make endpoint router extensible #1364 (#1391)

src/IdentityServer4/Configuration/DependencyInjection/BuilderExtensions/Core.cs

@@ -23,6 +23,8 @@
 using IdentityServer4.Models;
 using IdentityServer4.Infrastructure;
 using System.Net.Http;
+using static IdentityServer4.Constants;
+using IdentityServer4.Extensions;
 
 namespace Microsoft.Extensions.DependencyInjection
 {
@@ -55,22 +57,16 @@ public static IIdentityServerBuilder AddRequiredPlatformServices(this IIdentityS
         /// <returns></returns>
         public static IIdentityServerBuilder AddDefaultEndpoints(this IIdentityServerBuilder builder)
         {
-            builder.Services.AddSingleton<IEndpointRouter>(resolver =>
-            {
-                return new EndpointRouter(Constants.EndpointPathToNameMap,
-                    resolver.GetRequiredService<IdentityServerOptions>(),
-                    resolver.GetServices<EndpointMapping>(),
-                    resolver.GetRequiredService<ILogger<EndpointRouter>>());
-            });
+            builder.Services.AddTransient<IEndpointRouter, EndpointRouter>();
 
-            builder.AddEndpoint<AuthorizeEndpoint>(EndpointName.Authorize);
-            builder.AddEndpoint<CheckSessionEndpoint>(EndpointName.CheckSession);
-            builder.AddEndpoint<DiscoveryEndpoint>(EndpointName.Discovery);
-            builder.AddEndpoint<EndSessionEndpoint>(EndpointName.EndSession);
-            builder.AddEndpoint<IntrospectionEndpoint>(EndpointName.Introspection);
-            builder.AddEndpoint<TokenRevocationEndpoint>(EndpointName.Revocation);
-            builder.AddEndpoint<TokenEndpoint>(EndpointName.Token);
-            builder.AddEndpoint<UserInfoEndpoint>(EndpointName.UserInfo);
+            builder.AddEndpoint<AuthorizeEndpoint>(EndpointNames.Authorize, ProtocolRoutePaths.Authorize.EnsureLeadingSlash());
+            builder.AddEndpoint<CheckSessionEndpoint>(EndpointNames.CheckSession, ProtocolRoutePaths.CheckSession.EnsureLeadingSlash());
+            builder.AddEndpoint<DiscoveryEndpoint>(EndpointNames.Discovery, ProtocolRoutePaths.DiscoveryConfiguration.EnsureLeadingSlash());
+            builder.AddEndpoint<EndSessionEndpoint>(EndpointNames.EndSession, ProtocolRoutePaths.EndSession.EnsureLeadingSlash());
+            builder.AddEndpoint<IntrospectionEndpoint>(EndpointNames.Introspection, ProtocolRoutePaths.Introspection.EnsureLeadingSlash());
+            builder.AddEndpoint<TokenRevocationEndpoint>(EndpointNames.Revocation, ProtocolRoutePaths.Revocation.EnsureLeadingSlash());
+            builder.AddEndpoint<TokenEndpoint>(EndpointNames.Token, ProtocolRoutePaths.Token.EnsureLeadingSlash());
+            builder.AddEndpoint<UserInfoEndpoint>(EndpointNames.UserInfo, ProtocolRoutePaths.UserInfo.EnsureLeadingSlash());
 
             return builder;
         }
@@ -80,13 +76,14 @@ public static IIdentityServerBuilder AddDefaultEndpoints(this IIdentityServerBui
         /// </summary>
         /// <typeparam name="T"></typeparam>
         /// <param name="builder">The builder.</param>
-        /// <param name="endpoint">The endpoint.</param>
+        /// <param name="name">The name.</param>
+        /// <param name="path">The path.</param>
         /// <returns></returns>
-        public static IIdentityServerBuilder AddEndpoint<T>(this IIdentityServerBuilder builder, EndpointName endpoint)
-            where T : class, IEndpoint
+        public static IIdentityServerBuilder AddEndpoint<T>(this IIdentityServerBuilder builder, string name, PathString path)
+            where T : class, IEndpointHandler
         {
             builder.Services.AddTransient<T>();
-            builder.Services.AddSingleton(new EndpointMapping { Endpoint = endpoint, Handler = typeof(T) });
+            builder.Services.AddSingleton(new Endpoint(name, path, typeof(T)));
 
             return builder;
         }

src/IdentityServer4/Constants.cs

@@ -194,6 +194,18 @@ public static class DefaultRoutePaths
             }
         }
 
