public async Task TestBasic()
{
var accessTokenInfo = new AccessToken();
await _accessTokenRepository.InsertAsync(accessTokenInfo);
Assert.True(accessTokenInfo.Id > 0);
var token = accessTokenInfo.Token;
Assert.False(string.IsNullOrWhiteSpace(token));
accessTokenInfo = await _accessTokenRepository.GetAsync(accessTokenInfo.Id);
Assert.NotNull(accessTokenInfo);
accessTokenInfo.Title = "title";
var updated = await _accessTokenRepository.UpdateAsync(accessTokenInfo);
Assert.True(updated);
await _accessTokenRepository.RegenerateAsync(accessTokenInfo);
Assert.NotEqual(token, accessTokenInfo.Token);
var deleted = await _accessTokenRepository.DeleteAsync(accessTokenInfo.Id);
Assert.True(deleted);
}
public async Task <JsonWebToken> ValidateTokenAsync(string accessToken)
{
var tokenHandler = new JsonWebTokenHandler();
var tokenValidationParameters = new TokenValidationParameters()
{
ValidAudience = ".Api",
IssuerSigningKey = SecurityKey,
RequireExpirationTime = false,
ValidateLifetime = false,
ValidateIssuer = false
};
var tokenValidationResult = tokenHandler.ValidateToken(accessToken, tokenValidationParameters);
var jwt = tokenValidationResult.SecurityToken as JsonWebToken;
if (jwt == null)
{
throw new Exception("Invalid token format.");
}
await _tokenRepository.GetAsync(new Guid(jwt.Id));
return(jwt);
}
public async Task <ActionResult <GetResult> > Get([FromQuery] int id)
{
if (!await _authManager.HasAppPermissionsAsync(Types.AppPermissions.SettingsAdministratorsAccessTokens))
{
return(Unauthorized());
}
var tokenInfo = await _accessTokenRepository.GetAsync(id);
var accessToken = _settingsManager.Decrypt(tokenInfo.Token);
return(new GetResult
{
Token = tokenInfo,
AccessToken = accessToken
});
}
public async Task <ActionResult <TokensResult> > Submit([FromBody] AccessToken itemObj)
{
if (!await _authManager.HasAppPermissionsAsync(Types.AppPermissions.SettingsAdministratorsAccessTokens))
{
return(Unauthorized());
}
if (itemObj.Id > 0)
{
var tokenInfo = await _accessTokenRepository.GetAsync(itemObj.Id);
if (tokenInfo.Title != itemObj.Title && await _accessTokenRepository.IsTitleExistsAsync(itemObj.Title))
{
return(this.Error("保存失败,已存在相同标题的API密钥!"));
}
tokenInfo.Title = itemObj.Title;
tokenInfo.AdminName = itemObj.AdminName;
tokenInfo.Scopes = itemObj.Scopes;
await _accessTokenRepository.UpdateAsync(tokenInfo);
await _authManager.AddAdminLogAsync("修改API密钥", $"Access Token:{tokenInfo.Title}");
}
else
{
if (await _accessTokenRepository.IsTitleExistsAsync(itemObj.Title))
{
return(this.Error("保存失败,已存在相同标题的API密钥!"));
}
var tokenInfo = new AccessToken
{
Title = itemObj.Title,
AdminName = itemObj.AdminName,
Scopes = itemObj.Scopes
};
await _accessTokenRepository.InsertAsync(tokenInfo);
await _authManager.AddAdminLogAsync("新增API密钥", $"Access Token:{tokenInfo.Title}");
}
var list = await _accessTokenRepository.GetAccessTokensAsync();
return(new TokensResult
{
Tokens = list
});
}