From b6a10c67778f7b753af44fe2cec8b4ac37daec2a Mon Sep 17 00:00:00 2001 From: Chris R Date: Wed, 14 Sep 2022 11:17:03 -0700 Subject: [PATCH 1/2] Update facebook OAuth API version to 14 #4684 --- .../Authentication/Facebook/src/FacebookDefaults.cs | 6 +++--- .../MicrosoftAccount/src/MicrosoftAccountDefaults.cs | 2 +- src/Security/Authentication/test/FacebookTests.cs | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/Security/Authentication/Facebook/src/FacebookDefaults.cs b/src/Security/Authentication/Facebook/src/FacebookDefaults.cs index 1a64d2f4fb3b..f1ff992ce5a2 100644 --- a/src/Security/Authentication/Facebook/src/FacebookDefaults.cs +++ b/src/Security/Authentication/Facebook/src/FacebookDefaults.cs @@ -24,15 +24,15 @@ public static class FacebookDefaults /// /// For more details about this endpoint, see . /// - public static readonly string AuthorizationEndpoint = "https://www.facebook.com/v11.0/dialog/oauth"; + public static readonly string AuthorizationEndpoint = "https://www.facebook.com/v14.0/dialog/oauth"; /// /// The OAuth endpoint used to retrieve access tokens. /// - public static readonly string TokenEndpoint = "https://graph.facebook.com/v11.0/oauth/access_token"; + public static readonly string TokenEndpoint = "https://graph.facebook.com/v14.0/oauth/access_token"; /// /// The Facebook Graph API endpoint that is used to gather additional user information. /// - public static readonly string UserInformationEndpoint = "https://graph.facebook.com/v11.0/me"; + public static readonly string UserInformationEndpoint = "https://graph.facebook.com/v14.0/me"; } diff --git a/src/Security/Authentication/MicrosoftAccount/src/MicrosoftAccountDefaults.cs b/src/Security/Authentication/MicrosoftAccount/src/MicrosoftAccountDefaults.cs index 5f9678308d93..d36dcadf4a26 100644 --- a/src/Security/Authentication/MicrosoftAccount/src/MicrosoftAccountDefaults.cs +++ b/src/Security/Authentication/MicrosoftAccount/src/MicrosoftAccountDefaults.cs @@ -22,7 +22,7 @@ public static class MicrosoftAccountDefaults /// The default endpoint used to perform Microsoft account authentication. /// /// - /// For more details about this endpoint, see . + /// For more details about this endpoint, see . /// public static readonly string AuthorizationEndpoint = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"; diff --git a/src/Security/Authentication/test/FacebookTests.cs b/src/Security/Authentication/test/FacebookTests.cs index 0b6b6b242c8e..001fea35feea 100644 --- a/src/Security/Authentication/test/FacebookTests.cs +++ b/src/Security/Authentication/test/FacebookTests.cs @@ -229,7 +229,7 @@ public async Task NestedMapWillNotAffectRedirect() var transaction = await server.SendAsync("http://example.com/base/login"); Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode); var location = transaction.Response.Headers.Location.AbsoluteUri; - Assert.Contains("https://www.facebook.com/v11.0/dialog/oauth", location); + Assert.Contains("https://www.facebook.com/v14.0/dialog/oauth", location); Assert.Contains("response_type=code", location); Assert.Contains("client_id=", location); Assert.Contains("redirect_uri=" + UrlEncoder.Default.Encode("http://example.com/base/signin-facebook"), location); @@ -262,7 +262,7 @@ public async Task MapWillNotAffectRedirect() var transaction = await server.SendAsync("http://example.com/login"); Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode); var location = transaction.Response.Headers.Location.AbsoluteUri; - Assert.Contains("https://www.facebook.com/v11.0/dialog/oauth", location); + Assert.Contains("https://www.facebook.com/v14.0/dialog/oauth", location); Assert.Contains("response_type=code", location); Assert.Contains("client_id=", location); Assert.Contains("redirect_uri=" + UrlEncoder.Default.Encode("http://example.com/signin-facebook"), location); @@ -297,7 +297,7 @@ public async Task ChallengeWillTriggerRedirection() var transaction = await server.SendAsync("http://example.com/challenge"); Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode); var location = transaction.Response.Headers.Location.AbsoluteUri; - Assert.Contains("https://www.facebook.com/v11.0/dialog/oauth", location); + Assert.Contains("https://www.facebook.com/v14.0/dialog/oauth", location); Assert.Contains("response_type=code", location); Assert.Contains("client_id=", location); Assert.Contains("redirect_uri=", location); From beda821c3021812cce0018c2ff632e5936365d3f Mon Sep 17 00:00:00 2001 From: Chris R Date: Wed, 14 Sep 2022 11:37:16 -0700 Subject: [PATCH 2/2] Update google oauth user info endpoint to v3 #4684 --- src/Security/Authentication/Google/src/GoogleDefaults.cs | 5 +---- src/Security/Authentication/Google/src/GoogleOptions.cs | 3 ++- src/Security/Authentication/test/GoogleTests.cs | 4 ++-- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/src/Security/Authentication/Google/src/GoogleDefaults.cs b/src/Security/Authentication/Google/src/GoogleDefaults.cs index f98d8ef90430..bab751153781 100644 --- a/src/Security/Authentication/Google/src/GoogleDefaults.cs +++ b/src/Security/Authentication/Google/src/GoogleDefaults.cs @@ -34,8 +34,5 @@ public static class GoogleDefaults /// /// The Google endpoint that is used to gather additional user information. /// - /// - /// For more details about this endpoint, see . - /// - public static readonly string UserInformationEndpoint = "https://www.googleapis.com/oauth2/v2/userinfo"; + public static readonly string UserInformationEndpoint = "https://www.googleapis.com/oauth2/v3/userinfo"; } diff --git a/src/Security/Authentication/Google/src/GoogleOptions.cs b/src/Security/Authentication/Google/src/GoogleOptions.cs index b08fa4dffadf..9408148ebc0d 100644 --- a/src/Security/Authentication/Google/src/GoogleOptions.cs +++ b/src/Security/Authentication/Google/src/GoogleOptions.cs @@ -25,7 +25,8 @@ public GoogleOptions() Scope.Add("profile"); Scope.Add("email"); - ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id"); + ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id"); // v2 + ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "sub"); // v3 ClaimActions.MapJsonKey(ClaimTypes.Name, "name"); ClaimActions.MapJsonKey(ClaimTypes.GivenName, "given_name"); ClaimActions.MapJsonKey(ClaimTypes.Surname, "family_name"); diff --git a/src/Security/Authentication/test/GoogleTests.cs b/src/Security/Authentication/test/GoogleTests.cs index 0857a9bcd43f..1f2c4e3648c4 100644 --- a/src/Security/Authentication/test/GoogleTests.cs +++ b/src/Security/Authentication/test/GoogleTests.cs @@ -1026,11 +1026,11 @@ private HttpMessageHandler CreateBackchannel() refresh_token = "Test Refresh Token" }); } - else if (req.RequestUri.GetComponents(UriComponents.SchemeAndServer | UriComponents.Path, UriFormat.UriEscaped) == "https://www.googleapis.com/oauth2/v2/userinfo") + else if (req.RequestUri.GetComponents(UriComponents.SchemeAndServer | UriComponents.Path, UriFormat.UriEscaped) == "https://www.googleapis.com/oauth2/v3/userinfo") { return ReturnJsonResponse(new { - id = "Test User ID", + sub = "Test User ID", name = "Test Name", given_name = "Test Given Name", family_name = "Test Family Name",