+        public static class EndpointNames
+        {
+            public const string Authorize = "Authorize";
+            public const string Token = "Token";
+            public const string Discovery = "Discovery";
+            public const string Introspection = "Introspection";
+            public const string Revocation = "Revocation";
+            public const string EndSession = "Endsession";
+            public const string CheckSession = "Checksession";
+            public const string UserInfo = "Userinfo";
+        }
+
         public static class ProtocolRoutePaths
         {
             public const string Authorize              = "connect/authorize";
@@ -219,18 +231,6 @@ public static class ProtocolRoutePaths
             };
         }
 
-        public static readonly Dictionary<string, EndpointName> EndpointPathToNameMap = new Dictionary<string, EndpointName>
-        {
-            { ProtocolRoutePaths.Authorize, EndpointName.Authorize },
-            { ProtocolRoutePaths.CheckSession, EndpointName.CheckSession},
-            { ProtocolRoutePaths.DiscoveryConfiguration, EndpointName.Discovery},
-            { ProtocolRoutePaths.EndSession, EndpointName.EndSession },
-            { ProtocolRoutePaths.Introspection, EndpointName.Introspection },
-            { ProtocolRoutePaths.Revocation, EndpointName.Revocation },
-            { ProtocolRoutePaths.Token, EndpointName.Token },
-            { ProtocolRoutePaths.UserInfo, EndpointName.UserInfo }
-        };
-
         public static class EnvironmentKeys
         {
             public const string IdentityServerBasePath = "idsvr:IdentityServerBasePath";

src/IdentityServer4/Endpoints/AuthorizeEndpoint.cs

@@ -23,7 +23,7 @@
 
 namespace IdentityServer4.Endpoints
 {
-    class AuthorizeEndpoint : IEndpoint
+    class AuthorizeEndpoint : IEndpointHandler
     {
         private readonly IEventService _events;
         private readonly ILogger _logger;

src/IdentityServer4/Endpoints/CheckSessionEndpoint.cs

@@ -11,7 +11,7 @@
 
 namespace IdentityServer4.Endpoints
 {
-    class CheckSessionEndpoint : IEndpoint
+    class CheckSessionEndpoint : IEndpointHandler
     {
         private readonly ILogger _logger;
 

src/IdentityServer4/Endpoints/DiscoveryEndpoint.cs

@@ -18,8 +18,8 @@ namespace IdentityServer4.Endpoints
     /// <summary>
     /// The discovery endpoint
     /// </summary>
-    /// <seealso cref="IdentityServer4.Hosting.IEndpoint" />
-    class DiscoveryEndpoint : IEndpoint
+    /// <seealso cref="IdentityServer4.Hosting.IEndpointHandler" />
+    class DiscoveryEndpoint : IEndpointHandler
     {
         private readonly IdentityServerOptions _options;
         private readonly IDiscoveryResponseGenerator _responseGenerator;

src/IdentityServer4/Endpoints/EndSessionEndpoint.cs

@@ -15,7 +15,7 @@
 
 namespace IdentityServer4.Endpoints
 {
-    class EndSessionEndpoint : IEndpoint
+    class EndSessionEndpoint : IEndpointHandler
     {
         private readonly IEndSessionRequestValidator _endSessionRequestValidator;
         private readonly ILogger _logger;

