public Tuple <TenantPublicModel, TenantPrivateModel> GetTenant(TenantDbContext _db, string host)
{
#region 设置缓存Key
// for client use
var Unique_TenantPublic_CacheKey = $"{TenantConstant.CacheKey}:{host}:pub";
// for server config
var Unique_TenantPrivate_CacheKey = $"{TenantConstant.CacheKey}:{host}:pvt";
#endregion
#region 根据缓存Key获取数据
var tenant_public = _cache.Get <TenantPublicModel>(Unique_TenantPublic_CacheKey);
var tenant_private = _cache.Get <TenantPrivateModel>(Unique_TenantPrivate_CacheKey);
#endregion
// 详情和Issuer
if (tenant_public == null ||
tenant_private == null)
{
var _tenantId = _db.ExecuteScalarAsync(
"SELECT AppTenantId FROM AppTenantHosts WHERE HostName = @HostName", System.Data.CommandType.Text,
new SqlParameter("@HostName", host)).Result;
if (_tenantId != null)
{
var tenantId = long.Parse(_tenantId.ToString());
var tenant = _db.Tenants
.Include(x => x.Claims)
.Include(x => x.Hosts)
.Include(x => x.Properties)
.FirstOrDefault(x => x.Id == tenantId);
tenant_public = tenant.ToPublicModel();
tenant_private = tenant.ToPrivateModel();
_cache.Set(Unique_TenantPublic_CacheKey,
tenant_public,
TimeSpan.FromSeconds(tenant.CacheDuration));
_cache.Set(Unique_TenantPrivate_CacheKey,
tenant_private,
TimeSpan.FromSeconds(tenant.CacheDuration));
}
}
return(Tuple.Create(tenant_public, tenant_private));
}
public Tuple <string, string> GetTenant(TenantDbContext _db, string host)
{
#region 设置缓存Key
// for client use
var Unique_TenantPublic_CacheKey = $"{TenantConstant.CacheKey}:{host}:pub";
// for server config
var Unique_TenantPrivate_CacheKey = $"{TenantConstant.CacheKey}:{host}:pvt";
#endregion
#region 根据缓存Key获取数据
var tenant_public = _redis.Get(Unique_TenantPublic_CacheKey).Result;
var tenant_private = _redis.Get(Unique_TenantPrivate_CacheKey).Result;
#endregion
// 详情和Issuer
if (string.IsNullOrWhiteSpace(tenant_public) ||
string.IsNullOrWhiteSpace(tenant_private))
{
var tenantId = _db.TenantHosts.Where(x => x.HostName.Equals(host))
.Select(x => x.AppTenantId)
.FirstOrDefault();
if (tenantId > 0)
{
var tenant = _db.Tenants
.Include(x => x.Claims)
.Include(x => x.Hosts)
.Include(x => x.Properties)
.FirstOrDefault(x => x.Id == tenantId);
tenant_public = JsonConvert.SerializeObject(tenant.ToPublicModel());
tenant_private = JsonConvert.SerializeObject(tenant.ToPrivateModel());
var cacheResult = _redis.Set(Unique_TenantPublic_CacheKey,
tenant_public,
TimeSpan.FromSeconds(tenant.CacheDuration)).Result;
cacheResult = _redis.Set(Unique_TenantPrivate_CacheKey,
tenant_private,
TimeSpan.FromSeconds(tenant.CacheDuration)).Result;
}
}
return(Tuple.Create(tenant_public, tenant_private));
}
public Tuple <TenantPublicModel, TenantPrivateModel> GetTenant(TenantDbContext _db, string host)
{
#region 设置缓存Key
// for client use
var Unique_TenantPublic_CacheKey = $"{TenantConstant.CacheKey}:{host}:pub";
// for server config
var Unique_TenantPrivate_CacheKey = $"{TenantConstant.CacheKey}:{host}:pvt";
#endregion
#region 根据缓存Key获取数据
var tenant_public = _cache.Get <TenantPublicModel>(Unique_TenantPublic_CacheKey);
var tenant_private = _cache.Get <TenantPrivateModel>(Unique_TenantPrivate_CacheKey);
#endregion
// 详情和Issuer
if (tenant_public == null ||
tenant_private == null)
{
var _tenantId = _db.TenantHosts.Where(x => x.HostName.Equals(host))
.Select(x => x.AppTenantId).FirstOrDefault();
if (_tenantId > 0)
{
var tenant = _db.Tenants
.Include(x => x.Claims).AsNoTracking()
.Include(x => x.Hosts).AsNoTracking()
.Include(x => x.Properties).AsNoTracking()
