public AbpIdentityTestDataBuilder(
IGuidGenerator guidGenerator,
IIdentityUserRepository userRepository,
IdentityUserManager userManager,
IIdentityClaimTypeRepository identityClaimTypeRepository,
IIdentityRoleRepository roleRepository,
IOrganizationUnitRepository organizationUnitRepository,
IIdentitySecurityLogRepository identitySecurityLogRepository,
ILookupNormalizer lookupNormalizer,
IdentityTestData testData,
OrganizationUnitManager organizationUnitManager,
IIdentityLinkUserRepository identityLinkUserRepository,
IdentityLinkUserManager identityLinkUserManager)
{
_guidGenerator = guidGenerator;
_userRepository = userRepository;
_userManager = userManager;
_identityClaimTypeRepository = identityClaimTypeRepository;
_roleRepository = roleRepository;
_lookupNormalizer = lookupNormalizer;
_testData = testData;
_organizationUnitRepository = organizationUnitRepository;
_organizationUnitManager = organizationUnitManager;
_identityLinkUserRepository = identityLinkUserRepository;
_identityLinkUserManager = identityLinkUserManager;
_identitySecurityLogRepository = identitySecurityLogRepository;
}
public async Task GetListAsync_Indirect_Test()
{
var a = Guid.NewGuid();
var b = Guid.NewGuid();
var c = Guid.NewGuid();
var d = Guid.NewGuid();
var e = Guid.NewGuid();
var f = Guid.NewGuid();
var g = Guid.NewGuid();
var h = Guid.NewGuid();
var i = Guid.NewGuid();
await IdentityLinkUserRepository.InsertAsync(new IdentityLinkUser(
Guid.NewGuid(),
new IdentityLinkUserInfo(a, null),
new IdentityLinkUserInfo(b, null)), true);
await IdentityLinkUserRepository.InsertAsync(new IdentityLinkUser(
Guid.NewGuid(),
new IdentityLinkUserInfo(c, null),
new IdentityLinkUserInfo(a, null)), true);
await IdentityLinkUserRepository.InsertAsync(new IdentityLinkUser(
Guid.NewGuid(),
new IdentityLinkUserInfo(d, null),
new IdentityLinkUserInfo(c, null)), true);
await IdentityLinkUserRepository.InsertAsync(new IdentityLinkUser(
Guid.NewGuid(),
new IdentityLinkUserInfo(e, null),
new IdentityLinkUserInfo(c, null)), true);
await IdentityLinkUserRepository.InsertAsync(new IdentityLinkUser(
Guid.NewGuid(),
new IdentityLinkUserInfo(f, null),
new IdentityLinkUserInfo(e, null)), true);
await IdentityLinkUserRepository.InsertAsync(new IdentityLinkUser(
Guid.NewGuid(),
new IdentityLinkUserInfo(g, null),
new IdentityLinkUserInfo(h, null)), true);
await IdentityLinkUserRepository.InsertAsync(new IdentityLinkUser(
Guid.NewGuid(),
new IdentityLinkUserInfo(i, null),
new IdentityLinkUserInfo(h, null)), true);
var linkUsers = await IdentityLinkUserManager.GetListAsync(new IdentityLinkUserInfo(a, null), includeIndirect : true);
linkUsers.Count.ShouldBe(5);
linkUsers = await IdentityLinkUserManager.GetListAsync(new IdentityLinkUserInfo(f, null), includeIndirect : true);
linkUsers.Count.ShouldBe(5);
linkUsers = await IdentityLinkUserManager.GetListAsync(new IdentityLinkUserInfo(g, null), includeIndirect : true);
linkUsers.Count.ShouldBe(2);
}
public virtual async Task GenerateAndVerifyLinkTokenAsync(string tokenPurpose)
{
var john = await UserRepository.GetAsync(TestData.UserJohnId);
var token = await IdentityLinkUserManager.GenerateLinkTokenAsync(new IdentityLinkUserInfo(john.Id, john.TenantId), tokenPurpose);
(await IdentityLinkUserManager.VerifyLinkTokenAsync(new IdentityLinkUserInfo(john.Id, john.TenantId), token, tokenPurpose)).ShouldBeTrue();
(await IdentityLinkUserManager.VerifyLinkTokenAsync(new IdentityLinkUserInfo(john.Id, john.TenantId), "123123", tokenPurpose)).ShouldBeFalse();
}
public virtual async Task IsLinkedAsync()
{
var john = await UserRepository.GetAsync(TestData.UserJohnId);
var david = await UserRepository.GetAsync(TestData.UserDavidId);
var neo = await UserRepository.GetAsync(TestData.UserNeoId);
(await IdentityLinkUserManager.IsLinkedAsync(new IdentityLinkUserInfo(john.Id, john.TenantId),
new IdentityLinkUserInfo(david.Id, david.TenantId))).ShouldBeTrue();
(await IdentityLinkUserManager.IsLinkedAsync(new IdentityLinkUserInfo(john.Id, john.TenantId),
