feat: 新增Oauth鉴权模块,支持qq登录、gitee登录
This commit is contained in:
橙子
@@ -72,6 +72,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "audit-logging", "audit-logg
|
||||
EndProject
|
||||
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Yi.AuditLogging.SqlSugarCore", "module\audit-logging\Yi.AuditLogging.SqlSugarCore\Yi.AuditLogging.SqlSugarCore.csproj", "{48806510-8E18-4E1E-9BAF-5B97E88C5FC3}"
|
||||
EndProject
|
||||
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Yi.Framework.AspNetCore.Authentication.OAuth", "framework\Yi.Framework.AspNetCore.Authentication.OAuth\Yi.Framework.AspNetCore.Authentication.OAuth.csproj", "{791AC2FA-50D3-4408-8D68-31DA72F608BE}"
|
||||
EndProject
|
||||
Global
|
||||
GlobalSection(SolutionConfigurationPlatforms) = preSolution
|
||||
Debug|Any CPU = Debug|Any CPU
|
||||
@@ -174,6 +176,10 @@ Global
|
||||
{48806510-8E18-4E1E-9BAF-5B97E88C5FC3}.Debug|Any CPU.Build.0 = Debug|Any CPU
|
||||
{48806510-8E18-4E1E-9BAF-5B97E88C5FC3}.Release|Any CPU.ActiveCfg = Release|Any CPU
|
||||
{48806510-8E18-4E1E-9BAF-5B97E88C5FC3}.Release|Any CPU.Build.0 = Release|Any CPU
|
||||
{791AC2FA-50D3-4408-8D68-31DA72F608BE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
|
||||
{791AC2FA-50D3-4408-8D68-31DA72F608BE}.Debug|Any CPU.Build.0 = Debug|Any CPU
|
||||
{791AC2FA-50D3-4408-8D68-31DA72F608BE}.Release|Any CPU.ActiveCfg = Release|Any CPU
|
||||
{791AC2FA-50D3-4408-8D68-31DA72F608BE}.Release|Any CPU.Build.0 = Release|Any CPU
|
||||
EndGlobalSection
|
||||
GlobalSection(SolutionProperties) = preSolution
|
||||
HideSolutionNode = FALSE
|
||||
@@ -206,6 +212,7 @@ Global
|
||||
{6C86BA71-9F87-4E2C-B467-2950D77DCDFA} = {E902A945-4F41-4E96-A0DA-9F66CDA22261}
|
||||
{73CCF2C4-B9FD-44AB-8D4B-0A421805B094} = {2317227D-7796-4E7B-BEDB-7CD1CAE7B853}
|
||||
{48806510-8E18-4E1E-9BAF-5B97E88C5FC3} = {73CCF2C4-B9FD-44AB-8D4B-0A421805B094}
|
||||
{791AC2FA-50D3-4408-8D68-31DA72F608BE} = {77B949E9-530E-45A5-9657-20F7D5C6875C}
|
||||
EndGlobalSection
|
||||
GlobalSection(ExtensibilityGlobals) = postSolution
|
||||
SolutionGuid = {23D6FBC9-C970-4641-BC1E-2AEA59F51C18}
|
||||
|
||||
@@ -0,0 +1,23 @@
|
||||
/*
|
||||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
|
||||
* for more information concerning the license and the contributors participating to this project.
|
||||
*/
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
|
||||
|
||||
/// <summary>
|
||||
/// Contains constants specific to the <see cref="GiteeAuthenticationHandler"/>.
|
||||
/// </summary>
|
||||
public static class GiteeAuthenticationConstants
|
||||
{
|
||||
public static class Claims
|
||||
{
|
||||
public const string Url = "urn:gitee:url";
|
||||
public const string AvatarUrl = "urn:gitee:avatarUrl";
|
||||
|
||||
public const string OpenId = "urn:openid";
|
||||
public const string AccessToken = "urn:access_token";
|
||||
public const string Name = "urn:name";
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,53 @@
|
||||
/*
|
||||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
|
||||
* for more information concerning the license and the contributors participating to this project.
|
||||
*/
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
|
||||
|
||||
/// <summary>
|
||||
/// Default values used by the Gitee authentication middleware.
|
||||
/// </summary>
|
||||
public static class GiteeAuthenticationDefaults
|
||||
{
|
||||
/// <summary>
|
||||
/// Default value for <see cref="AuthenticationScheme.Name"/>.
|
||||
/// </summary>
|
||||
public const string AuthenticationScheme = "Gitee";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
|
||||
/// </summary>
|
||||
public static readonly string DisplayName = "Gitee";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
|
||||
/// </summary>
|
||||
public static readonly string Issuer = "Gitee";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="RemoteAuthenticationOptions.CallbackPath"/>.
|
||||
/// </summary>
|
||||
public static readonly string CallbackPath = "/signin-gitee";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="OAuthOptions.AuthorizationEndpoint"/>.
|
||||
/// </summary>
|
||||
public static readonly string AuthorizationEndpoint = "https://gitee.com/oauth/authorize";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="OAuthOptions.TokenEndpoint"/>.
|
||||
/// </summary>
|
||||
public static readonly string TokenEndpoint = "https://gitee.com/oauth/token";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="OAuthOptions.UserInformationEndpoint"/>.
|
||||
/// </summary>
|
||||
public static readonly string UserInformationEndpoint = "https://gitee.com/api/v5/user";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="GiteeAuthenticationOptions.UserEmailsEndpoint"/>.
|
||||
/// </summary>
|
||||
public static readonly string UserEmailsEndpoint = "https://gitee.com/api/v5/emails";
|
||||
}
|
||||
@@ -0,0 +1,75 @@
|
||||
/*
|
||||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
|
||||
* for more information concerning the license and the contributors participating to this project.
|
||||
*/
|
||||
|
||||
using JetBrains.Annotations;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
|
||||
|
||||
/// <summary>
|
||||
/// Extension methods to add Gitee authentication capabilities to an HTTP application pipeline.
|
||||
/// </summary>
|
||||
public static class GiteeAuthenticationExtensions
|
||||
{
|
||||
/// <summary>
|
||||
/// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
|
||||
/// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
|
||||
/// </summary>
|
||||
/// <param name="builder">The authentication builder.</param>
|
||||
/// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
|
||||
public static AuthenticationBuilder AddGitee([NotNull] this AuthenticationBuilder builder)
|
||||
{
|
||||
return builder.AddGitee(GiteeAuthenticationDefaults.AuthenticationScheme, options => { });
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
|
||||
/// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
|
||||
/// </summary>
|
||||
/// <param name="builder">The authentication builder.</param>
|
||||
/// <param name="configuration">The delegate used to configure the OpenID 2.0 options.</param>
|
||||
/// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
|
||||
public static AuthenticationBuilder AddGitee(
|
||||
[NotNull] this AuthenticationBuilder builder,
|
||||
[NotNull] Action<GiteeAuthenticationOptions> configuration)
|
||||
{
|
||||
return builder.AddGitee(GiteeAuthenticationDefaults.AuthenticationScheme, configuration);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
|
||||
/// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
|
||||
/// </summary>
|
||||
/// <param name="builder">The authentication builder.</param>
|
||||
/// <param name="scheme">The authentication scheme associated with this instance.</param>
|
||||
/// <param name="configuration">The delegate used to configure the Gitee options.</param>
|
||||
/// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
|
||||
public static AuthenticationBuilder AddGitee(
|
||||
[NotNull] this AuthenticationBuilder builder,
|
||||
[NotNull] string scheme,
|
||||
[NotNull] Action<GiteeAuthenticationOptions> configuration)
|
||||
{
|
||||
return builder.AddGitee(scheme, GiteeAuthenticationDefaults.DisplayName, configuration);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
|
||||
/// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
|
||||
/// </summary>
|
||||
/// <param name="builder">The authentication builder.</param>
|
||||
/// <param name="scheme">The authentication scheme associated with this instance.</param>
|
||||
/// <param name="caption">The optional display name associated with this instance.</param>
|
||||
/// <param name="configuration">The delegate used to configure the Gitee options.</param>
|
||||
/// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
|
||||
public static AuthenticationBuilder AddGitee(
|
||||
[NotNull] this AuthenticationBuilder builder,
|
||||
[NotNull] string scheme,
|
||||
[CanBeNull] string caption,
|
||||
[NotNull] Action<GiteeAuthenticationOptions> configuration)
|
||||
{
|
||||
return builder.AddScheme<GiteeAuthenticationOptions, GiteeAuthenticationHandler>(scheme, caption, configuration);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,55 @@
|
||||
using System.Security.Claims;
|
||||
using System.Text.Encodings.Web;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Microsoft.Extensions.Options;
|
||||
using Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
|
||||
using static Yi.Framework.AspNetCore.Authentication.OAuth.Gitee.GiteeAuthenticationConstants;
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee
|
||||
{
|
||||
public class GiteeAuthenticationHandler : OauthAuthenticationHandler<GiteeAuthenticationOptions>
|
||||
{
|
||||
public GiteeAuthenticationHandler(IOptionsMonitor<GiteeAuthenticationOptions> options, ILoggerFactory logger, UrlEncoder encoder, IHttpClientFactory httpClientFactory) : base(options, logger, encoder, httpClientFactory)
|
||||
{
|
||||
}
|
||||
|
||||
public override string AuthenticationSchemeNmae => GiteeAuthenticationDefaults.AuthenticationScheme;
|
||||
|
||||
protected override async Task<List<Claim>> GetAuthTicketAsync(string code)
|
||||
{
|
||||
//获取 accessToken
|
||||
var tokenQueryKv = new List<KeyValuePair<string, string?>>()
|
||||
{
|
||||
new KeyValuePair<string, string?>("grant_type","authorization_code"),
|
||||
new KeyValuePair<string, string?>("client_id",Options.ClientId),
|
||||
new KeyValuePair<string, string?>("client_secret",Options.ClientSecret),
|
||||
new KeyValuePair<string, string?>("redirect_uri",Options.RedirectUri),
|
||||
new KeyValuePair<string, string?>("code",code)
|
||||
};
|
||||
var tokenModel = await SendHttpRequestAsync<GiteeAuthticationcationTokenResponse>(GiteeAuthenticationDefaults.TokenEndpoint, tokenQueryKv,HttpMethod.Post);
|
||||
|
||||
//获取 userInfo
|
||||
var userInfoQueryKv = new List<KeyValuePair<string, string?>>()
|
||||
{
|
||||
new KeyValuePair<string, string?>("access_token",tokenModel.access_token),
|
||||
};
|
||||
var userInfoMdoel = await SendHttpRequestAsync<GiteeAuthticationcationUserInfoResponse>(GiteeAuthenticationDefaults.UserInformationEndpoint, userInfoQueryKv);
|
||||
|
||||
List<Claim> claims = new List<Claim>()
|
||||
{
|
||||
new Claim(Claims.AvatarUrl, userInfoMdoel.avatar_url),
|
||||
new Claim(Claims.Url, userInfoMdoel.url),
|
||||
|
||||
new Claim(Claims.OpenId,userInfoMdoel.id.ToString()),
|
||||
new Claim(Claims.Name, userInfoMdoel.name),
|
||||
new Claim(Claims.AccessToken, tokenModel.access_token)
|
||||
};
|
||||
return claims;
|
||||
}
|
||||
|
||||
protected override void VerifyErrResponse(string content)
|
||||
{
|
||||
GiteeAuthticationErrCodeModel.VerifyErrResponse(content);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,47 @@
|
||||
/*
|
||||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
|
||||
* for more information concerning the license and the contributors participating to this project.
