public async Task <ThirdPartySystemTokenResult> GetSystemAttributes(AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint, HttpRequest request) { ThirdPartySystemTokenResult result = new ThirdPartySystemTokenResult(); var service = await GetService(endpoint); var postExecuteService = await GetPostExecuteService(endpoint); var thirdPartyResult = await service.GetSystemToken(endpoint.ThirdPartyConfiguration, request); result.Attributes = thirdPartyResult.Attributes; if (postExecuteService != null) { var postExecuteResult = await postExecuteService.Execute(thirdPartyResult.Attributes, endpoint.ThirdPartyPostConfiguration); result.Attributes.Merge(postExecuteResult.UserInfoAttributes); result.AdditionalRedirectUrlQueryAttributes = postExecuteResult.AdditionalRedirectUrlQueryAttributes; } await SaveTokenRecord(thirdPartyResult.Attributes, thirdPartyResult.Token, endpoint, loginEndpoint); return(result); }
private string GenerateSystemLoginUrl(SystemLoginEndpoint sysEndpoint, AuthorizationEndpoint authEndpoint) { var serviceReturnUrl = QueryHelpers.AddQueryString(sysEndpoint.BaseUrl, new Dictionary <string, string>() { { "sysname", sysEndpoint.Name }, { "authname", authEndpoint.Name } }); return(serviceReturnUrl); }
public async Task <string> RefreshToken(AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint, string userKey, string systemToken) { var service = await GetService(endpoint); var newToken = await service.RefreshToken(endpoint.ThirdPartyConfiguration, systemToken); if (endpoint.KeepThirdPartyToken) { var record = await _thirdPartySystemTokenRecordStore.QueryByUserKey(userKey, loginEndpoint.ID, endpoint.ID); if (record != null) { await _thirdPartySystemTokenRecordStore.UpdateToken(userKey, record.ID, newToken); } } return(newToken); }
private async Task <IThirdPartySystemService> GetService(AuthorizationEndpoint endpoint) { if (!_thirdPartySystemServices.TryGetValue(endpoint.ThirdPartyType, out IThirdPartySystemService service)) { var fragment = new TextFragment() { Code = TextCodes.NotFoundThirdPartySystemServiceByType, DefaultFormatting = "找不到类型为{0}的第三方系统服务,发生位置:{1}", ReplaceParameters = new List <object>() { endpoint.ThirdPartyType, $"{typeof(AuthorizationEndpointIMP).FullName}.ThirdPartySystemServices" } }; throw new UtilityException((int)Errors.NotFoundThirdPartySystemServiceByType, fragment); } return(await Task.FromResult(service)); }
public async Task <GetSystemTokenResult> GetSystemToken(AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint, string systemLoginRedirectUrl, string clientRedirectUrl) { GetSystemTokenResult result = new GetSystemTokenResult(); var service = await GetService(endpoint); var postExecuteService = await GetPostExecuteService(endpoint); //获取第三方系统的令牌结果 var getSystemTokenResult = await service.GetSystemToken(endpoint.ThirdPartyConfiguration, systemLoginRedirectUrl, clientRedirectUrl); result.Direct = getSystemTokenResult.Direct; //如果不是结果是直接,则需要进行后续处理 if (getSystemTokenResult.Direct) { result.TokenResult = new ThirdPartySystemTokenResult() { Attributes = getSystemTokenResult.Token.Attributes }; if (postExecuteService != null) { var postExecuteResult = await postExecuteService.Execute(getSystemTokenResult.Token.Attributes, endpoint.ThirdPartyPostConfiguration); result.TokenResult.Attributes.Merge(postExecuteResult.UserInfoAttributes); result.TokenResult.AdditionalRedirectUrlQueryAttributes = postExecuteResult.AdditionalRedirectUrlQueryAttributes; } await SaveTokenRecord(getSystemTokenResult.Token.Attributes, getSystemTokenResult.Token.Token, endpoint, loginEndpoint); } else { result.RedirectUrl = getSystemTokenResult.RedirectUrl; } return(result); }
private async Task <string> GetUserKey(Dictionary <string, string> attributes, AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint) { if (!attributes.TryGetValue(loginEndpoint.UserInfoKey, out string userKey)) { var fragment = new TextFragment() { Code = TextCodes.NotFoundUserInfoKeyInThirdPartyTokenAttributes, DefaultFormatting = "在登录终结点{0}、验证终结点{1}的第三方及后续处理中获取的令牌键值对中,找不到键为{2}的值", ReplaceParameters = new List <object>() { loginEndpoint.Name, endpoint.Name, loginEndpoint.UserInfoKey } }; throw new UtilityException((int)Errors.NotFoundUserInfoKeyInThirdPartyTokenAttributes, fragment); } return(await Task.FromResult(userKey)); }
