Login providers should not be visible if the service is not configured (

OrchardCMS#15305)

src/OrchardCore.Modules/OrchardCore.Facebook/Login/Configuration/FacebookLoginConfiguration.cs

@@ -43,6 +43,13 @@ public void Configure(AuthenticationOptions options)
                 return;
             }
 
+            if (string.IsNullOrWhiteSpace(_facebookSettings.AppId) || string.IsNullOrWhiteSpace(_facebookSettings.AppSecret))
+            {
+                _logger.LogWarning("The Facebook login provider is enabled but not configured.");
+
+                return;
+            }
+
             var loginSettings = GetFacebookLoginSettingsAsync().GetAwaiter().GetResult();
             if (loginSettings == null)
             {

src/OrchardCore.Modules/OrchardCore.GitHub/Configuration/GithubOptionsConfiguration.cs

@@ -32,6 +32,14 @@ public void Configure(AuthenticationOptions options)
                 return;
             }
 
+            if (string.IsNullOrWhiteSpace(_gitHubAuthenticationSettings.ClientID) ||
+                string.IsNullOrWhiteSpace(_gitHubAuthenticationSettings.ClientSecret))
+            {
+                _logger.LogWarning("The Github login provider is enabled but not configured.");
+
+                return;
+            }
+
             // Register the OpenID Connect client handler in the authentication handlers collection.
             options.AddScheme(GitHubDefaults.AuthenticationScheme, builder =>
             {

src/OrchardCore.Modules/OrchardCore.Google/Authentication/Configuration/GoogleOptionsConfiguration.cs

@@ -12,27 +12,35 @@ public class GoogleOptionsConfiguration :
         IConfigureOptions<AuthenticationOptions>,
         IConfigureNamedOptions<GoogleOptions>
     {
-        private readonly GoogleAuthenticationSettings _gitHubAuthenticationSettings;
+        private readonly GoogleAuthenticationSettings _googleAuthenticationSettings;
         private readonly IDataProtectionProvider _dataProtectionProvider;
         private readonly ILogger _logger;
 
         public GoogleOptionsConfiguration(
-            IOptions<GoogleAuthenticationSettings> gitHubAuthenticationSettings,
+            IOptions<GoogleAuthenticationSettings> googleAuthenticationSettings,
             IDataProtectionProvider dataProtectionProvider,
             ILogger<GoogleOptionsConfiguration> logger)
         {
-            _gitHubAuthenticationSettings = gitHubAuthenticationSettings.Value;
+            _googleAuthenticationSettings = googleAuthenticationSettings.Value;
             _dataProtectionProvider = dataProtectionProvider;
             _logger = logger;
         }
 
         public void Configure(AuthenticationOptions options)
         {
-            if (_gitHubAuthenticationSettings == null)
+            if (_googleAuthenticationSettings == null)
             {
                 return;
             }
 
+            if (string.IsNullOrWhiteSpace(_googleAuthenticationSettings.ClientID) ||
+                string.IsNullOrWhiteSpace(_googleAuthenticationSettings.ClientSecret))
+            {
+                _logger.LogWarning("The Google login provider is enabled but not configured.");
+
+                return;
+            }
+
             options.AddScheme(GoogleDefaults.AuthenticationScheme, builder =>
             {
                 builder.DisplayName = "Google";
@@ -47,27 +55,27 @@ public void Configure(string name, GoogleOptions options)
                 return;
             }
 
-            if (_gitHubAuthenticationSettings == null)
+            if (_googleAuthenticationSettings == null)
             {
                 return;
             }
 
-            options.ClientId = _gitHubAuthenticationSettings.ClientID;
+            options.ClientId = _googleAuthenticationSettings.ClientID;
             try
             {
-                options.ClientSecret = _dataProtectionProvider.CreateProtector(GoogleConstants.Features.GoogleAuthentication).Unprotect(_gitHubAuthenticationSettings.ClientSecret);
+                options.ClientSecret = _dataProtectionProvider.CreateProtector(GoogleConstants.Features.GoogleAuthentication).Unprotect(_googleAuthenticationSettings.ClientSecret);
             }
             catch
             {
                 _logger.LogError("The Consumer Secret could not be decrypted. It may have been encrypted using a different key.");
             }
 
