diff --git a/docs/src/main/asciidoc/images/oidc-discord-1.png b/docs/src/main/asciidoc/images/oidc-discord-1.png new file mode 100644 index 0000000000000..19de312fed9bf Binary files /dev/null and b/docs/src/main/asciidoc/images/oidc-discord-1.png differ diff --git a/docs/src/main/asciidoc/images/oidc-discord-2.png b/docs/src/main/asciidoc/images/oidc-discord-2.png new file mode 100644 index 0000000000000..8a5da629eae57 Binary files /dev/null and b/docs/src/main/asciidoc/images/oidc-discord-2.png differ diff --git a/docs/src/main/asciidoc/security-openid-connect-providers.adoc b/docs/src/main/asciidoc/security-openid-connect-providers.adoc index 31b5a8b0d56d8..2c0d7860d3c40 100644 --- a/docs/src/main/asciidoc/security-openid-connect-providers.adoc +++ b/docs/src/main/asciidoc/security-openid-connect-providers.adoc @@ -481,6 +481,26 @@ quarkus.oidc.client-id= quarkus.oidc.credentials.client-secret.value= ---- +[[discord]] +=== Discord + +Create a https://discord.com/developers/applications[Discord application]: + +image::oidc-discord-1.png[role="thumb"] + +You now can get your client id and secret: + +image::oidc-discord-2.png[role="thumb"] + +You can now configure your `application.properties`: + +[source,properties] +---- +quarkus.oidc.provider=discord +quarkus.oidc.client-id= +quarkus.oidc.credentials.client-secret= +---- + [[provider-scope]] == Provider scopes diff --git a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/OidcTenantConfig.java b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/OidcTenantConfig.java index d40a81d4e67a4..48d25c15adfa4 100644 --- a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/OidcTenantConfig.java +++ b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/OidcTenantConfig.java @@ -1655,6 +1655,7 @@ public static enum ApplicationType { public static enum Provider { APPLE, + DISCORD, FACEBOOK, GITHUB, GOOGLE, diff --git a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/providers/KnownOidcProviders.java b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/providers/KnownOidcProviders.java index 667bf3a54467c..c8172f2b1cd91 100644 --- a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/providers/KnownOidcProviders.java +++ b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/providers/KnownOidcProviders.java @@ -13,6 +13,8 @@ public static OidcTenantConfig provider(OidcTenantConfig.Provider provider) { switch (provider) { case APPLE: return apple(); + case DISCORD: + return discord(); case FACEBOOK: return facebook(); case GITHUB: @@ -163,4 +165,18 @@ private static OidcTenantConfig twitch() { ret.getCredentials().getClientSecret().setMethod(Method.POST); return ret; } + + private static OidcTenantConfig discord() { + // Ref https://discord.com/developers/docs/topics/oauth2 + OidcTenantConfig ret = new OidcTenantConfig(); + ret.setAuthServerUrl("https://discord.com/api/oauth2"); + ret.setDiscoveryEnabled(false); + ret.setAuthorizationPath("authorize"); + ret.setTokenPath("token"); + ret.getAuthentication().setScopes(List.of("identify", "email")); + ret.getAuthentication().setIdTokenRequired(false); + ret.getToken().setVerifyAccessTokenWithUserInfo(true); + ret.setUserInfoPath("https://discord.com/api/users/@me"); + return ret; + } } diff --git a/extensions/oidc/runtime/src/test/java/io/quarkus/oidc/runtime/OidcUtilsTest.java b/extensions/oidc/runtime/src/test/java/io/quarkus/oidc/runtime/OidcUtilsTest.java index 664ee777dfdfb..c31e38c5197d6 100644 --- a/extensions/oidc/runtime/src/test/java/io/quarkus/oidc/runtime/OidcUtilsTest.java +++ b/extensions/oidc/runtime/src/test/java/io/quarkus/oidc/runtime/OidcUtilsTest.java @@ -484,6 +484,41 @@ public void testOverrideTwitchProperties() throws Exception { assertEquals(Method.BASIC, config.credentials.clientSecret.method.get()); } + @Test + public void testAcceptDiscordProperties() throws Exception { + OidcTenantConfig tenant = new OidcTenantConfig(); + tenant.setTenantId(OidcUtils.DEFAULT_TENANT_ID); + OidcTenantConfig config = OidcUtils.mergeTenantConfig(tenant, KnownOidcProviders.provider(Provider.DISCORD)); + + assertEquals(OidcUtils.DEFAULT_TENANT_ID, config.getTenantId().get()); + assertFalse(config.discoveryEnabled.get()); + assertEquals("https://discord.com/api/oauth2", config.getAuthServerUrl().get()); + assertEquals("authorize", config.getAuthorizationPath().get()); + assertEquals("token", config.getTokenPath().get()); + assertEquals("https://discord.com/api/users/@me", config.getUserInfoPath().get()); + assertEquals(List.of("identify", "email"), config.authentication.scopes.get()); + assertFalse(config.getAuthentication().idTokenRequired.get()); + } + + @Test + public void testOverrideDiscordProperties() throws Exception { + OidcTenantConfig tenant = new OidcTenantConfig(); + tenant.setTenantId(OidcUtils.DEFAULT_TENANT_ID); + + tenant.setApplicationType(ApplicationType.HYBRID); + tenant.setAuthServerUrl("http://localhost/wiremock"); + tenant.credentials.clientSecret.setMethod(Method.BASIC); + tenant.authentication.setForceRedirectHttpsScheme(false); + + OidcTenantConfig config = OidcUtils.mergeTenantConfig(tenant, KnownOidcProviders.provider(Provider.DISCORD)); + + assertEquals(OidcUtils.DEFAULT_TENANT_ID, config.getTenantId().get()); + assertEquals(ApplicationType.HYBRID, config.getApplicationType().get()); + assertEquals("http://localhost/wiremock", config.getAuthServerUrl().get()); + assertFalse(config.getAuthentication().isForceRedirectHttpsScheme().get()); + assertEquals(Method.BASIC, config.credentials.clientSecret.method.get()); + } + @Test public void testCorrectTokenType() throws Exception { OidcTenantConfig.Token tokenClaims = new OidcTenantConfig.Token();