GitHub authentication

This implements GitHub authentication for the website mostly based of
the model here
https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers/tree/dev/samples/Mvc.Client

dotnet/Razor/Auth/Auth.csproj

@@ -4,4 +4,8 @@
     <TargetFramework>netcoreapp3.1</TargetFramework>
   </PropertyGroup>
 
+  <ItemGroup>
+    <PackageReference Include="AspNet.Security.OAuth.GitHub" Version="3.1.1" />
+  </ItemGroup>
+
 </Project>

dotnet/Razor/Auth/Code/Extensions.cs

@@ -0,0 +1,18 @@
+using System.Threading.Tasks;
+using AspNet.Security.OAuth.GitHub;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Auth
+{
+    internal static class Extensions
+    {
+        internal static async Task<AuthenticationScheme> GetGitHubAuthenticationSchemeAsync(this HttpContext httpContext)
+        {
+            var provider = httpContext.RequestServices.GetRequiredService<IAuthenticationSchemeProvider>();
+            var scheme = await provider.GetSchemeAsync(GitHubAuthenticationDefaults.AuthenticationScheme);
+            return scheme;
+        }
+    }
+}

dotnet/Razor/Auth/Pages/Index.cshtml

@@ -4,7 +4,21 @@
     ViewData["Title"] = "Home page";
 }
 
-<div class="text-center">
-    <h1 class="display-4">Welcome</h1>
-    <p>Learn about <a href="https://docs.microsoft.com/aspnet/core">building Web apps with ASP.NET Core</a>.</p>
-</div>
+@if (User?.Identity?.IsAuthenticated ?? false)
+{
+    <h1>Welcome, @User.Identity.Name</h1>
+
+    <p>
+        @foreach (var claim in @Model.HttpContext.User.Claims)
+        {
+            <div><code>@claim.Type</code>: <strong>@claim.Value</strong></div>
+        }
+    </p>
+
+    <a class="btn btn-lg btn-danger" href="/signout">Sign out</a>
+}
+else
+{
+    <h1>Welcome, anonymous</h1>
+    <a class="btn btn-lg btn-success" href="/signin">Sign in</a>
+}

dotnet/Razor/Auth/Pages/SignIn.cshtml

@@ -0,0 +1,14 @@
+@page
+@model SignInModel
+
+<div class="jumbotron">
+    <h1>Authentication</h1>
+    <p class="lead text-left">Sign in using GitHub</p>
+
+    <form method="post">
+        <input type="hidden" name="Provider" value="@Model.AuthenticationScheme.Name" />
+        <input type="hidden" name="ReturnUrl" value="@ViewBag.ReturnUrl" />
+
+        <button class="btn btn-lg btn-success m-1" type="submit">Authenticate</button>
+    </form>
+</div>

dotnet/Razor/Auth/Pages/SignIn.cshtml.cs

@@ -0,0 +1,32 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using AspNet.Security.OAuth.GitHub;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+using Microsoft.Extensions.Logging;
+
+namespace Auth.Pages
+{
+    public class SignInModel : PageModel
+    {
+        public AuthenticationScheme AuthenticationScheme { get; set; }
+
+        public async Task OnGetAsync()
+        {
+            AuthenticationScheme = await HttpContext.GetGitHubAuthenticationSchemeAsync();
+        }
+
+        public IActionResult OnPost()
+        {
+            return Challenge(
+                new AuthenticationProperties()
+                {
+                    RedirectUri = "/"
+                },
+                GitHubAuthenticationDefaults.AuthenticationScheme);
+        }
+    }
+}

dotnet/Razor/Auth/Pages/SignOut.cshtml

@@ -0,0 +1,4 @@
+@page
+@model SignOutModel
+
+<h1>Signing out ...</h1>

dotnet/Razor/Auth/Pages/SignOut.cshtml.cs

@@ -0,0 +1,24 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using AspNet.Security.OAuth.GitHub;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.RazorPages;
+using Microsoft.Extensions.Logging;
+
+namespace Auth.Pages
+{
+    public class SignOutModel : PageModel
+    {
+        public IActionResult OnGet() => 
+            SignOut(
+                new AuthenticationProperties()
+                {
+                    RedirectUri = "/"
+                },
+                CookieAuthenticationDefaults.AuthenticationScheme);
+    }
+}

dotnet/Razor/Auth/Startup.cs

@@ -2,8 +2,10 @@
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.HttpsPolicy;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
@@ -24,6 +26,22 @@ public Startup(IConfiguration configuration)
         public void ConfigureServices(IServiceCollection services)
         {
             services.AddRazorPages();
+            services.AddAuthentication(options =>
+            {
+                options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
+            })
+
+            .AddCookie(options =>
+            {
+                options.LoginPath = "/signin";
+                options.LogoutPath = "/signout";
+            })
+
+            .AddGitHub(options =>
+            {
+                options.ClientId = "49e302895d8b09ea5656";
+                options.ClientSecret = "98f1bf028608901e9df91d64ee61536fe562064b";
+            });
         }
 
         // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
@@ -45,6 +63,7 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
 
             app.UseRouting();
 
+            app.UseAuthentication();
             app.UseAuthorization();
 
             app.UseEndpoints(endpoints =>