diff --git a/AspNet.Security.OAuth.Providers.sln b/AspNet.Security.OAuth.Providers.sln
index 8118aed9e..fdd05b351 100644
--- a/AspNet.Security.OAuth.Providers.sln
+++ b/AspNet.Security.OAuth.Providers.sln
@@ -296,6 +296,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNet.Security.OAuth.PingO
EndProject
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNet.Security.OAuth.JumpCloud", "src\AspNet.Security.OAuth.JumpCloud\AspNet.Security.OAuth.JumpCloud.csproj", "{8AF5DDBE-2631-4E71-9045-73A6356CE86B}"
EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNet.Security.OAuth.Zoom", "src\AspNet.Security.OAuth.Zoom\AspNet.Security.OAuth.Zoom.csproj", "{A4DFC94C-0769-41B3-926C-22642185C878}"
+EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "AspNet.Security.OAuth.Typeform", "src\AspNet.Security.OAuth.Typeform\AspNet.Security.OAuth.Typeform.csproj", "{31333261-A9C2-4AEB-AA6C-AC66DB4FA966}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "AspNet.Security.OAuth.Calendly", "src\AspNet.Security.OAuth.Calendly\AspNet.Security.OAuth.Calendly.csproj", "{ADAC649F-A8CC-4CF2-8C34-288F7DEBBE69}"
@@ -686,6 +688,10 @@ Global
{8AF5DDBE-2631-4E71-9045-73A6356CE86B}.Debug|Any CPU.Build.0 = Debug|Any CPU
{8AF5DDBE-2631-4E71-9045-73A6356CE86B}.Release|Any CPU.ActiveCfg = Release|Any CPU
{8AF5DDBE-2631-4E71-9045-73A6356CE86B}.Release|Any CPU.Build.0 = Release|Any CPU
+ {A4DFC94C-0769-41B3-926C-22642185C878}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+ {A4DFC94C-0769-41B3-926C-22642185C878}.Debug|Any CPU.Build.0 = Debug|Any CPU
+ {A4DFC94C-0769-41B3-926C-22642185C878}.Release|Any CPU.ActiveCfg = Release|Any CPU
+ {A4DFC94C-0769-41B3-926C-22642185C878}.Release|Any CPU.Build.0 = Release|Any CPU
{31333261-A9C2-4AEB-AA6C-AC66DB4FA966}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{31333261-A9C2-4AEB-AA6C-AC66DB4FA966}.Debug|Any CPU.Build.0 = Debug|Any CPU
{31333261-A9C2-4AEB-AA6C-AC66DB4FA966}.Release|Any CPU.ActiveCfg = Release|Any CPU
@@ -807,6 +813,7 @@ Global
{101681FB-569F-4941-B943-2AD380039BE0} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
{CF8C4235-6AE6-404E-B572-4FF4E85AB5FF} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
{8AF5DDBE-2631-4E71-9045-73A6356CE86B} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
+ {A4DFC94C-0769-41B3-926C-22642185C878} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
{31333261-A9C2-4AEB-AA6C-AC66DB4FA966} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
{ADAC649F-A8CC-4CF2-8C34-288F7DEBBE69} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
{83C37AC5-51FB-47CD-8CBE-77AA114FF6F3} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
diff --git a/README.md b/README.md
index 4359e4671..154fa6d9d 100644
--- a/README.md
+++ b/README.md
@@ -255,6 +255,7 @@ If a provider you're looking for does not exist, consider making a PR to add one
| Yandex | [](https://www.nuget.org/packages/AspNet.Security.OAuth.Yandex/ "Download AspNet.Security.OAuth.Yandex from NuGet.org") | [](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Yandex "Download AspNet.Security.OAuth.Yandex from MyGet.org") | [Documentation](https://tech.yandex.com/oauth/ "Yandex developer documentation") |
| Zalo | [](https://www.nuget.org/packages/AspNet.Security.OAuth.Zalo/ "Download AspNet.Security.OAuth.Zalo from NuGet.org") | [](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Zalo "Download AspNet.Security.OAuth.Zalo from MyGet.org") | [Documentation](https://developers.zalo.me/docs/api/social-api-4 "Zalo developer documentation") |
| Zendesk | [](https://www.nuget.org/packages/AspNet.Security.OAuth.Zendesk/ "Download AspNet.Security.OAuth.Zendesk from NuGet.org") | [](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Zendesk "Download AspNet.Security.OAuth.Zendesk from MyGet.org") | [Documentation](https://support.zendesk.com/hc/en-us/articles/203663836#topic_ar1_mfs_qk "Zendesk developer documentation") |
+| Zoom | [](https://www.nuget.org/packages/AspNet.Security.OAuth.Zoom/ "Download AspNet.Security.OAuth.Zoom from NuGet.org") | [](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Zoom "Download AspNet.Security.OAuth.Zoom from MyGet.org") | [Documentation](https://developers.zoom.us/docs/integrations/ "Zoom developer documentation") |
+
+ true
+
+
+
+ ASP.NET Core security middleware enabling Zoom authentication.
