public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model)
{
var externalUser = await GetExternalUserInfo(model);
var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
{
var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
return(new ExternalAuthenticateResultModel
{
AccessToken = accessToken,
EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
});
}
case AbpLoginResultType.UnknownExternalLogin:
{
var newUser = await RegisterExternalUserAsync(externalUser);
if (!newUser.IsActive)
{
return(new ExternalAuthenticateResultModel
{
WaitingForActivation = true
});
}
// Try to login again with newly registered user!
loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
if (loginResult.Result != AbpLoginResultType.Success)
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
model.ProviderKey,
GetTenancyNameOrNull()
);
}
return(new ExternalAuthenticateResultModel
{
AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)),
ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
});
}
default:
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
model.ProviderKey,
GetTenancyNameOrNull()
);
}
}
}
private async Task<AbpLoginResult<Tenant, User>> GetLoginResultAsync(string usernameOrEmailAddress, string password, string tenancyName)
{
var loginResult = await _logInManager.LoginAsync(usernameOrEmailAddress, password, tenancyName);
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
return loginResult;
default:
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, usernameOrEmailAddress, tenancyName);
}
}
private async Task <AbpLoginResult <Tenant, User> > GetLoginResultGoogleAsync(string token, string tenancyName, string secretCode)
{
var loginResult = await _logInManager.LoginAsyncNoPass(token, secretCode, tenancyName, false);
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
return(loginResult);
default:
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, null, tenancyName);
}
}
private async Task <AbpLoginResult <Tenant, User> > GetLoginResultAsync(string usernameOrEmailAddress, string password, string tenancyName)
{
var loginResult = await _logInManager.LoginAsync(usernameOrEmailAddress, password, tenancyName);
if (loginResult.Result == AbpLoginResultType.UserIsNotActive)
{
var user = _userRepository.FirstOrDefault(w => w.UserName == usernameOrEmailAddress);
if (user != null)
{
if (string.IsNullOrWhiteSpace(user.EmailConfirmationCode))
{
throw new UserFriendlyException(L("LoginFailed"), L("UserIsLocked"));
}
else
{
throw new UserFriendlyException(L("LoginFailed"), L("UserIsNotActive"));
}
}
}
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
return(loginResult);
default:
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, usernameOrEmailAddress, tenancyName);
}
}
private async Task <AbpLoginResult <Tenant, User> > GetLoginResultAsync(string usernameOrEmailAddress, string password, string tenancyName)
{
var loginResult = await _logInManager.LoginAsync(usernameOrEmailAddress, password, tenancyName);
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
if (!loginResult.User.IsEmailConfirmed)
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(AbpLoginResultType.UserEmailIsNotConfirmed, usernameOrEmailAddress, tenancyName);
}
if (!loginResult.User.IsActive)
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(AbpLoginResultType.UserIsNotActive, usernameOrEmailAddress, tenancyName);
}
return(loginResult);
default:
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, usernameOrEmailAddress, tenancyName);
}
}
private async Task <AbpUserManager <Tenant, Role, User> .AbpLoginResult> GetLoginResultAsync(string usernameOrEmailAddress, string password, string tenancyName)
{
var loginResult = await _userManager.LoginAsync(usernameOrEmailAddress, password, tenancyName);
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
return(loginResult);
case AbpLoginResultType.InvalidUserNameOrEmailAddress:
//Response.Redirect(Url.Action("Login", "Account",new { errorMessage= "用户名密码错误" }));
return(null);
case AbpLoginResultType.InvalidPassword:
return(null);
default:
//return loginResult;
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, usernameOrEmailAddress, tenancyName);
}
}
private async Task <AbpLoginResult <Tenant, User> > GetLoginResultAsync(string username, string password, string tenancyName)
{
var u = await _userManager.GetUserByStudentNumber(username);
var loginResult = await _logInManager.LoginAsync(u.UserName, password, tenancyName);
