AuthenticationOptions.cs', this.templatedata)
   },
 

generators/app/templates/AuthenticationDefaults.cs

@@ -4,25 +4,28 @@
  * for more information concerning the license and the contributors participating to this project.
  */
 
-using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
 
-namespace AspNet.Security.OAuth.<%= name %> {
+namespace AspNet.Security.OAuth.<%= name %>
+{
     /// <summary>
-    /// Default values used by the <%= name %> authentication middleware.
+    /// Default values used by the <%= name %> authentication provider.
     /// </summary>
-    public static class <%= name %>AuthenticationDefaults {
+    public static class <%= name %>AuthenticationDefaults
+    {
         /// <summary>
-        /// Default value for <see cref="AuthenticationOptions.AuthenticationScheme"/>.
+        /// Default value for <see cref="AuthenticationScheme.Name"/>.
         /// </summary>
         public const string AuthenticationScheme = "<%= name %>";
 
         /// <summary>
-        /// Default value for <see cref="RemoteAuthenticationOptions.DisplayName"/>.
+        /// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
         /// </summary>
         public const string DisplayName = "<%= name %>";
 
         /// <summary>
-        /// Default value for <see cref="AuthenticationOptions.ClaimsIssuer"/>.
+        /// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
         /// </summary>
         public const string Issuer = "<%= name %>";
 

generators/app/templates/AuthenticationExtensions.cs

@@ -7,56 +7,70 @@
 using System;
 using AspNet.Security.OAuth.<%= name %>;
 using JetBrains.Annotations;
-using Microsoft.Extensions.Options;
+using Microsoft.AspNetCore.Authentication;
 
-namespace Microsoft.AspNetCore.Builder {
+namespace Microsoft.Extensions.DependencyInjection
+{
     /// <summary>
     /// Extension methods to add <%= name %> authentication capabilities to an HTTP application pipeline.
     /// </summary>
-    public static class <%= name %>AuthenticationExtensions {
+    public static class <%= name %>AuthenticationExtensions
+    {
         /// <summary>
-        /// Adds the <see cref="<%= name %>AuthenticationMiddleware"/> middleware to the specified
-        /// <see cref="IApplicationBuilder"/>, which enables <%= name %> authentication capabilities.
+        /// Adds <see cref="<%= name %>AuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables <%= name %> authentication capabilities.
         /// </summary>
-        /// <param name="app">The <see cref="IApplicationBuilder"/> to add the middleware to.</param>
-        /// <param name="options">A <see cref="<%= name %>AuthenticationOptions"/> that specifies options for the middleware.</param>        
-        /// <returns>A reference to this instance after the operation has completed.</returns>
-        public static IApplicationBuilder Use<%= name %>Authentication(
-            [NotNull] this IApplicationBuilder app,
-            [NotNull] <%= name %>AuthenticationOptions options) {
-            if (app == null) {
-                throw new ArgumentNullException(nameof(app));
-            }
-
-            if (options == null) {
-                throw new ArgumentNullException(nameof(options));
-            }
-
-            return app.UseMiddleware<<%= name %>AuthenticationMiddleware>(Options.Create(options));
+        /// <param name="builder">The authentication builder.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder Add<%= name %>([NotNull] this AuthenticationBuilder builder)
+        {
+            return builder.Add<%= name %>(<%= name %>AuthenticationDefaults.AuthenticationScheme, options => { });
         }
 
