//protected override async Task<OAuthTokenResponse> ExchangeCodeAsync(OAuthCodeExchangeContext context)
//{
// var code = context.Code;
// return await _api.GetToken(Options.Backchannel, Options.TokenEndpoint, Options.AppId, Options.AppSecret, code, Context.RequestAborted);
//}
/// <summary>
/// Call the OAuthServer and get a user's information.
/// The context object will have the Identity, AccessToken, and UserInformationEndpoint available.
/// Using this information, we can query the auth server for claims to attach to the identity.
/// A particular OAuthServer's endpoint returns a json object with a roles member and a name member.
/// We call this endpoint with HttpClient, parse the result, and attach the claims to the Identity.
/// </summary>
/// <param name="identity"></param>
/// <param name="properties"></param>
/// <param name="tokens"></param>
/// <returns></returns>
protected virtual async Task <AuthenticationTicket> CreateTicketAsync(
ClaimsIdentity identity,
AuthenticationProperties properties,
OAuthTokenResponse tokens)
{
if (identity == null)
{
throw new ArgumentNullException(nameof(identity));
}
if (properties == null)
{
throw new ArgumentNullException(nameof(properties));
}
if (tokens == null)
{
throw new ArgumentNullException(nameof(tokens));
}
var openid = tokens.GetOpenId();
var unionid = tokens.GetUnionId();
var scope = tokens.GetScope();
var userInfoPayload = await _api.GetUserInfo(Options.Backchannel, Options.UserInformationEndpoint, tokens.AccessToken, openid, Context.RequestAborted, WeixinOpenLanguageCodes.zh_CN);
var renewUserInfoPayloadDoc = userInfoPayload.AppendElement("scope", scope);
var context = new OAuthCreatingTicketContext(new ClaimsPrincipal(identity), properties, Context, Scheme, Options, Backchannel, tokens, renewUserInfoPayloadDoc.RootElement);
context.RunClaimActions();
await Events.CreatingTicket(context);
return(new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name));
}
/// <summary>
/// Call the OAuthServer and get a user's information.
/// The context object will have the Identity, AccessToken, and UserInformationEndpoint available.
/// Using this information, we can query the auth server for claims to attach to the identity.
/// A particular OAuthServer's endpoint returns a json object with a roles member and a name member.
/// We call this endpoint with HttpClient, parse the result, and attach the claims to the Identity.
/// </summary>
/// <param name="identity"></param>
/// <param name="properties"></param>
/// <param name="tokens"></param>
/// <returns></returns>
protected virtual async Task <AuthenticationTicket> CreateTicketAsync(
ClaimsIdentity identity,
AuthenticationProperties properties,
OAuthTokenResponse tokens)
{
if (identity == null)
{
throw new ArgumentNullException(nameof(identity));
}
if (properties == null)
{
throw new ArgumentNullException(nameof(properties));
}
if (tokens == null)
{
throw new ArgumentNullException(nameof(tokens));
}
var unionid = tokens.GetUnionId();
var openid = tokens.GetOpenId();
var scope = tokens.GetScope();
var payload = JsonDocument.Parse("{}");
if (/*WeixinAuthScopes.Contains(Options.Scope, WeixinAuthScopes.Items.snsapi_userinfo)
|| */WeixinAuthScopes.Contains(scope, WeixinAuthScopes.snsapi_userinfo))
{
payload = await _api.GetUserInfo(Options.Backchannel, Options.UserInformationEndpoint, tokens.AccessToken, openid, Context.RequestAborted, WeixinAuthLanguageCodes.zh_CN);
}
//if (!payload.RootElement.GetString("unionid") )
//{
// payload.Add("unionid", unionid);
//}
//if (!payload.ContainsKey("openid") && !string.IsNullOrWhiteSpace(openid))
//{
// payload.Add("openid", openid);
//}
//payload.Add("scope", scope);
payload.AppendElement("scope", scope);
var context = new OAuthCreatingTicketContext(new ClaimsPrincipal(identity), properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
context.RunClaimActions();
await Events.CreatingTicket(context);
return(new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name));
}