/// <summary>
/// 获取用户信息
/// </summary>
/// <param name="accessCode">访问代码</param>
/// <returns></returns>
public override async Task <ExternalLoginUserInfo> GetUserInfo(string accessCode)
{
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.UserAgent.ParseAdd("Microsoft ASP.NET Core OAuth middleware");
client.DefaultRequestHeaders.Accept.ParseAdd("application/json");
client.Timeout = TimeSpan.FromSeconds(30);
client.MaxResponseContentBufferSize = 1024 * 1024 * 10; // 10 MB
var request = new HttpRequestMessage(HttpMethod.Get, GoogleDefaults.UserInformationEndpoint);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessCode);
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
return(new ExternalLoginUserInfo
{
Name = GoogleHelper.GetName(payload),
EmailAddress = GoogleHelper.GetEmail(payload),
Surname = GoogleHelper.GetFamilyName(payload),
LoginInfo = new UserLoginInfo(Name, GoogleHelper.GetId(payload))
});
}
}
internal static Task OnCreatingTicket(OAuthCreatingTicketContext context)
{
if (context.Principal != null)
{
Helpers.ThrowIfConditionFailed(() => context.AccessToken == "ValidAccessToken", "Access token is not valid");
Helpers.ThrowIfConditionFailed(() => context.RefreshToken == "ValidRefreshToken", "Refresh token is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleHelper.GetEmail(context.User) == "*****@*****.**", "Email is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleHelper.GetId(context.User) == "106790274378320830963", "Id is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleHelper.GetFamilyName(context.User) == "AspnetvnextTest", "FamilyName is not valid");
Helpers.ThrowIfConditionFailed(() => GoogleHelper.GetName(context.User) == "AspnetvnextTest AspnetvnextTest", "Name is not valid");
Helpers.ThrowIfConditionFailed(() => context.ExpiresIn.Value == TimeSpan.FromSeconds(1200), "ExpiresIn is not valid");
Helpers.ThrowIfConditionFailed(() => context.User != null, "User object is not valid");
context.Principal.Identities.First().AddClaim(new Claim("ManageStore", "false"));
}
return(Task.FromResult(0));
}
protected override async Task <AuthenticationTicket> CreateTicketAsync(
ClaimsIdentity identity,
AuthenticationProperties properties,
OAuthTokenResponse tokens)
{
log.LogDebug("CreateTicketAsync called tokens.AccessToken was " + tokens.AccessToken);
// Get the Google user
var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
var response = await Backchannel.SendAsync(request, Context.RequestAborted);
//string r = await response.Content.ReadAsStringAsync();
//log.LogInformation(r);
response.EnsureSuccessStatusCode();
var payload = JObject.Parse(await response.Content.ReadAsStringAsync());
var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload)
{
Properties = properties,
Principal = new ClaimsPrincipal(identity)
};
var identifier = GoogleHelper.GetId(payload);
if (!string.IsNullOrEmpty(identifier))
{
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var givenName = GoogleHelper.GetGivenName(payload);
if (!string.IsNullOrEmpty(givenName))
{
identity.AddClaim(new Claim(ClaimTypes.GivenName, givenName, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var familyName = GoogleHelper.GetFamilyName(payload);
if (!string.IsNullOrEmpty(familyName))
{
identity.AddClaim(new Claim(ClaimTypes.Surname, familyName, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var name = GoogleHelper.GetName(payload);
if (!string.IsNullOrEmpty(name))
{
identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var email = GoogleHelper.GetEmail(payload);
if (!string.IsNullOrEmpty(email))
{
identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
}
var profile = GoogleHelper.GetProfile(payload);
if (!string.IsNullOrEmpty(profile))
{
identity.AddClaim(new Claim("urn:google:profile", profile, ClaimValueTypes.String, Options.ClaimsIssuer));
}
await Options.Events.CreatingTicket(context);
//ISiteSettings site = siteResolver.Resolve();
var site = await GetSite();
if (site != null)
{
Claim siteGuidClaim = new Claim("SiteGuid", site.SiteGuid.ToString());
if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value))
{
identity.AddClaim(siteGuidClaim);
}
}
//return new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme);
return(new AuthenticationTicket(context.Principal, context.Properties, AuthenticationScheme.External));
}