Merge pull request #109 from colinin/3.2

reconstitute the IdentityServer module

aspnet-core/database/ApiGateway-Init.sql

@@ -1,5 +1,5 @@
 /*
- Navicat MySQL Data Transfer
+ Navicat Premium Data Transfer
 
  Source Server         : 本机服务器
  Source Server Type    : MySQL
@@ -11,7 +11,7 @@
  Target Server Version : 80020
  File Encoding         : 65001
 
- Date: 15/10/2020 21:36:21
+ Date: 22/10/2020 17:33:42
 */
 
 SET NAMES utf8mb4;
@@ -90,7 +90,7 @@ CREATE TABLE `appapigatewayauthoptions`  (
   PRIMARY KEY (`Id`) USING BTREE,
   UNIQUE INDEX `IX_AppApiGatewayAuthOptions_ReRouteId`(`ReRouteId`) USING BTREE,
   CONSTRAINT `FK_AppApiGatewayAuthOptions_AppApiGatewayReRoute_ReRouteId` FOREIGN KEY (`ReRouteId`) REFERENCES `appapigatewayreroute` (`ReRouteId`) ON DELETE CASCADE ON UPDATE RESTRICT
-) ENGINE = InnoDB AUTO_INCREMENT = 136 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
+) ENGINE = InnoDB AUTO_INCREMENT = 138 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
 
 -- ----------------------------
 -- Records of appapigatewayauthoptions
@@ -116,8 +116,6 @@ INSERT INTO `appapigatewayauthoptions` VALUES (22, 1262230734939758592, NULL, ''
 INSERT INTO `appapigatewayauthoptions` VALUES (23, 1262296916350869504, NULL, '');
 INSERT INTO `appapigatewayauthoptions` VALUES (24, 1262632376348594176, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (25, 1262632791869902848, '', '');
-INSERT INTO `appapigatewayauthoptions` VALUES (26, 1262632904575045632, '', '');
-INSERT INTO `appapigatewayauthoptions` VALUES (27, 1262632976616411136, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (28, 1262660336921235456, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (29, 1262660528277966848, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (30, 1262660706875625472, '', '');
@@ -139,7 +137,6 @@ INSERT INTO `appapigatewayauthoptions` VALUES (45, 1262666172682883072, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (47, 1262723402331885568, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (48, 1262935771746734080, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (49, 1262935906522304512, '', '');
-INSERT INTO `appapigatewayauthoptions` VALUES (50, 1262936009924481024, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (52, 1263074419073593344, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (53, 1263075249394790400, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (54, 1263075593499684864, '', '');
@@ -199,6 +196,8 @@ INSERT INTO `appapigatewayauthoptions` VALUES (132, 1316628769783480320, '', '')
 INSERT INTO `appapigatewayauthoptions` VALUES (133, 1316628940663619584, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (134, 1316629112428756992, '', '');
 INSERT INTO `appapigatewayauthoptions` VALUES (135, 1316652047017246720, '', '');
+INSERT INTO `appapigatewayauthoptions` VALUES (136, 1316913899996737536, '', '');
+INSERT INTO `appapigatewayauthoptions` VALUES (137, 1319200951383199744, '', '');
 
 -- ----------------------------
 -- Table structure for appapigatewaybalanceroptions
@@ -216,7 +215,7 @@ CREATE TABLE `appapigatewaybalanceroptions`  (
   UNIQUE INDEX `IX_AppApiGatewayBalancerOptions_ReRouteId`(`ReRouteId`) USING BTREE,
   CONSTRAINT `FK_AppApiGatewayBalancerOptions_AppApiGatewayGlobalConfiguratio~` FOREIGN KEY (`ItemId`) REFERENCES `appapigatewayglobalconfiguration` (`ItemId`) ON DELETE CASCADE ON UPDATE RESTRICT,
   CONSTRAINT `FK_AppApiGatewayBalancerOptions_AppApiGatewayReRoute_ReRouteId` FOREIGN KEY (`ReRouteId`) REFERENCES `appapigatewayreroute` (`ReRouteId`) ON DELETE CASCADE ON UPDATE RESTRICT
-) ENGINE = InnoDB AUTO_INCREMENT = 139 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
+) ENGINE = InnoDB AUTO_INCREMENT = 141 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
 
 -- ----------------------------
 -- Records of appapigatewaybalanceroptions
@@ -243,8 +242,6 @@ INSERT INTO `appapigatewaybalanceroptions` VALUES (23, NULL, 1262230734939758592
 INSERT INTO `appapigatewaybalanceroptions` VALUES (24, NULL, 1262296916350869504, NULL, NULL, NULL);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (25, NULL, 1262632376348594176, '', '', 0);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (26, NULL, 1262632791869902848, '', '', 0);
-INSERT INTO `appapigatewaybalanceroptions` VALUES (27, NULL, 1262632904575045632, '', '', 0);
-INSERT INTO `appapigatewaybalanceroptions` VALUES (28, NULL, 1262632976616411136, '', '', 0);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (29, NULL, 1262660336921235456, '', '', 0);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (30, NULL, 1262660528277966848, '', '', 0);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (31, NULL, 1262660706875625472, '', '', 0);
@@ -266,7 +263,6 @@ INSERT INTO `appapigatewaybalanceroptions` VALUES (46, NULL, 1262666172682883072
 INSERT INTO `appapigatewaybalanceroptions` VALUES (48, NULL, 1262723402331885568, '', '', 0);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (49, NULL, 1262935771746734080, '', '', 0);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (50, NULL, 1262935906522304512, '', '', 0);
-INSERT INTO `appapigatewaybalanceroptions` VALUES (51, NULL, 1262936009924481024, '', '', 0);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (53, NULL, 1263074419073593344, '', '', 0);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (54, NULL, 1263075249394790400, '', '', 0);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (55, NULL, 1263075593499684864, '', '', 0);
@@ -326,6 +322,8 @@ INSERT INTO `appapigatewaybalanceroptions` VALUES (135, NULL, 131662876978348032
 INSERT INTO `appapigatewaybalanceroptions` VALUES (136, NULL, 1316628940663619584, '', '', 0);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (137, NULL, 1316629112428756992, '', '', 0);
 INSERT INTO `appapigatewaybalanceroptions` VALUES (138, NULL, 1316652047017246720, '', '', 0);
+INSERT INTO `appapigatewaybalanceroptions` VALUES (139, NULL, 1316913899996737536, '', '', 0);
+INSERT INTO `appapigatewaybalanceroptions` VALUES (140, NULL, 1319200951383199744, '', '', 0);
 
 -- ----------------------------
 -- Table structure for appapigatewaycacheoptions
@@ -339,7 +337,7 @@ CREATE TABLE `appapigatewaycacheoptions`  (
   PRIMARY KEY (`Id`) USING BTREE,
   UNIQUE INDEX `IX_AppApiGatewayCacheOptions_ReRouteId`(`ReRouteId`) USING BTREE,
   CONSTRAINT `FK_AppApiGatewayCacheOptions_AppApiGatewayReRoute_ReRouteId` FOREIGN KEY (`ReRouteId`) REFERENCES `appapigatewayreroute` (`ReRouteId`) ON DELETE CASCADE ON UPDATE RESTRICT
-) ENGINE = InnoDB AUTO_INCREMENT = 136 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
+) ENGINE = InnoDB AUTO_INCREMENT = 138 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
 
 -- ----------------------------
 -- Records of appapigatewaycacheoptions
@@ -363,10 +361,8 @@ INSERT INTO `appapigatewaycacheoptions` VALUES (18, 1261606689601732608, NULL, N
 INSERT INTO `appapigatewaycacheoptions` VALUES (21, 1262220447629058048, NULL, NULL);
 INSERT INTO `appapigatewaycacheoptions` VALUES (22, 1262230734939758592, NULL, NULL);
 INSERT INTO `appapigatewaycacheoptions` VALUES (23, 1262296916350869504, NULL, NULL);
-INSERT INTO `appapigatewaycacheoptions` VALUES (24, 1262632376348594176, 0, '');
+INSERT INTO `appapigatewaycacheoptions` VALUES (24, 1262632376348594176, NULL, NULL);
 INSERT INTO `appapigatewaycacheoptions` VALUES (25, 1262632791869902848, NULL, NULL);
-INSERT INTO `appapigatewaycacheoptions` VALUES (26, 1262632904575045632, NULL, NULL);
-INSERT INTO `appapigatewaycacheoptions` VALUES (27, 1262632976616411136, NULL, NULL);
 INSERT INTO `appapigatewaycacheoptions` VALUES (28, 1262660336921235456, 0, '');
 INSERT INTO `appapigatewaycacheoptions` VALUES (29, 1262660528277966848, 0, '');
 INSERT INTO `appapigatewaycacheoptions` VALUES (30, 1262660706875625472, 0, '');
@@ -385,10 +381,9 @@ INSERT INTO `appapigatewaycacheoptions` VALUES (42, 1262665329829105664, 0, '');
 INSERT INTO `appapigatewaycacheoptions` VALUES (43, 1262665456471920640, 0, '');
 INSERT INTO `appapigatewaycacheoptions` VALUES (44, 1262665628165754880, NULL, NULL);
 INSERT INTO `appapigatewaycacheoptions` VALUES (45, 1262666172682883072, NULL, NULL);
-INSERT INTO `appapigatewaycacheoptions` VALUES (47, 1262723402331885568, 0, '');
-INSERT INTO `appapigatewaycacheoptions` VALUES (48, 1262935771746734080, 0, '');
-INSERT INTO `appapigatewaycacheoptions` VALUES (49, 1262935906522304512, 0, '');
-INSERT INTO `appapigatewaycacheoptions` VALUES (50, 1262936009924481024, 0, '');
+INSERT INTO `appapigatewaycacheoptions` VALUES (47, 1262723402331885568, NULL, NULL);
+INSERT INTO `appapigatewaycacheoptions` VALUES (48, 1262935771746734080, NULL, NULL);
+INSERT INTO `appapigatewaycacheoptions` VALUES (49, 1262935906522304512, NULL, NULL);
 INSERT INTO `appapigatewaycacheoptions` VALUES (52, 1263074419073593344, NULL, NULL);
 INSERT INTO `appapigatewaycacheoptions` VALUES (53, 1263075249394790400, 0, '');
 INSERT INTO `appapigatewaycacheoptions` VALUES (54, 1263075593499684864, 0, '');
@@ -448,6 +443,8 @@ INSERT INTO `appapigatewaycacheoptions` VALUES (132, 1316628769783480320, 0, '')
 INSERT INTO `appapigatewaycacheoptions` VALUES (133, 1316628940663619584, 0, '');
 INSERT INTO `appapigatewaycacheoptions` VALUES (134, 1316629112428756992, 0, '');
 INSERT INTO `appapigatewaycacheoptions` VALUES (135, 1316652047017246720, 0, '');
+INSERT INTO `appapigatewaycacheoptions` VALUES (136, 1316913899996737536, 0, '');
+INSERT INTO `appapigatewaycacheoptions` VALUES (137, 1319200951383199744, 0, '');
 
 -- ----------------------------
 -- Table structure for appapigatewaydiscovery
@@ -557,7 +554,7 @@ CREATE TABLE `appapigatewayhttpoptions`  (
   UNIQUE INDEX `IX_AppApiGatewayHttpOptions_ReRouteId`(`ReRouteId`) USING BTREE,
   CONSTRAINT `FK_AppApiGatewayHttpOptions_AppApiGatewayGlobalConfiguration_It~` FOREIGN KEY (`ItemId`) REFERENCES `appapigatewayglobalconfiguration` (`ItemId`) ON DELETE CASCADE ON UPDATE RESTRICT,
   CONSTRAINT `FK_AppApiGatewayHttpOptions_AppApiGatewayReRoute_ReRouteId` FOREIGN KEY (`ReRouteId`) REFERENCES `appapigatewayreroute` (`ReRouteId`) ON DELETE CASCADE ON UPDATE RESTRICT
-) ENGINE = InnoDB AUTO_INCREMENT = 139 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
+) ENGINE = InnoDB AUTO_INCREMENT = 141 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
 
 -- ----------------------------
 -- Records of appapigatewayhttpoptions
@@ -584,8 +581,6 @@ INSERT INTO `appapigatewayhttpoptions` VALUES (23, NULL, 1262230734939758592, NU
 INSERT INTO `appapigatewayhttpoptions` VALUES (24, NULL, 1262296916350869504, NULL, 0, 0, 1, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (25, NULL, 1262632376348594176, 0, 0, 0, 0, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (26, NULL, 1262632791869902848, 0, 0, 0, 0, 0);
-INSERT INTO `appapigatewayhttpoptions` VALUES (27, NULL, 1262632904575045632, 0, 0, 0, 0, 0);
-INSERT INTO `appapigatewayhttpoptions` VALUES (28, NULL, 1262632976616411136, 0, 0, 0, 0, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (29, NULL, 1262660336921235456, 0, 0, 0, 0, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (30, NULL, 1262660528277966848, 0, 0, 0, 0, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (31, NULL, 1262660706875625472, 0, 0, 0, 0, 0);
@@ -607,7 +602,6 @@ INSERT INTO `appapigatewayhttpoptions` VALUES (46, NULL, 1262666172682883072, 0,
 INSERT INTO `appapigatewayhttpoptions` VALUES (48, NULL, 1262723402331885568, 0, 0, 0, 0, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (49, NULL, 1262935771746734080, 0, 0, 0, 0, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (50, NULL, 1262935906522304512, 0, 0, 0, 0, 0);
-INSERT INTO `appapigatewayhttpoptions` VALUES (51, NULL, 1262936009924481024, 0, 0, 0, 0, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (53, NULL, 1263074419073593344, 0, 0, 0, 0, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (54, NULL, 1263075249394790400, 0, 0, 0, 0, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (55, NULL, 1263075593499684864, 0, 0, 0, 0, 0);
@@ -667,6 +661,8 @@ INSERT INTO `appapigatewayhttpoptions` VALUES (135, NULL, 1316628769783480320, 0
 INSERT INTO `appapigatewayhttpoptions` VALUES (136, NULL, 1316628940663619584, 0, 0, 0, 0, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (137, NULL, 1316629112428756992, 0, 0, 0, 0, 0);
 INSERT INTO `appapigatewayhttpoptions` VALUES (138, NULL, 1316652047017246720, 0, 0, 0, 0, 0);
+INSERT INTO `appapigatewayhttpoptions` VALUES (139, NULL, 1316913899996737536, 0, 0, 0, 0, 0);
+INSERT INTO `appapigatewayhttpoptions` VALUES (140, NULL, 1319200951383199744, 0, 0, 0, 0, 0);
 
 -- ----------------------------
 -- Table structure for appapigatewayqosoptions
@@ -684,7 +680,7 @@ CREATE TABLE `appapigatewayqosoptions`  (
   UNIQUE INDEX `IX_AppApiGatewayQoSOptions_ReRouteId`(`ReRouteId`) USING BTREE,
   CONSTRAINT `FK_AppApiGatewayQoSOptions_AppApiGatewayGlobalConfiguration_Ite~` FOREIGN KEY (`ItemId`) REFERENCES `appapigatewayglobalconfiguration` (`ItemId`) ON DELETE CASCADE ON UPDATE RESTRICT,
   CONSTRAINT `FK_AppApiGatewayQoSOptions_AppApiGatewayReRoute_ReRouteId` FOREIGN KEY (`ReRouteId`) REFERENCES `appapigatewayreroute` (`ReRouteId`) ON DELETE CASCADE ON UPDATE RESTRICT
-) ENGINE = InnoDB AUTO_INCREMENT = 139 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
+) ENGINE = InnoDB AUTO_INCREMENT = 141 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
 
 -- ----------------------------
 -- Records of appapigatewayqosoptions
@@ -711,8 +707,6 @@ INSERT INTO `appapigatewayqosoptions` VALUES (23, NULL, 1262230734939758592, 60,
 INSERT INTO `appapigatewayqosoptions` VALUES (24, NULL, 1262296916350869504, 60, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (25, NULL, 1262632376348594176, 50, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (26, NULL, 1262632791869902848, 50, 60000, 30000);
-INSERT INTO `appapigatewayqosoptions` VALUES (27, NULL, 1262632904575045632, 50, 60000, 30000);
-INSERT INTO `appapigatewayqosoptions` VALUES (28, NULL, 1262632976616411136, 50, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (29, NULL, 1262660336921235456, 50, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (30, NULL, 1262660528277966848, 50, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (31, NULL, 1262660706875625472, 50, 60000, 30000);
@@ -734,7 +728,6 @@ INSERT INTO `appapigatewayqosoptions` VALUES (46, NULL, 1262666172682883072, 50,
 INSERT INTO `appapigatewayqosoptions` VALUES (48, NULL, 1262723402331885568, 50, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (49, NULL, 1262935771746734080, 50, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (50, NULL, 1262935906522304512, 50, 60000, 30000);
-INSERT INTO `appapigatewayqosoptions` VALUES (51, NULL, 1262936009924481024, 50, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (53, NULL, 1263074419073593344, 50, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (54, NULL, 1263075249394790400, 50, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (55, NULL, 1263075593499684864, 50, 60000, 30000);
@@ -794,6 +787,8 @@ INSERT INTO `appapigatewayqosoptions` VALUES (135, NULL, 1316628769783480320, 50
 INSERT INTO `appapigatewayqosoptions` VALUES (136, NULL, 1316628940663619584, 50, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (137, NULL, 1316629112428756992, 50, 60000, 30000);
 INSERT INTO `appapigatewayqosoptions` VALUES (138, NULL, 1316652047017246720, 50, 60000, 30000);
+INSERT INTO `appapigatewayqosoptions` VALUES (139, NULL, 1316913899996737536, 50, 60000, 30000);
+INSERT INTO `appapigatewayqosoptions` VALUES (140, NULL, 1319200951383199744, 50, 60000, 30000);
 
 -- ----------------------------
 -- Table structure for appapigatewayratelimitoptions
@@ -835,7 +830,7 @@ CREATE TABLE `appapigatewayratelimitrule`  (
   UNIQUE INDEX `IX_AppApiGatewayRateLimitRule_ReRouteId`(`ReRouteId`) USING BTREE,
   CONSTRAINT `FK_AppApiGatewayRateLimitRule_AppApiGatewayDynamicReRoute_Dynam~` FOREIGN KEY (`DynamicReRouteId`) REFERENCES `appapigatewaydynamicreroute` (`DynamicReRouteId`) ON DELETE CASCADE ON UPDATE RESTRICT,
   CONSTRAINT `FK_AppApiGatewayRateLimitRule_AppApiGatewayReRoute_ReRouteId` FOREIGN KEY (`ReRouteId`) REFERENCES `appapigatewayreroute` (`ReRouteId`) ON DELETE CASCADE ON UPDATE RESTRICT
-) ENGINE = InnoDB AUTO_INCREMENT = 136 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
+) ENGINE = InnoDB AUTO_INCREMENT = 138 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
 
 -- ----------------------------
 -- Records of appapigatewayratelimitrule
@@ -861,8 +856,6 @@ INSERT INTO `appapigatewayratelimitrule` VALUES (22, 1262230734939758592, NULL,
 INSERT INTO `appapigatewayratelimitrule` VALUES (23, 1262296916350869504, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (24, 1262632376348594176, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (25, 1262632791869902848, NULL, '', 0, NULL, NULL, NULL);
-INSERT INTO `appapigatewayratelimitrule` VALUES (26, 1262632904575045632, NULL, '', 0, NULL, NULL, NULL);
-INSERT INTO `appapigatewayratelimitrule` VALUES (27, 1262632976616411136, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (28, 1262660336921235456, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (29, 1262660528277966848, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (30, 1262660706875625472, NULL, '', 0, NULL, NULL, NULL);
@@ -884,7 +877,6 @@ INSERT INTO `appapigatewayratelimitrule` VALUES (45, 1262666172682883072, NULL,
 INSERT INTO `appapigatewayratelimitrule` VALUES (47, 1262723402331885568, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (48, 1262935771746734080, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (49, 1262935906522304512, NULL, '', 0, NULL, NULL, NULL);
-INSERT INTO `appapigatewayratelimitrule` VALUES (50, 1262936009924481024, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (52, 1263074419073593344, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (53, 1263075249394790400, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (54, 1263075593499684864, NULL, '', 0, NULL, NULL, NULL);
@@ -944,6 +936,8 @@ INSERT INTO `appapigatewayratelimitrule` VALUES (132, 1316628769783480320, NULL,
 INSERT INTO `appapigatewayratelimitrule` VALUES (133, 1316628940663619584, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (134, 1316629112428756992, NULL, '', 0, NULL, NULL, NULL);
 INSERT INTO `appapigatewayratelimitrule` VALUES (135, 1316652047017246720, NULL, '', 0, NULL, NULL, NULL);
+INSERT INTO `appapigatewayratelimitrule` VALUES (136, 1316913899996737536, NULL, '', 0, NULL, NULL, NULL);
+INSERT INTO `appapigatewayratelimitrule` VALUES (137, 1319200951383199744, NULL, '', 0, NULL, NULL, NULL);
 
