Add SuperOffice provider

AspNet.Security.OAuth.Providers.sln

@@ -189,6 +189,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "docs", "docs", "{C2CA4B38-A
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNet.Security.OAuth.Basecamp", "src\AspNet.Security.OAuth.Basecamp\AspNet.Security.OAuth.Basecamp.csproj", "{42306484-B2BF-4B52-B950-E0CDFA58B02A}"
 EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AspNet.Security.OAuth.SuperOffice", "src\AspNet.Security.OAuth.SuperOffice\AspNet.Security.OAuth.SuperOffice.csproj", "{286D1FB0-716C-47CB-A519-22E1D34DFDF7}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -447,6 +449,10 @@ Global
 		{42306484-B2BF-4B52-B950-E0CDFA58B02A}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{42306484-B2BF-4B52-B950-E0CDFA58B02A}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{42306484-B2BF-4B52-B950-E0CDFA58B02A}.Release|Any CPU.Build.0 = Release|Any CPU
+		{286D1FB0-716C-47CB-A519-22E1D34DFDF7}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{286D1FB0-716C-47CB-A519-22E1D34DFDF7}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{286D1FB0-716C-47CB-A519-22E1D34DFDF7}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{286D1FB0-716C-47CB-A519-22E1D34DFDF7}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -520,6 +526,7 @@ Global
 		{E82424B3-0E73-4954-B6A6-BFF1029A08DE} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 		{C2CA4B38-AA21-4CA4-8799-2E8C8C06754F} = {E9DAB098-A902-4EF5-9AEE-CF735DF31E35}
 		{42306484-B2BF-4B52-B950-E0CDFA58B02A} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
+		{286D1FB0-716C-47CB-A519-22E1D34DFDF7} = {C1352FD3-AE8B-43EE-B45B-F6E0B3FBAC6D}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {C7B54DE2-6407-4802-AD9C-CE54BF414C8C}

README.md

@@ -53,6 +53,7 @@ We would love it if you could help contributing to this repository.
 * [Andrew Lock](https://github.com/andrewlock)
 * [Andrew Mattie](https://github.com/amattie)
 * [Andrii Chebukin](https://github.com/xperiandri)
+* [Anthony Yates](https://github.com/AnthonyYates)
 * [Chino Chang](https://github.com/kinosang)
 * [Dave Timmins](https://github.com/davetimmins)
 * [Dmitry Popov](https://github.com/justdmitry)
@@ -156,6 +157,7 @@ If a provider you're looking for does not exist, consider making a PR to add one
 | Spotify | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Spotify?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Spotify/ "Download AspNet.Security.OAuth.Spotify from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Spotify?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Spotify "Download AspNet.Security.OAuth.Spotify from MyGet.org") | [Documentation](https://developer.spotify.com/documentation/general/guides/authorization-guide/ "Spotify developer documentation") |
 | Stack Exchange | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.StackExchange?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.StackExchange/ "Download AspNet.Security.OAuth.StackExchange from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.StackExchange?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.StackExchange "Download AspNet.Security.OAuth.StackExchange from MyGet.org") | [Documentation](https://api.stackexchange.com/docs/authentication "Stack Exchange developer documentation") |
 | Strava | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Strava?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Strava/ "Download AspNet.Security.OAuth.Strava from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Strava?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Strava "Download AspNet.Security.OAuth.Strava from MyGet.org") | [Documentation](https://developers.strava.com/docs/authentication/ "Strava developer documentation") |
+| SuperOffice | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.SuperOffice?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.SuperOffice/ "Download AspNet.Security.OAuth.SuperOffice from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.SuperOffice?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.SuperOffice "Download AspNet.Security.OAuth.SuperOffice from MyGet.org") | [Documentation](https://community.superoffice.com/en/developer/create-apps/concepts/authentication/ "SuperOffice developer documentation") |
 | Trakt | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Trakt?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Trakt/ "Download AspNet.Security.OAuth.Trakt from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Trakt?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Trakt "Download AspNet.Security.OAuth.Trakt from MyGet.org") | [Documentation](https://trakt.docs.apiary.io/ "Trakt developer documentation") |
 | Twitch | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Twitch?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Twitch/ "Download AspNet.Security.OAuth.Twitch from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Twitch?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Twitch "Download AspNet.Security.OAuth.Twitch from MyGet.org") | [Documentation](https://dev.twitch.tv/docs/authentication/ "Twitch developer documentation") |
 | Untappd | [![NuGet](https://buildstats.info/nuget/AspNet.Security.OAuth.Untappd?includePreReleases=false)](https://www.nuget.org/packages/AspNet.Security.OAuth.Untappd/ "Download AspNet.Security.OAuth.Untappd from NuGet.org") | [![MyGet](https://buildstats.info/myget/aspnet-contrib/AspNet.Security.OAuth.Untappd?includePreReleases=false)](https://www.myget.org/feed/aspnet-contrib/package/nuget/AspNet.Security.OAuth.Untappd "Download AspNet.Security.OAuth.Untappd from MyGet.org") | [Documentation](https://untappd.com/api/docs#authentication "Untappd developer documentation") |

