private async Task <ExternalAuthUserInfo> GetExternalUserInfo(ExternalAuthenticateModel model)
        {
            var userInfo = await _externalAuthManager.GetUserInfo(model.AuthProvider, model.ProviderAccessCode);

            if (userInfo.ProviderKey != model.ProviderKey)
            {
                throw new UserFriendlyException(L("CouldNotValidateExternalUser"));
            }

            return(userInfo);
        }
Exemple #2
0
        private bool ProviderKeysAreEqual(ExternalAuthenticateModel model, ExternalAuthUserInfo userInfo)
        {
            if (userInfo.ProviderKey == model.ProviderKey)
            {
                return(true);
            }

            ;

            return(userInfo.ProviderKey == model.ProviderKey.Replace("-", "").TrimStart('0'));
        }
        private async Task <ExternalAuthUserInfo> GetExternalUserInfo(ExternalAuthenticateModel model)
        {
            var userInfo = await _externalAuthManager.GetUserInfo(model.AuthProvider, model.ProviderAccessCode);

            // Del by liumingyuan 2019-12-11 begin
            //因为默认的ProviderKey要求同一个登陆器下的同一用唯一,但是微信小程序里只有OpenId能做到用户唯一,OpenId又不能放到网络里传输,因此就需要修改一下默认的方式
            //if (userInfo.ProviderKey != model.ProviderKey)
            //{
            //    throw new UserFriendlyException(L("CouldNotValidateExternalUser"));
            //}
            // Del by liumingyuan 2019-12-11 end
            return(userInfo);
        }
        public async Task ValidateAsync(ExtensionGrantValidationContext context)
        {
            var code = context.Request.Raw.Get("code");
            var auth = context.Request.Raw.Get("auth");
            ExternalAuthenticateModel model = new ExternalAuthenticateModel()
            {
                AuthProvider       = auth,
                ProviderAccessCode = code
            };
            var externalUser = await GetUserInfo(model);//await GetExternalUserInfo(model);

            //var loginResult = await _logInManager.LoginAsync(
            //    new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider),
            //    GetTenancyNameOrNull());
            var loginResult = await _logInManager.LoginAsync(
                new UserLoginInfo(externalUser.Provider, externalUser.ProviderKey, externalUser.Provider),
                GetTenancyNameOrNull());

            switch (loginResult.Result)
            {
            case AbpLoginResultType.Success:
            {
                context.Result = new GrantValidationResult(
                    subject: loginResult.Identity.Claims.First(c => c.Type == JwtRegisteredClaimNames.Sub).Value,
                    authenticationMethod: "passwrod",
                    claims: await CreateJwtClaims(loginResult)
                    );
                break;
            }

            case AbpLoginResultType.UnknownExternalLogin:
            {
                context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "未绑定");
                break;
            }

            default:
            {
                throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                          loginResult.Result,
                          externalUser.ProviderKey,
                          GetTenancyNameOrNull()
                          );
            }
            }
        }
        public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model)
        {
            var externalUser = await GetExternalUserInfo(model);

            var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());

            switch (loginResult.Result)
            {
            case AbpLoginResultType.Success:
            {
                var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));

                var returnUrl = model.ReturnUrl;

                if (model.SingleSignIn.HasValue && model.SingleSignIn.Value && loginResult.Result == AbpLoginResultType.Success)
                {
                    loginResult.User.SetSignInToken();
                    returnUrl = AddSingleSignInParametersToReturnUrl(model.ReturnUrl, loginResult.User.SignInToken, loginResult.User.Id, loginResult.User.TenantId);
                }

                return(new ExternalAuthenticateResultModel
                    {
                        AccessToken = accessToken,
                        EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
                        ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds,
                        ReturnUrl = returnUrl
                    });
            }

            case AbpLoginResultType.UnknownExternalLogin:
            {
                var newUser = await RegisterExternalUserAsync(externalUser);

                if (!newUser.IsActive)
                {
                    return(new ExternalAuthenticateResultModel
                        {
                            WaitingForActivation = true
                        });
                }

