Support OAuth2 authentication

[MarcialRosales]

Fixes #956

Proposed Changes

Enable the following mechanisms via two attributes added to the ConnectionFactory:

• Obtain Basic Credentials (this means username+password or Oauth2 tokens) via the interface ICredentialsProvider
• In case of OAuth2 credentials, which they have a validity period, refresh the tokens before they expire.

This PR is accompanied by another PR on the rabbitmq-website to update the .Net Client guide.

Acceptance Tests

Via TestApplications/OAuth2, it is possible to test end-to-end the following flows:

• Initial token request and connection establishment with the token (using standard connection)
• refresh the token via the token request. This is tested with keycloak
• refresh the token by requesting a new one. This is tested with uaa
• Specify extra parameters to be included when requesting a token such as scope.

To do:

• Test using TLS with the authorization server

Types of Changes

What types of changes does your code introduce to this project?
Put an x in the boxes that apply

• Bug fix (non-breaking change which fixes issue #NNNN)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause an observable behavior change in existing systems)
• Documentation improvements (corrections, new content, etc)
• Cosmetic change (whitespace, formatting, etc)

This PR is accompanied by another docs' PR

[jonproch117]

Is this feature still planned to be released? The associated changes to the website here from this PR were published, which threw me off since the referenced classes/properties don't yet exist in the library.

Thanks!

[lukebakken]

@jonproch117 - I'm working on reviewing this PR now. I should be able to get it released by the end of August. Sorry about the confusion!

[lukebakken]

Thanks for all of your excellent work, @MarcialRosales

I am going to move IOAuth2Client and related classes to their own project (and thus dll that is published to NuGet). The reason being that only a fraction of the users of the .NET client will need the OAuth2 code, and most will not want to have the extra dependencies on System.Net.Http.Json and System.Text.Json.

I'll start work on that tomorrow!

[MarcialRosales]

Excellent @lukebakken ! Good call on splitting that dependency. We just need to make it clear in the documentation to include this extra DLL when using OAuth2 authentication/authorization. Shall I create that doc's PR or will you do it?

[lukebakken]

We just need to make it clear in the documentation to include this extra DLL when using OAuth2 authentication/authorization. Shall I create that doc's PR or will you do it?

Go right ahead. I think it should be pretty clear to end-users but best to make it as obvious as possible.

[lukebakken]

@MarcialRosales before merging, would you please review my changes? If you would run through your test scenarios in your env one more time I would appreciate it as well. Thanks!

[lukebakken]

@jonproch117 - if you'd like to test this out, please see the following beta releases:

• https://www.nuget.org/packages/RabbitMQ.Client.OAuth2/1.0.0-beta.0
• https://www.nuget.org/packages/RabbitMQ.Client/6.6.0-beta.0

I'm working on documentation at this time. You can see an example of how to use the new library via our test code here:

https://github.com/rabbitmq/rabbitmq-dotnet-client/tree/6.x/projects/TestApplications/OAuth2

[jonproch117]

@lukebakken This is working for me. Thanks!

[lukebakken]

@jonproch117 thank you! I will release version 6.6.0 today.