feat: 新增Oauth鉴权模块，支持qq登录、gitee登录

Yi.Abp.Net8/Yi.Abp.sln

@@ -72,6 +72,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "audit-logging", "audit-logg
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Yi.AuditLogging.SqlSugarCore", "module\audit-logging\Yi.AuditLogging.SqlSugarCore\Yi.AuditLogging.SqlSugarCore.csproj", "{48806510-8E18-4E1E-9BAF-5B97E88C5FC3}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Yi.Framework.AspNetCore.Authentication.OAuth", "framework\Yi.Framework.AspNetCore.Authentication.OAuth\Yi.Framework.AspNetCore.Authentication.OAuth.csproj", "{791AC2FA-50D3-4408-8D68-31DA72F608BE}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -174,6 +176,10 @@ Global
 		{48806510-8E18-4E1E-9BAF-5B97E88C5FC3}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{48806510-8E18-4E1E-9BAF-5B97E88C5FC3}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{48806510-8E18-4E1E-9BAF-5B97E88C5FC3}.Release|Any CPU.Build.0 = Release|Any CPU
+		{791AC2FA-50D3-4408-8D68-31DA72F608BE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{791AC2FA-50D3-4408-8D68-31DA72F608BE}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{791AC2FA-50D3-4408-8D68-31DA72F608BE}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{791AC2FA-50D3-4408-8D68-31DA72F608BE}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -206,6 +212,7 @@ Global
 		{6C86BA71-9F87-4E2C-B467-2950D77DCDFA} = {E902A945-4F41-4E96-A0DA-9F66CDA22261}
 		{73CCF2C4-B9FD-44AB-8D4B-0A421805B094} = {2317227D-7796-4E7B-BEDB-7CD1CAE7B853}
 		{48806510-8E18-4E1E-9BAF-5B97E88C5FC3} = {73CCF2C4-B9FD-44AB-8D4B-0A421805B094}
+		{791AC2FA-50D3-4408-8D68-31DA72F608BE} = {77B949E9-530E-45A5-9657-20F7D5C6875C}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {23D6FBC9-C970-4641-BC1E-2AEA59F51C18}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationConstants.cs

@@ -0,0 +1,23 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
+
+/// <summary>
+/// Contains constants specific to the <see cref="GiteeAuthenticationHandler"/>.
+/// </summary>
+public static class GiteeAuthenticationConstants
+{
+    public static class Claims
+    {
+        public const string Url = "urn:gitee:url";
+        public const string AvatarUrl = "urn:gitee:avatarUrl";
+
+        public const string OpenId = "urn:openid";
+        public const string AccessToken = "urn:access_token";
+        public const string Name = "urn:name";
+    }
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationDefaults.cs

@@ -0,0 +1,53 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
+
+/// <summary>
+/// Default values used by the Gitee authentication middleware.
+/// </summary>
+public static class GiteeAuthenticationDefaults
+{
+    /// <summary>
+    /// Default value for <see cref="AuthenticationScheme.Name"/>.
+    /// </summary>
+    public const string AuthenticationScheme = "Gitee";
+
+    /// <summary>
+    /// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
+    /// </summary>
+    public static readonly string DisplayName = "Gitee";
+
+    /// <summary>
+    /// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
+    /// </summary>
+    public static readonly string Issuer = "Gitee";
+
+    /// <summary>
+    /// Default value for <see cref="RemoteAuthenticationOptions.CallbackPath"/>.
+    /// </summary>
+    public static readonly string CallbackPath = "/signin-gitee";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.AuthorizationEndpoint"/>.
+    /// </summary>
+    public static readonly string AuthorizationEndpoint = "https://gitee.com/oauth/authorize";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.TokenEndpoint"/>.
+    /// </summary>
+    public static readonly string TokenEndpoint = "https://gitee.com/oauth/token";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.UserInformationEndpoint"/>.
+    /// </summary>
+    public static readonly string UserInformationEndpoint = "https://gitee.com/api/v5/user";
+
+    /// <summary>
+    /// Default value for <see cref="GiteeAuthenticationOptions.UserEmailsEndpoint"/>.
+    /// </summary>
+    public static readonly string UserEmailsEndpoint = "https://gitee.com/api/v5/emails";
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationExtensions.cs

@@ -0,0 +1,75 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
+
+/// <summary>
+/// Extension methods to add Gitee authentication capabilities to an HTTP application pipeline.
+/// </summary>
+public static class GiteeAuthenticationExtensions
+{
+    /// <summary>
+    /// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddGitee([NotNull] this AuthenticationBuilder builder)
+    {
+        return builder.AddGitee(GiteeAuthenticationDefaults.AuthenticationScheme, options => { });
+    }
+
+    /// <summary>
+    /// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="configuration">The delegate used to configure the OpenID 2.0 options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddGitee(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] Action<GiteeAuthenticationOptions> configuration)
+    {
+        return builder.AddGitee(GiteeAuthenticationDefaults.AuthenticationScheme, configuration);
+    }
+
+    /// <summary>
+    /// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="scheme">The authentication scheme associated with this instance.</param>
+    /// <param name="configuration">The delegate used to configure the Gitee options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddGitee(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] string scheme,
+        [NotNull] Action<GiteeAuthenticationOptions> configuration)
+    {
+        return builder.AddGitee(scheme, GiteeAuthenticationDefaults.DisplayName, configuration);
+    }
+
+    /// <summary>
+    /// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="scheme">The authentication scheme associated with this instance.</param>
+    /// <param name="caption">The optional display name associated with this instance.</param>
+    /// <param name="configuration">The delegate used to configure the Gitee options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddGitee(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] string scheme,
+        [CanBeNull] string caption,
+        [NotNull] Action<GiteeAuthenticationOptions> configuration)
+    {
+        return builder.AddScheme<GiteeAuthenticationOptions, GiteeAuthenticationHandler>(scheme, caption, configuration);
+    }
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationHandler.cs

@@ -0,0 +1,55 @@
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
+using static Yi.Framework.AspNetCore.Authentication.OAuth.Gitee.GiteeAuthenticationConstants;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee
+{
+    public class GiteeAuthenticationHandler : OauthAuthenticationHandler<GiteeAuthenticationOptions>
+    {
+        public GiteeAuthenticationHandler(IOptionsMonitor<GiteeAuthenticationOptions> options, ILoggerFactory logger, UrlEncoder encoder, IHttpClientFactory httpClientFactory) : base(options, logger, encoder, httpClientFactory)
+        {
+        }
+
+        public override string AuthenticationSchemeNmae => GiteeAuthenticationDefaults.AuthenticationScheme;
+
+        protected override async Task<List<Claim>> GetAuthTicketAsync(string code)
+        {
+            //获取 accessToken
+            var tokenQueryKv = new List<KeyValuePair<string, string?>>()
+            {
+                new KeyValuePair<string, string?>("grant_type","authorization_code"),
+                new KeyValuePair<string, string?>("client_id",Options.ClientId),
+                new KeyValuePair<string, string?>("client_secret",Options.ClientSecret),
+                new KeyValuePair<string, string?>("redirect_uri",Options.RedirectUri),
+                new KeyValuePair<string, string?>("code",code)
+            };
+            var tokenModel = await SendHttpRequestAsync<GiteeAuthticationcationTokenResponse>(GiteeAuthenticationDefaults.TokenEndpoint, tokenQueryKv,HttpMethod.Post);
+
+            //获取 userInfo
+            var userInfoQueryKv = new List<KeyValuePair<string, string?>>()
+            {
+                new KeyValuePair<string, string?>("access_token",tokenModel.access_token),
+            };
+            var userInfoMdoel = await SendHttpRequestAsync<GiteeAuthticationcationUserInfoResponse>(GiteeAuthenticationDefaults.UserInformationEndpoint, userInfoQueryKv);
+
+            List<Claim> claims = new List<Claim>()
+            {
+                new Claim(Claims.AvatarUrl, userInfoMdoel.avatar_url),
+                new Claim(Claims.Url, userInfoMdoel.url),
+
+                new Claim(Claims.OpenId,userInfoMdoel.id.ToString()),
+                new Claim(Claims.Name, userInfoMdoel.name),
+                new Claim(Claims.AccessToken, tokenModel.access_token)
+            };
+            return claims;
+        }
+
+        protected override void VerifyErrResponse(string content)
+        {
+            GiteeAuthticationErrCodeModel.VerifyErrResponse(content);
+        }
+    }
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationOptions.cs

