public OPResult Delete(int clientId)
{
using (var db = new OAuthDbContext())
{
using (TransactionScope scope = new TransactionScope())
{
var auths = db.ClientAuthorizations.Where(o => o.ClientId == clientId).ToArray();
var client = db.Clients.Find(clientId);
db.ClientAuthorizations.RemoveRange(auths);
db.Clients.Remove(client);
try
{
db.SaveChanges();
scope.Complete();
}
catch (Exception e)
{
return(new OPResult {
IsSucceed = false, Message = e.Message
});
}
}
}
return(new OPResult {
IsSucceed = true
});
}
public OPResult Update(OAuth_Client client)
{
using (var db = new OAuthDbContext())
{
var exists = db.Clients.Any(o => o.ClientId != client.ClientId && (o.ClientIdentifier == client.ClientIdentifier || client.Name == o.Name));
if (exists)
{
return(new OPResult {
IsSucceed = false, Message = "已存在相同名称或相同标识的其它商户"
});
}
db.Entry(client).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (Exception e)
{
return(new OPResult {
IsSucceed = false, Message = e.Message
});
}
}
return(new OPResult {
IsSucceed = true
});
}
public bool StoreNonce(string context, string nonce, DateTime timestampUtc)
{
if (!_dicContext.ContainsKey(context))
{
_dicContext.Add(context, this.ToMD5String(context));
}
using (var db = new OAuthDbContext())
{
db.Nonces.Add(new OAuth_Nonce {
Context = _dicContext[context], Code = nonce, Timestamp = timestampUtc
});
try
{
db.SaveChanges();
return(true);
}
catch (SqlException)
{
return(false);
}
catch (Exception e)
{
return(false);
}
}
}
public OPResult SaveClientAPIs(int clientId, IEnumerable <string> apis)
{
using (var db = new OAuthDbContext())
{
using (TransactionScope scope = new TransactionScope())
{
var capis = db.ClientOpenApis.Where(o => o.ClientId == clientId).ToArray();
db.ClientOpenApis.RemoveRange(capis);
foreach (var api in apis)
{
db.ClientOpenApis.Add(new OAuth_ClientOpenApi {
ClientId = clientId, OpenApi = api
});
}
try
{
db.SaveChanges();
scope.Complete();
}
catch (Exception e)
{
return(new OPResult {
IsSucceed = false, Message = e.Message
});
}
}
}
return(new OPResult {
IsSucceed = true
});
}
public AccountController(
UserManager <User> userManager,
OAuthDbContext applicationDbContext)
{
_userManager = userManager;
_applicationDbContext = applicationDbContext;
}
public IEnumerable <OAuth_ClientOpenApi> GetClientApis(int clientId)
{
using (var db = new OAuthDbContext())
{
var apis = db.ClientOpenApis.Where(o => o.ClientId == clientId).ToArray();
return(apis);
}
}
public IEnumerable <OAuth_Client> GetClients()
{
using (var db = new OAuthDbContext())
{
var clients = db.Clients.ToArray();
return(clients);
}
}
// The following code creates the database and schema if they don't exist.
// This is a temporary workaround since deploying database through EF migrations is
// not yet supported in this release.
// Please see this http://go.microsoft.com/fwlink/?LinkID=615859 for more information on how to do deploy the database
// when publishing your application.
