/// <summary>
/// Creates a valid authentication token used to create the access_token.
/// </summary>
private static AuthenticationTicket CreateAuthenticationTicket(LoginResult result, HandleTokenRequestContext context)
{
var identity = new ClaimsIdentity(context.Options.AuthenticationScheme);
identity.AddClaim(ClaimTypes.Name, result.UserName, OpenIdConnectConstants.Destinations.AccessToken, OpenIdConnectConstants.Destinations.IdentityToken);
identity.AddClaim(ClaimTypes.NameIdentifier, result.UserId.ToString(), OpenIdConnectConstants.Destinations.AccessToken, OpenIdConnectConstants.Destinations.IdentityToken);
var properties = new AuthenticationProperties();
var principal = new ClaimsPrincipal(new[] { identity });
return(CreateAuthenticationTicket(principal, properties, context.Options, context));
}
/// <summary>
/// 登陆
/// </summary>
/// <param name="context"></param>
/// <param name="who"></param>
/// <param name="expirDay"></param>
public static void SignIn(HttpContext context, IUser who, int expirDay)
{
var curDate = DateTime.Now;
var ExpiresUtc = new DateTimeOffset(curDate.AddDays(expirDay));
var proper = new Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties();
proper.IsPersistent = true;
proper.ExpiresUtc = ExpiresUtc;
proper.IssuedUtc = curDate;
proper.AllowRefresh = true;
proper.RedirectUri = "/login";
SignIn(context, who, proper);
}
private static AuthenticationTicket CreateAuthenticationTicket(
ClaimsPrincipal principal,
AuthenticationProperties authenticationProperties,
OpenIdConnectServerOptions options, BaseContext context)
{
var configuration = Configuration(context);
var ticket = new AuthenticationTicket(principal,
authenticationProperties,
options.AuthenticationScheme);
ticket.SetResources(configuration.ApiHostName());
ticket.SetScopes(
OpenIdConnectConstants.Scopes.OfflineAccess);
return(ticket);
}
/// <summary>
/// 登陆
/// </summary>
/// <param name="context"></param>
/// <param name="user"></param>
/// <param name="authenticationProperties"></param>
public static async void SignIn(HttpContext context, IUser user, Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties authenticationProperties)
{
ClaimsIdentity id = new ClaimsIdentity(user);
foreach (var role in user.Roles)
{
id.AddClaim(new Claim(ClaimTypes.Role, role));
}
id.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Token));
//id.AddClaim(new Claim(ClaimTypes.UserData, $"{(who.Guest ? "1" : "0")}:{(who.Admin ? "1" : "0")}:{(who.SupperMan ? "1" : "0")}"));
id.Label = user.Name;
ClaimsPrincipal claimP = new ClaimsPrincipal(id);
await context.Authentication.SignInAsync(Schema, claimP, authenticationProperties);
}
public override System.Threading.Tasks.Task SignOutAsync(string authenticationScheme, Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties properties)
{
throw null;
}
public override System.Threading.Tasks.Task SignInAsync(string authenticationScheme, System.Security.Claims.ClaimsPrincipal principal, Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties properties)
{
throw null;
}
public override System.Threading.Tasks.Task ChallengeAsync(string authenticationScheme, Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties properties, Microsoft.AspNetCore.Http.Features.Authentication.ChallengeBehavior behavior)
{
throw null;
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IOptions <Auth0Settings> auth0Settings)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles();
// Add the cookie middleware
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AutomaticAuthenticate = true,
AutomaticChallenge = true
});
// Add the OIDC middleware
var options = new OpenIdConnectOptions("Auth0")
{
// Set the authority to your Auth0 domain
Authority = $"https://{auth0Settings.Value.Domain}",
// Configure the Auth0 Client ID and Client Secret
ClientId = auth0Settings.Value.ClientId,
ClientSecret = auth0Settings.Value.ClientSecret,
// Do not automatically authenticate and challenge
AutomaticAuthenticate = false,
AutomaticChallenge = false,
// Set response type to code
ResponseType = "code",
// Set the callback path, so Auth0 will call back to http://localhost:5000/signin-auth0
// Also ensure that you have added the URL as an Allowed Callback URL in your Auth0 dashboard
CallbackPath = new PathString("/signin-auth0"),
// Configure the Claims Issuer to be Auth0
ClaimsIssuer = "Auth0",
Events = new OpenIdConnectEvents
{
// handle the logout redirection
OnRedirectToIdentityProviderForSignOut = (context) =>
{
var logoutUri = $"https://{auth0Settings.Value.Domain}/v2/logout?client_id={auth0Settings.Value.ClientId}";
var postLogoutUri = context.Properties.RedirectUri;
if (!string.IsNullOrEmpty(postLogoutUri))
{
if (postLogoutUri.StartsWith("/"))
{
// transform to absolute
var request = context.Request;
postLogoutUri = request.Scheme + "://" + request.Host + request.PathBase + postLogoutUri;
}
logoutUri += $"&returnTo={ Uri.EscapeDataString(postLogoutUri)}";
}
context.Response.Redirect(logoutUri);
context.HandleResponse();
return(Task.CompletedTask);
},
OnRedirectToIdentityProvider = (context) =>
{
if (!context.Properties.Items.ContainsKey("loginrequired"))
{
context.ProtocolMessage.Parameters.Add("prompt", "none");
}
return(Task.CompletedTask);
},
OnMessageReceived = async(context) =>
{
string[] LoginRequiredErrors =
{ "login_required", "consent_required", "interaction_required" };
string error;
context.ProtocolMessage.Parameters.TryGetValue("error", out error);
if (LoginRequiredErrors.Contains(error))
{
var authenticationProperties = new Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties()
{
RedirectUri = context.Properties.RedirectUri
};
authenticationProperties.Items["loginrequired"] = "true";
await context.HttpContext.Authentication.ChallengeAsync("Auth0", authenticationProperties);
context.HandleResponse();
}
}
}
};
options.Scope.Clear();
options.Scope.Add("openid");
app.UseOpenIdConnectAuthentication(options);
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
public abstract System.Threading.Tasks.Task SignOutAsync(string authenticationScheme, Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties properties);
public virtual System.Threading.Tasks.Task ForbidAsync(string authenticationScheme, Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties properties)
{
throw null;
}
public virtual System.Threading.Tasks.Task ChallengeAsync(Microsoft.AspNetCore.Http.Authentication.AuthenticationProperties properties)
{
throw null;
}