@@ -0,0 +1,47 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Security.Claims;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
+using static Yi.Framework.AspNetCore.Authentication.OAuth.Gitee.GiteeAuthenticationConstants;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
+
+/// <summary>
+/// Defines a set of options used by <see cref="GiteeAuthenticationHandler"/>.
+/// </summary>
+public class GiteeAuthenticationOptions : OAuthOptions
+{
+    public GiteeAuthenticationOptions()
+    {
+        ClaimsIssuer = GiteeAuthenticationDefaults.Issuer;
+
+        CallbackPath = GiteeAuthenticationDefaults.CallbackPath;
+
+        AuthorizationEndpoint = GiteeAuthenticationDefaults.AuthorizationEndpoint;
+        TokenEndpoint = GiteeAuthenticationDefaults.TokenEndpoint;
+        UserInformationEndpoint = GiteeAuthenticationDefaults.UserInformationEndpoint;
+        UserEmailsEndpoint = GiteeAuthenticationDefaults.UserEmailsEndpoint;
+
+        Scope.Add("user_info");
+        Scope.Add("emails");
+
+        ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
+        ClaimActions.MapJsonKey(ClaimTypes.Name, "login");
+        ClaimActions.MapJsonKey(ClaimTypes.Email, "email");
+        ClaimActions.MapJsonKey(Claims.Name, "name");
+        ClaimActions.MapJsonKey(Claims.Url, "url");
+    }
+
+    /// <summary>
+    /// Gets or sets the address of the endpoint exposing
+    /// the email addresses associated with the logged in user.
+    /// </summary>
+    public string UserEmailsEndpoint { get; set; }
+
+    public string RedirectUri { get; set; }
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationErrCodeModel.cs

@@ -0,0 +1,30 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Text.Json;
+using System.Threading.Tasks;
+
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee
+{
+    public class GiteeAuthticationErrCodeModel
+    {
+        public string error { get; set; }
+
+        public string error_description { get; set; }
+
+        public static void VerifyErrResponse(string content)
+        {
+
+                var model =Newtonsoft.Json.JsonConvert.DeserializeObject <GiteeAuthticationErrCodeModel>(content);
+                if (model.error != null)
+                {
+
+                    throw new Exception($"第三方授权返回错误，错误码：【{model.error}】，错误详情：【{model.error_description}】");
+                }
+        }
+
+    }
+
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationcationHttpModel.cs

@@ -0,0 +1,63 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee
+{
+    public class GiteeAuthticationcationTokenResponse
+    {
+        public string access_token { get; set; }
+        public string token_type { get; set; }
+        public int expires_in { get; set; }
+        public string refresh_token { get; set; }
+        public string scope { get; set; }
+        public long created_at { get; set; }
+    }
+
+
+    public class GiteeAuthticationcationOpenIdResponse
+    {
+        public string client_id { get; set; }
+
+        public string openid { get; set; }
+
+    }
+
+    public class GiteeAuthticationcationUserInfoResponse
+    {
+        /// <summary>
+        /// 也可以等于openId
+        /// </summary>
+        public int id { get; set; }
+        public string login { get; set; }
+        public string name { get; set; }
+        public string avatar_url { get; set; }
+        public string url { get; set; }
+        public string html_url { get; set; }
+        public string remark { get; set; }
+        public string followers_url { get; set; }
+        public string following_url { get; set; }
+        public string gists_url { get; set; }
+        public string starred_url { get; set; }
+        public string subscriptions_url { get; set; }
+        public string organizations_url { get; set; }
+        public string repos_url { get; set; }
+        public string events_url { get; set; }
+        public string received_events_url { get; set; }
+        public string type { get; set; }
+        public string blog { get; set; }
+        public string weibo { get; set; }
+        public string bio { get; set; }
+        public int public_repos { get; set; }
+        public int public_gists { get; set; }
+        public int followers { get; set; }
+        public int following { get; set; }
+        public int stared { get; set; }
+        public int watched { get; set; }
+        public DateTime created_at { get; set; }
+        public DateTime updated_at { get; set; }
+        public string email { get; set; }
+    }
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/OAuthAuthenticationHandler.cs

@@ -0,0 +1,96 @@
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.WebUtilities;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth
+{
+    public abstract class OauthAuthenticationHandler<TOptions> : AuthenticationHandler<TOptions> where TOptions : AuthenticationSchemeOptions, new()
+    {
+        public abstract string AuthenticationSchemeNmae { get; }
+        private AuthenticationScheme _scheme;
+
+        public OauthAuthenticationHandler(IOptionsMonitor<TOptions> options, ILoggerFactory logger, UrlEncoder encoder, IHttpClientFactory httpClientFactory) : base(options, logger, encoder)
+        {
+            HttpClientFactory = httpClientFactory;
+            HttpClient = HttpClientFactory.CreateClient();
+        }
+
+
+        protected IHttpClientFactory HttpClientFactory { get; }
+
+        protected HttpClient HttpClient { get; }
+
+
+
+        /// <summary>
+        /// 生成认证票据
+        /// </summary>
+        /// <returns></returns>
+        private AuthenticationTicket TicketConver(List<Claim> claims)
+        {
+            var claimsIdentity = new ClaimsIdentity(claims.ToArray(), AuthenticationSchemeNmae);
+            var principal = new ClaimsPrincipal(claimsIdentity);
+            return new AuthenticationTicket(principal, AuthenticationSchemeNmae);
+        }
+
+        protected async Task<HttpModel> SendHttpRequestAsync<HttpModel>(string url, IEnumerable<KeyValuePair<string, string?>> query, HttpMethod? httpMethod = null)
+        {
+            httpMethod = httpMethod ?? HttpMethod.Get;
+
+            var queryUrl = QueryHelpers.AddQueryString(url, query);
+            HttpResponseMessage response = null;
+            if (httpMethod == HttpMethod.Get)
+            {
+                response = await HttpClient.GetAsync(queryUrl);
+            }
+            else if (httpMethod == HttpMethod.Post)
+            {
+                response = await HttpClient.PostAsync(queryUrl, null);
+            }
+
+            var content = await response.Content.ReadAsStringAsync();
+            if (!response.IsSuccessStatusCode)
+            {
+                throw new Exception($"授权服务器请求错误,请求地址:{queryUrl},错误信息：{content}");
+            }
+            VerifyErrResponse(content);
+            var model = Newtonsoft.Json.JsonConvert.DeserializeObject<HttpModel>(content);
+            return model!;
+        }
+
+        protected virtual void VerifyErrResponse(string content)
+        {
+            return;
+        }
+
+        protected abstract Task<List<Claim>> GetAuthTicketAsync(string code);
+
+
+        protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
+        {
+            if (!Context.Request.Query.ContainsKey("code"))
+            {
+                return AuthenticateResult.Fail("回调未包含code参数");
+            }
+            var code = Context.Request.Query["code"].ToString();
+
+            List<Claim> authTicket = null;
+            try
+            {
+                authTicket = await GetAuthTicketAsync(code);
+            }
+            catch (Exception ex)
+            {
+                return AuthenticateResult.Fail(ex.Message ?? "未知错误");
+            }
+            //成功
+            var result = AuthenticateResult.Success(TicketConver(authTicket));
+            return result;
+        }
+    }
+}
+
+

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationConstants.cs

@@ -0,0 +1,27 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
+
+/// <summary>
+/// Contains constants specific to the <see cref="QQAuthenticationHandler"/>.
+/// </summary>
+public static class QQAuthenticationConstants
+{
+    public static class Claims
+    {
+        public const string AvatarFullUrl = "urn:qq:avatar_full";
+        public const string AvatarUrl = "urn:qq:avatar";
+        public const string PictureFullUrl = "urn:qq:picture_full";
+        public const string PictureMediumUrl = "urn:qq:picture_medium";
+        public const string PictureUrl = "urn:qq:picture";
+        public const string UnionId = "urn:qq:unionid";
+
+        public const string OpenId = "urn:openid";
+        public const string AccessToken = "urn:access_token";
+        public const string Name = "urn:name";
+    }
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationDefaults.cs

@@ -0,0 +1,53 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
+
+/// <summary>
+/// Default values for QQ authentication.
+/// </summary>
+public static class QQAuthenticationDefaults
+{
+    /// <summary>
+    /// Default value for <see cref="AuthenticationScheme.Name"/>.
+    /// </summary>
+    public const string AuthenticationScheme = "QQ";
+
+    /// <summary>
+    /// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
+    /// </summary>
+    public static readonly string DisplayName = "QQ";
+
+    /// <summary>
+    /// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
+    /// </summary>
+    public static readonly string Issuer = "QQ";
+
+    /// <summary>
+    /// Default value for <see cref="RemoteAuthenticationOptions.CallbackPath"/>.
+    /// </summary>
+    public static readonly string CallbackPath = "/signin-qq";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.AuthorizationEndpoint"/>.
+    /// </summary>
+    public static readonly string AuthorizationEndpoint = "https://graph.qq.com/oauth2.0/authorize";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.TokenEndpoint"/>.
+    /// </summary>
+    public static readonly string TokenEndpoint = "https://graph.qq.com/oauth2.0/token";
+
+    /// <summary>
+    /// Default value for <see cref="QQAuthenticationOptions.UserIdentificationEndpoint"/>.
+    /// </summary>
+    public static readonly string UserIdentificationEndpoint = "https://graph.qq.com/oauth2.0/me";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.UserInformationEndpoint"/>.
+    /// </summary>
+    public static readonly string UserInformationEndpoint = "https://graph.qq.com/user/get_user_info";
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationExtensions.cs