src/IdentityServer4/Endpoints/IntrospectionEndpoint.cs

@@ -17,8 +17,8 @@ namespace IdentityServer4.Endpoints
     /// <summary>
     /// Introspection endpoint
     /// </summary>
-    /// <seealso cref="IdentityServer4.Hosting.IEndpoint" />
-    class IntrospectionEndpoint : IEndpoint
+    /// <seealso cref="IdentityServer4.Hosting.IEndpointHandler" />
+    class IntrospectionEndpoint : IEndpointHandler
     {
         private readonly IEventService _events;
         private readonly IIntrospectionResponseGenerator _responseGenerator;

src/IdentityServer4/Endpoints/TokenEndpoint.cs

@@ -20,8 +20,8 @@ namespace IdentityServer4.Endpoints
     /// <summary>
     /// The token endpoint
     /// </summary>
-    /// <seealso cref="IdentityServer4.Hosting.IEndpoint" />
-    class TokenEndpoint : IEndpoint
+    /// <seealso cref="IdentityServer4.Hosting.IEndpointHandler" />
+    class TokenEndpoint : IEndpointHandler
     {
         private readonly ClientSecretValidator _clientValidator;
         private readonly ITokenRequestValidator _requestValidator;

src/IdentityServer4/Endpoints/TokenRevocationEndpoint.cs

@@ -20,8 +20,8 @@ namespace IdentityServer4.Endpoints
     /// <summary>
     /// The revocation endpoint
     /// </summary>
-    /// <seealso cref="IdentityServer4.Hosting.IEndpoint" />
-    class TokenRevocationEndpoint : IEndpoint
+    /// <seealso cref="IdentityServer4.Hosting.IEndpointHandler" />
+    class TokenRevocationEndpoint : IEndpointHandler
     {
         private readonly ILogger _logger;
         private readonly ClientSecretValidator _clientValidator;

src/IdentityServer4/Endpoints/UserInfoEndpoint.cs

@@ -17,8 +17,8 @@ namespace IdentityServer4.Endpoints
     /// <summary>
     /// The userinfo endpoint
     /// </summary>
-    /// <seealso cref="IdentityServer4.Hosting.IEndpoint" />
-    class UserInfoEndpoint : IEndpoint
+    /// <seealso cref="IdentityServer4.Hosting.IEndpointHandler" />
+    class UserInfoEndpoint : IEndpointHandler
     {
         private readonly BearerTokenUsageValidator _tokenUsageValidator;
         private readonly IUserInfoRequestValidator _requestValidator;

src/IdentityServer4/Events/TokenIssuedFailureEvent.cs

@@ -6,6 +6,7 @@
 using IdentityServer4.Hosting;
 using IdentityServer4.Models;
 using IdentityServer4.Validation;
+using static IdentityServer4.Constants;
 
 namespace IdentityServer4.Events
 {
@@ -38,7 +39,7 @@ public TokenIssuedFailureEvent(ValidatedAuthorizeRequest request, string error,
                 }
             }
 
-            Endpoint = EndpointName.Authorize.ToString();
+            Endpoint = EndpointNames.Authorize;
             Error = error;
             ErrorDescription = description;
         }
@@ -63,7 +64,7 @@ public TokenIssuedFailureEvent(TokenRequestValidationResult result)
                 }
             }
 
-            Endpoint = EndpointName.Token.ToString();
+            Endpoint = EndpointNames.Token;
             Error = result.Error;
             ErrorDescription = result.ErrorDescription;
         }

src/IdentityServer4/Events/TokenIssuedSuccessEvent.cs

@@ -9,6 +9,7 @@
 using IdentityServer4.ResponseHandling;
 using IdentityServer4.Validation;
 using System.Collections.Generic;
+using static IdentityServer4.Constants;
 