eng/Versions.props

@@ -15,6 +15,7 @@
     <MartinCostelloLoggingXUnitVersion>0.1.0</MartinCostelloLoggingXUnitVersion>
     <MicrosoftAspNetCoreMvcTestingVersion>3.1.3</MicrosoftAspNetCoreMvcTestingVersion>
     <MicrosoftAspNetCoreTestHostVersion>3.1.3</MicrosoftAspNetCoreTestHostVersion>
+    <MicrosoftIdentityModelProtocolsOpenIdConnect>6.5.1</MicrosoftIdentityModelProtocolsOpenIdConnect>
     <MicrosoftNETTestSdkVersion>16.6.1</MicrosoftNETTestSdkVersion>
     <RoslynAnalyzersVersion>3.0.0</RoslynAnalyzersVersion>
     <ShouldlyVersion>3.0.2</ShouldlyVersion>

src/AspNet.Security.OAuth.Apple/Internal/DefaultAppleClientSecretGenerator.cs

@@ -110,7 +110,10 @@ private static ECDsa CreateAlgorithm(byte[] keyBlob)
         private static SigningCredentials CreateSigningCredentials(string keyId, ECDsa algorithm)
         {
             var key = new ECDsaSecurityKey(algorithm) { KeyId = keyId };
-            return new SigningCredentials(key, SecurityAlgorithms.EcdsaSha256Signature);
+            return new SigningCredentials(key, SecurityAlgorithms.EcdsaSha256Signature)
+            {
+                CryptoProviderFactory = new CryptoProviderFactory { CacheSignatureProviders = false }
+            };
         }
     }
 }

src/AspNet.Security.OAuth.SuperOffice/AspNet.Security.OAuth.SuperOffice.csproj

@@ -0,0 +1,19 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFrameworks>netcoreapp3.1</TargetFrameworks>
+  </PropertyGroup>
+
+  <PropertyGroup>
+    <Description>ASP.NET Core security middleware enabling SuperOffice authentication.</Description>
+    <Authors>Anthony Yates</Authors>
+    <PackageTags>superoffice;aspnetcore;authentication;oauth;security</PackageTags>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <FrameworkReference Include="Microsoft.AspNetCore.App" />
+    <PackageReference Include="JetBrains.Annotations" Version="$(JetBrainsVersion)" PrivateAssets="All" />
+    <PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="$(MicrosoftIdentityModelProtocolsOpenIdConnect)" />
+  </ItemGroup>
+
+</Project>

