protected virtual async Task UpdateApiResourceByInputAsync(ApiResource apiResource, ApiResourceCreateOrUpdateDto input)
        {
            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageClaims))
            {
                // 删除不存在的UserClaim
                apiResource.UserClaims.RemoveAll(claim => !input.UserClaims.Contains(claim.Type));
                foreach (var inputClaim in input.UserClaims)
                {
                    var userClaim = apiResource.FindClaim(inputClaim);
                    if (userClaim == null)
                    {
                        apiResource.AddUserClaim(inputClaim);
                    }
                }
            }

            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageScopes))
            {
                // 删除不存在的Scope
                apiResource.Scopes.RemoveAll(scope => !input.Scopes.Any(inputScope => scope.Name == inputScope.Name));
                foreach (var inputScope in input.Scopes)
                {
                    var scope = apiResource.FindScope(inputScope.Name);
                    if (scope == null)
                    {
                        scope = apiResource.AddScope(
                            inputScope.Name, inputScope.DisplayName, inputScope.Description,
                            inputScope.Required, inputScope.Emphasize, inputScope.ShowInDiscoveryDocument);
                    }
                    else
                    {
                        scope.Required                = inputScope.Required;
                        scope.Emphasize               = inputScope.Emphasize;
                        scope.Description             = inputScope.Description;
                        scope.DisplayName             = inputScope.DisplayName;
                        scope.ShowInDiscoveryDocument = inputScope.ShowInDiscoveryDocument;
                        // 删除不存在的ScopeUserClaim
                        scope.UserClaims.RemoveAll(claim => !inputScope.UserClaims.Contains(claim.Type));
                    }

                    foreach (var inputScopeClaim in inputScope.UserClaims)
                    {
                        var scopeUserClaim = scope.FindClaim(inputScopeClaim);
                        if (scopeUserClaim == null)
                        {
                            scope.AddUserClaim(inputScopeClaim);
                        }
                    }
                }
            }

            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageSecrets))
            {
                // 删除不存在的Secret
                apiResource.Secrets.RemoveAll(secret => !input.Secrets.Any(inputSecret => secret.Type == inputSecret.Type && secret.Value == inputSecret.Value));
                foreach (var inputSecret in input.Secrets)
                {
                    // 第一次重复校验已经加密过的字符串
                    if (apiResource.FindSecret(inputSecret.Value, inputSecret.Type) == null)
                    {
                        var apiSecretValue = inputSecret.Value;
                        if (IdentityServerConstants.SecretTypes.SharedSecret.Equals(inputSecret.Type))
                        {
                            if (inputSecret.HashType == HashType.Sha256)
                            {
                                apiSecretValue = inputSecret.Value.Sha256();
                            }
                            else if (inputSecret.HashType == HashType.Sha512)
                            {
                                apiSecretValue = inputSecret.Value.Sha512();
                            }
                        }
                        // 加密之后还需要做一次校验 避免出现重复值
                        var secret = apiResource.FindSecret(apiSecretValue, inputSecret.Type);
                        if (secret == null)
                        {
                            apiResource.AddSecret(apiSecretValue, inputSecret.Expiration, inputSecret.Type, inputSecret.Description);
                        }
                    }
                }
            }

            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageProperties))
            {
                // 删除不存在的属性
                apiResource.Properties.RemoveAll(scope => !input.Properties.ContainsKey(scope.Key));
                foreach (var property in input.Properties)
                {
                    apiResource.Properties[property.Key] = property.Value;
                }
            }
        }
Пример #2
0
        protected virtual async Task UpdateApiResourceByInputAsync(ApiResource apiResource, ApiResourceCreateOrUpdateDto input)
        {
            apiResource.ShowInDiscoveryDocument = input.ShowInDiscoveryDocument;
            apiResource.Enabled = input.Enabled;

            if (!string.Equals(apiResource.AllowedAccessTokenSigningAlgorithms, input.AllowedAccessTokenSigningAlgorithms, StringComparison.InvariantCultureIgnoreCase))
            {
                apiResource.AllowedAccessTokenSigningAlgorithms = input.AllowedAccessTokenSigningAlgorithms;
            }
            if (!string.Equals(apiResource.DisplayName, input.DisplayName, StringComparison.InvariantCultureIgnoreCase))
            {
                apiResource.DisplayName = input.DisplayName;
            }
            if (apiResource.Description?.Equals(input.Description, StringComparison.InvariantCultureIgnoreCase)
                == false)
            {
                apiResource.Description = input.Description;
            }

            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageClaims))
            {
                // 删除不存在的UserClaim
                apiResource.UserClaims.RemoveAll(claim => !input.UserClaims.Any(inputClaim => claim.Type == inputClaim.Type));
                foreach (var inputClaim in input.UserClaims)
                {
                    var userClaim = apiResource.FindClaim(inputClaim.Type);
                    if (userClaim == null)
                    {
                        apiResource.AddUserClaim(inputClaim.Type);
                    }
                }
            }

            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageScopes))
            {
                // 删除不存在的Scope
                apiResource.Scopes.RemoveAll(scope => !input.Scopes.Any(inputScope => scope.Scope == inputScope.Scope));
                foreach (var inputScope in input.Scopes)
                {
                    var scope = apiResource.FindScope(inputScope.Scope);
                    if (scope == null)
                    {
                        apiResource.AddScope(inputScope.Scope);
                    }
                }
            }

            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageSecrets))
            {
                // 删除不存在的Secret
                apiResource.Secrets.RemoveAll(secret => !input.Secrets.Any(inputSecret => secret.Type == inputSecret.Type && secret.Value == inputSecret.Value));
                foreach (var inputSecret in input.Secrets)
                {
                    // 第一次重复校验已经加密过的字符串
                    if (apiResource.FindSecret(inputSecret.Value, inputSecret.Type) == null)
                    {
                        var apiSecretValue = inputSecret.Value;
                        if (IdentityServerConstants.SecretTypes.SharedSecret.Equals(inputSecret.Type))
                        {
                            if (inputSecret.HashType == HashType.Sha256)
                            {
                                apiSecretValue = inputSecret.Value.Sha256();
                            }
                            else if (inputSecret.HashType == HashType.Sha512)
                            {
                                apiSecretValue = inputSecret.Value.Sha512();
                            }
                        }
                        // 加密之后还需要做一次校验 避免出现重复值
                        var secret = apiResource.FindSecret(apiSecretValue, inputSecret.Type);
                        if (secret == null)
                        {
                            apiResource.AddSecret(apiSecretValue, inputSecret.Expiration, inputSecret.Type, inputSecret.Description);
                        }
                    }
                }
            }

            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageProperties))
            {
                // 删除不存在的属性
                apiResource.Properties.RemoveAll(prop => !input.Properties.Any(inputProp => prop.Key == inputProp.Key));
                foreach (var inputProp in input.Properties)
                {
                    var apiResourceProperty = apiResource.FindProperty(inputProp.Key);
                    if (apiResourceProperty == null)
                    {
                        apiResource.AddProperty(inputProp.Key, inputProp.Value);
                    }
                    else
                    {
                        apiResourceProperty.Value = inputProp.Value;
                    }
                }
            }
        }