aspnet-contrib / AspNet.Security.OAuth.Providers

OAuth 2.0 social authentication providers for ASP.NET Core
Apache License 2.0
2.4k stars 542 forks source link

QuickBooks. Doesn't contain Sandbox settings. #909

Open denis-goncharenko opened 5 months ago

denis-goncharenko commented 5 months ago

Describe the bug

In the current implementation of the authentication providers, the QuickBooks provider is missing the sandbox settings. This is causing issues when trying to authenticate with QuickBooks in a development or testing environment.

Expected behavior

The QuickBooks provider should have a condition to check if the application is in development mode and if so, switch to the sandbox endpoint for user information.

Actual behavior

The QuickBooks provider always uses the production endpoint for user information, regardless of the application environment.

ehalsey commented 4 months ago

This isn't exactly what was requested but I was able to use the QuickBooks provider in sandbox by overriding the UserInformationEndpoint property. I have it hardcoded in this example but you could read it from appsettings.json and override it in appsettings.development.json

        .AddQuickBooks(options =>
        {
            options.ClientId = configuration["QuickBooks:ClientId"] ?? string.Empty;
            options.ClientSecret = configuration["QuickBooks:ClientSecret"] ?? string.Empty;
            options.UserInformationEndpoint = "https://sandbox-accounts.platform.intuit.com/v1/openid_connect/userinfo";
        });
denis-goncharenko commented 4 months ago

Thank you for getting back. It's good for me to update the UserInformationEndpoint property for a sandbox. However, in other providers that have sandbox/production or similar setups, we can simply set the environment instead of providing the specific endpoints.

ehalsey commented 4 months ago

@denis-goncharenko I will take a look at making the enhancement. Which provider would you suggest I use as a model for this type of behavior?