public override Task <GrantResponseDTO> GrantByToken(GrantByTokenRequestDTO request, ServerCallContext context) { return(Task.Run(() => { GrantResponseDTO response = new GrantResponseDTO(); UserToken token = UserToken.FromCipherToken(request.Token); if (token == null) { response.RetCode = "0400"; response.RetMsg = "无效的token"; return response; } OAuthApp app = OAuthAppCache.Get(request.Appid); if (app == null) { response.RetCode = "0400"; response.RetMsg = "无效的应用id"; return response; } if (app.Id != token.AppId) { response.RetCode = "0403"; response.RetMsg = "无效的token"; return response; } CodePrivilege[] privileges = null; if (request.Grants != null && request.Grants.Count > 0) { privileges = new CodePrivilege[request.Grants.Count]; for (int i = 0; i < request.Grants.Count; i++) { privileges[i] = new CodePrivilege { Id = request.Grants[i].Id, Type = request.Grants[i].Type }; } } GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, token.UserId, request.Scopes, request.Client.DeviceId); if (!grant.Grant(request.GrantAll, privileges)) { response.RetCode = "0500"; response.RetMsg = "授权失败,请重试"; return response; } response.RetCode = "0000"; response.RetMsg = "ok"; response.Data = new GrantResponseDTO.Types.Result { Code = grant.Auth_Code }; return response; })); }
public override Task <GrantResponseDTO> GrantByAccount(GrantByAccountRequestDTO request, ServerCallContext context) { return(Task.Run(() => { var response = new GrantResponseDTO(); OAuthApp app = OAuthAppCache.Get(request.Appid); List <Scope> scope = ScopeCache.Get(request.Scopes.Split(',')); if (app == null) { response.RetCode = "0400"; response.RetMsg = "无效的应用id"; return response; } string ip = context.GetHttpContext().Request.Headers["X-FORWARD-IP"]; LoginProvider login = new LoginProvider(request.Account, request.Password, request.Scopes, LoginType.LOGIN_BY_PASSWORD); if (!login.Login(request.Client.Type, request.Client.System, request.Client.DeviceId, ip, request.Client.SessionId, request.Client.Version, app.Id)) { response.RetCode = "0500"; response.RetMsg = login.PromptInfo.CustomMessage; return response; } CodePrivilege[] privileges = null; if (request.Grants != null && request.Grants.Count > 0) { privileges = new CodePrivilege[request.Grants.Count]; for (int i = 0; i < request.Grants.Count; i++) { privileges[i] = new CodePrivilege { Id = request.Grants[i].Id, Type = request.Grants[i].Type }; } } GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, login.User.UserId, request.Scopes, request.Client.DeviceId); if (!grant.Grant(request.GrantAll, privileges)) { response.RetCode = "0500"; response.RetMsg = "授权失败,请重试"; return response; } response.RetCode = "0000"; response.RetMsg = "ok"; response.Data = new GrantResponseDTO.Types.Result { Code = grant.Auth_Code }; return response; })); }
[HttpPost] // api/authorize public ResponseResult <GrantResponseDTO> GrantByAccount(GrantByAccountRequestDTO data) { OAuthApp app = OAuthAppCache.Get(data.Appid); List <Scope> scope = ScopeCache.Get(data.Scopes.Split(',')); if (app == null) { return(Fail <GrantResponseDTO>("无效的应用id", "0400")); } string ip = Request.Headers["X-FORWARD-IP"]; LoginProvider login = new LoginProvider(data.Account, data.Password, data.Scopes, LoginType.LOGIN_BY_PASSWORD); if (!login.Login(data.Client.Type, data.Client.System, data.Client.DeviceId, ip, data.Client.SessionId, data.Client.Version, app.Id)) { return(Fail <GrantResponseDTO>(login.PromptInfo.CustomMessage, "0500")); } CodePrivilege[] privileges = null; if (data.Privileges != null && data.Privileges.Count > 0) { privileges = new CodePrivilege[data.Privileges.Count]; for (int i = 0; i < data.Privileges.Count; i++) { privileges[i] = new CodePrivilege { Id = data.Privileges[i].Id, Type = data.Privileges[i].Type }; } } GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, login.User.UserId, data.Scopes, data.Client.DeviceId); if (!grant.Grant(data.GrantAll, privileges)) { return(Fail <GrantResponseDTO>("授权失败,请重试", "0500")); } var response = new GrantResponseDTO { Code = grant.Auth_Code }; return(Success(response)); }
[HttpPost("client")] // api/authorize/client public ResponseResult <GrantResponseDTO> GrantByToken(GrantByTokenRequestDTO data) { GrantResponseDTO response = new GrantResponseDTO(); UserToken token = UserToken.FromCipherToken(data.Token); if (token == null) { return(Fail <GrantResponseDTO>("无效的token", "0400")); } OAuthApp app = OAuthAppCache.Get(data.Appid); if (app == null) { return(Fail <GrantResponseDTO>("无效的应用id", "0400")); } if (app.Id != token.AppId) { return(Fail <GrantResponseDTO>("无效的token", "0500")); } CodePrivilege[] privileges = null; if (data.Privileges != null && data.Privileges.Count > 0) { privileges = new CodePrivilege[data.Privileges.Count]; for (int i = 0; i < data.Privileges.Count; i++) { privileges[i] = new CodePrivilege { Id = data.Privileges[i].Id, Type = data.Privileges[i].Type }; } } GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, token.UserId, data.Scopes, data.Client.DeviceId); if (!grant.Grant(data.GrantAll, privileges)) { return(Fail <GrantResponseDTO>("授权失败,请重试")); } response.Code = grant.Auth_Code; return(Success(response)); }
/// <summary> /// 执行授权 /// </summary> /// <returns></returns> public bool Grant(bool takeAll, params CodePrivilege[] rights) { OAuthApp app = OAuthAppCache.Get(this._appid); if (app == null) { Alert("未注册的应用"); return(false); } string[] scopeCodes = this._scope.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries); var scope = ScopeCache.Get(scopeCodes); if (scope == null || scope.Count <= 0) { Alert("未定义的授权类型"); return(false); } var fac = UserModuleFactory.GetUserModuleInstance(); IUser user = fac?.GetUserByID(this._userId); if (user == null) { Alert("用户信息加载失败"); return(false); } if (CheckAlreadyAuth(app.Id, user.UserId)) { return(true); } if (takeAll && (rights == null || rights.Length <= 0)) { var temp = ScopeRightProvider.GetScopeRights(this._scope); rights = new CodePrivilege[temp.Count]; for (int i = 0; i < rights.Length; i++) { rights[i] = new CodePrivilege { Id = temp[i].Right_Id, Type = temp[i].Right_Type }; } } this.Auth_Code = Guid.NewGuid().ToString("N"); //Tauth_Code daCode = new Tauth_Code(); var daCode = DaoFactory.Tauth_Code(); daCode.App_Id = app.Id; daCode.Expire_Time = DateTime.Now.AddMinutes(5); daCode.Grant_Code = this.Auth_Code; daCode.Scope_Id = scope.FirstOrDefault().Id; daCode.User_Id = user.UserId; daCode.Device_Id = this._device_id; if (rights != null && rights.Length > 0) { daCode.Right_Json = Javirs.Common.Json.JsonSerializer.JsonSerialize(rights); } if (!daCode.Insert()) { Alert("授权失败,请重试!"); return(false); } return(true); }