.Where(x => x.Id == _tenantId).AsNoTracking()
.FirstOrDefault();
tenant_public = tenant.ToPublicModel();
tenant_private = tenant.ToPrivateModel();
var cacheOptions = CacheEntryOptions(tenant.CacheDuration);
_cache.Set(Unique_TenantPublic_CacheKey, tenant_public, cacheOptions);
_cache.Set(Unique_TenantPrivate_CacheKey, tenant_private, cacheOptions);
}
}
return(Tuple.Create(tenant_public, tenant_private));
}
public Task Invoke(
HttpContext context,
TenantDbContext _db,
IOptionsMonitor <IdentityServerAuthenticationOptions> identityServerAuthenticationOptions)
{
var tenant = _tenantService.GetTenant(_db,
context.Request.Host.Value);
if (tenant.Item1 != null)
{
context.Items[TenantConstant.CacheKey] = tenant.Item1;
}
var ResetOAuthProvider_CacheKey = TenantConstant.SchemesReflush + context.Request.Host.Value;
var ResetOAuthProvider_Flag = _memoryCache.Get <string>(ResetOAuthProvider_CacheKey);
if (tenant.Item2 != null)
{
var pvtModel = tenant.Item2;
#region IdentityServer4 - IssuerUri
_identityServerOptions.IssuerUri = context.Request.Scheme + "://" + tenant.Item2.IdentityServerIssuerUri;
#endregion
#region IdentityServer4 - AuthorityUri
identityServerAuthenticationOptions.CurrentValue.Authority = _identityServerOptions.IssuerUri;
#endregion
#region ResetOAuthProvider - PerRequest
if (string.IsNullOrWhiteSpace(ResetOAuthProvider_Flag) && pvtModel.Properties.Count > 0)
{
var AppSchemes = _oauthProvider.GetAllSchemesAsync().Result.Select(x => x.Name).ToList();
foreach (var scheme in OAuthBuilderExtensions.Schemes)
{
if (!pvtModel.Properties.ContainsKey($"{scheme}:ClientId") ||
!pvtModel.Properties.ContainsKey($"{scheme}:ClientSecret"))
{
_oauthProvider.RemoveScheme(scheme);
continue;
}
var ClientId_FromTenant = pvtModel.Properties[$"{scheme}:ClientId"];
var ClientSecret_FromTenant = pvtModel.Properties[$"{scheme}:ClientSecret"];
if (string.IsNullOrWhiteSpace(ClientId_FromTenant) ||
string.IsNullOrWhiteSpace(ClientSecret_FromTenant))
{
_oauthProvider.RemoveScheme(scheme);
continue;
}
switch (scheme)
{
case MicrosoftAccountDefaults.AuthenticationScheme:
_microsoftOptions.ClientId = ClientId_FromTenant;
_microsoftOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(MicrosoftAccountHandler));
break;
case GoogleDefaults.AuthenticationScheme:
_googleOptions.ClientId = ClientId_FromTenant;
_googleOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(GoogleHandler));
break;
case WeiboAuthenticationDefaults.AuthenticationScheme:
_weiboOptions.ClientId = ClientId_FromTenant;
_weiboOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(WeiboAuthenticationHandler));
break;
case WeixinAuthenticationDefaults.AuthenticationScheme:
_weixinOptions.ClientId = ClientId_FromTenant;
_weixinOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(WeixinAuthenticationHandler));
break;
case QQAuthenticationDefaults.AuthenticationScheme:
_qqOptions.ClientId = ClientId_FromTenant;
_qqOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(QQAuthenticationHandler));
break;
case GitHubAuthenticationDefaults.AuthenticationScheme:
_githubOptions.ClientId = ClientId_FromTenant;
_githubOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(GitHubAuthenticationHandler));
break;
case FacebookDefaults.AuthenticationScheme:
_facebookOptions.ClientId = ClientId_FromTenant;
_facebookOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(FacebookHandler));
break;
//case AmazonAuthenticationDefaults.AuthenticationScheme:
