CredentialVerifyEndpointResult BuildCredentialVerifyEndpointResult(CredentialVerifyResult verifyResult) { return(new CredentialVerifyEndpointResult() { VerifyResult = verifyResult }); }
/// <summary> /// 验证登陆凭据 /// </summary> /// <param name="principal">登陆凭据</param> /// <returns></returns> public static async Task <bool> VerifyCredentialAsync(ClaimsPrincipal principal, AuthenticationProperties properties) { IConfiguration configuration = HttpContextHelper.Current.RequestServices.GetService(typeof(IConfiguration)) as IConfiguration; if (configuration == null) { throw new Exception("get IConfiguration fail"); } var ssoOptions = HttpContextHelper.Current.RequestServices.GetService <IOptionsMonitor <SSOAuthenticationOption> >().Get(Constants.SSOAuthenticationScheme); //configuration.Get<SSOAuthenticationOption>();//(HttpContextHelper.Current.RequestServices.GetService(typeof(IOptions<SSOAuthenticationOption>)) as IOptions<SSOAuthenticationOption>)?.Value; if (ssoOptions == null) { throw new Exception("get SSOAuthenticationOption fail"); } var openIdOption = HttpContextHelper.Current.RequestServices.GetService <IOptionsMonitor <OpenIdConnectOptions> >().Get(OpenIdConnectDefaults.AuthenticationScheme); if (openIdOption == null) { throw new Exception("get OpenIdConnectOptins fail"); } var subjectClaim = principal.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier); if (subjectClaim == null) { subjectClaim = principal.Claims.FirstOrDefault(c => c.Type == JwtClaimTypes.Subject); } if (subjectClaim == null || string.IsNullOrWhiteSpace(subjectClaim.Value)) { //await HttpContextHelper.Current.SignOutAsync(); return(false); } CredentialVerifyRequest request = new CredentialVerifyRequest() { Client = new IdentityServer4.Models.Client() { ClientId = openIdOption.ClientId, ClientSecrets = new List <Secret>() { new Secret(openIdOption.ClientSecret.Sha256()) } }, User = new CredentialUser() { Id = subjectClaim.Value } }; string url = ssoOptions.CredentialVerifyUrl; if (string.IsNullOrWhiteSpace(url)) { url = openIdOption.Authority + "/" + Constants.RoutePaths.CredentialVerify; } try { HttpClient client = new HttpClient(); var result = await client.PostAsJsonAsync(url, request).ConfigureAwait(false); var stringValue = await result.Content.ReadAsStringAsync().ConfigureAwait(false); CredentialVerifyResult verifyResult = JsonSerialize.JsonToObject <CredentialVerifyResult>(stringValue); var loginSuccess = verifyResult?.VerifySuccess ?? false; //if (!loginSuccess) //{ // await HttpContextHelper.Current.SignOutAsync(); //} return(loginSuccess); } catch (Exception ex) { //await HttpContextHelper.Current.SignOutAsync(); throw ex; } }