@@ -0,0 +1,77 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.DependencyInjection;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
+
+/// <summary>
+/// Extension methods to add QQ authentication capabilities to an HTTP application pipeline.
+/// </summary>
+public static class QQAuthenticationExtensions
+{
+    /// <summary>
+    /// Adds <see cref="QQAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables QQ authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddQQ([NotNull] this AuthenticationBuilder builder)
+    {
+        return builder.AddQQ(QQAuthenticationDefaults.AuthenticationScheme, options => { });
+    }
+
+    /// <summary>
+    /// Adds <see cref="QQAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables QQ authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="configuration">The delegate used to configure the OpenID 2.0 options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddQQ(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] Action<QQAuthenticationOptions> configuration)
+    {
+        return builder.AddQQ(QQAuthenticationDefaults.AuthenticationScheme, configuration);
+    }
+
+    /// <summary>
+    /// Adds <see cref="QQAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables QQ authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="scheme">The authentication scheme associated with this instance.</param>
+    /// <param name="configuration">The delegate used to configure the QQ options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddQQ(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] string scheme,
+        [NotNull] Action<QQAuthenticationOptions> configuration)
+    {
+        return builder.AddQQ(scheme, QQAuthenticationDefaults.DisplayName, configuration);
+    }
+
+    /// <summary>
+    /// Adds <see cref="QQAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables QQ authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="scheme">The authentication scheme associated with this instance.</param>
+    /// <param name="caption">The optional display name associated with this instance.</param>
+    /// <param name="configuration">The delegate used to configure the QQ options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddQQ(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] string scheme,
+        [CanBeNull] string caption,
+        [NotNull] Action<QQAuthenticationOptions> configuration)
+    {
+        return builder.AddScheme<QQAuthenticationOptions, QQAuthenticationHandler>(scheme, caption, configuration);
+
+    }
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationHandler.cs

@@ -0,0 +1,70 @@
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using static Yi.Framework.AspNetCore.Authentication.OAuth.QQ.QQAuthenticationConstants;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ
+{
+    public class QQAuthenticationHandler : OauthAuthenticationHandler<QQAuthenticationOptions>
+    {
+        public QQAuthenticationHandler(IOptionsMonitor<QQAuthenticationOptions> options, ILoggerFactory logger, UrlEncoder encoder, IHttpClientFactory httpClientFactory) : base(options, logger, encoder, httpClientFactory)
+        {
+        }
+
+        public override string AuthenticationSchemeNmae => QQAuthenticationDefaults.AuthenticationScheme;
+
+        protected override void VerifyErrResponse(string content)
+        {
+            QQAuthticationErrCodeModel.VerifyErrResponse(content);
+        }
+
+        protected override async Task<List<Claim>> GetAuthTicketAsync(string code)
+        {
+
+            //获取 accessToken
+            var tokenQueryKv = new List<KeyValuePair<string, string?>>()
+            {
+                new KeyValuePair<string, string?>("grant_type","authorization_code"),
+                new KeyValuePair<string, string?>("client_id",Options.ClientId),
+                new KeyValuePair<string, string?>("client_secret",Options.ClientSecret),
+                new KeyValuePair<string, string?>("redirect_uri",Options.RedirectUri),
+                new KeyValuePair<string, string?>("fmt","json"),
+                new KeyValuePair<string, string?>("need_openid","1"),
+                new KeyValuePair<string, string?>("code",code),
+                new KeyValuePair<string, string?>("state","true"),
+            };
+            var tokenModel = await SendHttpRequestAsync<QQAuthticationcationTokenResponse>(QQAuthenticationDefaults.TokenEndpoint, tokenQueryKv);
+
+
+
+            //获取 userInfo
+            var userInfoQueryKv = new List<KeyValuePair<string, string?>>()
+            {
+                new KeyValuePair<string, string?>("access_token",tokenModel.access_token),
+                new KeyValuePair<string, string?>("oauth_consumer_key",Options.ClientId),
+                new KeyValuePair<string, string?>("openid",tokenModel.openid),
+            };
+
+            var userInfoMdoel = await SendHttpRequestAsync<QQAuthticationcationUserInfoResponse>(QQAuthenticationDefaults.UserInformationEndpoint, userInfoQueryKv);
+
+
+            List<Claim> claims = new List<Claim>()
+            {
+
+                new Claim(Claims.AvatarFullUrl, userInfoMdoel.figureurl_qq_2),
+                new Claim(Claims.AvatarUrl, userInfoMdoel.figureurl_qq_1),
+                new Claim(Claims.PictureFullUrl, userInfoMdoel.figureurl_2),
+                new Claim(Claims.PictureMediumUrl, userInfoMdoel.figureurl_qq_1),
+                new Claim(Claims.PictureUrl, userInfoMdoel.figureurl),
+
+                new Claim(Claims.OpenId, tokenModel.openid),
+                new Claim(Claims.Name, userInfoMdoel.nickname),
+                new Claim(Claims.AccessToken, tokenModel.access_token),
+               
+            };
+            return claims;
+
+        }
+    }
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthenticationOptions.cs

@@ -0,0 +1,51 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Security.Claims;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
+using static Yi.Framework.AspNetCore.Authentication.OAuth.QQ.QQAuthenticationConstants;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
+
+/// <summary>
+/// Defines a set of options used by <see cref="QQAuthenticationHandler"/>.
+/// </summary>
+public class QQAuthenticationOptions : OAuthOptions
+{
+    public QQAuthenticationOptions()
+    {
+        ClaimsIssuer = QQAuthenticationDefaults.Issuer;
+        CallbackPath = QQAuthenticationDefaults.CallbackPath;
+
+        AuthorizationEndpoint = QQAuthenticationDefaults.AuthorizationEndpoint;
+        TokenEndpoint = QQAuthenticationDefaults.TokenEndpoint;
+        UserIdentificationEndpoint = QQAuthenticationDefaults.UserIdentificationEndpoint;
+        UserInformationEndpoint = QQAuthenticationDefaults.UserInformationEndpoint;
+
+        Scope.Add("get_user_info");
+
+        ClaimActions.MapJsonKey(ClaimTypes.Name, "nickname");
+        ClaimActions.MapJsonKey(ClaimTypes.Gender, "gender");
+        ClaimActions.MapJsonKey(Claims.PictureUrl, "figureurl");
+        ClaimActions.MapJsonKey(Claims.PictureMediumUrl, "figureurl_1");
+        ClaimActions.MapJsonKey(Claims.PictureFullUrl, "figureurl_2");
+        ClaimActions.MapJsonKey(Claims.AvatarUrl, "figureurl_qq_1");
+        ClaimActions.MapJsonKey(Claims.AvatarFullUrl, "figureurl_qq_2");
+    }
+
+    /// <summary>
+    /// Gets or sets if the union Id (the primary key of an owner for different apps of the QQ platform) should be put into the user claims.
+    /// </summary>
+    public bool ApplyForUnionId { get; set; }
+
+    /// <summary>
+    /// Gets or sets the URL of the user identification endpoint (a.k.a. the "OpenID endpoint").
+    /// </summary>
+    public string UserIdentificationEndpoint { get; set; }
+
+    public string RedirectUri { get; set; }
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthticationErrCodeModel.cs

@@ -0,0 +1,30 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Text.Json;
+using System.Threading.Tasks;
+
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ
+{
+    public class QQAuthticationErrCodeModel
+    {
+        public string error { get; set; }
+
+        public string error_description { get; set; }
+
+        public static void VerifyErrResponse(string content)
+        {
+
+                var model =Newtonsoft.Json.JsonConvert.DeserializeObject <QQAuthticationErrCodeModel>(content);
+                if (model.error != null)
+                {
+
+                    throw new Exception($"第三方授权返回错误，错误码：【{model.error}】，错误详情：【{model.error_description}】");
+                }
+        }
+
+    }
+
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/QQ/QQAuthticationcationHttpModel.cs