+ Christian Oluwawibe
+ aspnetcore;authentication;zoom;oauth;security
+
+
+
+
+
+
+
+
diff --git a/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationConstants.cs b/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationConstants.cs
new file mode 100644
index 000000000..f17522cb4
--- /dev/null
+++ b/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationConstants.cs
@@ -0,0 +1,93 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+namespace AspNet.Security.OAuth.Zoom;
+
+///
+/// Contains constants specific to the .
+///
+public static class ZoomAuthenticationConstants
+{
+ public static class Claims
+ {
+ public const string Picture = "picture";
+
+ public const string Email = "email";
+
+ public const string NameIdentifier = "id";
+
+ public const string Name = "name";
+
+ public const string GivenName = "given_name";
+
+ public const string FamilyName = "family_name";
+
+ public const string PhoneNumber = "phone_number";
+
+ public const string Status = "account_status";
+
+ public const string Verified = "verified";
+
+ public const string PersonalMeetingUrl = "personal_meeting_url";
+ }
+
+ ///
+ /// Available profile fields after a Zoom authentication.
+ /// See https://developers.zoom.us/docs/api/rest/reference/user/methods/#operation/user
+ ///
+ public static class ProfileFields
+ {
+ ///
+ /// The Unique identifier of the user
+ ///
+ public const string Id = "id";
+
+ ///
+ /// Display name of the user.
+ ///
+ public const string Name = "display_name";
+
+ ///
+ /// Given/First name of the user.
+ ///
+ public const string GivenName = "first_name";
+
+ ///
+ /// Last name of the user.
+ ///
+ public const string FamilyName = "last_name";
+
+ ///
+ /// Email address of the user.
+ ///
+ public const string Email = "email";
+
+ ///
+ /// Phone number of the user.
+ ///
+ public const string PhoneNumber = "phone_number";
+
+ ///
+ /// Picture URL of the user.
+ ///
+ public const string PictureUrl = "pic_url";
+
+ ///
+ /// AccountStatus of the user.
+ ///
+ public const string Status = "status";
+
+ ///
+ /// Verification status of the user.
+ ///
+ public const string Verified = "verified";
+
+ ///
+ /// Personal meeting URL of the user.
+ ///
+ public const string PersonalMeetingUrl = "personal_meeting_url";
+ }
+}
diff --git a/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationDefaults.cs b/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationDefaults.cs
new file mode 100644
index 000000000..3cff50fd0
--- /dev/null
+++ b/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationDefaults.cs
@@ -0,0 +1,48 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+namespace AspNet.Security.OAuth.Zoom;
+
+///
+/// Default values used by the Zoom authentication middleware.
+///
+public class ZoomAuthenticationDefaults
+{
+ ///
+ /// Default value for .
+ ///
+ public const string AuthenticationScheme = "Zoom";
+
+ ///
+ /// Default value for .
