Add Weibo to the list of supported providers

gen/OpenIddict.Client.WebIntegration.Generators/OpenIddictClientWebIntegrationGenerator.cs

@@ -688,6 +688,17 @@ public sealed partial class {{ provider.name }}
                     .OfType<X509Certificate2>()
                     .SingleOrDefault() ?? throw new InvalidOperationException(SR.GetResourceString(SR.ID0066)));
         }
+        {{~ else if setting.clr_type == 'bool' ~}}
+        /// <summary>
+        /// Configures {{ setting.description }}.
+        /// </summary>
+        /// <param name=""{{ setting.parameter_name }}"">{{ setting.description | string.capitalize }}.</param>
+        /// <returns>The <see cref=""OpenIddictClientWebIntegrationBuilder.{{ provider.name }}""/> instance.</returns>
+        {{~ if setting.obsolete ~}}
+        [Obsolete(""This option is no longer supported and will be removed in a future version."")]
+        {{~ end ~}}
+        public {{ provider.name }} Set{{ setting.property_name }}(bool {{ setting.parameter_name }})
+            => Set(registration => registration.Get{{ provider.name }}Settings().{{ setting.property_name }} = {{ setting.parameter_name }});
         {{~ else ~}}
         /// <summary>
         /// Configures {{ setting.description }}.
@@ -772,6 +783,7 @@ public sealed partial class {{ provider.name }}
                                 char.ToLower(description[0], CultureInfo.GetCultureInfo("en-US")) + description[1..] : null,
                             ClrType = (string) setting.Attribute("Type") switch
                             {
+                                "Boolean" => "bool",
                                 "EncryptionKey" when (string) setting.Element("EncryptionAlgorithm").Attribute("Value")
                                     is "RS256" or "RS384" or "RS512" => "RsaSecurityKey",
 
@@ -906,6 +918,11 @@ public static partial void ConfigureProvider(OpenIddictClientRegistration regist
             {
                 settings.{{ setting.property_name }} = new Uri(""{{ setting.default_value }}"", UriKind.RelativeOrAbsolute);
             }
+            {{~ else if setting.type == 'Boolean' ~}}
+            if (settings.{{ setting.property_name }} is null)
+            {
+                settings.{{ setting.property_name }} = {{ setting.default_value }};
+            }
             {{~ end ~}}
             {{~ end ~}}
 
@@ -1354,6 +1371,7 @@ public sealed class {{ provider.name }}
                                 char.ToLower(description[0], CultureInfo.GetCultureInfo("en-US")) + description[1..] : null,
                             ClrType = (string) setting.Attribute("Type") switch
                             {
+                                "Boolean" => "bool",
                                 "EncryptionKey" when (string) setting.Element("EncryptionAlgorithm").Attribute("Value")
                                     is "RS256" or "RS384" or "RS512" => "RsaSecurityKey",
 

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Userinfo.cs

@@ -176,7 +176,8 @@ public ValueTask HandleAsync(PrepareUserinfoRequestContext context)
                 // or using a non-standard authentication scheme (e.g OAuth instead of Bearer).
 
                 // These providers require sending the access token as part of the request payload.
-                if (context.Registration.ProviderType is ProviderTypes.Deezer or ProviderTypes.Mixcloud or ProviderTypes.StackExchange)
+                if (context.Registration.ProviderType is
+                    ProviderTypes.Deezer or ProviderTypes.Mixcloud or ProviderTypes.StackExchange or ProviderTypes.Weibo)
                 {
                     context.Request.AccessToken = request.Headers.Authorization?.Parameter;
 

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.cs

@@ -1019,6 +1019,12 @@ public ValueTask HandleAsync(ProcessAuthenticationContext context)
                 context.UserinfoRequest["user.fields"] = string.Join(",", settings.UserFields);
             }
 
+            // Weibo requires sending the user identifier as part of the userinfo request.
+            else if (context.Registration.ProviderType is ProviderTypes.Weibo)
+            {
+                context.UserinfoRequest["uid"] = context.TokenResponse?["uid"];
+            }
+
             return default;
         }
     }
@@ -1297,7 +1303,8 @@ ProviderTypes.Harvest    or ProviderTypes.Kook     or ProviderTypes.Kroger
                 ProviderTypes.Lichess    or ProviderTypes.Mastodon or ProviderTypes.Meetup        or
                 ProviderTypes.Nextcloud  or ProviderTypes.Patreon  or ProviderTypes.Reddit        or
                 ProviderTypes.Smartsheet or ProviderTypes.Spotify  or ProviderTypes.SubscribeStar or
-                ProviderTypes.Todoist    or ProviderTypes.Twitter  or ProviderTypes.Zoom
+                ProviderTypes.Todoist    or ProviderTypes.Twitter  or ProviderTypes.Weibo         or
+                ProviderTypes.Zoom
                     => (string?) context.UserinfoResponse?["id"],
 