                //Try to login again with newly registered user!
                loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());

                if (loginResult.Result != AbpLoginResultType.Success)
                {
                    throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                              loginResult.Result,
                              model.ProviderKey,
                              GetTenancyNameOrNull()
                              );
                }

                var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
                return(new ExternalAuthenticateResultModel
                    {
                        AccessToken = accessToken,
                        EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
                        ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
                    });
            }

            default:
            {
                throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                          loginResult.Result,
                          model.ProviderKey,
                          GetTenancyNameOrNull()
                          );
            }
            }
        }
        public async Task <ExternalAuthenticateResultModel> WeChatAuthenticate([FromBody] ExternalAuthenticateModel model)
        {
            var externalUser = await GetExternalUserInfo(model);

            //Logger.Info($"用户模型:{Newtonsoft.Json.JsonConvert.SerializeObject(externalUser)}");
            //Logger.Debug(Newtonsoft.Json.JsonConvert.SerializeObject(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider) ) + GetTenancyNameOrNull());
            var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());

            //Logger.Debug(loginResult.Result.ToString());

            switch (loginResult.Result)
            {
            case AbpLoginResultType.Success:
            {
                var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
                return(new ExternalAuthenticateResultModel
                    {
                        AccessToken = accessToken,
                        EncryptedAccessToken = GetEncryptedAccessToken(accessToken),
                        ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
                    });
            }

            case AbpLoginResultType.UnknownExternalLogin:
            {
                var newUser = await RegisterExternalUserAsync(externalUser);

                if (!newUser.IsActive)
                {
                    return(new ExternalAuthenticateResultModel
                        {
                            WaitingForActivation = true
                        });
                }
                loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());

                if (loginResult.Result != AbpLoginResultType.Success)
                {
                    throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                              loginResult.Result,
                              model.ProviderKey,
                              GetTenancyNameOrNull()
                              );
                }
                var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
                return(new ExternalAuthenticateResultModel
                    {
                        AccessToken = accessToken,
                        EncryptedAccessToken = GetEncryptedAccessToken(accessToken),
                        ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
                    });
            }

            default:
            {
                throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                          loginResult.Result,
                          model.ProviderKey,
                          GetTenancyNameOrNull()
                          );
            }
            }
        }
        public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model)
        {
            Logger.Debug($"ExternalAuthenticate:{model.ToJsonString()}");

            if (model.AuthProvider == "WechatH5")
            {
                var decryptText = SimpleStringCipher.Instance.Decrypt(model.ProviderAccessCode, AppConsts.DefaultPassPhrase);
                var arr         = decryptText.Split('|');
                var expiredCode = DateTime.Now.AddMinutes(-1);

                if (arr.Length > 1)
                {
                    DateTime.TryParse(arr[1], out expiredCode);
                }

                if (expiredCode < DateTime.Now)
                {
                    throw new AbpProjectNameBusinessException(ErrorCode.Forbidden);
                }

                model.ProviderAccessCode = arr[0];
            }

            var externalUser = await GetExternalUserInfo(model);

            var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());

            switch (loginResult.Result)
            {
            case AbpLoginResultType.Success:
            {
                var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));

                //登陆成功时更新sessionkey
                if (externalUser is WechatMiniAuthUserInfo)
                {
                    var userInfo = externalUser as WechatMiniAuthUserInfo;
                    EventBus.Trigger(new WechatLoginSuccessEventData
                        {
                            SessionKey = userInfo.SessionKey,
                            UserId     = loginResult.User.Id
                        });
                }

                return(new ExternalAuthenticateResultModel
                    {
                        AccessToken = accessToken,
                        EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
                        ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
                    });
            }

            case AbpLoginResultType.UnknownExternalLogin:
            {
                var newUser = await RegisterExternalUserAsync(externalUser);

                if (!newUser.IsActive)
                {
                    return(new ExternalAuthenticateResultModel
                        {
                            WaitingForActivation = true
                        });
                }