@@ -0,0 +1,89 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ
+{
+    public class QQAuthticationcationTokenResponse
+    {
+        public string access_token { get; set; }
+
+        public string expires_in { get; set; }
+
+        public string refresh_token { get; set; }
+
+        public string openid { get; set; }
+    }
+
+
+    public class QQAuthticationcationOpenIdResponse
+    {
+        public string client_id { get; set; }
+
+        public string openid { get; set; }
+
+    }
+
+    public class QQAuthticationcationUserInfoResponse
+    {
+        // 返回码
+        public int ret { get; set; }
+
+        // 如果ret<0，会有相应的错误信息提示
+        // 返回数据全部用UTF-8编码
+        public string msg { get; set; }
+
+        // 判断是否有数据丢失
+        // 0或者不返回：没有数据丢失，可以缓存
+        // 1：有部分数据丢失或错误，不要缓存
+        public int is_lost { get; set; }
+
+        // 用户在QQ空间的昵称
+        public string nickname { get; set; }
+
+        // 大小为30x30像素的QQ空间头像URL
+        public string figureurl { get; set; }
+
+        // 大小为50x50像素的QQ空间头像URL
+        public string figureurl_1 { get; set; }
+
+        // 大小为100x100像素的QQ空间头像URL
+        public string figureurl_2 { get; set; }
+
+        // 大小为40x40像素的QQ头像URL
+        public string figureurl_qq_1 { get; set; }
+
+        // 大小为100x100像素的QQ头像URL
+        // 需要注意，不是所有的用户都拥有QQ的100x100的头像，但40x40像素则是一定会有
+        public string figureurl_qq_2 { get; set; }
+
+        // 性别。如果获取不到则默认返回"男"
+        public string gender { get; set; }
+
+        // 性别类型。默认返回2
+        public int gender_type { get; set; }
+
+        // 省
+        public string province { get; set; }
+
+        // 市
+        public string city { get; set; }
+
+        // 年
+        public int year { get; set; }
+
+        // 星座
+        public string constellation { get; set; }
+
+        // 标识用户是否为黄钻用户
+        public int is_yellow_vip { get; set; }
+
+        // 黄钻等级
+        public int yellow_vip_level { get; set; }
+
+        // 是否为年费黄钻用户
+        public int is_yellow_year_vip { get; set; }
+    }
+}

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Yi.Framework.AspNetCore.Authentication.OAuth.csproj

@@ -0,0 +1,12 @@
+<Project Sdk="Microsoft.NET.Sdk">
+	<Import Project="..\..\common.props" />
+  <PropertyGroup>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+  </PropertyGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\Yi.Framework.AspNetCore\Yi.Framework.AspNetCore.csproj" />
+  </ItemGroup>
+
+</Project>

Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/YiFrameworkAspNetCoreAuthenticationOAuthModule.cs

@@ -0,0 +1,20 @@
+using Microsoft.Extensions.DependencyInjection;
+using Volo.Abp.Modularity;
+using Yi.Framework.Core;
+
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth
+{
+    /// <summary>
+    /// 本模块轮子来自 AspNet.Security.OAuth.QQ;
+    /// </summary>
+    [DependsOn(typeof(YiFrameworkAspNetCoreModule))]
+    public class YiFrameworkAspNetCoreAuthenticationOAuthModule:AbpModule
+    {
+        public override void ConfigureServices(ServiceConfigurationContext context)
+        {
+            var service = context.Services;
+            service.AddHttpClient();
+        }
+    }
+}

Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.Application/Services/Authentication/QQAuthService.cs

@@ -1,33 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Text;
-using System.Threading.Tasks;
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Logging;
-using Quartz.Logging;
-using Volo.Abp;
-using Volo.Abp.DependencyInjection;
-
-namespace Yi.Framework.Bbs.Application.Services.Authentication
-{
-    public class QQAuthService : IRemoteService, ITransientDependency
-    {
-        private HttpContext HttpContext { get; set; }
-        private ILogger<QQAuthService> _logger;
-        public QQAuthService(IHttpContextAccessor httpContextAccessor, ILogger<QQAuthService> logger)
-        {
-            _logger = logger;
-            HttpContext = httpContextAccessor.HttpContext ?? throw new ApplicationException("未注册Http");
-        }
-        [HttpGet("/auth/qq")]
-        public async Task AuthQQAsync()
-        {
-            var data = await HttpContext.AuthenticateAsync("QQ");
-            _logger.LogError($"QQ回调信息:{Newtonsoft.Json.JsonConvert.SerializeObject(data)}");
-            _logger.LogError($"QQ回调身份:{Newtonsoft.Json.JsonConvert.SerializeObject(data.Principal)}");
-        }
-    }
-}

Yi.Abp.Net8/module/bbs/Yi.Framework.Bbs.SqlSugarCore/DataSeeds/BbsDictionaryDataSeed.cs

@@ -15,8 +15,8 @@ namespace Yi.Framework.Bbs.SqlSugarCore.DataSeeds
     public class BbsDictionaryDataSeed : IDataSeedContributor, ITransientDependency
     {
         private ISqlSugarRepository<DictionaryEntity> _repository;
-        private ISqlSugarRepository<DictionaryTypeEntity> _typeRepository;
+        private ISqlSugarRepository<DictionaryTypeAggregateRoot> _typeRepository;
-        public BbsDictionaryDataSeed(ISqlSugarRepository<DictionaryEntity> repository, ISqlSugarRepository<DictionaryTypeEntity> typeRepository) {
+        public BbsDictionaryDataSeed(ISqlSugarRepository<DictionaryEntity> repository, ISqlSugarRepository<DictionaryTypeAggregateRoot> typeRepository) {
             _repository=repository;
             _typeRepository=typeRepository;
 
@@ -194,10 +194,10 @@ namespace Yi.Framework.Bbs.SqlSugarCore.DataSeeds
             return entities;
         }
 
-        public List<DictionaryTypeEntity> GetSeedDictionaryTypeData()
+        public List<DictionaryTypeAggregateRoot> GetSeedDictionaryTypeData()
         {
-            List<DictionaryTypeEntity> entities = new List<DictionaryTypeEntity>();
+            List<DictionaryTypeAggregateRoot> entities = new List<DictionaryTypeAggregateRoot>();
-            DictionaryTypeEntity dict1 = new DictionaryTypeEntity()
+            DictionaryTypeAggregateRoot dict1 = new DictionaryTypeAggregateRoot()
             {
 
                 DictName = "BBS类型标签",

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application.Contracts/Dtos/Account/AuthGetListInput.cs

@@ -0,0 +1,13 @@
+using Yi.Framework.Ddd.Application.Contracts;
+
+namespace Yi.Framework.Rbac.Application.Contracts.Dtos.Account
+{
+    public class AuthGetListInput:PagedAllResultRequestDto
+    {
+        public Guid? UserId { get; set; }
+
+        public string? OpenId { get; set; }
+
+        public string? AuthType { get; set; }
+    }
+}

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application.Contracts/Dtos/Account/AuthOutputDto.cs

@@ -0,0 +1,17 @@
+using Volo.Abp.Application.Dtos;
+
+namespace Yi.Framework.Rbac.Application.Contracts.Dtos.Account
+{
+    public class AuthOutputDto:EntityDto<Guid>
+    {
+        public Guid UserId { get; set; }
+
+        public string OpenId { get; set; }
+
+        public string Name { get; set; }
+
+        public string AuthType { get; set; }
+
+        public DateTime CreationTime { get; set; }
+    }
+}

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/EventHandlers/StudentEventHandler.cs

@@ -3,7 +3,7 @@ using Volo.Abp.Domain.Entities.Events;
 using Volo.Abp.EventBus;
 using Yi.Framework.Rbac.Domain.Entities;
 
-namespace Yi.Framework.Rbac.Domain.EventHandlers
+namespace Yi.Framework.Rbac.Application.EventHandlers
 {
     public class StudentEventHandler : ILocalEventHandler<EntityCreatedEventData<StudentEntity>>, ITransientDependency
     {

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/AccountService.cs

@@ -1,15 +1,10 @@
-using System.IdentityModel.Tokens.Jwt;
+using System.Text.RegularExpressions;
-using System.Security.Claims;
-using System.Text;
-using System.Text.RegularExpressions;
 using Lazy.Captcha.Core;
-using Mapster;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Caching.Distributed;
 using Microsoft.Extensions.Options;
-using Microsoft.IdentityModel.Tokens;
 using SqlSugar;
 using Volo.Abp;
 using Volo.Abp.Application.Services;
@@ -27,7 +22,6 @@ using Yi.Framework.Rbac.Domain.Repositories;
 using Yi.Framework.Rbac.Domain.Shared.Caches;
 using Yi.Framework.Rbac.Domain.Shared.Consts;
 using Yi.Framework.Rbac.Domain.Shared.Dtos;
-using Yi.Framework.Rbac.Domain.Shared.Etos;
 using Yi.Framework.Rbac.Domain.Shared.Options;
 using Yi.Framework.SqlSugarCore.Abstractions;
 