 -- ----------------------------
 -- Table structure for appapigatewayreroute
@@ -983,14 +977,14 @@ CREATE TABLE `appapigatewayreroute`  (
   PRIMARY KEY (`Id`) USING BTREE,
   UNIQUE INDEX `AK_AppApiGatewayReRoute_ReRouteId`(`ReRouteId`) USING BTREE,
   UNIQUE INDEX `IX_AppApiGatewayReRoute_AppId_DownstreamPathTemplate_UpstreamPa~`(`AppId`, `DownstreamPathTemplate`, `UpstreamPathTemplate`) USING BTREE
-) ENGINE = InnoDB AUTO_INCREMENT = 143 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
+) ENGINE = InnoDB AUTO_INCREMENT = 145 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
 
 -- ----------------------------
 -- Records of appapigatewayreroute
 -- ----------------------------
 INSERT INTO `appapigatewayreroute` VALUES (4, '{}', '84059fcecc91498b9beafac914865e2c', 1261299170387169280, '【后台管理】- 权限管理', '/api/permission-management/permissions', '', NULL, '/api/permission-management/permissions', 'GET,PUT,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30010,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (5, '{}', 'f168778a390d49d69d728ebd72b230ef', 1261585859064872960, '【身份认证服务】- 客户端管理', '/api/IdentityServer/Clients', '', NULL, '/api/IdentityServer/Clients', 'POST,GET,PUT,', '', '', 'X-Forwarded-For:{RemoteIpAddress},', '', '', '', NULL, 1, '', NULL, 'HTTP', '127.0.0.1:30015,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (6, '{}', 'd91d31c630dc4e4bae0fef8c3aa60427', 1261586605810368512, '【身份认证服务】- 查询客户端', '/api/IdentityServer/Clients/{Id}', '', NULL, '/api/IdentityServer/Clients/{Id}', 'GET,DELETE,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30015,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (5, '{}', 'f2312eed73cc4d3cbefcd1816849fd74', 1261585859064872960, '【身份认证服务】- 客户端', '/api/identity-server/clients', '', NULL, '/api/identity-server/clients', 'POST,GET,', '', '', 'X-Forwarded-For:{RemoteIpAddress},', '', '', '', NULL, 1, '', NULL, 'HTTP', '127.0.0.1:30015,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (6, '{}', 'b764ec7b994147abb12974bfcee4a0a9', 1261586605810368512, '【身份认证服务】- 管理客户端', '/api/identity-server/clients/{Id}', '', NULL, '/api/identity-server/clients/{Id}', 'GET,DELETE,PUT,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30015,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (7, '{}', 'b4ce189320804dc6b87e602594e93d35', 1261587558609436672, '【服务网关管理】- 路由组管理', '/api/ApiGateway/RouteGroups', '', '', '/api/ApiGateway/RouteGroups', 'GET,POST,PUT,DELETE,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30001,', '', NULL, '', NULL, 30000, 1, NULL, 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (8, '{}', '8736fefa36da4b129f3fcf6aa095f2ce', 1261588213298348032, '【服务网关管理】- 查询单个路由组', '/api/ApiGateway/RouteGroups/By-AppId/{AppId}', '', '', '/api/ApiGateway/RouteGroups/By-AppId/{AppId}', 'GET,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30001,', '', NULL, '', NULL, 30000, 1, NULL, 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (9, '{}', 'befd14ad39e244bc9dea7e0c01e642ce', 1261588367619375104, '【服务网关管理】- 查询所有有效路由组', '/api/ApiGateway/RouteGroups/Actived', '', '', '/api/ApiGateway/RouteGroups/Actived', 'GET,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30001,', '', NULL, '', NULL, 30000, 1, NULL, 'TEST-APP');
@@ -1004,13 +998,11 @@ INSERT INTO `appapigatewayreroute` VALUES (16, '{}', '00d0a12f403a4a919c99c534bd
 INSERT INTO `appapigatewayreroute` VALUES (17, '{}', '8c308f1386ad49c799cd281eb95170ac', 1261589960393736192, '【服务网关管理】- 通过应用标识查询动态路由', '/api/ApiGateway/DynamicRoutes/By-AppId/{AppId}', '', NULL, '/api/ApiGateway/DynamicRoutes/By-AppId/{AppId}', 'GET,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30001,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (18, '{}', 'e659ebbf61534a978335cfeabdc0b375', 1261606600242085888, '【服务网关管理】- 通过应用标识查询聚合路由', '/api/ApiGateway/Aggregates/by-AppId/{AppId}', '', NULL, '/api/ApiGateway/Aggregates/by-AppId/{AppId}', 'GET,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30001,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (19, '{}', 'd665e4491b81413385858601d9cf9a1d', 1261606689601732608, '【服务网关管理】- 聚合路由', '/api/ApiGateway/Aggregates', '', NULL, '/api/ApiGateway/Aggregates', 'GET,POST,PUT,DELETE,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30001,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (22, '{}', '47c55e759d824450a987a705fd08387c', 1262220447629058048, '【身份认证服务】- 客户端密钥', '/api/IdentityServer/Clients/Secrets', '', NULL, '/api/IdentityServer/Clients/Secrets', 'PUT,POST,DELETE,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30015,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (23, '{}', '4da82cbff6ab48e185100526eaed22df', 1262230734939758592, '【身份认证服务】- 客户端声明', '/api/IdentityServer/Clients/Claims', '', NULL, '/api/IdentityServer/Clients/Claims', 'PUT,POST,DELETE,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30015,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (25, '{}', 'b6009df9b18c44b3aa2b77f27b0c2abb', 1262296916350869504, '【身份认证服务】- 客户端属性', '/api/IdentityServer/Clients/Properties', '', NULL, '/api/IdentityServer/Clients/Properties', 'PUT,POST,DELETE,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30015,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (26, '{}', '401a7a8e8a2f41c599b1b87b55249a32', 1262632376348594176, '【身份认证服务】- Api资源管理', '/api/IdentityServer/ApiResources', '', '', '/api/IdentityServer/ApiResources', 'GET,POST,PUT,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (27, '{}', 'c662a4c29e654f9da6eb73ee456b533a', 1262632791869902848, '【身份认证服务】- 单个Api资源', '/api/IdentityServer/ApiResources/{Id}', '', '', '/api/IdentityServer/ApiResources/{Id}', 'GET,DELETE,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (28, '{}', 'a0c2bdfdd0de4832b63d6dc3696c9c26', 1262632904575045632, '【身份认证服务】- Api资源密钥', '/api/IdentityServer/ApiResources/Secrets', '', '', '/api/IdentityServer/ApiResources/Secrets', 'DELETE,POST,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (29, '{}', 'fb0e7ca974f243ce9f4034b39bdda326', 1262632976616411136, '【身份认证服务】- Api资源作用域', '/api/IdentityServer/ApiResources/Scopes', '', '', '/api/IdentityServer/ApiResources/Scopes', 'DELETE,POST,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (22, '{}', '2aad614e2c2a497593a4784ff639c3d9', 1262220447629058048, '【身份认证服务】- 克隆客户端', '/api/identity-server/clients/{id}/clone', '', NULL, '/api/identity-server/clients/{id}/clone', 'POST,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30015,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (23, '{}', '892101e2e4e34bcfab42cdb5c4452643', 1262230734939758592, '【身份认证服务】- 可用的Api资源', '/api/identity-server/clients/assignable-api-resources', '', NULL, '/api/identity-server/clients/assignable-api-resources', 'GET,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30015,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (25, '{}', '38833181fe6b4ab0a0baf21ea22edb94', 1262296916350869504, '【身份认证服务】- 可用的身份资源', '/api/identity-server/clients/assignable-identity-resources', '', NULL, '/api/identity-server/clients/assignable-identity-resources', 'GET,', '', '', '', '', '', '', NULL, 1, NULL, NULL, 'HTTP', '127.0.0.1:30015,', '', NULL, NULL, NULL, 30000, 1, NULL, 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (26, '{}', '3fccd1318d0d47d9aef85542668829a6', 1262632376348594176, '【身份认证服务】- Api资源', '/api/identity-server/api-resources', '', '', '/api/identity-server/api-resources', 'GET,POST,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (27, '{}', 'de6bd0ddea6d4019b4855be5442fafdc', 1262632791869902848, '【身份认证服务】- 管理Api资源', '/api/identity-server/api-resources/{id}', '', '', '/api/identity-server/api-resources/{id}', 'GET,DELETE,PUT,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (30, '{}', '0f9875697b74420c9dc2eaf77099b210', 1262660336921235456, '【身份认证服务】- 用户登录', '/api/account/login', '', '', '/api/account/login', 'POST,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (31, '{}', 'a890c6ecc6a64c9fa313a0f6b5406e1c', 1262660528277966848, '【身份认证服务】- 用户登出', '/api/account/logout', '', '', '/api/account/logout', 'GET,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (32, '{}', '88de580b6beb4d9d9d4367840ba1fcea', 1262660706875625472, '【身份认证服务】- 检查密码', '/api/account/checkPassword', '', '', '/api/account/checkPassword', 'POST,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
@@ -1029,10 +1021,9 @@ INSERT INTO `appapigatewayreroute` VALUES (44, '{}', '8c8ec5ad6aaa4145981ee7ac87
 INSERT INTO `appapigatewayreroute` VALUES (45, '{}', 'f5c0c8c02c0846fdbe5015cd86f3d81b', 1262665456471920640, '【身份认证服务】- 通过名称查询用户', '/api/identity/users/lookup/by-username/{userName}', '', '', '/api/identity/users/lookup/by-username/{userName}', 'GET,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (46, '{}', 'ecf0ea4a3e3c4b2e8fa3621514d00c74', 1262665628165754880, '【基础服务】- 通过名称查询租户', '/api/abp/multi-tenancy/tenants/by-name/{name}', '', '', '/api/abp/multi-tenancy/tenants/by-name/{name}', 'GET,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30010,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (47, '{}', '69132bc515b64005af4292ce0dee5626', 1262666172682883072, '【基础服务】- 通过标识查询租户', '/api/abp/multi-tenancy/tenants/by-id/{id}', '', '', '/api/abp/multi-tenancy/tenants/by-id/{id}', 'GET,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30010,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (49, '{}', '4114a097b9e04a9e90458edf02ef41c7', 1262723402331885568, '【身份认证服务】- 克隆客户端', '/api/IdentityServer/Clients/Clone', '', '', '/api/IdentityServer/Clients/Clone', 'POST,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (50, '{}', '2a9cc98d3ed0462d98c4bf0e946f410d', 1262935771746734080, '【身份认证服务】- 身份资源管理', '/api/IdentityServer/IdentityResources', '', '', '/api/IdentityServer/IdentityResources', 'GET,POST,PUT,DELETE,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (51, '{}', '4d36b0ea5b92473ea5de3e91ff155830', 1262935906522304512, '【身份认证服务】- 查询身份资源', '/api/IdentityServer/IdentityResources/{Id}', '', '', '/api/IdentityServer/IdentityResources/{Id}', 'GET,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
-INSERT INTO `appapigatewayreroute` VALUES (52, '{}', '387df08693e54e91ac055a2324d4c10e', 1262936009924481024, '【身份认证服务】- 身份资源属性', '/api/IdentityServer/IdentityResources/Properties', '', '', '/api/IdentityServer/IdentityResources/Properties', 'POST,DELETE,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (49, '{}', 'b8d2dd9d366540dd95f91023b626472f', 1262723402331885568, '【身份认证服务】- 已有的跨域资源', '/api/identity-server/clients/distinct-cors-origins', '', '', '/api/identity-server/clients/distinct-cors-origins', 'GET,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (50, '{}', 'f333d028839d4fc2aafa8509e674d7dd', 1262935771746734080, '【身份认证服务】- 身份资源', '/api/identity-server/identity-resources', '', '', '/api/identity-server/identity-resources', 'GET,POST,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (51, '{}', 'dffd1bfaca5b4c1890221678f2b16cd5', 1262935906522304512, '【身份认证服务】- 身份资源管理', '/api/identity-server/identity-resources/{id}', '', '', '/api/identity-server/identity-resources/{id}', 'GET,PUT,DELETE,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (54, '{}', '7b847d8434bc4d1db07fa8961d90c14a', 1263074419073593344, '【服务网关管理】- 接口代理', '/api/abp/api-definition', '', '', '/api/abp/apigateway/api-definition', 'GET,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30001,', '', '', 'apigateway-api-definition', 0, 30000, 1, '', 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (55, '{}', 'ca2cedfa620045a9adef0be2f958c4bc', 1263075249394790400, '【服务网关管理】- 查询聚合路由', '/api/ApiGateway/Aggregates/{RouteId}', '', '', '/api/ApiGateway/Aggregates/{RouteId}', 'GET,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30001,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (57, '{}', '98fbc99fc8644946ac0a72cc3dc5fd1f', 1263075593499684864, '【服务网关管理】- 聚合路由配置', '/api/ApiGateway/Aggregates/RouteConfig', '', '', '/api/ApiGateway/Aggregates/RouteConfig', 'POST,DELETE,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30001,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
@@ -1092,6 +1083,8 @@ INSERT INTO `appapigatewayreroute` VALUES (139, '{}', '0379fcb3a9cd4b13b562b3b5b
 INSERT INTO `appapigatewayreroute` VALUES (140, '{}', 'de25c9a80d994f728b37eb483b2f5127', 1316628940663619584, '【身份认证服务】- 管理声明类型', '/api/identity/claim-types/{id}', '', '', '/api/identity/claim-types/{id}', 'GET,PUT,DELETE,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (141, '{}', '25c19106baff4cf3a877ae8cd690a1b5', 1316629112428756992, '【身份认证服务】- 查询在用的声明类型列表', '/api/identity/claim-types/actived-list', '', '', '/api/identity/claim-types/actived-list', 'GET,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
 INSERT INTO `appapigatewayreroute` VALUES (142, '{}', 'd42f8b779cf344eeaa24df0ae37fb7cf', 1316652047017246720, '【身份认证服务】- 管理用户声明', '/api/identity/users/claims/{id}', '', '', '/api/identity/users/claims/{id}', 'POST,PUT,DELETE,GET,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (143, '{}', 'b86af44a34a14db4b482df8550f1bde1', 1316913899996737536, '【身份认证管理】- 管理角色声明', '/api/identity/roles/claims/{id}', '', '', '/api/identity/roles/claims/{id}', 'GET,POST,PUT,DELETE,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:30015,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
+INSERT INTO `appapigatewayreroute` VALUES (144, '{}', '51a14bc295044de985ae014fbcc5bddf', 1319200951383199744, '【IdentityServer4】- 发现端点', '/.well-known/openid-configuration', '', '', '/.well-known/openid-configuration', 'GET,', '', '', '', '', '', '', '', 1, '', '', 'HTTP', '127.0.0.1:44385,', '', '', '', 0, 30000, 1, '', 'TEST-APP');
 
 -- ----------------------------
 -- Table structure for appapigatewayroutegroup
@@ -1135,7 +1128,7 @@ CREATE TABLE `appapigatewaysecurityoptions`  (
   PRIMARY KEY (`Id`) USING BTREE,
   UNIQUE INDEX `IX_AppApiGatewaySecurityOptions_ReRouteId`(`ReRouteId`) USING BTREE,
   CONSTRAINT `FK_AppApiGatewaySecurityOptions_AppApiGatewayReRoute_ReRouteId` FOREIGN KEY (`ReRouteId`) REFERENCES `appapigatewayreroute` (`ReRouteId`) ON DELETE CASCADE ON UPDATE RESTRICT
-) ENGINE = InnoDB AUTO_INCREMENT = 136 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
+) ENGINE = InnoDB AUTO_INCREMENT = 138 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;
 
 -- ----------------------------
 -- Records of appapigatewaysecurityoptions
@@ -1161,8 +1154,6 @@ INSERT INTO `appapigatewaysecurityoptions` VALUES (22, 1262230734939758592, '',
 INSERT INTO `appapigatewaysecurityoptions` VALUES (23, 1262296916350869504, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (24, 1262632376348594176, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (25, 1262632791869902848, '', '');
-INSERT INTO `appapigatewaysecurityoptions` VALUES (26, 1262632904575045632, '', '');
-INSERT INTO `appapigatewaysecurityoptions` VALUES (27, 1262632976616411136, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (28, 1262660336921235456, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (29, 1262660528277966848, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (30, 1262660706875625472, '', '');
@@ -1184,7 +1175,6 @@ INSERT INTO `appapigatewaysecurityoptions` VALUES (45, 1262666172682883072, '',
 INSERT INTO `appapigatewaysecurityoptions` VALUES (47, 1262723402331885568, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (48, 1262935771746734080, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (49, 1262935906522304512, '', '');
-INSERT INTO `appapigatewaysecurityoptions` VALUES (50, 1262936009924481024, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (52, 1263074419073593344, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (53, 1263075249394790400, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (54, 1263075593499684864, '', '');
@@ -1244,6 +1234,8 @@ INSERT INTO `appapigatewaysecurityoptions` VALUES (132, 1316628769783480320, '',
 INSERT INTO `appapigatewaysecurityoptions` VALUES (133, 1316628940663619584, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (134, 1316629112428756992, '', '');
 INSERT INTO `appapigatewaysecurityoptions` VALUES (135, 1316652047017246720, '', '');
+INSERT INTO `appapigatewaysecurityoptions` VALUES (136, 1316913899996737536, '', '');
+INSERT INTO `appapigatewaysecurityoptions` VALUES (137, 1319200951383199744, '', '');
 
 -- ----------------------------
 -- Table structure for cap.published
@@ -1265,10 +1257,21 @@ CREATE TABLE `cap.published`  (
 -- ----------------------------
 -- Records of cap.published
 -- ----------------------------
-INSERT INTO `cap.published` VALUES (1316628771217932288, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1316628771217932288\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/15 14:35:35 +08:00\",\"cap-corr-id\":\"1316628771217932288\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-15T14:35:35.4925577+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Create\",\"Object\":\"ReRoute\"}}', 0, '2020-10-15 14:35:36', '2020-10-16 14:35:36', 'Succeeded');
-INSERT INTO `cap.published` VALUES (1316628940789448704, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1316628940789448704\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/15 14:36:15 +08:00\",\"cap-corr-id\":\"1316628940789448704\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-15T14:36:15.9244062+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Create\",\"Object\":\"ReRoute\"}}', 0, '2020-10-15 14:36:16', '2020-10-16 14:36:16', 'Succeeded');
-INSERT INTO `cap.published` VALUES (1316629112500060160, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1316629112500060160\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/15 14:36:56 +08:00\",\"cap-corr-id\":\"1316629112500060160\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-15T14:36:56.8629946+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Create\",\"Object\":\"ReRoute\"}}', 0, '2020-10-15 14:36:57', '2020-10-16 14:36:57', 'Succeeded');
-INSERT INTO `cap.published` VALUES (1316652047117910016, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1316652047117910016\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/15 16:08:04 +08:00\",\"cap-corr-id\":\"1316652047117910016\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-15T16:08:04.901902+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Create\",\"Object\":\"ReRoute\"}}', 0, '2020-10-15 16:08:05', '2020-10-16 16:08:05', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1316913901179531264, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1316913901179531264\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/16 9:28:35 +08:00\",\"cap-corr-id\":\"1316913901179531264\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-16T09:28:35.7734416+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Create\",\"Object\":\"ReRoute\"}}', 0, '2020-10-16 09:28:36', '2020-10-17 09:28:36', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1317010396352376832, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1317010396352376832\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/16 15:52:02 +08:00\",\"cap-corr-id\":\"1317010396352376832\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-16T15:52:02.0169083+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Modify\",\"Object\":\"ReRoute\"}}', 0, '2020-10-16 15:52:02', '2020-10-17 15:52:02', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1317010428531077120, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1317010428531077120\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/16 15:52:09 +08:00\",\"cap-corr-id\":\"1317010428531077120\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-16T15:52:09.6896583+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Modify\",\"Object\":\"ReRoute\"}}', 0, '2020-10-16 15:52:10', '2020-10-17 15:52:10', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1317010521804009472, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1317010521804009472\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/16 15:52:31 +08:00\",\"cap-corr-id\":\"1317010521804009472\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-16T15:52:31.9268977+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Modify\",\"Object\":\"ReRoute\"}}', 0, '2020-10-16 15:52:32', '2020-10-17 15:52:32', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1317010532486901760, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1317010532486901760\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/16 15:52:34 +08:00\",\"cap-corr-id\":\"1317010532486901760\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-16T15:52:34.474519+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Delete\",\"Object\":\"ReRoute\"}}', 0, '2020-10-16 15:52:34', '2020-10-17 15:52:34', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1317010545040453632, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1317010545040453632\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/16 15:52:37 +08:00\",\"cap-corr-id\":\"1317010545040453632\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-16T15:52:37.4659098+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Delete\",\"Object\":\"ReRoute\"}}', 0, '2020-10-16 15:52:37', '2020-10-17 15:52:37', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1317073463182389248, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1317073463182389248\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/16 20:02:38 +08:00\",\"cap-corr-id\":\"1317073463182389248\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-16T20:02:38.320969+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Modify\",\"Object\":\"ReRoute\"}}', 0, '2020-10-16 20:02:38', '2020-10-17 20:02:38', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1317073573329006592, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1317073573329006592\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/16 20:03:04 +08:00\",\"cap-corr-id\":\"1317073573329006592\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-16T20:03:04.5820788+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Modify\",\"Object\":\"ReRoute\"}}', 0, '2020-10-16 20:03:05', '2020-10-17 20:03:05', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1319200204608344064, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1319200204608344064\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/22 16:53:32 +08:00\",\"cap-corr-id\":\"1319200204608344064\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-22T16:53:32.9840134+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Modify\",\"Object\":\"ReRoute\"}}', 0, '2020-10-22 16:53:33', '2020-10-23 16:53:33', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1319200280713990144, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1319200280713990144\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/22 16:53:51 +08:00\",\"cap-corr-id\":\"1319200280713990144\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-22T16:53:51.1354824+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Modify\",\"Object\":\"ReRoute\"}}', 0, '2020-10-22 16:53:51', '2020-10-23 16:53:51', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1319200384619483136, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1319200384619483136\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/22 16:54:15 +08:00\",\"cap-corr-id\":\"1319200384619483136\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-22T16:54:15.9078421+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Modify\",\"Object\":\"ReRoute\"}}', 0, '2020-10-22 16:54:16', '2020-10-23 16:54:16', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1319200560994160640, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1319200560994160640\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/22 16:54:57 +08:00\",\"cap-corr-id\":\"1319200560994160640\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-22T16:54:57.9595375+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Modify\",\"Object\":\"ReRoute\"}}', 0, '2020-10-22 16:54:58', '2020-10-23 16:54:58', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1319200657442181120, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1319200657442181120\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/22 16:55:20 +08:00\",\"cap-corr-id\":\"1319200657442181120\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-22T16:55:20.9536617+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Modify\",\"Object\":\"ReRoute\"}}', 0, '2020-10-22 16:55:21', '2020-10-23 16:55:21', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1319200806365138944, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1319200806365138944\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/22 16:55:56 +08:00\",\"cap-corr-id\":\"1319200806365138944\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-22T16:55:56.4604217+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Modify\",\"Object\":\"ReRoute\"}}', 0, '2020-10-22 16:55:56', '2020-10-23 16:55:56', 'Succeeded');
+INSERT INTO `cap.published` VALUES (1319200951785852928, 'v1', 'LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData', '{\"Headers\":{\"cap-callback-name\":null,\"cap-msg-id\":\"1319200951785852928\",\"cap-msg-name\":\"LINGYUN.ApiGateway.EventBus.ApigatewayConfigChangeEventData\",\"cap-msg-type\":\"Object\",\"cap-senttime\":\"2020/10/22 16:56:31 +08:00\",\"cap-corr-id\":\"1319200951785852928\",\"cap-corr-seq\":\"0\"},\"Value\":{\"DateTime\":\"2020-10-22T16:56:31.1318192+08:00\",\"AppId\":\"TEST-APP\",\"Method\":\"Create\",\"Object\":\"ReRoute\"}}', 0, '2020-10-22 16:56:31', '2020-10-23 16:56:31', 'Succeeded');
 
