/// <summary> /// 获取用户信息 /// </summary> /// <param name="accessCode">访问代码</param> /// <returns></returns> public override async Task <ExternalLoginUserInfo> GetUserInfo(string accessCode) { using (var client = new HttpClient()) { client.DefaultRequestHeaders.UserAgent.ParseAdd("Microsoft ASP.NET Core OAuth middleware"); client.DefaultRequestHeaders.Accept.ParseAdd("application/json"); client.Timeout = TimeSpan.FromSeconds(30); client.MaxResponseContentBufferSize = 1024 * 1024 * 10; // 10 MB var request = new HttpRequestMessage(HttpMethod.Get, GoogleDefaults.UserInformationEndpoint); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessCode); var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); return(new ExternalLoginUserInfo { Name = GoogleHelper.GetName(payload), EmailAddress = GoogleHelper.GetEmail(payload), Surname = GoogleHelper.GetFamilyName(payload), LoginInfo = new UserLoginInfo(Name, GoogleHelper.GetId(payload)) }); } }
internal static Task OnCreatingTicket(OAuthCreatingTicketContext context) { if (context.Ticket.Principal != null) { Helpers.ThrowIfConditionFailed(() => context.AccessToken == "ValidAccessToken", "Access token is not valid"); Helpers.ThrowIfConditionFailed(() => context.RefreshToken == "ValidRefreshToken", "Refresh token is not valid"); Helpers.ThrowIfConditionFailed(() => GoogleHelper.GetEmail(context.User) == "*****@*****.**", "Email is not valid"); Helpers.ThrowIfConditionFailed(() => context.ExpiresIn.Value == TimeSpan.FromSeconds(1200), "ExpiresIn is not valid"); Helpers.ThrowIfConditionFailed(() => context.User != null, "User object is not valid"); context.Ticket.Principal.Identities.First().AddClaim(new Claim("ManageStore", "false")); } return(Task.FromResult(0)); }
protected override async Task <AuthenticationTicket> CreateTicketAsync( ClaimsIdentity identity, AuthenticationProperties properties, OAuthTokenResponse tokens) { log.LogDebug("CreateTicketAsync called tokens.AccessToken was " + tokens.AccessToken); // Get the Google user var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint); request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken); var response = await Backchannel.SendAsync(request, Context.RequestAborted); //string r = await response.Content.ReadAsStringAsync(); //log.LogInformation(r); response.EnsureSuccessStatusCode(); var payload = JObject.Parse(await response.Content.ReadAsStringAsync()); var context = new OAuthCreatingTicketContext(Context, Options, Backchannel, tokens, payload) { Properties = properties, Principal = new ClaimsPrincipal(identity) }; var identifier = GoogleHelper.GetId(payload); if (!string.IsNullOrEmpty(identifier)) { identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, identifier, ClaimValueTypes.String, Options.ClaimsIssuer)); } var givenName = GoogleHelper.GetGivenName(payload); if (!string.IsNullOrEmpty(givenName)) { identity.AddClaim(new Claim(ClaimTypes.GivenName, givenName, ClaimValueTypes.String, Options.ClaimsIssuer)); } var familyName = GoogleHelper.GetFamilyName(payload); if (!string.IsNullOrEmpty(familyName)) { identity.AddClaim(new Claim(ClaimTypes.Surname, familyName, ClaimValueTypes.String, Options.ClaimsIssuer)); } var name = GoogleHelper.GetName(payload); if (!string.IsNullOrEmpty(name)) { identity.AddClaim(new Claim(ClaimTypes.Name, name, ClaimValueTypes.String, Options.ClaimsIssuer)); } var email = GoogleHelper.GetEmail(payload); if (!string.IsNullOrEmpty(email)) { identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer)); } var profile = GoogleHelper.GetProfile(payload); if (!string.IsNullOrEmpty(profile)) { identity.AddClaim(new Claim("urn:google:profile", profile, ClaimValueTypes.String, Options.ClaimsIssuer)); } await Options.Events.CreatingTicket(context); //ISiteSettings site = siteResolver.Resolve(); var site = await GetSite(); if (site != null) { Claim siteGuidClaim = new Claim("SiteGuid", site.SiteGuid.ToString()); if (!identity.HasClaim(siteGuidClaim.Type, siteGuidClaim.Value)) { identity.AddClaim(siteGuidClaim); } } //return new AuthenticationTicket(notification.Principal, notification.Properties, notification.Options.AuthenticationScheme); return(new AuthenticationTicket(context.Principal, context.Properties, AuthenticationScheme.External)); }