public Task Invoke(
HttpContext context,
TenantDbContext _db,
IOptionsMonitor <IdentityServerAuthenticationOptions> identityServerAuthenticationOptions)
{
var tenant = _tenantService.GetTenant(_db,
context.Request.Host.Value);
if (tenant.Item1 != null)
{
context.Items[TenantConstant.CacheKey] = tenant.Item1;
}
var ResetOAuthProvider_CacheKey = TenantConstant.SchemesReflush + context.Request.Host.Value;
var ResetOAuthProvider_Flag = _memoryCache.Get <string>(ResetOAuthProvider_CacheKey);
if (tenant.Item2 != null)
{
var pvtModel = tenant.Item2;
#region IdentityServer4 - IssuerUri
_identityServerOptions.IssuerUri = context.Request.Scheme + "://" + tenant.Item2.IdentityServerIssuerUri;
#endregion
#region IdentityServer4 - AuthorityUri
identityServerAuthenticationOptions.CurrentValue.Authority = _identityServerOptions.IssuerUri;
#endregion
#region ResetOAuthProvider - PerRequest
if (string.IsNullOrWhiteSpace(ResetOAuthProvider_Flag) && pvtModel.Properties.Count > 0)
{
var AppSchemes = _oauthProvider.GetAllSchemesAsync().Result.Select(x => x.Name).ToList();
foreach (var scheme in OAuthBuilderExtensions.Schemes)
{
if (!pvtModel.Properties.ContainsKey($"{scheme}:ClientId") ||
!pvtModel.Properties.ContainsKey($"{scheme}:ClientSecret"))
{
_oauthProvider.RemoveScheme(scheme);
continue;
}
var ClientId_FromTenant = pvtModel.Properties[$"{scheme}:ClientId"];
var ClientSecret_FromTenant = pvtModel.Properties[$"{scheme}:ClientSecret"];
if (string.IsNullOrWhiteSpace(ClientId_FromTenant) ||
string.IsNullOrWhiteSpace(ClientSecret_FromTenant))
{
_oauthProvider.RemoveScheme(scheme);
continue;
}
switch (scheme)
{
case MicrosoftAccountDefaults.AuthenticationScheme:
_microsoftOptions.ClientId = ClientId_FromTenant;
_microsoftOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(MicrosoftAccountHandler));
break;
case GoogleDefaults.AuthenticationScheme:
_googleOptions.ClientId = ClientId_FromTenant;
_googleOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(GoogleHandler));
break;
case WeiboAuthenticationDefaults.AuthenticationScheme:
_weiboOptions.ClientId = ClientId_FromTenant;
_weiboOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(WeiboAuthenticationHandler));
break;
case WeixinAuthenticationDefaults.AuthenticationScheme:
_weixinOptions.ClientId = ClientId_FromTenant;
_weixinOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(WeixinAuthenticationHandler));
break;
case QQAuthenticationDefaults.AuthenticationScheme:
_qqOptions.ClientId = ClientId_FromTenant;
_qqOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(QQAuthenticationHandler));
break;
case GitHubAuthenticationDefaults.AuthenticationScheme:
_githubOptions.ClientId = ClientId_FromTenant;
_githubOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(GitHubAuthenticationHandler));
break;
case FacebookDefaults.AuthenticationScheme:
_facebookOptions.ClientId = ClientId_FromTenant;
_facebookOptions.ClientSecret = ClientSecret_FromTenant;
AddSchemeIfNotExists(AppSchemes, scheme, typeof(FacebookHandler));
break;
//case AmazonAuthenticationDefaults.AuthenticationScheme:
// _amazonOptions.ClientId = ClientId_FromTenant;
// _amazonOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case GitterAuthenticationDefaults.AuthenticationScheme:
// _gitterOptions.ClientId = ClientId_FromTenant;
// _gitterOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case InstagramAuthenticationDefaults.AuthenticationScheme:
