| | | 1 | | <# |
| | | 2 | | .SYNOPSIS |
| | | 3 | | Adds GitHub OAuth (Authorization Code) authentication to the Kestrun server. |
| | | 4 | | .DESCRIPTION |
| | | 5 | | Convenience wrapper around the C# extension AddGitHubOAuthAuthentication. Registers three schemes: |
| | | 6 | | <Name>, <Name>.Cookies, <Name>.Policy |
| | | 7 | | Includes PKCE, saves tokens, maps login & avatar claims, and can enrich email from /user/emails. |
| | | 8 | | .PARAMETER Server |
| | | 9 | | The Kestrun server instance. If omitted, uses the current active server. |
| | | 10 | | .PARAMETER AuthenticationScheme |
| | | 11 | | Base scheme name (default 'GitHub'). |
| | | 12 | | .PARAMETER DisplayName |
| | | 13 | | Display name for the authentication scheme. |
| | | 14 | | .PARAMETER Description |
| | | 15 | | A description of the GitHub authentication scheme. |
| | | 16 | | .PARAMETER DocId |
| | | 17 | | Documentation IDs for the authentication scheme. |
| | | 18 | | .PARAMETER ClientId |
| | | 19 | | GitHub OAuth App Client ID. |
| | | 20 | | .PARAMETER ClientSecret |
| | | 21 | | GitHub OAuth App Client Secret. |
| | | 22 | | .PARAMETER CallbackPath |
| | | 23 | | Optional callback path (default '/signin-oauth'). Must match your GitHub OAuth App redirect URL path. |
| | | 24 | | .PARAMETER PassThru |
| | | 25 | | Return the modified server object. |
| | | 26 | | .EXAMPLE |
| | | 27 | | Add-KrGitHubAuthentication -ClientId $env:GITHUB_CLIENT_ID -ClientSecret $env:GITHUB_CLIENT_SECRET |
| | | 28 | | .EXAMPLE |
| | | 29 | | Add-KrGitHubAuthentication -AuthenticationScheme 'GitHubMain' -ClientId 'abc' -ClientSecret 'secret' -Scope 'gist' - |
| | | 30 | | .NOTES |
| | | 31 | | Requires the generic OAuth2 infrastructure plus provider-specific handling in C#. |
| | | 32 | | #> |
| | | 33 | | function Add-KrGitHubAuthentication { |
| | | 34 | | [KestrunRuntimeApi('Definition')] |
| | | 35 | | [CmdletBinding()] |
| | | 36 | | [OutputType([Kestrun.Hosting.KestrunHost])] |
| | | 37 | | param( |
| | | 38 | | [Parameter(ValueFromPipeline = $true)] |
| | | 39 | | [Kestrun.Hosting.KestrunHost]$Server, |
| | | 40 | | |
| | | 41 | | [Parameter()] |
| | | 42 | | [string]$AuthenticationScheme = [Kestrun.Authentication.AuthenticationDefaults]::GitHubAuthenticationSchemeName, |
| | | 43 | | |
| | | 44 | | [Parameter()] |
| | | 45 | | [string]$DisplayName = [Kestrun.Authentication.AuthenticationDefaults]::GitHubDisplayName, |
| | | 46 | | |
| | | 47 | | [Parameter()] |
| | | 48 | | [string[]]$DocId = [Kestrun.Authentication.IOpenApiAuthenticationOptions]::DefaultDocumentationIds, |
| | | 49 | | |
| | | 50 | | [Parameter()] |
| | | 51 | | [string]$Description, |
| | | 52 | | |
| | | 53 | | [Parameter(Mandatory = $true)] |
| | | 54 | | [string]$ClientId, |
| | | 55 | | [Parameter(Mandatory = $true)] |
| | | 56 | | [string]$ClientSecret, |
| | | 57 | | [string]$CallbackPath = '/signin-oauth', |
| | | 58 | | [switch]$PassThru |
| | | 59 | | ) |
| | | 60 | | begin { |
| | 0 | 61 | | $Server = Resolve-KestrunServer -Server $Server |
| | | 62 | | } |
| | | 63 | | process { |
| | 0 | 64 | | [Kestrun.Hosting.KestrunHostAuthnExtensions]::AddGitHubOAuthAuthentication( |
| | | 65 | | $Server, |
| | | 66 | | $AuthenticationScheme, |
| | | 67 | | $DisplayName, |
| | | 68 | | $DocId, |
| | | 69 | | $Description, |
| | | 70 | | $ClientId, |
| | | 71 | | $ClientSecret, |
| | | 72 | | $CallbackPath |
| | 0 | 73 | | ) | Out-Null |
| | | 74 | | |
| | 0 | 75 | | if ($PassThru) { return $Server } |
| | | 76 | | } |
| | | 77 | | } |