/// <summary>
/// 请求的Token验证成功后使用OnlineUser信息刷新Identity,将在线用户信息赋予Identity
/// </summary>
/// <param name="identity">待刷新的Identity</param>
/// <returns>刷新后的Identity</returns>
public async Task <OperationResult <ClaimsIdentity> > RefreshIdentity(ClaimsIdentity identity)
{
if (identity != null && identity.IsAuthenticated)
{
IOnlineUserProvider onlineUserProvider = _provider.GetService <IOnlineUserProvider>();
OnlineUser onlineUser = await onlineUserProvider.GetOrCreate(identity.Name);
if (onlineUser == null)
{
return(new OperationResult <ClaimsIdentity>(OperationResultType.Error, "在线用户信息创建失败"));
}
string clientId = identity.GetClaimValueFirstOrDefault("clientId");
if (clientId != null && onlineUser.RefreshTokens.All(m => m.Value.ClientId != clientId))
{
return(new OperationResult <ClaimsIdentity>(OperationResultType.Error, "当前客户端的Token已过期"));
}
if (!string.IsNullOrEmpty(onlineUser.NickName))
{
identity.AddClaim(new Claim(ClaimTypes.GivenName, onlineUser.NickName));
}
if (!string.IsNullOrEmpty(onlineUser.Email))
{
identity.AddClaim(new Claim(ClaimTypes.Email, onlineUser.Email));
}
if (onlineUser.Roles.Length > 0)
{
identity.AddClaim(new Claim(ClaimTypes.Role, onlineUser.Roles.ExpandAndToString()));
}
// 扩展数据
foreach (KeyValuePair <string, string> pair in onlineUser.ExtendData)
{
identity.AddClaim(new Claim(pair.Key, pair.Value));
}
}
ScopedDictionary dict = _provider.GetService <ScopedDictionary>();
if (dict != null)
{
dict.Identity = identity;
}
return(new OperationResult <ClaimsIdentity>(OperationResultType.Success, "ok", identity));
}
/// <summary>
/// 异步获取或刷新在线用户信息
/// </summary>
/// <param name="userName">用户名</param>
/// <returns>在线用户信息</returns>
public virtual async Task <OnlineUser> GetOrRefreshAsync(string userName)
{
string key = $"Identity_OnlineUser_{userName}";
DistributedCacheEntryOptions options = new DistributedCacheEntryOptions();
options.SetSlidingExpiration(TimeSpan.FromMinutes(30));
return(await _cache.GetAsync <OnlineUser>(key,
() =>
{
return _serviceProvider.ExecuteScopedWorkAsync <OnlineUser>(async provider =>
{
IOnlineUserProvider onlineUserProvider = provider.GetService <IOnlineUserProvider>();
return await onlineUserProvider.GetOrCreate(userName);
});
},
options));
}
/// <summary>
/// 获取或刷新在线用户信息
/// </summary>
/// <param name="userName">用户名</param>
/// <returns>在线用户信息</returns>
public virtual OnlineUser GetOrRefresh(string userName)
{
string key = $"Identity_OnlineUser_{userName}";
DistributedCacheEntryOptions options = new DistributedCacheEntryOptions();
options.SetSlidingExpiration(TimeSpan.FromMinutes(30));
return(_cache.Get <OnlineUser>(key,
() =>
{
return _serviceProvider.ExecuteScopedWork <OnlineUser>(provider =>
{
IOnlineUserProvider onlineUserProvider = provider.GetService <IOnlineUserProvider>();
return onlineUserProvider.GetOrCreate(userName).Result;
});
},
options));
}
public async Task <OnlineUser> Profile()
{
if (!User.Identity.IsAuthenticated)
{
return(null);
}
IOnlineUserProvider onlineUserProvider = HttpContext.RequestServices.GetService <IOnlineUserProvider>();
if (onlineUserProvider == null)
{
return(null);
}
OnlineUser onlineUser = await onlineUserProvider.GetOrCreate(User.Identity.Name);
onlineUser.RefreshTokens.Clear();
return(onlineUser);
}
/// <summary>