src/AspNet.Security.OAuth.SuperOffice/SuperOfficeAuthenticationConstants.cs

@@ -0,0 +1,271 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+using Microsoft.AspNetCore.Authentication;
+
+namespace AspNet.Security.OAuth.SuperOffice
+{
+    /// <summary>
+    /// Contains constants specific to the <see cref="SuperOfficeAuthenticationHandler"/>.
+    /// </summary>
+    public static class SuperOfficeAuthenticationConstants
+    {
+        public static class ClaimNames
+        {
+            /// <summary>
+            /// Tenant's user identity.
+            /// </summary>
+            public const string AssociateId = "http://schemes.superoffice.net/identity/associateid";
+
+            /// <summary>
+            /// Current user's company name.
+            /// </summary>
+            public const string CompanyName = "http://schemes.superoffice.net/identity/company_name";
+
+            /// <summary>
+            /// Current user tenant identifier.
+            /// </summary>
+            public const string ContextIdentifier = "http://schemes.superoffice.net/identity/ctx";
+
+            /// <summary>
+            /// Current SuperId user email address.
+            /// </summary>
+            public const string Email = "http://schemes.superoffice.net/identity/email";
+
+            /// <summary>
+            /// Current user first name.
+            /// </summary>
+            public const string FirstName = "http://schemes.superoffice.net/identity/firstname";
+
+            /// <summary>
+            /// SuperOffice identity provider name.
+            /// </summary>
+            public const string IdentityProvider = "http://schemes.superoffice.net/identity/identityprovider";
+
+            /// <summary>
+            /// Current user initials.
+            /// </summary>
+            public const string Initials = "http://schemes.superoffice.net/identity/initials";
+
+            /// <summary>
+            /// Determines if current user is an administrator.
+            /// </summary>
+            public const string IsAdministrator = "http://schemes.superoffice.net/identity/is_administrator";
+
+            /// <summary>
+            /// Current user last name.
+            /// </summary>
+            public const string LastName = "http://schemes.superoffice.net/identity/lastname";
+
+            /// <summary>
+            /// Endpoint of SuperOffice SOAP web services.
+            /// </summary>
+            public const string NetServerUrl = "http://schemes.superoffice.net/identity/netserver_url";
+
+            /// <summary>
+            /// Tenant database serial number.
+            /// </summary>
+            public const string Serial = "http://schemes.superoffice.net/identity/serial";
+
+            /// <summary>
+            /// Current user's tenant primary email address.
+            /// </summary>
+            public const string PrimaryEmail = "http://schemes.superoffice.net/identity/so_primary_email_address";
+
+            /// <summary>
+            /// Identifier used to exchange for a system user ticket.
+            /// </summary>
+            public const string SystemToken = "http://schemes.superoffice.net/identity/system_token";
+
+            /// <summary>
+            /// Credentials token used to access web services.
+            /// </summary>
+            public const string Ticket = "http://schemes.superoffice.net/identity/ticket";
+
+            /// <summary>
+            /// Current user's username.
+            /// </summary>
+            public const string UserPrincipalName = "http://schemes.superoffice.net/identity/upn";
+
+            /// <summary>
+            /// Endpoint of SuperOffice REST web services.
+            /// </summary>
+            public const string WebApiUrl = "http://schemes.superoffice.net/identity/webapi_url";
+        }
+
+        internal static class FormatStrings
+        {
+            /// <summary>
+            /// A format string used to construct <see cref="SuperOfficeAuthenticationOptions.Authority"/>.
+            /// </summary>
+            public const string Authority = "https://{0}.superoffice.com/login";
+
+            /// <summary>
+            /// A format string used to populate OAuth authorize endpoint.
+            /// </summary>
+            public const string AuthorizeEndpoint = "https://{0}.superoffice.com/login/common/oauth/authorize";
+
+            /// <summary>
+            /// A format string used to construct <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
+            /// </summary>
+            public const string ClaimsIssuer = "https://{0}.superoffice.com";
+
+            /// <summary>
+            /// A format string used to construct well-known configuration endpoint.
+            /// </summary>
+            public const string MetadataEndpoint = "https://{0}.superoffice.com/login/.well-known/openid-configuration";
+
+            /// <summary>
+            /// A format string used to populate OAuth token endpoint.
+            /// </summary>
+            public const string TokenEndpoint = "https://{0}.superoffice.com/login/common/oauth/tokens";
+
+            /// <summary>
+            /// A format string used to obtain user claims.
+            /// </summary>
+            /// <remarks>The final user information URL contains the protocol, host and tenant.</remarks>
+            /// <example>https://sod.superoffice.com/Cust12345/api/v1/user/currentPrincipal</example>
+            public const string UserInfoEndpoint = "/{0}/api/v1/user/currentPrincipal";
+        }
+
+        public static class PrincipalNames
+        {
+            /// <summary>
+            /// Associate name (e.g. logon name) for the current user.