                 // Bitbucket returns the user identifier as a custom "uuid" node:
@@ -1522,8 +1529,8 @@ public ValueTask HandleAsync(ProcessChallengeContext context)
             {
                 // The following providers are known to use comma-separated scopes instead of
                 // the standard format (that requires using a space as the scope separator):
-                ProviderTypes.Deezer or ProviderTypes.Disqus or ProviderTypes.Shopify or
-                ProviderTypes.Strava or ProviderTypes.Todoist
+                ProviderTypes.Deezer or ProviderTypes.Disqus  or ProviderTypes.Shopify or
+                ProviderTypes.Strava or ProviderTypes.Todoist or ProviderTypes.Weibo
                     => string.Join(",", context.Scopes),
 
                 // The following providers are known to use plus-separated scopes instead of
@@ -1712,6 +1719,18 @@ public ValueTask HandleAsync(ProcessChallengeContext context)
                 context.Request["team"] = settings.Team;
             }
 
+            // Weibo allows sending an optional "display" parameter to adjust the authorization page
+            // display style; an optional "forcelogin" parameter to force the user to log in again;
+            // and an optional "language" parameter to set the language of the authorization page.
+            else if (context.Registration.ProviderType is ProviderTypes.Weibo)
+            {
+                var settings = context.Registration.GetWeiboSettings();
+
+                context.Request["display"] = settings.Display;
+                context.Request["forcelogin"] = settings.ForceLogin;
+                context.Request["language"] = settings.Language;
+            }
+
             return default;
         }
     }
@@ -1802,6 +1821,14 @@ public ValueTask HandleAsync(ProcessRevocationContext context)
                 context.RevocationRequest.ClientAssertionType = null;
             }
 
+            // Weibo implements a non-standard client authentication method for its endpoints that
+            // requires sending the token as "access_token" instead of the standard "token" parameter.
+            if (context.Registration.ProviderType is ProviderTypes.Weibo)
+            {
+                context.RevocationRequest.AccessToken = context.RevocationRequest.Token;
+                context.RevocationRequest.Token = null;
+            }
+
             return default;
         }
     }

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml

@@ -1938,6 +1938,33 @@
     <Environment Issuer="https://www.webex.com/" ConfigurationEndpoint="https://webexapis.com/v1/.well-known/openid-configuration" />
   </Provider>
 
+  <!--
+                                                ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                                ██ ███ ██ ▄▄▄█▄ ▄██ ▄▄▀██ ▄▄▄ ██
+                                                ██ █ █ ██ ▄▄▄██ ███ ▄▄▀██ ███ ██
+                                                ██▄▀▄▀▄██ ▀▀▀█▀ ▀██ ▀▀ ██ ▀▀▀ ██
+                                                ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
+  -->
+
+  <Provider Name="Weibo" Id="3523b2ce-c595-4f7b-9dda-9ce984fbf02d"
+            Documentation="https://open.weibo.com/wiki/%E6%8E%88%E6%9D%83%E6%9C%BA%E5%88%B6%E8%AF%B4%E6%98%8E">
+    <Environment Issuer="https://www.weibo.com/">
+      <Configuration AuthorizationEndpoint="https://api.weibo.com/oauth2/authorize"
+                     RevocationEndpoint="https://api.weibo.com/oauth2/revokeoauth2"
+                     TokenEndpoint="https://api.weibo.com/oauth2/access_token"
+                     UserinfoEndpoint="https://api.weibo.com/2/users/show.json" />
+    </Environment>
+
+    <Setting PropertyName="Display" ParameterName="display" Type="String" Required="false"
+             Description="The value used as the 'display' parameter (can be set to 'default', 'mobile', 'wap', 'client', or 'apponweibo' to adjust the authorization page display style)" />
+
+    <Setting PropertyName="ForceLogin" ParameterName="force" Type="Boolean" Required="false"
+             Description="The value used as the 'forcelogin' parameter (can be set to 'true' to force user to log in again)" />
+
+    <Setting PropertyName="Language" ParameterName="language" Type="String" Required="false"
+             Description="The value used as the 'language' parameter (can be set to 'en' to display the authorization page in English)" />
+  </Provider>
+
   <!--
                                       ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                       ██ ███ █▄ ▄██ █▀▄█▄ ▄██ ▄▀▄ ██ ▄▄▄██ ▄▄▀█▄ ▄█ ▄▄▀██

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xsd

@@ -502,6 +502,7 @@
 
                     <xs:simpleType>
                       <xs:restriction base="xs:string">
+                        <xs:enumeration value="Boolean" />
                         <xs:enumeration value="Certificate" />
                         <xs:enumeration value="EncryptionKey" />
                         <xs:enumeration value="SigningKey" />