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
return(loginResult);
default:
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, username, tenancyName);
}
}
public async Task <AuthenticateResultModel> Authenticate([FromBody] AuthenticateModel model)
{
var loginResult = await GetLoginResultAsync(
model.UserNameOrEmailAddress,
model.Password,
GetTenancyNameOrNull()
);
AuthenticateResultModel ret = null;
if (loginResult.Result == AbpLoginResultType.Success)
{
var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
ret = new AuthenticateResultModel
{
exception = null,
AccessToken = accessToken,
EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds,
UserId = loginResult.User.Id
};
}
else
{
ret = new AuthenticateResultModel
{
exception = _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, model.UserNameOrEmailAddress, GetTenancyNameOrNull()),
AccessToken = null,
EncryptedAccessToken = null,
ExpireInSeconds = 0,
UserId = 0
};
}
return(ret);
}
public async Task ValidateAsync(ExtensionGrantValidationContext context)
{
var code = context.Request.Raw.Get("code");
var auth = context.Request.Raw.Get("auth");
ExternalAuthenticateModel model = new ExternalAuthenticateModel()
{
AuthProvider = auth,
ProviderAccessCode = code
};
var externalUser = await GetUserInfo(model);//await GetExternalUserInfo(model);
//var loginResult = await _logInManager.LoginAsync(
// new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider),
// GetTenancyNameOrNull());
var loginResult = await _logInManager.LoginAsync(
new UserLoginInfo(externalUser.Provider, externalUser.ProviderKey, externalUser.Provider),
GetTenancyNameOrNull());
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
{
context.Result = new GrantValidationResult(
subject: loginResult.Identity.Claims.First(c => c.Type == JwtRegisteredClaimNames.Sub).Value,
authenticationMethod: "passwrod",
claims: await CreateJwtClaims(loginResult)
);
break;
}
case AbpLoginResultType.UnknownExternalLogin:
{
context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "未绑定");
break;
}
default:
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
externalUser.ProviderKey,
GetTenancyNameOrNull()
);
}
}
}
public async Task <IActionResult> Bind(WechatBindInput input)
{
var openId = HttpContext.Session.GetString("WechatOpenId");
if (string.IsNullOrEmpty(openId))
{
return(Content("请从微信中访问"));
}
if (UseCaptchaOnRegistration())
{
RecaptchaValidator.Validate(input.Captcha);
}
var tenancyName = GetTenancyNameOrNull();
var loginResult = await LogInManager.LoginAsync(input.UserNameOrEmail, input.Password, tenancyName);
if (loginResult.Result != AbpLoginResultType.Success)
{
var exception =
AbpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result,
input.UserNameOrEmail, tenancyName);
ViewData["Error"] = exception.Message;
return(View(input));
}
// 绑定
await _wechatService.BindAsync(new WechtLoginInput
{
UserId = loginResult.User.Id,
TenantId = loginResult.Tenant.Id,
ProviderKey = openId
});
await _signInManager.SignInAsync(loginResult.User, true);
if (AbpUrlHelper.IsLocalUrl(Request, input.ReturnUrl))
{
return(Redirect(input.ReturnUrl));
}
return(Redirect("/"));
}
public virtual async Task <ActionResult> ExternalLoginCallback(string returnUrl, string remoteError = null)
{
returnUrl = NormalizeReturnUrl(returnUrl);
if (remoteError != null)
{
Logger.Error("Remote Error in ExternalLoginCallback: " + remoteError);
throw new UserFriendlyException(L("CouldNotCompleteLoginOperation"));
}
var externalLoginInfo = await _signInManager.GetExternalLoginInfoAsync();
if (externalLoginInfo == null)
{
Logger.Warn("Could not get information from external login.");
return(RedirectToAction(nameof(Login)));
}
await _signInManager.SignOutAsync();
var tenancyName = GetTenancyNameOrNull();
var loginResult = await _logInManager.LoginAsync(externalLoginInfo, tenancyName);
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
await _signInManager.SignInAsync(loginResult.Identity, false);
return(Redirect(returnUrl));
case AbpLoginResultType.UnknownExternalLogin:
return(await RegisterForExternalLogin(externalLoginInfo));
default:
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
externalLoginInfo.Principal.FindFirstValue(ClaimTypes.Email) ?? externalLoginInfo.ProviderKey,
tenancyName
);
}
}
public async Task LinkToUser(LinkToUserInput input)
{
var loginResult = await _logInManager.LoginAsync(input.UsernameOrEmailAddress, input.Password, input.TenancyName);
if (loginResult.Result != AbpLoginResultType.Success)
