Support auth for ASP.NET Core 3 (#1491)

This creates a new package with specific support for ASP.NET Core 3. This has to be separate from the ASP.NET Core 2 package, due to different dependency requirements.

.gitignore

@@ -7,6 +7,7 @@
 Backup*
 *.suo
 *.user
+launchSettings.json
 .vs
 project.lock.json
 *~

.travis.yml

@@ -1,6 +1,6 @@
 language: csharp
 mono: none
-dotnet: 2.2.104
+dotnet: 3.1.100
 dist: xenial
 
 # Install the .NET Core 1.0 runtime as that's what we build and test against
@@ -12,6 +12,8 @@ addons:
     packages:
     - dotnet-sharedframework-microsoft.netcore.app-1.0.8
     - dotnet-sharedframework-microsoft.netcore.app-1.1.5
+    - dotnet-sdk-2.0.0
+    - dotnet-sdk-2.1
 
 script:
   - ./BuildSupport.sh

Src/Support/CommonProjectProperties.xml

@@ -11,10 +11,12 @@
     <RepositoryType>git</RepositoryType>
     <RepositoryUrl>https://github.com/googleapis/google-api-dotnet-client</RepositoryUrl>
     <PackageIconUrl>https://www.gstatic.com/images/branding/product/1x/google_developers_64dp.png</PackageIconUrl>
+    <PackageIcon>NuGetIcon.png</PackageIcon>
   </PropertyGroup>
 
   <ItemGroup>
     <None Include="../../../LICENSE" Pack="true" PackagePath="" />
+    <None Include="../../../NuGetIcon.png" Pack="true" PackagePath="" />
   </ItemGroup>
 
   <!-- common build configuration -->

Src/Support/Google.Apis.Auth.AspNetCore.IntegrationTests/ClientInfo.cs

@@ -35,7 +35,8 @@ public static ClientInfo Load()
             {
                 throw new InvalidOperationException($"Please set the {ClientSecretFilenameVariable} environment variable before running tests.");
             }
-            var secrets = JObject.Parse(Encoding.UTF8.GetString(File.ReadAllBytes(clientSecretFilename)))["installed"];
+            // This MUST be a "web" credential, not an "installed app" credential.
+            var secrets = JObject.Parse(File.ReadAllText(clientSecretFilename))["web"];
             var projectId = secrets["project_id"].Value<string>();
             var clientId = secrets["client_id"].Value<string>();
             var clientSecret = secrets["client_secret"].Value<string>();

Src/Support/Google.Apis.Auth.AspNetCore.IntegrationTests/Program.cs

@@ -33,10 +33,7 @@ public static IWebHost BuildWebHost(string[] args)
 
             return WebHost.CreateDefaultBuilder(args)
                 .UseStartup<Startup>()
-                .ConfigureServices(services =>
-                {
-                    services.AddSingleton(clientInfo);
-                })
+                .ConfigureServices(services => services.AddSingleton(clientInfo))
                 .Build();
         }
     }

Src/Support/Google.Apis.Auth.AspNetCore/Consts.cs

@@ -14,7 +14,11 @@ You may obtain a copy of the License at
 limitations under the License.
 */
 
+#if ASPNETCORE3
+namespace Google.Apis.Auth.AspNetCore3
+#else
 namespace Google.Apis.Auth.AspNetCore
+#endif
 {
     internal static class Consts
     {

Src/Support/Google.Apis.Auth.AspNetCore/Google.Apis.Auth.AspNetCore.csproj

@@ -17,7 +17,7 @@ The ASP.NET Core Auth extension library contains a Google-specific OpenIdConnect
 Supports incremental auth, and an injectable IGoogleAuthProvider to supply Google credentials.
 
 Supported Platforms:
-- ASP.NET Core 2.0+
+- ASP.NET Core 2.0+, <3.0
     </Description>
   </PropertyGroup>
 

Src/Support/Google.Apis.Auth.AspNetCore/GoogleAuthProvider.cs

@@ -30,7 +30,11 @@ limitations under the License.
 using System.Threading;
 using System.Threading.Tasks;
 
+#if ASPNETCORE3
+namespace Google.Apis.Auth.AspNetCore3
+#else
 namespace Google.Apis.Auth.AspNetCore
+#endif
 {
     internal class GoogleAuthProvider : IGoogleAuthProvider
     {

Src/Support/Google.Apis.Auth.AspNetCore/GoogleAuthenticationSchemeProvider.cs

@@ -14,7 +14,11 @@ You may obtain a copy of the License at
 limitations under the License.
 */
 
+#if ASPNETCORE3
+namespace Google.Apis.Auth.AspNetCore3
+#else
 namespace Google.Apis.Auth.AspNetCore
+#endif
 {
     /// <summary>
     /// Simple class to allow the authentication scheme to be injected.

Src/Support/Google.Apis.Auth.AspNetCore/GoogleOpenIdConnectDefaults.cs

@@ -18,7 +18,11 @@ limitations under the License.
 using System.Collections.Generic;
 using System.Text;
 
+#if ASPNETCORE3
+namespace Google.Apis.Auth.AspNetCore3
+#else
 namespace Google.Apis.Auth.AspNetCore
+#endif
 {
     /// <summary>
     /// Default values related to the Google OpenIdConnect authentication handler.

