/// <summary>
/// 验证 client 信息
/// </summary>
public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
{
string clientId;
string clientSecret;
if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
{
context.TryGetFormCredentials(out clientId, out clientSecret);
}
if (string.IsNullOrEmpty(clientId) || string.IsNullOrEmpty(clientSecret))
{
context.SetError("PWMIS.OAuth2 invalid_client", "client or clientSecret is null or empty");
return;
}
var identityRepository = IdentityRepositoryFactory.CreateInstance();
try
{
if (!await identityRepository.ValidateClient(clientId, clientSecret))
{
context.SetError("PWMIS.OAuth2 invalid_client", "client or clientSecret is not valid");
return;
}
}
catch (Exception ex)
{
context.SetError("PWMIS.OAuth2 identity_repository_error", ex.Message);
Log("PWMIS.OAuth2 identity_repository_error:" + ex.Message);
return;
}
context.Validated();
}
public async Task <LoginResultModel> UserLogin(string userName, string password)
{
//通过配置,决定是使用本地数据库验证登录,还是使用登录接口服务登录
string identityLoginMode = System.Configuration.ConfigurationManager.AppSettings["IdentityLoginMode"];
if (!string.IsNullOrEmpty(identityLoginMode) && identityLoginMode.ToLower() == "database")
{
var identityRepository = IdentityRepositoryFactory.CreateInstance();
bool flag = await identityRepository.ValidatedUserPassword(userName, password);
LoginResultModel result = new LoginResultModel();
if (flag)
{
result.ID = "123";
result.UserName = userName;
result.Roles = "";//暂时略
}
return(result);
}
else
{
System.Diagnostics.Stopwatch sp = new System.Diagnostics.Stopwatch();
var parameters = new Dictionary <string, string>();
//parameters.Add("ID", "");
parameters.Add("UserName", userName);
parameters.Add("Password", password);
//parameters.Add("Roles", "");
string loginUrl = System.Configuration.ConfigurationManager.AppSettings["IdentityWebAPI"];
HttpClient httpClient = new HttpClient();
LoginResultModel result = null;
sp.Start();
var response = await httpClient.PostAsync(loginUrl, new FormUrlEncodedContent(parameters));
if (response.StatusCode != HttpStatusCode.OK)
{
result = new LoginResultModel();
result.UserName = userName;
try
{
result.ErrorMessage = response.Content.ReadAsAsync <HttpError>().Result.ExceptionMessage;
}
catch
{
result.ErrorMessage = "登录错误(错误信息无法解析),服务器状态码:" + response.StatusCode;
}
}
else
{
result = await response.Content.ReadAsAsync <LoginResultModel>();
}
sp.Stop();
if (!string.IsNullOrEmpty(result.ErrorMessage) || sp.ElapsedMilliseconds > 100)
{
WriteLog(result, sp.ElapsedMilliseconds);
}
return(result);
}
}
/// <summary>
/// 验证 authorization_code 的请求
/// </summary>
public override async Task ValidateAuthorizeRequest(OAuthValidateAuthorizeRequestContext context)
{
var identityRepository = IdentityRepositoryFactory.CreateInstance();
if (await identityRepository.ExistsClientId(context.AuthorizeRequest.ClientId) &&
(context.AuthorizeRequest.IsAuthorizationCodeGrantType || context.AuthorizeRequest.IsImplicitGrantType))
{
context.Validated();
}
else
{
context.Rejected();
}
}