|
||||
*/
|
||||
|
||||
using System.Security.Claims;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Authentication.OAuth;
|
||||
using static Yi.Framework.AspNetCore.Authentication.OAuth.Gitee.GiteeAuthenticationConstants;
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
|
||||
|
||||
/// <summary>
|
||||
/// Defines a set of options used by <see cref="GiteeAuthenticationHandler"/>.
|
||||
/// </summary>
|
||||
public class GiteeAuthenticationOptions : OAuthOptions
|
||||
{
|
||||
public GiteeAuthenticationOptions()
|
||||
{
|
||||
ClaimsIssuer = GiteeAuthenticationDefaults.Issuer;
|
||||
|
||||
CallbackPath = GiteeAuthenticationDefaults.CallbackPath;
|
||||
|
||||
AuthorizationEndpoint = GiteeAuthenticationDefaults.AuthorizationEndpoint;
|
||||
TokenEndpoint = GiteeAuthenticationDefaults.TokenEndpoint;
|
||||
UserInformationEndpoint = GiteeAuthenticationDefaults.UserInformationEndpoint;
|
||||
UserEmailsEndpoint = GiteeAuthenticationDefaults.UserEmailsEndpoint;
|
||||
|
||||
Scope.Add("user_info");
|
||||
Scope.Add("emails");
|
||||
|
||||
ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
|
||||
ClaimActions.MapJsonKey(ClaimTypes.Name, "login");
|
||||
ClaimActions.MapJsonKey(ClaimTypes.Email, "email");
|
||||
ClaimActions.MapJsonKey(Claims.Name, "name");
|
||||
ClaimActions.MapJsonKey(Claims.Url, "url");
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the address of the endpoint exposing
|
||||
/// the email addresses associated with the logged in user.
|
||||
/// </summary>
|
||||
public string UserEmailsEndpoint { get; set; }
|
||||
|
||||
public string RedirectUri { get; set; }
|
||||
}
|
||||
@@ -0,0 +1,30 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Text.Json;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee
|
||||
{
|
||||
public class GiteeAuthticationErrCodeModel
|
||||
{
|
||||
public string error { get; set; }
|
||||
|
||||
public string error_description { get; set; }
|
||||
|
||||
public static void VerifyErrResponse(string content)
|
||||
{
|
||||
|
||||
var model =Newtonsoft.Json.JsonConvert.DeserializeObject <GiteeAuthticationErrCodeModel>(content);
|
||||
if (model.error != null)
|
||||
{
|
||||
|
||||
throw new Exception($"第三方授权返回错误,错误码:【{model.error}】,错误详情:【{model.error_description}】");
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,63 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee
|
||||
{
|
||||
public class GiteeAuthticationcationTokenResponse
|
||||
{
|
||||
public string access_token { get; set; }
|
||||
public string token_type { get; set; }
|
||||
public int expires_in { get; set; }
|
||||
public string refresh_token { get; set; }
|
||||
public string scope { get; set; }
|
||||
public long created_at { get; set; }
|
||||
}
|
||||
|
||||
|
||||
public class GiteeAuthticationcationOpenIdResponse
|
||||
{
|
||||
public string client_id { get; set; }
|
||||
|
||||
public string openid { get; set; }
|
||||
|
||||
}
|
||||
|
||||
public class GiteeAuthticationcationUserInfoResponse
|
||||
{
|
||||
/// <summary>
|
||||
/// 也可以等于openId
|
||||
/// </summary>
|
||||
public int id { get; set; }
|
||||
public string login { get; set; }
|
||||
public string name { get; set; }
|
||||
public string avatar_url { get; set; }
|
||||
public string url { get; set; }
|
||||
public string html_url { get; set; }
|
||||
public string remark { get; set; }
|
||||
public string followers_url { get; set; }
|
||||
public string following_url { get; set; }
|
||||
public string gists_url { get; set; }
|
||||
public string starred_url { get; set; }
|
||||
public string subscriptions_url { get; set; }
|
||||
public string organizations_url { get; set; }
|
||||
public string repos_url { get; set; }
|
||||
public string events_url { get; set; }
|
||||
public string received_events_url { get; set; }
|
||||
public string type { get; set; }
|
||||
public string blog { get; set; }
|
||||
public string weibo { get; set; }
|
||||
public string bio { get; set; }
|
||||
public int public_repos { get; set; }
|
||||
public int public_gists { get; set; }
|
||||
public int followers { get; set; }
|
||||
public int following { get; set; }
|
||||
public int stared { get; set; }
|
||||
public int watched { get; set; }
|
||||
public DateTime created_at { get; set; }
|
||||
public DateTime updated_at { get; set; }
|
||||
public string email { get; set; }
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,96 @@
|
||||
using System.Security.Claims;
|
||||
using System.Text.Encodings.Web;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.WebUtilities;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Microsoft.Extensions.Options;
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth
|
||||
{
|
||||
public abstract class OauthAuthenticationHandler<TOptions> : AuthenticationHandler<TOptions> where TOptions : AuthenticationSchemeOptions, new()
|
||||
{
|
||||
public abstract string AuthenticationSchemeNmae { get; }
|
||||
private AuthenticationScheme _scheme;
|
||||
|
||||
public OauthAuthenticationHandler(IOptionsMonitor<TOptions> options, ILoggerFactory logger, UrlEncoder encoder, IHttpClientFactory httpClientFactory) : base(options, logger, encoder)
|
||||
{
|
||||
HttpClientFactory = httpClientFactory;
|
||||
HttpClient = HttpClientFactory.CreateClient();
|
||||
}
|
||||
|
||||
|
||||
protected IHttpClientFactory HttpClientFactory { get; }
|
||||
|
||||
protected HttpClient HttpClient { get; }
|
||||
|
||||
|
||||
|
||||
/// <summary>
|
||||
/// 生成认证票据
|
||||
/// </summary>
|
||||
/// <returns></returns>
|
||||
private AuthenticationTicket TicketConver(List<Claim> claims)
|
||||
{
|
||||
var claimsIdentity = new ClaimsIdentity(claims.ToArray(), AuthenticationSchemeNmae);
|
||||
var principal = new ClaimsPrincipal(claimsIdentity);
|
||||
return new AuthenticationTicket(principal, AuthenticationSchemeNmae);
|
||||
}
|
||||
|
||||
protected async Task<HttpModel> SendHttpRequestAsync<HttpModel>(string url, IEnumerable<KeyValuePair<string, string?>> query, HttpMethod? httpMethod = null)
|
||||
{
|
||||
httpMethod = httpMethod ?? HttpMethod.Get;
|
||||
|
||||
var queryUrl = QueryHelpers.AddQueryString(url, query);
|
||||
HttpResponseMessage response = null;
|
||||
if (httpMethod == HttpMethod.Get)
|
||||
{
|
||||
response = await HttpClient.GetAsync(queryUrl);
|
||||
}
|
||||
else if (httpMethod == HttpMethod.Post)
|
||||
{
|
||||
response = await HttpClient.PostAsync(queryUrl, null);
|
||||
}
|
||||
|
||||
var content = await response.Content.ReadAsStringAsync();
|
||||
if (!response.IsSuccessStatusCode)
|
||||
{
|
||||
throw new Exception($"授权服务器请求错误,请求地址:{queryUrl},错误信息:{content}");
|
||||
}
|
||||
VerifyErrResponse(content);
|
||||
var model = Newtonsoft.Json.JsonConvert.DeserializeObject<HttpModel>(content);
|
||||
return model!;
|
||||
}
|
||||
|
||||
protected virtual void VerifyErrResponse(string content)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
protected abstract Task<List<Claim>> GetAuthTicketAsync(string code);
|
||||
|
||||
|
||||
protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
|
||||
{
|
||||
if (!Context.Request.Query.ContainsKey("code"))
|
||||
{
|
||||
return AuthenticateResult.Fail("回调未包含code参数");
|
||||
}
|
||||
var code = Context.Request.Query["code"].ToString();
|
||||
|
||||
List<Claim> authTicket = null;
|
||||
try
|
||||
{
|
||||
authTicket = await GetAuthTicketAsync(code);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
return AuthenticateResult.Fail(ex.Message ?? "未知错误");
|
||||
}
|
||||
//成功
|
||||
var result = AuthenticateResult.Success(TicketConver(authTicket));
|
||||
return result;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -0,0 +1,27 @@
|
||||
/*
|
||||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
|
||||
* for more information concerning the license and the contributors participating to this project.
|
||||
*/
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
|
||||
|
||||
/// <summary>
|
||||
/// Contains constants specific to the <see cref="QQAuthenticationHandler"/>.
|
||||
/// </summary>
|
||||
public static class QQAuthenticationConstants
|
||||
{
|
||||
public static class Claims
|
||||
{
|
||||
public const string AvatarFullUrl = "urn:qq:avatar_full";
|
||||
public const string AvatarUrl = "urn:qq:avatar";
|
||||
public const string PictureFullUrl = "urn:qq:picture_full";
|
||||
public const string PictureMediumUrl = "urn:qq:picture_medium";
|
||||
public const string PictureUrl = "urn:qq:picture";
|
||||
public const string UnionId = "urn:qq:unionid";
|
||||
|
||||
public const string OpenId = "urn:openid";
|
||||
public const string AccessToken = "urn:access_token";
|
||||
public const string Name = "urn:name";
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,53 @@
|
||||
/*
|
||||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
|
||||
* for more information concerning the license and the contributors participating to this project.
|
||||
*/
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
|
||||
|
||||
/// <summary>
|
||||
/// Default values for QQ authentication.
|
||||
/// </summary>
|
||||
public static class QQAuthenticationDefaults
|
||||
{
|
||||
/// <summary>
|
||||
/// Default value for <see cref="AuthenticationScheme.Name"/>.
