From 253c8479b9ae0ba6853a70728d3f6e904e1ac2ba Mon Sep 17 00:00:00 2001
From: ivarlovlie <git@ivarlovlie.no>
Date: Sun, 23 Jan 2022 22:28:55 +0100
Subject: feat: WIP: Add option to login in with github

---
 .../Api/Internal/Account/CreateGithubSessionRoute.cs  | 17 +++++++++++++++++
 src/server/Api/Internal/OAuthCallbackRoute.cs         | 18 ++++++++++++++++++
 src/server/IOL.BookmarkThing.Server.csproj            |  1 +
 src/server/Startup.cs                                 | 19 ++++++++++++++++++-
 src/webapp/src/components/forms/login-form.svelte     | 10 ++++++++++
 5 files changed, 64 insertions(+), 1 deletion(-)
 create mode 100644 src/server/Api/Internal/Account/CreateGithubSessionRoute.cs
 create mode 100644 src/server/Api/Internal/OAuthCallbackRoute.cs

(limited to 'src')

diff --git a/src/server/Api/Internal/Account/CreateGithubSessionRoute.cs b/src/server/Api/Internal/Account/CreateGithubSessionRoute.cs
new file mode 100644
index 0000000..21cfead
--- /dev/null
+++ b/src/server/Api/Internal/Account/CreateGithubSessionRoute.cs
@@ -0,0 +1,17 @@
+using AspNet.Security.OAuth.GitHub;
+
+namespace IOL.BookmarkThing.Server.Api.Internal.Account;
+
+public class CreateGithubSessionRoute : RouteBaseInternalSync.WithoutRequest.WithActionResult
+{
+	[AllowAnonymous]
+	[ApiVersionNeutral]
+	[ApiExplorerSettings(IgnoreApi = true)]
+	[HttpGet("~/v{version:apiVersion}/account/create-github-session")]
+	public override ActionResult Handle() {
+		return Challenge(new AuthenticationProperties {
+								 RedirectUri = "/oauth-cb",
+						 },
+						 GitHubAuthenticationDefaults.AuthenticationScheme);
+	}
+}
diff --git a/src/server/Api/Internal/OAuthCallbackRoute.cs b/src/server/Api/Internal/OAuthCallbackRoute.cs
new file mode 100644
index 0000000..156ff11
--- /dev/null
+++ b/src/server/Api/Internal/OAuthCallbackRoute.cs
@@ -0,0 +1,18 @@
+namespace IOL.BookmarkThing.Server.Api.Internal;
+
+public class OAuthCallbackRoute : RouteBaseInternalSync.WithoutRequest.WithActionResult
+{
+	private readonly IConfiguration _configuration;
+
+	public OAuthCallbackRoute(IConfiguration configuration) {
+		_configuration = configuration;
+	}
+
+	[AllowAnonymous]
+	[ApiVersionNeutral]
+	[ApiExplorerSettings(IgnoreApi = true)]
+	[HttpGet("~/oauth-cb")]
+	public override ActionResult Handle() {
+		return Redirect(_configuration.GetValue<string>("FRONTEND_CANONICAL_URL"));
+	}
+}
diff --git a/src/server/IOL.BookmarkThing.Server.csproj b/src/server/IOL.BookmarkThing.Server.csproj
index 1b7c0b4..da78675 100644
--- a/src/server/IOL.BookmarkThing.Server.csproj
+++ b/src/server/IOL.BookmarkThing.Server.csproj
@@ -17,6 +17,7 @@
     </PropertyGroup>
 
     <ItemGroup>
+        <PackageReference Include="AspNet.Security.OAuth.GitHub" Version="6.0.3" />
         <PackageReference Include="EFCore.NamingConventions" Version="6.0.0" />
         <PackageReference Include="HtmlAgilityPack" Version="1.11.40" />
         <PackageReference Include="IOL.Helpers" Version="1.2.0" />
diff --git a/src/server/Startup.cs b/src/server/Startup.cs
index 4b7c097..4ad70fc 100644
--- a/src/server/Startup.cs
+++ b/src/server/Startup.cs
@@ -1,3 +1,5 @@
+using AspNet.Security.OAuth.GitHub;
+
 namespace IOL.BookmarkThing.Server;
 
 public class Startup
@@ -67,7 +69,10 @@ public class Startup
 			options.WaitForJobsToComplete = true;
 		});
 
-		services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
+		services.AddAuthentication(options => {
+					options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
+					options.DefaultChallengeScheme = GitHubAuthenticationDefaults.AuthenticationScheme;
+				})
 				.AddCookie(options => {
 					options.Cookie.Name = "bookmarkthing_session";
 					options.Cookie.SameSite = SameSiteMode.Strict;
@@ -81,6 +86,18 @@ public class Startup
 								return Task.FromResult<object>(null);
 							};
 				})
+				// TODO: Handle github claims, current behaviour creates entries with user_id set to default guid :D
+				.AddGitHub(options => {
+					options.ClientSecret = Configuration.GetValue<string>("GH_CLIENT_SECRET");
+					options.ClientId = Configuration.GetValue<string>("GH_CLIENT_ID");
+					options.SaveTokens = true;
+					options.CorrelationCookie = new CookieBuilder {
+							Name = "gh_corr",
+							SameSite = SameSiteMode.Lax,
+							SecurePolicy = CookieSecurePolicy.Always,
+							HttpOnly = true,
+					};
+				})
 				.AddScheme<AuthenticationSchemeOptions, BasicAuthenticationHandler>(Constants.BASIC_AUTH_SCHEME, default);
 
 		services.AddLogging();
diff --git a/src/webapp/src/components/forms/login-form.svelte b/src/webapp/src/components/forms/login-form.svelte
index aa90917..a5c5653 100644
--- a/src/webapp/src/components/forms/login-form.svelte
+++ b/src/webapp/src/components/forms/login-form.svelte
@@ -4,6 +4,8 @@
     import {createEventDispatcher} from "svelte";
     import type {IErrorResult} from "@/lib/models/IErrorResult";
     import {Button, Checkbox, Column, Form, Grid, InlineNotification, PasswordInput, Row, TextInput, Tile} from "carbon-components-svelte";
+    import LogoGithub20 from "carbon-icons-svelte/lib/LogoGithub20";
+    import {api_base} from "@/lib/configuration";
 
     const dispatch = createEventDispatcher();
 
@@ -113,6 +115,14 @@
                     Submit
                 </Button>
             </Row>
+            <Row>
+                <Button kind="secondary"
+                        href={api_base("account/create-github-session")}
+                        icon="{LogoGithub20}"
+                        size="sm">
+                    Login with Github
+                </Button>
+            </Row>
         </Grid>
     </Form>
 </Tile>
-- 
cgit v1.3