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, input.UsernameOrEmailAddress, input.TenancyName);
}
if (AbpSession.IsUser(loginResult.User))
{
throw new UserFriendlyException(L("YouCannotLinkToSameAccount"));
}
if (loginResult.User.ShouldChangePasswordOnNextLogin)
{
throw new UserFriendlyException(L("ChangePasswordBeforeLinkToAnAccount"));
}
await _userLinkManager.Link(GetCurrentUser(), loginResult.User);
}
public async Task LinkToUser(LinkToUserInput input)
{
using (UnitOfWorkManager.Current.DisableFilter(AbpDataFilters.MayHaveTenant))
{
var loginResult = await UserManager.LoginAsync(input.UsernameOrEmailAddress, input.Password, input.TenancyName);
if (loginResult.Result != AbpLoginResultType.Success)
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(loginResult.Result, input.UsernameOrEmailAddress, input.TenancyName);
}
if (loginResult.User.Id == AbpSession.GetUserId())
{
throw new UserFriendlyException(L("YouCannotLinkToSameAccount"));
}
if (loginResult.User.ShouldChangePasswordOnNextLogin)
{
throw new UserFriendlyException(L("ChangePasswordBeforeLinkToAnAccount"));
}
await _userLinkManager.Link(AbpSession.GetUserId(), loginResult.User.Id);
}
}
public async Task <ExternalAuthenticateResultModel> WeChartMiniProgramLoginAsync()
{
//从第三方登录拿到当前用户(包含openId、sessionKey)
var t = await base.HttpContext.AuthenticateAsync(MiniProgramConsts.AuthenticationScheme);//间接使用第三方身份验证方案获取信息
//拿到openId
var openid = t.Principal.Claims.Single(c => c.Type == ClaimTypes.NameIdentifier).Value;
var tenancyName = GetTenancyNameOrNull();
//尝试做第三发登录(内部通过openid找到本地账号做登录),
var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(MiniProgramConsts.AuthenticationScheme, openid, MiniProgramConsts.AuthenticationSchemeDisplayName), tenancyName);
//根据登录结果,若成功则直接返回jwtToken 或者自动注册后返回
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
{
//更新微信用户信息
foreach (var item in t.Principal.Claims)
{
await userManager.ReplaceClaimAsync(loginResult.User, new Claim(item.Type, ""), item);
}
//返回jwtToken
var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
return(new ExternalAuthenticateResultModel
{
AccessToken = accessToken,
EncryptedAccessToken = GetEncryptedAccessToken(accessToken),
ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
});
}
case AbpLoginResultType.UnknownExternalLogin:
{
//若未找到关联的本地账号则自动注册,再返回jwtToken
var newUser = await RegisterExternalUserAsync(new ExternalAuthUserInfo
{
Provider = MiniProgramConsts.AuthenticationScheme,
ProviderKey = openid,
Name = t.Principal.Claims.SingleOrDefault(c => c.Type == "nickName")?.Value,
EmailAddress = Guid.NewGuid().ToString("N") + "@mp.com",
Surname = "a"
});
if (!newUser.IsActive)
{
return(new ExternalAuthenticateResultModel
{
WaitingForActivation = true
});
}
// Try to login again with newly registered user!
loginResult = await _logInManager.LoginAsync(new UserLoginInfo(MiniProgramConsts.AuthenticationScheme, openid, MiniProgramConsts.AuthenticationSchemeDisplayName), tenancyName);
if (loginResult.Result != AbpLoginResultType.Success)
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
openid,
tenancyName
);
}
//保存微信用户信息(排出openid,因为它存储在userlogins里)
await userManager.AddClaimsAsync(loginResult.User, t.Principal.Claims.Where(c => c.Type != ClaimTypes.NameIdentifier));
return(new ExternalAuthenticateResultModel
{
AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)),
ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
});
}
default:
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
openid,
tenancyName
);
}
}
}
public async Task <ExternalAuthenticateResultModel> WeChatAuthenticate([FromBody] ExternalAuthenticateModel model)
{
var externalUser = await GetExternalUserInfo(model);
//Logger.Info($"用户模型:{Newtonsoft.Json.JsonConvert.SerializeObject(externalUser)}");
//Logger.Debug(Newtonsoft.Json.JsonConvert.SerializeObject(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider) ) + GetTenancyNameOrNull());
var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
//Logger.Debug(loginResult.Result.ToString());
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
{
var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
return(new ExternalAuthenticateResultModel
{
AccessToken = accessToken,
EncryptedAccessToken = GetEncryptedAccessToken(accessToken),
ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
});
}
case AbpLoginResultType.UnknownExternalLogin:
{
var newUser = await RegisterExternalUserAsync(externalUser);
if (!newUser.IsActive)
{
