Add prompt parameter to Google auth endpoint

2016-09-23 10:23:50 -07:00 · 2016-09-23 10:23:50 -07:00 · ddeef1f9ac
parent 5aae7ded01
commit ddeef1f9ac
2 changed files with 12 additions and 4 deletions
--- a/src/Microsoft.AspNetCore.Authentication.Google/GoogleHandler.cs
+++ b/src/Microsoft.AspNetCore.Authentication.Google/GoogleHandler.cs
@ -87,18 +87,20 @@ namespace Microsoft.AspNetCore.Authentication.Google
        // TODO: Abstract this properties override pattern into the base class?
        protected override string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri)
        {
-            var scope = FormatScope();
+            // Google Identity Platform Manual:
+            // https://developers.google.com/identity/protocols/OAuth2WebServer

            var queryStrings = new Dictionary<string, string>(StringComparer.OrdinalIgnoreCase);
            queryStrings.Add("response_type", "code");
            queryStrings.Add("client_id", Options.ClientId);
            queryStrings.Add("redirect_uri", redirectUri);

-            AddQueryString(queryStrings, properties, "scope", scope);
-
+            AddQueryString(queryStrings, properties, "scope", FormatScope());
            AddQueryString(queryStrings, properties, "access_type", Options.AccessType);
            AddQueryString(queryStrings, properties, "approval_prompt");
+            AddQueryString(queryStrings, properties, "prompt");
            AddQueryString(queryStrings, properties, "login_hint");
+            AddQueryString(queryStrings, properties, "include_granted_scopes");

            var state = Options.StateDataFormat.Protect(properties);
            queryStrings.Add("state", state);
--- a/test/Microsoft.AspNetCore.Authentication.Test/Google/GoogleMiddlewareTests.cs
+++ b/test/Microsoft.AspNetCore.Authentication.Test/Google/GoogleMiddlewareTests.cs
@ -43,8 +43,10 @@ namespace Microsoft.AspNetCore.Authentication.Google
            Assert.Contains("&state=", location);

            Assert.DoesNotContain("access_type=", location);
+            Assert.DoesNotContain("prompt=", location);
            Assert.DoesNotContain("approval_prompt=", location);
            Assert.DoesNotContain("login_hint=", location);
+            Assert.DoesNotContain("include_granted_scopes=", location);
        }

        [Fact]
@ -177,7 +179,9 @@ namespace Microsoft.AspNetCore.Authentication.Google
                                { "scope", "https://www.googleapis.com/auth/plus.login" },
                                { "access_type", "offline" },
                                { "approval_prompt", "force" },
-                                { "login_hint", "test@example.com" }
+                                { "prompt", "consent" },
+                                { "login_hint", "test@example.com" },
+                                { "include_granted_scopes", "false" }
                            }));
                    }

@ -189,6 +193,8 @@ namespace Microsoft.AspNetCore.Authentication.Google
            Assert.Contains("scope=" + UrlEncoder.Default.Encode("https://www.googleapis.com/auth/plus.login"), query);
            Assert.Contains("access_type=offline", query);
            Assert.Contains("approval_prompt=force", query);
+            Assert.Contains("prompt=consent", query);
+            Assert.Contains("include_granted_scopes=false", query);
            Assert.Contains("login_hint=" + UrlEncoder.Default.Encode("test@example.com"), query);
        }