Src/Support/Google.Apis.Auth.AspNetCore/GoogleOpenIdConnectExtensions.cs

@@ -14,7 +14,11 @@ You may obtain a copy of the License at
 limitations under the License.
 */
 
+#if ASPNETCORE3
+using Google.Apis.Auth.AspNetCore3;
+#else
 using Google.Apis.Auth.AspNetCore;
+#endif
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OAuth.Claims;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;

Src/Support/Google.Apis.Auth.AspNetCore/GoogleScopedAuthorizationHandler.cs

@@ -24,7 +24,11 @@ limitations under the License.
 using System.Linq;
 using System.Threading.Tasks;
 
+#if ASPNETCORE3
+namespace Google.Apis.Auth.AspNetCore3
+#else
 namespace Google.Apis.Auth.AspNetCore
+#endif
 {
     internal class GoogleScopedAuthorizationHandler : AuthorizationHandler<GoogleScopedRequirement>
     {

Src/Support/Google.Apis.Auth.AspNetCore/GoogleScopedAuthorizeAttribute.cs

@@ -18,7 +18,11 @@ limitations under the License.
 using System;
 using System.Collections.Generic;
 
+#if ASPNETCORE3
+namespace Google.Apis.Auth.AspNetCore3
+#else
 namespace Google.Apis.Auth.AspNetCore
+#endif
 {
     /// <summary>
     /// Specifies that the class or method that this attribute is applied to requires the specified authorization,

Src/Support/Google.Apis.Auth.AspNetCore/GoogleScopedAuthorizeRequirement.cs

@@ -17,7 +17,11 @@ limitations under the License.
 using Microsoft.AspNetCore.Authorization;
 using System.Collections.Generic;
 
+#if ASPNETCORE3
+namespace Google.Apis.Auth.AspNetCore3
+#else
 namespace Google.Apis.Auth.AspNetCore
+#endif
 {
     internal class GoogleScopedRequirement : IAuthorizationRequirement
     {

Src/Support/Google.Apis.Auth.AspNetCore/GoogleScopedPolicyProvider.cs

@@ -18,7 +18,11 @@ limitations under the License.
 using Microsoft.Extensions.Options;
 using System.Threading.Tasks;
 
+#if ASPNETCORE3
+namespace Google.Apis.Auth.AspNetCore3
+#else
 namespace Google.Apis.Auth.AspNetCore
+#endif
 {
     /// <summary>
     /// Construct GoogleScoped policies on the fly.
@@ -36,6 +40,10 @@ public GoogleScopedPolicyProvider(GoogleAuthenticationSchemeProvider scheme, IOp
 
         public Task<AuthorizationPolicy> GetDefaultPolicyAsync() => _default.GetDefaultPolicyAsync();
 
+#if ASPNETCORE3
+        public Task<AuthorizationPolicy> GetFallbackPolicyAsync() => _default.GetFallbackPolicyAsync();
+#endif
+
         public Task<AuthorizationPolicy> GetPolicyAsync(string policyName)
         {
             var scopes = GoogleScopedAuthorizeAttribute.ParsePolicy(policyName);

Src/Support/Google.Apis.Auth.AspNetCore/IGoogleAuthProvider.cs

@@ -21,7 +21,11 @@ limitations under the License.
 using System.Threading;
 using System.Threading.Tasks;
 
+#if ASPNETCORE3
+namespace Google.Apis.Auth.AspNetCore3
+#else
 namespace Google.Apis.Auth.AspNetCore
+#endif
 {
     /// <summary>
     /// Provides access to Google auth credentials and scopes.

Src/Support/Google.Apis.Auth.AspNetCore3.IntegrationTests/ClientInfo.cs

@@ -0,0 +1,57 @@
+/*
+Copyright 2020 Google Inc
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+using Newtonsoft.Json.Linq;
+using System;
+using System.IO;
+using System.Text;
+
+namespace Google.Apis.Auth.AspNetCore3.IntegrationTests
+{
+    /// <summary>
+    /// Client auth information, loaded from a Google user credential json file.
+    /// Set the TEST_CLIENT_SECRET_FILENAME environment variable to point to the credential file.
+    /// </summary>
+    public class ClientInfo
+    {
+        public static ClientInfo Load()
+        {
+            const string ClientSecretFilenameVariable = "TEST_CLIENT_SECRET_FILENAME";
+            string clientSecretFilename = Environment.GetEnvironmentVariable(ClientSecretFilenameVariable);
+            if (string.IsNullOrEmpty(clientSecretFilename))
+            {
+                throw new InvalidOperationException($"Please set the {ClientSecretFilenameVariable} environment variable before running tests.");
+            }
+            // This MUST be a "web" credential, not an "installed app" credential.
+            var secrets = JObject.Parse(File.ReadAllText(clientSecretFilename))["web"];
+            var projectId = secrets["project_id"].Value<string>();
+            var clientId = secrets["client_id"].Value<string>();
+            var clientSecret = secrets["client_secret"].Value<string>();
+            return new ClientInfo(projectId, clientId, clientSecret);
+        }
+
+        private ClientInfo(string projectId, string clientId, string clientSecret)
+        {
+            ProjectId = projectId;
+            ClientId = clientId;
+            ClientSecret = clientSecret;
+        }
+
+        public string ProjectId { get; }
+        public string ClientId { get; }
+        public string ClientSecret { get; }
+    }
+}

Src/Support/Google.Apis.Auth.AspNetCore3.IntegrationTests/Controllers/AccountController.cs

@@ -0,0 +1,30 @@
+/*
+Copyright 2020 Google Inc
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Mvc;
+
+namespace Google.Apis.Auth.AspNetCore3.IntegrationTests.Controllers
+{
+    public class AccountController : Controller
+    {
+        public IActionResult Login(string returnUrl)
+        {
+            var properties = new AuthenticationProperties { RedirectUri = returnUrl };
+            return Challenge(properties, GoogleOpenIdConnectDefaults.AuthenticationScheme);
+        }
+    }
+}