 -- ----------------------------
 -- Table structure for cap.received

aspnet-core/modules/account/LINGYUN.Abp.Account.Web/LINGYUN.Abp.Account.Web.csproj

@@ -1,6 +1,6 @@
 <Project Sdk="Microsoft.NET.Sdk.Web">
 
-  <Import Project="..\..\..\..\common.props" />
+  <Import Project="..\..\..\common.props" />
 
   <PropertyGroup>
     <TargetFramework>netcoreapp3.1</TargetFramework>

aspnet-core/modules/identity/LINGYUN.Abp.Identity.Application.Contracts/LINGYUN/Abp/Identity/IdentityPermissionDefinitionProvider.cs

@@ -30,8 +30,8 @@ namespace LINGYUN.Abp.Identity
                 origanizationUnitPermission.AddChild(IdentityPermissions.OrganizationUnits.Create, L("Permission:Create"));
                 origanizationUnitPermission.AddChild(IdentityPermissions.OrganizationUnits.Update, L("Permission:Edit"));
                 origanizationUnitPermission.AddChild(IdentityPermissions.OrganizationUnits.Delete, L("Permission:Delete"));
-                origanizationUnitPermission.AddChild(IdentityPermissions.OrganizationUnits.ManageRoles, L("Permission:ChangeRoles"));
-                origanizationUnitPermission.AddChild(IdentityPermissions.OrganizationUnits.ManageUsers, L("Permission:ChangeUsers"));
+                origanizationUnitPermission.AddChild(IdentityPermissions.OrganizationUnits.ManageRoles, L("Permission:ManageRoles"));
+                origanizationUnitPermission.AddChild(IdentityPermissions.OrganizationUnits.ManageUsers, L("Permission:ManageUsers"));
 
                 var identityClaimType = identityGroup.AddPermission(IdentityPermissions.IdentityClaimType.Default, L("Permission:IdentityClaimTypeManagement"), MultiTenancySides.Host);
                 identityClaimType.AddChild(IdentityPermissions.IdentityClaimType.Create, L("Permission:Create"), MultiTenancySides.Host);

aspnet-core/modules/identity/LINGYUN.Abp.Identity.Application.Contracts/LINGYUN/Abp/Identity/Localization/en.json

@@ -2,8 +2,8 @@
   "culture": "en",
   "texts": {
     "Permission:OrganizationUnitManagement": "Organization unit management",
-    "Permission:ChangeRoles": "Change roles",
-    "Permission:ChangeUsers": "Change users",
+    "Permission:ManageRoles": "Management roles",
+    "Permission:ManageUsers": "Management users",
     "Permission:ManageClaims": "Management claims",
     "Permission:ManageOrganizationUnits": "Management organization units",
     "Permission:IdentityClaimTypeManagement": "Management claim types",
@@ -13,6 +13,7 @@
     "DisplayName:ClaimType": "Type",
     "DisplayName:ClaimValue": "Value",
     "ClaimSubject": "Claim - {0}",
+    "RoleSubject": "Role - {0}",
     "AddClaim": "Add claim",
     "UpdateClaim": "Update claim",
     "DeleteClaim": "Delete claim",

aspnet-core/modules/identity/LINGYUN.Abp.Identity.Application.Contracts/LINGYUN/Abp/Identity/Localization/zh-Hans.json

@@ -2,8 +2,8 @@
   "culture": "zh-Hans",
   "texts": {
     "Permission:OrganizationUnitManagement": "组织机构管理",
-    "Permission:ChangeRoles": "更改角色",
-    "Permission:ChangeUsers": "更改用户",
+    "Permission:ManageRoles": "管理角色",
+    "Permission:ManageUsers": "管理用户",
     "Permission:ManageClaims": "管理声明",
     "Permission:ManageOrganizationUnits": "管理组织机构",
     "Permission:IdentityClaimTypeManagement": "管理声明类型",
@@ -13,6 +13,7 @@
     "DisplayName:ClaimType": "声明类型",
     "DisplayName:ClaimValue": "声明值",
     "ClaimSubject": "声明 - {0}",
+    "RoleSubject": "角色 - {0}",
     "AddClaim": "添加声明",
     "UpdateClaim": "变更声明",
     "DeleteClaim": "删除声明",

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/AbpIdentityServerPermissionDefinitionProvider.cs

@@ -28,57 +28,29 @@ namespace LINGYUN.Abp.IdentityServer
             clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.Create, L("Permissions:Create"), MultiTenancySides.Host);
             clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.Update, L("Permissions:Update"), MultiTenancySides.Host);
             clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.Clone, L("Permissions:Clone"), MultiTenancySides.Host);
-            clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.Enabled, L("Permissions:Enabled"), MultiTenancySides.Host);
-            clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.Disabled, L("Permissions:Disabled"), MultiTenancySides.Host);
             clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.Delete, L("Permissions:Delete"), MultiTenancySides.Host);
             clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.ManagePermissions, L("Permissions:ManagePermissions"), MultiTenancySides.Host);
-
-            // 客户端声明权限
-            var clientClaimPermissiosn = clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.Claims.Default, L("Permissions:Clients:Claims"), MultiTenancySides.Host);
-            clientClaimPermissiosn.AddChild(AbpIdentityServerPermissions.Clients.Claims.Create, L("Permissions:Create"), MultiTenancySides.Host);
-            clientClaimPermissiosn.AddChild(AbpIdentityServerPermissions.Clients.Claims.Update, L("Permissions:Update"), MultiTenancySides.Host);
-            clientClaimPermissiosn.AddChild(AbpIdentityServerPermissions.Clients.Claims.Delete, L("Permissions:Delete"), MultiTenancySides.Host);
-
-            // 客户端密钥权限
-            var clientSecretPermissiosn = clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.Secrets.Default, L("Permissions:Clients:Secrets"), MultiTenancySides.Host);
-            clientSecretPermissiosn.AddChild(AbpIdentityServerPermissions.Clients.Secrets.Create, L("Permissions:Create"), MultiTenancySides.Host);
-            clientSecretPermissiosn.AddChild(AbpIdentityServerPermissions.Clients.Secrets.Update, L("Permissions:Update"), MultiTenancySides.Host);
-            clientSecretPermissiosn.AddChild(AbpIdentityServerPermissions.Clients.Secrets.Delete, L("Permissions:Delete"), MultiTenancySides.Host);
-
-            // 客户端属性权限
-            var clientPropertyPermissiosn = clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.Properties.Default, L("Permissions:Clients:Properties"), MultiTenancySides.Host);
-            clientPropertyPermissiosn.AddChild(AbpIdentityServerPermissions.Clients.Properties.Create, L("Permissions:Create"), MultiTenancySides.Host);
-            clientPropertyPermissiosn.AddChild(AbpIdentityServerPermissions.Clients.Properties.Update, L("Permissions:Update"), MultiTenancySides.Host);
-            clientPropertyPermissiosn.AddChild(AbpIdentityServerPermissions.Clients.Properties.Delete, L("Permissions:Delete"), MultiTenancySides.Host);
+            clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.ManageClaims, L("Permissions:ManageClaims"), MultiTenancySides.Host);
+            clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.ManageSecrets, L("Permissions:ManageSecrets"), MultiTenancySides.Host);
+            clientPermissions.AddChild(AbpIdentityServerPermissions.Clients.ManageProperties, L("Permissions:ManageProperties"), MultiTenancySides.Host);
 
             // Api资源权限
             var apiResourcePermissions = identityServerGroup.AddPermission(AbpIdentityServerPermissions.ApiResources.Default, L("Permissions:ApiResources"), MultiTenancySides.Host);
             apiResourcePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.Create, L("Permissions:Create"), MultiTenancySides.Host);
             apiResourcePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.Update, L("Permissions:Update"), MultiTenancySides.Host);
             apiResourcePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.Delete, L("Permissions:Delete"), MultiTenancySides.Host);
-
-            // Api作用域权限
-            var apiResourceScopePermissions = apiResourcePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.Scope.Default, L("Permissions:ApiResources:Scope"), MultiTenancySides.Host);
-            apiResourceScopePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.Scope.Create, L("Permissions:Create"), MultiTenancySides.Host);
-            apiResourceScopePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.Scope.Update, L("Permissions:Update"), MultiTenancySides.Host);
-            apiResourceScopePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.Scope.Delete, L("Permissions:Delete"), MultiTenancySides.Host);
-
-            // Api密钥权限
-            var apiResourceSecretPermissions = apiResourcePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.Secrets.Default, L("Permissions:ApiResources:Secrets"), MultiTenancySides.Host);
-            apiResourceSecretPermissions.AddChild(AbpIdentityServerPermissions.ApiResources.Secrets.Create, L("Permissions:Create"), MultiTenancySides.Host);
-            apiResourceSecretPermissions.AddChild(AbpIdentityServerPermissions.ApiResources.Secrets.Update, L("Permissions:Update"), MultiTenancySides.Host);
-            apiResourceSecretPermissions.AddChild(AbpIdentityServerPermissions.ApiResources.Secrets.Delete, L("Permissions:Delete"), MultiTenancySides.Host);
+            apiResourcePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.ManageClaims, L("Permissions:ManageClaims"), MultiTenancySides.Host);
+            apiResourcePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.ManageSecrets, L("Permissions:ManageSecrets"), MultiTenancySides.Host);
+            apiResourcePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.ManageProperties, L("Permissions:ManageProperties"), MultiTenancySides.Host);
+            apiResourcePermissions.AddChild(AbpIdentityServerPermissions.ApiResources.ManageScopes, L("Permissions:ManageScopes"), MultiTenancySides.Host);
 
             // 身份资源权限
             var identityResourcePermissions = identityServerGroup.AddPermission(AbpIdentityServerPermissions.IdentityResources.Default, L("Permissions:IdentityResources"), MultiTenancySides.Host);
             identityResourcePermissions.AddChild(AbpIdentityServerPermissions.IdentityResources.Create, L("Permissions:Create"), MultiTenancySides.Host);
             identityResourcePermissions.AddChild(AbpIdentityServerPermissions.IdentityResources.Update, L("Permissions:Update"), MultiTenancySides.Host);
             identityResourcePermissions.AddChild(AbpIdentityServerPermissions.IdentityResources.Delete, L("Permissions:Delete"), MultiTenancySides.Host);
-
-            // 身份资源属性权限
-            var identityResourcePropertyPermissiosn = identityResourcePermissions.AddChild(AbpIdentityServerPermissions.IdentityResources.Properties.Default, L("Permissions:IdentityResources:Properties"), MultiTenancySides.Host);
-            identityResourcePropertyPermissiosn.AddChild(AbpIdentityServerPermissions.IdentityResources.Properties.Create, L("Permissions:Create"), MultiTenancySides.Host);
-            identityResourcePropertyPermissiosn.AddChild(AbpIdentityServerPermissions.IdentityResources.Properties.Delete, L("Permissions:Delete"), MultiTenancySides.Host);
+            identityResourcePermissions.AddChild(AbpIdentityServerPermissions.IdentityResources.ManageClaims, L("Permissions:ManageClaims"), MultiTenancySides.Host);
+            identityResourcePermissions.AddChild(AbpIdentityServerPermissions.IdentityResources.ManageProperties, L("Permissions:ManageProperties"), MultiTenancySides.Host);
         }
 
         protected virtual LocalizableString L(string name)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/AbpIdentityServerPermissions.cs

@@ -2,7 +2,7 @@
 {
     public class AbpIdentityServerPermissions
     {
-        public const string GroupName = "IdentityServer";
+        public const string GroupName = "AbpIdentityServer";
 
         public static class Clients
         {
@@ -11,33 +11,10 @@
             public const string Update = Default + ".Update";
             public const string Delete = Default + ".Delete";
             public const string Clone = Default + ".Clone";
-            public const string Enabled = Default + ".Enabled";
-            public const string Disabled = Default + ".Disabled";
             public const string ManagePermissions = Default + ".ManagePermissions";
-
-            public static class Claims
-            {
-                public const string Default = Clients.Default + ".Claims";
-                public const string Create = Default + ".Create";
-                public const string Update = Default + ".Update";
-                public const string Delete = Default + ".Delete";
-            }
-
-            public static class Secrets
-            {
-                public const string Default = Clients.Default + ".Secrets";
-                public const string Create = Default + ".Create";
-                public const string Update = Default + ".Update";
-                public const string Delete = Default + ".Delete";
-            }
-
-            public static class Properties
-            {
-                public const string Default = Clients.Default + ".Properties";
-                public const string Create = Default + ".Create";
-                public const string Update = Default + ".Update";
-                public const string Delete = Default + ".Delete";
-            }
+            public const string ManageClaims = Default + ".ManageClaims";
+            public const string ManageSecrets = Default + ".ManageSecrets";
+            public const string ManageProperties = Default + ".ManageProperties";
         }
 
         public static class ApiResources
@@ -46,21 +23,10 @@
             public const string Create = Default + ".Create";
             public const string Update = Default + ".Update";
             public const string Delete = Default + ".Delete";
-            public static class Scope
-            {
-                public const string Default = ApiResources.Default + ".Scope";
-                public const string Create = Default + ".Create";
-                public const string Update = Default + ".Update";
-                public const string Delete = Default + ".Delete";
-            }
-
-            public static class Secrets
-            {
-                public const string Default = ApiResources.Default + ".Secrets";
-                public const string Create = Default + ".Create";
-                public const string Update = Default + ".Update";
-                public const string Delete = Default + ".Delete";
-            }
+            public const string ManageScopes = Default + ".ManageScopes";
+            public const string ManageClaims = Default + ".ManageClaims";
+            public const string ManageSecrets = Default + ".ManageSecrets";
+            public const string ManageProperties = Default + ".ManageProperties";
         }
 
         public static class IdentityResources
@@ -69,13 +35,8 @@
             public const string Create = Default + ".Create";
             public const string Update = Default + ".Update";
             public const string Delete = Default + ".Delete";
-
-            public static class Properties
-            {
-                public const string Default = IdentityResources.Default + ".Properties";
-                public const string Create = Default + ".Create";
-                public const string Delete = Default + ".Delete";
-            }
+            public const string ManageClaims = Default + ".ManageClaims";
+            public const string ManageProperties = Default + ".ManageProperties";
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiResourceClaimDto.cs

@@ -1,7 +0,0 @@
-namespace LINGYUN.Abp.IdentityServer.ApiResources
-{
-    public class ApiResourceClaimDto
-    {
-        public string Type { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiResourceCreateDto.cs

@@ -1,28 +1,12 @@
-using System.Collections.Generic;
-using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations;
 using Volo.Abp.IdentityServer.ApiResources;
 
 namespace LINGYUN.Abp.IdentityServer.ApiResources
 {
-    public class ApiResourceCreateDto
+    public class ApiResourceCreateDto : ApiResourceCreateOrUpdateDto
     {
         [Required]
         [StringLength(ApiResourceConsts.NameMaxLength)]
         public string Name { get; set; }
-
-        [StringLength(ApiResourceConsts.DisplayNameMaxLength)]
-        public string DisplayName { get; set; }
-
-        [StringLength(ApiResourceConsts.DescriptionMaxLength)]
-        public string Description { get; set; }
-
-        public bool Enabled { get; set; }
-
-        public List<ApiResourceClaimDto> UserClaims { get; set; }
-        public ApiResourceCreateDto()
-        {
-            Enabled = true;
-            UserClaims = new List<ApiResourceClaimDto>();
-        }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiResourceCreateOrUpdateDto.cs

@@ -0,0 +1,33 @@
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using Volo.Abp.IdentityServer.ApiResources;
+
+namespace LINGYUN.Abp.IdentityServer.ApiResources
+{
+    public class ApiResourceCreateOrUpdateDto
+    {
+        [StringLength(ApiResourceConsts.DisplayNameMaxLength)]
+        public string DisplayName { get; set; }
+
+        [StringLength(ApiResourceConsts.DescriptionMaxLength)]
+        public string Description { get; set; }
+
+        public bool Enabled { get; set; }
+
+        public List<string> UserClaims { get; set; }
+
+        public List<ApiScopeDto> Scopes { get; set; }
+
+        public List<ApiSecretCreateOrUpdateDto> Secrets { get; set; }
+
+        public Dictionary<string, string> Properties { get; set; }
+
+        protected ApiResourceCreateOrUpdateDto()
+        {
+            UserClaims = new List<string>();
+            Scopes = new List<ApiScopeDto>();
+            Secrets = new List<ApiSecretCreateOrUpdateDto>();
+            Properties = new Dictionary<string, string>();
+        }
+    }
+}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiResourceDto.cs

@@ -4,7 +4,7 @@ using Volo.Abp.Application.Dtos;
 
 namespace LINGYUN.Abp.IdentityServer.ApiResources
 {
-    public class ApiResourceDto : FullAuditedEntityDto<Guid>
+    public class ApiResourceDto : ExtensibleFullAuditedEntityDto<Guid>
     {
         public string Name { get; set; }
 
@@ -18,13 +18,16 @@ namespace LINGYUN.Abp.IdentityServer.ApiResources
 
         public List<ApiScopeDto> Scopes { get; set; }
 
-        public List<ApiResourceClaimDto> UserClaims { get; set; }
+        public List<string> UserClaims { get; set; }
+
+        public Dictionary<string, string> Properties { get; set; }
 
         public ApiResourceDto()
         {
+            UserClaims = new List<string>();
             Scopes = new List<ApiScopeDto>();
             Secrets = new List<ApiSecretDto>();
-            UserClaims = new List<ApiResourceClaimDto>();
+            Properties = new Dictionary<string, string>();
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiResourceGetByIdInputDto.cs

