diff --git a/Yi.Abp.Net8/Yi.Abp.sln b/Yi.Abp.Net8/Yi.Abp.sln index d7d36b3d..673840f8 100644 --- a/Yi.Abp.Net8/Yi.Abp.sln +++ b/Yi.Abp.Net8/Yi.Abp.sln @@ -72,6 +72,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "audit-logging", "audit-logg EndProject Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Yi.AuditLogging.SqlSugarCore", "module\audit-logging\Yi.AuditLogging.SqlSugarCore\Yi.AuditLogging.SqlSugarCore.csproj", "{48806510-8E18-4E1E-9BAF-5B97E88C5FC3}" EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Yi.Framework.AspNetCore.Authentication.OAuth", "framework\Yi.Framework.AspNetCore.Authentication.OAuth\Yi.Framework.AspNetCore.Authentication.OAuth.csproj", "{791AC2FA-50D3-4408-8D68-31DA72F608BE}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU @@ -174,6 +176,10 @@ Global {48806510-8E18-4E1E-9BAF-5B97E88C5FC3}.Debug|Any CPU.Build.0 = Debug|Any CPU {48806510-8E18-4E1E-9BAF-5B97E88C5FC3}.Release|Any CPU.ActiveCfg = Release|Any CPU {48806510-8E18-4E1E-9BAF-5B97E88C5FC3}.Release|Any CPU.Build.0 = Release|Any CPU + {791AC2FA-50D3-4408-8D68-31DA72F608BE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {791AC2FA-50D3-4408-8D68-31DA72F608BE}.Debug|Any CPU.Build.0 = Debug|Any CPU + {791AC2FA-50D3-4408-8D68-31DA72F608BE}.Release|Any CPU.ActiveCfg = Release|Any CPU + {791AC2FA-50D3-4408-8D68-31DA72F608BE}.Release|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE @@ -206,6 +212,7 @@ Global {6C86BA71-9F87-4E2C-B467-2950D77DCDFA} = {E902A945-4F41-4E96-A0DA-9F66CDA22261} {73CCF2C4-B9FD-44AB-8D4B-0A421805B094} = {2317227D-7796-4E7B-BEDB-7CD1CAE7B853} {48806510-8E18-4E1E-9BAF-5B97E88C5FC3} = {73CCF2C4-B9FD-44AB-8D4B-0A421805B094} + {791AC2FA-50D3-4408-8D68-31DA72F608BE} = {77B949E9-530E-45A5-9657-20F7D5C6875C} EndGlobalSection GlobalSection(ExtensibilityGlobals) = postSolution SolutionGuid = {23D6FBC9-C970-4641-BC1E-2AEA59F51C18} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationConstants.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationConstants.cs new file mode 100644 index 00000000..ba665ab5 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationConstants.cs @@ -0,0 +1,23 @@ +/* + * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) + * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers + * for more information concerning the license and the contributors participating to this project. + */ + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee; + +/// +/// Contains constants specific to the . +/// +public static class GiteeAuthenticationConstants +{ + public static class Claims + { + public const string Url = "urn:gitee:url"; + public const string AvatarUrl = "urn:gitee:avatarUrl"; + + public const string OpenId = "urn:openid"; + public const string AccessToken = "urn:access_token"; + public const string Name = "urn:name"; + } +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationDefaults.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationDefaults.cs new file mode 100644 index 00000000..d972d810 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationDefaults.cs @@ -0,0 +1,53 @@ +/* + * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) + * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers + * for more information concerning the license and the contributors participating to this project. + */ + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee; + +/// +/// Default values used by the Gitee authentication middleware. +/// +public static class GiteeAuthenticationDefaults +{ + /// + /// Default value for . + /// + public const string AuthenticationScheme = "Gitee"; + + /// + /// Default value for . + /// + public static readonly string DisplayName = "Gitee"; + + /// + /// Default value for . + /// + public static readonly string Issuer = "Gitee"; + + /// + /// Default value for . + /// + public static readonly string CallbackPath = "/signin-gitee"; + + /// + /// Default value for . + /// + public static readonly string AuthorizationEndpoint = "https://gitee.com/oauth/authorize"; + + /// + /// Default value for . + /// + public static readonly string TokenEndpoint = "https://gitee.com/oauth/token"; + + /// + /// Default value for . + /// + public static readonly string UserInformationEndpoint = "https://gitee.com/api/v5/user"; + + /// + /// Default value for . + /// + public static readonly string UserEmailsEndpoint = "https://gitee.com/api/v5/emails"; +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationExtensions.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationExtensions.cs new file mode 100644 index 00000000..a28f4882 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationExtensions.cs @@ -0,0 +1,75 @@ +/* + * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) + * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers + * for more information concerning the license and the contributors participating to this project. + */ + +using JetBrains.Annotations; +using Microsoft.AspNetCore.Authentication; + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee; + +/// +/// Extension methods to add Gitee authentication capabilities to an HTTP application pipeline. +/// +public static class GiteeAuthenticationExtensions +{ + /// + /// Adds to the specified + /// , which enables Gitee authentication capabilities. + /// + /// The authentication builder. + /// The . + public static AuthenticationBuilder AddGitee([NotNull] this AuthenticationBuilder builder) + { + return builder.AddGitee(GiteeAuthenticationDefaults.AuthenticationScheme, options => { }); + } + + /// + /// Adds to the specified + /// , which enables Gitee authentication capabilities. + /// + /// The authentication builder. + /// The delegate used to configure the OpenID 2.0 options. + /// The . + public static AuthenticationBuilder AddGitee( + [NotNull] this AuthenticationBuilder builder, + [NotNull] Action configuration) + { + return builder.AddGitee(GiteeAuthenticationDefaults.AuthenticationScheme, configuration); + } + + /// + /// Adds to the specified + /// , which enables Gitee authentication capabilities. + /// + /// The authentication builder. + /// The authentication scheme associated with this instance. + /// The delegate used to configure the Gitee options. + /// The . + public static AuthenticationBuilder AddGitee( + [NotNull] this AuthenticationBuilder builder, + [NotNull] string scheme, + [NotNull] Action configuration) + { + return builder.AddGitee(scheme, GiteeAuthenticationDefaults.DisplayName, configuration); + } + + /// + /// Adds to the specified + /// , which enables Gitee authentication capabilities. + /// + /// The authentication builder. + /// The authentication scheme associated with this instance. + /// The optional display name associated with this instance. + /// The delegate used to configure the Gitee options. + /// The . + public static AuthenticationBuilder AddGitee( + [NotNull] this AuthenticationBuilder builder, + [NotNull] string scheme, + [CanBeNull] string caption, + [NotNull] Action configuration) + { + return builder.AddScheme(scheme, caption, configuration); + } +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationHandler.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationHandler.cs new file mode 100644 index 00000000..f88e6d3e --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationHandler.cs @@ -0,0 +1,55 @@ +using System.Security.Claims; +using System.Text.Encodings.Web; +using Microsoft.Extensions.Logging; +using Microsoft.Extensions.Options; +using Yi.Framework.AspNetCore.Authentication.OAuth.QQ; +using static Yi.Framework.AspNetCore.Authentication.OAuth.Gitee.GiteeAuthenticationConstants; + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee +{ + public class GiteeAuthenticationHandler : OauthAuthenticationHandler + { + public GiteeAuthenticationHandler(IOptionsMonitor options, ILoggerFactory logger, UrlEncoder encoder, IHttpClientFactory httpClientFactory) : base(options, logger, encoder, httpClientFactory) + { + } + + public override string AuthenticationSchemeNmae => GiteeAuthenticationDefaults.AuthenticationScheme; + + protected override async Task> GetAuthTicketAsync(string code) + { + //获取 accessToken + var tokenQueryKv = new List>() + { + new KeyValuePair("grant_type","authorization_code"), + new KeyValuePair("client_id",Options.ClientId), + new KeyValuePair("client_secret",Options.ClientSecret), + new KeyValuePair("redirect_uri",Options.RedirectUri), + new KeyValuePair("code",code) + }; + var tokenModel = await SendHttpRequestAsync(GiteeAuthenticationDefaults.TokenEndpoint, tokenQueryKv,HttpMethod.Post); + + //获取 userInfo + var userInfoQueryKv = new List>() + { + new KeyValuePair("access_token",tokenModel.access_token), + }; + var userInfoMdoel = await SendHttpRequestAsync(GiteeAuthenticationDefaults.UserInformationEndpoint, userInfoQueryKv); + + List claims = new List() + { + new Claim(Claims.AvatarUrl, userInfoMdoel.avatar_url), + new Claim(Claims.Url, userInfoMdoel.url), + + new Claim(Claims.OpenId,userInfoMdoel.id.ToString()), + new Claim(Claims.Name, userInfoMdoel.name), + new Claim(Claims.AccessToken, tokenModel.access_token) + }; + return claims; + } + + protected override void VerifyErrResponse(string content) + { + GiteeAuthticationErrCodeModel.VerifyErrResponse(content); + } + } +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationOptions.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationOptions.cs new file mode 100644 index 00000000..0139fe38 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationOptions.cs @@ -0,0 +1,47 @@ +/* + * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) + * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers + * for more information concerning the license and the contributors participating to this project. + */ + +using System.Security.Claims; +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authentication.OAuth; +using static Yi.Framework.AspNetCore.Authentication.OAuth.Gitee.GiteeAuthenticationConstants; + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee; + +/// +/// Defines a set of options used by . +/// +public class GiteeAuthenticationOptions : OAuthOptions +{ + public GiteeAuthenticationOptions() + { + ClaimsIssuer = GiteeAuthenticationDefaults.Issuer; + + CallbackPath = GiteeAuthenticationDefaults.CallbackPath; + + AuthorizationEndpoint = GiteeAuthenticationDefaults.AuthorizationEndpoint; + TokenEndpoint = GiteeAuthenticationDefaults.TokenEndpoint; + UserInformationEndpoint = GiteeAuthenticationDefaults.UserInformationEndpoint; + UserEmailsEndpoint = GiteeAuthenticationDefaults.UserEmailsEndpoint; + + Scope.Add("user_info"); + Scope.Add("emails"); + + ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id"); + ClaimActions.MapJsonKey(ClaimTypes.Name, "login"); + ClaimActions.MapJsonKey(ClaimTypes.Email, "email"); + ClaimActions.MapJsonKey(Claims.Name, "name"); + ClaimActions.MapJsonKey(Claims.Url, "url"); + } + + /// + /// Gets or sets the address of the endpoint exposing + /// the email addresses associated with the logged in user. + /// + public string UserEmailsEndpoint { get; set; } + + public string RedirectUri { get; set; } +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationErrCodeModel.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationErrCodeModel.cs new file mode 100644 index 00000000..a1cba0f5 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationErrCodeModel.cs @@ -0,0 +1,30 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Text.Json; +using System.Threading.Tasks; + + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee +{ + public class GiteeAuthticationErrCodeModel + { + public string error { get; set; } + + public string error_description { get; set; } + + public static void VerifyErrResponse(string content) + { + + var model =Newtonsoft.Json.JsonConvert.DeserializeObject (content); + if (model.error != null) + { + + throw new Exception($"第三方授权返回错误,错误码:【{model.error}】,错误详情:【{model.error_description}】"); + } + } + + } + +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationcationHttpModel.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationcationHttpModel.cs new file mode 100644 index 00000000..15ffd178 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationcationHttpModel.cs @@ -0,0 +1,63 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee +{ + public class GiteeAuthticationcationTokenResponse + { + public string access_token { get; set; } + public string token_type { get; set; } + public int expires_in { get; set; } + public string refresh_token { get; set; } + public string scope { get; set; } + public long created_at { get; set; } + } + + + public class GiteeAuthticationcationOpenIdResponse + { + public string client_id { get; set; } + + public string openid { get; set; } + + } + + public class GiteeAuthticationcationUserInfoResponse + { + /// + /// 也可以等于openId + /// + public int id { get; set; } + public string login { get; set; } + public string name { get; set; } + public string avatar_url { get; set; } + public string url { get; set; } + public string html_url { get; set; } + public string remark { get; set; } + public string followers_url { get; set; } + public string following_url { get; set; } + public string gists_url { get; set; } + public string starred_url { get; set; } + public string subscriptions_url { get; set; } + public string organizations_url { get; set; } + public string repos_url { get; set; } + public string events_url { get; set; } + public string received_events_url { get; set; } + public string type { get; set; } + public string blog { get; set; } + public string weibo { get; set; } + public string bio { get; set; } + public int public_repos { get; set; } + public int public_gists { get; set; } + public int followers { get; set; } + public int following { get; set; } + public int stared { get; set; } + public int watched { get; set; } + public DateTime created_at { get; set; } + public DateTime updated_at { get; set; } + public string email { get; set; } + } +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/OAuthAuthenticationHandler.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/OAuthAuthenticationHandler.cs new file mode 100644 index 00000000..4fedae7c --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/OAuthAuthenticationHandler.cs @@ -0,0 +1,96 @@ +using System.Security.Claims; +using System.Text.Encodings.Web; +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.WebUtilities; +using Microsoft.Extensions.Logging; +using Microsoft.Extensions.Options; + +namespace Yi.Framework.AspNetCore.Authentication.OAuth +{ + public abstract class OauthAuthenticationHandler : AuthenticationHandler where TOptions : AuthenticationSchemeOptions, new() + { + public abstract string AuthenticationSchemeNmae { get; } + private AuthenticationScheme _scheme; + + public OauthAuthenticationHandler(IOptionsMonitor options, ILoggerFactory logger, UrlEncoder encoder, IHttpClientFactory httpClientFactory) : base(options, logger, encoder) + { + HttpClientFactory = httpClientFactory; + HttpClient = HttpClientFactory.CreateClient(); + } + + + protected IHttpClientFactory HttpClientFactory { get; } + + protected HttpClient HttpClient { get; } + + + + /// + /// 生成认证票据 + /// + /// + private AuthenticationTicket TicketConver(List claims) + { + var claimsIdentity = new ClaimsIdentity(claims.ToArray(), AuthenticationSchemeNmae); + var principal = new ClaimsPrincipal(claimsIdentity); + return new AuthenticationTicket(principal, AuthenticationSchemeNmae); + } + + protected async Task SendHttpRequestAsync(string url, IEnumerable> query, HttpMethod? httpMethod = null) + { + httpMethod = httpMethod ?? HttpMethod.Get; + + var queryUrl = QueryHelpers.AddQueryString(url, query); + HttpResponseMessage response = null; + if (httpMethod == HttpMethod.Get) + { + response = await HttpClient.GetAsync(queryUrl); + } + else if (httpMethod == HttpMethod.Post) + { + response = await HttpClient.PostAsync(queryUrl, null); + } + + var content = await response.Content.ReadAsStringAsync(); + if (!response.IsSuccessStatusCode) + { + throw new Exception($"授权服务器请求错误,请求地址:{queryUrl},错误信息:{content}"); + } + VerifyErrResponse(content); + var model = Newtonsoft.Json.JsonConvert.DeserializeObject(content); + return model!; + } + + protected virtual void VerifyErrResponse(string content) + { + return; + } + + protected abstract Task> GetAuthTicketAsync(string code); + + + protected override async Task HandleAuthenticateAsync() + { + if (!Context.Request.Query.ContainsKey("code")) + { + return AuthenticateResult.Fail("回调未包含code参数"); + } + var code = Context.Request.Query["code"].ToString(); + + List authTicket = null; + try + { + authTicket = await GetAuthTicketAsync(code); + } + catch (Exception ex) + { + return AuthenticateResult.Fail(ex.Message ?? "未知错误"); + } + //成功 + var result = AuthenticateResult.Success(TicketConver(authTicket)); + return result; + } + } +} + + diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationConstants.