/// <summary> /// 验证 client 信息 /// </summary> public override async Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context) { string clientId; string clientSecret; if (!context.TryGetBasicCredentials(out clientId, out clientSecret)) { context.TryGetFormCredentials(out clientId, out clientSecret); } if (string.IsNullOrEmpty(clientId) || string.IsNullOrEmpty(clientSecret)) { context.SetError("PWMIS.OAuth2 invalid_client", "client or clientSecret is null or empty"); return; } var identityRepository = IdentityRepositoryFactory.CreateInstance(); try { if (!await identityRepository.ValidateClient(clientId, clientSecret)) { context.SetError("PWMIS.OAuth2 invalid_client", "client or clientSecret is not valid"); return; } } catch (Exception ex) { context.SetError("PWMIS.OAuth2 identity_repository_error", ex.Message); Log("PWMIS.OAuth2 identity_repository_error:" + ex.Message); return; } context.Validated(); }
public async Task <LoginResultModel> UserLogin(string userName, string password) { //通过配置,决定是使用本地数据库验证登录,还是使用登录接口服务登录 string identityLoginMode = System.Configuration.ConfigurationManager.AppSettings["IdentityLoginMode"]; if (!string.IsNullOrEmpty(identityLoginMode) && identityLoginMode.ToLower() == "database") { var identityRepository = IdentityRepositoryFactory.CreateInstance(); bool flag = await identityRepository.ValidatedUserPassword(userName, password); LoginResultModel result = new LoginResultModel(); if (flag) { result.ID = "123"; result.UserName = userName; result.Roles = "";//暂时略 } return(result); } else { System.Diagnostics.Stopwatch sp = new System.Diagnostics.Stopwatch(); var parameters = new Dictionary <string, string>(); //parameters.Add("ID", ""); parameters.Add("UserName", userName); parameters.Add("Password", password); //parameters.Add("Roles", ""); string loginUrl = System.Configuration.ConfigurationManager.AppSettings["IdentityWebAPI"]; HttpClient httpClient = new HttpClient(); LoginResultModel result = null; sp.Start(); var response = await httpClient.PostAsync(loginUrl, new FormUrlEncodedContent(parameters)); if (response.StatusCode != HttpStatusCode.OK) { result = new LoginResultModel(); result.UserName = userName; try { result.ErrorMessage = response.Content.ReadAsAsync <HttpError>().Result.ExceptionMessage; } catch { result.ErrorMessage = "登录错误(错误信息无法解析),服务器状态码:" + response.StatusCode; } } else { result = await response.Content.ReadAsAsync <LoginResultModel>(); } sp.Stop(); if (!string.IsNullOrEmpty(result.ErrorMessage) || sp.ElapsedMilliseconds > 100) { WriteLog(result, sp.ElapsedMilliseconds); } return(result); } }
/// <summary> /// 验证 authorization_code 的请求 /// </summary> public override async Task ValidateAuthorizeRequest(OAuthValidateAuthorizeRequestContext context) { var identityRepository = IdentityRepositoryFactory.CreateInstance(); if (await identityRepository.ExistsClientId(context.AuthorizeRequest.ClientId) && (context.AuthorizeRequest.IsAuthorizationCodeGrantType || context.AuthorizeRequest.IsImplicitGrantType)) { context.Validated(); } else { context.Rejected(); } }