Add optional authentication via third party OAuth providers

2023-11-11 20:00:31 +00:00 · 2023-11-11 20:00:31 +00:00 · 6c954a5446
commit 6c954a5446
parent 929eddd9e8
2 changed files with 48 additions and 6 deletions
--- a/Groceries/Program.cs
+++ b/Groceries/Program.cs
@ -1,7 +1,9 @@
 using DbUp;
 using Groceries.Common;
 using Groceries.Data;
+using Microsoft.AspNetCore.Authentication.OAuth;
 using Microsoft.AspNetCore.DataProtection;
+using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc.Infrastructure;
 using Microsoft.AspNetCore.Mvc.Razor;
 using Microsoft.EntityFrameworkCore;
@ -37,7 +39,29 @@ if (env.IsProduction())
    dataProtection.PersistKeysToFileSystem(new DirectoryInfo(Path.Combine(dataDir, "keys")));
 }

-var mvc = builder.Services
+var oauthConfig = builder.Configuration.GetSection("OAuth");
+if (oauthConfig.Exists())
+{
+    const string authenticationScheme = "OAuth";
+    builder.Services.Configure<OAuthOptions>(authenticationScheme, oauthConfig);
+
+    builder.Services
+        .AddAuthentication(options =>
+        {
+            options.DefaultScheme = IdentityConstants.ExternalScheme;
+            options.DefaultChallengeScheme = authenticationScheme;
+        })
+        .AddOAuth(authenticationScheme, options =>
+        {
+            options.SignInScheme = IdentityConstants.ExternalScheme;
+            options.CallbackPath = "/signin";
+        })
+        .AddExternalCookie();
+
+    builder.Services.AddAuthorization();
+}
+
+builder.Services
    .AddControllersWithViews()
    .AddRazorOptions(options =>
    {
@ -63,10 +87,21 @@ var app = builder.Build();

 app.UseStaticFiles();
 app.UseRouting();
+
+if (oauthConfig.Exists())
+{
+    app.UseAuthentication();
+    app.UseAuthorization();
+}
+
 app.UseSession();

-app.MapControllers();
+var controllers = app.MapControllers();
+if (oauthConfig.Exists())
+{
+    controllers.RequireAuthorization();
+}

-app.Run();
+await app.RunAsync();

 return 0;
--- a/Groceries/config.ini
+++ b/Groceries/config.ini
@ -1,5 +1,12 @@
-Database="Host=127.0.0.1;Username=groceries;Password=password;Database=groceries"
+Database = "Host=127.0.0.1;Username=groceries;Password=password;Database=groceries"

 [Logging:LogLevel]
-Default=Information
-Microsoft=Warning
+Default = Information
+Microsoft = Warning
+
+[OAuth]
+;AuthorizationEndpoint =
+;TokenEndpoint =
+;ClientId =
+;ClientSecret =
+;UsePkce = false