feat: WIP: Add option to login in with github

4 files changed, 54 insertions, 1 deletions

diff --git a/src/server/Api/Internal/Account/CreateGithubSessionRoute.cs b/src/server/Api/Internal/Account/CreateGithubSessionRoute.cs
new file mode 100644
index 0000000..21cfead
--- /dev/null
+++ b/src/server/Api/Internal/Account/CreateGithubSessionRoute.cs
@@ -0,0 +1,17 @@
+using AspNet.Security.OAuth.GitHub;
+
+namespace IOL.BookmarkThing.Server.Api.Internal.Account;
+
+public class CreateGithubSessionRoute : RouteBaseInternalSync.WithoutRequest.WithActionResult
+{
+	[AllowAnonymous]
+	[ApiVersionNeutral]
+	[ApiExplorerSettings(IgnoreApi = true)]
+	[HttpGet("~/v{version:apiVersion}/account/create-github-session")]
+	public override ActionResult Handle() {
+		return Challenge(new AuthenticationProperties {
+								 RedirectUri = "/oauth-cb",
+						 },
+						 GitHubAuthenticationDefaults.AuthenticationScheme);
+	}
+}
diff --git a/src/server/Api/Internal/OAuthCallbackRoute.cs b/src/server/Api/Internal/OAuthCallbackRoute.cs
new file mode 100644
index 0000000..156ff11
--- /dev/null
+++ b/src/server/Api/Internal/OAuthCallbackRoute.cs
@@ -0,0 +1,18 @@
+namespace IOL.BookmarkThing.Server.Api.Internal;
+
+public class OAuthCallbackRoute : RouteBaseInternalSync.WithoutRequest.WithActionResult
+{
+	private readonly IConfiguration _configuration;
+
+	public OAuthCallbackRoute(IConfiguration configuration) {
+		_configuration = configuration;
+	}
+
+	[AllowAnonymous]
+	[ApiVersionNeutral]
+	[ApiExplorerSettings(IgnoreApi = true)]
+	[HttpGet("~/oauth-cb")]
+	public override ActionResult Handle() {
+		return Redirect(_configuration.GetValue<string>("FRONTEND_CANONICAL_URL"));
+	}
+}
diff --git a/src/server/IOL.BookmarkThing.Server.csproj b/src/server/IOL.BookmarkThing.Server.csproj
index 1b7c0b4..da78675 100644
--- a/src/server/IOL.BookmarkThing.Server.csproj
+++ b/src/server/IOL.BookmarkThing.Server.csproj
@@ -17,6 +17,7 @@
     </PropertyGroup>
 
     <ItemGroup>
+        <PackageReference Include="AspNet.Security.OAuth.GitHub" Version="6.0.3" />
         <PackageReference Include="EFCore.NamingConventions" Version="6.0.0" />
         <PackageReference Include="HtmlAgilityPack" Version="1.11.40" />
         <PackageReference Include="IOL.Helpers" Version="1.2.0" />
diff --git a/src/server/Startup.cs b/src/server/Startup.cs
index 4b7c097..4ad70fc 100644
--- a/src/server/Startup.cs
+++ b/src/server/Startup.cs
@@ -1,3 +1,5 @@
+using AspNet.Security.OAuth.GitHub;
+
 namespace IOL.BookmarkThing.Server;
 
 public class Startup
@@ -67,7 +69,10 @@ public class Startup
 			options.WaitForJobsToComplete = true;
 		});
 
-		services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
+		services.AddAuthentication(options => {
+					options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
+					options.DefaultChallengeScheme = GitHubAuthenticationDefaults.AuthenticationScheme;
+				})
 				.AddCookie(options => {
 					options.Cookie.Name = "bookmarkthing_session";
 					options.Cookie.SameSite = SameSiteMode.Strict;
@@ -81,6 +86,18 @@ public class Startup
 								return Task.FromResult<object>(null);
 							};
 				})
+				// TODO: Handle github claims, current behaviour creates entries with user_id set to default guid :D
+				.AddGitHub(options => {
+					options.ClientSecret = Configuration.GetValue<string>("GH_CLIENT_SECRET");
+					options.ClientId = Configuration.GetValue<string>("GH_CLIENT_ID");
+					options.SaveTokens = true;
+					options.CorrelationCookie = new CookieBuilder {
+							Name = "gh_corr",
+							SameSite = SameSiteMode.Lax,
+							SecurePolicy = CookieSecurePolicy.Always,
+							HttpOnly = true,
+					};
+				})
 				.AddScheme<AuthenticationSchemeOptions, BasicAuthenticationHandler>(Constants.BASIC_AUTH_SCHEME, default);
 
 		services.AddLogging();