private static void EnsureDatabaseCreated(OAuthDbContext context)
{
if (!_databaseChecked)
{
_databaseChecked = true;
context.Database.EnsureCreated();
}
}
public ApiController(IDataProvider dataProvider,
OAuthDbContext dbContext,
IConfiguration configuration)
{
_dataProvider = dataProvider ?? throw new ArgumentNullException(nameof(dataProvider));
_dbContext = dbContext ?? throw new ArgumentNullException(nameof(dbContext));
_configuration = configuration ?? throw new ArgumentNullException(nameof(configuration));
}
public OAuthController(IOptions <OAuthOptions> config,
IHttpClientFactory httpClientFactory,
OAuthDbContext dbContext)
{
_httpClientFactory = httpClientFactory ?? throw new ArgumentNullException();
_dbContext = dbContext;
_oAuthOptions = config?.Value ?? throw new ArgumentNullException();
}
public OAuth_Client GetAccountClient(string accountName)
{
using (var db = new OAuthDbContext())
{
var client = db.Clients.FirstOrDefault(o => o.AccountName == accountName);
return(client);
}
}
[AcceptVerbs(HttpVerbs.Get)]//HttpVerbs.Post
//[Authorize]
//[HttpHeader("x-frame-options", "SAMEORIGIN")] // mitigates clickjacking
public ActionResult Authorize(string userkey)
{
var pendingRequest = this._authorizationServer.ReadAuthorizationRequest(Request);
if (pendingRequest == null)
{
throw new HttpException((int)HttpStatusCode.BadRequest, "Missing authorization request.");
}
if (string.IsNullOrEmpty(userkey))
{
string url = _authorizeUrl, callback = Request.Url.GetLeftPart(UriPartial.Path);
StringBuilder querystring = new StringBuilder(string.Format("client_id={0}&", HttpUtility.UrlEncode(this.Request.QueryString["client_id"]))), callbackQuery = new StringBuilder();
foreach (string key in this.Request.QueryString.Keys)
{
if (!_queryParameters.Contains(key))
{
querystring.Append(string.Format("{0}={1}&", key, HttpUtility.UrlEncode(this.Request.QueryString[key])));
}
else
{
callbackQuery.Append(string.Format("{0}={1}&", key, HttpUtility.UrlEncode(this.Request.QueryString[key])));
}
}
if (callbackQuery.Length > 0)
{
callback += ("?" + callbackQuery.ToString().TrimEnd('&'));
querystring.Append(string.Format("callback={0}&", HttpUtility.UrlEncode(callback)));
}
if (querystring.Length > 0)
{
url += ("?" + querystring.ToString().TrimEnd('&'));
}
return(Redirect(url));
}
else
{
using (var db = new OAuthDbContext())
{
var client = db.Clients.FirstOrDefault(o => o.ClientIdentifier == pendingRequest.ClientIdentifier);
if (client == null)
{
throw new Exception("不受信任的商户");
}
else
{
var user = DESCrypt.Decrypt(userkey, client.ClientSecret);
var approval = this._authorizationServer.PrepareApproveAuthorizationRequest(pendingRequest, user);
var response = this._authorizationServer.Channel.PrepareResponse(approval);
return(response.AsActionResult());
}
}
}
}
public void RemoveKey(string bucket, string handle)
{
using (var db = new OAuthDbContext())
{
var match = db.SymmetricCryptoKeys.FirstOrDefault(k => k.Bucket == bucket && k.Handle == handle);
if (match != null)
{
db.SymmetricCryptoKeys.Remove(match);
db.SaveChanges();
}
}
}
public IEnumerable <KeyValuePair <string, CryptoKey> > GetKeys(string bucket)
{
using (var db = new OAuthDbContext())
{
var query = from key in db.SymmetricCryptoKeys
where key.Bucket == bucket
orderby key.ExpiresUtc descending
select key;
var keys = query.ToList();
return(keys.Select(k => new KeyValuePair <string, CryptoKey>(k.Handle, new CryptoKey(k.Secret, this.AsUtc(k.ExpiresUtc)))));
}
}
public CryptoKey GetKey(string bucket, string handle)
{
using (var db = new OAuthDbContext())
{
// It is critical that this lookup be case-sensitive, which can only be configured at the database.
