private async Task <ExternalAuthUserInfo> GetExternalUserInfo(ExternalAuthenticateModel model) { var userInfo = await _externalAuthManager.GetUserInfo(model.AuthProvider, model.ProviderAccessCode); if (userInfo.ProviderKey != model.ProviderKey) { throw new UserFriendlyException(L("CouldNotValidateExternalUser")); } return(userInfo); }
private bool ProviderKeysAreEqual(ExternalAuthenticateModel model, ExternalAuthUserInfo userInfo) { if (userInfo.ProviderKey == model.ProviderKey) { return(true); } ; return(userInfo.ProviderKey == model.ProviderKey.Replace("-", "").TrimStart('0')); }
private async Task <ExternalAuthUserInfo> GetExternalUserInfo(ExternalAuthenticateModel model) { var userInfo = await _externalAuthManager.GetUserInfo(model.AuthProvider, model.ProviderAccessCode); // Del by liumingyuan 2019-12-11 begin //因为默认的ProviderKey要求同一个登陆器下的同一用唯一,但是微信小程序里只有OpenId能做到用户唯一,OpenId又不能放到网络里传输,因此就需要修改一下默认的方式 //if (userInfo.ProviderKey != model.ProviderKey) //{ // throw new UserFriendlyException(L("CouldNotValidateExternalUser")); //} // Del by liumingyuan 2019-12-11 end return(userInfo); }
public async Task ValidateAsync(ExtensionGrantValidationContext context) { var code = context.Request.Raw.Get("code"); var auth = context.Request.Raw.Get("auth"); ExternalAuthenticateModel model = new ExternalAuthenticateModel() { AuthProvider = auth, ProviderAccessCode = code }; var externalUser = await GetUserInfo(model);//await GetExternalUserInfo(model); //var loginResult = await _logInManager.LoginAsync( // new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), // GetTenancyNameOrNull()); var loginResult = await _logInManager.LoginAsync( new UserLoginInfo(externalUser.Provider, externalUser.ProviderKey, externalUser.Provider), GetTenancyNameOrNull()); switch (loginResult.Result) { case AbpLoginResultType.Success: { context.Result = new GrantValidationResult( subject: loginResult.Identity.Claims.First(c => c.Type == JwtRegisteredClaimNames.Sub).Value, authenticationMethod: "passwrod", claims: await CreateJwtClaims(loginResult) ); break; } case AbpLoginResultType.UnknownExternalLogin: { context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "未绑定"); break; } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, externalUser.ProviderKey, GetTenancyNameOrNull() ); } } }
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model) { var externalUser = await GetExternalUserInfo(model); var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); var returnUrl = model.ReturnUrl; if (model.SingleSignIn.HasValue && model.SingleSignIn.Value && loginResult.Result == AbpLoginResultType.Success) { loginResult.User.SetSignInToken(); returnUrl = AddSingleSignInParametersToReturnUrl(model.ReturnUrl, loginResult.User.SignInToken, loginResult.User.Id, loginResult.User.TenantId); } return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, ReturnUrl = returnUrl }); } case AbpLoginResultType.UnknownExternalLogin: { var newUser = await RegisterExternalUserAsync(externalUser); if (!newUser.IsActive) { return(new ExternalAuthenticateResultModel { WaitingForActivation = true }); } //Try to login again with newly registered user! loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } } }
public async Task <ExternalAuthenticateResultModel> WeChatAuthenticate([FromBody] ExternalAuthenticateModel model) { var externalUser = await GetExternalUserInfo(model); //Logger.Info($"用户模型:{Newtonsoft.Json.JsonConvert.SerializeObject(externalUser)}"); //Logger.Debug(Newtonsoft.Json.JsonConvert.SerializeObject(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider) ) + GetTenancyNameOrNull()); var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); //Logger.Debug(loginResult.Result.ToString()); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncryptedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } case AbpLoginResultType.UnknownExternalLogin: { var newUser = await RegisterExternalUserAsync(externalUser); if (!newUser.IsActive) { return(new ExternalAuthenticateResultModel { WaitingForActivation = true }); } loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncryptedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } } }
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model) { Logger.Debug($"ExternalAuthenticate:{model.ToJsonString()}"); if (model.AuthProvider == "WechatH5") { var decryptText = SimpleStringCipher.Instance.Decrypt(model.ProviderAccessCode, AppConsts.DefaultPassPhrase); var arr = decryptText.Split('|'); var expiredCode = DateTime.Now.AddMinutes(-1); if (arr.Length > 1) { DateTime.TryParse(arr[1], out expiredCode); } if (expiredCode < DateTime.Now) { throw new AbpProjectNameBusinessException(ErrorCode.Forbidden); } model.ProviderAccessCode = arr[0]; } var externalUser = await GetExternalUserInfo(model); var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); //登陆成功时更新sessionkey if (externalUser is WechatMiniAuthUserInfo) { var userInfo = externalUser as WechatMiniAuthUserInfo; EventBus.Trigger(new WechatLoginSuccessEventData { SessionKey = userInfo.SessionKey, UserId = loginResult.User.Id }); } return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } case AbpLoginResultType.UnknownExternalLogin: { var newUser = await RegisterExternalUserAsync(externalUser); if (!newUser.IsActive) { return(new ExternalAuthenticateResultModel { WaitingForActivation = true }); } // Try to login again with newly registered user! loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, externalUser.ProviderKey, GetTenancyNameOrNull() ); } return(new ExternalAuthenticateResultModel { AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, externalUser.ProviderKey, GetTenancyNameOrNull() ); } } }
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model) { var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Identity != null) { await _signInManager.SignInAsync(loginResult.Identity, true); } await UnitOfWorkManager.Current.SaveChangesAsync(); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } case AbpLoginResultType.UnknownExternalLogin: { var externalUser = new ExternalAuthUserInfo() { EmailAddress = model.EmailAddress, Name = model.Name, Provider = model.AuthProvider, ProviderKey = model.ProviderKey, Surname = model.Surname }; var newUser = await RegisterExternalUserAsync(externalUser); if (!newUser.IsActive) { return(new ExternalAuthenticateResultModel { WaitingForActivation = true }); } // Try to login again with newly registered user! loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } return(new ExternalAuthenticateResultModel { AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } } }
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model) { var externalUser = await GetExternalUserInfo(model); // 判断是否有这个Key var tenancyName = GetTenancyNameOrNull(); var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), tenancyName); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User)); return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, UserId = loginResult.User.Id }); } case AbpLoginResultType.UnknownExternalLogin: case AbpLoginResultType.UserIsNotActive: if (loginResult.User == null) { // 该第三方key未绑定用户表信息 return(new ExternalAuthenticateResultModel { ProviderKey = model.ProviderKey, WaitingForActivation = false, UserId = 0 }); } else { // 找到该用户,但是处于锁定状态 return(new ExternalAuthenticateResultModel { ProviderKey = model.ProviderKey, WaitingForActivation = true, UserId = (await _userManager.GetUserByEmail(externalUser.EmailAddress)).Id }); } default: throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } #region 旧版本 //switch (loginResult.Result) //{ // case AbpLoginResultType.Success: // { // string accessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User)); // return new ExternalAuthenticateResultModel // { // AccessToken = accessToken, // EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), // ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, // UserId = loginResult.User.Id // }; // } // case AbpLoginResultType.UnknownExternalLogin: // { // //注册新用户到数据库中 // User newUser = await RegisterExternalUserAsync(externalUser); // if (!newUser.IsActive) // { // return new ExternalAuthenticateResultModel // { // WaitingForActivation = true, // UserId = newUser.Id, // ProviderKey = externalUser.ProviderKey, // }; // } // // Try to login again with newly registered user! // loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); // if (loginResult.Result != AbpLoginResultType.Success) // { // throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( // loginResult.Result, // model.ProviderKey, // GetTenancyNameOrNull() // ); // } // return new ExternalAuthenticateResultModel // { // AccessToken = CreateAccessToken(await CreateJwtClaims(loginResult.Identity, loginResult.User)), // ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds // }; // } // case AbpLoginResultType.UserIsNotActive: // { // // 需要进行账号绑定激活 // return new ExternalAuthenticateResultModel // { // WaitingForActivation = true, // UserId = (await _userManager.GetUserByEmail(externalUser.EmailAddress)).Id // }; // } // default: // { // throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( // loginResult.Result, // model.ProviderKey, // GetTenancyNameOrNull() // ); // } // } #endregion }