// _instagramOptions.ClientId = ClientId_FromTenant;
// _instagramOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case LinkedInAuthenticationDefaults.AuthenticationScheme:
// _linkedinOptions.ClientId = ClientId_FromTenant;
// _linkedinOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case PaypalAuthenticationDefaults.AuthenticationScheme:
// _paypalOptions.ClientId = ClientId_FromTenant;
// _paypalOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case RedditAuthenticationDefaults.AuthenticationScheme:
// _redditOptions.ClientId = ClientId_FromTenant;
// _redditOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case SalesforceAuthenticationDefaults.AuthenticationScheme:
// _salesforceOptions.ClientId = ClientId_FromTenant;
// _salesforceOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case TwitterDefaults.AuthenticationScheme:
// _twitterOptions.ConsumerKey = ClientId_FromTenant;
// _twitterOptions.ConsumerSecret = ClientSecret_FromTenant;
// break;
//case VisualStudioAuthenticationDefaults.AuthenticationScheme:
// _visualstudioOptions.ClientId = ClientId_FromTenant;
// _visualstudioOptions.ClientSecret = ClientSecret_FromTenant;
// break;
//case WordPressAuthenticationDefaults.AuthenticationScheme:
// _wordpressOptions.ClientId = ClientId_FromTenant;
// _wordpressOptions.ClientSecret = ClientSecret_FromTenant;
// break;
default: break;
}
}
var MemoryCacheOptions = new MemoryCacheEntryOptions();
MemoryCacheOptions.SetAbsoluteExpiration(
TimeSpan.FromSeconds(TenantConstant.SchemesReflushDuration));
_memoryCache.Set(ResetOAuthProvider_CacheKey,
"1",
MemoryCacheOptions);
}
#endregion
}
return(_next(context));
}
public Task Invoke(
HttpContext context,
TenantDbContext _db
// IOptionsMonitor<WeixinOptions> _WeixinOptions,
// IOptionsMonitor<WeiboOptions> _WeiboOptions,
// IOptionsMonitor<GitHubOptions> _GitHubOptions,
// IOptionsMonitor<QQOptions> _QQOptions,
// IOptionsMonitor<FacebookOptions> _FacebookOptions,
// IOptionsMonitor<MicrosoftAccountOptions> _MicrosoftAccountOptions,
// IOptionsMonitor<GoogleOptions> _GoogleOptions,
// IOptionsMonitor<TwitterOptions> _TwitterOptions
)
{
var tenant = _tenantService.GetTenant(_db,
context.Request.Host.Value);
if (!string.IsNullOrWhiteSpace(tenant.Item1))
{
context.Items[TenantConstant.CacheKey] = tenant.Item1;
}
if (!string.IsNullOrWhiteSpace(tenant.Item2))
{
var pvtModel = JsonConvert
.DeserializeObject <AppTenantPrivateModel>(tenant.Item2);
#region IssuerUri
var IdServerOptions = context.RequestServices.GetRequiredService <IdentityServerOptions>();
IdServerOptions.IssuerUri = context.Request.Scheme + "://" + pvtModel.IdentityServerIssuerUri;
#endregion
#region ConfigAuthentication
//if (pvtModel.properties.Count > 0)
//{
// ConfigAuthentication(_WeixinOptions.CurrentValue,
// pvtModel.properties, WeixinDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_WeiboOptions.CurrentValue,
// pvtModel.properties, WeiboDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_GitHubOptions.CurrentValue,
// pvtModel.properties, GitHubDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_QQOptions.CurrentValue,
// pvtModel.properties, QQDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_FacebookOptions.CurrentValue,
// pvtModel.properties, FacebookDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_MicrosoftAccountOptions.CurrentValue,