var matches = from key in db.SymmetricCryptoKeys
where key.Bucket == bucket && key.Handle == handle
select key;
var k = matches.FirstOrDefault();
return(new CryptoKey(k.Secret, this.AsUtc(k.ExpiresUtc)));
}
}
public override async Task ValidateClientAuthentication(
OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (context.TryGetBasicCredentials(out clientId, out clientSecret))
{
UserManager <IdentityUser> userManager =
context.OwinContext.GetUserManager <UserManager <IdentityUser> >();
OAuthDbContext dbContext =
context.OwinContext.Get <OAuthDbContext>();
try
{
Client client = await dbContext
.Clients
.FirstOrDefaultAsync(clientEntity => clientEntity.Id == clientId);
if (client != null &&
userManager.PasswordHasher.VerifyHashedPassword(
client.ClientSecretHash, clientSecret) == PasswordVerificationResult.Success)
{
// Client has been verified.
context.OwinContext.Set <Client>("oauth:client", client);
context.Validated(clientId);
}
else
{
// Client could not be validated.
context.SetError("invalid_client", "Client credentials are invalid.");
context.Rejected();
}
}
catch
{
// Could not get the client through the IClientManager implementation.
context.SetError("server_error");
context.Rejected();
}
}
else
{
// The client credentials could not be retrieved.
context.SetError(
"invalid_client",
"Client credentials could not be retrieved through the Authorization header.");
context.Rejected();
}
}
public IClientDescription GetClient(string clientIdentifier)
{
using (var db = new OAuthDbContext())
{
var consumerRow = db.Clients.SingleOrDefault(
consumerCandidate => consumerCandidate.ClientIdentifier == clientIdentifier);
if (consumerRow == null)
{
throw new ArgumentOutOfRangeException("clientIdentifier");
}
return(new OAuthClientDescription(consumerRow));
}
}
/// <summary>
/// 加密用户信息
/// </summary>
/// <param name="user">用户信息</param>
/// <param name="clientid">商户标识</param>
/// <returns>加密字符串</returns>
public static string Encrypt(string user, string clientid)
{
using (var db = new OAuthDbContext())
{
var c = db.Clients.FirstOrDefault(o => o.ClientIdentifier == clientid);
if (c == null)
{
throw new Exception("不受信任的商户");
}
byte[] key = ToMD5(c.ClientSecret);
byte[] buffer = Encoding.UTF8.GetBytes(user);
byte[] cipher = Encrypt(buffer, key);
return(Convert.ToBase64String(cipher));
}
}
public void StoreKey(string bucket, string handle, CryptoKey key)
{
var keyRow = new OAuth_SymmetricCryptoKey()
{
Bucket = bucket,
Handle = handle,
Secret = key.Key,
ExpiresUtc = key.ExpiresUtc,
};
using (var db = new OAuthDbContext())
{
db.SymmetricCryptoKeys.Add(keyRow);
db.SaveChanges();
}
}
private string SaveClientAuthorization(string clientIdentifier, string userid, string scope, DateTime?expirationDateUtc)
{
string token = Guid.NewGuid().ToString().ToUpper();
using (var db = new OAuthDbContext())
{
var query = from auth in db.ClientAuthorizations
from client in db.Clients
where
auth.ClientId == client.ClientId && client.ClientIdentifier == clientIdentifier &&
auth.UserId == userid
select auth;
var clientAuth = query.FirstOrDefault();
if (clientAuth == null)
{
var client = db.Clients.FirstOrDefault(o => o.ClientIdentifier == clientIdentifier);
if (client == null)
{
throw new Exception("不受信任的商户!");
}
clientAuth = new OAuth_ClientAuthorization
{
ClientId = client.ClientId,
CreatedOnUtc = DateTime.Now,
Scope = scope,
UserId = userid,
Token = token,
ExpirationDateUtc = expirationDateUtc