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate(ExternalAuthenticateModel model) { //var externalUser = await GetExternalUserInfo(model); var loginResult = await _loginManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider)); switch (loginResult.Result) { case LoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); var permissions = await UserManager.GetGrantedPermissionsAsync(loginResult.User); var result = new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds, GrantedPermissions = permissions.Select(o => o.Name) }; //如果是电脑浏览器登录,则需要记录当前token,用于限制同一时间单账号登录 if (model.ClientInfo == "Browser") { loginResult.User.SetData("currentToken", result.EncryptedAccessToken); } await UserManager.UpdateAsync(loginResult.User); //HttpContext.Session.Set("LoginInfo", loginResult.User.Id); return(result); } //case LoginResultType.UnknownExternalLogin: // { // var newUser = await RegisterExternalUserAsync(externalUser); // if (!newUser.IsActive) // { // return new ExternalAuthenticateResultModel // { // WaitingForActivation = true // }; // } // //Try to login again with newly registered user! // loginResult = await _loginManager.LoginAsync(new UserLoginInfo(model.AuthProvider, model.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); // if (loginResult.Result != LoginResultType.Success) // { // throw _loginResultTypeHelper.CreateExceptionForFailedLoginAttempt( // loginResult.Result, // model.ProviderKey, // GetTenancyNameOrNull() // ); // } // var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); // return new ExternalAuthenticateResultModel // { // AccessToken = accessToken, // EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), // ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds // }; // } default: { throw _loginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, model.ProviderKey, GetTenancyNameOrNull() ); } } }
public async Task <ExternalAuthenticateResultModel> ExternalAuthenticate([FromBody] ExternalAuthenticateModel model) { var externalUser = await GetExternalUserInfo(model); var loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); switch (loginResult.Result) { case AbpLoginResultType.Success: { var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)); //登陆成功时更新sessionkey if (externalUser is WechatAuthUserInfo) { var userInfo = externalUser as WechatAuthUserInfo; EventBus.Trigger(new WechatLoginSuccessEventData { SessionKey = userInfo.SessionKey, UserId = loginResult.User.Id }); } return(new ExternalAuthenticateResultModel { AccessToken = accessToken, EncryptedAccessToken = GetEncrpyedAccessToken(accessToken), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } case AbpLoginResultType.UnknownExternalLogin: { var newUser = await RegisterExternalUserAsync(externalUser); if (!newUser.IsActive) { return(new ExternalAuthenticateResultModel { WaitingForActivation = true }); } // Try to login again with newly registered user! loginResult = await _logInManager.LoginAsync(new UserLoginInfo(model.AuthProvider, externalUser.ProviderKey, model.AuthProvider), GetTenancyNameOrNull()); if (loginResult.Result != AbpLoginResultType.Success) { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, externalUser.ProviderKey, GetTenancyNameOrNull() ); } return(new ExternalAuthenticateResultModel { AccessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity)), ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds }); } default: { throw _abpLoginResultTypeHelper.CreateExceptionForFailedLoginAttempt( loginResult.Result, externalUser.ProviderKey, GetTenancyNameOrNull() ); } } }
private async Task <AuthUserInfo> GetUserInfo(ExternalAuthenticateModel model) { var userInfo = await _serviceAuthManager.GetUserInfo(model.AuthProvider, model.ProviderAccessCode); return(userInfo); }