private async Task <string> GetOpenId(string accessToken, string code)
{
StringBuilder gatewayOpenIdSb = new StringBuilder(UrlConstants.GATEWAY_OPENID_URL);
gatewayOpenIdSb.Append("?AccessToken=")
.Append(accessToken)
.Append("&Code=")
.Append(code);
string result = await HttpClientUtils.GetJson(gatewayOpenIdSb.ToString());
CodeToOpenIdViewModel openId = JsonConvert.DeserializeObject <CodeToOpenIdViewModel>(result);
return(openId.OpenId);
}
public async Task <IActionResult> CodeToOpenId(CodeToOpenIdAddressModel model)
{
var AccessToken = await _dbContext.AccessToken.SingleOrDefaultAsync(t => t.Value == model.AccessToken);
if (AccessToken == null)
{
return(this.Protocal(ErrorType.WrongKey, "Not a valid access token!"));
}
var targetPack = await _dbContext
.OAuthPack
.Where(t => t.IsUsed == false)
.SingleOrDefaultAsync(t => t.Code == model.Code);
if (targetPack == null)
{
return(this.Protocal(ErrorType.WrongKey, "Invalid Code."));
}
if (targetPack.ApplyAppId != AccessToken.ApplyAppId)
{
return(this.Protocal(ErrorType.Unauthorized, "The app granted code is not the app granting access token!"));
}
var capp = (await _apiService.AppInfoAsync(targetPack.ApplyAppId)).App;
if (capp == null)
{
return(this.Protocal(ErrorType.NotFound, "App not found."));
}
if (!capp.ViewOpenId)
{
return(this.Protocal(ErrorType.Unauthorized, "The app doesn't have view open id permission."));
}
targetPack.IsUsed = true;
await _dbContext.SaveChangesAsync();
var viewModel = new CodeToOpenIdViewModel
{
openid = targetPack.UserId,
scope = "scope",
Message = "Successfully get user openid",
Code = ErrorType.Success
};
return(Json(viewModel));
}
public async Task <IActionResult> CodeToOpenId(CodeToOpenIdAddressModel model)
{
var AccessToken = await _dbContext.AccessToken.SingleOrDefaultAsync(t => t.Value == model.AccessToken);
if (AccessToken == null)
{
return(Json(new AiurProtocal {
message = "Not a valid access token!", code = ErrorType.Unauthorized
}));
}
var targetPack = await _dbContext
.OAuthPack
.Where(t => t.IsUsed == false)
.SingleOrDefaultAsync(t => t.Code == model.Code);
if (targetPack == null)
{
return(Json(new AiurProtocal {
message = "Invalid Code.", code = ErrorType.WrongKey
}));
}
if (targetPack.ApplyAppId != AccessToken.ApplyAppId)
{
return(Json(new AiurProtocal {
message = "The app granted code is not the app granting access token!", code = ErrorType.Unauthorized
}));
}
targetPack.IsUsed = true;
await _dbContext.SaveChangesAsync();
var viewModel = new CodeToOpenIdViewModel
{
openid = targetPack.UserId,
scope = "scope",
message = "Successfully get user openid",
code = ErrorType.Success
};
return(Json(viewModel));
}
public async Task <IActionResult> CodeToOpenId(CodeToOpenIdAddressModel model)
{
var appId = _tokenManager.ValidateAccessToken(model.AccessToken);
var targetPack = await _dbContext
.OAuthPack
//.Where(t => t.IsUsed == false)
.SingleOrDefaultAsync(t => t.Code == model.Code);
if (targetPack == null)
{
return(this.Protocol(ErrorType.WrongKey, "The code doesn't exists in our database."));
}
// Use time is more than 10 seconds from now.
if (targetPack.UseTime != DateTime.MinValue && targetPack.UseTime + new TimeSpan(0, 0, 0, 10) < DateTime.UtcNow)
{
return(this.Protocol(ErrorType.HasDoneAlready, "Code is used already!"));
}
if (targetPack.ApplyAppId != appId)
{
return(this.Protocol(ErrorType.Unauthorized, "The app granted code is not the app granting access token!"));
}
var capp = (await _apiService.AppInfoAsync(targetPack.ApplyAppId)).App;
if (!capp.ViewOpenId)
{
return(this.Protocol(ErrorType.Unauthorized, "The app doesn't have view open id permission."));
}
targetPack.UseTime = DateTime.UtcNow;
await _dbContext.SaveChangesAsync();
var viewModel = new CodeToOpenIdViewModel
{
openid = targetPack.UserId,
scope = "scope",
Message = "Successfully get user openid",
Code = ErrorType.Success
};
return(Json(viewModel));
}