@@ -36,8 +30,6 @@ namespace Yi.Framework.Rbac.Application.Services
 
     public class AccountService : ApplicationService, IAccountService
     {
-        private readonly ILocalEventBus _localEventBus;
-        private readonly JwtOptions _jwtOptions;
         private IDistributedCache<CaptchaPhoneCacheItem, CaptchaPhoneCacheKey> _phoneCache;
         private readonly ICaptcha _captcha;
         private readonly IGuidGenerator _guidGenerator;
@@ -45,45 +37,30 @@ namespace Yi.Framework.Rbac.Application.Services
         private readonly IAliyunManger _aliyunManger;
         public AccountService(IUserRepository userRepository,
             ICurrentUser currentUser,
-            AccountManager accountManager,
+            IAccountManager accountManager,
             ISqlSugarRepository<MenuEntity> menuRepository,
-            IHttpContextAccessor httpContextAccessor,
-            ILocalEventBus localEventBus,
-            IOptions<JwtOptions> jwtOptions,
             IDistributedCache<CaptchaPhoneCacheItem, CaptchaPhoneCacheKey> phoneCache,
             ICaptcha captcha,
             IGuidGenerator guidGenerator,
             IOptions<RbacOptions> options,
-            IAliyunManger aliyunManger,
+            IAliyunManger aliyunManger)
-            ISqlSugarRepository<RoleEntity> roleRepository,
-            UserManager userManager)
         {
             _userRepository = userRepository;
             _currentUser = currentUser;
             _accountManager = accountManager;
             _menuRepository = menuRepository;
-            _httpContextAccessor = httpContextAccessor;
-            _localEventBus = localEventBus;
-            _jwtOptions = jwtOptions.Value;
             _phoneCache = phoneCache;
             _captcha = captcha;
             _guidGenerator = guidGenerator;
             _rbacOptions = options.Value;
             _aliyunManger = aliyunManger;
-            _roleRepository = roleRepository;
-            _userManager = userManager;
         }
 
 
         private IUserRepository _userRepository;
         private ICurrentUser _currentUser;
-        private AccountManager _accountManager;
+        private IAccountManager _accountManager;
         private ISqlSugarRepository<MenuEntity> _menuRepository;
-        private IUserService _userService;
-        private UserManager _userManager;
-        private ISqlSugarRepository<RoleEntity> _roleRepository;
-        private IHttpContextAccessor _httpContextAccessor;
-
         /// <summary>
         /// 效验图片登录验证码,无需和账号绑定
         /// </summary>
@@ -117,59 +94,16 @@ namespace Yi.Framework.Rbac.Application.Services
             ValidationImageCaptcha(input);
 
             UserEntity user = new();
-            //登录成功
+            //效验
             await _accountManager.LoginValidationAsync(input.UserName, input.Password, x => user = x);
 
-            //获取用户信息
+            //获取token
-            var userInfo = await _userRepository.GetUserAllInfoAsync(user.Id);
+            var accessToken = await _accountManager.GetTokenByUserIdAsync(user.Id);
-
-            //判断用户状态
-            if (userInfo.User.State == false)
-            {
-                throw new UserFriendlyException(UserConst.State_Is_State);
-            }
-
-            if (userInfo.RoleCodes.Count == 0)
-            {
-                throw new UserFriendlyException(UserConst.No_Role);
-            }
-            //这里抛出一个登录的事件
-            var loginEntity = new LoginLogEntity().GetInfoByHttpContext(_httpContextAccessor.HttpContext);
-            var loginEto = loginEntity.Adapt<LoginEventArgs>();
-            loginEto.UserName = input.UserName;
-            loginEto.UserId = userInfo.User.Id;
-            await _localEventBus.PublishAsync(loginEto);
-            //将用户信息添加到缓存中，需要考虑的是更改了用户、角色、菜单等整个体系都需要将缓存进行刷新，看具体业务进行选择
 
 
-
-            //创建token
-            var accessToken = CreateToken(_accountManager.UserInfoToClaim(userInfo));
             return new { Token = accessToken };
         }
 
-        /// <summary>
-        /// 创建令牌
-        /// </summary>
-        /// <param name="kvs"></param>
-        /// <returns></returns>
-        private string CreateToken(List<KeyValuePair<string, string>> kvs)
-        {
-            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SecurityKey));
-            var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
-            var claims = kvs.Select(x => new Claim(x.Key, x.Value.ToString())).ToList();
-            var token = new JwtSecurityToken(
-               issuer: _jwtOptions.Issuer,
-               audience: _jwtOptions.Audience,
-               claims: claims,
-               expires: DateTime.Now.AddSeconds(_jwtOptions.ExpiresMinuteTime),
-               notBefore: DateTime.Now,
-               signingCredentials: creds);
-            string returnToken = new JwtSecurityTokenHandler().WriteToken(token);
-
-            return returnToken;
-        }
-
 
         /// <summary>
         /// 生成验证码
@@ -267,7 +201,7 @@ namespace Yi.Framework.Rbac.Application.Services
         /// <returns></returns>
         [AllowAnonymous]
         [UnitOfWork]
-        public async Task<object> PostRegisterAsync(RegisterDto input)
+        public async Task PostRegisterAsync(RegisterDto input)
         {
             if (_rbacOptions.EnableRegister == false)
             {
@@ -295,27 +229,8 @@ namespace Yi.Framework.Rbac.Application.Services
             await ValidationPhoneCaptchaAsync(input);
 
 
-
+            //注册领域逻辑
-            //输入的用户名与电话号码都不能在数据库中存在
+            await _accountManager.RegisterAsync(input.UserName, input.Password, input.Phone);
-            UserEntity user = new();
-            var isExist = await _userRepository.IsAnyAsync(x => x.UserName == input.UserName || x.Phone == input.Phone);
-            if (isExist)
-            {
-                throw new UserFriendlyException("用户已存在，注册失败");
-            }
-
-            var newUser = new UserEntity(input.UserName, input.Password, input.Phone);
-
-            var entity = await _userRepository.InsertReturnEntityAsync(newUser);
-            //赋上一个初始角色
-            var role = await _roleRepository.GetFirstAsync(x => x.RoleCode == UserConst.DefaultRoleCode);
-            if (role is not null)
-            {
-                await _userManager.GiveUserSetRoleAsync(new List<Guid> { entity.Id }, new List<Guid> { role.Id });
-            }
-
-            await _localEventBus.PublishAsync(new UserCreateEventArgs(entity.Id));
-            return true;
         }
 
 
@@ -334,16 +249,14 @@ namespace Yi.Framework.Rbac.Application.Services
             {
                 throw new UserFriendlyException("用户未登录");
             }
-            //此处从缓存中获取即可
+            //此处从缓存中获取也行
             //var data = _cacheManager.Get<UserRoleMenuDto>($"Yi:UserInfo:{userId}");
-            await Console.Out.WriteLineAsync(userId.ToString() + "99999999");
             var data = await _userRepository.GetUserAllInfoAsync(userId ?? Guid.Empty);
             //系统用户数据被重置，老前端访问重新授权
             if (data is null)
             {
                 throw new AbpAuthorizationException();
             }
-
             data.Menus.Clear();
             return data;
         }
@@ -382,6 +295,7 @@ namespace Yi.Framework.Rbac.Application.Services
         /// <returns></returns>
         public Task<bool> PostLogout()
         {
+            //Jwt去中心化登出，只需用记录日志即可
             return Task.FromResult(true);
         }
 

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/Authentication/AuthService.cs