@@ -1,9 +0,0 @@
-using System;
-using Volo.Abp.Application.Dtos;
-
-namespace LINGYUN.Abp.IdentityServer.ApiResources
-{
-    public class ApiResourceGetByIdInputDto : EntityDto<Guid>
-    {
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiResourceUpdateDto.cs

@@ -1,29 +1,6 @@
-using System;
-using System.Collections.Generic;
-using System.ComponentModel.DataAnnotations;
-using System.Text;
-using Volo.Abp.IdentityServer.ApiResources;
-
-namespace LINGYUN.Abp.IdentityServer.ApiResources
+namespace LINGYUN.Abp.IdentityServer.ApiResources
 {
-    public class ApiResourceUpdateDto
+    public class ApiResourceUpdateDto : ApiResourceCreateOrUpdateDto
     {
-        [Required]
-        public Guid Id { get; set; }
-
-        [StringLength(ApiResourceConsts.DisplayNameMaxLength)]
-        public string DisplayName { get; set; }
-
-        [StringLength(ApiResourceConsts.DescriptionMaxLength)]
-        public string Description { get; set; }
-
-        public bool Enabled { get; set; }
-
-        public List<ApiResourceClaimDto> UserClaims { get; set; }
-
-        public ApiResourceUpdateDto()
-        {
-            UserClaims = new List<ApiResourceClaimDto>();
-        }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiScopeClaimDto.cs

@@ -1,7 +0,0 @@
-namespace LINGYUN.Abp.IdentityServer.ApiResources
-{
-    public class ApiScopeClaimDto
-    {
-        public string Type { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiScopeCreateDto.cs

@@ -26,11 +26,11 @@ namespace LINGYUN.Abp.IdentityServer.ApiResources
 
         public bool ShowInDiscoveryDocument { get; set; }
 
-        public List<ApiScopeClaimDto> UserClaims { get; set; }
+        public List<string> UserClaims { get; set; }
 
         public ApiScopeCreateDto()
         {
-            UserClaims = new List<ApiScopeClaimDto>();
+            UserClaims = new List<string>();
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiScopeDto.cs

@@ -16,11 +16,11 @@ namespace LINGYUN.Abp.IdentityServer.ApiResources
 
         public bool ShowInDiscoveryDocument { get; set; }
 
-        public List<ApiScopeClaimDto> UserClaims { get; set; }
+        public List<string> UserClaims { get; set; }
 
         public ApiScopeDto()
         {
-            UserClaims = new List<ApiScopeClaimDto>();
+            UserClaims = new List<string>();
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiScopeGetByNameInputDto.cs

@@ -1,16 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer.ApiResources;
-
-namespace LINGYUN.Abp.IdentityServer.ApiResources
-{
-    public class ApiScopeGetByNameInputDto
-    {
-        [Required]
-        public Guid ApiResourceId { get; set; }
-
-        [Required]
-        [StringLength(ApiScopeConsts.NameMaxLength)]
-        public string Name { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiSecretCreateDto.cs

@@ -1,33 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer;
-using Volo.Abp.Validation;
-
-namespace LINGYUN.Abp.IdentityServer.ApiResources
-{
-    public class ApiSecretCreateDto
-    {
-        [Required]
-        public Guid ApiResourceId { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.TypeMaxLength))]
-        public string Type { get; set; }
-
-        public HashType HashType { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.ValueMaxLength))]
-        public string Value { get; set; }
-
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.DescriptionMaxLength))]
-        public string Description { get; set; }
-
-        public DateTime? Expiration { get; set; }
-
-        public ApiSecretCreateDto()
-        {
-            HashType = 0;
-        }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiSecretCreateOrUpdateDto.cs

@@ -0,0 +1,7 @@
+namespace LINGYUN.Abp.IdentityServer.ApiResources
+{
+    public class ApiSecretCreateOrUpdateDto : SecretBaseDto
+    {
+        public HashType HashType { get; set; }
+    }
+}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/Dto/ApiSecretGetByTypeInputDto.cs

@@ -1,21 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer;
-using Volo.Abp.Validation;
-
-namespace LINGYUN.Abp.IdentityServer.ApiResources
-{
-    public class ApiSecretGetByTypeInputDto
-    {
-        [Required]
-        public Guid ApiResourceId { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.TypeMaxLength))]
-        public string Type { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.ValueMaxLength))]
-        public string Value { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/ApiResources/IApiResourceAppService.cs

@@ -1,27 +1,15 @@
-using System.Threading.Tasks;
-using Volo.Abp.Application.Dtos;
+using System;
 using Volo.Abp.Application.Services;
 
 namespace LINGYUN.Abp.IdentityServer.ApiResources
 {
-    public interface IApiResourceAppService : IApplicationService
+    public interface IApiResourceAppService : 
+        ICrudAppService<
+            ApiResourceDto,
+            Guid,
+            ApiResourceGetByPagedInputDto,
+            ApiResourceCreateDto,
+            ApiResourceUpdateDto>
     {
-        Task<ApiResourceDto> GetAsync(ApiResourceGetByIdInputDto apiResourceGetById);
-
-        Task<PagedResultDto<ApiResourceDto>> GetAsync(ApiResourceGetByPagedInputDto apiResourceGetByPaged);
-
-        Task<ApiResourceDto> CreateAsync(ApiResourceCreateDto apiResourceCreate);
-
-        Task<ApiResourceDto> UpdateAsync(ApiResourceUpdateDto apiResourceUpdate);
-
-        Task DeleteAsync(ApiResourceGetByIdInputDto apiResourceGetById);
-
-        Task<ApiSecretDto> AddSecretAsync(ApiSecretCreateDto apiSecretCreate);
-
-        Task DeleteSecretAsync(ApiSecretGetByTypeInputDto apiSecretGetByType);
-
-        Task<ApiScopeDto> AddScopeAsync(ApiScopeCreateDto apiScopeCreate);
-
-        Task DeleteScopeAsync(ApiScopeGetByNameInputDto apiScopeGetByName);
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientClaimCreateDto.cs

@@ -1,20 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer.Clients;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientClaimCreateDto
-    {
-        [Required]
-        public Guid ClientId { get; set; }
-
-        [Required]
-        [StringLength(ClientClaimConsts.TypeMaxLength)]
-        public string Type { get; set; }
-
-        [Required]
-        [StringLength(ClientClaimConsts.ValueMaxLength)]
-        public string Value { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientClaimGetByKeyInputDto.cs

@@ -1,20 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer.Clients;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientClaimGetByKeyInputDto
-    {
-        [Required]
-        public Guid ClientId { get; set; }
-
-        [Required]
-        [StringLength(ClientClaimConsts.TypeMaxLength)]
-        public string Type { get; set; }
-
-        [Required]
-        [StringLength(ClientClaimConsts.ValueMaxLength)]
-        public string Value { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientClaimUpdateDto.cs

@@ -1,20 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer.Clients;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientClaimUpdateDto
-    {
-        [Required]
-        public Guid ClientId { get; set; }
-
-        [Required]
-        [StringLength(ClientClaimConsts.TypeMaxLength)]
-        public string Type { get; set; }
-
-        [Required]
-        [StringLength(ClientClaimConsts.ValueMaxLength)]
-        public string Value { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientCloneInputDto.cs → aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientCloneDto.cs

@@ -1,16 +1,10 @@
-using System;
-using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations;
 using Volo.Abp.IdentityServer.Clients;
 
 namespace LINGYUN.Abp.IdentityServer.Clients
 {
-    public class ClientCloneInputDto
+    public class ClientCloneDto
     {
-        /// <summary>
-        /// 来源客户端标识
-        /// </summary>
-        [Required]
-        public Guid SourceClientId { get; set; }
         /// <summary>
         /// 客户端标识
         /// </summary>
@@ -45,6 +39,10 @@ namespace LINGYUN.Abp.IdentityServer.Clients
         /// </summary>
         public bool CopyClaim { get; set; }
         /// <summary>
+        /// 复制客户端密钥
+        /// </summary>
+        public bool CopySecret { get; set; }
+        /// <summary>
         /// 复制客户端跨域来源
         /// </summary>
         public bool CopyAllowedCorsOrigin { get; set; }
@@ -60,7 +58,7 @@ namespace LINGYUN.Abp.IdentityServer.Clients
         /// 复制客户端 IdP 限制
         /// </summary>
         public bool CopyIdentityProviderRestriction { get; set; }
-        public ClientCloneInputDto()
+        public ClientCloneDto()
         {
             CopyAllowedCorsOrigin = true;
             CopyAllowedGrantType = true;
@@ -70,6 +68,7 @@ namespace LINGYUN.Abp.IdentityServer.Clients
             CopyPostLogoutRedirectUri = true;
             CopyPropertie = true;
             CopyRedirectUri = true;
+            CopySecret = true;
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientCorsOriginDto.cs

@@ -1,9 +0,0 @@
-using Volo.Abp.Application.Dtos;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientCorsOriginDto : EntityDto
-    {
-        public string Origin { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientCreateDto.cs

@@ -1,26 +1,7 @@
-using System.Collections.Generic;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer.Clients;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
+namespace LINGYUN.Abp.IdentityServer.Clients
 {
-    public class ClientCreateDto
+    public class ClientCreateDto : ClientCreateOrUpdateDto
     {
-        [Required]
-        [StringLength(ClientConsts.ClientIdMaxLength)]
-        public string ClientId { get; set; }
-
-        [Required]
-        [StringLength(ClientConsts.ClientNameMaxLength)]
-        public string ClientName { get; set; }
-
-        [StringLength(ClientConsts.DescriptionMaxLength)]
-        public string Description { get; set; }
 
-        public List<ClientGrantTypeDto> AllowedGrantTypes { get; set; }
-        public ClientCreateDto()
-        {
-            AllowedGrantTypes = new List<ClientGrantTypeDto>();
-        }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientCreateOrUpdateDto.cs

@@ -0,0 +1,27 @@
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using Volo.Abp.IdentityServer.Clients;
+
+namespace LINGYUN.Abp.IdentityServer.Clients
+{
+    public class ClientCreateOrUpdateDto
+    {
+        [Required]
+        [StringLength(ClientConsts.ClientIdMaxLength)]
+        public string ClientId { get; set; }
+
+        [Required]
+        [StringLength(ClientConsts.ClientNameMaxLength)]
+        public string ClientName { get; set; }
+
+        [StringLength(ClientConsts.DescriptionMaxLength)]
+        public string Description { get; set; }
+
+        public List<string> AllowedGrantTypes { get; set; }
+
+        protected ClientCreateOrUpdateDto()
+        {
+            AllowedGrantTypes = new List<string>();
+        }
+    }
+}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientDto.cs

@@ -82,34 +82,34 @@ namespace LINGYUN.Abp.IdentityServer.Clients
 
         public string ConcurrencyStamp { get; set; }
 
-        public List<ClientScopeDto> AllowedScopes { get; set; }
+        public List<string> AllowedScopes { get; set; }
 
         public List<ClientSecretDto> ClientSecrets { get; set; }
 
-        public List<ClientGrantTypeDto> AllowedGrantTypes { get; set; }
+        public List<string> AllowedGrantTypes { get; set; }
 
-        public List<ClientCorsOriginDto> AllowedCorsOrigins { get; set; }
+        public List<string> AllowedCorsOrigins { get; set; }
 
-        public List<ClientRedirectUriDto> RedirectUris { get; set; }
+        public List<string> RedirectUris { get; set; }
 
-        public List<ClientPostLogoutRedirectUriDto> PostLogoutRedirectUris { get; set; }
+        public List<string> PostLogoutRedirectUris { get; set; }
 
-        public List<ClientIdPRestrictionDto> IdentityProviderRestrictions { get; set; }
+        public List<string> IdentityProviderRestrictions { get; set; }
 
         public List<ClientClaimDto> Claims { get; set; }
 
-        public List<ClientPropertyDto> Properties { get; set; }
+        public Dictionary<string, string> Properties { get; set; }
         public ClientDto()
         {
             Claims = new List<ClientClaimDto>();
-            Properties = new List<ClientPropertyDto>();
-            AllowedScopes = new List<ClientScopeDto>();
+            Properties = new Dictionary<string, string>();
+            AllowedScopes = new List<string>();
             ClientSecrets = new List<ClientSecretDto>();
-            RedirectUris = new List<ClientRedirectUriDto>();
-            AllowedGrantTypes = new List<ClientGrantTypeDto>();
-            AllowedCorsOrigins = new List<ClientCorsOriginDto>();
-            PostLogoutRedirectUris = new List<ClientPostLogoutRedirectUriDto>();
-            IdentityProviderRestrictions = new List<ClientIdPRestrictionDto>();
+            RedirectUris = new List<string>();
+            AllowedGrantTypes = new List<string>();
+            AllowedCorsOrigins = new List<string>();
+            PostLogoutRedirectUris = new List<string>();
+            IdentityProviderRestrictions = new List<string>();
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientGetByIdInputDto.cs

@@ -1,11 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientGetByIdInputDto
-    {
-        [Required]
-        public Guid Id { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientGetByPagedInputDto.cs → aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientGetByPagedDto.cs

@@ -2,7 +2,7 @@
 
 namespace LINGYUN.Abp.IdentityServer.Clients
 {
-    public class ClientGetByPagedInputDto : PagedAndSortedResultRequestDto
+    public class ClientGetByPagedDto : PagedAndSortedResultRequestDto
     {
         public string Filter { get; set; }
     }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientGrantTypeDto.cs

@@ -1,9 +0,0 @@
-using Volo.Abp.Application.Dtos;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientGrantTypeDto : EntityDto
-    {
-        public string GrantType { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientIdPRestrictionDto.cs

@@ -1,9 +0,0 @@
-using Volo.Abp.Application.Dtos;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientIdPRestrictionDto : EntityDto
-    {
-        public string Provider { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientPostLogoutRedirectUriDto.cs

@@ -1,9 +0,0 @@
-using Volo.Abp.Application.Dtos;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientPostLogoutRedirectUriDto : EntityDto
-    {
-        public string PostLogoutRedirectUri { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientPropertyCreateDto.cs

@@ -1,21 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer.Clients;
-using Volo.Abp.Validation;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientPropertyCreateDto
-    {
-        [Required]
-        public Guid ClientId { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(ClientPropertyConsts), nameof(ClientPropertyConsts.KeyMaxLength))]
-        public string Key { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(ClientPropertyConsts), nameof(ClientPropertyConsts.ValueMaxLength))]
-        public string Value { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientPropertyDto.cs

@@ -1,11 +0,0 @@
-using Volo.Abp.Application.Dtos;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientPropertyDto : EntityDto
-    {
-        public string Key { get; set; }
-
-        public string Value { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientPropertyGetByKeyDto.cs

@@ -1,21 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer.Clients;
-using Volo.Abp.Validation;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientPropertyGetByKeyDto
-    {
-        [Required]
-        public Guid ClientId { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(ClientPropertyConsts), nameof(ClientPropertyConsts.KeyMaxLength))]
-        public string Key { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(ClientPropertyConsts), nameof(ClientPropertyConsts.ValueMaxLength))]
-        public string Value { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientPropertyUpdateDto.cs

@@ -1,21 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer.Clients;
-using Volo.Abp.Validation;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientPropertyUpdateDto
-    {
-        [Required]
-        public Guid ClientId { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(ClientPropertyConsts), nameof(ClientPropertyConsts.KeyMaxLength))]
-        public string Key { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(ClientPropertyConsts), nameof(ClientPropertyConsts.ValueMaxLength))]
-        public string Value { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientRedirectUriDto.cs

@@ -1,9 +0,0 @@
-using Volo.Abp.Application.Dtos;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientRedirectUriDto : EntityDto
-    {
-        public string RedirectUri { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientScopeDto.cs

@@ -1,9 +0,0 @@
-using Volo.Abp.Application.Dtos;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientScopeDto : EntityDto
-    {
-        public string Scope { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientSecretCreateDto.cs

@@ -1,33 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer;
-using Volo.Abp.Validation;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientSecretCreateDto
-    {
-        [Required]
-        public Guid ClientId { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.TypeMaxLength))]
-        public string Type { get; set; }
-
-        public HashType HashType { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.ValueMaxLength))]
-        public string Value { get; set; }
-
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.DescriptionMaxLength))]
-        public string Description { get; set; }
-
-        public DateTime? Expiration { get; set; }
-
-        public ClientSecretCreateDto()
-        {
-            HashType = 0;
-        }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientSecretGetByTypeDto.cs

@@ -1,21 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer;
-using Volo.Abp.Validation;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientSecretGetByTypeDto
-    {
-        [Required]
-        public Guid ClientId { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.TypeMaxLength))]
-        public string Type { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.ValueMaxLength))]
-        public string Value { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientSecretUpdateDto.cs

@@ -1,28 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer;
-using Volo.Abp.Validation;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientSecretUpdateDto
-    {
-        [Required]
-        public Guid ClientId { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.TypeMaxLength))]
-        public string Type { get; set; }
-
-        public HashType HashType { get; set; }
-
-        [Required]
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.ValueMaxLength))]
-        public string Value { get; set; }
-
-        [DynamicStringLength(typeof(SecretConsts), nameof(SecretConsts.DescriptionMaxLength))]
-        public string Description { get; set; }
-
-        public DateTime? Expiration { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientUpdateDto.cs

@@ -4,20 +4,8 @@ using Volo.Abp.IdentityServer.Clients;
 
 namespace LINGYUN.Abp.IdentityServer.Clients
 {
-    public class ClientUpdateDto 
+    public class ClientUpdateDto : ClientCreateOrUpdateDto
     {
-        [Required]
-        [StringLength(1000)]
-        public string ConcurrencyStamp { get; set; }
-
-        [StringLength(ClientConsts.ClientIdMaxLength)]
-        public string ClientId { get; set; }
-
-        [StringLength(ClientConsts.ClientNameMaxLength)]
-        public string ClientName { get; set; }
-
-        [StringLength(ClientConsts.DescriptionMaxLength)]
-        public string Description { get; set; }
 
         [StringLength(ClientConsts.ClientUriMaxLength)]
         public string ClientUri { get; set; }
@@ -25,62 +13,62 @@ namespace LINGYUN.Abp.IdentityServer.Clients
         [StringLength(ClientConsts.LogoUriMaxLength)]
         public string LogoUri { get; set; }
 
-        public bool? Enabled { get; set; }
+        public bool Enabled { get; set; }
 
         [StringLength(ClientConsts.ProtocolTypeMaxLength)]
         public string ProtocolType { get; set; }
 
-        public bool? RequireClientSecret { get; set; }
+        public bool RequireClientSecret { get; set; }
 
-        public bool? RequireConsent { get; set; }
+        public bool RequireConsent { get; set; }
 
-        public bool? AllowRememberConsent { get; set; }
+        public bool AllowRememberConsent { get; set; }
 
-        public bool? AlwaysIncludeUserClaimsInIdToken { get; set; }
+        public bool AlwaysIncludeUserClaimsInIdToken { get; set; }
 
-        public bool? RequirePkce { get; set; }
+        public bool RequirePkce { get; set; }
 
-        public bool? AllowPlainTextPkce { get; set; }
+        public bool AllowPlainTextPkce { get; set; }
 
-        public bool? AllowAccessTokensViaBrowser { get; set; }
+        public bool AllowAccessTokensViaBrowser { get; set; }
 
         [StringLength(ClientConsts.FrontChannelLogoutUriMaxLength)]
         public string FrontChannelLogoutUri { get; set; }
 
-        public bool? FrontChannelLogoutSessionRequired { get; set; }
+        public bool FrontChannelLogoutSessionRequired { get; set; }
 
         [StringLength(ClientConsts.BackChannelLogoutUriMaxLength)]
         public string BackChannelLogoutUri { get; set; }
 
-        public bool? BackChannelLogoutSessionRequired { get; set; }
+        public bool BackChannelLogoutSessionRequired { get; set; }
 
-        public bool? AllowOfflineAccess { get; set; }
+        public bool AllowOfflineAccess { get; set; }
 
-        public int? IdentityTokenLifetime { get; set; }
+        public int IdentityTokenLifetime { get; set; }
 
-        public int? AccessTokenLifetime { get; set; }
+        public int AccessTokenLifetime { get; set; }
 
-        public int? AuthorizationCodeLifetime { get; set; }
+        public int AuthorizationCodeLifetime { get; set; }
 
         public int? ConsentLifetime { get; set; }
 
-        public int? AbsoluteRefreshTokenLifetime { get; set; }
+        public int AbsoluteRefreshTokenLifetime { get; set; }
 
-        public int? SlidingRefreshTokenLifetime { get; set; }
+        public int SlidingRefreshTokenLifetime { get; set; }
 
-        public int? RefreshTokenUsage { get; set; }
+        public int RefreshTokenUsage { get; set; }
 
-        public bool? UpdateAccessTokenClaimsOnRefresh { get; set; }
+        public bool UpdateAccessTokenClaimsOnRefresh { get; set; }
 
