#19 Update the Google OAuth endpoints
This commit is contained in:
Родитель
efe57c677c
Коммит
d12b41c8c7
|
@ -6,5 +6,9 @@ namespace Microsoft.Owin.Security.Google
|
|||
internal static class Constants
|
||||
{
|
||||
internal const string DefaultAuthenticationType = "Google";
|
||||
|
||||
internal const string AuthorizationEndpoint = "https://accounts.google.com/o/oauth2/v2/auth";
|
||||
internal const string TokenEndpoint = "https://www.googleapis.com/oauth2/v4/token";
|
||||
internal const string UserInformationEndpoint = "https://www.googleapis.com/plus/v1/people/me";
|
||||
}
|
||||
}
|
||||
|
|
|
@ -17,10 +17,6 @@ namespace Microsoft.Owin.Security.Google
|
|||
{
|
||||
internal class GoogleOAuth2AuthenticationHandler : AuthenticationHandler<GoogleOAuth2AuthenticationOptions>
|
||||
{
|
||||
private const string TokenEndpoint = "https://accounts.google.com/o/oauth2/token";
|
||||
private const string UserInfoEndpoint = "https://www.googleapis.com/plus/v1/people/me";
|
||||
private const string AuthorizeEndpoint = "https://accounts.google.com/o/oauth2/auth";
|
||||
|
||||
private readonly ILogger _logger;
|
||||
private readonly HttpClient _httpClient;
|
||||
|
||||
|
@ -76,7 +72,7 @@ namespace Microsoft.Owin.Security.Google
|
|||
|
||||
// Request the token
|
||||
HttpResponseMessage tokenResponse =
|
||||
await _httpClient.PostAsync(TokenEndpoint, new FormUrlEncodedContent(body));
|
||||
await _httpClient.PostAsync(Options.TokenEndpoint, new FormUrlEncodedContent(body));
|
||||
tokenResponse.EnsureSuccessStatusCode();
|
||||
string text = await tokenResponse.Content.ReadAsStringAsync();
|
||||
|
||||
|
@ -91,7 +87,7 @@ namespace Microsoft.Owin.Security.Google
|
|||
}
|
||||
|
||||
// Get the Google user
|
||||
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, UserInfoEndpoint);
|
||||
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
|
||||
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
|
||||
HttpResponseMessage graphResponse = await _httpClient.SendAsync(request, Request.CallCancelled);
|
||||
graphResponse.EnsureSuccessStatusCode();
|
||||
|
@ -204,7 +200,7 @@ namespace Microsoft.Owin.Security.Google
|
|||
string state = Options.StateDataFormat.Protect(properties);
|
||||
queryStrings.Add("state", state);
|
||||
|
||||
string authorizationEndpoint = WebUtilities.AddQueryString(AuthorizeEndpoint,
|
||||
string authorizationEndpoint = WebUtilities.AddQueryString(Options.AuthorizationEndpoint,
|
||||
queryStrings);
|
||||
|
||||
var redirectContext = new GoogleOAuth2ApplyRedirectContext(
|
||||
|
|
|
@ -30,6 +30,10 @@ namespace Microsoft.Owin.Security.Google
|
|||
Scope = new List<string>();
|
||||
BackchannelTimeout = TimeSpan.FromSeconds(60);
|
||||
CookieManager = new CookieManager();
|
||||
|
||||
AuthorizationEndpoint = Constants.AuthorizationEndpoint;
|
||||
TokenEndpoint = Constants.TokenEndpoint;
|
||||
UserInformationEndpoint = Constants.UserInformationEndpoint;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
@ -42,6 +46,21 @@ namespace Microsoft.Owin.Security.Google
|
|||
/// </summary>
|
||||
public string ClientSecret { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the URI where the client will be redirected to authenticate.
|
||||
/// </summary>
|
||||
public string AuthorizationEndpoint { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the URI the middleware will access to exchange the OAuth token.
|
||||
/// </summary>
|
||||
public string TokenEndpoint { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the URI the middleware will access to obtain the user information.
|
||||
/// </summary>
|
||||
public string UserInformationEndpoint { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the a pinned certificate validator to use to validate the endpoints used
|
||||
/// in back channel communications belong to Google.