         /// <summary>
-        /// Adds the <see cref="<%= name %>AuthenticationMiddleware"/> middleware to the specified
-        /// <see cref="IApplicationBuilder"/>, which enables <%= name %> authentication capabilities.
+        /// Adds <see cref="<%= name %>AuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables <%= name %> authentication capabilities.
         /// </summary>
-        /// <param name="app">The <see cref="IApplicationBuilder"/> to add the middleware to.</param>
-        /// <param name="configuration">An action delegate to configure the provided <see cref="<%= name %>AuthenticationOptions"/>.</param>
-        /// <returns>A reference to this instance after the operation has completed.</returns>
-        public static IApplicationBuilder Use<%= name %>Authentication(
-            [NotNull] this IApplicationBuilder app,
-            [NotNull] Action<<%= name %>AuthenticationOptions> configuration) {
-            if (app == null) {
-                throw new ArgumentNullException(nameof(app));
-            }
-
-            if (configuration == null) {
-                throw new ArgumentNullException(nameof(configuration));
-            }
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="configuration">The delegate used to configure the <%= name %> options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder Add<%= name %>(
+            [NotNull] this AuthenticationBuilder builder,
+            [NotNull] Action<<%= name %>AuthenticationOptions> configuration)
+        {
+            return builder.Add<%= name %>(<%= name %>AuthenticationDefaults.AuthenticationScheme, configuration);
+        }
 
-            var options = new <%= name %>AuthenticationOptions();
-            configuration(options);
+        /// <summary>
+        /// Adds <see cref="<%= name %>AuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables <%= name %> authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="scheme">The authentication scheme associated with this instance.</param>
+        /// <param name="configuration">The delegate used to configure the <%= name %> options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder Add<%= name %>(
+            [NotNull] this AuthenticationBuilder builder, [NotNull] string scheme,
+            [NotNull] Action<<%= name %>AuthenticationOptions> configuration)
+        {
+            return builder.Add<%= name %>(scheme, <%= name %>AuthenticationDefaults.DisplayName, configuration);
+        }
 
-            return app.UseMiddleware<<%= name %>AuthenticationMiddleware>(Options.Create(options));
+        /// <summary>
+        /// Adds <see cref="<%= name %>AuthenticationHandler"/> to the specified
+        /// <see cref="AuthenticationBuilder"/>, which enables <%= name %> authentication capabilities.
+        /// </summary>
+        /// <param name="builder">The authentication builder.</param>
+        /// <param name="scheme">The authentication scheme associated with this instance.</param>
+        /// <param name="caption">The optional display name associated with this instance.</param>
+        /// <param name="configuration">The delegate used to configure the <%= name %> options.</param>
+        /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+        public static AuthenticationBuilder Add<%= name %>(
+            [NotNull] this AuthenticationBuilder builder,
+            [NotNull] string scheme, [CanBeNull] string caption,
+            [NotNull] Action<<%= name %>AuthenticationOptions> configuration)
+        {
+            return builder.AddOAuth<<%= name %>AuthenticationOptions, <%= name %>AuthenticationHandler>(scheme, caption, configuration);
         }
     }
 }

generators/app/templates/AuthenticationHandler.cs

@@ -7,44 +7,76 @@
 using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Security.Claims;
+using System.Text.Encodings.Web;
 using System.Threading.Tasks;
-using AspNet.Security.OAuth.Extensions;
 using JetBrains.Annotations;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OAuth;
-using Microsoft.AspNetCore.Http.Authentication;
+using Microsoft.AspNetCore.WebUtilities;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Newtonsoft.Json.Linq;
 
-namespace AspNet.Security.OAuth.<%= name %> {
-    public class <%= name %>AuthenticationHandler : OAuthHandler<<%= name %>AuthenticationOptions> {
-        public <%= name %>AuthenticationHandler([NotNull] HttpClient client)
-            : base(client) {
+namespace AspNet.Security.OAuth.<%= name %>
+{
+    /// <summary>
+    /// Defines a handler for authentication using <%= name %>.
+    /// </summary>
+    public class <%= name %>AuthenticationHandler : OAuthHandler<<%= name %>AuthenticationOptions>
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="<%= name %>AuthenticationHandler"/> class.
+        /// </summary>
+        /// <param name="options">The authentication options.</param>
+        /// <param name="logger">The logger to use.</param>
+        /// <param name="encoder">The URL encoder to use.</param>
+        /// <param name="clock">The system clock to use.</param>
+        public <%= name %>AuthenticationHandler(
+            [NotNull] IOptionsMonitor<<%= name %>AuthenticationOptions> options,
+            [NotNull] ILoggerFactory logger,
+            [NotNull] UrlEncoder encoder,
+            [NotNull] ISystemClock clock)
+            : base(options, logger, encoder, clock)
+        {
         }
 