@@ -0,0 +1,143 @@
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Logging;
+using SqlSugar;
+using Volo.Abp;
+using Volo.Abp.Application.Dtos;
+using Volo.Abp.Domain.Repositories;
+using Yi.Framework.Ddd.Application;
+using Yi.Framework.Rbac.Application.Contracts.Dtos.Account;
+using Yi.Framework.Rbac.Domain.Authorization;
+using Yi.Framework.Rbac.Domain.Managers;
+using Yi.Framework.SqlSugarCore.Abstractions;
+
+namespace Yi.Framework.Rbac.Application.Services.Authentication
+{
+    /// <summary>
+    /// 第三方授权服务
+    /// </summary>
+    public class AuthService : YiCrudAppService<AuthAggregateRoot, AuthOutputDto, Guid, AuthGetListInput>
+    {
+        private HttpContext HttpContext { get; set; }
+        private ILogger<AuthService> _logger;
+        private ISqlSugarRepository<AuthAggregateRoot, Guid> _repository;
+        private IAccountManager _accountManager;
+        public AuthService(IAccountManager accountManager, IHttpContextAccessor httpContextAccessor, ILogger<AuthService> logger, ISqlSugarRepository<AuthAggregateRoot, Guid> repository) : base(repository)
+        {
+            _logger = logger;
+            HttpContext = httpContextAccessor.HttpContext ?? throw new ApplicationException("未注册Http");
+            _repository = repository;
+            _accountManager = accountManager;
+        }
+
+        /// <summary>
+        /// 第三方oauth登录
+        /// </summary>
+        /// <param name="scheme"></param>
+        /// <param name="code">code是为了swagger更好的处理和显示</param>
+        /// <returns></returns>
+        /// <exception cref="UserFriendlyException"></exception>
+        [HttpGet("auth/oauth/login/{scheme}")]
+        public async Task<string> AuthOauthLoginAsync([FromRoute] string scheme, [FromQuery] string code)
+        {
+            (var openId, var _) = await GetOpenIdAndNameAsync(scheme);
+            var authEntity = await _repository.GetAsync(x => x.OpenId == openId && x.AuthType == scheme);
+
+            if (authEntity is null)
+            {
+                throw new UserFriendlyException("第三方登录失败，请先注册后，在个人中心进行绑定该第三方后使用");
+            }
+            var accessToken = await _accountManager.GetTokenByUserIdAsync(authEntity.UserId);
+            return accessToken;
+        }
+
+        /// <summary>
+        /// 第三方oauth绑定
+        /// </summary>
+        /// <param name="scheme"></param>
+        /// <param name="code">code是为了swagger更好的处理和显示</param>
+        /// <returns></returns>
+        /// <exception cref="UserFriendlyException"></exception>
+        [HttpPost("auth/oauth/bind/{scheme}")]
+        [Authorize]
+        public async Task AuthOauthBindAsync([FromRoute] string scheme, [FromQuery] string code)
+        {
+            (var openId, var name) = await GetOpenIdAndNameAsync(scheme);
+            var userId = CurrentUser.Id;
+            var authEntityAny = await _repository.AnyAsync(x => x.OpenId == openId && x.AuthType == scheme);
+            if (authEntityAny)
+            {
+                throw new UserFriendlyException("绑定失败，该第三方账号已被注册");
+            }
+            var authAggregateRoot = new AuthAggregateRoot(scheme, userId ?? Guid.Empty, openId, name);
+
+            await _repository.InsertAsync(authAggregateRoot);
+        }
+
+
+        private async Task<(string, string)> GetOpenIdAndNameAsync(string scheme)
+        {
+            var authenticateResult = await HttpContext.AuthenticateAsync(scheme);
+            if (!authenticateResult.Succeeded)
+            {
+                throw new UserFriendlyException(authenticateResult.Failure.Message);
+            }
+            var openidClaim = authenticateResult.Principal.Claims.Where(x => x.Type == "urn:openid").FirstOrDefault();
+            var nameClaim = authenticateResult.Principal.Claims.Where(x => x.Type == "urn:name").FirstOrDefault();
+            return (openidClaim.Value, nameClaim.Value);
+        }
+
+
+        /// <summary>
+        /// 获取当前账户的授权信息
+        /// </summary>
+        /// <param name="input"></param>
+        /// <returns></returns>
+        [Authorize]
+        public async Task<IReadOnlyList<AuthOutputDto>> GetListAccountAsync(AuthGetListInput input)
+        {
+            input.UserId = CurrentUser.Id;
+            input.MaxResultCount = LimitedResultRequestDto.MaxMaxResultCount;
+            input.SkipCount = 1;
+            return (await GetListAsync(input)).Items;
+        }
+
+
+        public override async Task<PagedResultDto<AuthOutputDto>> GetListAsync(AuthGetListInput input)
+        {
+            RefAsync<int> total = 0;
+
+            var entities = await _repository._DbQueryable.WhereIF(input.UserId is not null, x => x.UserId == input.UserId)
+                          .WhereIF(!string.IsNullOrEmpty(input.AuthType), x => x.AuthType == input.AuthType)
+                          .WhereIF(!string.IsNullOrEmpty(input.OpenId), x => x.OpenId == input.OpenId)
+                          .WhereIF(input.StartTime is not null && input.EndTime is not null, x => x.CreationTime >= input.StartTime && x.CreationTime <= input.EndTime)
+                          .ToPageListAsync(input.SkipCount, input.MaxResultCount, total);
+            return new PagedResultDto<AuthOutputDto>(total, await MapToGetListOutputDtosAsync(entities));
+        }
+
+        [RemoteService(IsEnabled = false)]
+        public override Task<AuthOutputDto> UpdateAsync(Guid id, AuthOutputDto input)
+        {
+            throw new NotImplementedException();
+        }
+
+        /// <summary>
+        /// 删除第三方授权
+        /// </summary>
+        /// <param name="id"></param>
+        /// <returns></returns>
+        [RemoteService(IsEnabled = true)]
+        public override Task DeleteAsync(IEnumerable<Guid> id)
+        {
+            return base.DeleteAsync(id);
+        }
+
+        [RemoteService(IsEnabled = false)]
+        public override Task<AuthOutputDto> CreateAsync(AuthOutputDto input)
+        {
+            throw new NotImplementedException();
+        }
+    }
+}

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/DictionaryTypeService.cs

@@ -11,11 +11,11 @@ namespace Yi.Framework.Rbac.Application.Services
     /// <summary>
     /// DictionaryType服务实现
     /// </summary>
-    public class DictionaryTypeService : YiCrudAppService<DictionaryTypeEntity, DictionaryTypeGetOutputDto, DictionaryTypeGetListOutputDto, Guid, DictionaryTypeGetListInputVo, DictionaryTypeCreateInputVo, DictionaryTypeUpdateInputVo>,
+    public class DictionaryTypeService : YiCrudAppService<DictionaryTypeAggregateRoot, DictionaryTypeGetOutputDto, DictionaryTypeGetListOutputDto, Guid, DictionaryTypeGetListInputVo, DictionaryTypeCreateInputVo, DictionaryTypeUpdateInputVo>,
        IDictionaryTypeService
     {
-        private ISqlSugarRepository<DictionaryTypeEntity, Guid> _repository;
+        private ISqlSugarRepository<DictionaryTypeAggregateRoot, Guid> _repository;
-        public DictionaryTypeService(ISqlSugarRepository<DictionaryTypeEntity, Guid> repository) : base(repository)
+        public DictionaryTypeService(ISqlSugarRepository<DictionaryTypeAggregateRoot, Guid> repository) : base(repository)
         {
             _repository = repository;
         }

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/OperationLogService.cs

@@ -4,7 +4,7 @@ using Volo.Abp.Application.Dtos;
 using Yi.Framework.Ddd.Application;
 using Yi.Framework.Rbac.Application.Contracts.Dtos.OperLog;
 using Yi.Framework.Rbac.Application.Contracts.IServices;
-using Yi.Framework.Rbac.Domain.Entities;
+using Yi.Framework.Rbac.Domain.Operlog;
 using Yi.Framework.SqlSugarCore.Abstractions;
 
 namespace Yi.Framework.Rbac.Application.Services

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/DeptService.cs

@@ -8,7 +8,7 @@ using Yi.Framework.Rbac.Application.Contracts.IServices;
 using Yi.Framework.Rbac.Domain.Entities;
 using Yi.Framework.Rbac.Domain.Repositories;
 
-namespace Yi.Framework.Rbac.Application.Services
+namespace Yi.Framework.Rbac.Application.Services.System
 {
     /// <summary>
     /// Dept服务实现

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/MenuService.cs

@@ -7,7 +7,7 @@ using Yi.Framework.Rbac.Application.Contracts.IServices;
 using Yi.Framework.Rbac.Domain.Entities;
 using Yi.Framework.SqlSugarCore.Abstractions;
 
-namespace Yi.Framework.Rbac.Application.Services
+namespace Yi.Framework.Rbac.Application.Services.System
 {
     /// <summary>
     /// Menu服务实现
@@ -30,7 +30,7 @@ namespace Yi.Framework.Rbac.Application.Services
                         .WhereIF(input.State is not null, x => x.State == input.State)
                         .OrderByDescending(x => x.OrderNum)
                         .ToListAsync();
-                          //.ToPageListAsync(input.SkipCount, input.MaxResultCount, total);
+            //.ToPageListAsync(input.SkipCount, input.MaxResultCount, total);
             return new PagedResultDto<MenuGetListOutputDto>(total, await MapToGetListOutputDtosAsync(entities));
         }
 

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/PostService.cs

@@ -7,7 +7,7 @@ using Yi.Framework.Rbac.Application.Contracts.IServices;
 using Yi.Framework.Rbac.Domain.Entities;
 using Yi.Framework.SqlSugarCore.Abstractions;
 
-namespace Yi.Framework.Rbac.Application.Services
+namespace Yi.Framework.Rbac.Application.Services.System
 {
     /// <summary>
     /// Post服务实现

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/RoleService.cs

@@ -14,7 +14,7 @@ using Yi.Framework.Rbac.Domain.Managers;
 using Yi.Framework.Rbac.Domain.Shared.Enums;
 using Yi.Framework.SqlSugarCore.Abstractions;
 
-namespace Yi.Framework.Rbac.Application.Services
+namespace Yi.Framework.Rbac.Application.Services.System
 {
     /// <summary>
     /// Role服务实现

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Application/Services/System/UserService.cs

@@ -16,7 +16,7 @@ using Yi.Framework.Rbac.Domain.Shared.Etos;
 using Yi.Framework.Rbac.Domain.Shared.OperLog;
 using Yi.Framework.SqlSugarCore.Abstractions;
 
-namespace Yi.Framework.Rbac.Application.Services
+namespace Yi.Framework.Rbac.Application.Services.System
 {
     /// <summary>
     /// User服务实现

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Authorization/AuthAggregateRoot.cs