// _amazonOptions.ClientId = ClientId_FromTenant;
// _amazonOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case GitterAuthenticationDefaults.AuthenticationScheme:
// _gitterOptions.ClientId = ClientId_FromTenant;
// _gitterOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case InstagramAuthenticationDefaults.AuthenticationScheme:
// _instagramOptions.ClientId = ClientId_FromTenant;
// _instagramOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case LinkedInAuthenticationDefaults.AuthenticationScheme:
// _linkedinOptions.ClientId = ClientId_FromTenant;
// _linkedinOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case PaypalAuthenticationDefaults.AuthenticationScheme:
// _paypalOptions.ClientId = ClientId_FromTenant;
// _paypalOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case RedditAuthenticationDefaults.AuthenticationScheme:
// _redditOptions.ClientId = ClientId_FromTenant;
// _redditOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case SalesforceAuthenticationDefaults.AuthenticationScheme:
// _salesforceOptions.ClientId = ClientId_FromTenant;
// _salesforceOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case TwitterDefaults.AuthenticationScheme:
// _twitterOptions.ConsumerKey = ClientId_FromTenant;
// _twitterOptions.ConsumerSecret = ClientSecret_FromTenant;
// break;
//case VisualStudioAuthenticationDefaults.AuthenticationScheme:
// _visualstudioOptions.ClientId = ClientId_FromTenant;
// _visualstudioOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case WordPressAuthenticationDefaults.AuthenticationScheme:
// _wordpressOptions.ClientId = ClientId_FromTenant;
// _wordpressOptions.ClientSecret = ClientSecret_FromTenant;
// break;
default: break;
}
}
var MemoryCacheOptions = new MemoryCacheEntryOptions();
MemoryCacheOptions.SetAbsoluteExpiration(
TimeSpan.FromSeconds(TenantConstant.SchemesReflushDuration));
_memoryCache.Set(ResetOAuthProvider_CacheKey,
"1",
MemoryCacheOptions);
}
#endregion
}
return(_next(context));
}
public Task Invoke(
HttpContext context,
TenantDbContext _db)
{
var tenant = _tenantService.GetTenant(_db,
context.Request.Host.Value);
if (tenant.Item1 != null)
{
context.Items[TenantConstant.CacheKey] = tenant.Item1;
}
var reflushFlagCacheKey = TenantConstant.SchemesReflush + context.Request.Host.Value;
var reflushFlag = _memoryCache.Get <string>(reflushFlagCacheKey);
if (tenant.Item2 != null)
{
var pvtModel = tenant.Item2;
#region IssuerUri
_identityServerOptions.IssuerUri = context.Request.Scheme + "://" + tenant.Item2.IdentityServerIssuerUri;
#endregion
#region ResetOAuthOptions
if (string.IsNullOrWhiteSpace(reflushFlag) && pvtModel.Properties.Count > 0)
{
// 获取当前所有OAuth Scheme
var AllSchemes = _oauthProvider.GetAllSchemesAsync().Result.Select(x => x.Name).ToList();
var TenantSchemes = AppDefaultData.Tenant.OAuthHandlers.Select(x => x.Key).ToList();
foreach (var scheme in TenantSchemes)
{
var ClientIdKey = $"{scheme}:ClientId";
var ClientIdValue = pvtModel.Properties[ClientIdKey];
var ClientSecretKey = $"{scheme}:ClientSecret";
var ClientSecretValue = pvtModel.Properties[ClientSecretKey];
if (string.IsNullOrWhiteSpace(ClientIdValue) ||
string.IsNullOrWhiteSpace(ClientSecretValue))
{
_oauthProvider.RemoveScheme(scheme);
continue;
}
AppDefaultData.Tenant.TenantProperties[ClientIdKey] = ClientIdValue;
AppDefaultData.Tenant.TenantProperties[ClientSecretKey] = ClientSecretValue;
if (!AllSchemes.Contains(scheme))
{
var authScheme = new AuthenticationScheme(scheme,