 namespace IdentityServer4.Events
 {
@@ -28,7 +29,7 @@ public TokenIssuedSuccessEvent(AuthorizeResponse response)
             ClientId = response.Request.ClientId;
             ClientName = response.Request.Client.ClientName;
             RedirectUri = response.RedirectUri;
-            Endpoint = EndpointName.Authorize.ToString();
+            Endpoint = EndpointNames.Authorize;
             SubjectId = response.Request.Subject.GetSubjectId();
             Scopes = response.Scope;
             GrantType = response.Request.GrantType;
@@ -59,7 +60,7 @@ public TokenIssuedSuccessEvent(TokenResponse response, TokenRequestValidationRes
         {
             ClientId = request.ValidatedRequest.Client.ClientId;
             ClientName = request.ValidatedRequest.Client.ClientName;
-            Endpoint = EndpointName.Token.ToString();
+            Endpoint = EndpointNames.Token;
             SubjectId = request.ValidatedRequest.Subject?.GetSubjectId();
             GrantType = request.ValidatedRequest.GrantType;
 

src/IdentityServer4/Events/UserLoginSuccessEvent.cs

@@ -3,6 +3,7 @@
 
 
 using IdentityServer4.Hosting;
+using static IdentityServer4.Constants;
 
 namespace IdentityServer4.Events
 {
@@ -49,7 +50,7 @@ public UserLoginSuccessEvent(string username, string subjectId, string name, boo
             }
             else
             {
-                Endpoint = EndpointName.Token.ToString();
+                Endpoint = EndpointNames.Token;
             }
         }
 

src/IdentityServer4/Extensions/EndpointOptionsExtensions.cs

@@ -4,33 +4,35 @@
 
 using IdentityServer4.Configuration;
 using IdentityServer4.Hosting;
+using static IdentityServer4.Constants;
 
 namespace IdentityServer4.Extensions
 {
     internal static class EndpointOptionsExtensions
     {
-        public static bool IsEndpointEnabled(this EndpointsOptions options, EndpointName endpointName)
+        public static bool IsEndpointEnabled(this EndpointsOptions options, Endpoint endpoint)
         {
-            switch (endpointName)
+            switch (endpoint?.Name)
             {
-                case EndpointName.Authorize:
+                case EndpointNames.Authorize:
                     return options.EnableAuthorizeEndpoint;
-                case EndpointName.CheckSession:
+                case EndpointNames.CheckSession:
                     return options.EnableCheckSessionEndpoint;
-                case EndpointName.Discovery:
+                case EndpointNames.Discovery:
                     return options.EnableDiscoveryEndpoint;
-                case EndpointName.EndSession:
+                case EndpointNames.EndSession:
                     return options.EnableEndSessionEndpoint;
-                case EndpointName.Introspection:
+                case EndpointNames.Introspection:
                     return options.EnableIntrospectionEndpoint;
-                case EndpointName.Revocation:
+                case EndpointNames.Revocation:
                     return options.EnableTokenRevocationEndpoint;
-                case EndpointName.Token:
+                case EndpointNames.Token:
                     return options.EnableTokenEndpoint;
-                case EndpointName.UserInfo:
+                case EndpointNames.UserInfo:
                     return options.EnableUserInfoEndpoint;
                 default:
-                    return false;
+                    // fall thru to true to allow custom endpoints
+                    return true;
             }
         }
     }

src/IdentityServer4/Hosting/Endpoint.cs

@@ -0,0 +1,44 @@
+// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+
+#pragma warning disable 1591
+
+using System;
+using Microsoft.AspNetCore.Http;
+
+namespace IdentityServer4.Hosting
+{
+    internal class Endpoint
+    {
+        public Endpoint(string name, string path, Type handlerType)
+        {
+            Name = name;
+            Path = path;
+            Handler = handlerType;
+        }
+
+        /// <summary>
+        /// Gets or sets the name.
+        /// </summary>
+        /// <value>
+        /// The name.
+        /// </value>
+        public string Name { get; set; }
+
+        /// <summary>
+        /// Gets or sets the path.
+        /// </summary>
+        /// <value>
+        /// The path.
+        /// </value>
+        public PathString Path { get; set; }
+
+        /// <summary>
+        /// Gets or sets the handler.
+        /// </summary>
+        /// <value>
+        /// The handler.
+        /// </value>
+        public Type Handler { get; set; }
+    }
+}