new IdentityLinkUserInfo(neo.Id, neo.TenantId))).ShouldBeFalse();
}
public virtual async Task UnlinkAsync()
{
var john = await UserRepository.GetAsync(TestData.UserJohnId);
var david = await UserRepository.GetAsync(TestData.UserDavidId);
(await IdentityLinkUserRepository.FindAsync(new IdentityLinkUserInfo(john.Id, john.TenantId),
new IdentityLinkUserInfo(david.Id, david.TenantId))).ShouldNotBeNull();
await IdentityLinkUserManager.UnlinkAsync(new IdentityLinkUserInfo(john.Id, john.TenantId),
new IdentityLinkUserInfo(david.Id, david.TenantId));
(await IdentityLinkUserRepository.FindAsync(new IdentityLinkUserInfo(john.Id, john.TenantId),
new IdentityLinkUserInfo(david.Id, david.TenantId))).ShouldBeNull();
}
public LinkLoginExtensionGrantValidator(
ITokenValidator tokenValidator,
IdentityLinkUserManager identityLinkUserManager,
ICurrentTenant currentTenant,
ICurrentUser currentUser,
IdentityUserManager userManager,
ICurrentPrincipalAccessor currentPrincipalAccessor,
IdentitySecurityLogManager identitySecurityLogManager,
ILogger <LinkLoginExtensionGrantValidator> logger,
IStringLocalizer <AbpIdentityServerResource> localizer)
{
TokenValidator = tokenValidator;
IdentityLinkUserManager = identityLinkUserManager;
CurrentTenant = currentTenant;
CurrentUser = currentUser;
UserManager = userManager;
CurrentPrincipalAccessor = currentPrincipalAccessor;
IdentitySecurityLogManager = identitySecurityLogManager;
Logger = logger;
Localizer = localizer;
}
public virtual async Task LinkAsync()
{
var john = await UserRepository.GetAsync(TestData.UserJohnId);
var neo = await UserRepository.GetAsync(TestData.UserNeoId);
(await IdentityLinkUserRepository.FindAsync(new IdentityLinkUserInfo(john.Id, john.TenantId),
new IdentityLinkUserInfo(neo.Id, neo.TenantId))).ShouldBeNull();
await IdentityLinkUserManager.LinkAsync(new IdentityLinkUserInfo(john.Id, john.TenantId),
new IdentityLinkUserInfo(neo.Id, neo.TenantId));
var linkUser = await IdentityLinkUserRepository.FindAsync(new IdentityLinkUserInfo(john.Id, john.TenantId),
new IdentityLinkUserInfo(neo.Id, neo.TenantId));
linkUser.ShouldNotBeNull();
linkUser.SourceUserId.ShouldBe(john.Id);
linkUser.SourceTenantId.ShouldBe(john.TenantId);
linkUser.TargetUserId.ShouldBe(neo.Id);
linkUser.TargetTenantId.ShouldBe(neo.TenantId);
}
public virtual async Task ValidateAsync(ExtensionGrantValidationContext context)
{
var accessToken = context.Request.Raw["access_token"];
if (accessToken.IsNullOrWhiteSpace())
{
context.Result = new GrantValidationResult
{
IsError = true,
Error = "invalid_access_token"
};
return;
}
var result = await TokenValidator.ValidateAccessTokenAsync(accessToken);
if (result.IsError)
{
context.Result = new GrantValidationResult
{
IsError = true,
Error = result.Error,
ErrorDescription = result.ErrorDescription
};
return;
}
using (CurrentPrincipalAccessor.Change(result.Claims))
{
if (!Guid.TryParse(context.Request.Raw["LinkUserId"], out var linkUserId))
{
context.Result = new GrantValidationResult
{
IsError = true,
Error = "invalid_link_user_id"
};
return;
}
Guid?linkTenantId = null;
if (!context.Request.Raw["LinkTenantId"].IsNullOrWhiteSpace())
{
if (!Guid.TryParse(context.Request.Raw["LinkTenantId"], out var parsedGuid))
{
context.Result = new GrantValidationResult
{
IsError = true,
Error = "invalid_link_tenant_id"
};
return;
}
linkTenantId = parsedGuid;
}
var isLinked = await IdentityLinkUserManager.IsLinkedAsync(
new IdentityLinkUserInfo(CurrentUser.GetId(), CurrentTenant.Id),
new IdentityLinkUserInfo(linkUserId, linkTenantId),
true);
if (isLinked)
{
using (CurrentTenant.Change(linkTenantId))
{
var user = await UserManager.GetByIdAsync(linkUserId);
var sub = await UserManager.GetUserIdAsync(user);
var additionalClaims = new List <Claim>();
await AddCustomClaimsAsync(additionalClaims, user, context);
context.Result = new GrantValidationResult(
sub,
GrantType,
additionalClaims.ToArray()
);
}
}
else
{
context.Result = new GrantValidationResult
{
IsError = true,
Error = Localizer["TheTargetUserIsNotLinkedToYou"]
};
}
}
}