                // Try to login again with newly registered user!
                loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());

                if (loginResult.Result != AbpLoginResultType.Success)
                {
                    throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                              loginResult.Result,
                              externalUser.ProviderKey,
                              GetTenancyNameOrNull()
                              );
                }

                return(new ExternalAuthenticateResultModel
                    {
                        AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)),
                        ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
                    });
            }

            default:
            {
                throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                          loginResult.Result,
                          externalUser.ProviderKey,
                          GetTenancyNameOrNull()
                          );
            }
            }
        }
Exemple #8
0
        public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model)
        {
            var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());

            if (loginResult.Identity != null)
            {
                await _signInManager.SignInAsync(loginResult.Identity, true);
            }
            await UnitOfWorkManager.Current.SaveChangesAsync();

            switch (loginResult.Result)
            {
            case AbpLoginResultType.Success:
            {
                var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
                return(new ExternalAuthenticateResultModel
                    {
                        AccessToken = accessToken,
                        EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
                        ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
                    });
            }

            case AbpLoginResultType.UnknownExternalLogin:
            {
                var externalUser = new ExternalAuthUserInfo()
                {
                    EmailAddress = model.EmailAddress,
                    Name         = model.Name,
                    Provider     = model.AuthProvider,
                    ProviderKey  = model.ProviderKey,
                    Surname      = model.Surname
                };
                var newUser = await RegisterExternalUserAsync(externalUser);

                if (!newUser.IsActive)
                {
                    return(new ExternalAuthenticateResultModel
                        {
                            WaitingForActivation = true
                        });
                }

                // Try to login again with newly registered user!
                loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());

                if (loginResult.Result != AbpLoginResultType.Success)
                {
                    throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                              loginResult.Result,
                              model.ProviderKey,
                              GetTenancyNameOrNull()
                              );
                }

                return(new ExternalAuthenticateResultModel
                    {
                        AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)),
                        ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
                    });
            }

            default:
            {
                throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                          loginResult.Result,
                          model.ProviderKey,
                          GetTenancyNameOrNull()
                          );
            }
            }
        }
        public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model)
        {
            var externalUser = await GetExternalUserInfo(model);

            // 判断是否有这个Key
            var tenancyName = GetTenancyNameOrNull();
            var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), tenancyName);

            switch (loginResult.Result)
            {
            case AbpLoginResultType.Success:
            {
                var accessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User));
                return(new ExternalAuthenticateResultModel
                    {
                        AccessToken = accessToken,
                        EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
                        ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds,
                        UserId = loginResult.User.Id
                    });
            }

            case AbpLoginResultType.UnknownExternalLogin:
            case AbpLoginResultType.UserIsNotActive:
                if (loginResult.User == null)
                {
                    // 该第三方key未绑定用户表信息
                    return(new ExternalAuthenticateResultModel
                    {
                        ProviderKey = model.ProviderKey,
                        WaitingForActivation = false,
                        UserId = 0
                    });
                }
                else
                {
                    // 找到该用户,但是处于锁定状态
                    return(new ExternalAuthenticateResultModel
                    {
                        ProviderKey = model.ProviderKey,
                        WaitingForActivation = true,
                        UserId = (await _userManager.GetUserByEmail(externalUser.EmailAddress)).Id
                    });
                }

            default:
                throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                          loginResult.Result,
                          model.ProviderKey,
                          GetTenancyNameOrNull()
                          );
            }


            #region 旧版本
            //switch (loginResult.Result)
            //{
            //    case AbpLoginResultType.Success:
            //        {
            //            string accessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User));
            //            return new ExternalAuthenticateResultModel
            //            {
            //                AccessToken = accessToken,
            //                EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
            //                ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds,
            //                UserId = loginResult.User.Id

            //            };
            //        }
            //    case AbpLoginResultType.UnknownExternalLogin:
            //        {
            //            //注册新用户到数据库中
            //            User newUser = await RegisterExternalUserAsync(externalUser);
            //            if (!newUser.IsActive)
            //            {
            //                return new ExternalAuthenticateResultModel
            //                {
            //                    WaitingForActivation = true,
            //                    UserId = newUser.Id,
            //                    ProviderKey = externalUser.ProviderKey,

            //                };
            //            }

            //            // Try to login again with newly registered user!
            //            loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
            //            if (loginResult.Result != AbpLoginResultType.Success)
            //            {
            //                throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
            //                    loginResult.Result,
            //                    model.ProviderKey,
            //                    GetTenancyNameOrNull()
            //                );
            //            }