-        public int? RefreshTokenExpiration { get; set; }
+        public int RefreshTokenExpiration { get; set; }
 
-        public int? AccessTokenType { get; set; }
+        public int AccessTokenType { get; set; }
 
-        public bool? EnableLocalLogin { get; set; }
+        public bool EnableLocalLogin { get; set; }
 
-        public bool? IncludeJwtId { get; set; }
+        public bool IncludeJwtId { get; set; }
 
-        public bool? AlwaysSendClientClaims { get; set; }
+        public bool AlwaysSendClientClaims { get; set; }
 
         [StringLength(ClientConsts.ClientClaimsPrefixMaxLength)]
         public string ClientClaimsPrefix { get; set; }
@@ -93,29 +81,52 @@ namespace LINGYUN.Abp.IdentityServer.Clients
         [StringLength(ClientConsts.UserCodeTypeMaxLength)]
         public string UserCodeType { get; set; }
 
-        public int? DeviceCodeLifetime { get; set; }
-
-        public List<ClientScopeDto> AllowedScopes { get; set; }
-
-        public List<ClientGrantTypeDto> AllowedGrantTypes { get; set; }
-
-        public List<ClientCorsOriginDto> AllowedCorsOrigins { get; set; }
-
-        public List<ClientRedirectUriDto> RedirectUris { get; set; }
-
-        public List<ClientPostLogoutRedirectUriDto> PostLogoutRedirectUris { get; set; }
+        public int DeviceCodeLifetime { get; set; }
+        /// <summary>
+        /// 允许的作用域
+        /// </summary>
+        public List<string> AllowedScopes { get; set; }
+        /// <summary>
+        /// 允许同源
+        /// </summary>
+        public List<string> AllowedCorsOrigins { get; set; }
+        /// <summary>
+        /// 重定向uri
+        /// </summary>
+        public List<string> RedirectUris { get; set; }
+        /// <summary>
+        /// 登出重定向uri
+        /// </summary>
+        public List<string> PostLogoutRedirectUris { get; set; }
+        /// <summary>
+        /// 限制提供商
+        /// </summary>
+        public List<string> IdentityProviderRestrictions { get; set; }
+        /// <summary>
+        /// 属性
+        /// </summary>
+        public Dictionary<string, string> Properties { get; set; }
+        /// <summary>
+        /// 密钥
+        /// </summary>
+        public List<SecretCreateOrUpdateDto> Secrets { get; set; }
+        /// <summary>
+        /// 声明
+        /// </summary>
+        public List<ClientClaimDto> Claims { get; set; }
 
-        public List<ClientIdPRestrictionDto> IdentityProviderRestrictions { get; set; }
         public ClientUpdateDto()
         {
             Enabled = true;
             DeviceCodeLifetime = 300;
-            AllowedScopes = new List<ClientScopeDto>();
-            RedirectUris = new List<ClientRedirectUriDto>();
-            AllowedGrantTypes = new List<ClientGrantTypeDto>();
-            AllowedCorsOrigins = new List<ClientCorsOriginDto>();
-            PostLogoutRedirectUris = new List<ClientPostLogoutRedirectUriDto>();
-            IdentityProviderRestrictions = new List<ClientIdPRestrictionDto>();
+            AllowedScopes = new List<string>();
+            RedirectUris = new List<string>();
+            AllowedCorsOrigins = new List<string>();
+            PostLogoutRedirectUris = new List<string>();
+            IdentityProviderRestrictions = new List<string>();
+            Properties = new Dictionary<string, string>();
+            Secrets = new List<SecretCreateOrUpdateDto>();
+            Claims = new List<ClientClaimDto>();
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/ClientUpdateInputDto.cs

@@ -1,19 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-
-namespace LINGYUN.Abp.IdentityServer.Clients
-{
-    public class ClientUpdateInputDto
-    {
-        [Required]
-        public Guid Id { get; set; }
-
-        [Required]
-        public ClientUpdateDto Client { get; set; }
-
-        public ClientUpdateInputDto()
-        {
-            Client = new ClientUpdateDto();
-        }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/Dto/SecretCreateOrUpdateDto.cs

@@ -0,0 +1,7 @@
+namespace LINGYUN.Abp.IdentityServer.Clients
+{
+    public class SecretCreateOrUpdateDto : SecretBaseDto
+    {
+        public HashType HashType { get; set; }
+    }
+}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Clients/IClientAppService.cs

@@ -1,39 +1,24 @@
-using System.Threading.Tasks;
+using System;
+using System.Threading.Tasks;
 using Volo.Abp.Application.Dtos;
 using Volo.Abp.Application.Services;
 
 namespace LINGYUN.Abp.IdentityServer.Clients
 {
-    public interface IClientAppService : IApplicationService
+    public interface IClientAppService : 
+        ICrudAppService<
+            ClientDto,
+            Guid,
+            ClientGetByPagedDto,
+            ClientCreateDto,
+            ClientUpdateDto>
     {
-        Task<ClientDto> GetAsync(ClientGetByIdInputDto clientGetById);
+        Task<ClientDto> CloneAsync(Guid id, ClientCloneDto input);
 
-        Task<PagedResultDto<ClientDto>> GetAsync(ClientGetByPagedInputDto clientGetByPaged);
+        Task<ListResultDto<string>> GetAssignableApiResourcesAsync();
 
-        Task<ClientDto> CreateAsync(ClientCreateDto clientCreate);
+        Task<ListResultDto<string>> GetAssignableIdentityResourcesAsync();
 
-        Task<ClientDto> UpdateAsync(ClientUpdateInputDto clientUpdateInput);
-
-        Task<ClientDto> CloneAsync(ClientCloneInputDto clientCloneInput);
-
-        Task DeleteAsync(ClientGetByIdInputDto clientGetByIdInput);
-
-        Task<ClientClaimDto> AddClaimAsync(ClientClaimCreateDto clientClaimCreate);
-
-        Task<ClientClaimDto> UpdateClaimAsync(ClientClaimUpdateDto clientClaimUpdate);
-
-        Task DeleteClaimAsync(ClientClaimGetByKeyInputDto clientClaimGetByKey);
-
-        Task<ClientPropertyDto> AddPropertyAsync(ClientPropertyCreateDto clientPropertyCreate);
-
-        Task<ClientPropertyDto> UpdatePropertyAsync(ClientPropertyUpdateDto clientPropertyUpdate);
-
-        Task DeletePropertyAsync(ClientPropertyGetByKeyDto clientPropertyGetByKey);
-
-        Task<ClientSecretDto> AddSecretAsync(ClientSecretCreateDto clientSecretCreate);
-
-        Task<ClientSecretDto> UpdateSecretAsync(ClientSecretUpdateDto clientSecretUpdate);
-
-        Task DeleteSecretAsync(ClientSecretGetByTypeDto clientSecretGetByType);
+        Task<ListResultDto<string>> GetAllDistinctAllowedCorsOriginsAsync();
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/Dto/IdentityClaimDto.cs

@@ -1,7 +0,0 @@
-namespace LINGYUN.Abp.IdentityServer.IdentityResources
-{
-    public class IdentityClaimDto
-    {
-        public string Type { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/Dto/IdentityResourceCreateDto.cs → aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/Dto/IdentityResourceCreateOrUpdateDto.cs

@@ -5,7 +5,7 @@ using Volo.Abp.Validation;
 
 namespace LINGYUN.Abp.IdentityServer.IdentityResources
 {
-    public class IdentityResourceCreateDto
+    public class IdentityResourceCreateOrUpdateDto
     {
         [Required]
         [DynamicStringLength(typeof(IdentityResourceConsts), nameof(IdentityResourceConsts.NameMaxLength))]
@@ -25,14 +25,18 @@ namespace LINGYUN.Abp.IdentityServer.IdentityResources
 
         public bool ShowInDiscoveryDocument { get; set; }
 
-        public List<IdentityClaimDto> UserClaims { get; set; }
+        public List<string> UserClaims { get; set; }
 
-        public IdentityResourceCreateDto()
+        public Dictionary<string, string> Properties { get; set; }
+
+        public IdentityResourceCreateOrUpdateDto()
         {
+            UserClaims = new List<string>();
+            Properties = new Dictionary<string, string>();
+
             Enabled = true;
             Required = false;
             ShowInDiscoveryDocument = false;
-            UserClaims = new List<IdentityClaimDto>();
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/Dto/IdentityResourceDto.cs

@@ -1,23 +1,17 @@
 using System;
 using System.Collections.Generic;
-using System.ComponentModel.DataAnnotations;
 using Volo.Abp.Application.Dtos;
-using Volo.Abp.IdentityServer.IdentityResources;
 
 namespace LINGYUN.Abp.IdentityServer.IdentityResources
 {
-    public class IdentityResourceDto : FullAuditedEntityDto<Guid>
+    public class IdentityResourceDto : ExtensibleFullAuditedEntityDto<Guid>
     {
         public string Name { get; set; }
-
         
         public string DisplayName { get; set; }
-
         
         public string Description { get; set; }
 
-        public string ConcurrencyStamp { get; set; }
-
         public bool Enabled { get; set; }
 
         public bool Required { get; set; }
@@ -26,14 +20,14 @@ namespace LINGYUN.Abp.IdentityServer.IdentityResources
 
         public bool ShowInDiscoveryDocument { get; set; }
 
-        public List<IdentityClaimDto> UserClaims { get; set; }
+        public List<string> UserClaims { get; set; }
 
-        public List<IdentityResourcePropertyDto> Properties { get; set; }
+        public Dictionary<string, string> Properties { get; set; }
 
         public IdentityResourceDto()
         {
-            UserClaims = new List<IdentityClaimDto>();
-            Properties = new List<IdentityResourcePropertyDto>();
+            UserClaims = new List<string>();
+            Properties = new Dictionary<string, string>();
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/Dto/IdentityResourceGetByIdInputDto.cs

@@ -1,9 +0,0 @@
-using System;
-using Volo.Abp.Application.Dtos;
-
-namespace LINGYUN.Abp.IdentityServer.IdentityResources
-{
-    public class IdentityResourceGetByIdInputDto : EntityDto<Guid>
-    {
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/Dto/IdentityResourceGetByPagedInputDto.cs → aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/Dto/IdentityResourceGetByPagedDto.cs

@@ -2,7 +2,7 @@
 
 namespace LINGYUN.Abp.IdentityServer.IdentityResources
 {
-    public class IdentityResourceGetByPagedInputDto : PagedAndSortedResultRequestDto
+    public class IdentityResourceGetByPagedDto : PagedAndSortedResultRequestDto
     {
         public string Filter { get; set; }
     }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/Dto/IdentityResourcePropertyCreateDto.cs

@@ -1,23 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-
-namespace LINGYUN.Abp.IdentityServer.IdentityResources
-{
-    public class IdentityResourcePropertyCreateDto
-    {
-        [Required]
-        public Guid IdentityResourceId { get; set; }
-
-        [Required]
-        [StringLength(2000)]
-        public string ConcurrencyStamp { get; set; }
-
-        [Required]
-        [StringLength(100)]
-        public string Key { get; set; }
-
-        [Required]
-        [StringLength(2000)]
-        public string Value { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/Dto/IdentityResourcePropertyDto.cs

@@ -1,9 +0,0 @@
-namespace LINGYUN.Abp.IdentityServer.IdentityResources
-{
-    public class IdentityResourcePropertyDto
-    {
-        public string Key { get; set; }
-
-        public string Value { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/Dto/IdentityResourcePropertyGetByKeyDto.cs

@@ -1,15 +0,0 @@
-using System;
-using System.ComponentModel.DataAnnotations;
-
-namespace LINGYUN.Abp.IdentityServer.IdentityResources
-{
-    public class IdentityResourcePropertyGetByKeyDto
-    {
-        [Required]
-        public Guid IdentityResourceId { get; set; }
-
-        [Required]
-        [StringLength(100)]
-        public string Key { get; set; }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/Dto/IdentityResourceUpdateDto.cs

@@ -1,45 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.ComponentModel.DataAnnotations;
-using Volo.Abp.IdentityServer.IdentityResources;
-using Volo.Abp.Validation;
-
-namespace LINGYUN.Abp.IdentityServer.IdentityResources
-{
-    public class IdentityResourceUpdateDto
-    {
-        [Required]
-        public Guid Id { get; set; }
-
-        [Required]
-        [StringLength(2000)]
-        public string ConcurrencyStamp { get; set; }
-
-        [DynamicStringLength(typeof(IdentityResourceConsts), nameof(IdentityResourceConsts.NameMaxLength))]
-        public string Name { get; set; }
-
-        [DynamicStringLength(typeof(IdentityResourceConsts), nameof(IdentityResourceConsts.DisplayNameMaxLength))]
-        public string DisplayName { get; set; }
-
-        [DynamicStringLength(typeof(IdentityResourceConsts), nameof(IdentityResourceConsts.DescriptionMaxLength))]
-        public string Description { get; set; }
-
-        public bool Enabled { get; set; }
-
-        public bool Required { get; set; }
-
-        public bool Emphasize { get; set; }
-
-        public bool ShowInDiscoveryDocument { get; set; }
-
-        public List<IdentityClaimDto> UserClaims { get; set; }
-
-        public IdentityResourceUpdateDto()
-        {
-            Enabled = true;
-            Required = false;
-            ShowInDiscoveryDocument = false;
-            UserClaims = new List<IdentityClaimDto>();
-        }
-    }
-}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/IdentityResources/IIdentityResourceAppService.cs

@@ -1,23 +1,16 @@
-using System.Threading.Tasks;
-using Volo.Abp.Application.Dtos;
+using System;
 using Volo.Abp.Application.Services;
 
 namespace LINGYUN.Abp.IdentityServer.IdentityResources
 {
-    public interface IIdentityResourceAppService : IApplicationService
+    public interface IIdentityResourceAppService : 
+        ICrudAppService<
+            IdentityResourceDto,
+            Guid,
+            IdentityResourceGetByPagedDto,
+            IdentityResourceCreateOrUpdateDto,
+            IdentityResourceCreateOrUpdateDto
+            >
     {
-        Task<IdentityResourceDto> GetAsync(IdentityResourceGetByIdInputDto identityResourceGetById);
-
-        Task<PagedResultDto<IdentityResourceDto>> GetAsync(IdentityResourceGetByPagedInputDto identityResourceGetByPaged);
-
-        Task<IdentityResourceDto> CreateAsync(IdentityResourceCreateDto identityResourceCreate);
-
-        Task<IdentityResourceDto> UpdateAsync(IdentityResourceUpdateDto identityResourceUpdate);
-
-        Task DeleteAsync(IdentityResourceGetByIdInputDto identityResourceGetById);
-
-        Task<IdentityResourcePropertyDto> AddPropertyAsync(IdentityResourcePropertyCreateDto identityResourcePropertyCreate);
-
-        Task DeletePropertyAsync(IdentityResourcePropertyGetByKeyDto identityResourcePropertyGetByKey);
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Localization/Resources/en.json

@@ -5,19 +5,15 @@
     "Permissions:Create": "Create",
     "Permissions:Update": "Update",
     "Permissions:Clone": "Clone",
-    "Permissions:Enabled": "Enabled",
-    "Permissions:Disabled": "Disabled",
     "Permissions:Delete": "Delete",
+    "Permissions:ManageClaims": "Claims",
+    "Permissions:ManageSecrets": "Secrets",
+    "Permissions:ManageScopes": "Scopes",
+    "Permissions:ManageProperties": "Properties",
     "Permissions:ManagePermissions": "Permissions",
     "Permissions:Clients": "Clients",
-    "Permissions:Clients:Claims": "Client claim",
-    "Permissions:Clients:Secrets": "Client secret",
-    "Permissions:Clients:Properties": "Client property",
     "Permissions:ApiResources": "ApiResources",
-    "Permissions:ApiResources:Scope": "Api scope",
-    "Permissions:ApiResources:Secrets": "Api secret",
     "Permissions:IdentityResources": "IdentityResources",
-    "Permissions:IdentityResources:Properties": "Identity property",
     "ClientIdExisted": "Client id: {0} already exists!",
     "ApiResourceNameExisted": "Api resource name: {0} already exists!",
     "IdentityResourceNameExisted": "Identity resource name: {0} already exists!",
@@ -26,6 +22,106 @@
     "ClientSecretNotFound": "Client secret: {0} not found!",
     "ClientPropertyNotFound": "Client property: {0} not found!",
     "IdentityResourcePropertyNotFound": "Identity resource property: {0} not found!",
-    "EncryptionNotImplemented": "Encryption type: {0} not implemented!"
+    "EncryptionNotImplemented": "Encryption type: {0} not implemented!",
+    "Basics": "Basics",
+    "Authentication": "Authentication",
+    "Token": "Token",
+    "Consent": "Consent",
+    "DeviceFlow": "Device Flow",
+    "Advanced": "Advanced",
+    "Resource:Enabled": "Enabled",
+    "Resource:New": "Add New",
+    "Resource:Edit": "Edit",
+    "Resource:Delete": "Delete",
+    "Resource:WillDelete": "Resource :{0} will be deleted",
+    "Resource:Name": "Resource - {0}",
+    "Resource:Api": "Api Resource",
+    "Resource:Identity": "Identity Resource",
+    "UserClaim": "User claim",
+    "NoClaim": "Owned claims",
+    "ExistsClaim": "Not owned claims",
+    "Scope": "Scopes",
+    "Secret": "Secrets",
+    "Name": "Name",
+    "DisplayName": "Display Name",
+    "Description": "Description",
+    "Required": "Required",
+    "Emphasize": "Emphasize",
+    "ShowInDiscoveryDocument": "Show In Discovery Document",
+    "Expiration": "Expiration",
+    "Scope:New": "Add New",
+    "Scope:Delete": "Delete",
+    "Secret:New": "Add New",
+    "Secret:Type": "Type",
+    "Secret:HashType": "Hash Type",
+    "Secret:HashTypeOnlySharedSecret": "The hash type applies only to the SharedSecret type",
+    "Secret:Value": "Value",
+    "Client:Enabled": "Enabled",
+    "Client:New": "Add New",
+    "Client:Edit": "Edit",
+    "Client:Delete": "Delete",
+    "Client:WillDelete": "Client :{0} will be deleted",
+    "Client:Name": "Client - {0}",
+    "Client:Id": "Client Id",
+    "Client:Clone": "Clone",
+    "Clone:CopyAllowedGrantType": "Copy the Client allowed GrantType",
+    "Clone:CopyRedirectUri": "Copy the Client redirect Uri",
+    "Clone:CopyAllowedScope": "Copy the Client scopes",
+    "Clone:CopyClaim": "Copy the Client claims",
+    "Clone:CopySecret": "Copy the Client secrets",
+    "Clone:CopyAllowedCorsOrigin": "Copy the Client Cors-Origin Uri",
+    "Clone:CopyPostLogoutRedirectUri": "Copy the Client Redirect Uri",
+    "Clone:CopyProperties": "Copy the Client Properties",
+    "Clone:CopyIdentityProviderRestriction": "Copy the Client Identity Provider Restriction",
+    "Client:ProtocolType": "Protocol Type",
+    "Client:RequiredClientSecret": "Require Client Secret",
+    "Client:RequiredPkce": "Required Pkce",
+    "Client:AllowedPlainTextPkce": "Allowed Plain Text Pkce",
+    "Client:AllowedOfflineAccess": "Allowed Offline Access",
+    "Client:AllowedScopes": "Allowed Scopes",
+    "Client:RedirectUris": "Redirect Uris",
+    "Client:AllowedGrantTypes": "Allowed Grant Types",
+    "Client:AllowedAccessTokensViaBrowser": "Allowed Access Tokens Via Browser",
+    "Client:IdentityTokenLifetime": "Identity Token Lifetime(s)",
+    "Client:AccessTokenLifetime": "Access Token Lifetime(s)",
+    "Client:AuthorizationCodeLifetime": "Authorization Code Lifetime(s)",
+    "Client:AbsoluteRefreshTokenLifetime": "Absolute Refresh Token Lifetime(s)",
+    "Client:SlidingRefreshTokenLifetime": "Sliding Refresh Token Lifetime(s)",
+    "Client:DeviceCodeLifetime": "Device Code Lifetime(s)",
+    "Client:ClientClaimsPrefix": "Client Claims Prefix",
+    "Client:FrontChannelLogoutUri": "Front Channel Logout Uri",
+    "Client:FrontChannelLogoutSessionRequired": "Front Channel Logout Session Required",
+    "Client:BackChannelLogoutUri": "Back Channel Logout Uri",
+    "Client:BackChannelLogoutSessionRequired": "Back Channel Logout Session Required",
+    "Client:EnableLocalLogin": "Enable Local Login",
+    "Client:PostLogoutRedirectUris": "Post Logout Redirect Uris",
+    "Client:IdentityProviderRestrictions": "Identity Provider Restrictions",
+    "Client:UserSsoLifetime": "User Sso Lifetime",
+    "Client:AccessTokenType": "AccessToken Type",
+    "Client:RefreshTokenUsage": "Refresh Token Usage",
+    "Client:RefreshTokenExpiration": "RefreshToken Expiration",
+    "Client:AllowedCorsOrigins": "Allowed Cors Origins",
+    "Client:UpdateAccessTokenClaimsOnRefresh": "Update AccessToken Claims On Refresh",
+    "Client:IncludeJwtId": "Include Jwt Id",
+    "Client:AlwaysSendClientClaims": "Always Send Client Claims",
+    "Client:AlwaysIncludeUserClaimsInIdToken": "Always Include User Claims In Id Token",
+    "Client:PairWiseSubjectSalt": "Pair Wise Subject Salt",
+    "Client:RequireConsent": "Require Consent",
+    "Client:AllowRememberConsent": "Allow Remember Consent",
+    "Client:ClientUri": "Client Uri",
+    "Client:LogoUri": "Logo Uri",
+    "Client:UserCodeType": "User Code Type",
+    "Claims": "Claims",
+    "Claims:New": "Add New",
+    "Claims:Delete": "Delete",
+    "Claims:Type": "Type",
+    "Claims:Value": "Value",
+    "Propertites": "Propertites",
+    "Propertites:New": "Add New",
+    "Propertites:Key": "Key",
+    "Propertites:Value": "Value",
+    "Propertites:Delete": "Delete",
+    "Propertites:DuplicateKey": "Property already exists and cannot add duplicates!",
+    "Permissions": "Permissions"
   }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/Localization/Resources/zh-Hans.json