|
||||
/// </summary>
|
||||
public const string AuthenticationScheme = "QQ";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
|
||||
/// </summary>
|
||||
public static readonly string DisplayName = "QQ";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
|
||||
/// </summary>
|
||||
public static readonly string Issuer = "QQ";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="RemoteAuthenticationOptions.CallbackPath"/>.
|
||||
/// </summary>
|
||||
public static readonly string CallbackPath = "/signin-qq";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="OAuthOptions.AuthorizationEndpoint"/>.
|
||||
/// </summary>
|
||||
public static readonly string AuthorizationEndpoint = "https://graph.qq.com/oauth2.0/authorize";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="OAuthOptions.TokenEndpoint"/>.
|
||||
/// </summary>
|
||||
public static readonly string TokenEndpoint = "https://graph.qq.com/oauth2.0/token";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="QQAuthenticationOptions.UserIdentificationEndpoint"/>.
|
||||
/// </summary>
|
||||
public static readonly string UserIdentificationEndpoint = "https://graph.qq.com/oauth2.0/me";
|
||||
|
||||
/// <summary>
|
||||
/// Default value for <see cref="OAuthOptions.UserInformationEndpoint"/>.
|
||||
/// </summary>
|
||||
public static readonly string UserInformationEndpoint = "https://graph.qq.com/user/get_user_info";
|
||||
}
|
||||
@@ -0,0 +1,77 @@
|
||||
/*
|
||||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
|
||||
* for more information concerning the license and the contributors participating to this project.
|
||||
*/
|
||||
|
||||
using JetBrains.Annotations;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
|
||||
|
||||
/// <summary>
|
||||
/// Extension methods to add QQ authentication capabilities to an HTTP application pipeline.
|
||||
/// </summary>
|
||||
public static class QQAuthenticationExtensions
|
||||
{
|
||||
/// <summary>
|
||||
/// Adds <see cref="QQAuthenticationHandler"/> to the specified
|
||||
/// <see cref="AuthenticationBuilder"/>, which enables QQ authentication capabilities.
|
||||
/// </summary>
|
||||
/// <param name="builder">The authentication builder.</param>
|
||||
/// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
|
||||
public static AuthenticationBuilder AddQQ([NotNull] this AuthenticationBuilder builder)
|
||||
{
|
||||
return builder.AddQQ(QQAuthenticationDefaults.AuthenticationScheme, options => { });
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Adds <see cref="QQAuthenticationHandler"/> to the specified
|
||||
/// <see cref="AuthenticationBuilder"/>, which enables QQ authentication capabilities.
|
||||
/// </summary>
|
||||
/// <param name="builder">The authentication builder.</param>
|
||||
/// <param name="configuration">The delegate used to configure the OpenID 2.0 options.</param>
|
||||
/// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
|
||||
public static AuthenticationBuilder AddQQ(
|
||||
[NotNull] this AuthenticationBuilder builder,
|
||||
[NotNull] Action<QQAuthenticationOptions> configuration)
|
||||
{
|
||||
return builder.AddQQ(QQAuthenticationDefaults.AuthenticationScheme, configuration);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Adds <see cref="QQAuthenticationHandler"/> to the specified
|
||||
/// <see cref="AuthenticationBuilder"/>, which enables QQ authentication capabilities.
|
||||
/// </summary>
|
||||
/// <param name="builder">The authentication builder.</param>
|
||||
/// <param name="scheme">The authentication scheme associated with this instance.</param>
|
||||
/// <param name="configuration">The delegate used to configure the QQ options.</param>
|
||||
/// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
|
||||
public static AuthenticationBuilder AddQQ(
|
||||
[NotNull] this AuthenticationBuilder builder,
|
||||
[NotNull] string scheme,
|
||||
[NotNull] Action<QQAuthenticationOptions> configuration)
|
||||
{
|
||||
return builder.AddQQ(scheme, QQAuthenticationDefaults.DisplayName, configuration);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Adds <see cref="QQAuthenticationHandler"/> to the specified
|
||||
/// <see cref="AuthenticationBuilder"/>, which enables QQ authentication capabilities.
|
||||
/// </summary>
|
||||
/// <param name="builder">The authentication builder.</param>
|
||||
/// <param name="scheme">The authentication scheme associated with this instance.</param>
|
||||
/// <param name="caption">The optional display name associated with this instance.</param>
|
||||
/// <param name="configuration">The delegate used to configure the QQ options.</param>
|
||||
/// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
|
||||
public static AuthenticationBuilder AddQQ(
|
||||
[NotNull] this AuthenticationBuilder builder,
|
||||
[NotNull] string scheme,
|
||||
[CanBeNull] string caption,
|
||||
[NotNull] Action<QQAuthenticationOptions> configuration)
|
||||
{
|
||||
return builder.AddScheme<QQAuthenticationOptions, QQAuthenticationHandler>(scheme, caption, configuration);
|
||||
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,70 @@
|
||||
using System.Security.Claims;
|
||||
using System.Text.Encodings.Web;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Microsoft.Extensions.Options;
|
||||
using static Yi.Framework.AspNetCore.Authentication.OAuth.QQ.QQAuthenticationConstants;
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ
|
||||
{
|
||||
public class QQAuthenticationHandler : OauthAuthenticationHandler<QQAuthenticationOptions>
|
||||
{
|
||||
public QQAuthenticationHandler(IOptionsMonitor<QQAuthenticationOptions> options, ILoggerFactory logger, UrlEncoder encoder, IHttpClientFactory httpClientFactory) : base(options, logger, encoder, httpClientFactory)
|
||||
{
|
||||
}
|
||||
|
||||
public override string AuthenticationSchemeNmae => QQAuthenticationDefaults.AuthenticationScheme;
|
||||
|
||||
protected override void VerifyErrResponse(string content)
|
||||
{
|
||||
QQAuthticationErrCodeModel.VerifyErrResponse(content);
|
||||
}
|
||||
|
||||
protected override async Task<List<Claim>> GetAuthTicketAsync(string code)
|
||||
{
|
||||
|
||||
//获取 accessToken
|
||||
var tokenQueryKv = new List<KeyValuePair<string, string?>>()
|
||||
{
|
||||
new KeyValuePair<string, string?>("grant_type","authorization_code"),
|
||||
new KeyValuePair<string, string?>("client_id",Options.ClientId),
|
||||
new KeyValuePair<string, string?>("client_secret",Options.ClientSecret),
|
||||
new KeyValuePair<string, string?>("redirect_uri",Options.RedirectUri),
|
||||
new KeyValuePair<string, string?>("fmt","json"),
|
||||
new KeyValuePair<string, string?>("need_openid","1"),
|
||||
new KeyValuePair<string, string?>("code",code),
|
||||
new KeyValuePair<string, string?>("state","true"),
|
||||
};
|
||||
var tokenModel = await SendHttpRequestAsync<QQAuthticationcationTokenResponse>(QQAuthenticationDefaults.TokenEndpoint, tokenQueryKv);
|
||||
|
||||
|
||||
|
||||
//获取 userInfo
|
||||
var userInfoQueryKv = new List<KeyValuePair<string, string?>>()
|
||||
{
|
||||
new KeyValuePair<string, string?>("access_token",tokenModel.access_token),
|
||||
new KeyValuePair<string, string?>("oauth_consumer_key",Options.ClientId),
|
||||
new KeyValuePair<string, string?>("openid",tokenModel.openid),
|
||||
};
|
||||
|
||||
var userInfoMdoel = await SendHttpRequestAsync<QQAuthticationcationUserInfoResponse>(QQAuthenticationDefaults.UserInformationEndpoint, userInfoQueryKv);
|
||||
|
||||
|
||||
List<Claim> claims = new List<Claim>()
|
||||
{
|
||||
|
||||
new Claim(Claims.AvatarFullUrl, userInfoMdoel.figureurl_qq_2),
|
||||
new Claim(Claims.AvatarUrl, userInfoMdoel.figureurl_qq_1),
|
||||
new Claim(Claims.PictureFullUrl, userInfoMdoel.figureurl_2),
|
||||
new Claim(Claims.PictureMediumUrl, userInfoMdoel.figureurl_qq_1),
|
||||
new Claim(Claims.PictureUrl, userInfoMdoel.figureurl),
|
||||
|
||||
new Claim(Claims.OpenId, tokenModel.openid),
|
||||
new Claim(Claims.Name, userInfoMdoel.nickname),
|
||||
new Claim(Claims.AccessToken, tokenModel.access_token),
|
||||
|
||||
};
|
||||
return claims;
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,51 @@
|
||||
/*
|
||||
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
|
||||
* for more information concerning the license and the contributors participating to this project.
|
||||
*/
|
||||
|
||||
using System.Security.Claims;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Authentication.OAuth;
|
||||
using static Yi.Framework.AspNetCore.Authentication.OAuth.QQ.QQAuthenticationConstants;
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
|
||||
|
||||
/// <summary>
|
||||
/// Defines a set of options used by <see cref="QQAuthenticationHandler"/>.
|
||||
/// </summary>
|
||||
public class QQAuthenticationOptions : OAuthOptions
|
||||
{
|
||||
public QQAuthenticationOptions()
|
||||
{
|
||||
ClaimsIssuer = QQAuthenticationDefaults.Issuer;
|
||||
CallbackPath = QQAuthenticationDefaults.CallbackPath;
|
||||
|
||||
AuthorizationEndpoint = QQAuthenticationDefaults.AuthorizationEndpoint;
|
||||
TokenEndpoint = QQAuthenticationDefaults.TokenEndpoint;
|
||||
UserIdentificationEndpoint = QQAuthenticationDefaults.UserIdentificationEndpoint;
|
||||
UserInformationEndpoint = QQAuthenticationDefaults.UserInformationEndpoint;
|
||||
|
||||
Scope.Add("get_user_info");
|
||||
|
||||
ClaimActions.MapJsonKey(ClaimTypes.Name, "nickname");
|
||||
ClaimActions.MapJsonKey(ClaimTypes.Gender, "gender");
|
||||
ClaimActions.MapJsonKey(Claims.PictureUrl, "figureurl");
|
||||
ClaimActions.MapJsonKey(Claims.PictureMediumUrl, "figureurl_1");
|
||||
ClaimActions.MapJsonKey(Claims.PictureFullUrl, "figureurl_2");
|
||||
ClaimActions.MapJsonKey(Claims.AvatarUrl, "figureurl_qq_1");
|
||||
ClaimActions.MapJsonKey(Claims.AvatarFullUrl, "figureurl_qq_2");
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets if the union Id (the primary key of an owner for different apps of the QQ platform) should be put into the user claims.
