public SignInResult(string accessToken, string refreshToken, bool newUserCreated, IdenityUser currentUser) { AccessToken = accessToken; RefreshToken = refreshToken; NewUserCreated = newUserCreated; CurrentUser = currentUser; }
public async Task <string> BuildJwtAsync <TUserClaim, TRole, TRoleOfUser>(IdenityUser user, SignInToken signInToken, string?audience) where TUserClaim : IdentityUserClaim, new() where TRole : IdentityRole, new() where TRoleOfUser : IdentityRoleOfUser, new() { DateTime utcNow = DateTime.UtcNow; IEnumerable <Claim> userClaims = await _identityService.GetUserClaimAsync <TUserClaim, TRole, TRoleOfUser>(user).ConfigureAwait(false); IList <Claim> claims = userClaims.ToList(); claims.Add(new Claim(ClaimExtensionTypes.SignInTokenGuid, signInToken.Guid)); //这个JWT只能在当前DeviceId上使用 claims.Add(new Claim(ClaimExtensionTypes.DeviceId, signInToken.DeviceId)); JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler(); JwtSecurityToken token = handler.CreateJwtSecurityToken( _options.OpenIdConnectConfiguration.Issuer, _options.NeedAudienceToBeChecked ? audience : null, new ClaimsIdentity(claims), utcNow, utcNow + _signInOptions.AccessTokenExpireTimeSpan, utcNow, _signingCredentials ); return(handler.WriteToken(token)); }
private Task ChangeSecurityStampAsync(IdenityUser user) { user.SecurityStamp = SecurityUtil.CreateUniqueToken(); if (_identityOptions.Events != null) { IdentitySecurityStampChangeContext context = new IdentitySecurityStampChangeContext(user.Guid); return(_identityOptions.Events.SecurityStampChangedAsync(context)); } return(Task.CompletedTask); }
/// <summary> /// 在Claims中放入UserGuid, SecurityStamp, UserClaim表中声明加入JWT的, 所有roleName /// </summary> /// <param name="user"></param> /// <param name="transContext"></param> /// <returns></returns> public async Task <IEnumerable <Claim> > CreateClaimsAsync <TUserClaim, TRole, TRoleOfUser>(IdenityUser user, TransactionContext transContext) where TUserClaim : IdentityUserClaim, new() where TRole : IdentityRole, new() where TRoleOfUser : IdentityRoleOfUser, new() { IList <Claim> claims = new List <Claim> { new Claim(ClaimExtensionTypes.UserGuid, user.Guid), new Claim(ClaimExtensionTypes.SecurityStamp, user.SecurityStamp), //new Claim(ClaimExtensionTypes.UserId, user.Id.ToString(GlobalSettings.Culture)), new Claim(ClaimExtensionTypes.LoginName, user.LoginName ?? ""), //new Claim(ClaimExtensionTypes.MobilePhone, user.Mobile??""), //new Claim(ClaimExtensionTypes.IsMobileConfirmed, user.MobileConfirmed.ToString(GlobalSettings.Culture)) }; IEnumerable <TUserClaim> userClaims = await _userClaimBiz.GetAsync <TUserClaim>(user.Guid, transContext).ConfigureAwait(false); userClaims.ForEach(item => { if (item.AddToJwt) { claims.Add(new Claim(item.ClaimType, item.ClaimValue)); } }); IEnumerable <TRole> roles = await _roleBiz.GetByUserGuidAsync <TRole, TRoleOfUser>(user.Guid, transContext).ConfigureAwait(false); roles.Select(r => r.Name).ForEach(roleName => { claims.Add(new Claim(ClaimExtensionTypes.Role, roleName)); }); return(claims); ////并行 //return TaskUtil.Concurrence( // _userClaimBiz.GetAsync<TUserClaim>(user.Guid, transContext), // _roleBiz.GetByUserGuidAsync<TRole, TRoleOfUser>(user.Guid, transContext), // userClaims => // { // List<Claim> rts = new List<Claim>(); // userClaims.ForEach((item) => // { // if (item.AddToJwt) // { // rts.Add(new Claim(item.ClaimType, item.ClaimValue)); // } // }); // return rts; // }, // roles => // { // List<Claim> rts = new List<Claim>(); // roles.Select(r => r.Name).ForEach(roleName => rts.Add(new Claim(ClaimExtensionTypes.Role, roleName))); // return rts; // }); }
/// <summary> /// GetUserClaimAsync /// </summary> /// <param name="user"></param> /// <returns></returns> /// <exception cref="DatabaseException"></exception> public async Task <IEnumerable <Claim> > GetUserClaimAsync <TUserClaim, TRole, TRoleOfUser>(IdenityUser user) where TUserClaim : IdentityUserClaim, new() where TRole : IdentityRole, new() where TRoleOfUser : IdentityRoleOfUser, new() { TransactionContext transactionContext = await _database.BeginTransactionAsync <TUserClaim>(IsolationLevel.ReadCommitted).ConfigureAwait(false); try { IEnumerable <Claim> claims = await _claimsFactory.CreateClaimsAsync <TUserClaim, TRole, TRoleOfUser>(user, transactionContext).ConfigureAwait(false); await _database.CommitAsync(transactionContext).ConfigureAwait(false); return(claims); } catch { await _database.RollbackAsync(transactionContext).ConfigureAwait(false); throw; } }
/// <summary> /// PassowrdCheck /// </summary> /// <param name="user"></param> /// <param name="password"></param> /// <returns></returns> /// <exception cref="System.Reflection.TargetInvocationException">Ignore.</exception> /// <exception cref="ObjectDisposedException">Ignore.</exception> private static bool PassowrdCheck(IdenityUser user, string password) { string passwordHash = SecurityUtil.EncryptPwdWithSalt(password, user.Guid); return(passwordHash.Equals(user.PasswordHash, GlobalSettings.Comparison)); }