Exemplo n.º 1
0
        public bool StoreNonce(string context, string nonce, DateTime timestampUtc)
        {
            if (!_dicContext.ContainsKey(context))
            {
                _dicContext.Add(context, this.ToMD5String(context));
            }

            using (var db = new OAuthDbContext())
            {
                db.Nonces.Add(new OAuth_Nonce {
                    Context = _dicContext[context], Code = nonce, Timestamp = timestampUtc
                });
                try
                {
                    db.SaveChanges();
                    return(true);
                }
                catch (SqlException)
                {
                    return(false);
                }
                catch (Exception e)
                {
                    return(false);
                }
            }
        }
 public OPResult Delete(int clientId)
 {
     using (var db = new OAuthDbContext())
     {
         using (TransactionScope scope = new TransactionScope())
         {
             var auths  = db.ClientAuthorizations.Where(o => o.ClientId == clientId).ToArray();
             var client = db.Clients.Find(clientId);
             db.ClientAuthorizations.RemoveRange(auths);
             db.Clients.Remove(client);
             try
             {
                 db.SaveChanges();
                 scope.Complete();
             }
             catch (Exception e)
             {
                 return(new OPResult {
                     IsSucceed = false, Message = e.Message
                 });
             }
         }
     }
     return(new OPResult {
         IsSucceed = true
     });
 }
 public OPResult Update(OAuth_Client client)
 {
     using (var db = new OAuthDbContext())
     {
         var exists = db.Clients.Any(o => o.ClientId != client.ClientId && (o.ClientIdentifier == client.ClientIdentifier || client.Name == o.Name));
         if (exists)
         {
             return(new OPResult {
                 IsSucceed = false, Message = "已存在相同名称或相同标识的其它商户"
             });
         }
         db.Entry(client).State = EntityState.Modified;
         try
         {
             db.SaveChanges();
         }
         catch (Exception e)
         {
             return(new OPResult {
                 IsSucceed = false, Message = e.Message
             });
         }
     }
     return(new OPResult {
         IsSucceed = true
     });
 }
 public OPResult SaveClientAPIs(int clientId, IEnumerable <string> apis)
 {
     using (var db = new OAuthDbContext())
     {
         using (TransactionScope scope = new TransactionScope())
         {
             var capis = db.ClientOpenApis.Where(o => o.ClientId == clientId).ToArray();
             db.ClientOpenApis.RemoveRange(capis);
             foreach (var api in apis)
             {
                 db.ClientOpenApis.Add(new OAuth_ClientOpenApi {
                     ClientId = clientId, OpenApi = api
                 });
             }
             try
             {
                 db.SaveChanges();
                 scope.Complete();
             }
             catch (Exception e)
             {
                 return(new OPResult {
                     IsSucceed = false, Message = e.Message
                 });
             }
         }
     }
     return(new OPResult {
         IsSucceed = true
     });
 }
Exemplo n.º 5
0
        public async Task <IActionResult> Callback(string code, string state)
        {
            var jsonWebKeyText  = Encoding.UTF8.GetString(Convert.FromBase64String(_oAuthOptions.JsonWebKey));
            var jsonWebKey      = new Microsoft.IdentityModel.Tokens.JsonWebKey(jsonWebKeyText);
            var clientAssertion = CreateJwtClientAssertion(_oAuthOptions, jsonWebKey);

            var postParams = new Dictionary <string, string> {
                { "grant_type", "authorization_code" },
                { "code", code },
                { "client_assertion", HttpUtility.UrlEncode(clientAssertion) },
                { "client_assertion_type", ClientAssertionType },
                { "redirect_uri", _oAuthOptions.RedirectUri.AbsoluteUri }
            };

            var httpClient   = _httpClientFactory.CreateClient("OAuthClient");
            var httpContent  = new FormUrlEncodedContent(postParams);
            var httpResponse = await httpClient.PostAsync(_oAuthOptions.TokenEndpoint, httpContent);

            if (httpResponse.IsSuccessStatusCode)
            {
                var oAuthResponse = JsonConvert.DeserializeObject <OAuthResponse>(await httpResponse.Content.ReadAsStringAsync());

                var dbValue = _dbContext.OAuthResponses.Find(1);
                if (dbValue != null)
                {
                    _dbContext.Entry(dbValue).State = EntityState.Detached;
                    _dbContext.OAuthResponses.Attach(oAuthResponse);
                    _dbContext.Entry(oAuthResponse).State = EntityState.Modified;
                }
                else
                {
                    _dbContext.OAuthResponses.Add(oAuthResponse);
                }