|
||||
/// </summary>
|
||||
public bool ApplyForUnionId { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Gets or sets the URL of the user identification endpoint (a.k.a. the "OpenID endpoint").
|
||||
/// </summary>
|
||||
public string UserIdentificationEndpoint { get; set; }
|
||||
|
||||
public string RedirectUri { get; set; }
|
||||
}
|
||||
@@ -0,0 +1,30 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Text.Json;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ
|
||||
{
|
||||
public class QQAuthticationErrCodeModel
|
||||
{
|
||||
public string error { get; set; }
|
||||
|
||||
public string error_description { get; set; }
|
||||
|
||||
public static void VerifyErrResponse(string content)
|
||||
{
|
||||
|
||||
var model =Newtonsoft.Json.JsonConvert.DeserializeObject <QQAuthticationErrCodeModel>(content);
|
||||
if (model.error != null)
|
||||
{
|
||||
|
||||
throw new Exception($"第三方授权返回错误,错误码:【{model.error}】,错误详情:【{model.error_description}】");
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,89 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth.QQ
|
||||
{
|
||||
public class QQAuthticationcationTokenResponse
|
||||
{
|
||||
public string access_token { get; set; }
|
||||
|
||||
public string expires_in { get; set; }
|
||||
|
||||
public string refresh_token { get; set; }
|
||||
|
||||
public string openid { get; set; }
|
||||
}
|
||||
|
||||
|
||||
public class QQAuthticationcationOpenIdResponse
|
||||
{
|
||||
public string client_id { get; set; }
|
||||
|
||||
public string openid { get; set; }
|
||||
|
||||
}
|
||||
|
||||
public class QQAuthticationcationUserInfoResponse
|
||||
{
|
||||
// 返回码
|
||||
public int ret { get; set; }
|
||||
|
||||
// 如果ret<0,会有相应的错误信息提示
|
||||
// 返回数据全部用UTF-8编码
|
||||
public string msg { get; set; }
|
||||
|
||||
// 判断是否有数据丢失
|
||||
// 0或者不返回:没有数据丢失,可以缓存
|
||||
// 1:有部分数据丢失或错误,不要缓存
|
||||
public int is_lost { get; set; }
|
||||
|
||||
// 用户在QQ空间的昵称
|
||||
public string nickname { get; set; }
|
||||
|
||||
// 大小为30x30像素的QQ空间头像URL
|
||||
public string figureurl { get; set; }
|
||||
|
||||
// 大小为50x50像素的QQ空间头像URL
|
||||
public string figureurl_1 { get; set; }
|
||||
|
||||
// 大小为100x100像素的QQ空间头像URL
|
||||
public string figureurl_2 { get; set; }
|
||||
|
||||
// 大小为40x40像素的QQ头像URL
|
||||
public string figureurl_qq_1 { get; set; }
|
||||
|
||||
// 大小为100x100像素的QQ头像URL
|
||||
// 需要注意,不是所有的用户都拥有QQ的100x100的头像,但40x40像素则是一定会有
|
||||
public string figureurl_qq_2 { get; set; }
|
||||
|
||||
// 性别。如果获取不到则默认返回"男"
|
||||
public string gender { get; set; }
|
||||
|
||||
// 性别类型。默认返回2
|
||||
public int gender_type { get; set; }
|
||||
|
||||
// 省
|
||||
public string province { get; set; }
|
||||
|
||||
// 市
|
||||
public string city { get; set; }
|
||||
|
||||
// 年
|
||||
public int year { get; set; }
|
||||
|
||||
// 星座
|
||||
public string constellation { get; set; }
|
||||
|
||||
// 标识用户是否为黄钻用户
|
||||
public int is_yellow_vip { get; set; }
|
||||
|
||||
// 黄钻等级
|
||||
public int yellow_vip_level { get; set; }
|
||||
|
||||
// 是否为年费黄钻用户
|
||||
public int is_yellow_year_vip { get; set; }
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,12 @@
|
||||
<Project Sdk="Microsoft.NET.Sdk">
|
||||
<Import Project="..\..\common.props" />
|
||||
<PropertyGroup>
|
||||
<TargetFramework>net8.0</TargetFramework>
|
||||
<ImplicitUsings>enable</ImplicitUsings>
|
||||
<Nullable>enable</Nullable>
|
||||
</PropertyGroup>
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="..\Yi.Framework.AspNetCore\Yi.Framework.AspNetCore.csproj" />
|
||||
</ItemGroup>
|
||||
|
||||
</Project>
|
||||
@@ -0,0 +1,20 @@
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Volo.Abp.Modularity;
|
||||
using Yi.Framework.Core;
|
||||
|
||||
|
||||
namespace Yi.Framework.AspNetCore.Authentication.OAuth
|
||||
{
|
||||
/// <summary>
|
||||
/// 本模块轮子来自 AspNet.Security.OAuth.QQ;
|
||||
/// </summary>
|
||||
[DependsOn(typeof(YiFrameworkAspNetCoreModule))]
|
||||
public class YiFrameworkAspNetCoreAuthenticationOAuthModule:AbpModule
|
||||
{
|
||||
public override void ConfigureServices(ServiceConfigurationContext context)
|
||||
{
|
||||
var service = context.Services;
|
||||
service.AddHttpClient();
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,33 +0,0 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using Quartz.Logging;
|
||||
using Volo.Abp;
|
||||
using Volo.Abp.DependencyInjection;
|
||||
|
||||
namespace Yi.Framework.Bbs.Application.Services.Authentication
|
||||
{
|
||||
public class QQAuthService : IRemoteService, ITransientDependency
|
||||
{
|
||||
private HttpContext HttpContext { get; set; }
|
||||
private ILogger<QQAuthService> _logger;
|
||||
public QQAuthService(IHttpContextAccessor httpContextAccessor, ILogger<QQAuthService> logger)
|
||||
{
|
||||
_logger = logger;
|
||||
HttpContext = httpContextAccessor.HttpContext ?? throw new ApplicationException("未注册Http");
|
||||
}
|
||||
[HttpGet("/auth/qq")]
|
||||
public async Task AuthQQAsync()
|
||||
{
|
||||
var data = await HttpContext.AuthenticateAsync("QQ");
|
||||
_logger.LogError($"QQ回调信息:{Newtonsoft.Json.JsonConvert.SerializeObject(data)}");
|
||||
_logger.LogError($"QQ回调身份:{Newtonsoft.Json.JsonConvert.SerializeObject(data.Principal)}");
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -15,8 +15,8 @@ namespace Yi.Framework.Bbs.SqlSugarCore.DataSeeds
|
||||
public class BbsDictionaryDataSeed : IDataSeedContributor, ITransientDependency
|
||||
{
|
||||
private ISqlSugarRepository<DictionaryEntity> _repository;
|
||||
private ISqlSugarRepository<DictionaryTypeEntity> _typeRepository;
|
||||
public BbsDictionaryDataSeed(ISqlSugarRepository<DictionaryEntity> repository, ISqlSugarRepository<DictionaryTypeEntity> typeRepository) {
|
||||
private ISqlSugarRepository<DictionaryTypeAggregateRoot> _typeRepository;
|
||||
public BbsDictionaryDataSeed(ISqlSugarRepository<DictionaryEntity> repository, ISqlSugarRepository<DictionaryTypeAggregateRoot> typeRepository) {
|
||||
_repository=repository;
|
||||
_typeRepository=typeRepository;
|
||||
|
||||
@@ -194,10 +194,10 @@ namespace Yi.Framework.Bbs.SqlSugarCore.DataSeeds
|
||||
return entities;
|
||||
}
|
||||
|
||||
public List<DictionaryTypeEntity> GetSeedDictionaryTypeData()
|
||||
public List<DictionaryTypeAggregateRoot> GetSeedDictionaryTypeData()
|
||||
{
|
||||
List<DictionaryTypeEntity> entities = new List<DictionaryTypeEntity>();
|
||||
DictionaryTypeEntity dict1 = new DictionaryTypeEntity()
|
||||
List<DictionaryTypeAggregateRoot> entities = new List<DictionaryTypeAggregateRoot>();
|
||||
DictionaryTypeAggregateRoot dict1 = new DictionaryTypeAggregateRoot()
|
||||
{
|
||||
|
||||
DictName = "BBS类型标签",
|
||||
|
||||
@@ -0,0 +1,13 @@
|
||||
using Yi.Framework.Ddd.Application.Contracts;
|
||||
|
||||
namespace Yi.Framework.Rbac.Application.Contracts.Dtos.Account
|
||||
{
|
||||
public class AuthGetListInput:PagedAllResultRequestDto
|
||||
{
|
||||
public Guid? UserId { get; set; }
|
||||
|
||||
public string? OpenId { get; set; }
|
||||
|
||||
public string? AuthType { get; set; }
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,17 @@
|
||||
using Volo.Abp.Application.Dtos;
|
||||
|
||||
namespace Yi.Framework.Rbac.Application.Contracts.Dtos.Account
|
||||
{
|
||||
public class AuthOutputDto:EntityDto<Guid>
|
||||
{
|
||||
public Guid UserId { get; set; }
|
||||
|
||||
public string OpenId { get; set; }
|
||||
|
||||
public string Name { get; set; }
|
||||
|
||||
public string AuthType { get; set; }
|
||||
|
||||
public DateTime CreationTime { get; set; }
|
||||
}
|
||||
}
|
||||
@@ -3,7 +3,7 @@ using Volo.Abp.Domain.Entities.Events;
|
||||
using Volo.Abp.EventBus;
|
||||
using Yi.Framework.Rbac.Domain.Entities;
|
||||
|
||||
namespace Yi.Framework.Rbac.Domain.EventHandlers
|
||||
namespace Yi.Framework.Rbac.Application.EventHandlers
|
||||
{
|
||||
public class StudentEventHandler : ILocalEventHandler<EntityCreatedEventData<StudentEntity>>, ITransientDependency
|
||||
{
|
||||
|
||||
@@ -1,15 +1,10 @@
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using System.Security.Claims;
|
||||
using System.Text;
|
||||
using System.Text.RegularExpressions;
|
||||
using System.Text.RegularExpressions;
|
||||
using Lazy.Captcha.Core;
|
||||
using Mapster;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Extensions.Caching.Distributed;
|
||||