scheme, AppDefaultData.Tenant.OAuthHandlers[scheme]);
_oauthProvider.AddScheme(authScheme);
}
}
_memoryCache.Set(reflushFlagCacheKey,
"1",
TimeSpan.FromSeconds(TenantConstant.SchemesReflushDuration));
}
#endregion
}
return(_next(context));
}
public Task Invoke(
HttpContext context,
TenantDbContext _db
// IOptionsMonitor<WeixinOptions> _WeixinOptions,
// IOptionsMonitor<WeiboOptions> _WeiboOptions,
// IOptionsMonitor<GitHubOptions> _GitHubOptions,
// IOptionsMonitor<QQOptions> _QQOptions,
// IOptionsMonitor<FacebookOptions> _FacebookOptions,
// IOptionsMonitor<MicrosoftAccountOptions> _MicrosoftAccountOptions,
// IOptionsMonitor<GoogleOptions> _GoogleOptions,
// IOptionsMonitor<TwitterOptions> _TwitterOptions
)
{
var tenant = _tenantService.GetTenant(_db,
context.Request.Host.Value);
if (!string.IsNullOrWhiteSpace(tenant.Item1))
{
context.Items[TenantConstant.CacheKey] = tenant.Item1;
}
if (!string.IsNullOrWhiteSpace(tenant.Item2))
{
var pvtModel = JsonConvert
.DeserializeObject <AppTenantPrivateModel>(tenant.Item2);
#region IssuerUri
var IdServerOptions = context.RequestServices.GetRequiredService <IdentityServerOptions>();
IdServerOptions.IssuerUri = context.Request.Scheme + "://" + pvtModel.IdentityServerIssuerUri;
#endregion
#region ConfigAuthentication
//if (pvtModel.properties.Count > 0)
//{
// ConfigAuthentication(_WeixinOptions.CurrentValue,
// pvtModel.properties, WeixinDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_WeiboOptions.CurrentValue,
// pvtModel.properties, WeiboDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_GitHubOptions.CurrentValue,
// pvtModel.properties, GitHubDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_QQOptions.CurrentValue,
// pvtModel.properties, QQDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_FacebookOptions.CurrentValue,
// pvtModel.properties, FacebookDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_MicrosoftAccountOptions.CurrentValue,
// pvtModel.properties, MicrosoftAccountDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_GoogleOptions.CurrentValue,
// pvtModel.properties, GoogleDefaults.AuthenticationScheme);
//
// ConfigTwitterAuthentication(_TwitterOptions.CurrentValue,
// pvtModel.properties);
//}
#endregion
}
return(_next(context));
}
public Task Invoke(
HttpContext context,
TenantDbContext _db,
IOptionsMonitor <IdentityServerAuthenticationOptions> identityServerAuthenticationOptions)
{
var tenant = _tenantService.GetTenant(_db,
context.Request.Host.Value);
if (tenant.Item1 != null)
{
context.Items[TenantConstant.CacheKey] = tenant.Item1;
}
var ResetOAuthProvider_CacheKey = TenantConstant.SchemesReflush + context.Request.Host.Value;
var ResetOAuthProvider_Flag = _memoryCache.Get <string>(ResetOAuthProvider_CacheKey);
if (tenant.Item2 != null)
{
var pvtModel = tenant.Item2;
#region IdentityServer4 - IssuerUri
_identityServerOptions.IssuerUri = context.Request.Scheme + "://" + tenant.Item2.IdentityServerIssuerUri;
#endregion
#region IdentityServer4 - AuthorityUri
identityServerAuthenticationOptions.CurrentValue.Authority = _identityServerOptions.IssuerUri;
#endregion
#region ResetOAuthProvider - PerRequest
if (string.IsNullOrWhiteSpace(ResetOAuthProvider_Flag) && pvtModel.Properties.Count > 0)
{
// All Schemes
var ApplicationSchemes = _oauthProvider.GetAllSchemesAsync().Result.Select(x => x.Name).ToList();
// All Scheme Providers
var SchemeProviders = OAuthBuilderExtensions.Handlers.Select(x => x.Key).ToList();
foreach (var oauthScheme in SchemeProviders)