+            /// </summary>
+            public const string Associate = "Associate";
+
+            /// <summary>
+            /// Associate ID for the current user.
+            /// </summary>
+            public const string AssociateId = "AssociateId";
+
+            /// <summary>
+            /// Business ID for the company that the user belongs to.
+            /// </summary>
+            public const string BusinessId = "BusinessId";
+
+            /// <summary>
+            /// Category ID of the company that the user belongs to.
+            /// </summary>
+            public const string CategoryId = "CategoryId";
+
+            /// <summary>
+            /// Company of the associate's person.
+            /// </summary>
+            public const string ContactId = "ContactId";
+
+            /// <summary>
+            /// Owner (AssociateId) of the company that the user belongs to.
+            /// </summary>
+            public const string ContactOwner = "ContactOwner";
+
+            /// <summary>
+            /// Name of the tenant context identifier.
+            /// </summary>
+            public const string ContextIdentifier = "ContextIdentifier";
+
+            /// <summary>
+            /// Country ID for the user.
+            /// </summary>
+            public const string CountryId = "CountryId";
+
+            /// <summary>
+            /// Name of the database context.
+            /// </summary>
+            public const string DatabaseContextIdentifier = "DatabaseContextIdentifier";
+
+            /// <summary>
+            /// Service user access level.
+            /// </summary>
+            public const string EjAccessLevel = "EjAccessLevel";
+
+            /// <summary>
+            /// Primary key in Service user table.
+            /// </summary>
+            public const string EjUserId = "EjUserId";
+
+            /// <summary>
+            /// Service user status.
+            /// </summary>
+            public const string EjUserStatus = "EjUserStatus";
+
+            /// <summary>
+            /// The Person e-mail address if the associate is a person. Use IsPerson to check.
+            /// </summary>
+            public const string EmailAddress = "EMailAddress";
+
+            /// <summary>
+            /// The Person full name if the associate is a person. Use IsPerson to check.
+            /// </summary>
+            public const string FullName = "FullName";
+
+            /// <summary>
+            /// Functional rights for the user. This array is sorted.
+            /// </summary>
+            public const string FunctionRights = "FunctionRights";
+
+            /// <summary>
+            /// Associate's group ID.
+            /// </summary>
+            public const string GroupId = "GroupId";
+
+            /// <summary>
+            /// Country ID for the user's home country. This is the default country ID when creating new items.
+            /// </summary>
+            public const string HomeCountryId = "HomeCountryId";
+
+            /// <summary>
+            /// Is this associate a person, and not a resource?
+            /// </summary>
+            public const string IsPerson = "IsPerson";
+
+            /// <summary>
+            ///  Licenses granted to the site and user.
+            /// </summary>
+            public const string Licenses = "Licenses";
+
+            /// <summary>
+            /// Associate's person ID.
+            /// </summary>
+            public const string PersonId = "PersonId";
+
+            /// <summary>
+            /// The credentials used for authenticating this user.
+            /// </summary>
+            public const string ProvidedCredentials = "ProvidedCredentials";
+
+            /// <summary>
+            /// Description (e.g. tooltip) for the user's role.
+            /// </summary>
+            public const string RoleDescription = "RoleDescription";
+
+            /// <summary>
+            /// ID of the user's role.
+            /// </summary>
+            public const string RoleId = "RoleId";
+
+            /// <summary>
+            /// Name of the user's role.
+            /// </summary>
+            public const string RoleName = "RoleName";
+
+            /// <summary>
+            /// Type of user.
+            /// </summary>
+            public const string RoleType = "RoleType";
+
+            /// <summary>
+            /// Secondary user groups.
+            /// </summary>
+            public const string SecondaryGroups = "SecondaryGroups";
+
+            /// <summary>
+            /// Type of user.
+            /// </summary>
+            public const string UserType = "UserType";
+        }
+    }
+}

src/AspNet.Security.OAuth.SuperOffice/SuperOfficeAuthenticationDefaults.cs

@@ -0,0 +1,31 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using Microsoft.AspNetCore.Authentication;
+
+namespace AspNet.Security.OAuth.SuperOffice
+{
+    /// <summary>
+    /// Default values used by the SuperOffice authentication middleware.
+    /// </summary>
+    public static class SuperOfficeAuthenticationDefaults
+    {
+        /// <summary>
+        /// Default value for <see cref="AuthenticationScheme.Name"/>.
+        /// </summary>
+        public const string AuthenticationScheme = "SuperOffice";
+
+        /// <summary>
+        /// Default value for <see cref="RemoteAuthenticationOptions.CallbackPath"/>.
+        /// </summary>
+        public const string CallbackPath = "/signin-superoffice";
+
+        /// <summary>
+        /// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
+        /// </summary>
+        public static readonly string DisplayName = "SuperOffice";
+    }
+}