            //            return new ExternalAuthenticateResultModel
            //            {
            //                AccessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User)),
            //                ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
            //            };
            //        }
            //    case AbpLoginResultType.UserIsNotActive:
            //        {
            //            // 需要进行账号绑定激活
            //            return new ExternalAuthenticateResultModel
            //            {
            //                WaitingForActivation = true,
            //                UserId = (await _userManager.GetUserByEmail(externalUser.EmailAddress)).Id
            //            };
            //        }
            //    default:
            //        {
            //            throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
            //                loginResult.Result,
            //                model.ProviderKey,
            //                GetTenancyNameOrNull()
            //            );
            //        }
            // }
            #endregion
        }
Exemple #10
0
        public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate(ExternalAuthenticateModel model)
        {
            //var externalUser = await GetExternalUserInfo(model);

            var loginResult = await _loginManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider));

            switch (loginResult.Result)
            {
            case LoginResultType.Success:
            {
                var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
                var permissions = await UserManager.GetGrantedPermissionsAsync(loginResult.User);

                var result = new ExternalAuthenticateResultModel
                {
                    AccessToken          = accessToken,
                    EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
                    ExpireInSeconds      = (int)_configuration.Expiration.TotalSeconds,
                    GrantedPermissions   = permissions.Select(o => o.Name)
                };
                //如果是电脑浏览器登录,则需要记录当前token,用于限制同一时间单账号登录
                if (model.ClientInfo == "Browser")
                {
                    loginResult.User.SetData("currentToken", result.EncryptedAccessToken);
                }

                await UserManager.UpdateAsync(loginResult.User);

                //HttpContext.Session.Set("LoginInfo", loginResult.User.Id);

                return(result);
            }
            //case LoginResultType.UnknownExternalLogin:
            //    {
            //        var newUser = await RegisterExternalUserAsync(externalUser);
            //        if (!newUser.IsActive)
            //        {
            //            return new ExternalAuthenticateResultModel
            //            {
            //                WaitingForActivation = true
            //            };
            //        }

            //        //Try to login again with newly registered user!
            //        loginResult = await _loginManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());
            //        if (loginResult.Result != LoginResultType.Success)
            //        {
            //            throw _loginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
            //                loginResult.Result,
            //                model.ProviderKey,
            //                GetTenancyNameOrNull()
            //            );
            //        }

            //        var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));
            //        return new ExternalAuthenticateResultModel
            //        {
            //            AccessToken = accessToken,
            //            EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
            //            ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
            //        };
            //    }
            default:
            {
                throw _loginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                          loginResult.Result,
                          model.ProviderKey,
                          GetTenancyNameOrNull()
                          );
            }
            }
        }
Exemple #11
0
        public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model)
        {
            var externalUser = await GetExternalUserInfo(model);

            var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());

            switch (loginResult.Result)
            {
            case AbpLoginResultType.Success:
            {
                var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));

                //登陆成功时更新sessionkey
                if (externalUser is WechatAuthUserInfo)
                {
                    var userInfo = externalUser as WechatAuthUserInfo;
                    EventBus.Trigger(new WechatLoginSuccessEventData
                        {
                            SessionKey = userInfo.SessionKey,
                            UserId     = loginResult.User.Id
                        });
                }

                return(new ExternalAuthenticateResultModel
                    {
                        AccessToken = accessToken,
                        EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
                        ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
                    });
            }

            case AbpLoginResultType.UnknownExternalLogin:
            {
                var newUser = await RegisterExternalUserAsync(externalUser);

                if (!newUser.IsActive)
                {
                    return(new ExternalAuthenticateResultModel
                        {
                            WaitingForActivation = true
                        });
                }

                // Try to login again with newly registered user!
                loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull());

                if (loginResult.Result != AbpLoginResultType.Success)
                {
                    throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                              loginResult.Result,
                              externalUser.ProviderKey,
                              GetTenancyNameOrNull()
                              );
                }

                return(new ExternalAuthenticateResultModel
                    {
                        AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)),
                        ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds
                    });
            }

            default:
            {
                throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt(
                          loginResult.Result,
                          externalUser.ProviderKey,
                          GetTenancyNameOrNull()
                          );
            }
            }
        }
        private async Task <AuthUserInfo> GetUserInfo(ExternalAuthenticateModel model)
        {
            var userInfo = await _serviceAuthManager.GetUserInfo(model.AuthProvider, model.ProviderAccessCode);

            return(userInfo);
        }