From ddeef1f9ac09c34c2a2c28e35923ae7288b1049e Mon Sep 17 00:00:00 2001 From: Troy Dai Date: Fri, 23 Sep 2016 10:23:50 -0700 Subject: [PATCH] Add prompt parameter to Google auth endpoint --- .../GoogleHandler.cs | 8 +++++--- .../Google/GoogleMiddlewareTests.cs | 8 +++++++- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/src/Microsoft.AspNetCore.Authentication.Google/GoogleHandler.cs b/src/Microsoft.AspNetCore.Authentication.Google/GoogleHandler.cs index 68cc6054f1..f28ab4d14a 100644 --- a/src/Microsoft.AspNetCore.Authentication.Google/GoogleHandler.cs +++ b/src/Microsoft.AspNetCore.Authentication.Google/GoogleHandler.cs @@ -87,18 +87,20 @@ namespace Microsoft.AspNetCore.Authentication.Google // TODO: Abstract this properties override pattern into the base class? protected override string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri) { - var scope = FormatScope(); + // Google Identity Platform Manual: + // https://developers.google.com/identity/protocols/OAuth2WebServer var queryStrings = new Dictionary(StringComparer.OrdinalIgnoreCase); queryStrings.Add("response_type", "code"); queryStrings.Add("client_id", Options.ClientId); queryStrings.Add("redirect_uri", redirectUri); - AddQueryString(queryStrings, properties, "scope", scope); - + AddQueryString(queryStrings, properties, "scope", FormatScope()); AddQueryString(queryStrings, properties, "access_type", Options.AccessType); AddQueryString(queryStrings, properties, "approval_prompt"); + AddQueryString(queryStrings, properties, "prompt"); AddQueryString(queryStrings, properties, "login_hint"); + AddQueryString(queryStrings, properties, "include_granted_scopes"); var state = Options.StateDataFormat.Protect(properties); queryStrings.Add("state", state); diff --git a/test/Microsoft.AspNetCore.Authentication.Test/Google/GoogleMiddlewareTests.cs b/test/Microsoft.AspNetCore.Authentication.Test/Google/GoogleMiddlewareTests.cs index d0a2cfa195..944c322ad3 100644 --- a/test/Microsoft.AspNetCore.Authentication.Test/Google/GoogleMiddlewareTests.cs +++ b/test/Microsoft.AspNetCore.Authentication.Test/Google/GoogleMiddlewareTests.cs @@ -43,8 +43,10 @@ namespace Microsoft.AspNetCore.Authentication.Google Assert.Contains("&state=", location); Assert.DoesNotContain("access_type=", location); + Assert.DoesNotContain("prompt=", location); Assert.DoesNotContain("approval_prompt=", location); Assert.DoesNotContain("login_hint=", location); + Assert.DoesNotContain("include_granted_scopes=", location); } [Fact] @@ -177,7 +179,9 @@ namespace Microsoft.AspNetCore.Authentication.Google { "scope", "https://www.googleapis.com/auth/plus.login" }, { "access_type", "offline" }, { "approval_prompt", "force" }, - { "login_hint", "test@example.com" } + { "prompt", "consent" }, + { "login_hint", "test@example.com" }, + { "include_granted_scopes", "false" } })); } @@ -189,6 +193,8 @@ namespace Microsoft.AspNetCore.Authentication.Google Assert.Contains("scope=" + UrlEncoder.Default.Encode("https://www.googleapis.com/auth/plus.login"), query); Assert.Contains("access_type=offline", query); Assert.Contains("approval_prompt=force", query); + Assert.Contains("prompt=consent", query); + Assert.Contains("include_granted_scopes=false", query); Assert.Contains("login_hint=" + UrlEncoder.Default.Encode("test@example.com"), query); }