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationConstants.cs new file mode 100644 index 00000000..bac733fa --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationConstants.cs @@ -0,0 +1,27 @@ +/* + * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) + * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers + * for more information concerning the license and the contributors participating to this project. + */ + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ; + +/// +/// Contains constants specific to the . +/// +public static class QQAuthenticationConstants +{ + public static class Claims + { + public const string AvatarFullUrl = "urn:qq:avatar_full"; + public const string AvatarUrl = "urn:qq:avatar"; + public const string PictureFullUrl = "urn:qq:picture_full"; + public const string PictureMediumUrl = "urn:qq:picture_medium"; + public const string PictureUrl = "urn:qq:picture"; + public const string UnionId = "urn:qq:unionid"; + + public const string OpenId = "urn:openid"; + public const string AccessToken = "urn:access_token"; + public const string Name = "urn:name"; + } +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationDefaults.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationDefaults.cs new file mode 100644 index 00000000..61106b07 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationDefaults.cs @@ -0,0 +1,53 @@ +/* + * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) + * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers + * for more information concerning the license and the contributors participating to this project. + */ + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ; + +/// +/// Default values for QQ authentication. +/// +public static class QQAuthenticationDefaults +{ + /// + /// Default value for . + /// + public const string AuthenticationScheme = "QQ"; + + /// + /// Default value for . + /// + public static readonly string DisplayName = "QQ"; + + /// + /// Default value for . + /// + public static readonly string Issuer = "QQ"; + + /// + /// Default value for . + /// + public static readonly string CallbackPath = "/signin-qq"; + + /// + /// Default value for . + /// + public static readonly string AuthorizationEndpoint = "https://graph.qq.com/oauth2.0/authorize"; + + /// + /// Default value for . + /// + public static readonly string TokenEndpoint = "https://graph.qq.com/oauth2.0/token"; + + /// + /// Default value for . + /// + public static readonly string UserIdentificationEndpoint = "https://graph.qq.com/oauth2.0/me"; + + /// + /// Default value for . + /// + public static readonly string UserInformationEndpoint = "https://graph.qq.com/user/get_user_info"; +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationExtensions.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationExtensions.cs new file mode 100644 index 00000000..4ffac491 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationExtensions.cs @@ -0,0 +1,77 @@ +/* + * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) + * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers + * for more information concerning the license and the contributors participating to this project. + */ + +using JetBrains.Annotations; +using Microsoft.AspNetCore.Authentication; +using Microsoft.Extensions.DependencyInjection; + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ; + +/// +/// Extension methods to add QQ authentication capabilities to an HTTP application pipeline. +/// +public static class QQAuthenticationExtensions +{ + /// + /// Adds to the specified + /// , which enables QQ authentication capabilities. + /// + /// The authentication builder. + /// The . + public static AuthenticationBuilder AddQQ([NotNull] this AuthenticationBuilder builder) + { + return builder.AddQQ(QQAuthenticationDefaults.AuthenticationScheme, options => { }); + } + + /// + /// Adds to the specified + /// , which enables QQ authentication capabilities. + /// + /// The authentication builder. + /// The delegate used to configure the OpenID 2.0 options. + /// The . + public static AuthenticationBuilder AddQQ( + [NotNull] this AuthenticationBuilder builder, + [NotNull] Action configuration) + { + return builder.AddQQ(QQAuthenticationDefaults.AuthenticationScheme, configuration); + } + + /// + /// Adds to the specified + /// , which enables QQ authentication capabilities. + /// + /// The authentication builder. + /// The authentication scheme associated with this instance. + /// The delegate used to configure the QQ options. + /// The . + public static AuthenticationBuilder AddQQ( + [NotNull] this AuthenticationBuilder builder, + [NotNull] string scheme, + [NotNull] Action configuration) + { + return builder.AddQQ(scheme, QQAuthenticationDefaults.DisplayName, configuration); + } + + /// + /// Adds to the specified + /// , which enables QQ authentication capabilities. + /// + /// The authentication builder. + /// The authentication scheme associated with this instance. + /// The optional display name associated with this instance. + /// The delegate used to configure the QQ options. + /// The . + public static AuthenticationBuilder AddQQ( + [NotNull] this AuthenticationBuilder builder, + [NotNull] string scheme, + [CanBeNull] string caption, + [NotNull] Action configuration) + { + return builder.AddScheme(scheme, caption, configuration); + + } +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationHandler.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationHandler.cs new file mode 100644 index 00000000..3f342496 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationHandler.cs @@ -0,0 +1,70 @@ +using System.Security.Claims; +using System.Text.Encodings.Web; +using Microsoft.Extensions.Logging; +using Microsoft.Extensions.Options; +using static Yi.Framework.AspNetCore.Authentication.OAuth.QQ.QQAuthenticationConstants; + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ +{ + public class QQAuthenticationHandler : OauthAuthenticationHandler + { + public QQAuthenticationHandler(IOptionsMonitor options, ILoggerFactory logger, UrlEncoder encoder, IHttpClientFactory httpClientFactory) : base(options, logger, encoder, httpClientFactory) + { + } + + public override string AuthenticationSchemeNmae => QQAuthenticationDefaults.AuthenticationScheme; + + protected override void VerifyErrResponse(string content) + { + QQAuthticationErrCodeModel.VerifyErrResponse(content); + } + + protected override async Task> GetAuthTicketAsync(string code) + { + + //获取 accessToken + var tokenQueryKv = new List>() + { + new KeyValuePair("grant_type","authorization_code"), + new KeyValuePair("client_id",Options.ClientId), + new KeyValuePair("client_secret",Options.ClientSecret), + new KeyValuePair("redirect_uri",Options.RedirectUri), + new KeyValuePair("fmt","json"), + new KeyValuePair("need_openid","1"), + new KeyValuePair("code",code), + new KeyValuePair("state","true"), + }; + var tokenModel = await SendHttpRequestAsync(QQAuthenticationDefaults.TokenEndpoint, tokenQueryKv); + + + + //获取 userInfo + var userInfoQueryKv = new List>() + { + new KeyValuePair("access_token",tokenModel.access_token), + new KeyValuePair("oauth_consumer_key",Options.ClientId), + new KeyValuePair("openid",tokenModel.openid), + }; + + var userInfoMdoel = await SendHttpRequestAsync(QQAuthenticationDefaults.UserInformationEndpoint, userInfoQueryKv); + + + List claims = new List() + { + + new Claim(Claims.AvatarFullUrl, userInfoMdoel.figureurl_qq_2), + new Claim(Claims.AvatarUrl, userInfoMdoel.figureurl_qq_1), + new Claim(Claims.PictureFullUrl, userInfoMdoel.figureurl_2), + new Claim(Claims.PictureMediumUrl, userInfoMdoel.figureurl_qq_1), + new Claim(Claims.PictureUrl, userInfoMdoel.figureurl), + + new Claim(Claims.OpenId, tokenModel.openid), + new Claim(Claims.Name, userInfoMdoel.nickname), + new Claim(Claims.AccessToken, tokenModel.access_token), + + }; + return claims; + + } + } +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationOptions.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationOptions.cs new file mode 100644 index 00000000..c82c44d2 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationOptions.cs @@ -0,0 +1,51 @@ +/* + * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) + * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers + * for more information concerning the license and the contributors participating to this project. + */ + +using System.Security.Claims; +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authentication.OAuth; +using static Yi.Framework.AspNetCore.Authentication.OAuth.QQ.QQAuthenticationConstants; + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ; + +/// +/// Defines a set of options used by . +/// +public class QQAuthenticationOptions : OAuthOptions +{ + public QQAuthenticationOptions() + { + ClaimsIssuer = QQAuthenticationDefaults.Issuer; + CallbackPath = QQAuthenticationDefaults.CallbackPath; + + AuthorizationEndpoint = QQAuthenticationDefaults.AuthorizationEndpoint; + TokenEndpoint = QQAuthenticationDefaults.TokenEndpoint; + UserIdentificationEndpoint = QQAuthenticationDefaults.UserIdentificationEndpoint; + UserInformationEndpoint = QQAuthenticationDefaults.UserInformationEndpoint; + + Scope.Add("get_user_info"); + + ClaimActions.MapJsonKey(ClaimTypes.Name, "nickname"); + ClaimActions.MapJsonKey(ClaimTypes.Gender, "gender"); + ClaimActions.MapJsonKey(Claims.PictureUrl, "figureurl"); + ClaimActions.MapJsonKey(Claims.PictureMediumUrl, "figureurl_1"); + ClaimActions.MapJsonKey(Claims.PictureFullUrl, "figureurl_2"); + ClaimActions.MapJsonKey(Claims.AvatarUrl, "figureurl_qq_1"); + ClaimActions.MapJsonKey(Claims.AvatarFullUrl, "figureurl_qq_2"); + } + + /// + /// Gets or sets if the union Id (the primary key of an owner for different apps of the QQ platform) should be put into the user claims. + /// + public bool ApplyForUnionId { get; set; } + + /// + /// Gets or sets the URL of the user identification endpoint (a.k.a. the "OpenID endpoint"). + /// + public string UserIdentificationEndpoint { get; set; } + + public string RedirectUri { get; set; } +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthticationErrCodeModel.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthticationErrCodeModel.cs new file mode 100644 index 00000000..b84824bf --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthticationErrCodeModel.cs @@ -0,0 +1,30 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Text.Json; +using System.Threading.Tasks; + + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ +{ + public class QQAuthticationErrCodeModel + { + public string error { get; set; } + + public string error_description { get; set; } + + public static void VerifyErrResponse(string content) + { + + var model =Newtonsoft.Json.JsonConvert.DeserializeObject (content); + if (model.error != null) + { + + throw new Exception($"第三方授权返回错误,错误码:【{model.error}】,错误详情:【{model.error_description}】"); + } + } + + } + +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthticationcationHttpModel.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthticationcationHttpModel.cs new file mode 100644 index 00000000..f9639f31 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthticationcationHttpModel.cs @@ -0,0 +1,89 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; + +namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ +{ + public class QQAuthticationcationTokenResponse + { + public string access_token { get; set; } + + public string expires_in { get; set; } + + public string refresh_token { get; set; } + + public string openid { get; set; } + } + + + public class QQAuthticationcationOpenIdResponse + { + public string client_id { get; set; } + + public string openid { get; set; } + + } + + public class QQAuthticationcationUserInfoResponse + { + // 返回码 + public int ret { get; set; } + + // 如果ret<0,会有相应的错误信息提示 + // 返回数据全部用UTF-8编码 + public string msg { get; set; } + + // 判断是否有数据丢失 + // 0或者不返回:没有数据丢失,可以缓存 + // 1:有部分数据丢失或错误,不要缓存 + public int is_lost { get; set; } + + // 用户在QQ空间的昵称 + public string nickname { get; set; } + + // 大小为30x30像素的QQ空间头像URL + public string figureurl { get; set; } + + // 大小为50x50像素的QQ空间头像URL + public string figureurl_1 { get; set; } + + // 大小为100x100像素的QQ空间头像URL + public string figureurl_2 { get; set; } + + // 大小为40x40像素的QQ头像URL + public string figureurl_qq_1 { get; set; } + + // 大小为100x100像素的QQ头像URL + // 需要注意,不是所有的用户都拥有QQ的100x100的头像,但40x40像素则是一定会有 + public string figureurl_qq_2 { get; set; } + + // 性别。如果获取不到则默认返回"男" + public string gender { get; set; } + + // 性别类型。默认返回2 + public int gender_type { get; set; } + + // 省 + public string province { get; set; } + + // 市 + public string city { get; set; } + + // 年 + public int year { get; set; } + + // 星座 + public string constellation { get; set; } + + // 标识用户是否为黄钻用户 + public int is_yellow_vip { get; set; } + + // 黄钻等级 + public int yellow_vip_level { get; set; } + + // 是否为年费黄钻用户 + public int is_yellow_year_vip { get; set; } + } +} diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Yi.Framework.AspNetCore.Authentication.OAuth.csproj b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Yi.Framework.AspNetCore.Authentication.OAuth.csproj new file mode 100644 index 00000000..d3f7f9b9 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Yi.Framework.AspNetCore.Authentication.OAuth.csproj @@ -0,0 +1,12 @@ + + + + net8.0 + enable + enable + + + + + + diff --git a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/YiFrameworkAspNetCoreAuthenticationOAuthModule.cs b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/YiFrameworkAspNetCoreAuthenticationOAuthModule.cs new file mode 100644 index 00000000..f5783555 --- /dev/null +++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/YiFrameworkAspNetCoreAuthenticationOAuthModule.cs @@ -0,0 +1,20 @@ +using Microsoft.Extensions.DependencyInjection; +using Volo.Abp.Modularity; +using Yi.Framework.Core; + + +namespace Yi.Framework.AspNetCore.Authentication.OAuth +{ + /// + /// 本模块轮子来自 AspNet.Security.OAuth.QQ; + /// + [DependsOn(typeof(YiFrameworkAspNetCoreModule))] + public class YiFrameworkAspNetCoreAuthenticationOAuthModule:AbpModule + { + public override void ConfigureServices(ServiceConfigurationContext context) + { + var service = context.Services; + service.AddHttpClient(); + } + } +} diff --git a/Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application/Services/Authentication/QQAuthService.cs b/Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application/Services/Authentication/QQAuthService.cs deleted file mode 100644 index 29695fdc..00000000 --- a/Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application/Services/Authentication/QQAuthService.cs +++ /dev/null @@ -1,33 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using System.Threading.Tasks; -using Microsoft.AspNetCore.Authentication; -using Microsoft.AspNetCore.Http; -using Microsoft.AspNetCore.Mvc; -using Microsoft.Extensions.Logging; -using Quartz.Logging; -using Volo.Abp; -using Volo.Abp.DependencyInjection; - -namespace Yi.Framework.Bbs.Application.Services.Authentication -{ - public class QQAuthService : IRemoteService, ITransientDependency - { - private HttpContext HttpContext { get; set; } - private ILogger _logger; - public QQAuthService(IHttpContextAccessor httpContextAccessor, ILogger logger) - { - _logger = logger; - HttpContext = httpContextAccessor.HttpContext ?? throw new ApplicationException("未注册Http"); - } - [HttpGet("/auth/qq")] - public async Task AuthQQAsync() - { - var data = await HttpContext.AuthenticateAsync("QQ"); - _logger.LogError($"QQ回调信息:{Newtonsoft.Json.JsonConvert.SerializeObject(data)}"); - _logger.LogError($"QQ回调身份:{Newtonsoft.Json.JsonConvert.SerializeObject(data.Principal)}"); - } - } -} diff --git a/Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.SqlSugarCore/DataSeeds/BbsDictionaryDataSeed.cs b/Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.SqlSugarCore/DataSeeds/BbsDictionaryDataSeed.cs index a3d59a8b..3c7c6dbf 100644 --- a/Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.SqlSugarCore/DataSeeds/BbsDictionaryDataSeed.cs +++ b/Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.SqlSugarCore/DataSeeds/BbsDictionaryDataSeed.cs @@ -15,8 +15,8 @@ namespace Yi.Framework.Bbs.SqlSugarCore.DataSeeds public class BbsDictionaryDataSeed : IDataSeedContributor, ITransientDependency { private ISqlSugarRepository _repository; - private ISqlSugarRepository _typeRepository; - public BbsDictionaryDataSeed(ISqlSugarRepository repository, ISqlSugarRepository typeRepository) { + private ISqlSugarRepository _typeRepository; + public BbsDictionaryDataSeed(ISqlSugarRepository repository, ISqlSugarRepository typeRepository) { _repository=repository; _typeRepository=typeRepository; @@ -194,10 +194,10 @@ namespace Yi.Framework.Bbs.SqlSugarCore.DataSeeds return entities; } - public List GetSeedDictionaryTypeData() + public List GetSeedDictionaryTypeData() { - List entities = new List(); - DictionaryTypeEntity dict1 = new DictionaryTypeEntity() + List entities = new List(); + DictionaryTypeAggregateRoot dict1 = new DictionaryTypeAggregateRoot() { DictName = "BBS类型标签", diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application.Contracts/Dtos/Account/AuthGetListInput.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application.Contracts/Dtos/Account/AuthGetListInput.cs new file mode 100644 index 00000000..8149a728 --- /dev/null +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application.Contracts/Dtos/Account/AuthGetListInput.cs @@ -0,0 +1,13 @@ +using Yi.Framework.Ddd.Application.Contracts; + +namespace Yi.Framework.Rbac.Application.Contracts.Dtos.Account +{ + public class AuthGetListInput:PagedAllResultRequestDto + { + public Guid? UserId { get; set; } + + public string? OpenId { get; set; } + + public string? AuthType { get; set; } + } +} diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application.Contracts/Dtos/Account/AuthOutputDto.