🧱 OAuth login infra
This commit is contained in:
62
DysonNetwork.Sphere/README.md
Normal file
62
DysonNetwork.Sphere/README.md
Normal file
@ -0,0 +1,62 @@
|
||||
# OpenID Connect Integration
|
||||
|
||||
This project includes a reusable OpenID Connect client implementation that can be used with multiple providers.
|
||||
|
||||
## Supported Providers
|
||||
|
||||
- Apple Sign In
|
||||
- Google Sign In
|
||||
|
||||
## How to Add a New Provider
|
||||
|
||||
1. Create a new class that inherits from `OidcService` in the `Auth/OpenId` directory
|
||||
2. Implement the abstract methods and properties
|
||||
3. Register the service in `Program.cs`
|
||||
4. Add the provider's configuration to `appsettings.json`
|
||||
5. Add the provider to the `GetOidcService` method in both `OidcController` and `AuthCallbackController`
|
||||
|
||||
## Configuration
|
||||
|
||||
### Apple Sign In
|
||||
|
||||
```json
|
||||
"Apple": {
|
||||
"ClientId": "YOUR_APPLE_CLIENT_ID", // Your Service ID from Apple Developer portal
|
||||
"TeamId": "YOUR_APPLE_TEAM_ID", // Your Team ID from Apple Developer portal
|
||||
"KeyId": "YOUR_APPLE_KEY_ID", // Key ID for the private key
|
||||
"PrivateKeyPath": "./apple_auth_key.p8", // Path to your .p8 private key file
|
||||
"RedirectUri": "https://your-app.com/auth/callback/apple" // Your callback URL
|
||||
}
|
||||
```
|
||||
|
||||
### Google Sign In
|
||||
|
||||
```json
|
||||
"Google": {
|
||||
"ClientId": "YOUR_GOOGLE_CLIENT_ID", // Your OAuth client ID
|
||||
"ClientSecret": "YOUR_GOOGLE_CLIENT_SECRET", // Your OAuth client secret
|
||||
"RedirectUri": "https://your-app.com/auth/callback/google" // Your callback URL
|
||||
}
|
||||
```
|
||||
|
||||
## Usage
|
||||
|
||||
To initiate the OpenID Connect flow, redirect the user to:
|
||||
|
||||
```
|
||||
/auth/login/{provider}?returnUrl=/your-return-path
|
||||
```
|
||||
|
||||
Where `{provider}` is one of the supported providers (e.g., `apple`, `google`).
|
||||
|
||||
## Authentication Flow
|
||||
|
||||
1. User is redirected to the provider's authentication page
|
||||
2. After successful authentication, the provider redirects back to your callback endpoint
|
||||
3. The callback endpoint processes the response and creates or retrieves the user account
|
||||
4. A session is created for the user and a token is issued
|
||||
5. The user is redirected back to the specified return URL with the token set as a cookie
|
||||
|
||||
## Customization
|
||||
|
||||
The base `OidcService` class provides common functionality for all providers. You can override any of its methods in your provider-specific implementations to customize the behavior.
|
Reference in New Issue
Block a user