+ ///
+ public static readonly string DisplayName = "Zoom";
+
+ ///
+ /// Default value for .
+ ///
+ public static readonly string Issuer = "Zoom";
+
+ ///
+ /// Default value for .
+ ///
+ public static readonly string CallbackPath = "/signin-zoom";
+
+ ///
+ /// Default value for .
+ ///
+ public static readonly string AuthorizationEndpoint = "https://zoom.us/oauth/authorize";
+
+ ///
+ /// Default value for .
+ ///
+ public static readonly string TokenEndpoint = "https://zoom.us/oauth/token";
+
+ ///
+ /// Default value for .
+ ///
+ public static readonly string UserInformationEndpoint = "https://api.zoom.us/v2/users/me";
+}
diff --git a/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationExtensions.cs b/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationExtensions.cs
new file mode 100644
index 000000000..e87099f9f
--- /dev/null
+++ b/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationExtensions.cs
@@ -0,0 +1,74 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using AspNet.Security.OAuth.Zoom;
+
+namespace Microsoft.Extensions.DependencyInjection;
+
+///
+/// Extension methods to add Zoom authentication capabilities to an HTTP application pipeline.
+///
+public static class ZoomAuthenticationExtensions
+{
+ ///
+ /// Adds to the specified
+ /// , which enables Zoom authentication capabilities.
+ ///
+ /// The to add the middleware to.
+ /// A reference to this instance after the operation has completed.
+ public static AuthenticationBuilder AddZoom([NotNull] this AuthenticationBuilder builder)
+ {
+ return builder.AddZoom(ZoomAuthenticationDefaults.AuthenticationScheme, options => { });
+ }
+
+ ///
+ /// Adds to the specified
+ /// , which enables Zoom authentication capabilities.
+ ///
+ /// The to add the middleware to.
+ /// The delegate used to configure the OpenID 2.0 options.
+ /// A reference to this instance after the operation has completed.
+ public static AuthenticationBuilder AddZoom(
+ [NotNull] this AuthenticationBuilder builder,
+ [NotNull] Action configuration)
+ {
+ return builder.AddZoom(ZoomAuthenticationDefaults.AuthenticationScheme, configuration);
+ }
+
+ ///
+ /// Adds to the specified
+ /// , which enables Zoom authentication capabilities.
+ ///
+ /// The authentication builder.
+ /// The authentication scheme associated with this instance.
+ /// The delegate used to configure the Zoom options.
+ /// The .
+ public static AuthenticationBuilder AddZoom(
+ [NotNull] this AuthenticationBuilder builder,
+ [NotNull] string scheme,
+ [NotNull] Action configuration)
+ {
+ return builder.AddZoom(scheme, ZoomAuthenticationDefaults.DisplayName, configuration);
+ }
+
+ ///
+ /// Adds to the specified
+ /// , which enables Zoom authentication capabilities.
+ ///
+ /// The authentication builder.
+ /// The authentication scheme associated with this instance.
+ /// The optional display name associated with this instance.
+ /// The delegate used to configure the Zoom options.
+ /// The .
