private async Task <JsonWebToken> CreateToken(string userId, string userName, RequestClientType clientType, RefreshToken refreshToken)
{
Check.NotNullOrEmpty(userId, nameof(userId));
Check.NotNullOrEmpty(userName, nameof(userName));
// New RefreshToken
string clientId = refreshToken?.ClientId ?? Guid.NewGuid().ToString();
Claim[] claims =
{
new Claim(ClaimTypes.NameIdentifier, userId),
new Claim(ClaimTypes.Name, userName),
new Claim("clientId", clientId),
new Claim("clientType", clientType.ToString())
};
var(token, expires) = CreateToken(claims, _jwtOptions, JwtTokenType.RefreshToken, refreshToken);
string refreshTokenStr = token;
await _provider.ExecuteScopedWorkAsync(async provider =>
{
UserManager <TUser> userManager = provider.GetService <UserManager <TUser> >();
refreshToken = new RefreshToken()
{
ClientId = clientId, Value = refreshTokenStr, EndUtcTime = expires
};
var result = await userManager.SetRefreshToken <TUser, TUserKey>(userId, refreshToken);
if (result.Succeeded)
{
IUnitOfWork unitOfWork = provider.GetUnitOfWork <TUser, TUserKey>();
unitOfWork.Commit();
IEventBus eventBus = _provider.GetService <IEventBus>();
OnlineUserCacheRemoveEventData eventData = new OnlineUserCacheRemoveEventData()
{
UserNames = new[] { userName }
};
eventBus.Publish(eventData);
}
return(result);
},
false);
// New AccessToken
IAccessClaimsProvider claimsProvider = _provider.GetService <IAccessClaimsProvider>();
claims = await claimsProvider.CreateClaims(userId);
List <Claim> claimList = claims.ToList();
claimList.Add(new Claim("clientId", clientId));
claimList.Add(new Claim("clientType", clientType.ToString()));
(token, _) = CreateToken(claimList, _jwtOptions, JwtTokenType.AccessToken);
return(new JsonWebToken()
{
AccessToken = token,
RefreshToken = refreshTokenStr,
RefreshUctExpires = expires.ToJsGetTime().CastTo <long>(0)
});
}
/// <summary>
/// Cookie验证通过时,从OnlineUser缓存或数据库查找用户的最新信息附加到有效的 ClaimIdentity 上
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override Task ValidatePrincipal(CookieValidatePrincipalContext context)
{
ClaimsPrincipal user = context.Principal;
ClaimsIdentity identity = user.Identity as ClaimsIdentity;
IAccessClaimsProvider accessClaimsProvider = context.HttpContext.RequestServices.GetService <IAccessClaimsProvider>();
return(accessClaimsProvider.RefreshIdentity(identity));
}
/// <summary>
/// Token验证通过时,从OnlineUser缓存或数据库查找用户的最新信息附加到有效的 ClaimPrincipal 上
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public override async Task TokenValidated(TokenValidatedContext context)
{
ClaimsPrincipal user = context.Principal;
ClaimsIdentity identity = user.Identity as ClaimsIdentity;
IAccessClaimsProvider accessClaimsProvider = context.HttpContext.RequestServices.GetService <IAccessClaimsProvider>();
OperationResult <ClaimsIdentity> result = await accessClaimsProvider.RefreshIdentity(identity);
if (!result.Succeeded)
{
context.Fail(result.Message);
}
}