private async Task SaveTokenRecord(Dictionary <string, string> attributes, string token, AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint) { if (!endpoint.KeepThirdPartyToken) { return; } var userKey = await GetUserKey(attributes, endpoint, loginEndpoint); var service = await GetService(endpoint); var record = await _thirdPartySystemTokenRecordStore.QueryByUserKey(userKey, loginEndpoint.ID, endpoint.ID); bool needUpdate = false; if (record == null) { record = new ThirdPartySystemTokenRecord() { ID = Guid.NewGuid(), AuthorizationEndpointID = endpoint.ID, SystemLoginEndpointID = loginEndpoint.ID, LastRefeshTime = DateTime.UtcNow, Timeout = await service.GetTimeout(endpoint.ThirdPartyConfiguration), Token = token, UserKey = userKey }; try { await _thirdPartySystemTokenRecordStore.Add(record); } catch (UtilityException ex) { if (ex.Code == (int)Errors.ExistSameThirdPartySystemTokenRecord) { record = await _thirdPartySystemTokenRecordStore.QueryByUserKey(userKey, loginEndpoint.ID, endpoint.ID); needUpdate = true; } else { throw ex; } } } else { needUpdate = true; } if (needUpdate) { record.Timeout = await service.GetTimeout(endpoint.ThirdPartyConfiguration); record.LastRefeshTime = DateTime.UtcNow; record.Token = token; await _thirdPartySystemTokenRecordStore.Update(record); } }
public async Task <string> GetRealRedirectUrl(AuthorizationEndpoint endpoint, HttpRequest request) { var service = await GetService(endpoint); return(await service.GetRealRedirectUrl(endpoint.ThirdPartyConfiguration, request)); }
public async Task <bool> VerifyToken(AuthorizationEndpoint endpoint, string systemToken) { var service = await GetService(endpoint); return(await service.VerifyToken(endpoint.ThirdPartyConfiguration, systemToken)); }
public async Task Update(AuthorizationEndpoint endpoint) { await _authorizationEndpointStore.Update(endpoint); }
public async Task Add(AuthorizationEndpoint endpoint) { await _authorizationEndpointStore.Add(endpoint); }
public async Task Logout(AuthorizationEndpoint endpoint, string systemToken) { var service = await GetService(endpoint); await service.Logout(endpoint.ThirdPartyConfiguration, systemToken); }
public async Task <string> GetKeepLoginUrl(AuthorizationEndpoint endpoint, string systemToken) { var service = await GetService(endpoint); return(await service.GetKeepLoginUrl(endpoint.ThirdPartyConfiguration, systemToken)); }
public async Task <string> GetLoginUrl(AuthorizationEndpoint endpoint, string systemLoginRedirectUrl, string clientRedirectUrl) { var service = await GetService(endpoint); return(await service.GetLoginUrl(endpoint.ThirdPartyConfiguration, systemLoginRedirectUrl, clientRedirectUrl)); }
public async Task Delete(AuthorizationEndpoint endpoint) { await _authorizationEndpointStore.Delete(endpoint.ID); }
public async Task <string> GetCommonToken(SystemLoginEndpoint endpoint, HttpRequest request) { //从request的query中获取authname if (!request.Query.TryGetValue("authname", out StringValues strAuthName)) { var fragment = new TextFragment() { Code = TextCodes.NotFoundAuthNameQuerystringInAuthRedirectUrl, DefaultFormatting = "名称为{0}的系统登录终结点的第三方认证系统回调请求处理中,回调请求的Url中不包含authname参数,回调请求的Url为{1}", ReplaceParameters = new List <object>() { endpoint.Name, request.Path.Value } }; throw new UtilityException((int)Errors.NotFoundAuthNameQuerystringInAuthRedirectUrl, fragment); } //根据authname获取登录终结点下面关联的验证终结点 AuthorizationEndpoint authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, strAuthName[0]); if (authorizationEndpoint == null) { var fragment = new TextFragment() { Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointCanExecuteCallback, DefaultFormatting = "名称为{0}的系统登录终结点中,找不到可以处理从第三方认证系统回调请求的关联认证终结点,请求url为{1}", ReplaceParameters = new List <object>() { endpoint.Name, request.Path.Value } }; throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointCanExecuteCallback, fragment); } //调用验证终结点的方法,获取实际的重定向地址 string redirectUrl = await authorizationEndpoint.GetRealRedirectUrl(request); //验证客户端重定向地址 await validateClientRedirectUrl(endpoint, redirectUrl); //调用验证终结点的方法,获取第三方登陆系统处理后产生的键值对 var authResult = await authorizationEndpoint.GetSystemAttributes(endpoint, request); //生成最终要重定向回接入方的Url var commonToken = new CommonToken() { SystemName = endpoint.Name, AuthorizationName = authorizationEndpoint.Name, UserInfoAttributes = authResult.Attributes }; //生成通用令牌的JWT字符串 var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>() { { "SystemName", commonToken.SystemName }, { "AuthorizationName", commonToken.AuthorizationName }, { "UserInfoAttributes", JsonSerializerHelper.Serializer <Dictionary <string, string> >(commonToken.UserInfoAttributes) } }, endpoint.ExpireSecond); //生成重定向回接入方系统的地址 var strReturnUrl = QueryHelpers.AddQueryString(redirectUrl, authResult.AdditionalRedirectUrlQueryAttributes); strReturnUrl = QueryHelpers.AddQueryString(strReturnUrl, "commontoken", strCommonToken); return(strReturnUrl); }
/// <summary> /// 删除 /// </summary> /// <returns></returns> public async Task Delete(AuthorizationEndpoint endpoint) { await _imp.Delete(this); }