+ public static AuthenticationBuilder AddZoom(
+ [NotNull] this AuthenticationBuilder builder,
+ [NotNull] string scheme,
+ [CanBeNull] string caption,
+ [NotNull] Action configuration)
+ {
+ return builder.AddOAuth(scheme, caption, configuration);
+ }
+}
diff --git a/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationHandler.cs
new file mode 100644
index 000000000..52ba7817d
--- /dev/null
+++ b/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationHandler.cs
@@ -0,0 +1,71 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Net.Http.Headers;
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using System.Text.Json;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+
+namespace AspNet.Security.OAuth.Zoom;
+
+public partial class ZoomAuthenticationHandler : OAuthHandler
+{
+ public ZoomAuthenticationHandler(
+ [NotNull] IOptionsMonitor options,
+ [NotNull] ILoggerFactory logger,
+ [NotNull] UrlEncoder encoder)
+ : base(options, logger, encoder)
+ {
+ }
+
+ protected override async Task CreateTicketAsync(
+ [NotNull] ClaimsIdentity identity,
+ [NotNull] AuthenticationProperties properties,
+ [NotNull] OAuthTokenResponse tokens)
+ {
+ var requestUri = Options.UserInformationEndpoint;
+
+ using var request = new HttpRequestMessage(HttpMethod.Get, requestUri);
+ request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
+
+ using var response = await Backchannel.SendAsync(request, Context.RequestAborted);
+ if (!response.IsSuccessStatusCode)
+ {
+ await Log.UserProfileErrorAsync(Logger, response, Context.RequestAborted);
+ throw new HttpRequestException("An error occurred while retrieving the user profile.");
+ }
+
+ using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync(Context.RequestAborted));
+
+ var principal = new ClaimsPrincipal(identity);
+ var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+ context.RunClaimActions();
+
+ await Events.CreatingTicket(context);
+ return new AuthenticationTicket(context.Principal!, context.Properties, Scheme.Name);
+ }
+
+ private static partial class Log
+ {
+ internal static async Task UserProfileErrorAsync(ILogger logger, HttpResponseMessage response, CancellationToken cancellationToken)
+ {
+ UserProfileError(
+ logger,
+ response.StatusCode,
+ response.Headers.ToString(),
+ await response.Content.ReadAsStringAsync(cancellationToken));
+ }
+
+ [LoggerMessage(1, LogLevel.Error, "An error occurred while retrieving the user profile: the remote server returned a {Status} response with the following payload: {Headers} {Body}.")]
+ static partial void UserProfileError(
+ ILogger logger,
+ System.Net.HttpStatusCode status,
+ string headers,
+ string body);
+ }
+}
diff --git a/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationOptions.cs b/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationOptions.cs
new file mode 100644
index 000000000..78e8928fd
--- /dev/null
+++ b/src/AspNet.Security.OAuth.Zoom/ZoomAuthenticationOptions.cs
@@ -0,0 +1,38 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Security.Claims;
+using static AspNet.Security.OAuth.Zoom.ZoomAuthenticationConstants;
+
+namespace AspNet.Security.OAuth.Zoom;
+
+///
+/// Defines a set of options used by .
+///
+public class ZoomAuthenticationOptions : OAuthOptions
+{
+ public ZoomAuthenticationOptions()
+ {
+ ClaimsIssuer = ZoomAuthenticationDefaults.Issuer;
+ CallbackPath = ZoomAuthenticationDefaults.CallbackPath;
+
+ AuthorizationEndpoint = ZoomAuthenticationDefaults.AuthorizationEndpoint;
+ TokenEndpoint = ZoomAuthenticationDefaults.TokenEndpoint;
+ UserInformationEndpoint = ZoomAuthenticationDefaults.UserInformationEndpoint;
+ UsePkce = true;
+
+ ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, ProfileFields.Id);
+ ClaimActions.MapJsonKey(ClaimTypes.Name, ProfileFields.Name);
+ ClaimActions.MapJsonKey(ClaimTypes.Email, ProfileFields.Email);
+ ClaimActions.MapJsonKey(ClaimTypes.GivenName, ProfileFields.GivenName);
+ ClaimActions.MapJsonKey(ClaimTypes.Surname, ProfileFields.FamilyName);
+ ClaimActions.MapJsonKey(Claims.Picture, ProfileFields.PictureUrl);
+ ClaimActions.MapJsonKey(ClaimTypes.MobilePhone, ProfileFields.PhoneNumber);
+ ClaimActions.MapJsonKey(Claims.Status, ProfileFields.Status);
+ ClaimActions.MapJsonKey(Claims.Verified, ProfileFields.Verified);
+ ClaimActions.MapJsonKey(Claims.PersonalMeetingUrl, ProfileFields.PersonalMeetingUrl);
+ }
+}
diff --git a/test/AspNet.Security.OAuth.Providers.Tests/Zoom/ZoomTests.cs b/test/AspNet.Security.OAuth.Providers.Tests/Zoom/ZoomTests.cs
new file mode 100644
index 000000000..6fcbb36f6
--- /dev/null
+++ b/test/AspNet.Security.OAuth.Providers.Tests/Zoom/ZoomTests.cs
@@ -0,0 +1,36 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using AspNet.Security.OAuth.Kook;
+using Microsoft.AspNetCore.Builder;
+
+namespace AspNet.Security.OAuth.Zoom;
+
+public class ZoomTests(ITestOutputHelper outputHelper) : OAuthTests(outputHelper)
+{
+ public override string DefaultScheme => ZoomAuthenticationDefaults.AuthenticationScheme;
+
+ protected internal override void RegisterAuthentication(AuthenticationBuilder builder)
+ {
+ builder.AddZoom(options => ConfigureDefaults(builder, options));
+ }
+
+ [Theory]
+ [InlineData(ClaimTypes.NameIdentifier, "0ECPVTrOjh")]
+ [InlineData(ClaimTypes.Name, "Frodo Baggins")]
+ [InlineData(ClaimTypes.Email, "frodo@shire.middleearth")]
+ [InlineData(ClaimTypes.GivenName, "Frodo")]
+ [InlineData(ClaimTypes.Surname, "Baggins")]
+ [InlineData(ZoomAuthenticationConstants.Claims.PersonalMeetingUrl, "https://us04web.zoom.us/j/5478221937?pwd=eZUKx2n11af")]
+ [InlineData(ZoomAuthenticationConstants.Claims.Verified, "0")]
+ [InlineData(ZoomAuthenticationConstants.Claims.Status, "active")]
+ [InlineData(ZoomAuthenticationConstants.Claims.Picture, "https://upload.wikimedia.org/wikipedia/en/4/4e/Elijah_Wood_as_Frodo_Baggins.png")]
+ [InlineData(ClaimTypes.MobilePhone, "+2348012345678")]
+ public async Task Can_Sign_In_Using_Zoom(string claimType, string claimValue)
+ {
+ await AuthenticateUserAndAssertClaimValue(claimType, claimValue);
+ }
+}
diff --git a/test/AspNet.Security.OAuth.Providers.Tests/Zoom/bundle.json b/test/AspNet.Security.OAuth.Providers.Tests/Zoom/bundle.json
new file mode 100644
index 000000000..2e2f8242b
--- /dev/null
+++ b/test/AspNet.Security.OAuth.Providers.Tests/Zoom/bundle.json
@@ -0,0 +1,32 @@
+{
+ "$schema": "https://raw.githubusercontent.com/justeat/httpclient-interception/main/src/HttpClientInterception/Bundles/http-request-bundle-schema.json",
+ "items": [
+ {
+ "comment": "https://developers.zoom.us/docs/integrations/",
+ "uri": "https://zoom.us/oauth/token",
+ "method": "POST",
+ "contentFormat": "json",
+ "contentJson": {
+ "access_token": "secret-access-token",
+ "expires_in": "300"
+ }
+ },
+ {
+ "comment": "https://developers.zoom.us/docs/api/rest/reference/user/methods/#tag/Users",
+ "uri": "https://api.zoom.us/v2/users/me",
+ "contentFormat": "json",
+ "contentJson": {
+ "id": "0ECPVTrOjh",
+ "email": "frodo@shire.middleearth",
+ "display_name": "Frodo Baggins",
+ "first_name": "Frodo",
+ "last_name": "Baggins",
+ "pic_url": "https://upload.wikimedia.org/wikipedia/en/4/4e/Elijah_Wood_as_Frodo_Baggins.png",
+ "personal_meeting_url": "https://us04web.zoom.us/j/5478221937?pwd=eZUKx2n11af",
+ "verified": 0,
+ "status": "active",
+ "phone_number": "+2348012345678"
+ }
+ }
+ ]
+}