@@ -0,0 +1,47 @@
+using SqlSugar;
+using Volo.Abp;
+using Volo.Abp.Auditing;
+using Volo.Abp.Data;
+using Volo.Abp.Domain.Entities;
+
+namespace Yi.Framework.Rbac.Domain.Authorization
+{    /// <summary>
+     /// 第三方授权表
+     ///</summary>
+    [SugarTable("Auth")]
+    public class AuthAggregateRoot : AggregateRoot<Guid>, ISoftDelete, IHasCreationTime
+    {
+
+        public AuthAggregateRoot() { }
+
+        public AuthAggregateRoot(string authType, Guid userId, string openId)
+        {
+            AuthType = authType;
+            OpenId = openId;
+            UserId = userId;
+
+        }
+        public AuthAggregateRoot(string authType, Guid userId, string openId, string name) : this(authType, userId, openId)
+        {
+            Name = name;
+        }
+
+
+        [SugarColumn(ColumnName = "Id", IsPrimaryKey = true)]
+        public override Guid Id { get; protected set; }
+        public Guid UserId { get; set; }
+
+        public string OpenId { get; set; }
+
+        public string Name { get; set; }
+
+        public string AuthType { get; set; }
+
+        public bool IsDeleted { get; set; }
+
+        [SugarColumn(IsIgnore = true)]
+        public override ExtraPropertyDictionary ExtraProperties { get; protected set; }
+
+        public DateTime CreationTime { get; set; }
+    }
+}

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Entities/DictionaryTypeAggregateRoot.cs

@@ -1,13 +1,14 @@
 using SqlSugar;
 using Volo.Abp;
 using Volo.Abp.Auditing;
+using Volo.Abp.Data;
 using Volo.Abp.Domain.Entities;
 using Yi.Framework.Core.Data;
 
 namespace Yi.Framework.Rbac.Domain.Entities
 {
     [SugarTable("DictionaryType")]
-    public class DictionaryTypeEntity : Entity<Guid>, IAuditedObject, ISoftDelete, IOrderNum
+    public class DictionaryTypeAggregateRoot : AggregateRoot<Guid>, IAuditedObject, ISoftDelete, IOrderNum
     {
         /// <summary>
         /// 主键
@@ -55,5 +56,7 @@ namespace Yi.Framework.Rbac.Domain.Entities
         public Guid? LastModifierId { get; set; }
 
         public DateTime? LastModificationTime { get; set; }
+        [SugarColumn(IsIgnore = true)]
+        public override ExtraPropertyDictionary ExtraProperties { get; protected set; }
     }
 }

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/AccountManager.cs

@@ -1,11 +1,25 @@
-using Volo.Abp;
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+using Mapster;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
+using Microsoft.IdentityModel.Tokens;
+using TencentCloud.Tdmq.V20200217.Models;
+using Volo.Abp;
 using Volo.Abp.Domain.Entities;
+using Volo.Abp.Domain.Repositories;
 using Volo.Abp.Domain.Services;
+using Volo.Abp.EventBus.Local;
 using Volo.Abp.Security.Claims;
 using Yi.Framework.Core.Helper;
 using Yi.Framework.Rbac.Domain.Entities;
+using Yi.Framework.Rbac.Domain.Repositories;
 using Yi.Framework.Rbac.Domain.Shared.Consts;
 using Yi.Framework.Rbac.Domain.Shared.Dtos;
+using Yi.Framework.Rbac.Domain.Shared.Etos;
+using Yi.Framework.Rbac.Domain.Shared.Options;
 using Yi.Framework.SqlSugarCore.Abstractions;
 
 namespace Yi.Framework.Rbac.Domain.Managers
@@ -14,14 +28,88 @@ namespace Yi.Framework.Rbac.Domain.Managers
     /// <summary>
     /// 用户领域服务
     /// </summary>
-    public class AccountManager : DomainService
+    public class AccountManager : DomainService, IAccountManager
     {
-        private readonly ISqlSugarRepository<UserEntity> _repository;
+        private readonly IUserRepository _repository;
-        public AccountManager(ISqlSugarRepository<UserEntity> repository)
+        private readonly ILocalEventBus _localEventBus;
+        private readonly JwtOptions _jwtOptions;
+        private IHttpContextAccessor _httpContextAccessor;
+        private UserManager _userManager;
+        private ISqlSugarRepository<RoleEntity> _roleRepository;
+        public AccountManager(IUserRepository repository
+            , IHttpContextAccessor httpContextAccessor
+            , IOptions<JwtOptions> jwtOptions
+            , ILocalEventBus localEventBus
+            , UserManager userManager
+            , ISqlSugarRepository<RoleEntity> roleRepository)
         {
             _repository = repository;
+            _httpContextAccessor= httpContextAccessor;
+            _jwtOptions = jwtOptions.Value;
+            _localEventBus=localEventBus;
+            _userManager=userManager;
+            _roleRepository=roleRepository;
         }
 
+        /// <summary>
+        /// 根据用户id获取token
+        /// </summary>
+        /// <param name="userId"></param>
+        /// <returns></returns>
+        /// <exception cref="UserFriendlyException"></exception>
+        public async Task<string> GetTokenByUserIdAsync(Guid userId)
+        {
+            //获取用户信息
+            var userInfo = await _repository.GetUserAllInfoAsync(userId);
+
+            //判断用户状态
+            if (userInfo.User.State == false)
+            {
+                throw new UserFriendlyException(UserConst.State_Is_State);
+            }
+
+            if (userInfo.RoleCodes.Count == 0)
+            {
+                throw new UserFriendlyException(UserConst.No_Role);
+            }
+            //这里抛出一个登录的事件
+            if (_httpContextAccessor.HttpContext is not null)
+            {
+                var loginEntity = new LoginLogEntity().GetInfoByHttpContext(_httpContextAccessor.HttpContext);
+                var loginEto = loginEntity.Adapt<LoginEventArgs>();
+                loginEto.UserName = userInfo.User.UserName;
+                loginEto.UserId = userInfo.User.Id;
+                await _localEventBus.PublishAsync(loginEto);
+            }
+            //将用户信息添加到缓存中，需要考虑的是更改了用户、角色、菜单等整个体系都需要将缓存进行刷新，看具体业务进行选择
+
+            var accessToken = CreateToken(this.UserInfoToClaim(userInfo));
+            return accessToken;
+        }
+
+        /// <summary>
+        /// 创建令牌
+        /// </summary>
+        /// <param name="kvs"></param>
+        /// <returns></returns>
+        private string CreateToken(List<KeyValuePair<string, string>> kvs)
+        {
+            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SecurityKey));
+            var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
+            var claims = kvs.Select(x => new Claim(x.Key, x.Value.ToString())).ToList();
+            var token = new JwtSecurityToken(
+               issuer: _jwtOptions.Issuer,
+               audience: _jwtOptions.Audience,
+               claims: claims,
+               expires: DateTime.Now.AddSeconds(_jwtOptions.ExpiresMinuteTime),
+               notBefore: DateTime.Now,
+               signingCredentials: creds);
+            string returnToken = new JwtSecurityTokenHandler().WriteToken(token);
+
+            return returnToken;
+        }
+
+
         /// <summary>
         /// 登录效验
         /// </summary>
@@ -145,6 +233,31 @@ namespace Yi.Framework.Rbac.Domain.Managers
             user.BuildPassword();
             return await _repository.UpdateAsync(user);
         }
+
+
+        public async Task RegisterAsync(string userName,string password,long phone)
+        {
+            //输入的用户名与电话号码都不能在数据库中存在
+            UserEntity user = new();
+            var isExist = await _repository.IsAnyAsync(x => x.UserName == userName || x.Phone == phone);
+            if (isExist)
+            {
+                throw new UserFriendlyException("用户已存在，注册失败");
+            }
+
+            var newUser = new UserEntity(userName, password, phone);
+
+            var entity = await _repository.InsertReturnEntityAsync(newUser);
+            //赋上一个初始角色
+            var role = await _roleRepository.GetFirstAsync(x => x.RoleCode == UserConst.DefaultRoleCode);
+            if (role is not null)
+            {
+                await _userManager.GiveUserSetRoleAsync(new List<Guid> { entity.Id }, new List<Guid> { role.Id });
+            }
+
+            await _localEventBus.PublishAsync(new UserCreateEventArgs(entity.Id));
+
+        }
     }
 
 }

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/IAccountManager.cs

@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using Volo.Abp.Domain.Services;
+using Yi.Framework.Rbac.Domain.Entities;
+
+namespace Yi.Framework.Rbac.Domain.Managers
+{
+    public interface IAccountManager : IDomainService
+    {
+        Task<string> GetTokenByUserIdAsync(Guid userId);
+        Task LoginValidationAsync(string userName, string password, Action<UserEntity> userAction = null);
+        Task RegisterAsync(string userName, string password, long phone);
+        Task<bool> RestPasswordAsync(Guid userId, string password);
+        Task UpdatePasswordAsync(Guid userId, string newPassword, string oldPassword);
+    }
+}

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Managers/UserManager.cs

@@ -7,9 +7,9 @@ namespace Yi.Framework.Rbac.Domain.Managers
 {
     public class UserManager : DomainService
     {
-        private readonly ISqlSugarRepository<UserEntity> _repository;
+        public readonly ISqlSugarRepository<UserEntity> _repository;
-        private readonly ISqlSugarRepository<UserRoleEntity> _repositoryUserRole;
+        public readonly ISqlSugarRepository<UserRoleEntity> _repositoryUserRole;
-        private readonly ISqlSugarRepository<UserPostEntity> _repositoryUserPost;
+        public readonly ISqlSugarRepository<UserPostEntity> _repositoryUserPost;
 
         private readonly IGuidGenerator _guidGenerator;
         public UserManager(ISqlSugarRepository<UserEntity> repository, ISqlSugarRepository<UserRoleEntity> repositoryUserRole, ISqlSugarRepository<UserPostEntity> repositoryUserPost, IGuidGenerator guidGenerator) =>