@@ -5,19 +5,15 @@
     "Permissions:Create": "新增",
     "Permissions:Update": "修改",
     "Permissions:Clone": "克隆",
-    "Permissions:Enabled": "启用",
-    "Permissions:Disabled": "停用",
     "Permissions:Delete": "删除",
+    "Permissions:ManageClaims": "管理声明",
+    "Permissions:ManageSecrets": "管理密钥",
+    "Permissions:ManageScopes": "管理作用域",
+    "Permissions:ManageProperties": "管理属性",
     "Permissions:ManagePermissions": "更改权限",
     "Permissions:Clients": "客户端管理",
-    "Permissions:Clients:Secrets": "客户端密钥",
-    "Permissions:Clients:Properties": "客户端属性",
-    "Permissions:Clients:Claims": "客户端声明",
     "Permissions:ApiResources": "Api资源管理",
-    "Permissions:ApiResources:Scope": "授权范围",
-    "Permissions:ApiResources:Secrets": "Api密钥",
     "Permissions:IdentityResources": "身份资源管理",
-    "Permissions:IdentityResources:Properties": "身份资源属性",
     "ClientIdExisted": "客户端标识: {0} 已经存在!",
     "ApiResourceNameExisted": "Api资源: {0} 已经存在!",
     "IdentityResourceNameExisted": "身份资源: {0} 已经存在!",
@@ -26,6 +22,106 @@
     "ClientSecretNotFound": "客户端密钥: {0} 不存在!",
     "ClientPropertyNotFound": "客户端属性: {0} 不存在!",
     "IdentityResourcePropertyNotFound": "身份资源属性: {0} 不存在!",
-    "EncryptionNotImplemented":  "加密类型: {0} 未实现!"
+    "EncryptionNotImplemented": "加密类型: {0} 未实现!",
+    "Basics": "基本信息",
+    "Authentication": "认证/注销",
+    "Token": "令牌",
+    "Consent": "同意屏幕",
+    "DeviceFlow": "设备流程",
+    "Advanced": "高级",
+    "Resource:Enabled": "启用资源",
+    "Resource:New": "添加新资源",
+    "Resource:Edit": "编辑资源",
+    "Resource:Delete": "删除资源",
+    "Resource:WillDelete": "资源:{0} 将被删除",
+    "Resource:Name": "资源 - {0}",
+    "Resource:Api": "Api 资源",
+    "Resource:Identity": "身份资源",
+    "UserClaim": "用户声明",
+    "NoClaim": "未拥有声明",
+    "ExistsClaim": "已拥有声明",
+    "Scope": "作用域",
+    "Secret": "密钥",
+    "Name": "名称",
+    "DisplayName": "显示名称",
+    "Description": "描述",
+    "Required": "必要",
+    "Emphasize": "强调",
+    "ShowInDiscoveryDocument": "在发现文档中显示",
+    "Expiration": "过期",
+    "Scope:New": "添加新作用域",
+    "Scope:Delete": "删除作用域",
+    "Secret:New": "添加新密钥",
+    "Secret:Type": "密钥类型",
+    "Secret:HashType": "哈希类型",
+    "Secret:HashTypeOnlySharedSecret": "哈希类型仅适用于 SharedSecret 类型",
+    "Secret:Value": "值",
+    "Client:Enabled": "启用客户端",
+    "Client:New": "添加新客户端",
+    "Client:Edit": "编辑客户端",
+    "Client:Delete": "删除客户端",
+    "Client:WillDelete": "客户端:{0} 将被删除",
+    "Client:Name": "客户端 - {0}",
+    "Client:Id": "客户端标识",
+    "Client:Clone": "克隆客户端",
+    "Clone:CopyAllowedGrantType": "复制客户端授权类型",
+    "Clone:CopyRedirectUri": "复制客户端重定向 Uri",
+    "Clone:CopyAllowedScope": "复制客户端作用域",
+    "Clone:CopyClaim": "复制客户端声明",
+    "Clone:CopySecret": "复制客户端密钥",
+    "Clone:CopyAllowedCorsOrigin": "复制客户端跨域来源",
+    "Clone:CopyPostLogoutRedirectUri": "复制客户端注销重定向 Uri",
+    "Clone:CopyProperties": "复制客户端属性",
+    "Clone:CopyIdentityProviderRestriction": "复制身份提供程序限制",
+    "Client:ProtocolType": "协议类型",
+    "Client:RequiredClientSecret": "需要客户端密钥",
+    "Client:RequiredPkce": "需要 Pkce",
+    "Client:AllowedPlainTextPkce": "允许纯文本 Pkce",
+    "Client:AllowedOfflineAccess": "允许离线访问",
+    "Client:AllowedScopes": "允许的作用域",
+    "Client:RedirectUris": "重定向 Uri",
+    "Client:AllowedGrantTypes": "允许的授权类型",
+    "Client:AllowedAccessTokensViaBrowser": "允许通过浏览器访问令牌",
+    "Client:IdentityTokenLifetime": "身份令牌有效期(s)",
+    "Client:AccessTokenLifetime": "访问令牌有效期(s)",
+    "Client:AuthorizationCodeLifetime": "授权码有效期(s)",
+    "Client:AbsoluteRefreshTokenLifetime": "绝对刷新令牌有效期(s)",
+    "Client:SlidingRefreshTokenLifetime": "滚动刷新令牌有效期(s)",
+    "Client:DeviceCodeLifetime": "设备授权码有效期(s)",
+    "Client:ClientClaimsPrefix": "客户端声明前缀",
+    "Client:FrontChannelLogoutUri": "前端通道注销 Uri",
+    "Client:FrontChannelLogoutSessionRequired": "需要前端通道注销会话",
+    "Client:BackChannelLogoutUri": "后端通道退出 Uri",
+    "Client:BackChannelLogoutSessionRequired": "需要后端通道注销会话",
+    "Client:EnableLocalLogin": "启用本地登录",
+    "Client:PostLogoutRedirectUris": "注销重定向 Uri",
+    "Client:IdentityProviderRestrictions": "身份提供程序限制",
+    "Client:UserSsoLifetime": "用户 SSO 生命周期",
+    "Client:AccessTokenType": "访问令牌类型",
+    "Client:RefreshTokenUsage": "刷新令牌使用情况",
+    "Client:RefreshTokenExpiration": "刷新令牌过期方式",
+    "Client:AllowedCorsOrigins": "允许跨域来源",
+    "Client:UpdateAccessTokenClaimsOnRefresh": "刷新时更新访问令牌声明",
+    "Client:IncludeJwtId": "包括 Jwt 标识",
+    "Client:AlwaysSendClientClaims": "始终发送客户端声明",
+    "Client:AlwaysIncludeUserClaimsInIdToken": "始终在标识令牌中包含用户声明",
+    "Client:PairWiseSubjectSalt": "配对主体盐",
+    "Client:RequireConsent": "需要同意",
+    "Client:AllowRememberConsent": "允许记住同意",
+    "Client:ClientUri": "客户端 Uri",
+    "Client:LogoUri": "徽标 Uri",
+    "Client:UserCodeType": "用户代码类型",
+    "Claims": "声明",
+    "Claims:New": "添加新声明",
+    "Claims:Delete": "删除声明",
+    "Claims:Type": "声明类型",
+    "Claims:Value": "值",
+    "Propertites": "属性",
+    "Propertites:New": "添加新属性",
+    "Propertites:Key": "属性名称",
+    "Propertites:Value": "值",
+    "Propertites:Delete": "删除属性",
+    "Propertites:DuplicateKey": "属性已经存在,不能添加重复项!",
+    "Permissions": "权限"
   }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/LINGYUN/Abp/IdentityServer/SecretBaseDto.cs

@@ -1,9 +1,8 @@
 using System;
-using Volo.Abp.Application.Dtos;
 
 namespace LINGYUN.Abp.IdentityServer
 {
-    public abstract class SecretBaseDto : EntityDto
+    public class SecretBaseDto
     {
         public string Type { get; set; }
 

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application/LINGYUN/Abp/IdentityServer/AbpIdentityServerAppServiceBase.cs

@@ -1,13 +1,22 @@
-using Volo.Abp.Application.Services;
+using System.Threading.Tasks;
+using Volo.Abp.Application.Services;
+using Volo.Abp.Authorization.Permissions;
 using Volo.Abp.IdentityServer.Localization;
 
 namespace LINGYUN.Abp.IdentityServer
 {
     public abstract class AbpIdentityServerAppServiceBase : ApplicationService
     {
+        private IPermissionChecker _permissionChecker;
+        protected IPermissionChecker PermissionChecker => LazyGetRequiredService(ref _permissionChecker);
         protected AbpIdentityServerAppServiceBase()
         {
             LocalizationResource = typeof(AbpIdentityServerResource);
         }
+
+        protected virtual async Task<bool> IsGrantAsync(string policy)
+        {
+            return await PermissionChecker.IsGrantedAsync(policy);
+        }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application/LINGYUN/Abp/IdentityServer/AbpIdentityServerAutoMapperProfile.cs

@@ -3,6 +3,7 @@ using LINGYUN.Abp.IdentityServer.ApiResources;
 using LINGYUN.Abp.IdentityServer.Clients;
 using LINGYUN.Abp.IdentityServer.IdentityResources;
 using System.Collections.Generic;
+using System.Linq;
 using Volo.Abp.IdentityServer.ApiResources;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.IdentityResources;
@@ -15,36 +16,33 @@ namespace LINGYUN.Abp.IdentityServer
         {
             CreateMap<ClientSecret, ClientSecretDto>();
             CreateMap<ClientClaim, ClientClaimDto>();
-            CreateMap<ClientCorsOrigin, ClientCorsOriginDto>();
-            CreateMap<ClientGrantType, ClientGrantTypeDto>();
-            CreateMap<ClientIdPRestriction, ClientIdPRestrictionDto>();
-            CreateMap<ClientPostLogoutRedirectUri, ClientPostLogoutRedirectUriDto>();
-            CreateMap<ClientProperty, ClientPropertyDto>();
-            CreateMap<ClientRedirectUri, ClientRedirectUriDto>();
-            CreateMap<ClientScope, ClientScopeDto>();
-            CreateMap<Client, ClientDto>();
+            CreateMap<List<ClientProperty>, Dictionary<string, string>>()
+                .ConstructUsing((props, ctx) =>
+                {
+                    var properties = new Dictionary<string, string>();
+                    foreach (var prop in props)
+                    {
+                        properties.Add(prop.Key, prop.Value);
+                    }
+                    return properties;
+                });
+            CreateMap<Client, ClientDto>()
+                .ForMember(dto => dto.AllowedCorsOrigins, map => map.MapFrom(client => client.AllowedCorsOrigins.Select(origin => origin.Origin).ToList()))
+                .ForMember(dto => dto.AllowedGrantTypes, map => map.MapFrom(client => client.AllowedGrantTypes.Select(grantType => grantType.GrantType).ToList()))
+                .ForMember(dto => dto.AllowedScopes, map => map.MapFrom(client => client.AllowedScopes.Select(scope => scope.Scope).ToList()))
+                .ForMember(dto => dto.IdentityProviderRestrictions, map => map.MapFrom(client => client.IdentityProviderRestrictions.Select(provider => provider.Provider).ToList()))
+                .ForMember(dto => dto.PostLogoutRedirectUris, map => map.MapFrom(client => client.PostLogoutRedirectUris.Select(uri => uri.PostLogoutRedirectUri).ToList()))
+                .ForMember(dto => dto.RedirectUris, map => map.MapFrom(client => client.RedirectUris.Select(uri => uri.RedirectUri).ToList()));
 
             CreateMap<ApiSecret, ApiSecretDto>();
             CreateMap<ApiScope, ApiScopeDto>();
-            CreateMap<ApiScopeClaim, ApiScopeClaimDto>();
-            CreateMap<ApiResourceClaim, ApiResourceClaimDto>();
-            CreateMap<ApiResource, ApiResourceDto>();
+            CreateMap<ApiResource, ApiResourceDto>()
+                .ForMember(dto => dto.UserClaims, map => map.MapFrom(src => src.UserClaims.Select(claim => claim.Type).ToList()))
+                .MapExtraProperties();
 
-            CreateMap<IdentityClaim, IdentityClaimDto>();
             CreateMap<IdentityResource, IdentityResourceDto>()
-                .ForMember(dto => dto.Properties, map => map.MapFrom((src, d) =>
-                {
-                    var properties = new List<IdentityResourcePropertyDto>();
-                    foreach (var property in src.Properties)
-                    {
-                        properties.Add(new IdentityResourcePropertyDto
-                        {
-                            Key = property.Key,
-                            Value = property.Value
-                        });
-                    }
-                    return properties;
-                }));
+                .ForMember(dto => dto.UserClaims, map => map.MapFrom(src => src.UserClaims.Select(claim => claim.Type).ToList()))
+                .MapExtraProperties();
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application/LINGYUN/Abp/IdentityServer/ApiResources/ApiResourceAppService.cs

@@ -1,11 +1,12 @@
 using IdentityServer4;
 using IdentityServer4.Models;
 using Microsoft.AspNetCore.Authorization;
+using System;
 using System.Collections.Generic;
+using System.Linq;
 using System.Threading.Tasks;
 using Volo.Abp;
 using Volo.Abp.Application.Dtos;
-using Volo.Abp.IdentityServer.ApiResources;
 using ApiResource = Volo.Abp.IdentityServer.ApiResources.ApiResource;
 
 namespace LINGYUN.Abp.IdentityServer.ApiResources
@@ -21,18 +22,19 @@ namespace LINGYUN.Abp.IdentityServer.ApiResources
             ApiResourceRepository = apiResourceRepository;
         }
 
-        public virtual async Task<ApiResourceDto> GetAsync(ApiResourceGetByIdInputDto apiResourceGetById)
+        public virtual async Task<ApiResourceDto> GetAsync(Guid id)
         {
-            var apiResource = await ApiResourceRepository.GetAsync(apiResourceGetById.Id);
+            var apiResource = await ApiResourceRepository.GetAsync(id);
 
             return ObjectMapper.Map<ApiResource, ApiResourceDto>(apiResource);
         }
 
-        public virtual async Task<PagedResultDto<ApiResourceDto>> GetAsync(ApiResourceGetByPagedInputDto apiResourceGetByPaged)
+        public virtual async Task<PagedResultDto<ApiResourceDto>> GetListAsync(ApiResourceGetByPagedInputDto input)
         {
-            var apiResources = await ApiResourceRepository.GetListAsync(apiResourceGetByPaged.Sorting,
-                apiResourceGetByPaged.SkipCount, apiResourceGetByPaged.MaxResultCount,
-                apiResourceGetByPaged.Filter);
+            var apiResources = await ApiResourceRepository.GetListAsync(input.Sorting,
+                input.SkipCount, input.MaxResultCount,
+                input.Filter);
+            // 未加Filter过滤器? 结果数不准
             var apiResourceCount = await ApiResourceRepository.GetCountAsync();
 
             return new PagedResultDto<ApiResourceDto>(apiResourceCount,
@@ -40,102 +42,144 @@ namespace LINGYUN.Abp.IdentityServer.ApiResources
         }
 
         [Authorize(AbpIdentityServerPermissions.ApiResources.Create)]
-        public virtual async Task<ApiResourceDto> CreateAsync(ApiResourceCreateDto apiResourceCreate)
+        public virtual async Task<ApiResourceDto> CreateAsync(ApiResourceCreateDto input)
         {
-            var apiResourceExists = await ApiResourceRepository.CheckNameExistAsync(apiResourceCreate.Name);
+            var apiResourceExists = await ApiResourceRepository.CheckNameExistAsync(input.Name);
             if (apiResourceExists)
             {
-                throw new UserFriendlyException(L[AbpIdentityServerErrorConsts.ApiResourceNameExisted, apiResourceCreate.Name]);
+                throw new UserFriendlyException(L[AbpIdentityServerErrorConsts.ApiResourceNameExisted, input.Name]);
             }
-            var apiResource = new ApiResource(GuidGenerator.Create(), apiResourceCreate.Name,
-                apiResourceCreate.DisplayName, apiResourceCreate.Description)
+            var apiResource = new ApiResource(GuidGenerator.Create(), input.Name,
+                input.DisplayName, input.Description)
             {
-                Enabled = apiResourceCreate.Enabled
+                Enabled = input.Enabled
             };
-            foreach (var userClaim in apiResourceCreate.UserClaims)
-            {
-                apiResource.AddUserClaim(userClaim.Type);
-            }
+            await UpdateApiResourceByInputAsync(apiResource, input);
+
             apiResource = await ApiResourceRepository.InsertAsync(apiResource);
+
+            await CurrentUnitOfWork.SaveChangesAsync();
+
             return ObjectMapper.Map<ApiResource, ApiResourceDto>(apiResource);
         }
 
         [Authorize(AbpIdentityServerPermissions.ApiResources.Update)]
-        public virtual async Task<ApiResourceDto> UpdateAsync(ApiResourceUpdateDto apiResourceUpdate)
+        public virtual async Task<ApiResourceDto> UpdateAsync(Guid id, ApiResourceUpdateDto input)
         {
-            var apiResource = await ApiResourceRepository.GetAsync(apiResourceUpdate.Id);
-            apiResource.DisplayName = apiResourceUpdate.DisplayName ?? apiResource.DisplayName;
-            apiResource.Description = apiResourceUpdate.Description ?? apiResource.Description;
-            apiResource.Enabled = apiResourceUpdate.Enabled;
+            var apiResource = await ApiResourceRepository.GetAsync(id);
+            apiResource.DisplayName = input.DisplayName ?? apiResource.DisplayName;
+            apiResource.Description = input.Description ?? apiResource.Description;
+            apiResource.Enabled = input.Enabled;
+
+            await UpdateApiResourceByInputAsync(apiResource, input);
 
-            apiResource.RemoveAllUserClaims();
-            foreach (var userClaim in apiResourceUpdate.UserClaims)
-            {
-                apiResource.AddUserClaim(userClaim.Type);
-            }
             apiResource = await ApiResourceRepository.UpdateAsync(apiResource);
+
+            await CurrentUnitOfWork.SaveChangesAsync();
+
             return ObjectMapper.Map<ApiResource, ApiResourceDto>(apiResource);
         }
 
         [Authorize(AbpIdentityServerPermissions.ApiResources.Delete)]
-        public virtual async Task DeleteAsync(ApiResourceGetByIdInputDto apiResourceGetById)
+        public virtual async Task DeleteAsync(Guid id)
         {
-            var apiResource = await ApiResourceRepository.GetAsync(apiResourceGetById.Id);
+            var apiResource = await ApiResourceRepository.GetAsync(id);
             await ApiResourceRepository.DeleteAsync(apiResource);
+
+            await CurrentUnitOfWork.SaveChangesAsync();
         }
 