|
||||
|
|
|
@ -34,7 +34,7 @@ namespace FunctionalTests.Facts.Security.Google
|
|||
|
||||
// Unauthenticated request - verify Redirect url
|
||||
var response = await httpClient.GetAsync(applicationUrl);
|
||||
Assert.Equal<string>("https://accounts.google.com/o/oauth2/auth", response.Headers.Location.AbsoluteUri.Replace(response.Headers.Location.Query, string.Empty));
|
||||
Assert.Equal<string>("https://accounts.google.com/o/oauth2/v2/auth", response.Headers.Location.AbsoluteUri.Replace(response.Headers.Location.Query, string.Empty));
|
||||
var queryItems = response.Headers.Location.ParseQueryString();
|
||||
Assert.Equal<string>("code", queryItems["response_type"]);
|
||||
Assert.Equal<string>("offline", queryItems["access_type"]);
|
||||
|
@ -176,7 +176,7 @@ namespace FunctionalTests.Facts.Security.Google
|
|||
{
|
||||
var response = new HttpResponseMessage();
|
||||
|
||||
if (request.RequestUri.AbsoluteUri.StartsWith("https://accounts.google.com/o/oauth2/token"))
|
||||
if (request.RequestUri.AbsoluteUri.StartsWith("https://www.googleapis.com/oauth2/v4/token"))
|
||||
{
|
||||
var formData = await request.Content.ReadAsFormDataAsync();
|
||||
if (formData["grant_type"] == "authorization_code")
|
||||
|
|
|
@ -26,7 +26,7 @@ namespace FunctionalTests.Facts.Security.Google
|
|||
|
||||
// Unauthenticated request - verify Redirect url
|
||||
var response = await httpClient.GetAsync(applicationUrl);
|
||||
Assert.Equal<string>("https://accounts.google.com/o/oauth2/auth", response.Headers.Location.AbsoluteUri.Replace(response.Headers.Location.Query, string.Empty));
|
||||
Assert.Equal<string>("https://accounts.google.com/o/oauth2/v2/auth", response.Headers.Location.AbsoluteUri.Replace(response.Headers.Location.Query, string.Empty));
|
||||
var queryItems = response.Headers.Location.ParseQueryString();
|
||||
Assert.Equal<string>("custom_accessType", queryItems["access_type"]);
|
||||
Assert.Equal<string>("custom_approval_prompt", queryItems["approval_prompt"]);
|
||||
|
|
|
@ -72,7 +72,8 @@ namespace Katana.Sandbox.WebServer
|
|||
CookieManager = new SystemWebCookieManager()
|
||||
});
|
||||
|
||||
// https://console.developers.google.com/project
|
||||
// https://console.developers.google.com/apis/credentials
|
||||
// https://developers.google.com/identity/protocols/OAuth2WebServer
|
||||
app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
|
||||
{
|
||||
ClientId = Environment.GetEnvironmentVariable("google:clientid"),
|
||||
|
|
|
@ -39,7 +39,7 @@ namespace Microsoft.Owin.Security.Tests.Google
|
|||
var transaction = await SendAsync(server, "https://example.com/challenge");
|
||||
transaction.Response.StatusCode.ShouldBe(HttpStatusCode.Redirect);
|
||||
var location = transaction.Response.Headers.Location.ToString();
|
||||
location.ShouldContain("https://accounts.google.com/o/oauth2/auth?response_type=code");
|
||||
location.ShouldContain("https://accounts.google.com/o/oauth2/v2/auth?response_type=code");
|
||||
location.ShouldContain("&client_id=");
|
||||
location.ShouldContain("&redirect_uri=");
|
||||
location.ShouldContain("&scope=");
|
||||
|
@ -62,7 +62,7 @@ namespace Microsoft.Owin.Security.Tests.Google
|
|||
var transaction = await SendAsync(server, "https://example.com/401");
|
||||
transaction.Response.StatusCode.ShouldBe(HttpStatusCode.Redirect);
|
||||
var location = transaction.Response.Headers.Location.ToString();
|
||||
location.ShouldContain("https://accounts.google.com/o/oauth2/auth?response_type=code");
|
||||
location.ShouldContain("https://accounts.google.com/o/oauth2/v2/auth?response_type=code");
|
||||
location.ShouldContain("&client_id=");
|
||||
location.ShouldContain("&redirect_uri=");
|
||||
location.ShouldContain("&scope=");
|
||||
|
@ -224,7 +224,7 @@ namespace Microsoft.Owin.Security.Tests.Google
|
|||
{
|
||||
Sender = async req =>
|
||||
{
|
||||
if (req.RequestUri.AbsoluteUri == "https://accounts.google.com/o/oauth2/token")
|
||||
if (req.RequestUri.AbsoluteUri == "https://www.googleapis.com/oauth2/v4/token")
|
||||
{
|
||||
return await ReturnJsonResponse(new
|
||||
{
|
||||
|
@ -355,7 +355,7 @@ namespace Microsoft.Owin.Security.Tests.Google
|
|||
{
|
||||
Sender = async req =>
|
||||
{
|
||||
if (req.RequestUri.AbsoluteUri == "https://accounts.google.com/o/oauth2/token")
|
||||
if (req.RequestUri.AbsoluteUri == "https://www.googleapis.com/oauth2/v4/token")
|
||||
{
|
||||
return await ReturnJsonResponse(new
|
||||
{
|
||||
|
|
Загрузка…
Ссылка в новой задаче