private async Task AddScheme(ExternalLoginScheme scheme) { if (!new Regex("^Scheme[0-9]$").IsMatch(scheme.Name ?? string.Empty)) { throw new ArgumentException($"Scheme name '{scheme.Name}' must be like '^Scheme[0-9]$'."); } if (await schemeProvider.GetSchemeAsync(scheme.Name) != null) { throw new ArgumentException($"Scheme '{scheme.Name}' already exists."); } if (!new Regex("^[ a-zA-Z0-9]+$").IsMatch(scheme.DisplayName ?? string.Empty)) { throw new ArgumentException($"Scheme display name '{scheme.DisplayName}' must be like '^[ a-zA-Z0-9]+$'."); } var newOptions = new MicrosoftAccountOptions { SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme, ClientId = scheme.ClientId, ClientSecret = scheme.ClientSecret, AuthorizationEndpoint = scheme.AuthorizationEndpoint, TokenEndpoint = scheme.TokenEndpoint, CallbackPath = scheme.CallbackPath, }; newOptions.Validate(); foreach (var c in optionsConfigure) { c.Configure(newOptions); } foreach (var c in optionsPostConfigure) { c.PostConfigure(scheme.Name, newOptions); } var dataProtector = newOptions.DataProtectionProvider.CreateProtector(typeof(CacheStateLocallyAndOnlySendReference).FullName, scheme.Name, "v1"); newOptions.StateDataFormat = new CacheStateLocallyAndOnlySendReference(this.httpContextAccessor, dataProtector); optionsCache.TryAdd(scheme.Name, newOptions); schemeProvider.AddScheme(new AuthenticationScheme(scheme.Name, scheme.DisplayName, typeof(MicrosoftAccountHandler))); logger.LogInformation("Added external authentication {ExternalLogin} for tenant {Tenant}.", scheme.Name, resolvedTenant.TenantName); }
private async Task UpdateScheme(ExternalLoginScheme desiredExternalScheme, AuthenticationScheme actualExternalScheme) { var options = optionsCache.GetOrAdd(desiredExternalScheme.Name, () => new MicrosoftAccountOptions()); bool updateNeeded = desiredExternalScheme.DisplayName != actualExternalScheme.DisplayName || desiredExternalScheme.ClientId != options.ClientId || desiredExternalScheme.ClientSecret != options.ClientSecret || desiredExternalScheme.AuthorizationEndpoint != options.AuthorizationEndpoint || desiredExternalScheme.TokenEndpoint != options.TokenEndpoint || desiredExternalScheme.CallbackPath != options.CallbackPath ; if (updateNeeded) { RemoveScheme(actualExternalScheme); await AddScheme(desiredExternalScheme); } }