return(new ExternalAuthenticateResultModel
{
WaitingForActivation = true
});
}
loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
if (loginResult.Result != AbpLoginResultType.Success)
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
model.ProviderKey,
GetTenancyNameOrNull()
);
}
var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
return(new ExternalAuthenticateResultModel
{
AccessToken = accessToken,
EncryptedAccessToken = GetEncryptedAccessToken(accessToken),
ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
});
}
default:
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
model.ProviderKey,
GetTenancyNameOrNull()
);
}
}
}
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate(
[FromBody] ExternalAuthenticateModel model)
{
var externalUser = await GetExternalUserInfo(model);
var loginResult = await _logInManager.LoginAsync(
new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
{
var refreshToken = CreateRefreshToken(await CreateJwtClaims(loginResult.Identity, loginResult.User,
tokenType: TokenType.RefreshToken));
var accessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User,
refreshTokenKey: refreshToken.key));
var returnUrl = model.ReturnUrl;
if (model.SingleSignIn.HasValue && model.SingleSignIn.Value &&
loginResult.Result == AbpLoginResultType.Success)
{
loginResult.User.SetSignInToken();
returnUrl = AddSingleSignInParametersToReturnUrl(model.ReturnUrl, loginResult.User.SignInToken,
loginResult.User.Id, loginResult.User.TenantId);
}
return(new ExternalAuthenticateResultModel
{
AccessToken = accessToken,
EncryptedAccessToken = GetEncryptedAccessToken(accessToken),
ExpireInSeconds = (int)_configuration.AccessTokenExpiration.TotalSeconds,
ReturnUrl = returnUrl,
RefreshToken = refreshToken.token,
RefreshTokenExpireInSeconds = (int)_configuration.RefreshTokenExpiration.TotalSeconds
});
}
case AbpLoginResultType.UnknownExternalLogin:
{
var newUser = await RegisterExternalUserAsync(externalUser);
if (!newUser.IsActive)
{
return(new ExternalAuthenticateResultModel
{
WaitingForActivation = true
});
}
//Try to login again with newly registered user!
loginResult = await _logInManager.LoginAsync(
new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider),
GetTenancyNameOrNull()
);
if (loginResult.Result != AbpLoginResultType.Success)
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
model.ProviderKey,
GetTenancyNameOrNull()
);
}
var refreshToken = CreateRefreshToken(await CreateJwtClaims(loginResult.Identity,
loginResult.User, tokenType: TokenType.RefreshToken)
);
var accessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity,
loginResult.User, refreshTokenKey: refreshToken.key));
return(new ExternalAuthenticateResultModel
{
AccessToken = accessToken,
EncryptedAccessToken = GetEncryptedAccessToken(accessToken),
ExpireInSeconds = (int)_configuration.AccessTokenExpiration.TotalSeconds,
RefreshToken = refreshToken.token,
RefreshTokenExpireInSeconds = (int)_configuration.RefreshTokenExpiration.TotalSeconds
});
}
default:
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
model.ProviderKey,
GetTenancyNameOrNull()
);
}
}
}
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model)
{
Logger.Debug($"ExternalAuthenticate:{model.ToJsonString()}");
if (model.AuthProvider == "WechatH5")
{
var decryptText = SimpleStringCipher.Instance.Decrypt(model.ProviderAccessCode, AppConsts.DefaultPassPhrase);
var arr = decryptText.Split('|');
var expiredCode = DateTime.Now.AddMinutes(-1);
if (arr.Length > 1)
{
DateTime.TryParse(arr[1], out expiredCode);
}
if (expiredCode < DateTime.Now)
{
throw new AbpProjectNameBusinessException(ErrorCode.Forbidden);
}
model.ProviderAccessCode = arr[0];
}
var externalUser = await GetExternalUserInfo(model);
var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
{
var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
//登陆成功时更新sessionkey
if (externalUser is WechatMiniAuthUserInfo)
{
var userInfo = externalUser as WechatMiniAuthUserInfo;
EventBus.Trigger(new WechatLoginSuccessEventData
{
SessionKey = userInfo.SessionKey,
UserId = loginResult.User.Id
});
}
return(new ExternalAuthenticateResultModel
{
AccessToken = accessToken,
EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
});
}
case AbpLoginResultType.UnknownExternalLogin:
{
var newUser = await RegisterExternalUserAsync(externalUser);
if (!newUser.IsActive)
{
return(new ExternalAuthenticateResultModel
{
WaitingForActivation = true
});
}
// Try to login again with newly registered user!
loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
if (loginResult.Result != AbpLoginResultType.Success)
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
externalUser.ProviderKey,
GetTenancyNameOrNull()
);
}
return(new ExternalAuthenticateResultModel
{
AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)),
ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
});
}
default:
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
externalUser.ProviderKey,
GetTenancyNameOrNull()
);
}
}
}
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model)
{
var externalUser = await GetExternalUserInfo(model);
// 判断是否有这个Key
var tenancyName = GetTenancyNameOrNull();
var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), tenancyName);
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
{
var accessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User));
return(new ExternalAuthenticateResultModel
{
AccessToken = accessToken,
EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds,
UserId = loginResult.User.Id
});
}
case AbpLoginResultType.UnknownExternalLogin:
case AbpLoginResultType.UserIsNotActive:
if (loginResult.User == null)
{
// 该第三方key未绑定用户表信息
return(new ExternalAuthenticateResultModel
{
ProviderKey = model.ProviderKey,
WaitingForActivation = false,
UserId = 0
});
}
else
{
// 找到该用户,但是处于锁定状态
return(new ExternalAuthenticateResultModel
{
ProviderKey = model.ProviderKey,
WaitingForActivation = true,
UserId = (await _userManager.GetUserByEmail(externalUser.EmailAddress)).Id
});
}
default:
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
model.ProviderKey,
GetTenancyNameOrNull()
);
}
#region 旧版本
//switch (loginResult.Result)
//{
// case AbpLoginResultType.Success:
// {
// string accessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User));
// return new ExternalAuthenticateResultModel
// {
// AccessToken = accessToken,
// EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
// ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds,
// UserId = loginResult.User.Id
// };
// }
// case AbpLoginResultType.UnknownExternalLogin:
// {
// //注册新用户到数据库中
// User newUser = await RegisterExternalUserAsync(externalUser);
// if (!newUser.IsActive)
// {
// return new ExternalAuthenticateResultModel
// {
// WaitingForActivation = true,
// UserId = newUser.Id,
// ProviderKey = externalUser.ProviderKey,
// };
// }
// // Try to login again with newly registered user!
// loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
// if (loginResult.Result != AbpLoginResultType.Success)
// {
// throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
// loginResult.Result,
// model.ProviderKey,
// GetTenancyNameOrNull()
// );
// }
// return new ExternalAuthenticateResultModel
// {
// AccessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User)),
// ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
// };
// }
// case AbpLoginResultType.UserIsNotActive:
// {
// // 需要进行账号绑定激活
// return new ExternalAuthenticateResultModel
// {
// WaitingForActivation = true,
// UserId = (await _userManager.GetUserByEmail(externalUser.EmailAddress)).Id
// };
// }
// default:
// {
// throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
// loginResult.Result,
// model.ProviderKey,
// GetTenancyNameOrNull()
// );
// }
// }
#endregion
}
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model)
{
try
{
var externalUser = await GetExternalUserInfo(model);
var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
switch (loginResult.Result)
{
case AbpLoginResultType.Success:
{
//var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
var identityServerToken = await _identityServerTokenGeneratorFacade.GetIdentityServerTokenForUserAsync(loginResult.User);
var returnUrl = model.ReturnUrl;
if (model.SingleSignIn.HasValue && model.SingleSignIn.Value && loginResult.Result == AbpLoginResultType.Success)
{
loginResult.User.SetSignInToken();
returnUrl = AddSingleSignInParametersToReturnUrl(model.ReturnUrl, loginResult.User.SignInToken, loginResult.User.Id, loginResult.User.TenantId);
}
return(new ExternalAuthenticateResultModel
{
AccessToken = identityServerToken.AccessToken,
EncryptedAccessToken = GetEncrpyedAccessToken(identityServerToken.AccessToken),
RefreshToken = identityServerToken.RefreshToken,
ExpireInSeconds = identityServerToken.Token.Lifetime,
ReturnUrl = returnUrl
});
}
case AbpLoginResultType.UnknownExternalLogin:
{
var newUser = await RegisterExternalUserAsync(externalUser);
if (!newUser.IsActive)
{
return(new ExternalAuthenticateResultModel
{
WaitingForActivation = true
});
}
//Try to login again with newly registered user!
loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
if (loginResult.Result != AbpLoginResultType.Success)
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
model.ProviderKey,
GetTenancyNameOrNull()
);
}
//var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
var identityServerToken = await _identityServerTokenGeneratorFacade.GetIdentityServerTokenForUserAsync(loginResult.User);
return(new ExternalAuthenticateResultModel
{
AccessToken = identityServerToken.AccessToken,
EncryptedAccessToken = GetEncrpyedAccessToken(identityServerToken.AccessToken),
RefreshToken = identityServerToken.RefreshToken,
ExpireInSeconds = identityServerToken.Token.Lifetime
});
}
default:
{
throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
loginResult.Result,
model.ProviderKey,
GetTenancyNameOrNull()
);
}
}
}
catch (Exception e)
{
Debug.WriteLine(e);
throw;
}
}