-        [Authorize(AbpIdentityServerPermissions.ApiResources.Secrets.Create)]
-        public virtual async Task<ApiSecretDto> AddSecretAsync(ApiSecretCreateDto apiSecretCreate)
+        protected virtual async Task UpdateApiResourceByInputAsync(ApiResource apiResource, ApiResourceCreateOrUpdateDto input)
         {
-            var apiResource = await ApiResourceRepository.GetAsync(apiSecretCreate.ApiResourceId);
-            var apiSecretValue = apiSecretCreate.Value;
-            var apiResourceSecret = apiResource.FindSecret(apiSecretValue, apiSecretCreate.Type);
-            if(apiResourceSecret == null)
+            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageClaims))
             {
-                if (IdentityServerConstants.SecretTypes.SharedSecret.Equals(apiSecretCreate.Type))
+                // 删除不存在的UserClaim
+                apiResource.UserClaims.RemoveAll(claim => !input.UserClaims.Contains(claim.Type));
+                foreach (var inputClaim in input.UserClaims)
                 {
-                    if (apiSecretCreate.HashType == HashType.Sha256)
-                    {
-                        apiSecretValue = apiSecretCreate.Value.Sha256();
-                    }
-                    else if (apiSecretCreate.HashType == HashType.Sha512)
+                    var userClaim = apiResource.FindClaim(inputClaim);
+                    if (userClaim == null)
                     {
-                        apiSecretValue = apiSecretCreate.Value.Sha512();
+                        apiResource.AddUserClaim(inputClaim);
                     }
                 }
-                apiResource.AddSecret(apiSecretValue, apiSecretCreate.Expiration, apiSecretCreate.Type, apiSecretCreate.Description);
-                apiResourceSecret = apiResource.FindSecret(apiSecretValue, apiSecretCreate.Type);
             }
 
-            return ObjectMapper.Map<ApiSecret, ApiSecretDto>(apiResourceSecret);
-        }
+            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageScopes))
+            {
+                // 删除不存在的Scope
+                apiResource.Scopes.RemoveAll(scope => !input.Scopes.Any(inputScope => scope.Name == inputScope.Name));
+                foreach (var inputScope in input.Scopes)
+                {
+                    var scope = apiResource.FindScope(inputScope.Name);
+                    if (scope == null)
+                    {
+                        scope = apiResource.AddScope(
+                            inputScope.Name, inputScope.DisplayName, inputScope.Description,
+                            inputScope.Required, inputScope.Emphasize, inputScope.ShowInDiscoveryDocument);
+                    }
+                    else
+                    {
+                        scope.Required = inputScope.Required;
+                        scope.Emphasize = inputScope.Emphasize;
+                        scope.Description = inputScope.Description;
+                        scope.DisplayName = inputScope.DisplayName;
+                        scope.ShowInDiscoveryDocument = inputScope.ShowInDiscoveryDocument;
+                        // 删除不存在的ScopeUserClaim
+                        scope.UserClaims.RemoveAll(claim => !inputScope.UserClaims.Contains(claim.Type));
+                    }
 
-        [Authorize(AbpIdentityServerPermissions.ApiResources.Secrets.Delete)]
-        public virtual async Task DeleteSecretAsync(ApiSecretGetByTypeInputDto apiSecretGetByType)
-        {
-            var apiResource = await ApiResourceRepository.GetAsync(apiSecretGetByType.ApiResourceId);
-            apiResource.RemoveSecret(apiSecretGetByType.Value, apiSecretGetByType.Type);
-        }
+                    foreach (var inputScopeClaim in inputScope.UserClaims)
+                    {
+                        var scopeUserClaim = scope.FindClaim(inputScopeClaim);
+                        if (scopeUserClaim == null)
+                        {
+                            scope.AddUserClaim(inputScopeClaim);
+                        }
+                    }
+                }
+            }
 
-        [Authorize(AbpIdentityServerPermissions.ApiResources.Scope.Create)]
-        public virtual async Task<ApiScopeDto> AddScopeAsync(ApiScopeCreateDto apiScopeCreate)
-        {
-            var apiResource = await ApiResourceRepository.GetAsync(apiScopeCreate.ApiResourceId);
-            var apiResourceScope = apiResource.FindScope(apiScopeCreate.Name);
-            if (apiResourceScope == null)
+            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageSecrets))
             {
-                apiResource.AddScope(apiScopeCreate.Name, apiScopeCreate.DisplayName, apiScopeCreate.Description,
-                    apiScopeCreate.Required, apiScopeCreate.Emphasize, apiScopeCreate.ShowInDiscoveryDocument);
-                apiResourceScope = apiResource.FindScope(apiScopeCreate.Name);
+                // 删除不存在的Secret
+                apiResource.Secrets.RemoveAll(secret => !input.Secrets.Any(inputSecret => secret.Type == inputSecret.Type && secret.Value == inputSecret.Value));
+                foreach (var inputSecret in input.Secrets)
+                {
+                    // 第一次重复校验已经加密过的字符串
+                    if (apiResource.FindSecret(inputSecret.Value, inputSecret.Type) == null)
+                    {
+                        var apiSecretValue = inputSecret.Value;
+                        if (IdentityServerConstants.SecretTypes.SharedSecret.Equals(inputSecret.Type))
+                        {
+                            if (inputSecret.HashType == HashType.Sha256)
+                            {
+                                apiSecretValue = inputSecret.Value.Sha256();
+                            }
+                            else if (inputSecret.HashType == HashType.Sha512)
+                            {
+                                apiSecretValue = inputSecret.Value.Sha512();
+                            }
+                        }
+                        // 加密之后还需要做一次校验 避免出现重复值
+                        var secret = apiResource.FindSecret(apiSecretValue, inputSecret.Type);
+                        if (secret == null)
+                        {
+                            apiResource.AddSecret(apiSecretValue, inputSecret.Expiration, inputSecret.Type, inputSecret.Description);
+                        }
+                    }
+                }
             }
-            return ObjectMapper.Map<ApiScope, ApiScopeDto>(apiResourceScope);
-        }
 
-        [Authorize(AbpIdentityServerPermissions.ApiResources.Scope.Delete)]
-        public virtual async Task DeleteScopeAsync(ApiScopeGetByNameInputDto apiScopeGetByName)
-        {
-            var apiResource = await ApiResourceRepository.GetAsync(apiScopeGetByName.ApiResourceId);
-            apiResource.RemoveScope(apiScopeGetByName.Name);
+            if (await IsGrantAsync(AbpIdentityServerPermissions.ApiResources.ManageProperties))
+            {
+                // 删除不存在的属性
+                apiResource.Properties.RemoveAll(scope => !input.Properties.ContainsKey(scope.Key));
+                foreach (var property in input.Properties)
+                {
+                    apiResource.Properties[property.Key] = property.Value;
+                }
+            }
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application/LINGYUN/Abp/IdentityServer/Clients/ClientAppService.cs

@@ -1,6 +1,9 @@
-using IdentityServer4;
+using LINGYUN.Abp.IdentityServer.ApiResources;
+using LINGYUN.Abp.IdentityServer.IdentityResources;
+using IdentityServer4;
 using IdentityServer4.Models;
 using Microsoft.AspNetCore.Authorization;
+using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
@@ -15,65 +18,17 @@ namespace LINGYUN.Abp.IdentityServer.Clients
     public class ClientAppService : AbpIdentityServerAppServiceBase, IClientAppService
     {
         protected IClientRepository ClientRepository { get; }
+        protected IApiResourceRepository ApiResourceRepository { get; }
+        protected IIdentityResourceRepository IdentityResourceRepository { get; }
 
-        public ClientAppService(IClientRepository clientRepository)
+        public ClientAppService(
+            IClientRepository clientRepository,
+            IApiResourceRepository apiResourceRepository,
+            IIdentityResourceRepository identityResourceRepository)
         {
             ClientRepository = clientRepository;
-        }
-
-        [Authorize(AbpIdentityServerPermissions.Clients.Claims.Create)]
-        public virtual async Task<ClientClaimDto> AddClaimAsync(ClientClaimCreateDto clientClaimCreate)
-        {
-            var client = await ClientRepository.GetAsync(clientClaimCreate.ClientId);
-
-            client.AddClaim(clientClaimCreate.Value, clientClaimCreate.Type);
-            var clientClaim = client.FindClaim(clientClaimCreate.Value, clientClaimCreate.Type);
-
-            return ObjectMapper.Map<ClientClaim, ClientClaimDto>(clientClaim);
-        }
-
-        [Authorize(AbpIdentityServerPermissions.Clients.Properties.Create)]
-        public virtual async Task<ClientPropertyDto> AddPropertyAsync(ClientPropertyCreateDto clientPropertyCreate)
-        {
-            var client = await ClientRepository.GetAsync(clientPropertyCreate.ClientId);
-
-            client.AddProperty(clientPropertyCreate.Key, clientPropertyCreate.Value);
-            var clientProperty = client.FindProperty(clientPropertyCreate.Key, clientPropertyCreate.Value);
-
-            return ObjectMapper.Map<ClientProperty, ClientPropertyDto>(clientProperty);
-        }
-
-        [Authorize(AbpIdentityServerPermissions.Clients.Secrets.Create)]
-        public virtual async Task<ClientSecretDto> AddSecretAsync(ClientSecretCreateDto clientSecretCreate)
-        {
-            var client = await ClientRepository.GetAsync(clientSecretCreate.ClientId);
-
-            var clientSecretValue = clientSecretCreate.Value;
-
-            // 如果是 SharedSecret 类型的密钥
-            // 采用 IdentityServer4 服务器扩展方法加密
-            if (IdentityServerConstants.SecretTypes.SharedSecret.Equals(clientSecretCreate.Type))
-            {
-                if(clientSecretCreate.HashType == HashType.Sha256)
-                {
-                    clientSecretValue = clientSecretCreate.Value.Sha256();
-                }
-                else if (clientSecretCreate.HashType == HashType.Sha512)
-                {
-                    clientSecretValue = clientSecretCreate.Value.Sha512();
-                }
-            }
-            else
-            {
-                // 其他类型的服务器加密方式暂时不提供
-                throw new UserFriendlyException(L["EncryptionNotImplemented", clientSecretCreate.Type]);
-            }
-            client.AddSecret(clientSecretValue, clientSecretCreate.Expiration, 
-                clientSecretCreate.Type, clientSecretCreate.Description);
-            
-            var clientSecret = client.FindSecret(clientSecretValue, clientSecretCreate.Type);
-
-            return ObjectMapper.Map<ClientSecret, ClientSecretDto>(clientSecret);
+            ApiResourceRepository = apiResourceRepository;
+            IdentityResourceRepository = identityResourceRepository;
         }
 
         [Authorize(AbpIdentityServerPermissions.Clients.Create)]
@@ -91,58 +46,37 @@ namespace LINGYUN.Abp.IdentityServer.Clients
             };
             foreach (var grantType in clientCreate.AllowedGrantTypes)
             {
-                client.AddGrantType(grantType.GrantType);
+                client.AddGrantType(grantType);
             }
 
-            client = await ClientRepository.InsertAsync(client, true);
+            client = await ClientRepository.InsertAsync(client);
+
+            await CurrentUnitOfWork.SaveChangesAsync();
 
             return ObjectMapper.Map<Client, ClientDto>(client);
         }
 
         [Authorize(AbpIdentityServerPermissions.Clients.Delete)]
-        public virtual async Task DeleteAsync(ClientGetByIdInputDto clientGetByIdInput)
+        public virtual async Task DeleteAsync(Guid id)
         {
-            await ClientRepository.DeleteAsync(clientGetByIdInput.Id);
-        }
-
-        [Authorize(AbpIdentityServerPermissions.Clients.Claims.Delete)]
-        public virtual async Task DeleteClaimAsync(ClientClaimGetByKeyInputDto clientClaimGetByKey)
-        {
-            var client = await ClientRepository.GetAsync(clientClaimGetByKey.ClientId);
-            client.RemoveClaim(clientClaimGetByKey.Value, clientClaimGetByKey.Type);
-            await ClientRepository.UpdateAsync(client);
-        }
+            var client = await ClientRepository.GetAsync(id);
+            await ClientRepository.DeleteAsync(client);
 
-        [Authorize(AbpIdentityServerPermissions.Clients.Properties.Delete)]
-        public virtual async Task DeletePropertyAsync(ClientPropertyGetByKeyDto clientPropertyGetByKey)
-        {
-            var client = await ClientRepository.GetAsync(clientPropertyGetByKey.ClientId);
-            client.RemoveProperty(clientPropertyGetByKey.Key, clientPropertyGetByKey.Value);
-            await ClientRepository.UpdateAsync(client);
+            await CurrentUnitOfWork.SaveChangesAsync();
         }
 
-        [Authorize(AbpIdentityServerPermissions.Clients.Secrets.Delete)]
-        public virtual async Task DeleteSecretAsync(ClientSecretGetByTypeDto clientSecretGetByType)
+        public virtual async Task<ClientDto> GetAsync(Guid id)
         {
-            var client = await ClientRepository.GetAsync(clientSecretGetByType.ClientId);
-            client.RemoveSecret(clientSecretGetByType.Value, clientSecretGetByType.Type);
-            await ClientRepository.UpdateAsync(client);
-        }
-
-
-        public virtual async Task<ClientDto> GetAsync(ClientGetByIdInputDto clientGetById)
-        {
-            var client = await ClientRepository.GetAsync(clientGetById.Id);
+            var client = await ClientRepository.GetAsync(id);
 
             return ObjectMapper.Map<Client, ClientDto>(client);
         }
 
-        public virtual async Task<PagedResultDto<ClientDto>> GetAsync(ClientGetByPagedInputDto clientGetByPaged)
+        public virtual async Task<PagedResultDto<ClientDto>> GetListAsync(ClientGetByPagedDto input)
         {
-            // Abp官方IdentityServer项目不支持Filter过滤...
-            var clients = await ClientRepository.GetListAsync(clientGetByPaged.Sorting,
-                clientGetByPaged.SkipCount, clientGetByPaged.MaxResultCount,
-                clientGetByPaged.Filter, true);
+            var clients = await ClientRepository.GetListAsync(input.Sorting,
+                input.SkipCount, input.MaxResultCount,
+                input.Filter);
 
             var clientCount = await ClientRepository.GetCountAsync();
 
@@ -151,127 +85,243 @@ namespace LINGYUN.Abp.IdentityServer.Clients
         }
 
         [Authorize(AbpIdentityServerPermissions.Clients.Update)]
-        public virtual async Task<ClientDto> UpdateAsync(ClientUpdateInputDto clientUpdateInput)
+        public virtual async Task<ClientDto> UpdateAsync(Guid id, ClientUpdateDto input)
         {
-            var client = await ClientRepository.GetAsync(clientUpdateInput.Id);
-
-            #region Basic Property
-            client.ConcurrencyStamp = clientUpdateInput.Client.ConcurrencyStamp;
-            client.ClientId = clientUpdateInput.Client.ClientId ?? client.ClientId;
-            client.ClientUri = clientUpdateInput.Client.ClientUri ?? client.ClientUri;
-            client.ClientName = clientUpdateInput.Client.ClientName ?? client.ClientName;
-            client.AbsoluteRefreshTokenLifetime = clientUpdateInput.Client.AbsoluteRefreshTokenLifetime
-                ?? client.AbsoluteRefreshTokenLifetime;
-            client.AccessTokenLifetime = clientUpdateInput.Client.AccessTokenLifetime
-                ?? client.AccessTokenLifetime;
-            client.AccessTokenType = clientUpdateInput.Client.AccessTokenType ?? client.AccessTokenType;
-            client.AllowAccessTokensViaBrowser = clientUpdateInput.Client.AllowAccessTokensViaBrowser
-                ?? client.AllowAccessTokensViaBrowser;
-            client.AllowOfflineAccess = clientUpdateInput.Client.AllowOfflineAccess
-                ?? client.AllowOfflineAccess;
-            client.AllowPlainTextPkce = clientUpdateInput.Client.AllowPlainTextPkce ?? client.AllowPlainTextPkce;
-            client.AllowRememberConsent = clientUpdateInput.Client.AllowRememberConsent ?? client.AllowRememberConsent;
-            client.AlwaysIncludeUserClaimsInIdToken = clientUpdateInput.Client.AlwaysIncludeUserClaimsInIdToken
-                ?? client.AlwaysIncludeUserClaimsInIdToken;
-            client.AlwaysSendClientClaims = clientUpdateInput.Client.AlwaysSendClientClaims ?? client.AlwaysSendClientClaims;
-            client.AuthorizationCodeLifetime = clientUpdateInput.Client.AuthorizationCodeLifetime
-                ?? client.AuthorizationCodeLifetime;
-            client.BackChannelLogoutSessionRequired = clientUpdateInput.Client.BackChannelLogoutSessionRequired
-                ?? client.BackChannelLogoutSessionRequired;
-
-            client.BackChannelLogoutUri = clientUpdateInput.Client.BackChannelLogoutUri
-                ?? client.BackChannelLogoutUri;
-            client.ClientClaimsPrefix = clientUpdateInput.Client.ClientClaimsPrefix ?? client.ClientClaimsPrefix;
-            client.ConsentLifetime = clientUpdateInput.Client.ConsentLifetime ?? client.ConsentLifetime;
-            client.Description = clientUpdateInput.Client.Description ?? client.Description;
-            client.DeviceCodeLifetime = clientUpdateInput.Client.DeviceCodeLifetime ?? client.DeviceCodeLifetime;
-            client.Enabled = clientUpdateInput.Client.Enabled ?? client.Enabled;
-            client.EnableLocalLogin = clientUpdateInput.Client.EnableLocalLogin ?? client.EnableLocalLogin;
-            client.FrontChannelLogoutSessionRequired = clientUpdateInput.Client.FrontChannelLogoutSessionRequired
-                ?? client.FrontChannelLogoutSessionRequired;
-            client.FrontChannelLogoutUri = clientUpdateInput.Client.FrontChannelLogoutUri ?? client.FrontChannelLogoutUri;
-
-            client.IdentityTokenLifetime = clientUpdateInput.Client.IdentityTokenLifetime ?? client.IdentityTokenLifetime;
-            client.IncludeJwtId = clientUpdateInput.Client.IncludeJwtId ?? client.IncludeJwtId;
-            client.LogoUri = clientUpdateInput.Client.LogoUri ?? client.LogoUri;
-            client.PairWiseSubjectSalt = clientUpdateInput.Client.PairWiseSubjectSalt ?? client.PairWiseSubjectSalt;
-            client.ProtocolType = clientUpdateInput.Client.ProtocolType ?? client.ProtocolType;
-            client.RefreshTokenExpiration = clientUpdateInput.Client.RefreshTokenExpiration ?? client.RefreshTokenExpiration;
-            client.RefreshTokenUsage = clientUpdateInput.Client.RefreshTokenUsage ?? client.RefreshTokenUsage;
-            client.RequireClientSecret = clientUpdateInput.Client.RequireClientSecret ?? client.RequireClientSecret;
-            client.RequireConsent = clientUpdateInput.Client.RequireConsent ?? client.RequireConsent;
-
-            client.RequirePkce = clientUpdateInput.Client.RequirePkce ?? client.RequirePkce;
-            client.SlidingRefreshTokenLifetime = clientUpdateInput.Client.SlidingRefreshTokenLifetime
-                ?? client.SlidingRefreshTokenLifetime;
-            client.UpdateAccessTokenClaimsOnRefresh = clientUpdateInput.Client.UpdateAccessTokenClaimsOnRefresh
-                ?? client.UpdateAccessTokenClaimsOnRefresh;
-
-            client.UserCodeType = clientUpdateInput.Client.UserCodeType ?? client.UserCodeType;
-            client.UserSsoLifetime = clientUpdateInput.Client.UserSsoLifetime ?? client.UserSsoLifetime;
+            var client = await ClientRepository.GetAsync(id);
+
+            #region Basic
+            if (!string.Equals(client.ClientId, input.ClientId, StringComparison.InvariantCultureIgnoreCase))
+            {
+                client.ClientId = input.ClientId;
+            }
+            if (!string.Equals(client.ClientUri, input.ClientUri, StringComparison.InvariantCultureIgnoreCase))
+            {
+                client.ClientUri = input.ClientUri;
+            }
+            if (!string.Equals(client.ClientName, input.ClientName, StringComparison.InvariantCultureIgnoreCase))
+            {
+                client.ClientName = input.ClientName;
+            }
+            if (!string.Equals(client.BackChannelLogoutUri, input.BackChannelLogoutUri, StringComparison.InvariantCultureIgnoreCase))
+            {
+                client.BackChannelLogoutUri = input.BackChannelLogoutUri;
+            }
+            if (!string.Equals(client.FrontChannelLogoutUri, input.FrontChannelLogoutUri, StringComparison.InvariantCultureIgnoreCase))
+            {
+                client.FrontChannelLogoutUri = input.FrontChannelLogoutUri;
+            }
+            if (!string.Equals(client.ClientClaimsPrefix, input.ClientClaimsPrefix, StringComparison.InvariantCultureIgnoreCase))
+            {
+                client.ClientClaimsPrefix = input.ClientClaimsPrefix;
+            }
+            if (!string.Equals(client.Description, input.Description, StringComparison.InvariantCultureIgnoreCase))
+            {
+                client.Description = input.Description;
+            }
+            if (!string.Equals(client.LogoUri, input.LogoUri, StringComparison.InvariantCultureIgnoreCase))
+            {
+                client.LogoUri = input.LogoUri;
+            }
+            if (!string.Equals(client.UserCodeType, input.UserCodeType, StringComparison.InvariantCultureIgnoreCase))
+            {
+                client.UserCodeType = input.UserCodeType;
+            }
+            if (!string.Equals(client.PairWiseSubjectSalt, input.PairWiseSubjectSalt, StringComparison.InvariantCultureIgnoreCase))
+            {
+                client.PairWiseSubjectSalt = input.PairWiseSubjectSalt;
+            }
+            if (!string.Equals(client.ProtocolType, input.ProtocolType, StringComparison.InvariantCultureIgnoreCase))
+            {
+                client.ProtocolType = input.ProtocolType;
+            }
+            client.AbsoluteRefreshTokenLifetime = input.AbsoluteRefreshTokenLifetime;
+            client.AccessTokenLifetime = input.AccessTokenLifetime;
+            client.AccessTokenType = input.AccessTokenType;
+            client.AllowAccessTokensViaBrowser = input.AllowAccessTokensViaBrowser;
+            client.AllowOfflineAccess = input.AllowOfflineAccess;
+            client.AllowPlainTextPkce = input.AllowPlainTextPkce;
+            client.AllowRememberConsent = input.AllowRememberConsent;
+            client.AlwaysIncludeUserClaimsInIdToken = input.AlwaysIncludeUserClaimsInIdToken;
+            client.AlwaysSendClientClaims = input.AlwaysSendClientClaims;
+            client.AuthorizationCodeLifetime = input.AuthorizationCodeLifetime;
+            client.BackChannelLogoutSessionRequired = input.BackChannelLogoutSessionRequired;
+            client.DeviceCodeLifetime = input.DeviceCodeLifetime;
+            client.ConsentLifetime = input.ConsentLifetime ?? client.ConsentLifetime;
+            client.Enabled = input.Enabled;
+            client.EnableLocalLogin = input.EnableLocalLogin;
+            client.FrontChannelLogoutSessionRequired = input.FrontChannelLogoutSessionRequired;
+            client.IdentityTokenLifetime = input.IdentityTokenLifetime;
+            client.IncludeJwtId = input.IncludeJwtId;
+            client.RefreshTokenExpiration = input.RefreshTokenExpiration;
+            client.RefreshTokenUsage = input.RefreshTokenUsage;
+            client.RequireClientSecret = input.RequireClientSecret;
+            client.RequireConsent = input.RequireConsent;
+            client.RequirePkce = input.RequirePkce;
+            client.SlidingRefreshTokenLifetime = input.SlidingRefreshTokenLifetime;
+            client.UpdateAccessTokenClaimsOnRefresh = input.UpdateAccessTokenClaimsOnRefresh;
+            client.UserSsoLifetime = input.UserSsoLifetime ?? client.UserSsoLifetime;
             #endregion
 
