예제 #1
0
        public async Task Handle(ExternalSignInContext externalSignInContext)
        {
            var properties            = externalSignInContext.AuthenticationProperties;
            var clientFactory         = externalSignInContext.HttpClientFactory;
            var requestLocalizer      = externalSignInContext.RequestLocalizer;
            var externalSignInHandler = externalSignInContext.Context;
            var user            = externalSignInContext.User;
            var requestServices = externalSignInContext.RequestServices;
            var providerKey     = properties.Items["providerKey"];

            // 首先获取OpenId
            var openIdEndpoint = QueryHelpers.AddQueryString(QQDefaults.OpenIdEndpoint,
                                                             "access_token", providerKey);
            var backchannel = clientFactory.CreateClient();

            var openIdResponse = await backchannel.GetAsync(openIdEndpoint);

            var openIdContent = await openIdResponse.Content.ReadAsStringAsync();

            openIdContent = openIdContent.TrimStart("callback( ").TrimEnd(" );\n");
            var openIdPayload = JObject.Parse(openIdContent);

            // 存储openid,绑定到系统的用户,作为系统在第三方的唯一标识
            var openId   = openIdPayload["openid"].Value <string>();
            var clientId = openIdPayload["client_id"].Value <string>();
            var tokenRequestParameters = new Dictionary <string, string>()
            {
                { "access_token", providerKey },
                { "oauth_consumer_key", clientId },
                { "openid", openId },
            };
            var endpoint = QueryHelpers.AddQueryString(QQDefaults.UserInformationEndpoint, tokenRequestParameters);

            var requestMessage = new HttpRequestMessage(HttpMethod.Get, endpoint);

            requestMessage.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
            var response = await backchannel.SendAsync(requestMessage);

            var userInfoPayload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());

            var ret = userInfoPayload.RootElement.GetString("ret").ToInt();

            if (ret < 0)
            {
                throw ApiException.Common(requestLocalizer[userInfoPayload.RootElement.GetString("msg")]);
            }

            var options = requestServices.GetRequiredService <IOptionsMonitor <QQOptions> >().CurrentValue;

            var identity = user.Identity as ClaimsIdentity;

            externalSignInHandler.RunClaimActions(options.ClaimActions, identity, userInfoPayload.RootElement);

            identity?.AddClaim(new Claim(OAuthSignInAuthenticationDefaults.Sub, openId));
        }
예제 #2
0
        protected override async Task HandleSignInAsync(ClaimsPrincipal user, AuthenticationProperties properties)
        {
            var scheme = properties.Items["scheme"];
            //var providerKey = properties.Items["providerKey"];

            var externalSignInContext = new ExternalSignInContext(_clientFactory, this, this.Context.RequestServices, _requestLocalizer, user, properties);

            foreach (var handler in _handlers)
            {
                if (handler.CheckName(scheme))
                {
                    await handler.Handle(externalSignInContext);

                    break;
                }
            }

            await Context.SignInAsync(OAuthSignInAuthenticationDefaults.AuthenticationScheme, user, properties);
        }