using Microsoft.Extensions.Options;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using SqlSugar;
|
||||
using Volo.Abp;
|
||||
using Volo.Abp.Application.Services;
|
||||
@@ -27,7 +22,6 @@ using Yi.Framework.Rbac.Domain.Repositories;
|
||||
using Yi.Framework.Rbac.Domain.Shared.Caches;
|
||||
using Yi.Framework.Rbac.Domain.Shared.Consts;
|
||||
using Yi.Framework.Rbac.Domain.Shared.Dtos;
|
||||
using Yi.Framework.Rbac.Domain.Shared.Etos;
|
||||
using Yi.Framework.Rbac.Domain.Shared.Options;
|
||||
using Yi.Framework.SqlSugarCore.Abstractions;
|
||||
|
||||
@@ -36,8 +30,6 @@ namespace Yi.Framework.Rbac.Application.Services
|
||||
|
||||
public class AccountService : ApplicationService, IAccountService
|
||||
{
|
||||
private readonly ILocalEventBus _localEventBus;
|
||||
private readonly JwtOptions _jwtOptions;
|
||||
private IDistributedCache<CaptchaPhoneCacheItem, CaptchaPhoneCacheKey> _phoneCache;
|
||||
private readonly ICaptcha _captcha;
|
||||
private readonly IGuidGenerator _guidGenerator;
|
||||
@@ -45,45 +37,30 @@ namespace Yi.Framework.Rbac.Application.Services
|
||||
private readonly IAliyunManger _aliyunManger;
|
||||
public AccountService(IUserRepository userRepository,
|
||||
ICurrentUser currentUser,
|
||||
AccountManager accountManager,
|
||||
IAccountManager accountManager,
|
||||
ISqlSugarRepository<MenuEntity> menuRepository,
|
||||
IHttpContextAccessor httpContextAccessor,
|
||||
ILocalEventBus localEventBus,
|
||||
IOptions<JwtOptions> jwtOptions,
|
||||
IDistributedCache<CaptchaPhoneCacheItem, CaptchaPhoneCacheKey> phoneCache,
|
||||
ICaptcha captcha,
|
||||
IGuidGenerator guidGenerator,
|
||||
IOptions<RbacOptions> options,
|
||||
IAliyunManger aliyunManger,
|
||||
ISqlSugarRepository<RoleEntity> roleRepository,
|
||||
UserManager userManager)
|
||||
IAliyunManger aliyunManger)
|
||||
{
|
||||
_userRepository = userRepository;
|
||||
_currentUser = currentUser;
|
||||
_accountManager = accountManager;
|
||||
_menuRepository = menuRepository;
|
||||
_httpContextAccessor = httpContextAccessor;
|
||||
_localEventBus = localEventBus;
|
||||
_jwtOptions = jwtOptions.Value;
|
||||
_phoneCache = phoneCache;
|
||||
_captcha = captcha;
|
||||
_guidGenerator = guidGenerator;
|
||||
_rbacOptions = options.Value;
|
||||
_aliyunManger = aliyunManger;
|
||||
_roleRepository = roleRepository;
|
||||
_userManager = userManager;
|
||||
}
|
||||
|
||||
|
||||
private IUserRepository _userRepository;
|
||||
private ICurrentUser _currentUser;
|
||||
private AccountManager _accountManager;
|
||||
private IAccountManager _accountManager;
|
||||
private ISqlSugarRepository<MenuEntity> _menuRepository;
|
||||
private IUserService _userService;
|
||||
private UserManager _userManager;
|
||||
private ISqlSugarRepository<RoleEntity> _roleRepository;
|
||||
private IHttpContextAccessor _httpContextAccessor;
|
||||
|
||||
/// <summary>
|
||||
/// 效验图片登录验证码,无需和账号绑定
|
||||
/// </summary>
|
||||
@@ -117,59 +94,16 @@ namespace Yi.Framework.Rbac.Application.Services
|
||||
ValidationImageCaptcha(input);
|
||||
|
||||
UserEntity user = new();
|
||||
//登录成功
|
||||
//效验
|
||||
await _accountManager.LoginValidationAsync(input.UserName, input.Password, x => user = x);
|
||||
|
||||
//获取用户信息
|
||||
var userInfo = await _userRepository.GetUserAllInfoAsync(user.Id);
|
||||
|
||||
//判断用户状态
|
||||
if (userInfo.User.State == false)
|
||||
{
|
||||
throw new UserFriendlyException(UserConst.State_Is_State);
|
||||
}
|
||||
|
||||
if (userInfo.RoleCodes.Count == 0)
|
||||
{
|
||||
throw new UserFriendlyException(UserConst.No_Role);
|
||||
}
|
||||
//这里抛出一个登录的事件
|
||||
var loginEntity = new LoginLogEntity().GetInfoByHttpContext(_httpContextAccessor.HttpContext);
|
||||
var loginEto = loginEntity.Adapt<LoginEventArgs>();
|
||||
loginEto.UserName = input.UserName;
|
||||
loginEto.UserId = userInfo.User.Id;
|
||||
await _localEventBus.PublishAsync(loginEto);
|
||||
//将用户信息添加到缓存中,需要考虑的是更改了用户、角色、菜单等整个体系都需要将缓存进行刷新,看具体业务进行选择
|
||||
//获取token
|
||||
var accessToken = await _accountManager.GetTokenByUserIdAsync(user.Id);
|
||||
|
||||
|
||||
|
||||
//创建token
|
||||
var accessToken = CreateToken(_accountManager.UserInfoToClaim(userInfo));
|
||||
return new { Token = accessToken };
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 创建令牌
|
||||
/// </summary>
|
||||
/// <param name="kvs"></param>
|
||||
/// <returns></returns>
|
||||
private string CreateToken(List<KeyValuePair<string, string>> kvs)
|
||||
{
|
||||
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SecurityKey));
|
||||
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
|
||||
var claims = kvs.Select(x => new Claim(x.Key, x.Value.ToString())).ToList();
|
||||
var token = new JwtSecurityToken(
|
||||
issuer: _jwtOptions.Issuer,
|
||||
audience: _jwtOptions.Audience,
|
||||
claims: claims,
|
||||
expires: DateTime.Now.AddSeconds(_jwtOptions.ExpiresMinuteTime),
|
||||
notBefore: DateTime.Now,
|
||||
signingCredentials: creds);
|
||||
string returnToken = new JwtSecurityTokenHandler().WriteToken(token);
|
||||
|
||||
return returnToken;
|
||||
}
|
||||
|
||||
|
||||
/// <summary>
|
||||
/// 生成验证码
|
||||
@@ -267,7 +201,7 @@ namespace Yi.Framework.Rbac.Application.Services
|
||||
/// <returns></returns>
|
||||
[AllowAnonymous]
|
||||
[UnitOfWork]
|
||||
public async Task<object> PostRegisterAsync(RegisterDto input)
|
||||
public async Task PostRegisterAsync(RegisterDto input)
|
||||
{
|
||||
if (_rbacOptions.EnableRegister == false)
|
||||
{
|
||||
@@ -295,27 +229,8 @@ namespace Yi.Framework.Rbac.Application.Services
|
||||
await ValidationPhoneCaptchaAsync(input);
|
||||
|
||||
|
||||
|
||||
//输入的用户名与电话号码都不能在数据库中存在
|
||||
UserEntity user = new();
|
||||
var isExist = await _userRepository.IsAnyAsync(x => x.UserName == input.UserName || x.Phone == input.Phone);
|
||||
if (isExist)
|
||||
{
|
||||
throw new UserFriendlyException("用户已存在,注册失败");
|
||||
}
|
||||
|
||||
var newUser = new UserEntity(input.UserName, input.Password, input.Phone);
|
||||
|
||||
var entity = await _userRepository.InsertReturnEntityAsync(newUser);
|
||||
//赋上一个初始角色
|
||||
var role = await _roleRepository.GetFirstAsync(x => x.RoleCode == UserConst.DefaultRoleCode);
|
||||
if (role is not null)
|
||||
{
|
||||
await _userManager.GiveUserSetRoleAsync(new List<Guid> { entity.Id }, new List<Guid> { role.Id });
|
||||
}
|
||||
|
||||
await _localEventBus.PublishAsync(new UserCreateEventArgs(entity.Id));
|
||||
return true;
|
||||
//注册领域逻辑
|
||||
await _accountManager.RegisterAsync(input.UserName, input.Password, input.Phone);
|
||||
}
|
||||
|
||||
|
||||
@@ -334,16 +249,14 @@ namespace Yi.Framework.Rbac.Application.Services
|
||||
{
|
||||
throw new UserFriendlyException("用户未登录");
|
||||
}
|
||||
//此处从缓存中获取即可
|
||||
//此处从缓存中获取也行
|
||||
//var data = _cacheManager.Get<UserRoleMenuDto>($"Yi:UserInfo:{userId}");
|
||||
await Console.Out.WriteLineAsync(userId.ToString() + "99999999");
|
||||
var data = await _userRepository.GetUserAllInfoAsync(userId ?? Guid.Empty);
|
||||
//系统用户数据被重置,老前端访问重新授权
|
||||
if (data is null)
|
||||
{
|
||||
throw new AbpAuthorizationException();
|
||||
}
|
||||
|
||||
data.Menus.Clear();
|
||||
return data;
|
||||
}
|
||||
@@ -382,6 +295,7 @@ namespace Yi.Framework.Rbac.Application.Services
|
||||
/// <returns></returns>
|
||||
public Task<bool> PostLogout()
|
||||
{
|
||||
//Jwt去中心化登出,只需用记录日志即可
|
||||
return Task.FromResult(true);
|
||||
}
|
||||
|
||||
|
||||
@@ -0,0 +1,143 @@
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Extensions.Logging;
|
||||
using SqlSugar;
|
||||
using Volo.Abp;
|
||||
using Volo.Abp.Application.Dtos;
|
||||
using Volo.Abp.Domain.Repositories;
|
||||
using Yi.Framework.Ddd.Application;
|
||||
using Yi.Framework.Rbac.Application.Contracts.Dtos.Account;
|
||||
using Yi.Framework.Rbac.Domain.Authorization;
|
||||
using Yi.Framework.Rbac.Domain.Managers;
|
||||
using Yi.Framework.SqlSugarCore.Abstractions;
|
||||
|
||||
namespace Yi.Framework.Rbac.Application.Services.Authentication
|
||||
{
|
||||
/// <summary>
|
||||
/// 第三方授权服务
|
||||
/// </summary>
|
||||
public class AuthService : YiCrudAppService<AuthAggregateRoot, AuthOutputDto, Guid, AuthGetListInput>
|
||||
{
|
||||
private HttpContext HttpContext { get; set; }
|
||||
private ILogger<AuthService> _logger;
|
||||
private ISqlSugarRepository<AuthAggregateRoot, Guid> _repository;
|
||||
private IAccountManager _accountManager;