                _dbContext.SaveChanges();
                return(RedirectToAction("Index", "Api"));
            }

            var errorResponse = JsonConvert.DeserializeObject <ErrorResponse>(await httpResponse.Content.ReadAsStringAsync());

            return(UnprocessableEntity(errorResponse));
        }
Exemplo n.º 6
0
 public void RemoveKey(string bucket, string handle)
 {
     using (var db = new OAuthDbContext())
     {
         var match = db.SymmetricCryptoKeys.FirstOrDefault(k => k.Bucket == bucket && k.Handle == handle);
         if (match != null)
         {
             db.SymmetricCryptoKeys.Remove(match);
             db.SaveChanges();
         }
     }
 }
Exemplo n.º 7
0
        public void StoreKey(string bucket, string handle, CryptoKey key)
        {
            var keyRow = new OAuth_SymmetricCryptoKey()
            {
                Bucket     = bucket,
                Handle     = handle,
                Secret     = key.Key,
                ExpiresUtc = key.ExpiresUtc,
            };

            using (var db = new OAuthDbContext())
            {
                db.SymmetricCryptoKeys.Add(keyRow);
                db.SaveChanges();
            }
        }
Exemplo n.º 8
0
        private string SaveClientAuthorization(string clientIdentifier, string userid, string scope, DateTime?expirationDateUtc)
        {
            string token = Guid.NewGuid().ToString().ToUpper();

            using (var db = new OAuthDbContext())
            {
                var query = from auth in db.ClientAuthorizations
                            from client in db.Clients
                            where
                            auth.ClientId == client.ClientId && client.ClientIdentifier == clientIdentifier &&
                            auth.UserId == userid
                            select auth;
                var clientAuth = query.FirstOrDefault();
                if (clientAuth == null)
                {
                    var client = db.Clients.FirstOrDefault(o => o.ClientIdentifier == clientIdentifier);
                    if (client == null)
                    {
                        throw new Exception("不受信任的商户!");
                    }

                    clientAuth = new OAuth_ClientAuthorization
                    {
                        ClientId          = client.ClientId,
                        CreatedOnUtc      = DateTime.Now,
                        Scope             = scope,
                        UserId            = userid,
                        Token             = token,
                        ExpirationDateUtc = expirationDateUtc
                    };
                    db.ClientAuthorizations.Add(clientAuth);
                }
                else
                {
                    clientAuth.CreatedOnUtc      = DateTime.Now;
                    clientAuth.Scope             = scope;
                    clientAuth.Token             = token;
                    clientAuth.ExpirationDateUtc = expirationDateUtc;
                }
                db.SaveChanges();
            }

            return(token);
        }
 public OPResult Create(OAuth_Client client)
 {
     using (var db = new OAuthDbContext())
     {
         var c = db.Clients.FirstOrDefault(o => o.ClientIdentifier == client.ClientIdentifier || client.Name == o.Name);
         if (c != null)
         {
             if (c.ClientIdentifier == client.ClientIdentifier)
             {
                 return new OPResult {
                            IsSucceed = false, Message = "已存在相同标识的商户"
                 }
             }
             ;
             else
             {
                 return new OPResult {
                            IsSucceed = false, Message = "已存在相同名称的商户"
                 }
             };
         }
         client = db.Clients.Add(client);
         try
         {
             db.SaveChanges();
         }
         catch (Exception e)
         {
             return(new OPResult {
                 IsSucceed = false, Message = e.Message
             });
         }
     }
     return(new OPResult <int> {
         IsSucceed = true, Result = client.ClientId
     });
 }