コード例 #1
0
 CredentialVerifyEndpointResult BuildCredentialVerifyEndpointResult(CredentialVerifyResult verifyResult)
 {
     return(new CredentialVerifyEndpointResult()
     {
         VerifyResult = verifyResult
     });
 }
コード例 #2
0
        /// <summary>
        /// 验证登陆凭据
        /// </summary>
        /// <param name="principal">登陆凭据</param>
        /// <returns></returns>
        public static async Task <bool> VerifyCredentialAsync(ClaimsPrincipal principal, AuthenticationProperties properties)
        {
            IConfiguration configuration = HttpContextHelper.Current.RequestServices.GetService(typeof(IConfiguration)) as IConfiguration;

            if (configuration == null)
            {
                throw new Exception("get IConfiguration fail");
            }
            var ssoOptions = HttpContextHelper.Current.RequestServices.GetService <IOptionsMonitor <SSOAuthenticationOption> >().Get(Constants.SSOAuthenticationScheme); //configuration.Get<SSOAuthenticationOption>();//(HttpContextHelper.Current.RequestServices.GetService(typeof(IOptions<SSOAuthenticationOption>)) as IOptions<SSOAuthenticationOption>)?.Value;

            if (ssoOptions == null)
            {
                throw new Exception("get SSOAuthenticationOption fail");
            }
            var openIdOption = HttpContextHelper.Current.RequestServices.GetService <IOptionsMonitor <OpenIdConnectOptions> >().Get(OpenIdConnectDefaults.AuthenticationScheme);

            if (openIdOption == null)
            {
                throw new Exception("get OpenIdConnectOptins fail");
            }
            var subjectClaim = principal.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier);

            if (subjectClaim == null)
            {
                subjectClaim = principal.Claims.FirstOrDefault(c => c.Type == JwtClaimTypes.Subject);
            }
            if (subjectClaim == null || string.IsNullOrWhiteSpace(subjectClaim.Value))
            {
                //await HttpContextHelper.Current.SignOutAsync();
                return(false);
            }
            CredentialVerifyRequest request = new CredentialVerifyRequest()
            {
                Client = new IdentityServer4.Models.Client()
                {
                    ClientId      = openIdOption.ClientId,
                    ClientSecrets = new List <Secret>()
                    {
                        new Secret(openIdOption.ClientSecret.Sha256())
                    }
                },
                User = new CredentialUser()
                {
                    Id = subjectClaim.Value
                }
            };
            string url = ssoOptions.CredentialVerifyUrl;

            if (string.IsNullOrWhiteSpace(url))
            {
                url = openIdOption.Authority + "/" + Constants.RoutePaths.CredentialVerify;
            }
            try
            {
                HttpClient client = new HttpClient();
                var        result = await client.PostAsJsonAsync(url, request).ConfigureAwait(false);

                var stringValue = await result.Content.ReadAsStringAsync().ConfigureAwait(false);

                CredentialVerifyResult verifyResult = JsonSerialize.JsonToObject <CredentialVerifyResult>(stringValue);
                var loginSuccess = verifyResult?.VerifySuccess ?? false;
                //if (!loginSuccess)
                //{
                //    await HttpContextHelper.Current.SignOutAsync();
                //}
                return(loginSuccess);
            }
            catch (Exception ex)
            {
                //await HttpContextHelper.Current.SignOutAsync();
                throw ex;
            }
        }