-            if (_gitHubAuthenticationSettings.CallbackPath.HasValue)
+            if (_googleAuthenticationSettings.CallbackPath.HasValue)
             {
-                options.CallbackPath = _gitHubAuthenticationSettings.CallbackPath;
+                options.CallbackPath = _googleAuthenticationSettings.CallbackPath;
             }
 
-            options.SaveTokens = _gitHubAuthenticationSettings.SaveTokens;
+            options.SaveTokens = _googleAuthenticationSettings.SaveTokens;
         }
 
         public void Configure(GoogleOptions options) => Debug.Fail("This infrastructure method shouldn't be called.");

src/OrchardCore.Modules/OrchardCore.Microsoft.Authentication/Configuration/AzureADOptionsConfiguration.cs

@@ -1,6 +1,7 @@
 using System.Diagnostics;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;
+using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Microsoft.Identity.Web;
 using OrchardCore.Microsoft.Authentication.Settings;
@@ -17,10 +18,12 @@ public class AzureADOptionsConfiguration :
         public const string AzureAdOpenIdConnectScheme = MicrosoftIdentityDefaults.AzureAd + OpenIdConnectDefaults.AuthenticationScheme;
 
         private readonly AzureADSettings _azureADSettings;
+        private readonly ILogger _logger;
 
-        public AzureADOptionsConfiguration(IOptions<AzureADSettings> azureADSettings)
+        public AzureADOptionsConfiguration(IOptions<AzureADSettings> azureADSettings, ILogger<AzureADOptionsConfiguration> logger)
         {
             _azureADSettings = azureADSettings.Value;
+            _logger = logger;
         }
 
         public void Configure(AuthenticationOptions options)
@@ -31,6 +34,13 @@ public void Configure(AuthenticationOptions options)
                 return;
             }
 
+            if (string.IsNullOrWhiteSpace(settings.AppId) || string.IsNullOrWhiteSpace(settings.TenantId))
+            {
+                _logger.LogWarning("The AzureAD login provider is enabled but not configured.");
+
+                return;
+            }
+
             // Register the OpenID Connect client handler in the authentication handlers collection.
             options.AddScheme(Constants.AzureAd, builder =>
             {

src/OrchardCore.Modules/OrchardCore.Microsoft.Authentication/Configuration/MicrosoftAccountOptionsConfiguration.cs

@@ -33,6 +33,14 @@ public void Configure(AuthenticationOptions options)
                 return;
             }
 
+            if (string.IsNullOrWhiteSpace(_microsoftAccountSettings.AppId) ||
+                string.IsNullOrWhiteSpace(_microsoftAccountSettings.AppSecret))
+            {
+                _logger.LogWarning("The Microsoft login provider is enabled but not configured.");
+
+                return;
+            }
+
             // Register the OpenID Connect client handler in the authentication handlers collection.
             options.AddScheme(MicrosoftAccountDefaults.AuthenticationScheme, builder =>
             {

src/OrchardCore.Modules/OrchardCore.Twitter/Signin/Configuration/TwitterOptionsConfiguration.cs

@@ -59,6 +59,14 @@ public void Configure(AuthenticationOptions options)
                 return;
             }
 
+            if (string.IsNullOrWhiteSpace(settings.Item1.ConsumerKey) ||
+                string.IsNullOrWhiteSpace(settings.Item1.ConsumerSecret))
+            {
+                _logger.LogWarning("The Twitter login provider is enabled but not configured.");
+
+                return;
+            }
+
             options.AddScheme(TwitterDefaults.AuthenticationScheme, builder =>
             {
                 builder.DisplayName = "Twitter";