// pvtModel.properties, MicrosoftAccountDefaults.AuthenticationScheme);
//
// ConfigAuthentication(_GoogleOptions.CurrentValue,
// pvtModel.properties, GoogleDefaults.AuthenticationScheme);
//
// ConfigTwitterAuthentication(_TwitterOptions.CurrentValue,
// pvtModel.properties);
//}
#endregion
}
return(_next(context));
}
public Task Invoke(
HttpContext context,
TenantDbContext _db)
{
var tenant = _tenantService.GetTenant(_db,
context.Request.Host.Value);
if (tenant.Item1 != null)
{
context.Items[TenantConstant.CacheKey] = tenant.Item1;
}
var reflushFlagCacheKey = TenantConstant.SchemesReflush + context.Request.Host.Value;
var reflushFlag = _memoryCache.Get <string>(reflushFlagCacheKey);
if (tenant.Item2 != null)
{
var pvtModel = tenant.Item2;
#region IssuerUri
_identityServerOptions.IssuerUri = context.Request.Scheme + "://" + tenant.Item2.IdentityServerIssuerUri;
#endregion
#region ResetOAuthOptions
if (string.IsNullOrWhiteSpace(reflushFlag) && pvtModel.Properties.Count > 0)
{
// 获取当前所有OAuth Scheme
var AllSchemes = _oauthProvider.GetAllSchemesAsync().Result.Select(x => x.Name).ToList();
var TenantSchemes = AppDefaultData.Tenant.OAuthHandlers.Select(x => x.Key).ToList();
foreach (var scheme in TenantSchemes)
{
var ClientIdKey = $"{scheme}:ClientId";
var ClientIdValue = pvtModel.Properties[ClientIdKey];
var ClientSecretKey = $"{scheme}:ClientSecret";
var ClientSecretValue = pvtModel.Properties[ClientSecretKey];
if (string.IsNullOrWhiteSpace(ClientIdValue) ||
string.IsNullOrWhiteSpace(ClientSecretValue))
{
_oauthProvider.RemoveScheme(scheme);
continue;
}
AppDefaultData.Tenant.TenantProperties[ClientIdKey] = ClientIdValue;
AppDefaultData.Tenant.TenantProperties[ClientSecretKey] = ClientSecretValue;
if (!AllSchemes.Contains(scheme))
{
var authScheme = new AuthenticationScheme(scheme,
scheme, AppDefaultData.Tenant.OAuthHandlers[scheme]);
_oauthProvider.AddScheme(authScheme);
}
}
_memoryCache.Set(reflushFlagCacheKey,
"1",
TimeSpan.FromSeconds(TenantConstant.SchemesReflushDuration));
}
#endregion
}
return(_next(context));
}
public Task Invoke(
HttpContext context,
TenantDbContext _db,
IOptionsMonitor <IdentityServerAuthenticationOptions> identityServerAuthenticationOptions)
{
var tenant = _tenantService.GetTenant(_db,
context.Request.Host.Value);
if (tenant.Item1 != null)
{
context.Items[TenantConstant.CacheKey] = tenant.Item1;
}
var ResetOAuthProvider_CacheKey = TenantConstant.SchemesReflush + context.Request.Host.Value;
var ResetOAuthProvider_Flag = _memoryCache.Get <string>(ResetOAuthProvider_CacheKey);
if (tenant.Item2 != null)
{
var pvtModel = tenant.Item2;
#region IdentityServer4 - IssuerUri
_identityServerOptions.IssuerUri = context.Request.Scheme + "://" + tenant.Item2.IdentityServerIssuerUri;
#endregion
#region IdentityServer4 - AuthorityUri
identityServerAuthenticationOptions.CurrentValue.Authority = _identityServerOptions.IssuerUri;
#endregion
#region ResetOAuthProvider - PerRequest
if (string.IsNullOrWhiteSpace(ResetOAuthProvider_Flag) && pvtModel.Properties.Count > 0)
{
// All Schemes
var ApplicationSchemes = _oauthProvider.GetAllSchemesAsync().Result.Select(x => x.Name).ToList();
// All Scheme Providers
var SchemeProviders = OAuthBuilderExtensions.Handlers.Select(x => x.Key).ToList();
foreach (var oauthScheme in SchemeProviders)
{
var ClientId_FromTenant = pvtModel.Properties[$"{oauthScheme}:ClientId"];