{
var ClientId_FromTenant = pvtModel.Properties[$"{oauthScheme}:ClientId"];
var ClientSecret_FromTenant = pvtModel.Properties[$"{oauthScheme}:ClientSecret"];
if (string.IsNullOrWhiteSpace(ClientId_FromTenant) ||
string.IsNullOrWhiteSpace(ClientSecret_FromTenant))
{
_oauthProvider.RemoveScheme(oauthScheme);
continue;
}
switch (oauthScheme)
{
case AmazonAuthenticationDefaults.AuthenticationScheme:
_amazonOptions.ClientId = ClientId_FromTenant;
_amazonOptions.ClientSecret = ClientSecret_FromTenant;
break;
case FacebookDefaults.AuthenticationScheme:
_facebookOptions.ClientId = ClientId_FromTenant;
_facebookOptions.ClientSecret = ClientSecret_FromTenant;
break;
case GitHubDefaults.AuthenticationScheme:
_amazonOptions.ClientId = ClientId_FromTenant;
_amazonOptions.ClientSecret = ClientSecret_FromTenant;
break;
case GitterAuthenticationDefaults.AuthenticationScheme:
_gitterOptions.ClientId = ClientId_FromTenant;
_gitterOptions.ClientSecret = ClientSecret_FromTenant;
break;
case GoogleDefaults.AuthenticationScheme:
_googleOptions.ClientId = ClientId_FromTenant;
_googleOptions.ClientSecret = ClientSecret_FromTenant;
break;
case InstagramAuthenticationDefaults.AuthenticationScheme:
_instagramOptions.ClientId = ClientId_FromTenant;
_instagramOptions.ClientSecret = ClientSecret_FromTenant;
break;
case LinkedInAuthenticationDefaults.AuthenticationScheme:
_linkedinOptions.ClientId = ClientId_FromTenant;
_linkedinOptions.ClientSecret = ClientSecret_FromTenant;
break;
case MicrosoftAccountDefaults.AuthenticationScheme:
_microsoftOptions.ClientId = ClientId_FromTenant;
_microsoftOptions.ClientSecret = ClientSecret_FromTenant;
break;
case PaypalAuthenticationDefaults.AuthenticationScheme:
_paypalOptions.ClientId = ClientId_FromTenant;
_paypalOptions.ClientSecret = ClientSecret_FromTenant;
break;
case QQDefaults.AuthenticationScheme:
_amazonOptions.ClientId = ClientId_FromTenant;
_amazonOptions.ClientSecret = ClientSecret_FromTenant;
break;
case RedditAuthenticationDefaults.AuthenticationScheme:
_redditOptions.ClientId = ClientId_FromTenant;
_redditOptions.ClientSecret = ClientSecret_FromTenant;
break;
case SalesforceAuthenticationDefaults.AuthenticationScheme:
_salesforceOptions.ClientId = ClientId_FromTenant;
_salesforceOptions.ClientSecret = ClientSecret_FromTenant;
break;
case TwitterDefaults.AuthenticationScheme:
_twitterOptions.ConsumerKey = ClientId_FromTenant;
_twitterOptions.ConsumerSecret = ClientSecret_FromTenant;
break;
case VisualStudioAuthenticationDefaults.AuthenticationScheme:
_visualstudioOptions.ClientId = ClientId_FromTenant;
_visualstudioOptions.ClientSecret = ClientSecret_FromTenant;
break;
case WeiboDefaults.AuthenticationScheme:
_weiboOptions.ClientId = ClientId_FromTenant;
_weiboOptions.ClientSecret = ClientSecret_FromTenant;
break;
case WeixinDefaults.AuthenticationScheme:
_weixinOptions.ClientId = ClientId_FromTenant;
_weixinOptions.ClientSecret = ClientSecret_FromTenant;
break;
case WordPressAuthenticationDefaults.AuthenticationScheme:
_wordpressOptions.ClientId = ClientId_FromTenant;
_wordpressOptions.ClientSecret = ClientSecret_FromTenant;
break;
default: break;
}
if (!ApplicationSchemes.Contains(oauthScheme))
{
_oauthProvider.AddScheme(new AuthenticationScheme(oauthScheme,
oauthScheme, OAuthBuilderExtensions.Handlers[oauthScheme]));
}
}
_memoryCache.Set(ResetOAuthProvider_CacheKey,
"1",
TimeSpan.FromSeconds(TenantConstant.SchemesReflushDuration));
}
#endregion
}
return(_next(context));
}
