This is a community generated project and we appreciate contributions from other developers. If you would like to contribute, this document will help you.
First thing is to clone the repo and ensure you have everything running locally. Here are some steps to guide you:
- To install the DNVM and DNX see Getting Started with ASP.NET 5 and DNX
- Create a fork of this repository.
- Clone you fork to your computer. Go to a command prompt and CD to your project folder.
- Ensure that you are running the latest unstable dev feed of the runtime by running the command
dnvm upgrade -u. - Restore all packages by running the command
dnu restore - At this point you should be able to open the solution in Visual Studio and run the sample project
If you want to add a new provider, look at what providers are available for you to pick up in the issues. If you see one you want to work on, leave a comment stating that you are picking it up so we don't get people working on the same things. If you don't see the provider you want to work on listed, then just create an issue for it and then leave a comment that you’re implementing it.
To create a new provider, we have created a Yeoman generator to create the basic scaffolding for you. To install it please ensure you have completed the following:
- Install NodeJS from their website.
- Install Yeoman by running
npm install -g yo - Next install the generator by running
npm install -g generator-aspnet-oauth
Great, now you are ready to create your first provider. In this step through I will create one for Buffer:
- Go to the command line and CD to the folder where you have cloned the repo before. Ensure you are in the
/srcfolder. For exampleC:\Development\jerriep\AspNet.Security.OAuth.Providers\src> - Now run the Generator by running the command
yo aspnet-oauth - You will be prompted by the generator for various pieces of information:
- For the name of the provider, type the name in Pascal casing, e.g.
Buffer - Enter your own name, e.g.
Jerrie Pelser - Enter the authorization endpoint, e.g.
https://bufferapp.com/oauth2/authorize - Enter the token endpoint, e.g.
https://api.bufferapp.com/1/oauth2/token.json - Enter the user information endpoint. This will be the API call that will be made to retrieve information about the user of that particular service so you can populate the relevant Claims. E.g.
https://api.bufferapp.com/1/user.json
- For the name of the provider, type the name in Pascal casing, e.g.
- The generator will complete and you will see that it has created a folder for your provider along with the required files. The folder will be based on the name which you supplied. In my example this will be
AspNet.Security.OAuth.Buffer - Next you can open the solution in Visual Studio 2015 and add the generated project for the solution. Right click on the
/srcfolder in your Solution Explorer and select Add | Existing Project. Browse to the folder that was generated for you, e.g.src/AspNet.Security.OAuth.Bufferand add the project, e.g,AspNet.Security.OAuth.Buffer.xproj. - Next go to the sample project (Mvc.Client) and open the
project.jsonfile. Look under the dependencies section for where the references are added for all the other providers and add a reference you your provider, e.g."AspNet.Security.OAuth.Buffer": "1.0.0-*". Save the file and give VS an opportunity to restore the dependencies. - You should now be able to go to
Startup.csfile of the demo project and configure your provider.
At this point you only have the basic skeleton for your provider. Usually there would be one more piece for you to complete and that is to extract the correct values from the call to the User Information Endpoint.
You will need to look at *AuthenticationHandler.cs file in your project and in the CreateTicketAsync method you will see there is a TODO section for you to add any extra claims. To extract the claims from the payload returned by the User Information Endpoint, we make use of a helper class in the file *AuthenticationHelper.cs. You will see that it contains one demo method to show you how you can retrieve the ID for a user. This method may not be correct, and you will need to ensure that you look at the actual payload returned to extract the ID correctly.
This ID field may or may not actually be called ID, depending on the particular service. What is important is that we need to extract a unique identifier for the user (typically an integer or GUID value) and assign that to the NameIdentifier claim. Refer to the API documentation for the service and ensure that you retrieve the correct value.
NB: The NameIdentifier is very important for ASP.NET Identity to work correctly, so please ensure that it works correctly and that you retrieve the correct value.
Another typical claim which you can retrieve is the Name claim. This will normally be the username of the user of that particular service. If you extract more claims you can check whether an appropriate built-in claim type exists for that information, and if so you can use it. If not you can create you own one. We typically use the format "urn:<service>:<claim name>", e.g. "urn:github:name" is used to store the full name of the user in the case of the GitHub provider.
For an example you can look at the following relevant files on the GitHub provider:
You can also look at the actual payload for the GitHub provider on their documentation.
Another example where a little bit more complex payload structure was returned is the Yahoo provider:
You can look at the actual Yahoo API documentation to see the documentation for this particular payload.
Once you are happy that your provider is tested and works, you can commit the changes and push it up to your local fork. At that point you can submit a pull request.