public override Task <GrantResponseDTO> GrantByToken(GrantByTokenRequestDTO request, ServerCallContext context)
{
return(Task.Run(() =>
{
GrantResponseDTO response = new GrantResponseDTO();
UserToken token = UserToken.FromCipherToken(request.Token);
if (token == null)
{
response.RetCode = "0400";
response.RetMsg = "无效的token";
return response;
}
OAuthApp app = OAuthAppCache.Get(request.Appid);
if (app == null)
{
response.RetCode = "0400";
response.RetMsg = "无效的应用id";
return response;
}
if (app.Id != token.AppId)
{
response.RetCode = "0403";
response.RetMsg = "无效的token";
return response;
}
CodePrivilege[] privileges = null;
if (request.Grants != null && request.Grants.Count > 0)
{
privileges = new CodePrivilege[request.Grants.Count];
for (int i = 0; i < request.Grants.Count; i++)
{
privileges[i] = new CodePrivilege {
Id = request.Grants[i].Id, Type = request.Grants[i].Type
};
}
}
GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, token.UserId, request.Scopes, request.Client.DeviceId);
if (!grant.Grant(request.GrantAll, privileges))
{
response.RetCode = "0500";
response.RetMsg = "授权失败,请重试";
return response;
}
response.RetCode = "0000";
response.RetMsg = "ok";
response.Data = new GrantResponseDTO.Types.Result
{
Code = grant.Auth_Code
};
return response;
}));
}
public override Task <GrantResponseDTO> GrantByAccount(GrantByAccountRequestDTO request, ServerCallContext context)
{
return(Task.Run(() =>
{
var response = new GrantResponseDTO();
OAuthApp app = OAuthAppCache.Get(request.Appid);
List <Scope> scope = ScopeCache.Get(request.Scopes.Split(','));
if (app == null)
{
response.RetCode = "0400";
response.RetMsg = "无效的应用id";
return response;
}
string ip = context.GetHttpContext().Request.Headers["X-FORWARD-IP"];
LoginProvider login = new LoginProvider(request.Account, request.Password, request.Scopes, LoginType.LOGIN_BY_PASSWORD);
if (!login.Login(request.Client.Type, request.Client.System, request.Client.DeviceId, ip, request.Client.SessionId, request.Client.Version, app.Id))
{
response.RetCode = "0500";
response.RetMsg = login.PromptInfo.CustomMessage;
return response;
}
CodePrivilege[] privileges = null;
if (request.Grants != null && request.Grants.Count > 0)
{
privileges = new CodePrivilege[request.Grants.Count];
for (int i = 0; i < request.Grants.Count; i++)
{
privileges[i] = new CodePrivilege {
Id = request.Grants[i].Id, Type = request.Grants[i].Type
};
}
}
GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, login.User.UserId, request.Scopes, request.Client.DeviceId);
if (!grant.Grant(request.GrantAll, privileges))
{
response.RetCode = "0500";
response.RetMsg = "授权失败,请重试";
return response;
}
response.RetCode = "0000";
response.RetMsg = "ok";
response.Data = new GrantResponseDTO.Types.Result
{
Code = grant.Auth_Code
};
return response;
}));
}
[HttpPost] // api/authorize
public ResponseResult <GrantResponseDTO> GrantByAccount(GrantByAccountRequestDTO data)
{
OAuthApp app = OAuthAppCache.Get(data.Appid);
List <Scope> scope = ScopeCache.Get(data.Scopes.Split(','));
if (app == null)
{
return(Fail <GrantResponseDTO>("无效的应用id", "0400"));
}
string ip = Request.Headers["X-FORWARD-IP"];
LoginProvider login = new LoginProvider(data.Account, data.Password, data.Scopes, LoginType.LOGIN_BY_PASSWORD);
if (!login.Login(data.Client.Type, data.Client.System, data.Client.DeviceId, ip, data.Client.SessionId, data.Client.Version, app.Id))
{
return(Fail <GrantResponseDTO>(login.PromptInfo.CustomMessage, "0500"));
}
CodePrivilege[] privileges = null;
if (data.Privileges != null && data.Privileges.Count > 0)
{
privileges = new CodePrivilege[data.Privileges.Count];
for (int i = 0; i < data.Privileges.Count; i++)
{
privileges[i] = new CodePrivilege {
Id = data.Privileges[i].Id, Type = data.Privileges[i].Type
};
}
}
GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, login.User.UserId, data.Scopes, data.Client.DeviceId);
if (!grant.Grant(data.GrantAll, privileges))
{
return(Fail <GrantResponseDTO>("授权失败,请重试", "0500"));
}
var response = new GrantResponseDTO
{
Code = grant.Auth_Code
};
return(Success(response));
}
[HttpPost("client")] // api/authorize/client
public ResponseResult <GrantResponseDTO> GrantByToken(GrantByTokenRequestDTO data)
{
GrantResponseDTO response = new GrantResponseDTO();
UserToken token = UserToken.FromCipherToken(data.Token);
if (token == null)
{
return(Fail <GrantResponseDTO>("无效的token", "0400"));
}
OAuthApp app = OAuthAppCache.Get(data.Appid);
if (app == null)
{
return(Fail <GrantResponseDTO>("无效的应用id", "0400"));
}
if (app.Id != token.AppId)
{
return(Fail <GrantResponseDTO>("无效的token", "0500"));
}
CodePrivilege[] privileges = null;
if (data.Privileges != null && data.Privileges.Count > 0)
{
privileges = new CodePrivilege[data.Privileges.Count];
for (int i = 0; i < data.Privileges.Count; i++)
{
privileges[i] = new CodePrivilege {
Id = data.Privileges[i].Id, Type = data.Privileges[i].Type
};
}
}
GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, token.UserId, data.Scopes, data.Client.DeviceId);
if (!grant.Grant(data.GrantAll, privileges))
{
return(Fail <GrantResponseDTO>("授权失败,请重试"));
}
response.Code = grant.Auth_Code;
return(Success(response));
}