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Operlog/OperLogGlobalAttribute.cs

@@ -8,7 +8,6 @@ using Volo.Abp.Domain.Repositories;
 using Volo.Abp.Users;
 using Yi.Framework.Core.Extensions;
 using Yi.Framework.Core.Helper;
-using Yi.Framework.Rbac.Domain.Entities;
 using Yi.Framework.Rbac.Domain.Shared.OperLog;
 
 namespace Yi.Framework.Rbac.Domain.Operlog

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.Domain/Operlog/OperationLogEntity.cs

@@ -3,7 +3,7 @@ using Volo.Abp.Auditing;
 using Volo.Abp.Domain.Entities;
 using Yi.Framework.Rbac.Domain.Shared.OperLog;
 
-namespace Yi.Framework.Rbac.Domain.Entities
+namespace Yi.Framework.Rbac.Domain.Operlog
 {
     /// <summary>
     /// 操作日志表

Yi.Abp.Net8/module/rbac/Yi.Framework.Rbac.SqlSugarCore/DataSeeds/DictionaryTypeDataSeed.cs

@@ -8,8 +8,8 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
 {
     public class DictionaryTypeDataSeed : IDataSeedContributor, ITransientDependency
     {
-        private ISqlSugarRepository<DictionaryTypeEntity> _repository;
+        private ISqlSugarRepository<DictionaryTypeAggregateRoot> _repository;
-        public DictionaryTypeDataSeed(ISqlSugarRepository<DictionaryTypeEntity> repository)
+        public DictionaryTypeDataSeed(ISqlSugarRepository<DictionaryTypeAggregateRoot> repository)
         {
             _repository = repository;
         }
@@ -20,10 +20,10 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
                 await _repository.InsertManyAsync(GetSeedData());
             }
         }
-        public List<DictionaryTypeEntity> GetSeedData()
+        public List<DictionaryTypeAggregateRoot> GetSeedData()
         {
-            List<DictionaryTypeEntity> entities = new List<DictionaryTypeEntity>();
+            List<DictionaryTypeAggregateRoot> entities = new List<DictionaryTypeAggregateRoot>();
-            DictionaryTypeEntity dict1 = new DictionaryTypeEntity()
+            DictionaryTypeAggregateRoot dict1 = new DictionaryTypeAggregateRoot()
             {
 
                 DictName = "用户性别",
@@ -35,7 +35,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
             };
             entities.Add(dict1);
 
-            DictionaryTypeEntity dict2 = new DictionaryTypeEntity()
+            DictionaryTypeAggregateRoot dict2 = new DictionaryTypeAggregateRoot()
             {
 
                 DictName = "菜单状态",
@@ -47,7 +47,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
             };
             entities.Add(dict2);
 
-            DictionaryTypeEntity dict3 = new DictionaryTypeEntity()
+            DictionaryTypeAggregateRoot dict3 = new DictionaryTypeAggregateRoot()
             {
 
                 DictName = "系统开关",
@@ -59,7 +59,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
             };
             entities.Add(dict3);
 
-            DictionaryTypeEntity dict4 = new DictionaryTypeEntity()
+            DictionaryTypeAggregateRoot dict4 = new DictionaryTypeAggregateRoot()
             {
 
                 DictName = "任务状态",
@@ -71,7 +71,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
             };
             entities.Add(dict4);
 
-            DictionaryTypeEntity dict5 = new DictionaryTypeEntity()
+            DictionaryTypeAggregateRoot dict5 = new DictionaryTypeAggregateRoot()
             {
 
                 DictName = "任务分组",
@@ -83,7 +83,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
             };
             entities.Add(dict5);
 
-            DictionaryTypeEntity dict6 = new DictionaryTypeEntity()
+            DictionaryTypeAggregateRoot dict6 = new DictionaryTypeAggregateRoot()
             {
 
                 DictName = "系统是否",
@@ -95,7 +95,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
             };
             entities.Add(dict6);
 
-            DictionaryTypeEntity dict7 = new DictionaryTypeEntity()
+            DictionaryTypeAggregateRoot dict7 = new DictionaryTypeAggregateRoot()
             {
 
                 DictName = "通知类型",
@@ -106,7 +106,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
                 State = true
             };
             entities.Add(dict7);
-            DictionaryTypeEntity dict8 = new DictionaryTypeEntity()
+            DictionaryTypeAggregateRoot dict8 = new DictionaryTypeAggregateRoot()
             {
 
                 DictName = "通知状态",
@@ -118,7 +118,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
             };
             entities.Add(dict8);
 
-            DictionaryTypeEntity dict9 = new DictionaryTypeEntity()
+            DictionaryTypeAggregateRoot dict9 = new DictionaryTypeAggregateRoot()
             {
 
                 DictName = "操作类型",
@@ -131,7 +131,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
             entities.Add(dict9);
 
 
-            DictionaryTypeEntity dict10 = new DictionaryTypeEntity()
+            DictionaryTypeAggregateRoot dict10 = new DictionaryTypeAggregateRoot()
             {
 
                 DictName = "系统状态",

Yi.Abp.Net8/src/Yi.Abp.Web/Yi.Abp.Web.csproj

@@ -15,6 +15,7 @@
   </ItemGroup>
 
   <ItemGroup>
+    <ProjectReference Include="..\..\framework\Yi.Framework.AspNetCore.Authentication.OAuth\Yi.Framework.AspNetCore.Authentication.OAuth.csproj" />
     <ProjectReference Include="..\..\framework\Yi.Framework.AspNetCore\Yi.Framework.AspNetCore.csproj" />
     <ProjectReference Include="..\Yi.Abp.Application\Yi.Abp.Application.csproj" />
     <ProjectReference Include="..\Yi.Abp.SqlSugarCore\Yi.Abp.SqlSugarCore.csproj" />

Yi.Abp.Net8/src/Yi.Abp.Web/YiAbpWebModule.cs

@@ -17,6 +17,9 @@ using Volo.Abp.Swashbuckle;
 using Yi.Abp.Application;
 using Yi.Abp.SqlsugarCore;
 using Yi.Framework.AspNetCore;
+using Yi.Framework.AspNetCore.Authentication.OAuth;
+using Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
+using Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
 using Yi.Framework.AspNetCore.Microsoft.AspNetCore.Builder;
 using Yi.Framework.AspNetCore.Microsoft.Extensions.DependencyInjection;
 using Yi.Framework.Bbs.Application;
@@ -28,6 +31,7 @@ namespace Yi.Abp.Web
     [DependsOn(
         typeof(YiAbpSqlSugarCoreModule),
         typeof(YiAbpApplicationModule),
+      
 
         typeof(AbpAspNetCoreMvcModule),
         typeof(AbpAutofacModule),
@@ -35,7 +39,8 @@ namespace Yi.Abp.Web
         typeof(AbpAspNetCoreSerilogModule),
         typeof(AbpAuditingModule),
         typeof(AbpAspNetCoreAuthenticationJwtBearerModule),
-        typeof(YiFrameworkAspNetCoreModule)
+        typeof(YiFrameworkAspNetCoreModule),
+        typeof(YiFrameworkAspNetCoreAuthenticationOAuthModule)
 
         )]
     public class YiAbpWebModule : AbpModule
@@ -100,6 +105,7 @@ namespace Yi.Abp.Web
                 });
             });
 
+           
             //jwt鉴权
             var jwtOptions = configuration.GetSection(nameof(JwtOptions)).Get<JwtOptions>();
             context.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
@@ -129,13 +135,22 @@ namespace Yi.Abp.Web
                         return Task.CompletedTask;
                     }
                 };
-            });
+            })
+            .AddQQ(options =>
+            {
+                configuration.GetSection("OAuth:QQ").Bind(options);
+            })
+            .AddGitee(options =>
+            {
+                configuration.GetSection("OAuth:Gitee").Bind(options);
+            });     
 
             //授权
             context.Services.AddAuthorization();
             return Task.CompletedTask;
         }
 
+
         public override Task OnApplicationInitializationAsync(ApplicationInitializationContext context)
         {
             var service = context.ServiceProvider;

Yi.Abp.Net8/src/Yi.Abp.Web/appsettings.json

@@ -38,6 +38,22 @@
     "ExpiresMinuteTime": 86400
   },
 
+  //第三方登录
+  "OAuth": {
+    //QQ
+    "QQ": {
+      "ClientId": "",
+      "ClientSecret": "",
+      "RedirectUri": ""
+    },
+    //码云
+    "Gitee": {
+      "ClientId": "",
+      "ClientSecret": "",
+      "RedirectUri": ""
+    }
+  },
+
   //Rbac模块
   "RbacOptions": {
     //超级管理员种子数据默认密码