Discord feature 367 prompt field (#415)

* Added the ability to set a "prompt" query string parameter on the Authorization Endpoint URL.

* Added Discord tests for the Authorization Endpoint Uri prompt query string.

* Converted Discord prompt enum to string, modified Discord unit tests.  Added comments to unit tests.

* Making requested changes.

* Updating Promp comments.

Author: lukefulliton

src/AspNet.Security.OAuth.Discord/DiscordAuthenticationConstants.cs

@@ -23,5 +23,11 @@ public static class Claims
             public const string AvatarUrl = "urn:discord:avatar:url";
             public const string Discriminator = "urn:discord:user:discriminator";
         }
+
+        public static class UrlQueryParameterValues
+        {
+            public const string Consent = "consent";
+            public const string None = "none";
+        }
     }
 }

src/AspNet.Security.OAuth.Discord/DiscordAuthenticationHandler.cs

@@ -4,6 +4,7 @@
  * for more information concerning the license and the contributors participating to this project.
  */
 
+using System.Globalization;
 using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Security.Claims;
@@ -13,6 +14,7 @@
 using JetBrains.Annotations;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OAuth;
+using Microsoft.AspNetCore.WebUtilities;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 
@@ -29,6 +31,21 @@ public DiscordAuthenticationHandler(
         {
         }
 
+        /// <inheritdoc />
+        protected override string BuildChallengeUrl(
+            [NotNull] AuthenticationProperties properties,
+            [NotNull] string redirectUri)
+        {
+            string challengeUrl = base.BuildChallengeUrl(properties, redirectUri);
+
+            if (!string.IsNullOrEmpty(Options.Prompt))
+            {
+                challengeUrl = QueryHelpers.AddQueryString(challengeUrl, "prompt", Options.Prompt);
+            }
+
+            return challengeUrl;
+        }
+
         protected override async Task<AuthenticationTicket> CreateTicketAsync(
             [NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties,

src/AspNet.Security.OAuth.Discord/DiscordAuthenticationOptions.cs

@@ -8,7 +8,6 @@
 using System.Security.Claims;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OAuth;
-using Microsoft.AspNetCore.Http;
 using static AspNet.Security.OAuth.Discord.DiscordAuthenticationConstants;
 
 namespace AspNet.Security.OAuth.Discord
@@ -28,6 +27,14 @@ public class DiscordAuthenticationOptions : OAuthOptions
         /// </summary>
         public string DiscordAvatarFormat { get; set; } = Urls.AvatarUrlFormat;
 
+        /// <summary>
+        /// Controls how the authorization flow handles existing authorizations.
+        /// The default value of this property is null and the "prompt" query string parameter will not be appended to the Authorization Endpoint URL.
+        /// Assigning this property any value other than null or an empty string will automatically append the "prompt" query string parameter to the Authorization Endpoint URL,
+        /// with the corresponding value.
+        /// </summary>
+        public string? Prompt { get; set; }
+
         public DiscordAuthenticationOptions()
         {
             ClaimsIssuer = DiscordAuthenticationDefaults.Issuer;

test/AspNet.Security.OAuth.Providers.Tests/Discord/DiscordTests.cs

@@ -4,10 +4,13 @@
  * for more information concerning the license and the contributors participating to this project.
  */
 
+using System;
 using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
 using Microsoft.Extensions.DependencyInjection;
+using Shouldly;
 using Xunit;
 using Xunit.Abstractions;
 using static AspNet.Security.OAuth.Discord.DiscordAuthenticationConstants;
@@ -46,5 +49,100 @@ public async Task Can_Sign_In_Using_Discord(string claimType, string claimValue)
             // Assert
             AssertClaim(claims, claimType, claimValue);
         }
+
+        [Fact]
+        public async Task Authorization_Endpoint_Uri_by_Default_Does_Not_Contain_Prompt()
+        {
+            bool doesNotContainPrompt = false;
+
+            void ConfigureServices(IServiceCollection services)
+            {
+                services.PostConfigureAll<DiscordAuthenticationOptions>((options) =>
+                {
+                    options.Events = new OAuthEvents
+                    {
+                        OnRedirectToAuthorizationEndpoint = ctx =>
+                        {
+                            doesNotContainPrompt = !ctx.RedirectUri.Contains("prompt=", StringComparison.InvariantCulture);
+                            ctx.Response.Redirect(ctx.RedirectUri);
+                            return Task.CompletedTask;
+                        }
+                    };
+                });
+            }
+
+            // Arrange
+            using var server = CreateTestServer(ConfigureServices);
+
+            // Act
+            await AuthenticateUserAsync(server);
+
+            // Assert
+            doesNotContainPrompt.ShouldBeTrue();
+        }
+
+        [Fact]
+        public async Task Authorization_Endpoint_Uri_Contains_Prompt_None()
+        {
+            bool promptIsSetToNone = false;
+
+            void ConfigureServices(IServiceCollection services)
+            {
+                services.PostConfigureAll<DiscordAuthenticationOptions>((options) =>
+                {
+                    options.Prompt = "none";
+                    options.Events = new OAuthEvents
+                    {
+                        OnRedirectToAuthorizationEndpoint = ctx =>
+                        {
+                            promptIsSetToNone = ctx.RedirectUri.Contains("prompt=none", StringComparison.InvariantCulture);
+                            ctx.Response.Redirect(ctx.RedirectUri);
+                            return Task.CompletedTask;
+                        }
+                    };
+                });
+            }
+
+            // Arrange
+            using var server = CreateTestServer(ConfigureServices);
+
+            // Act
+            await AuthenticateUserAsync(server);
+
+            // Assert
+            promptIsSetToNone.ShouldBeTrue();
+        }
+
+        [Fact]
+        public async Task Authorization_Endpoint_Uri_Contains_Prompt_Consent()
+        {
+            bool promptIsSetToConsent = false;
+
+            void ConfigureServices(IServiceCollection services)
+            {
+                services.PostConfigureAll<DiscordAuthenticationOptions>((options) =>
+                {
+                    options.Prompt = "consent";
+                    options.Events = new OAuthEvents
+                    {
+                        OnRedirectToAuthorizationEndpoint = ctx =>
+                        {
+                            promptIsSetToConsent = ctx.RedirectUri.Contains("prompt=consent", StringComparison.InvariantCulture);
+                            ctx.Response.Redirect(ctx.RedirectUri);
+                            return Task.CompletedTask;
+                        }
+                    };
+                });
+            }
+
+            // Arrange
+            using var server = CreateTestServer(ConfigureServices);
+
+            // Act
+            await AuthenticateUserAsync(server);
+
+            // Assert
+            promptIsSetToConsent.ShouldBeTrue();
+        }
     }
 }