Identityserver4: Add docs for configuring common OAuth providers

We show how to enable external authentication in our quickstarts, and we document it here: https://identityserver4.readthedocs.io/en/release/topics/signin_external_providers.html

I did not find it very helpful when I started out a few weeks ago and would share some code examples and maybe some step-by-step instructions. What I was missing was more information about the Microsoft.AspNetCore.Authentication classes.

Here is what I've ended up with so far:

    public static class AuthenticationExtensions
    {
        public static void ConfigureAuthentication(
            this IApplicationBuilder app, 
            IConfiguration configuration, 
            IHostingEnvironment environment)
        {
            JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();

            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationScheme = IdentityServerConstants.DefaultCookieAuthenticationScheme,
                AutomaticAuthenticate = true,
                AutomaticChallenge = true
            });

            app.UseGoogleAuthentication(GoogleAuthentication.CreateGoogleOptions(configuration));            
            app.UseFacebookAuthentication(FacebookAuthentication.CreateFacebookOptions(configuration));
            app.UseTwitterAuthentication(TwitterAuthenticationOptions.CreateTwitterOptions(configuration));
            app.UseLinkedInAuthentication(LinkedInAuthentication.CreateLinkedInOptions(configuration));
            app.UseMicrosoftAccountAuthentication(MicrosoftAccountAuthentication.CreateMicrosoftAccountOptions(configuration));
            app.UseOpenIdConnectAuthentication(AzureAdAuthentication.CreateAzureAdOptions(configuration));
        }
    }

And the configurations looks something like:

    public static class GoogleAuthentication
    {
        public static GoogleOptions CreateGoogleOptions(IConfiguration configuration)
        {
            return new GoogleOptions
            {
                AuthenticationScheme = "Google",
                SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme,
                ClientId = configuration["OpenId:Google:ClientId"],
                ClientSecret = configuration["OpenId:Google:ClientSecret"],
                AutomaticChallenge = true,
                AutomaticAuthenticate = true,
                Events = new OAuthEvents
                {
                    OnRemoteFailure = context => HandleRemoteFailure(context),
                    OnRedirectToAuthorizationEndpoint = context => HandleRedirectToAuthorizationEndpoint(context),
                }
            };
        }

        private static Task HandleRedirectToAuthorizationEndpoint(OAuthRedirectToAuthorizationContext context)
        {
            Log.Information("Redirecting to authorization endpoint at {@redirectUri}.", context.RedirectUri);
            context.Response.Redirect(context.RedirectUri);
            return Task.FromResult(0);
        }

        private static Task HandleRemoteFailure(FailureContext context)
        {
            Log.Error(context.Failure, "Google Remote Failure");
            context.Response.Redirect("/accessdenied");
            context.HandleResponse();
            return Task.FromResult(0);
        }
    }

What I was missing was more information about the Microsoft.AspNetCore.Authentication classes.

Well, in all fairness those should be documented by Microsoft, not us.

If there are things you'd like to contribute with a PR to the existing docs (since you didn't find them helpful), please do so. As for documenting how ASP.NET Core works, as I said, that's Microsoft's job so I'll close this for now.

Having stumbled across this I've gotta say I'd love some more complete docs. I'd contribute to them myself but I still don't understand how IdentityServer4 works. Most of the documentation gives me bits and pieces and long expositions about how things kinda work but no "add exactly this, this and that, click build and it works" examples.

It's also interesting that Googling around it seems everyone, using IdentityServer4 or not, does authentication in ASP.Net Core different. I've gone through dozens and dozens of sites and not two places do it the same.

Just my 2 cents if it helps. I'll likely just not bother with ASP.Net Core in the future as it's just too much of a hassle. Microsoft doesn't do a great job of it either. Their twitter example mentions some setup in a project template that it literally doesn't link to 🤷‍♀️

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.