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application.Contracts/Dtos/Account/AuthOutputDto.cs new file mode 100644 index 00000000..f111b547 --- /dev/null +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application.Contracts/Dtos/Account/AuthOutputDto.cs @@ -0,0 +1,17 @@ +using Volo.Abp.Application.Dtos; + +namespace Yi.Framework.Rbac.Application.Contracts.Dtos.Account +{ + public class AuthOutputDto:EntityDto + { + public Guid UserId { get; set; } + + public string OpenId { get; set; } + + public string Name { get; set; } + + public string AuthType { get; set; } + + public DateTime CreationTime { get; set; } + } +} diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/EventHandlers/StudentEventHandler.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/EventHandlers/StudentEventHandler.cs index 4ded4f5d..776eea4a 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/EventHandlers/StudentEventHandler.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/EventHandlers/StudentEventHandler.cs @@ -3,7 +3,7 @@ using Volo.Abp.Domain.Entities.Events; using Volo.Abp.EventBus; using Yi.Framework.Rbac.Domain.Entities; -namespace Yi.Framework.Rbac.Domain.EventHandlers +namespace Yi.Framework.Rbac.Application.EventHandlers { public class StudentEventHandler : ILocalEventHandler>, ITransientDependency { diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/AccountService.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/AccountService.cs index f6c9462c..cb90fb1f 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/AccountService.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/AccountService.cs @@ -1,15 +1,10 @@ -using System.IdentityModel.Tokens.Jwt; -using System.Security.Claims; -using System.Text; -using System.Text.RegularExpressions; +using System.Text.RegularExpressions; using Lazy.Captcha.Core; -using Mapster; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Caching.Distributed; using Microsoft.Extensions.Options; -using Microsoft.IdentityModel.Tokens; using SqlSugar; using Volo.Abp; using Volo.Abp.Application.Services; @@ -27,7 +22,6 @@ using Yi.Framework.Rbac.Domain.Repositories; using Yi.Framework.Rbac.Domain.Shared.Caches; using Yi.Framework.Rbac.Domain.Shared.Consts; using Yi.Framework.Rbac.Domain.Shared.Dtos; -using Yi.Framework.Rbac.Domain.Shared.Etos; using Yi.Framework.Rbac.Domain.Shared.Options; using Yi.Framework.SqlSugarCore.Abstractions; @@ -36,8 +30,6 @@ namespace Yi.Framework.Rbac.Application.Services public class AccountService : ApplicationService, IAccountService { - private readonly ILocalEventBus _localEventBus; - private readonly JwtOptions _jwtOptions; private IDistributedCache _phoneCache; private readonly ICaptcha _captcha; private readonly IGuidGenerator _guidGenerator; @@ -45,45 +37,30 @@ namespace Yi.Framework.Rbac.Application.Services private readonly IAliyunManger _aliyunManger; public AccountService(IUserRepository userRepository, ICurrentUser currentUser, - AccountManager accountManager, + IAccountManager accountManager, ISqlSugarRepository menuRepository, - IHttpContextAccessor httpContextAccessor, - ILocalEventBus localEventBus, - IOptions jwtOptions, IDistributedCache phoneCache, ICaptcha captcha, IGuidGenerator guidGenerator, IOptions options, - IAliyunManger aliyunManger, - ISqlSugarRepository roleRepository, - UserManager userManager) + IAliyunManger aliyunManger) { _userRepository = userRepository; _currentUser = currentUser; _accountManager = accountManager; _menuRepository = menuRepository; - _httpContextAccessor = httpContextAccessor; - _localEventBus = localEventBus; - _jwtOptions = jwtOptions.Value; _phoneCache = phoneCache; _captcha = captcha; _guidGenerator = guidGenerator; _rbacOptions = options.Value; _aliyunManger = aliyunManger; - _roleRepository = roleRepository; - _userManager = userManager; } private IUserRepository _userRepository; private ICurrentUser _currentUser; - private AccountManager _accountManager; + private IAccountManager _accountManager; private ISqlSugarRepository _menuRepository; - private IUserService _userService; - private UserManager _userManager; - private ISqlSugarRepository _roleRepository; - private IHttpContextAccessor _httpContextAccessor; - /// /// 效验图片登录验证码,无需和账号绑定 /// @@ -117,59 +94,16 @@ namespace Yi.Framework.Rbac.Application.Services ValidationImageCaptcha(input); UserEntity user = new(); - //登录成功 + //效验 await _accountManager.LoginValidationAsync(input.UserName, input.Password, x => user = x); - //获取用户信息 - var userInfo = await _userRepository.GetUserAllInfoAsync(user.Id); - - //判断用户状态 - if (userInfo.User.State == false) - { - throw new UserFriendlyException(UserConst.State_Is_State); - } - - if (userInfo.RoleCodes.Count == 0) - { - throw new UserFriendlyException(UserConst.No_Role); - } - //这里抛出一个登录的事件 - var loginEntity = new LoginLogEntity().GetInfoByHttpContext(_httpContextAccessor.HttpContext); - var loginEto = loginEntity.Adapt(); - loginEto.UserName = input.UserName; - loginEto.UserId = userInfo.User.Id; - await _localEventBus.PublishAsync(loginEto); - //将用户信息添加到缓存中,需要考虑的是更改了用户、角色、菜单等整个体系都需要将缓存进行刷新,看具体业务进行选择 + //获取token + var accessToken = await _accountManager.GetTokenByUserIdAsync(user.Id); - - //创建token - var accessToken = CreateToken(_accountManager.UserInfoToClaim(userInfo)); return new { Token = accessToken }; } - /// - /// 创建令牌 - /// - /// - /// - private string CreateToken(List> kvs) - { - var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SecurityKey)); - var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); - var claims = kvs.Select(x => new Claim(x.Key, x.Value.ToString())).ToList(); - var token = new JwtSecurityToken( - issuer: _jwtOptions.Issuer, - audience: _jwtOptions.Audience, - claims: claims, - expires: DateTime.Now.AddSeconds(_jwtOptions.ExpiresMinuteTime), - notBefore: DateTime.Now, - signingCredentials: creds); - string returnToken = new JwtSecurityTokenHandler().WriteToken(token); - - return returnToken; - } - /// /// 生成验证码 @@ -267,7 +201,7 @@ namespace Yi.Framework.Rbac.Application.Services /// [AllowAnonymous] [UnitOfWork] - public async Task PostRegisterAsync(RegisterDto input) + public async Task PostRegisterAsync(RegisterDto input) { if (_rbacOptions.EnableRegister == false) { @@ -295,27 +229,8 @@ namespace Yi.Framework.Rbac.Application.Services await ValidationPhoneCaptchaAsync(input); - - //输入的用户名与电话号码都不能在数据库中存在 - UserEntity user = new(); - var isExist = await _userRepository.IsAnyAsync(x => x.UserName == input.UserName || x.Phone == input.Phone); - if (isExist) - { - throw new UserFriendlyException("用户已存在,注册失败"); - } - - var newUser = new UserEntity(input.UserName, input.Password, input.Phone); - - var entity = await _userRepository.InsertReturnEntityAsync(newUser); - //赋上一个初始角色 - var role = await _roleRepository.GetFirstAsync(x => x.RoleCode == UserConst.DefaultRoleCode); - if (role is not null) - { - await _userManager.GiveUserSetRoleAsync(new List { entity.Id }, new List { role.Id }); - } - - await _localEventBus.PublishAsync(new UserCreateEventArgs(entity.Id)); - return true; + //注册领域逻辑 + await _accountManager.RegisterAsync(input.UserName, input.Password, input.Phone); } @@ -334,16 +249,14 @@ namespace Yi.Framework.Rbac.Application.Services { throw new UserFriendlyException("用户未登录"); } - //此处从缓存中获取即可 + //此处从缓存中获取也行 //var data = _cacheManager.Get($"Yi:UserInfo:{userId}"); - await Console.Out.WriteLineAsync(userId.ToString() + "99999999"); var data = await _userRepository.GetUserAllInfoAsync(userId ?? Guid.Empty); //系统用户数据被重置,老前端访问重新授权 if (data is null) { throw new AbpAuthorizationException(); } - data.Menus.Clear(); return data; } @@ -382,6 +295,7 @@ namespace Yi.Framework.Rbac.Application.Services /// public Task PostLogout() { + //Jwt去中心化登出,只需用记录日志即可 return Task.FromResult(true); } diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/Authentication/AuthService.