MaxNagibator · MaxNagibator · Aug 25, 2025 · Aug 25, 2025
diff --git a/backend/Money.Api/Controllers/ExternalAuthController.cs b/backend/Money.Api/Controllers/ExternalAuthController.cs
@@ -16,8 +16,30 @@ namespace Money.Api.Controllers;
 public class ExternalAuthController(
     SignInManager<ApplicationUser> signInManager,
     UserManager<ApplicationUser> userManager,
-    AccountsService accountsService) : ControllerBase
+    AccountsService accountsService,
+    IConfiguration configuration) : ControllerBase
 {
+    [HttpGet("login/auth")]
+    public IActionResult LoginWithAuth([FromQuery] string? returnUrl = null)
+    {
+        var properties = new AuthenticationProperties { RedirectUri = Url.Content("~/connect/callback") };
+        properties.SetString(OpenIddictClientAspNetCoreConstants.Properties.ProviderName, "Auth");
+
+        var issuer = configuration["AUTH_AUTHORITY"];
+
+        if (string.IsNullOrWhiteSpace(issuer) == false)
+        {
+            properties.SetString(OpenIddictClientAspNetCoreConstants.Properties.Issuer, issuer);
+        }
+
+        if (string.IsNullOrWhiteSpace(returnUrl) == false)
+        {
+            properties.Items["returnUrl"] = returnUrl;
+        }
+
+        return Challenge(properties, OpenIddictClientAspNetCoreDefaults.AuthenticationScheme);
+    }
+
     [HttpGet("login/github")]
     public IActionResult LoginWithGitHub([FromQuery] string? returnUrl = null)
     {

diff --git a/backend/Money.Api/Definitions/OpenIddictDefinition.cs b/backend/Money.Api/Definitions/OpenIddictDefinition.cs
@@ -51,7 +51,14 @@ public override void ConfigureServices(WebApplicationBuilder builder)
                     .DisableTransportSecurityRequirement();
             });
 
-        if (builder.Configuration["GITHUB_CLIENT_ID"] is not null && builder.Configuration["GITHUB_CLIENT_SECRET"] is not null)
+        var authAuthority = builder.Configuration["AUTH_AUTHORITY"];
+        var authClientId = builder.Configuration["AUTH_CLIENT_ID"];
+
+        var githubClientId = builder.Configuration["GITHUB_CLIENT_ID"];
+        var githubClientSecret = builder.Configuration["GITHUB_CLIENT_SECRET"];
+
+        if (authAuthority is not null && authClientId is not null
+            || githubClientId is not null && githubClientSecret is not null)
         {
             openIddictBuilder
                 .AddClient(options =>
@@ -64,14 +71,32 @@ public override void ConfigureServices(WebApplicationBuilder builder)
                     options.AddDevelopmentEncryptionCertificate()
                         .AddDevelopmentSigningCertificate();
 
-                    options.UseWebProviders()
-                        .AddGitHub(github =>
+                    if (authAuthority is not null && authClientId is not null)
+                    {
+                        options.AddRegistration(new()
                         {
-                            github.SetClientId(builder.Configuration["GITHUB_CLIENT_ID"] ?? string.Empty);
-                            github.SetClientSecret(builder.Configuration["GITHUB_CLIENT_SECRET"] ?? string.Empty);
-                            github.SetRedirectUri(new Uri("/connect/callback", UriKind.Relative));
-                            github.AddScopes("read:user", "user:email");
+                            Issuer = new(authAuthority, UriKind.Absolute),
+                            ProviderName = "Auth",
+                            ProviderDisplayName = "Auth",
+
+                            ClientId = authClientId,
+                            Scopes = { "email", "profile", "roles" },
+
+                            RedirectUri = new("/connect/callback", UriKind.Relative),
                         });
+                    }
+
+                    if (githubClientId is not null && githubClientSecret is not null)
+                    {
+                        options.UseWebProviders()
+                            .AddGitHub(github =>
+                            {
+                                github.SetClientId(githubClientId);
+                                github.SetClientSecret(githubClientSecret);
+                                github.SetRedirectUri(new Uri("/connect/callback", UriKind.Relative));
+                                github.AddScopes("read:user", "user:email");
+                            });
+                    }
                 });
         }
 

diff --git a/backend/Money.Api/appsettings.json b/backend/Money.Api/appsettings.json
@@ -26,5 +26,10 @@
         "Password": "***",
         "EnableSSL": "true",
         "SenderEmail": "bobgroup.money@mail.ru"
-    }
+    },
+    "AUTH_AUTHORITY": "https://localhost:7166/",
+    "AUTH_CLIENT_ID": "money-api",
+    "AUTH_CLIENT_SECRET": "Не нужен, потому что используется PKCE",
+    "GITHUB_CLIENT_ID": "REPLACE_ME",
+    "GITHUB_CLIENT_SECRET": "REPLACE_ME"
 }
diff --git a/frontend/Money.Web/Pages/Account/Login.razor b/frontend/Money.Web/Pages/Account/Login.razor
@@ -60,6 +60,13 @@
         <MudButton Color="Color.Primary"
                    Variant="Variant.Filled"
                    StartIcon="@Icons.Material.Filled.Login"
+                   OnClick="OnAuthLogin">
+            Войти через Auth
+        </MudButton>
+        <MudButton Class="mt-2"
+                   Color="Color.Secondary"
+                   Variant="Variant.Outlined"
+                   StartIcon="@Icons.Material.Filled.Login"
                    OnClick="OnGitHubLogin">
             Войти через GitHub
         </MudButton>

diff --git a/frontend/Money.Web/Pages/Account/Login.razor.cs b/frontend/Money.Web/Pages/Account/Login.razor.cs
@@ -38,6 +38,12 @@ protected override void OnParametersSet()
         Input = new();
     }
 
+    private void OnAuthLogin()
+    {
+        var url = AuthenticationService.GetExternalAuthUrl("auth", NavigationManager.BaseUri + "Account/Callback");
+        NavigationManager.NavigateTo(url, true);
+    }
+
     private void OnGitHubLogin()
     {
         var url = AuthenticationService.GetExternalAuthUrl("github", NavigationManager.BaseUri + "Account/Callback");

diff --git a/frontend/Money.Web/Pages/Home.razor.cs b/frontend/Money.Web/Pages/Home.razor.cs
@@ -4,6 +4,11 @@ public partial class Home
 {
     private readonly List<VersionHistoryEntry> _versionHistory =
     [
+        new("1.2.8", new(2025, 8, 20), [
+            new("Интегрированы внешние провайдеры аутентификации: Auth и GitHub.", ChangeType.Feature),
+            new("Добавлены кнопки входа для Auth и GitHub на странице входа.", ChangeType.UiUx),
+        ]),
+
         new("1.2.7", new(2025, 7, 21), [
             new("Добавлена возможность выбора долгов для прощения.", ChangeType.Feature),
             new("Реализованы действия \"выбрать все\" и \"очистить\" для долгов.", ChangeType.Feature),
@@ -206,7 +211,7 @@ private void ChangeHistoryVisible()
 
     private string GetCurrentVersion()
     {
-        return _versionHistory.FirstOrDefault()?.Version ?? "1.2.7";
+        return _versionHistory.FirstOrDefault()?.Version ?? "1.2.8";
     }
 
     private Color GetVersionColor(VersionHistoryEntry entry)