|
||||
public AuthService(IAccountManager accountManager, IHttpContextAccessor httpContextAccessor, ILogger<AuthService> logger, ISqlSugarRepository<AuthAggregateRoot, Guid> repository) : base(repository)
|
||||
{
|
||||
_logger = logger;
|
||||
HttpContext = httpContextAccessor.HttpContext ?? throw new ApplicationException("未注册Http");
|
||||
_repository = repository;
|
||||
_accountManager = accountManager;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 第三方oauth登录
|
||||
/// </summary>
|
||||
/// <param name="scheme"></param>
|
||||
/// <param name="code">code是为了swagger更好的处理和显示</param>
|
||||
/// <returns></returns>
|
||||
/// <exception cref="UserFriendlyException"></exception>
|
||||
[HttpGet("auth/oauth/login/{scheme}")]
|
||||
public async Task<string> AuthOauthLoginAsync([FromRoute] string scheme, [FromQuery] string code)
|
||||
{
|
||||
(var openId, var _) = await GetOpenIdAndNameAsync(scheme);
|
||||
var authEntity = await _repository.GetAsync(x => x.OpenId == openId && x.AuthType == scheme);
|
||||
|
||||
if (authEntity is null)
|
||||
{
|
||||
throw new UserFriendlyException("第三方登录失败,请先注册后,在个人中心进行绑定该第三方后使用");
|
||||
}
|
||||
var accessToken = await _accountManager.GetTokenByUserIdAsync(authEntity.UserId);
|
||||
return accessToken;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 第三方oauth绑定
|
||||
/// </summary>
|
||||
/// <param name="scheme"></param>
|
||||
/// <param name="code">code是为了swagger更好的处理和显示</param>
|
||||
/// <returns></returns>
|
||||
/// <exception cref="UserFriendlyException"></exception>
|
||||
[HttpPost("auth/oauth/bind/{scheme}")]
|
||||
[Authorize]
|
||||
public async Task AuthOauthBindAsync([FromRoute] string scheme, [FromQuery] string code)
|
||||
{
|
||||
(var openId, var name) = await GetOpenIdAndNameAsync(scheme);
|
||||
var userId = CurrentUser.Id;
|
||||
var authEntityAny = await _repository.AnyAsync(x => x.OpenId == openId && x.AuthType == scheme);
|
||||
if (authEntityAny)
|
||||
{
|
||||
throw new UserFriendlyException("绑定失败,该第三方账号已被注册");
|
||||
}
|
||||
var authAggregateRoot = new AuthAggregateRoot(scheme, userId ?? Guid.Empty, openId, name);
|
||||
|
||||
await _repository.InsertAsync(authAggregateRoot);
|
||||
}
|
||||
|
||||
|
||||
private async Task<(string, string)> GetOpenIdAndNameAsync(string scheme)
|
||||
{
|
||||
var authenticateResult = await HttpContext.AuthenticateAsync(scheme);
|
||||
if (!authenticateResult.Succeeded)
|
||||
{
|
||||
throw new UserFriendlyException(authenticateResult.Failure.Message);
|
||||
}
|
||||
var openidClaim = authenticateResult.Principal.Claims.Where(x => x.Type == "urn:openid").FirstOrDefault();
|
||||
var nameClaim = authenticateResult.Principal.Claims.Where(x => x.Type == "urn:name").FirstOrDefault();
|
||||
return (openidClaim.Value, nameClaim.Value);
|
||||
}
|
||||
|
||||
|
||||
/// <summary>
|
||||
/// 获取当前账户的授权信息
|
||||
/// </summary>
|
||||
/// <param name="input"></param>
|
||||
/// <returns></returns>
|
||||
[Authorize]
|
||||
public async Task<IReadOnlyList<AuthOutputDto>> GetListAccountAsync(AuthGetListInput input)
|
||||
{
|
||||
input.UserId = CurrentUser.Id;
|
||||
input.MaxResultCount = LimitedResultRequestDto.MaxMaxResultCount;
|
||||
input.SkipCount = 1;
|
||||
return (await GetListAsync(input)).Items;
|
||||
}
|
||||
|
||||
|
||||
public override async Task<PagedResultDto<AuthOutputDto>> GetListAsync(AuthGetListInput input)
|
||||
{
|
||||
RefAsync<int> total = 0;
|
||||
|
||||
var entities = await _repository._DbQueryable.WhereIF(input.UserId is not null, x => x.UserId == input.UserId)
|
||||
.WhereIF(!string.IsNullOrEmpty(input.AuthType), x => x.AuthType == input.AuthType)
|
||||
.WhereIF(!string.IsNullOrEmpty(input.OpenId), x => x.OpenId == input.OpenId)
|
||||
.WhereIF(input.StartTime is not null && input.EndTime is not null, x => x.CreationTime >= input.StartTime && x.CreationTime <= input.EndTime)
|
||||
.ToPageListAsync(input.SkipCount, input.MaxResultCount, total);
|
||||
return new PagedResultDto<AuthOutputDto>(total, await MapToGetListOutputDtosAsync(entities));
|
||||
}
|
||||
|
||||
[RemoteService(IsEnabled = false)]
|
||||
public override Task<AuthOutputDto> UpdateAsync(Guid id, AuthOutputDto input)
|
||||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 删除第三方授权
|
||||
/// </summary>
|
||||
/// <param name="id"></param>
|
||||
/// <returns></returns>
|
||||
[RemoteService(IsEnabled = true)]
|
||||
public override Task DeleteAsync(IEnumerable<Guid> id)
|
||||
{
|
||||
return base.DeleteAsync(id);
|
||||
}
|
||||
|
||||
[RemoteService(IsEnabled = false)]
|
||||
public override Task<AuthOutputDto> CreateAsync(AuthOutputDto input)
|
||||
{
|
||||
throw new NotImplementedException();
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -11,11 +11,11 @@ namespace Yi.Framework.Rbac.Application.Services
|
||||
/// <summary>
|
||||
/// DictionaryType服务实现
|
||||
/// </summary>
|
||||
public class DictionaryTypeService : YiCrudAppService<DictionaryTypeEntity, DictionaryTypeGetOutputDto, DictionaryTypeGetListOutputDto, Guid, DictionaryTypeGetListInputVo, DictionaryTypeCreateInputVo, DictionaryTypeUpdateInputVo>,
|
||||
public class DictionaryTypeService : YiCrudAppService<DictionaryTypeAggregateRoot, DictionaryTypeGetOutputDto, DictionaryTypeGetListOutputDto, Guid, DictionaryTypeGetListInputVo, DictionaryTypeCreateInputVo, DictionaryTypeUpdateInputVo>,
|
||||
IDictionaryTypeService
|
||||
{
|
||||
private ISqlSugarRepository<DictionaryTypeEntity, Guid> _repository;
|
||||
public DictionaryTypeService(ISqlSugarRepository<DictionaryTypeEntity, Guid> repository) : base(repository)
|
||||
private ISqlSugarRepository<DictionaryTypeAggregateRoot, Guid> _repository;
|
||||
public DictionaryTypeService(ISqlSugarRepository<DictionaryTypeAggregateRoot, Guid> repository) : base(repository)
|
||||
{
|
||||
_repository = repository;
|
||||
}
|
||||
|
||||
@@ -4,7 +4,7 @@ using Volo.Abp.Application.Dtos;
|
||||
using Yi.Framework.Ddd.Application;
|
||||
using Yi.Framework.Rbac.Application.Contracts.Dtos.OperLog;
|
||||
using Yi.Framework.Rbac.Application.Contracts.IServices;
|
||||
using Yi.Framework.Rbac.Domain.Entities;
|
||||
using Yi.Framework.Rbac.Domain.Operlog;
|
||||
using Yi.Framework.SqlSugarCore.Abstractions;
|
||||
|
||||
namespace Yi.Framework.Rbac.Application.Services
|
||||
|
||||
@@ -8,7 +8,7 @@ using Yi.Framework.Rbac.Application.Contracts.IServices;
|
||||
using Yi.Framework.Rbac.Domain.Entities;
|
||||
using Yi.Framework.Rbac.Domain.Repositories;
|
||||
|
||||
namespace Yi.Framework.Rbac.Application.Services
|
||||
namespace Yi.Framework.Rbac.Application.Services.System
|
||||
{
|
||||
/// <summary>
|
||||
/// Dept服务实现
|
||||
@@ -7,7 +7,7 @@ using Yi.Framework.Rbac.Application.Contracts.IServices;
|
||||
using Yi.Framework.Rbac.Domain.Entities;
|
||||
using Yi.Framework.SqlSugarCore.Abstractions;
|
||||
|
||||
namespace Yi.Framework.Rbac.Application.Services
|
||||
namespace Yi.Framework.Rbac.Application.Services.System
|
||||
{
|
||||
/// <summary>
|
||||
/// Menu服务实现
|
||||
@@ -7,7 +7,7 @@ using Yi.Framework.Rbac.Application.Contracts.IServices;
|
||||
using Yi.Framework.Rbac.Domain.Entities;
|
||||
using Yi.Framework.SqlSugarCore.Abstractions;
|
||||
|
||||
namespace Yi.Framework.Rbac.Application.Services
|
||||
namespace Yi.Framework.Rbac.Application.Services.System
|
||||
{
|
||||
/// <summary>
|
||||
/// Post服务实现
|
||||
@@ -14,7 +14,7 @@ using Yi.Framework.Rbac.Domain.Managers;
|
||||
using Yi.Framework.Rbac.Domain.Shared.Enums;
|
||||
using Yi.Framework.SqlSugarCore.Abstractions;
|
||||
|
||||
namespace Yi.Framework.Rbac.Application.Services
|
||||
namespace Yi.Framework.Rbac.Application.Services.System
|
||||
{
|
||||
/// <summary>
|
||||
/// Role服务实现
|
||||
@@ -16,7 +16,7 @@ using Yi.Framework.Rbac.Domain.Shared.Etos;
|
||||
using Yi.Framework.Rbac.Domain.Shared.OperLog;
|
||||
using Yi.Framework.SqlSugarCore.Abstractions;
|
||||
|
||||
namespace Yi.Framework.Rbac.Application.Services
|
||||
namespace Yi.Framework.Rbac.Application.Services.System
|
||||
{
|
||||
/// <summary>
|
||||
/// User服务实现
|
||||
@@ -0,0 +1,47 @@
|
||||
using SqlSugar;
|
||||
using Volo.Abp;
|
||||
using Volo.Abp.Auditing;
|
||||
using Volo.Abp.Data;
|
||||
using Volo.Abp.Domain.Entities;
|
||||
|
||||
namespace Yi.Framework.Rbac.Domain.Authorization
|
||||
{ /// <summary>
|
||||