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/Authentication/AuthService.cs new file mode 100644 index 00000000..b1a91b9f --- /dev/null +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/Authentication/AuthService.cs @@ -0,0 +1,143 @@ +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.Mvc; +using Microsoft.Extensions.Logging; +using SqlSugar; +using Volo.Abp; +using Volo.Abp.Application.Dtos; +using Volo.Abp.Domain.Repositories; +using Yi.Framework.Ddd.Application; +using Yi.Framework.Rbac.Application.Contracts.Dtos.Account; +using Yi.Framework.Rbac.Domain.Authorization; +using Yi.Framework.Rbac.Domain.Managers; +using Yi.Framework.SqlSugarCore.Abstractions; + +namespace Yi.Framework.Rbac.Application.Services.Authentication +{ + /// + /// 第三方授权服务 + /// + public class AuthService : YiCrudAppService + { + private HttpContext HttpContext { get; set; } + private ILogger _logger; + private ISqlSugarRepository _repository; + private IAccountManager _accountManager; + public AuthService(IAccountManager accountManager, IHttpContextAccessor httpContextAccessor, ILogger logger, ISqlSugarRepository repository) : base(repository) + { + _logger = logger; + HttpContext = httpContextAccessor.HttpContext ?? throw new ApplicationException("未注册Http"); + _repository = repository; + _accountManager = accountManager; + } + + /// + /// 第三方oauth登录 + /// + /// + /// code是为了swagger更好的处理和显示 + /// + /// + [HttpGet("auth/oauth/login/{scheme}")] + public async Task AuthOauthLoginAsync([FromRoute] string scheme, [FromQuery] string code) + { + (var openId, var _) = await GetOpenIdAndNameAsync(scheme); + var authEntity = await _repository.GetAsync(x => x.OpenId == openId && x.AuthType == scheme); + + if (authEntity is null) + { + throw new UserFriendlyException("第三方登录失败,请先注册后,在个人中心进行绑定该第三方后使用"); + } + var accessToken = await _accountManager.GetTokenByUserIdAsync(authEntity.UserId); + return accessToken; + } + + /// + /// 第三方oauth绑定 + /// + /// + /// code是为了swagger更好的处理和显示 + /// + /// + [HttpPost("auth/oauth/bind/{scheme}")] + [Authorize] + public async Task AuthOauthBindAsync([FromRoute] string scheme, [FromQuery] string code) + { + (var openId, var name) = await GetOpenIdAndNameAsync(scheme); + var userId = CurrentUser.Id; + var authEntityAny = await _repository.AnyAsync(x => x.OpenId == openId && x.AuthType == scheme); + if (authEntityAny) + { + throw new UserFriendlyException("绑定失败,该第三方账号已被注册"); + } + var authAggregateRoot = new AuthAggregateRoot(scheme, userId ?? Guid.Empty, openId, name); + + await _repository.InsertAsync(authAggregateRoot); + } + + + private async Task<(string, string)> GetOpenIdAndNameAsync(string scheme) + { + var authenticateResult = await HttpContext.AuthenticateAsync(scheme); + if (!authenticateResult.Succeeded) + { + throw new UserFriendlyException(authenticateResult.Failure.Message); + } + var openidClaim = authenticateResult.Principal.Claims.Where(x => x.Type == "urn:openid").FirstOrDefault(); + var nameClaim = authenticateResult.Principal.Claims.Where(x => x.Type == "urn:name").FirstOrDefault(); + return (openidClaim.Value, nameClaim.Value); + } + + + /// + /// 获取当前账户的授权信息 + /// + /// + /// + [Authorize] + public async Task> GetListAccountAsync(AuthGetListInput input) + { + input.UserId = CurrentUser.Id; + input.MaxResultCount = LimitedResultRequestDto.MaxMaxResultCount; + input.SkipCount = 1; + return (await GetListAsync(input)).Items; + } + + + public override async Task> GetListAsync(AuthGetListInput input) + { + RefAsync total = 0; + + var entities = await _repository._DbQueryable.WhereIF(input.UserId is not null, x => x.UserId == input.UserId) + .WhereIF(!string.IsNullOrEmpty(input.AuthType), x => x.AuthType == input.AuthType) + .WhereIF(!string.IsNullOrEmpty(input.OpenId), x => x.OpenId == input.OpenId) + .WhereIF(input.StartTime is not null && input.EndTime is not null, x => x.CreationTime >= input.StartTime && x.CreationTime <= input.EndTime) + .ToPageListAsync(input.SkipCount, input.MaxResultCount, total); + return new PagedResultDto(total, await MapToGetListOutputDtosAsync(entities)); + } + + [RemoteService(IsEnabled = false)] + public override Task UpdateAsync(Guid id, AuthOutputDto input) + { + throw new NotImplementedException(); + } + + /// + /// 删除第三方授权 + /// + /// + /// + [RemoteService(IsEnabled = true)] + public override Task DeleteAsync(IEnumerable id) + { + return base.DeleteAsync(id); + } + + [RemoteService(IsEnabled = false)] + public override Task CreateAsync(AuthOutputDto input) + { + throw new NotImplementedException(); + } + } +} diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/DictionaryTypeService.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/DictionaryTypeService.cs index 4ffe15e6..ce3ca28f 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/DictionaryTypeService.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/DictionaryTypeService.cs @@ -11,11 +11,11 @@ namespace Yi.Framework.Rbac.Application.Services /// /// DictionaryType服务实现 /// - public class DictionaryTypeService : YiCrudAppService, + public class DictionaryTypeService : YiCrudAppService, IDictionaryTypeService { - private ISqlSugarRepository _repository; - public DictionaryTypeService(ISqlSugarRepository repository) : base(repository) + private ISqlSugarRepository _repository; + public DictionaryTypeService(ISqlSugarRepository repository) : base(repository) { _repository = repository; } diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/OperationLogService.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/OperationLogService.cs index 9e949a95..c12af05d 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/OperationLogService.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/OperationLogService.cs @@ -4,7 +4,7 @@ using Volo.Abp.Application.Dtos; using Yi.Framework.Ddd.Application; using Yi.Framework.Rbac.Application.Contracts.Dtos.OperLog; using Yi.Framework.Rbac.Application.Contracts.IServices; -using Yi.Framework.Rbac.Domain.Entities; +using Yi.Framework.Rbac.Domain.Operlog; using Yi.Framework.SqlSugarCore.Abstractions; namespace Yi.Framework.Rbac.Application.Services diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/DeptService.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/DeptService.cs similarity index 97% rename from Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/DeptService.cs rename to Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/DeptService.cs index 5a1dca28..25401d96 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/DeptService.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/DeptService.cs @@ -8,7 +8,7 @@ using Yi.Framework.Rbac.Application.Contracts.IServices; using Yi.Framework.Rbac.Domain.Entities; using Yi.Framework.Rbac.Domain.Repositories; -namespace Yi.Framework.Rbac.Application.Services +namespace Yi.Framework.Rbac.Application.Services.System { /// /// Dept服务实现 diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/MenuService.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/MenuService.cs similarity index 93% rename from Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/MenuService.cs rename to Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/MenuService.cs index 709c2983..ee3f839e 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/MenuService.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/MenuService.cs @@ -7,7 +7,7 @@ using Yi.Framework.Rbac.Application.Contracts.IServices; using Yi.Framework.Rbac.Domain.Entities; using Yi.Framework.SqlSugarCore.Abstractions; -namespace Yi.Framework.Rbac.Application.Services +namespace Yi.Framework.Rbac.Application.Services.System { /// /// Menu服务实现 @@ -30,7 +30,7 @@ namespace Yi.Framework.Rbac.Application.Services .WhereIF(input.State is not null, x => x.State == input.State) .OrderByDescending(x => x.OrderNum) .ToListAsync(); - //.ToPageListAsync(input.SkipCount, input.MaxResultCount, total); + //.ToPageListAsync(input.SkipCount, input.MaxResultCount, total); return new PagedResultDto(total, await MapToGetListOutputDtosAsync(entities)); } diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/PostService.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/PostService.cs similarity index 96% rename from Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/PostService.cs rename to Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/PostService.cs index 8e9e00ce..50faead5 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/PostService.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/PostService.cs @@ -7,7 +7,7 @@ using Yi.Framework.Rbac.Application.Contracts.IServices; using Yi.Framework.Rbac.Domain.Entities; using Yi.Framework.SqlSugarCore.Abstractions; -namespace Yi.Framework.Rbac.Application.Services +namespace Yi.Framework.Rbac.Application.Services.System { /// /// Post服务实现 diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/RoleService.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/RoleService.cs similarity index 99% rename from Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/RoleService.cs rename to Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/RoleService.cs index da59fbd2..0f20ef50 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/RoleService.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/RoleService.cs @@ -14,7 +14,7 @@ using Yi.Framework.Rbac.Domain.Managers; using Yi.Framework.Rbac.Domain.Shared.Enums; using Yi.Framework.SqlSugarCore.Abstractions; -namespace Yi.Framework.Rbac.Application.Services +namespace Yi.Framework.Rbac.Application.Services.System { /// /// Role服务实现 diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/UserService.