};
db.ClientAuthorizations.Add(clientAuth);
}
else
{
clientAuth.CreatedOnUtc = DateTime.Now;
clientAuth.Scope = scope;
clientAuth.Token = token;
clientAuth.ExpirationDateUtc = expirationDateUtc;
}
db.SaveChanges();
}
return(token);
}
private AccessToken GetAccessToken(string accessToken)
{
using (var db = new OAuthDbContext())
{
var query = from auth in db.ClientAuthorizations
from client in db.Clients
where auth.ClientId == client.ClientId && auth.Token == accessToken
select new
{
client.ClientIdentifier,
auth.UserId,
auth.Scope,
auth.ExpirationDateUtc,
auth.CreatedOnUtc
};
var clientAuth = query.FirstOrDefault();
if (clientAuth == null)
{
throw new Exception("当前AccessToken无效,请重新认证!");
}
else if (clientAuth.ExpirationDateUtc.HasValue && clientAuth.ExpirationDateUtc < DateTime.UtcNow)
{
throw new Exception("当前AccessToken已过期!");
}
//token.UtcIssued和token.Lifetime此处可以不赋值(后续并没有用到)
var token = new AccessToken
{
ClientIdentifier = clientAuth.ClientIdentifier,
User = clientAuth.UserId
};
var scopes = OAuthUtilities.SplitScopes(clientAuth.Scope);
if (scopes.Count > 0)
{
token.Scope.AddRange(scopes);
}
return(token);
}
}
public ActionResult LogOn(string username, string password, string returnUrl)
{
if (username == "admin" && password == ConfigurationManager.AppSettings["admin"])
{
FormsAuthentication.SetAuthCookie(username, false);
return(Redirect(returnUrl));
}
else
{
using (var db = new OAuthDbContext())
{
if (db.Clients.Any(o => o.AccountName == username && o.AccountPassword == password))
{
FormsAuthentication.SetAuthCookie(username, false);
return(Redirect(returnUrl));
}
}
}
ViewBag.LoginError = "用户名或密码有误!";
return(View());
}
public OPResult Create(OAuth_Client client)
{
using (var db = new OAuthDbContext())
{
var c = db.Clients.FirstOrDefault(o => o.ClientIdentifier == client.ClientIdentifier || client.Name == o.Name);
if (c != null)
{
if (c.ClientIdentifier == client.ClientIdentifier)
{
return new OPResult {
IsSucceed = false, Message = "已存在相同标识的商户"
}
}
;
else
{
return new OPResult {
IsSucceed = false, Message = "已存在相同名称的商户"
}
};
}
client = db.Clients.Add(client);
try
{
db.SaveChanges();
}
catch (Exception e)
{
return(new OPResult {
IsSucceed = false, Message = e.Message
});
}
}
return(new OPResult <int> {
IsSucceed = true, Result = client.ClientId
});
}
// GET: api/HealthCheck
public HealthCheckModel Get()
{
bool dbStatus = true;
try
{
OAuthDbContext dbContext = new OAuthDbContext("MobileOAuth");
dbContext.Database.Connection.Open();
dbContext.Database.Connection.Close();
}
catch (SqlException)
{
dbStatus = false;
}
var version = System.Reflection.Assembly.GetExecutingAssembly().GetName().Version;
HealthCheckModel healthCheckModel = new HealthCheckModel()
{
Version = version.ToString(),
ConnectDBStatus = dbStatus
};
return(healthCheckModel);
}
public AdminUserRepository(Func<OAuthDbContext> dbContextFactory)
{
this.dbContext = dbContextFactory.Invoke();
}
public ApplicationRepository(Func<OAuthDbContext> dbContextFactory)
{
this.dbContext = dbContextFactory.Invoke();
}
public DataProvider(IHttpClientFactory httpClientFactory, OAuthDbContext dbContext)
{
_httpClientFactory = httpClientFactory;
_dbContext = dbContext;
}
public ApplicationRepository(Func <OAuthDbContext> dbContextFactory)
{
this.dbContext = dbContextFactory.Invoke();
}
public AdminUserRepository(Func <OAuthDbContext> dbContextFactory)
{
this.dbContext = dbContextFactory.Invoke();
}