/// 第三方授权表
|
||||
///</summary>
|
||||
[SugarTable("Auth")]
|
||||
public class AuthAggregateRoot : AggregateRoot<Guid>, ISoftDelete, IHasCreationTime
|
||||
{
|
||||
|
||||
public AuthAggregateRoot() { }
|
||||
|
||||
public AuthAggregateRoot(string authType, Guid userId, string openId)
|
||||
{
|
||||
AuthType = authType;
|
||||
OpenId = openId;
|
||||
UserId = userId;
|
||||
|
||||
}
|
||||
public AuthAggregateRoot(string authType, Guid userId, string openId, string name) : this(authType, userId, openId)
|
||||
{
|
||||
Name = name;
|
||||
}
|
||||
|
||||
|
||||
[SugarColumn(ColumnName = "Id", IsPrimaryKey = true)]
|
||||
public override Guid Id { get; protected set; }
|
||||
public Guid UserId { get; set; }
|
||||
|
||||
public string OpenId { get; set; }
|
||||
|
||||
public string Name { get; set; }
|
||||
|
||||
public string AuthType { get; set; }
|
||||
|
||||
public bool IsDeleted { get; set; }
|
||||
|
||||
[SugarColumn(IsIgnore = true)]
|
||||
public override ExtraPropertyDictionary ExtraProperties { get; protected set; }
|
||||
|
||||
public DateTime CreationTime { get; set; }
|
||||
}
|
||||
}
|
||||
@@ -1,13 +1,14 @@
|
||||
using SqlSugar;
|
||||
using Volo.Abp;
|
||||
using Volo.Abp.Auditing;
|
||||
using Volo.Abp.Data;
|
||||
using Volo.Abp.Domain.Entities;
|
||||
using Yi.Framework.Core.Data;
|
||||
|
||||
namespace Yi.Framework.Rbac.Domain.Entities
|
||||
{
|
||||
[SugarTable("DictionaryType")]
|
||||
public class DictionaryTypeEntity : Entity<Guid>, IAuditedObject, ISoftDelete, IOrderNum
|
||||
public class DictionaryTypeAggregateRoot : AggregateRoot<Guid>, IAuditedObject, ISoftDelete, IOrderNum
|
||||
{
|
||||
/// <summary>
|
||||
/// 主键
|
||||
@@ -55,5 +56,7 @@ namespace Yi.Framework.Rbac.Domain.Entities
|
||||
public Guid? LastModifierId { get; set; }
|
||||
|
||||
public DateTime? LastModificationTime { get; set; }
|
||||
[SugarColumn(IsIgnore = true)]
|
||||
public override ExtraPropertyDictionary ExtraProperties { get; protected set; }
|
||||
}
|
||||
}
|
||||
@@ -1,11 +1,25 @@
|
||||
using Volo.Abp;
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using System.Security.Claims;
|
||||
using System.Text;
|
||||
using Mapster;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Identity;
|
||||
using Microsoft.Extensions.Options;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using TencentCloud.Tdmq.V20200217.Models;
|
||||
using Volo.Abp;
|
||||
using Volo.Abp.Domain.Entities;
|
||||
using Volo.Abp.Domain.Repositories;
|
||||
using Volo.Abp.Domain.Services;
|
||||
using Volo.Abp.EventBus.Local;
|
||||
using Volo.Abp.Security.Claims;
|
||||
using Yi.Framework.Core.Helper;
|
||||
using Yi.Framework.Rbac.Domain.Entities;
|
||||
using Yi.Framework.Rbac.Domain.Repositories;
|
||||
using Yi.Framework.Rbac.Domain.Shared.Consts;
|
||||
using Yi.Framework.Rbac.Domain.Shared.Dtos;
|
||||
using Yi.Framework.Rbac.Domain.Shared.Etos;
|
||||
using Yi.Framework.Rbac.Domain.Shared.Options;
|
||||
using Yi.Framework.SqlSugarCore.Abstractions;
|
||||
|
||||
namespace Yi.Framework.Rbac.Domain.Managers
|
||||
@@ -14,14 +28,88 @@ namespace Yi.Framework.Rbac.Domain.Managers
|
||||
/// <summary>
|
||||
/// 用户领域服务
|
||||
/// </summary>
|
||||
public class AccountManager : DomainService
|
||||
public class AccountManager : DomainService, IAccountManager
|
||||
{
|
||||
private readonly ISqlSugarRepository<UserEntity> _repository;
|
||||
public AccountManager(ISqlSugarRepository<UserEntity> repository)
|
||||
private readonly IUserRepository _repository;
|
||||
private readonly ILocalEventBus _localEventBus;
|
||||
private readonly JwtOptions _jwtOptions;
|
||||
private IHttpContextAccessor _httpContextAccessor;
|
||||
private UserManager _userManager;
|
||||
private ISqlSugarRepository<RoleEntity> _roleRepository;
|
||||
public AccountManager(IUserRepository repository
|
||||
, IHttpContextAccessor httpContextAccessor
|
||||
, IOptions<JwtOptions> jwtOptions
|
||||
, ILocalEventBus localEventBus
|
||||
, UserManager userManager
|
||||
, ISqlSugarRepository<RoleEntity> roleRepository)
|
||||
{
|
||||
_repository = repository;
|
||||
_httpContextAccessor= httpContextAccessor;
|
||||
_jwtOptions = jwtOptions.Value;
|
||||
_localEventBus=localEventBus;
|
||||
_userManager=userManager;
|
||||
_roleRepository=roleRepository;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 根据用户id获取token
|
||||
/// </summary>
|
||||
/// <param name="userId"></param>
|
||||
/// <returns></returns>
|
||||
/// <exception cref="UserFriendlyException"></exception>
|
||||
public async Task<string> GetTokenByUserIdAsync(Guid userId)
|
||||
{
|
||||
//获取用户信息
|
||||
var userInfo = await _repository.GetUserAllInfoAsync(userId);
|
||||
|
||||
//判断用户状态
|
||||
if (userInfo.User.State == false)
|
||||
{
|
||||
throw new UserFriendlyException(UserConst.State_Is_State);
|
||||
}
|
||||
|
||||
if (userInfo.RoleCodes.Count == 0)
|
||||
{
|
||||
throw new UserFriendlyException(UserConst.No_Role);
|
||||
}
|
||||
//这里抛出一个登录的事件
|
||||
if (_httpContextAccessor.HttpContext is not null)
|
||||
{
|
||||
var loginEntity = new LoginLogEntity().GetInfoByHttpContext(_httpContextAccessor.HttpContext);
|
||||
var loginEto = loginEntity.Adapt<LoginEventArgs>();
|
||||
loginEto.UserName = userInfo.User.UserName;
|
||||
loginEto.UserId = userInfo.User.Id;
|
||||
await _localEventBus.PublishAsync(loginEto);
|
||||
}
|
||||
//将用户信息添加到缓存中,需要考虑的是更改了用户、角色、菜单等整个体系都需要将缓存进行刷新,看具体业务进行选择
|
||||
|
||||
var accessToken = CreateToken(this.UserInfoToClaim(userInfo));
|
||||
return accessToken;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// 创建令牌
|
||||
/// </summary>
|
||||
/// <param name="kvs"></param>
|
||||
/// <returns></returns>
|
||||
private string CreateToken(List<KeyValuePair<string, string>> kvs)
|
||||
{
|
||||
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SecurityKey));
|
||||
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
|
||||
var claims = kvs.Select(x => new Claim(x.Key, x.Value.ToString())).ToList();
|
||||
var token = new JwtSecurityToken(
|
||||
issuer: _jwtOptions.Issuer,
|
||||
audience: _jwtOptions.Audience,
|
||||
claims: claims,
|
||||
expires: DateTime.Now.AddSeconds(_jwtOptions.ExpiresMinuteTime),
|
||||
notBefore: DateTime.Now,
|
||||
signingCredentials: creds);
|
||||
string returnToken = new JwtSecurityTokenHandler().WriteToken(token);
|
||||
|
||||
return returnToken;
|
||||
}
|
||||
|
||||
|
||||
/// <summary>
|
||||
/// 登录效验
|
||||
/// </summary>
|
||||
@@ -145,6 +233,31 @@ namespace Yi.Framework.Rbac.Domain.Managers
|
||||
user.BuildPassword();
|
||||
return await _repository.UpdateAsync(user);
|
||||
}
|
||||
|
||||
|
||||
public async Task RegisterAsync(string userName,string password,long phone)
|
||||
{
|
||||
//输入的用户名与电话号码都不能在数据库中存在
|
||||
UserEntity user = new();
|
||||
var isExist = await _repository.IsAnyAsync(x => x.UserName == userName || x.Phone == phone);
|
||||
if (isExist)
|
||||
{
|
||||
throw new UserFriendlyException("用户已存在,注册失败");
|
||||
}
|
||||
|
||||
var newUser = new UserEntity(userName, password, phone);
|
||||
|
||||
var entity = await _repository.InsertReturnEntityAsync(newUser);
|
||||
//赋上一个初始角色
|
||||
var role = await _roleRepository.GetFirstAsync(x => x.RoleCode == UserConst.DefaultRoleCode);
|
||||
if (role is not null)
|
||||
{
|
||||
await _userManager.GiveUserSetRoleAsync(new List<Guid> { entity.Id }, new List<Guid> { role.Id });
|
||||
}
|
||||
|
||||
await _localEventBus.PublishAsync(new UserCreateEventArgs(entity.Id));
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -0,0 +1,19 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Threading.Tasks;
|
||||
using Volo.Abp.Domain.Services;
|
||||
using Yi.Framework.Rbac.Domain.Entities;
|
||||
|
||||
namespace Yi.Framework.Rbac.Domain.Managers
|
||||
{
|
||||
public interface IAccountManager : IDomainService
|
||||
{
|
||||
Task<string> GetTokenByUserIdAsync(Guid userId);
|
||||
Task LoginValidationAsync(string userName, string password, Action<UserEntity> userAction = null);
|
||||
Task RegisterAsync(string userName, string password, long phone);
|
||||
Task<bool> RestPasswordAsync(Guid userId, string password);
|
||||
Task UpdatePasswordAsync(Guid userId, string newPassword, string oldPassword);
|
||||
}
|
||||
}
|
||||
@@ -7,9 +7,9 @@ namespace Yi.Framework.Rbac.Domain.Managers
|
||||
{
|
||||
public class UserManager : DomainService