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/UserService.cs similarity index 99% rename from Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/UserService.cs rename to Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/UserService.cs index c89dc26b..e22f372f 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/UserService.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/UserService.cs @@ -16,7 +16,7 @@ using Yi.Framework.Rbac.Domain.Shared.Etos; using Yi.Framework.Rbac.Domain.Shared.OperLog; using Yi.Framework.SqlSugarCore.Abstractions; -namespace Yi.Framework.Rbac.Application.Services +namespace Yi.Framework.Rbac.Application.Services.System { /// /// User服务实现 diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Authorization/AuthAggregateRoot.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Authorization/AuthAggregateRoot.cs new file mode 100644 index 00000000..7372d175 --- /dev/null +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Authorization/AuthAggregateRoot.cs @@ -0,0 +1,47 @@ +using SqlSugar; +using Volo.Abp; +using Volo.Abp.Auditing; +using Volo.Abp.Data; +using Volo.Abp.Domain.Entities; + +namespace Yi.Framework.Rbac.Domain.Authorization +{ /// + /// 第三方授权表 + /// + [SugarTable("Auth")] + public class AuthAggregateRoot : AggregateRoot, ISoftDelete, IHasCreationTime + { + + public AuthAggregateRoot() { } + + public AuthAggregateRoot(string authType, Guid userId, string openId) + { + AuthType = authType; + OpenId = openId; + UserId = userId; + + } + public AuthAggregateRoot(string authType, Guid userId, string openId, string name) : this(authType, userId, openId) + { + Name = name; + } + + + [SugarColumn(ColumnName = "Id", IsPrimaryKey = true)] + public override Guid Id { get; protected set; } + public Guid UserId { get; set; } + + public string OpenId { get; set; } + + public string Name { get; set; } + + public string AuthType { get; set; } + + public bool IsDeleted { get; set; } + + [SugarColumn(IsIgnore = true)] + public override ExtraPropertyDictionary ExtraProperties { get; protected set; } + + public DateTime CreationTime { get; set; } + } +} diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Entities/DictionaryTypeEntity.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Entities/DictionaryTypeAggregateRoot.cs similarity index 84% rename from Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Entities/DictionaryTypeEntity.cs rename to Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Entities/DictionaryTypeAggregateRoot.cs index cacf3025..5e44cb48 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Entities/DictionaryTypeEntity.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Entities/DictionaryTypeAggregateRoot.cs @@ -1,13 +1,14 @@ using SqlSugar; using Volo.Abp; using Volo.Abp.Auditing; +using Volo.Abp.Data; using Volo.Abp.Domain.Entities; using Yi.Framework.Core.Data; namespace Yi.Framework.Rbac.Domain.Entities { [SugarTable("DictionaryType")] - public class DictionaryTypeEntity : Entity, IAuditedObject, ISoftDelete, IOrderNum + public class DictionaryTypeAggregateRoot : AggregateRoot, IAuditedObject, ISoftDelete, IOrderNum { /// /// 主键 @@ -55,5 +56,7 @@ namespace Yi.Framework.Rbac.Domain.Entities public Guid? LastModifierId { get; set; } public DateTime? LastModificationTime { get; set; } + [SugarColumn(IsIgnore = true)] + public override ExtraPropertyDictionary ExtraProperties { get; protected set; } } } diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/AccountManager.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/AccountManager.cs index c6c1f63b..ddc6f6f8 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/AccountManager.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/AccountManager.cs @@ -1,11 +1,25 @@ -using Volo.Abp; +using System.IdentityModel.Tokens.Jwt; +using System.Security.Claims; +using System.Text; +using Mapster; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.Identity; +using Microsoft.Extensions.Options; +using Microsoft.IdentityModel.Tokens; +using TencentCloud.Tdmq.V20200217.Models; +using Volo.Abp; using Volo.Abp.Domain.Entities; +using Volo.Abp.Domain.Repositories; using Volo.Abp.Domain.Services; +using Volo.Abp.EventBus.Local; using Volo.Abp.Security.Claims; using Yi.Framework.Core.Helper; using Yi.Framework.Rbac.Domain.Entities; +using Yi.Framework.Rbac.Domain.Repositories; using Yi.Framework.Rbac.Domain.Shared.Consts; using Yi.Framework.Rbac.Domain.Shared.Dtos; +using Yi.Framework.Rbac.Domain.Shared.Etos; +using Yi.Framework.Rbac.Domain.Shared.Options; using Yi.Framework.SqlSugarCore.Abstractions; namespace Yi.Framework.Rbac.Domain.Managers @@ -14,14 +28,88 @@ namespace Yi.Framework.Rbac.Domain.Managers /// /// 用户领域服务 /// - public class AccountManager : DomainService + public class AccountManager : DomainService, IAccountManager { - private readonly ISqlSugarRepository _repository; - public AccountManager(ISqlSugarRepository repository) + private readonly IUserRepository _repository; + private readonly ILocalEventBus _localEventBus; + private readonly JwtOptions _jwtOptions; + private IHttpContextAccessor _httpContextAccessor; + private UserManager _userManager; + private ISqlSugarRepository _roleRepository; + public AccountManager(IUserRepository repository + , IHttpContextAccessor httpContextAccessor + , IOptions jwtOptions + , ILocalEventBus localEventBus + , UserManager userManager + , ISqlSugarRepository roleRepository) { _repository = repository; + _httpContextAccessor= httpContextAccessor; + _jwtOptions = jwtOptions.Value; + _localEventBus=localEventBus; + _userManager=userManager; + _roleRepository=roleRepository; } + /// + /// 根据用户id获取token + /// + /// + /// + /// + public async Task GetTokenByUserIdAsync(Guid userId) + { + //获取用户信息 + var userInfo = await _repository.GetUserAllInfoAsync(userId); + + //判断用户状态 + if (userInfo.User.State == false) + { + throw new UserFriendlyException(UserConst.State_Is_State); + } + + if (userInfo.RoleCodes.Count == 0) + { + throw new UserFriendlyException(UserConst.No_Role); + } + //这里抛出一个登录的事件 + if (_httpContextAccessor.HttpContext is not null) + { + var loginEntity = new LoginLogEntity().GetInfoByHttpContext(_httpContextAccessor.HttpContext); + var loginEto = loginEntity.Adapt(); + loginEto.UserName = userInfo.User.UserName; + loginEto.UserId = userInfo.User.Id; + await _localEventBus.PublishAsync(loginEto); + } + //将用户信息添加到缓存中,需要考虑的是更改了用户、角色、菜单等整个体系都需要将缓存进行刷新,看具体业务进行选择 + + var accessToken = CreateToken(this.UserInfoToClaim(userInfo)); + return accessToken; + } + + /// + /// 创建令牌 + /// + /// + /// + private string CreateToken(List> kvs) + { + var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SecurityKey)); + var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); + var claims = kvs.Select(x => new Claim(x.Key, x.Value.ToString())).ToList(); + var token = new JwtSecurityToken( + issuer: _jwtOptions.Issuer, + audience: _jwtOptions.Audience, + claims: claims, + expires: DateTime.Now.AddSeconds(_jwtOptions.ExpiresMinuteTime), + notBefore: DateTime.Now, + signingCredentials: creds); + string returnToken = new JwtSecurityTokenHandler().WriteToken(token); + + return returnToken; + } + + /// /// 登录效验 /// @@ -145,6 +233,31 @@ namespace Yi.Framework.Rbac.Domain.Managers user.BuildPassword(); return await _repository.UpdateAsync(user); } + + + public async Task RegisterAsync(string userName,string password,long phone) + { + //输入的用户名与电话号码都不能在数据库中存在 + UserEntity user = new(); + var isExist = await _repository.IsAnyAsync(x => x.UserName == userName || x.Phone == phone); + if (isExist) + { + throw new UserFriendlyException("用户已存在,注册失败"); + } + + var newUser = new UserEntity(userName, password, phone); + + var entity = await _repository.InsertReturnEntityAsync(newUser); + //赋上一个初始角色 + var role = await _roleRepository.GetFirstAsync(x => x.RoleCode == UserConst.DefaultRoleCode); + if (role is not null) + { + await _userManager.GiveUserSetRoleAsync(new List { entity.Id }, new List { role.Id }); + } + + await _localEventBus.PublishAsync(new UserCreateEventArgs(entity.Id)); + + } } } diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/IAccountManager.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/IAccountManager.cs new file mode 100644 index 00000000..b7c1b7cf --- /dev/null +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/IAccountManager.cs @@ -0,0 +1,19 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Threading.Tasks; +using Volo.Abp.Domain.Services; +using Yi.Framework.Rbac.Domain.Entities; + +namespace Yi.Framework.Rbac.Domain.Managers +{ + public interface IAccountManager : IDomainService + { + Task GetTokenByUserIdAsync(Guid userId); + Task LoginValidationAsync(string userName, string password, Action userAction = null); + Task RegisterAsync(string userName, string password, long phone); + Task RestPasswordAsync(Guid userId, string password); + Task UpdatePasswordAsync(Guid userId, string newPassword, string oldPassword); + } +} diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/UserManager.