ensures middleware is registered and the external cookie auth is registered.

2020-10-23 14:57:35 +11:00
parent 061529c40d
commit e7d22e24db
5 changed files with 37 additions and 5 deletions
--- a/src/Umbraco.Web.BackOffice/Extensions/BackOfficeApplicationBuilderExtensions.cs
+++ b/src/Umbraco.Web.BackOffice/Extensions/BackOfficeApplicationBuilderExtensions.cs
@@ -49,7 +49,7 @@ namespace Umbraco.Extensions
            app.UseUmbracoRuntimeMinification();

            app.UseMiddleware<PreviewAuthenticationMiddleware>();
-            app.UseMiddleware<BackOfficeExternalLoginProviderErrorMiddlware>();
+            app.UseMiddleware<BackOfficeExternalLoginProviderErrorMiddleware>();

            return app;
        }
--- a/src/Umbraco.Web.BackOffice/Extensions/BackOfficeServiceCollectionExtensions.cs
+++ b/src/Umbraco.Web.BackOffice/Extensions/BackOfficeServiceCollectionExtensions.cs
@@ -39,7 +39,13 @@ namespace Umbraco.Extensions
            services.AddSingleton<IFilterProvider, OverrideAuthorizationFilterProvider>();
            services
                .AddAuthentication(Constants.Security.BackOfficeAuthenticationType)
-                .AddCookie(Constants.Security.BackOfficeAuthenticationType);
+                .AddCookie(Constants.Security.BackOfficeAuthenticationType)
+                .AddCookie(Constants.Security.BackOfficeExternalAuthenticationType, o =>
+                 {
+                     o.Cookie.Name = Constants.Security.BackOfficeExternalAuthenticationType;
+                     o.ExpireTimeSpan = TimeSpan.FromMinutes(5);
+                 });
+
            // TODO: Need to add more cookie options, see https://github.com/dotnet/aspnetcore/blob/3.0/src/Identity/Core/src/IdentityServiceCollectionExtensions.cs#L45

            services.ConfigureOptions<ConfigureBackOfficeCookieOptions>();
@@ -58,8 +64,6 @@ namespace Umbraco.Extensions
        {
            services.AddDataProtection();

-            services.TryAddScoped<IIpResolver, AspNetCoreIpResolver>();
-
            services.BuildUmbracoBackOfficeIdentity()
                .AddDefaultTokenProviders()
                .AddUserStore<BackOfficeUserStore>()
@@ -95,6 +99,8 @@ namespace Umbraco.Extensions
            // CUSTOM:
            services.TryAddScoped<BackOfficeLookupNormalizer>();
            services.TryAddScoped<BackOfficeIdentityErrorDescriber>();
+            services.TryAddScoped<IIpResolver, AspNetCoreIpResolver>();
+            services.TryAddSingleton<IBackOfficeExternalLoginProviders, NopBackOfficeExternalLoginProviders>();

            return new IdentityBuilder(typeof(BackOfficeIdentityUser), services);
        }
--- a/src/Umbraco.Web.BackOffice/Middleware/BackOfficeExternalLoginProviderErrorMiddleware.cs
+++ b/src/Umbraco.Web.BackOffice/Middleware/BackOfficeExternalLoginProviderErrorMiddleware.cs
@@ -16,7 +16,7 @@ namespace Umbraco.Web.BackOffice.Middleware
    /// When an external login provider registers an error with <see cref="HttpContextExtensions.SetExternalLoginProviderErrors"/> during the OAuth process,
    /// this middleware will detect that, store the errors into cookie data and redirect to the back office login so we can read the errors back out.
    /// </remarks>
-    public class BackOfficeExternalLoginProviderErrorMiddlware : IMiddleware
+    public class BackOfficeExternalLoginProviderErrorMiddleware : IMiddleware
    {
        public async Task InvokeAsync(HttpContext context, RequestDelegate next)
        {
--- a/src/Umbraco.Web.BackOffice/Runtime/BackOfficeComposer.cs
+++ b/src/Umbraco.Web.BackOffice/Runtime/BackOfficeComposer.cs
@@ -31,6 +31,7 @@ namespace Umbraco.Web.BackOffice.Runtime
            composition.Register<BackOfficeSecurityStampValidator>(Lifetime.Request);

            composition.RegisterUnique<PreviewAuthenticationMiddleware>();
+            composition.RegisterUnique<BackOfficeExternalLoginProviderErrorMiddleware>();
            composition.RegisterUnique<IBackOfficeAntiforgery, BackOfficeAntiforgery>();

            // register back office trees
--- a/src/Umbraco.Web.Common/Security/IBackOfficeExternalLoginProviders.cs
+++ b/src/Umbraco.Web.Common/Security/IBackOfficeExternalLoginProviders.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Collections.Generic;
+using System.Linq;
 using System.Text;

 namespace Umbraco.Web.Common.Security
@@ -23,6 +24,30 @@ namespace Umbraco.Web.Common.Security
        bool HasDenyLocalLogin();
    }

+    // TODO: This class is just a placeholder for later
+    public class NopBackOfficeExternalLoginProviders : IBackOfficeExternalLoginProviders
+    {
+        public ExternalSignInAutoLinkOptions Get(string authenticationType)
+        {
+            return null;
+        }
+
+        public string GetAutoLoginProvider()
+        {
+            return null;
+        }
+
+        public IEnumerable<BackOfficeExternalLoginProvider> GetBackOfficeProviders()
+        {
+            return Enumerable.Empty<BackOfficeExternalLoginProvider>();
+        }
+
+        public bool HasDenyLocalLogin()
+        {
+            return false;
+        }
+    }
+
    // TODO: we'll need to register these somehow
    public class BackOfficeExternalLoginProvider
    {