|
||||
{
|
||||
private readonly ISqlSugarRepository<UserEntity> _repository;
|
||||
private readonly ISqlSugarRepository<UserRoleEntity> _repositoryUserRole;
|
||||
private readonly ISqlSugarRepository<UserPostEntity> _repositoryUserPost;
|
||||
public readonly ISqlSugarRepository<UserEntity> _repository;
|
||||
public readonly ISqlSugarRepository<UserRoleEntity> _repositoryUserRole;
|
||||
public readonly ISqlSugarRepository<UserPostEntity> _repositoryUserPost;
|
||||
|
||||
private readonly IGuidGenerator _guidGenerator;
|
||||
public UserManager(ISqlSugarRepository<UserEntity> repository, ISqlSugarRepository<UserRoleEntity> repositoryUserRole, ISqlSugarRepository<UserPostEntity> repositoryUserPost, IGuidGenerator guidGenerator) =>
|
||||
|
||||
@@ -8,7 +8,6 @@ using Volo.Abp.Domain.Repositories;
|
||||
using Volo.Abp.Users;
|
||||
using Yi.Framework.Core.Extensions;
|
||||
using Yi.Framework.Core.Helper;
|
||||
using Yi.Framework.Rbac.Domain.Entities;
|
||||
using Yi.Framework.Rbac.Domain.Shared.OperLog;
|
||||
|
||||
namespace Yi.Framework.Rbac.Domain.Operlog
|
||||
|
||||
@@ -3,7 +3,7 @@ using Volo.Abp.Auditing;
|
||||
using Volo.Abp.Domain.Entities;
|
||||
using Yi.Framework.Rbac.Domain.Shared.OperLog;
|
||||
|
||||
namespace Yi.Framework.Rbac.Domain.Entities
|
||||
namespace Yi.Framework.Rbac.Domain.Operlog
|
||||
{
|
||||
/// <summary>
|
||||
/// 操作日志表
|
||||
@@ -8,8 +8,8 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
|
||||
{
|
||||
public class DictionaryTypeDataSeed : IDataSeedContributor, ITransientDependency
|
||||
{
|
||||
private ISqlSugarRepository<DictionaryTypeEntity> _repository;
|
||||
public DictionaryTypeDataSeed(ISqlSugarRepository<DictionaryTypeEntity> repository)
|
||||
private ISqlSugarRepository<DictionaryTypeAggregateRoot> _repository;
|
||||
public DictionaryTypeDataSeed(ISqlSugarRepository<DictionaryTypeAggregateRoot> repository)
|
||||
{
|
||||
_repository = repository;
|
||||
}
|
||||
@@ -20,10 +20,10 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
|
||||
await _repository.InsertManyAsync(GetSeedData());
|
||||
}
|
||||
}
|
||||
public List<DictionaryTypeEntity> GetSeedData()
|
||||
public List<DictionaryTypeAggregateRoot> GetSeedData()
|
||||
{
|
||||
List<DictionaryTypeEntity> entities = new List<DictionaryTypeEntity>();
|
||||
DictionaryTypeEntity dict1 = new DictionaryTypeEntity()
|
||||
List<DictionaryTypeAggregateRoot> entities = new List<DictionaryTypeAggregateRoot>();
|
||||
DictionaryTypeAggregateRoot dict1 = new DictionaryTypeAggregateRoot()
|
||||
{
|
||||
|
||||
DictName = "用户性别",
|
||||
@@ -35,7 +35,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
|
||||
};
|
||||
entities.Add(dict1);
|
||||
|
||||
DictionaryTypeEntity dict2 = new DictionaryTypeEntity()
|
||||
DictionaryTypeAggregateRoot dict2 = new DictionaryTypeAggregateRoot()
|
||||
{
|
||||
|
||||
DictName = "菜单状态",
|
||||
@@ -47,7 +47,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
|
||||
};
|
||||
entities.Add(dict2);
|
||||
|
||||
DictionaryTypeEntity dict3 = new DictionaryTypeEntity()
|
||||
DictionaryTypeAggregateRoot dict3 = new DictionaryTypeAggregateRoot()
|
||||
{
|
||||
|
||||
DictName = "系统开关",
|
||||
@@ -59,7 +59,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
|
||||
};
|
||||
entities.Add(dict3);
|
||||
|
||||
DictionaryTypeEntity dict4 = new DictionaryTypeEntity()
|
||||
DictionaryTypeAggregateRoot dict4 = new DictionaryTypeAggregateRoot()
|
||||
{
|
||||
|
||||
DictName = "任务状态",
|
||||
@@ -71,7 +71,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
|
||||
};
|
||||
entities.Add(dict4);
|
||||
|
||||
DictionaryTypeEntity dict5 = new DictionaryTypeEntity()
|
||||
DictionaryTypeAggregateRoot dict5 = new DictionaryTypeAggregateRoot()
|
||||
{
|
||||
|
||||
DictName = "任务分组",
|
||||
@@ -83,7 +83,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
|
||||
};
|
||||
entities.Add(dict5);
|
||||
|
||||
DictionaryTypeEntity dict6 = new DictionaryTypeEntity()
|
||||
DictionaryTypeAggregateRoot dict6 = new DictionaryTypeAggregateRoot()
|
||||
{
|
||||
|
||||
DictName = "系统是否",
|
||||
@@ -95,7 +95,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
|
||||
};
|
||||
entities.Add(dict6);
|
||||
|
||||
DictionaryTypeEntity dict7 = new DictionaryTypeEntity()
|
||||
DictionaryTypeAggregateRoot dict7 = new DictionaryTypeAggregateRoot()
|
||||
{
|
||||
|
||||
DictName = "通知类型",
|
||||
@@ -106,7 +106,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
|
||||
State = true
|
||||
};
|
||||
entities.Add(dict7);
|
||||
DictionaryTypeEntity dict8 = new DictionaryTypeEntity()
|
||||
DictionaryTypeAggregateRoot dict8 = new DictionaryTypeAggregateRoot()
|
||||
{
|
||||
|
||||
DictName = "通知状态",
|
||||
@@ -118,7 +118,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
|
||||
};
|
||||
entities.Add(dict8);
|
||||
|
||||
DictionaryTypeEntity dict9 = new DictionaryTypeEntity()
|
||||
DictionaryTypeAggregateRoot dict9 = new DictionaryTypeAggregateRoot()
|
||||
{
|
||||
|
||||
DictName = "操作类型",
|
||||
@@ -131,7 +131,7 @@ namespace Yi.Framework.Rbac.SqlSugarCore.DataSeeds
|
||||
entities.Add(dict9);
|
||||
|
||||
|
||||
DictionaryTypeEntity dict10 = new DictionaryTypeEntity()
|
||||
DictionaryTypeAggregateRoot dict10 = new DictionaryTypeAggregateRoot()
|
||||
{
|
||||
|
||||
DictName = "系统状态",
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
</ItemGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<ProjectReference Include="..\..\framework\Yi.Framework.AspNetCore.Authentication.OAuth\Yi.Framework.AspNetCore.Authentication.OAuth.csproj" />
|
||||
<ProjectReference Include="..\..\framework\Yi.Framework.AspNetCore\Yi.Framework.AspNetCore.csproj" />
|
||||
<ProjectReference Include="..\Yi.Abp.Application\Yi.Abp.Application.csproj" />
|
||||
<ProjectReference Include="..\Yi.Abp.SqlSugarCore\Yi.Abp.SqlSugarCore.csproj" />
|
||||
|
||||
@@ -17,6 +17,9 @@ using Volo.Abp.Swashbuckle;
|
||||
using Yi.Abp.Application;
|
||||
using Yi.Abp.SqlsugarCore;
|
||||
using Yi.Framework.AspNetCore;
|
||||
using Yi.Framework.AspNetCore.Authentication.OAuth;
|
||||
using Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
|
||||
using Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
|
||||
using Yi.Framework.AspNetCore.Microsoft.AspNetCore.Builder;
|
||||
using Yi.Framework.AspNetCore.Microsoft.Extensions.DependencyInjection;
|
||||
using Yi.Framework.Bbs.Application;
|
||||
@@ -29,13 +32,15 @@ namespace Yi.Abp.Web
|
||||
typeof(YiAbpSqlSugarCoreModule),
|
||||
typeof(YiAbpApplicationModule),
|
||||
|
||||
|
||||
typeof(AbpAspNetCoreMvcModule),
|
||||
typeof(AbpAutofacModule),
|
||||
typeof(AbpSwashbuckleModule),
|
||||
typeof(AbpAspNetCoreSerilogModule),
|
||||
typeof(AbpAuditingModule),
|
||||
typeof(AbpAspNetCoreAuthenticationJwtBearerModule),
|
||||
typeof(YiFrameworkAspNetCoreModule)
|
||||
typeof(YiFrameworkAspNetCoreModule),
|
||||
typeof(YiFrameworkAspNetCoreAuthenticationOAuthModule)
|
||||
|
||||
)]
|
||||
public class YiAbpWebModule : AbpModule
|
||||
@@ -100,6 +105,7 @@ namespace Yi.Abp.Web
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
//jwt鉴权
|
||||
var jwtOptions = configuration.GetSection(nameof(JwtOptions)).Get<JwtOptions>();
|
||||
context.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
|
||||
@@ -129,6 +135,14 @@ namespace Yi.Abp.Web
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
};
|
||||
})
|
||||
.AddQQ(options =>
|
||||
{
|
||||
configuration.GetSection("OAuth:QQ").Bind(options);
|
||||
})
|
||||
.AddGitee(options =>
|
||||
{
|
||||
configuration.GetSection("OAuth:Gitee").Bind(options);
|
||||
});
|
||||
|
||||
//授权
|
||||
@@ -136,6 +150,7 @@ namespace Yi.Abp.Web
|
||||
return Task.CompletedTask;
|
||||
}
|
||||
|
||||
|
||||
public override Task OnApplicationInitializationAsync(ApplicationInitializationContext context)
|
||||
{
|
||||
var service = context.ServiceProvider;
|
||||
|
||||
@@ -38,6 +38,22 @@
|
||||
"ExpiresMinuteTime": 86400
|
||||
},
|
||||
|
||||
//第三方登录
|
||||
"OAuth": {
|
||||
//QQ
|
||||
"QQ": {
|
||||
"ClientId": "",
|
||||
"ClientSecret": "",
|
||||
"RedirectUri": ""
|
||||
},
|
||||
//码云
|
||||
"Gitee": {
|
||||
"ClientId": "",
|
||||
"ClientSecret": "",
|
||||
"RedirectUri": ""
|
||||
}
|
||||
},
|
||||
|
||||
//Rbac模块
|
||||
"RbacOptions": {
|
||||
//超级管理员种子数据默认密码
|
||||
|
||||
Reference in New Issue
Block a user