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/UserManager.cs index d06af771..edbb875f 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/UserManager.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/UserManager.cs @@ -7,9 +7,9 @@ namespace Yi.Framework.Rbac.Domain.Managers { public class UserManager : DomainService { - private readonly ISqlSugarRepository _repository; - private readonly ISqlSugarRepository _repositoryUserRole; - private readonly ISqlSugarRepository _repositoryUserPost; + public readonly ISqlSugarRepository _repository; + public readonly ISqlSugarRepository _repositoryUserRole; + public readonly ISqlSugarRepository _repositoryUserPost; private readonly IGuidGenerator _guidGenerator; public UserManager(ISqlSugarRepository repository, ISqlSugarRepository repositoryUserRole, ISqlSugarRepository repositoryUserPost, IGuidGenerator guidGenerator) => diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Operlog/OperLogGlobalAttribute.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Operlog/OperLogGlobalAttribute.cs index c4e53a02..1bb5120a 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Operlog/OperLogGlobalAttribute.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Operlog/OperLogGlobalAttribute.cs @@ -8,7 +8,6 @@ using Volo.Abp.Domain.Repositories; using Volo.Abp.Users; using Yi.Framework.Core.Extensions; using Yi.Framework.Core.Helper; -using Yi.Framework.Rbac.Domain.Entities; using Yi.Framework.Rbac.Domain.Shared.OperLog; namespace Yi.Framework.Rbac.Domain.Operlog diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Entities/OperationLogEntity.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Operlog/OperationLogEntity.cs similarity index 97% rename from Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Entities/OperationLogEntity.cs rename to Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Operlog/OperationLogEntity.cs index 4cfec002..fae49aeb 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Entities/OperationLogEntity.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Operlog/OperationLogEntity.cs @@ -3,7 +3,7 @@ using Volo.Abp.Auditing; using Volo.Abp.Domain.Entities; using Yi.Framework.Rbac.Domain.Shared.OperLog; -namespace Yi.Framework.Rbac.Domain.Entities +namespace Yi.Framework.Rbac.Domain.Operlog { /// /// 操作日志表 diff --git a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.SqlSugarCore/DataSeeds/DictionaryTypeDataSeed.cs b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.SqlSugarCore/DataSeeds/DictionaryTypeDataSeed.cs index 4ca0ba83..833869e5 100644 --- a/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.SqlSugarCore/DataSeeds/DictionaryTypeDataSeed.cs +++ b/Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.SqlSugarCore/DataSeeds/DictionaryTypeDataSeed.cs @@ -8,8 +8,8 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds { public class DictionaryTypeDataSeed : IDataSeedContributor, ITransientDependency { - private ISqlSugarRepository _repository; - public DictionaryTypeDataSeed(ISqlSugarRepository repository) + private ISqlSugarRepository _repository; + public DictionaryTypeDataSeed(ISqlSugarRepository repository) { _repository = repository; } @@ -20,10 +20,10 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds await _repository.InsertManyAsync(GetSeedData()); } } - public List GetSeedData() + public List GetSeedData() { - List entities = new List(); - DictionaryTypeEntity dict1 = new DictionaryTypeEntity() + List entities = new List(); + DictionaryTypeAggregateRoot dict1 = new DictionaryTypeAggregateRoot() { DictName = "用户性别", @@ -35,7 +35,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds }; entities.Add(dict1); - DictionaryTypeEntity dict2 = new DictionaryTypeEntity() + DictionaryTypeAggregateRoot dict2 = new DictionaryTypeAggregateRoot() { DictName = "菜单状态", @@ -47,7 +47,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds }; entities.Add(dict2); - DictionaryTypeEntity dict3 = new DictionaryTypeEntity() + DictionaryTypeAggregateRoot dict3 = new DictionaryTypeAggregateRoot() { DictName = "系统开关", @@ -59,7 +59,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds }; entities.Add(dict3); - DictionaryTypeEntity dict4 = new DictionaryTypeEntity() + DictionaryTypeAggregateRoot dict4 = new DictionaryTypeAggregateRoot() { DictName = "任务状态", @@ -71,7 +71,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds }; entities.Add(dict4); - DictionaryTypeEntity dict5 = new DictionaryTypeEntity() + DictionaryTypeAggregateRoot dict5 = new DictionaryTypeAggregateRoot() { DictName = "任务分组", @@ -83,7 +83,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds }; entities.Add(dict5); - DictionaryTypeEntity dict6 = new DictionaryTypeEntity() + DictionaryTypeAggregateRoot dict6 = new DictionaryTypeAggregateRoot() { DictName = "系统是否", @@ -95,7 +95,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds }; entities.Add(dict6); - DictionaryTypeEntity dict7 = new DictionaryTypeEntity() + DictionaryTypeAggregateRoot dict7 = new DictionaryTypeAggregateRoot() { DictName = "通知类型", @@ -106,7 +106,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds State = true }; entities.Add(dict7); - DictionaryTypeEntity dict8 = new DictionaryTypeEntity() + DictionaryTypeAggregateRoot dict8 = new DictionaryTypeAggregateRoot() { DictName = "通知状态", @@ -118,7 +118,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds }; entities.Add(dict8); - DictionaryTypeEntity dict9 = new DictionaryTypeEntity() + DictionaryTypeAggregateRoot dict9 = new DictionaryTypeAggregateRoot() { DictName = "操作类型", @@ -131,7 +131,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds entities.Add(dict9); - DictionaryTypeEntity dict10 = new DictionaryTypeEntity() + DictionaryTypeAggregateRoot dict10 = new DictionaryTypeAggregateRoot() { DictName = "系统状态", diff --git a/Yi.Abp.Net8/src/Yi.Abp.Web/Yi.Abp.Web.csproj b/Yi.Abp.Net8/src/Yi.Abp.Web/Yi.Abp.Web.csproj index a166b72c..49c2d773 100644 --- a/Yi.Abp.Net8/src/Yi.Abp.Web/Yi.Abp.Web.csproj +++ b/Yi.Abp.Net8/src/Yi.Abp.Web/Yi.Abp.Web.csproj @@ -15,6 +15,7 @@ + diff --git a/Yi.Abp.Net8/src/Yi.Abp.Web/YiAbpWebModule.cs b/Yi.Abp.Net8/src/Yi.Abp.Web/YiAbpWebModule.cs index e26117d2..64138127 100644 --- a/Yi.Abp.Net8/src/Yi.Abp.Web/YiAbpWebModule.cs +++ b/Yi.Abp.Net8/src/Yi.Abp.Web/YiAbpWebModule.cs @@ -17,6 +17,9 @@ using Volo.Abp.Swashbuckle; using Yi.Abp.Application; using Yi.Abp.SqlsugarCore; using Yi.Framework.AspNetCore; +using Yi.Framework.AspNetCore.Authentication.OAuth; +using Yi.Framework.AspNetCore.Authentication.OAuth.Gitee; +using Yi.Framework.AspNetCore.Authentication.OAuth.QQ; using Yi.Framework.AspNetCore.Microsoft.AspNetCore.Builder; using Yi.Framework.AspNetCore.Microsoft.Extensions.DependencyInjection; using Yi.Framework.Bbs.Application; @@ -28,6 +31,7 @@ namespace Yi.Abp.Web [DependsOn( typeof(YiAbpSqlSugarCoreModule), typeof(YiAbpApplicationModule), + typeof(AbpAspNetCoreMvcModule), typeof(AbpAutofacModule), @@ -35,7 +39,8 @@ namespace Yi.Abp.Web typeof(AbpAspNetCoreSerilogModule), typeof(AbpAuditingModule), typeof(AbpAspNetCoreAuthenticationJwtBearerModule), - typeof(YiFrameworkAspNetCoreModule) + typeof(YiFrameworkAspNetCoreModule), + typeof(YiFrameworkAspNetCoreAuthenticationOAuthModule) )] public class YiAbpWebModule : AbpModule @@ -100,6 +105,7 @@ namespace Yi.Abp.Web }); }); + //jwt鉴权 var jwtOptions = configuration.GetSection(nameof(JwtOptions)).Get(); context.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) @@ -129,13 +135,22 @@ namespace Yi.Abp.Web return Task.CompletedTask; } }; - }); + }) + .AddQQ(options => + { + configuration.GetSection("OAuth:QQ").Bind(options); + }) + .AddGitee(options => + { + configuration.GetSection("OAuth:Gitee").Bind(options); + }); //授权 context.Services.AddAuthorization(); return Task.CompletedTask; } + public override Task OnApplicationInitializationAsync(ApplicationInitializationContext context) { var service = context.ServiceProvider; diff --git a/Yi.Abp.Net8/src/Yi.Abp.Web/appsettings.json b/Yi.Abp.Net8/src/Yi.Abp.Web/appsettings.json index cc9f5c7e..5ee98247 100644 --- a/Yi.Abp.Net8/src/Yi.Abp.Web/appsettings.json +++ b/Yi.Abp.Net8/src/Yi.Abp.Web/appsettings.json @@ -38,6 +38,22 @@ "ExpiresMinuteTime": 86400 }, + //第三方登录 + "OAuth": { + //QQ + "QQ": { + "ClientId": "", + "ClientSecret": "", + "RedirectUri": "" + }, + //码云 + "Gitee": { + "ClientId": "", + "ClientSecret": "", + "RedirectUri": "" + } + }, + //Rbac模块 "RbacOptions": { //超级管理员种子数据默认密码