/// 请求的Token验证成功后使用OnlineUser信息刷新Identity,将在线用户信息赋予Identity
/// </summary>
/// <param name="identity">待刷新的Identity</param>
/// <returns>刷新后的Identity</returns>
public async Task <ClaimsIdentity> RefreshIdentity(ClaimsIdentity identity)
{
if (identity != null && identity.IsAuthenticated)
{
IOnlineUserProvider onlineUserProvider = _provider.GetService <IOnlineUserProvider>();
OnlineUser onlineUser = await onlineUserProvider.GetOrCreate(identity.Name);
if (onlineUser == null)
{
return(identity);
}
if (!string.IsNullOrEmpty(onlineUser.NickName))
{
identity.AddClaim(new Claim(ClaimTypes.GivenName, onlineUser.NickName));
}
if (!string.IsNullOrEmpty(onlineUser.Email))
{
identity.AddClaim(new Claim(ClaimTypes.Email, onlineUser.Email));
}
if (onlineUser.Roles.Length > 0)
{
identity.AddClaim(new Claim(ClaimTypes.Role, onlineUser.Roles.ExpandAndToString()));
}
// 扩展数据
foreach (KeyValuePair <string, string> pair in onlineUser.ExtendData)
{
identity.AddClaim(new Claim(pair.Key, pair.Value));
}
}
ScopedDictionary dict = _provider.GetService <ScopedDictionary>();
if (dict != null)
{
dict.Identity = identity;
}
return(identity);
}
/// <summary>
/// Called early in the filter pipeline to confirm request is authorized.
/// </summary>
/// <param name="context">The <see cref="T:Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext" />.</param>
/// <returns>
/// A <see cref="T:System.Threading.Tasks.Task" /> that on completion indicates the filter has executed.
/// </returns>
public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
ClaimsPrincipal principal = context.HttpContext.User;
ClaimsIdentity identity = principal.Identity as ClaimsIdentity;
IServiceProvider provider = context.HttpContext.RequestServices;
if (identity != null && identity.IsAuthenticated)
{
// 由在线缓存获取用户信息赋给Identity
IOnlineUserProvider onlineUserProvider = provider.GetService <IOnlineUserProvider>();
var name = identity.Name ?? identity.GetUserName();
OnlineUserBase onlineUser = await onlineUserProvider.GetOrCreate(name);
if (onlineUser == null)
{
return;
}
if (!string.IsNullOrEmpty(onlineUser.NickName))
{
identity.AddClaim(new Claim(HybridClaimTypes.NickName, onlineUser.NickName));
}
if (!string.IsNullOrEmpty(onlineUser.Email))
{
identity.AddClaim(new Claim(HybridClaimTypes.Email, onlineUser.Email));
}
if (onlineUser.Roles.Length > 0)
{
identity.AddClaim(new Claim(HybridClaimTypes.Role, onlineUser.Roles.ExpandAndToString()));
}
//扩展数据
foreach (KeyValuePair <string, string> pair in onlineUser.ExtendData)
{
identity.AddClaim(new Claim(pair.Key, pair.Value));
}
}
ScopedDictionary dict = provider.GetService <ScopedDictionary>();
dict.Identity = identity;
}
/// <summary>
/// 获取在<see cref="OnlineUser"/>线用户信息
/// </summary>
public static async Task <OnlineUser> GetOnlineUser(this IServiceProvider provider)
{
ClaimsPrincipal principal = provider.GetService <IPrincipal>() as ClaimsPrincipal;
if (principal == null || !principal.Identity.IsAuthenticated)
{
return(null);
}
string userName = principal.Identity.Name;
IOnlineUserProvider onlineUserProvider = provider.GetService <IOnlineUserProvider>();
if (onlineUserProvider == null)
{
return(null);
}
OnlineUser onlineUser = await onlineUserProvider.GetOrCreate(userName);
return(onlineUser);
}