var ClientSecret_FromTenant = pvtModel.Properties[$"{oauthScheme}:ClientSecret"];
if (string.IsNullOrWhiteSpace(ClientId_FromTenant) ||
string.IsNullOrWhiteSpace(ClientSecret_FromTenant))
{
_oauthProvider.RemoveScheme(oauthScheme);
continue;
}
switch (oauthScheme)
{
case AmazonAuthenticationDefaults.AuthenticationScheme:
_amazonOptions.ClientId = ClientId_FromTenant;
_amazonOptions.ClientSecret = ClientSecret_FromTenant;
break;
case FacebookDefaults.AuthenticationScheme:
_facebookOptions.ClientId = ClientId_FromTenant;
_facebookOptions.ClientSecret = ClientSecret_FromTenant;
break;
case GitHubDefaults.AuthenticationScheme:
_amazonOptions.ClientId = ClientId_FromTenant;
_amazonOptions.ClientSecret = ClientSecret_FromTenant;
break;
case GitterAuthenticationDefaults.AuthenticationScheme:
_gitterOptions.ClientId = ClientId_FromTenant;
_gitterOptions.ClientSecret = ClientSecret_FromTenant;
break;
case GoogleDefaults.AuthenticationScheme:
_googleOptions.ClientId = ClientId_FromTenant;
_googleOptions.ClientSecret = ClientSecret_FromTenant;
break;
case InstagramAuthenticationDefaults.AuthenticationScheme:
_instagramOptions.ClientId = ClientId_FromTenant;
_instagramOptions.ClientSecret = ClientSecret_FromTenant;
break;
case LinkedInAuthenticationDefaults.AuthenticationScheme:
_linkedinOptions.ClientId = ClientId_FromTenant;
_linkedinOptions.ClientSecret = ClientSecret_FromTenant;
break;
case MicrosoftAccountDefaults.AuthenticationScheme:
_microsoftOptions.ClientId = ClientId_FromTenant;
_microsoftOptions.ClientSecret = ClientSecret_FromTenant;
break;
case PaypalAuthenticationDefaults.AuthenticationScheme:
_paypalOptions.ClientId = ClientId_FromTenant;
_paypalOptions.ClientSecret = ClientSecret_FromTenant;
break;
case QQDefaults.AuthenticationScheme:
_amazonOptions.ClientId = ClientId_FromTenant;
_amazonOptions.ClientSecret = ClientSecret_FromTenant;
break;
case RedditAuthenticationDefaults.AuthenticationScheme:
_redditOptions.ClientId = ClientId_FromTenant;
_redditOptions.ClientSecret = ClientSecret_FromTenant;
break;
case SalesforceAuthenticationDefaults.AuthenticationScheme:
_salesforceOptions.ClientId = ClientId_FromTenant;
_salesforceOptions.ClientSecret = ClientSecret_FromTenant;
break;
case TwitterDefaults.AuthenticationScheme:
_twitterOptions.ConsumerKey = ClientId_FromTenant;
_twitterOptions.ConsumerSecret = ClientSecret_FromTenant;
break;
case VisualStudioAuthenticationDefaults.AuthenticationScheme:
_visualstudioOptions.ClientId = ClientId_FromTenant;
_visualstudioOptions.ClientSecret = ClientSecret_FromTenant;
break;
case WeiboDefaults.AuthenticationScheme:
_weiboOptions.ClientId = ClientId_FromTenant;
_weiboOptions.ClientSecret = ClientSecret_FromTenant;
break;
case WeixinDefaults.AuthenticationScheme:
_weixinOptions.ClientId = ClientId_FromTenant;
_weixinOptions.ClientSecret = ClientSecret_FromTenant;
break;
case WordPressAuthenticationDefaults.AuthenticationScheme:
_wordpressOptions.ClientId = ClientId_FromTenant;
_wordpressOptions.ClientSecret = ClientSecret_FromTenant;
break;
default: break;
}
if (!ApplicationSchemes.Contains(oauthScheme))
{
_oauthProvider.AddScheme(new AuthenticationScheme(oauthScheme,
oauthScheme, OAuthBuilderExtensions.Handlers[oauthScheme]));
}
}
_memoryCache.Set(ResetOAuthProvider_CacheKey,
"1",
TimeSpan.FromSeconds(TenantConstant.SchemesReflushDuration));
}
#endregion
}
return(_next(context));
}