Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

V14 External login linking + Proposed error handling #16052

Merged
merged 5 commits into from
Apr 16, 2024
Merged

V14 External login linking + Proposed error handling #16052

merged 5 commits into from
Apr 16, 2024

Conversation

Migaroez
Copy link
Contributor

@Migaroez Migaroez commented Apr 15, 2024
edited
Loading

Prerequisites

  • I have added steps to test this contribution in the description below

Description

This PR introduces some proposed helper methods to uniformly communicate external login errors that come into the backend trough the configured callback methods to a specific frontend path.

Example code

ExampleGithubCode.zip (requires installation of AspNet.Security.OAuth.GitHub)
This adds all the necessary bits to register github as an external login provider and some bad frontend code to link/unlink.

When starting the linking process from the backend, you will need to open your devtools and click on the CORS blocked link manually to continue, the Frontend team has a task to improve this behaviour

If you use the endpoints, make sure to set the Umbraco authentication cookie as it is needed to figure out what user the linking process should complete on when returning trough the callback.

Updated example registration code

backOfficeAuthenticationBuilder.AddGitHub(
                        backOfficeAuthenticationBuilder.SchemeForBackOffice(GitHubBackOfficeExternalLoginProviderOptions
                            .SchemeName)!,
                        options =>
                        {
                            options.SetUmbracoBasedCallbackPath("signin-github");
                            options.ClientId = "d261ea94c7bf0255801d";
                            options.ClientSecret = "88e795ccb1050c2806dd9d87ec0c6e2048f1a6a4";
                            options.Scope.Add("user:email");
                            options.SetDefaultErrorEventHandling(GitHubBackOfficeExternalLoginProviderOptions
                                .SchemeName);
                        });

@Migaroez Migaroez changed the title V14/feature/external provider error handling V14 External login linking + Proposed error handling Apr 15, 2024
@bergmania bergmania self-requested a review April 16, 2024 10:02
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 16, 2024
View reviewed changes
src/Umbraco.Web.Common/Helpers/OAuthOptionsHelper.cs
}
}

context.Response.Redirect(callbackPath);

Check warning

Code scanning / CodeQL

URL redirection from remote source Medium

Untrusted URL redirection due to
user-provided value
Loading
.
@bergmania bergmania merged commit 6dd08b2 into v14/dev Apr 16, 2024
16 checks passed
@bergmania bergmania deleted the v14/feature/external-provider-error-handling branch April 16, 2024 15:08
@Migaroez Migaroez mentioned this pull request Apr 24, 2024
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bergmania bergmania bergmania left review comments

@iOvergaard iOvergaard iOvergaard left review comments

Assignees
No one assigned
Labels
release/14.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Migaroez @iOvergaard @bergmania @Zeegaan