/// <summary>凭证式获取令牌</summary>
/// <param name="sso"></param>
/// <param name="client_id">应用标识</param>
/// <param name="client_secret">密钥</param>
/// <param name="refresh_token">刷新令牌</param>
/// <param name="ip"></param>
/// <returns></returns>
public virtual TokenInfo RefreshToken(OAuthServer sso, String client_id, String client_secret, String refresh_token, String ip)
{
var log = new AppLog
{
Action = "RefreshToken",
Success = true,
ClientId = client_id,
ResponseType = "refresh_token",
CreateIP = ip,
};
try
{
var app = App.FindByName(client_id);
if (app != null)
{
log.AppId = app.ID;
}
app = sso.Auth(client_id, client_secret);
log.AppId = app.ID;
var name = sso.Decode(refresh_token);
var ss = name.Split("#");
if (ss.Length != 2 || ss[0] != client_id)
{
throw new Exception("非法令牌");
}
// 使用者标识保持不变
var code = ss[1];
var token = sso.CreateToken(app, code, null, $"{client_id}#{code}");
log.AccessToken = token.AccessToken;
log.RefreshToken = token.RefreshToken;
log.CreateUser = code;
log.Scope = token.Scope;
return(token);
}
catch (Exception ex)
{
log.Success = false;
log.Remark = ex.GetTrue()?.Message;
throw;
}
finally
{
log.Insert();
}
}
/// <summary>获取用户信息</summary>
/// <param name="sso"></param>
/// <param name="token"></param>
/// <returns></returns>
public virtual IManageUser GetUser(OAuthServer sso, String token)
{
var username = sso.Decode(token);
var user = Provider?.FindByName(username);
// 两级单点登录可能因缓存造成查不到用户
if (user == null)
{
user = UserX.Find(UserX._.Name == username);
}
return(user);
}