-        protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
-            [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens) {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+        /// <inheritdoc />
+        protected override async Task<AuthenticationTicket> CreateTicketAsync(
+            [NotNull] ClaimsIdentity identity,
+            [NotNull] AuthenticationProperties properties,
+            [NotNull] OAuthTokenResponse tokens)
+        {
+            var endpoint = Options.UserInformationEndpoint;
+
+            // TODO Append any additional query string parameters required
+            //endpoint = QueryHelpers.AddQueryString(endpoint, "token", tokens.AccessToken);
+
+            var request = new HttpRequestMessage(HttpMethod.Get, endpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
-            request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
-            response.EnsureSuccessStatusCode();
+            // TODO Add any HTTP request headers required
+            //request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
+            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            if (!response.IsSuccessStatusCode)
+            {
+                Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
+                                "returned a {Status} response with the following payload: {Headers} {Body}.",
+                                /* Status: */ response.StatusCode,
+                                /* Headers: */ response.Headers.ToString(),
+                                /* Body: */ await response.Content.ReadAsStringAsync());
 
-            identity.AddOptionalClaim(ClaimTypes.NameIdentifier, <%= name %>AuthenticationHelper.GetIdentifier(payload), Options.ClaimsIssuer);
+                throw new HttpRequestException("An error occurred while retrieving the user profile from <%= name %>.");
+            }
 
-            // TODO: Add any optional claims, eg
-            //  .AddOptionalClaim("urn:<%= name.toLowerCase() %>:name", <%= name %>AuthenticationHelper.GetName(payload), Options.ClaimsIssuer)
+            var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
 
             var principal = new ClaimsPrincipal(identity);
-            var ticket = new AuthenticationTicket(principal, properties, Options.AuthenticationScheme);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload);
+            context.RunClaimActions(payload);
 
-            var context = new OAuthCreatingTicketContext(ticket, Context, Options, Backchannel, tokens, payload);
             await Options.Events.CreatingTicket(context);
-
-            return context.Ticket;
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }

generators/app/templates/AuthenticationHelper.cs

@@ -4,24 +4,34 @@
  * for more information concerning the license and the contributors participating to this project.
  */
 
-using Microsoft.AspNetCore.Builder;
-using Microsoft.AspNetCore.Http;
+using System.Security.Claims;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
 
-namespace AspNet.Security.OAuth.<%= name %> {
+namespace AspNet.Security.OAuth.<%= name %>
+{
     /// <summary>
     /// Defines a set of options used by <see cref="<%= name %>AuthenticationHandler"/>.
     /// </summary>
-    public class <%= name %>AuthenticationOptions : OAuthOptions {
-        public <%= name %>AuthenticationOptions() {
-            AuthenticationScheme = <%= name %>AuthenticationDefaults.AuthenticationScheme;
-            DisplayName = <%= name %>AuthenticationDefaults.DisplayName;
+    public class <%= name %>AuthenticationOptions : OAuthOptions
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="<%= name %>AuthenticationOptions"/> class.
+        /// </summary>
+        public <%= name %>AuthenticationOptions()
+        {
             ClaimsIssuer = <%= name %>AuthenticationDefaults.Issuer;
-
-            CallbackPath = new PathString(<%= name %>AuthenticationDefaults.CallbackPath);
+            CallbackPath = <%= name %>AuthenticationDefaults.CallbackPath;
 
             AuthorizationEndpoint = <%= name %>AuthenticationDefaults.AuthorizationEndpoint;
             TokenEndpoint = <%= name %>AuthenticationDefaults.TokenEndpoint;
             UserInformationEndpoint = <%= name %>AuthenticationDefaults.UserInformationEndpoint;
+
+            // TODO Add any required scopes
+            // Scope.Add("?");
+
+            // TODO Map any claims
+            // ClaimActions.MapJsonKey(ClaimTypes.Email, "?");
         }
     }
 }