             #region AllowScope
-
-            client.RemoveAllScopes();
-            foreach (var scope in clientUpdateInput.Client.AllowedScopes)
+            // 删除未在身份资源和Api资源中的作用域
+            client.AllowedScopes.RemoveAll(scope => !input.AllowedScopes.Contains(scope.Scope));
+            foreach (var scope in input.AllowedScopes)
             {
-                client.AddScope(scope.Scope);
+                if (client.FindScope(scope) == null)
+                {
+                    client.AddScope(scope);
+                }
             }
 
             #endregion
 
             #region RedirectUris
-
-            client.RemoveAllRedirectUris();
-            foreach (var redirect in clientUpdateInput.Client.RedirectUris)
+            // 删除不存在的uri
+            client.RedirectUris.RemoveAll(uri => !input.RedirectUris.Contains(uri.RedirectUri));
+            foreach (var redirect in input.RedirectUris)
             {
-                client.AddRedirectUri(redirect.RedirectUri);
+                if (client.FindRedirectUri(redirect) != null)
+                {
+                    client.AddRedirectUri(redirect);
+                }
             }
 
             #endregion
 
             #region AllowedGrantTypes
-
-            client.RemoveAllAllowedGrantTypes();
-            foreach (var grantType in clientUpdateInput.Client.AllowedGrantTypes)
+            // 删除不存在的验证类型
+            client.AllowedGrantTypes.RemoveAll(grantType => !input.AllowedGrantTypes.Contains(grantType.GrantType));
+            foreach (var grantType in input.AllowedGrantTypes)
             {
-                client.AddGrantType(grantType.GrantType);
+                if (client.FindGrantType(grantType) == null)
+                {
+                    client.AddGrantType(grantType);
+                }
             }
 
             #endregion
 
             #region AllowedCorsOrigins
-
-            client.RemoveAllCorsOrigins();
-            foreach (var corgOrigin in clientUpdateInput.Client.AllowedCorsOrigins)
+            // 删除不存在的同源域名
+            client.AllowedCorsOrigins.RemoveAll(corgOrigin => !input.AllowedCorsOrigins.Contains(corgOrigin.Origin));
+            foreach (var corgOrigin in input.AllowedCorsOrigins)
             {
-                client.AddCorsOrigin(corgOrigin.Origin);
+                if (client.FindCorsOrigin(corgOrigin) == null)
+                {
+                    client.AddCorsOrigin(corgOrigin);
+                }
             }
 
             #endregion
 
             #region PostLogoutRedirectUris
 
-            client.RemoveAllPostLogoutRedirectUris();
-            foreach (var logoutRedirect in clientUpdateInput.Client.PostLogoutRedirectUris)
+            // 删除不存在的登录重定向域名
+            client.PostLogoutRedirectUris.RemoveAll(uri => !input.PostLogoutRedirectUris.Contains(uri.PostLogoutRedirectUri));
+            foreach (var logoutRedirectUri in input.PostLogoutRedirectUris)
             {
-                client.AddPostLogoutRedirectUri(logoutRedirect.PostLogoutRedirectUri);
+                if (client.FindPostLogoutRedirectUri(logoutRedirectUri) == null)
+                {
+                    client.AddPostLogoutRedirectUri(logoutRedirectUri);
+                }
             }
 
             #endregion
 
             #region IdentityProviderRestrictions
 
-            client.RemoveAllIdentityProviderRestrictions();
-            foreach (var provider in clientUpdateInput.Client.IdentityProviderRestrictions)
+            // 删除身份认证限制提供商
+            client.IdentityProviderRestrictions.RemoveAll(provider => !input.IdentityProviderRestrictions.Contains(provider.Provider));
+            foreach (var provider in input.IdentityProviderRestrictions)
+            {
+                if (client.FindIdentityProviderRestriction(provider) == null)
+                {
+                    client.AddIdentityProviderRestriction(provider);
+                }
+            }
+
+            #endregion
+
+            #region Secrets
+
+            if (await IsGrantAsync(AbpIdentityServerPermissions.Clients.ManageSecrets))
+            {
+                // 移除已经不存在的客户端密钥
+                client.ClientSecrets.RemoveAll(secret => !input.Secrets.Any(inputSecret => secret.Value == inputSecret.Value && secret.Type == inputSecret.Type));
+                foreach (var inputSecret in input.Secrets)
+                {
+                    // 先对加密过的进行过滤
+                    if (client.FindSecret(inputSecret.Value, inputSecret.Type) != null)
+                    {
+                        continue;
+                    }
+                    var inputSecretValue = inputSecret.Value;
+                    // 如果是 SharedSecret 类型的密钥
+                    // 采用 IdentityServer4 服务器扩展方法加密
+                    if (IdentityServerConstants.SecretTypes.SharedSecret.Equals(inputSecret.Type))
+                    {
+                        if (inputSecret.HashType == HashType.Sha256)
+                        {
+                            inputSecretValue = inputSecret.Value.Sha256();
+                        }
+                        else if (inputSecret.HashType == HashType.Sha512)
+                        {
+                            inputSecretValue = inputSecret.Value.Sha512();
+                        }
+                    }
+                    else
+                    {
+                        throw new UserFriendlyException(L["EncryptionNotImplemented", inputSecret.Type]);
+                    }
+
+                    var clientSecret = client.FindSecret(inputSecretValue, inputSecret.Type);
+                    if (clientSecret == null)
+                    {
+                        client.AddSecret(inputSecretValue, inputSecret.Expiration, inputSecret.Type, inputSecret.Description);
+                    }
+                }
+            }
+
+            #endregion
+
+            #region Properties
+
+            if (await IsGrantAsync(AbpIdentityServerPermissions.Clients.ManageProperties))
             {
-                client.AddIdentityProviderRestriction(provider.Provider);
+                // 移除不存在的属性
+                client.Properties.RemoveAll(prop => !input.Properties.ContainsKey(prop.Key));
+                foreach (var inputProp in input.Properties)
+                {
+                    if (client.FindProperty(inputProp.Key, inputProp.Value) == null)
+                    {
+                        client.AddProperty(inputProp.Key, inputProp.Value);
+                    }
+                }
             }
 
+
             #endregion
 
-            client = await ClientRepository.UpdateAsync(client, true);
+            #region Claims
+
+            if (await IsGrantAsync(AbpIdentityServerPermissions.Clients.ManageClaims))
+            {
+                // 移除已经不存在的客户端声明
+                client.Claims.RemoveAll(secret => !input.Claims.Any(inputClaim => secret.Value == inputClaim.Value && secret.Type == inputClaim.Type));
+                foreach (var inputClaim in input.Claims)
+                {
+                    if (client.FindClaim(inputClaim.Value, inputClaim.Type) == null)
+                    {
+                        client.AddClaim(inputClaim.Value, inputClaim.Type);
+                    }
+                }
+            }
+            
+            #endregion
+
+            client = await ClientRepository.UpdateAsync(client);
+
+            await CurrentUnitOfWork.SaveChangesAsync();
 
             return ObjectMapper.Map<Client, ClientDto>(client);
         }
@@ -283,22 +333,23 @@ namespace LINGYUN.Abp.IdentityServer.Clients
         /// 实现参考 Skoruba.IdentityServer4.Admin 项目
         /// https://github.com/skoruba/IdentityServer4.Admin.git
         /// </remarks>
-        /// <param name="clientCloneInput"></param>
+        /// <param name="id"></param>
+        /// <param name="input"></param>
         /// <returns></returns>
         [Authorize(AbpIdentityServerPermissions.Clients.Clone)]
-        public virtual async Task<ClientDto> CloneAsync(ClientCloneInputDto clientCloneInput)
+        public virtual async Task<ClientDto> CloneAsync(Guid id, ClientCloneDto input)
         {
-            var clientIdExists = await ClientRepository.CheckClientIdExistAsync(clientCloneInput.ClientId);
+            var clientIdExists = await ClientRepository.CheckClientIdExistAsync(input.ClientId);
             if (clientIdExists)
             {
-                throw new UserFriendlyException(L[AbpIdentityServerErrorConsts.ClientIdExisted, clientCloneInput.ClientId]);
+                throw new UserFriendlyException(L[AbpIdentityServerErrorConsts.ClientIdExisted, input.ClientId]);
             }
-            var srcClient = await ClientRepository.GetAsync(clientCloneInput.SourceClientId);
+            var srcClient = await ClientRepository.GetAsync(id);
 
-            var client = new Client(GuidGenerator.Create(), clientCloneInput.ClientId)
+            var client = new Client(GuidGenerator.Create(), input.ClientId)
             {
-                ClientName = clientCloneInput.ClientName,
-                Description = clientCloneInput.Description,
+                ClientName = input.ClientName,
+                Description = input.Description,
                 AbsoluteRefreshTokenLifetime = srcClient.AbsoluteRefreshTokenLifetime,
                 AccessTokenLifetime = srcClient.AccessTokenLifetime,
                 AccessTokenType = srcClient.AccessTokenType,
@@ -338,56 +389,63 @@ namespace LINGYUN.Abp.IdentityServer.Clients
                 UserSsoLifetime = srcClient.UserSsoLifetime
             };
 
-            if (clientCloneInput.CopyAllowedCorsOrigin)
+            if (input.CopyAllowedCorsOrigin)
             {
                 foreach(var corsOrigin in srcClient.AllowedCorsOrigins)
                 {
                     client.AddCorsOrigin(corsOrigin.Origin);
                 }
             }
-            if (clientCloneInput.CopyAllowedGrantType)
+            if (input.CopyAllowedGrantType)
             {
                 foreach (var grantType in srcClient.AllowedGrantTypes)
                 {
                     client.AddGrantType(grantType.GrantType);
                 }
             }
-            if (clientCloneInput.CopyAllowedScope)
+            if (input.CopyAllowedScope)
             {
                 foreach (var scope in srcClient.AllowedScopes)
                 {
                     client.AddScope(scope.Scope);
                 }
             }
-            if (clientCloneInput.CopyClaim)
+            if (input.CopyClaim)
             {
                 foreach (var claim in srcClient.Claims)
                 {
                     client.AddClaim(claim.Value, claim.Type);
                 }
             }
-            if (clientCloneInput.CopyIdentityProviderRestriction)
+            if (input.CopySecret)
+            {
+                foreach (var secret in srcClient.ClientSecrets)
+                {
+                    client.AddSecret(secret.Value, secret.Expiration, secret.Type, secret.Description);
+                }
+            }
+            if (input.CopyIdentityProviderRestriction)
             {
                 foreach (var provider in srcClient.IdentityProviderRestrictions)
                 {
                     client.AddIdentityProviderRestriction(provider.Provider);
                 }
             }
-            if (clientCloneInput.CopyPostLogoutRedirectUri)
+            if (input.CopyPostLogoutRedirectUri)
             {
                 foreach (var uri in srcClient.PostLogoutRedirectUris)
                 {
                     client.AddPostLogoutRedirectUri(uri.PostLogoutRedirectUri);
                 }
             }
-            if (clientCloneInput.CopyPropertie)
+            if (input.CopyPropertie)
             {
                 foreach (var property in srcClient.Properties)
                 {
                     client.AddProperty(property.Key, property.Value);
                 }
             }
-            if (clientCloneInput.CopyRedirectUri)
+            if (input.CopyRedirectUri)
             {
                 foreach (var uri in srcClient.RedirectUris)
                 {
@@ -395,75 +453,40 @@ namespace LINGYUN.Abp.IdentityServer.Clients
                 }
             }
             client = await ClientRepository.InsertAsync(client);
+
+            await CurrentUnitOfWork.SaveChangesAsync();
+
             return ObjectMapper.Map<Client, ClientDto>(client);
         }
-
-        [Authorize(AbpIdentityServerPermissions.Clients.Claims.Update)]
-        public virtual async Task<ClientClaimDto> UpdateClaimAsync(ClientClaimUpdateDto clientClaimUpdate)
+        /// <summary>
+        /// 查询可用的Api资源
+        /// </summary>
+        /// <returns></returns>
+        public virtual async Task<ListResultDto<string>> GetAssignableApiResourcesAsync()
         {
-            var client = await ClientRepository.GetAsync(clientClaimUpdate.ClientId);
+            var resourceNames = await ApiResourceRepository.GetNamesAsync();
 
-            var clientClaim = client.Claims.FirstOrDefault(claim => claim.Type.Equals(clientClaimUpdate.Type));
-            if(clientClaim == null)
-            {
-                throw new UserFriendlyException(L[AbpIdentityServerErrorConsts.ClientClaimNotFound, clientClaimUpdate.Type]);
-            }
-            clientClaim.Value = clientClaimUpdate.Value;
-
-            return ObjectMapper.Map<ClientClaim, ClientClaimDto>(clientClaim);
+            return new ListResultDto<string>(resourceNames);
         }
-
-        [Authorize(AbpIdentityServerPermissions.Clients.Properties.Update)]
-        public virtual async Task<ClientPropertyDto> UpdatePropertyAsync(ClientPropertyUpdateDto clientPropertyUpdate)
+        /// <summary>
+        /// 查询可用的身份资源
+        /// </summary>
+        /// <returns></returns>
+        public virtual async Task<ListResultDto<string>> GetAssignableIdentityResourcesAsync()
         {
-            var client = await ClientRepository.GetAsync(clientPropertyUpdate.ClientId);
-
-            var clientProperty = client.Properties
-                .FirstOrDefault(property => property.Key.Equals(clientPropertyUpdate.Key));
-            if (clientProperty == null)
-            {
-                throw new UserFriendlyException(
-                    L[AbpIdentityServerErrorConsts.ClientPropertyNotFound, clientPropertyUpdate.Key]);
-            }
-            clientProperty.Value = clientPropertyUpdate.Value;
+            var resourceNames = await IdentityResourceRepository.GetNamesAsync();
 
-            return ObjectMapper.Map<ClientProperty, ClientPropertyDto>(clientProperty);
+            return new ListResultDto<string>(resourceNames);
         }
-
-        [Authorize(AbpIdentityServerPermissions.Clients.Secrets.Update)]
-        public virtual async Task<ClientSecretDto> UpdateSecretAsync(ClientSecretUpdateDto clientSecretUpdate)
+        /// <summary>
+        /// 查询所有不重复的跨域地址
+        /// </summary>
+        /// <returns></returns>
+        public virtual async Task<ListResultDto<string>> GetAllDistinctAllowedCorsOriginsAsync()
         {
-            var client = await ClientRepository.GetAsync(clientSecretUpdate.ClientId);
-
-            var clientSecret = client.ClientSecrets
-                .FirstOrDefault(secret => secret.Type.Equals(clientSecretUpdate.Type));
-            if (clientSecret == null)
-            {
-                throw new UserFriendlyException(
-                    L[AbpIdentityServerErrorConsts.ClientSecretNotFound, clientSecretUpdate.Type]);
-            }
-            var clientSecretValue = clientSecret.Value;
-
-            // 如果是 SharedSecret 类型的密钥
-            // 采用 IdentityServer4 服务器扩展方法加密
-            if (IdentityServerConstants.SecretTypes.SharedSecret.Equals(clientSecretUpdate.Type))
-            {
-                if (clientSecretUpdate.HashType == HashType.Sha256)
-                {
-                    clientSecretValue = clientSecretUpdate.Value.Sha256();
-                }
-                else if (clientSecretUpdate.HashType == HashType.Sha512)
-                {
-                    clientSecretValue = clientSecretUpdate.Value.Sha512();
-                }
-            }
-            else
-            {
-                throw new UserFriendlyException(L["EncryptionNotImplemented", clientSecretUpdate.Type]);
-            }
-            clientSecret.Value = clientSecretValue;
+            var corsOrigins = await ClientRepository.GetAllDistinctAllowedCorsOriginsAsync();
 
-            return ObjectMapper.Map<ClientSecret, ClientSecretDto>(clientSecret);
+            return new ListResultDto<string>(corsOrigins);
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application/LINGYUN/Abp/IdentityServer/IdentityResources/IdentityResourceAppService.cs

@@ -1,4 +1,5 @@
 using Microsoft.AspNetCore.Authorization;
+using System;
 using System.Collections.Generic;
 using System.Threading.Tasks;
 using Volo.Abp;
@@ -18,18 +19,18 @@ namespace LINGYUN.Abp.IdentityServer.IdentityResources
             IdentityResourceRepository = identityResourceRepository;
         }
 
-        public virtual async Task<IdentityResourceDto> GetAsync(IdentityResourceGetByIdInputDto identityResourceGetById)
+        public virtual async Task<IdentityResourceDto> GetAsync(Guid id)
         {
-            var identityResource = await IdentityResourceRepository.GetAsync(identityResourceGetById.Id);
+            var identityResource = await IdentityResourceRepository.GetAsync(id);
 
             return ObjectMapper.Map<IdentityResource, IdentityResourceDto>(identityResource);
         }
 
-        public virtual async Task<PagedResultDto<IdentityResourceDto>> GetAsync(IdentityResourceGetByPagedInputDto identityResourceGetByPaged)
+        public virtual async Task<PagedResultDto<IdentityResourceDto>> GetListAsync(IdentityResourceGetByPagedDto input)
         {
-            var identityResources = await IdentityResourceRepository.GetListAsync(identityResourceGetByPaged.Sorting,
-                identityResourceGetByPaged.SkipCount, identityResourceGetByPaged.MaxResultCount,
-                identityResourceGetByPaged.Filter, true);
+            var identityResources = await IdentityResourceRepository.GetListAsync(input.Sorting,
+                input.SkipCount, input.MaxResultCount,
+                input.Filter);
             var identityResourceCount = await IdentityResourceRepository.GetCountAsync();
 
             return new PagedResultDto<IdentityResourceDto>(identityResourceCount,
@@ -37,86 +38,85 @@ namespace LINGYUN.Abp.IdentityServer.IdentityResources
         }
 
         [Authorize(AbpIdentityServerPermissions.IdentityResources.Create)]
-        public virtual async Task<IdentityResourceDto> CreateAsync(IdentityResourceCreateDto identityResourceCreate)
+        public virtual async Task<IdentityResourceDto> CreateAsync(IdentityResourceCreateOrUpdateDto input)
         {
-            var identityResourceExists = await IdentityResourceRepository.CheckNameExistAsync(identityResourceCreate.Name);
+            var identityResourceExists = await IdentityResourceRepository.CheckNameExistAsync(input.Name);
             if (identityResourceExists)
             {
-                throw new UserFriendlyException(L[AbpIdentityServerErrorConsts.IdentityResourceNameExisted, identityResourceCreate.Name]);
-            }
-            var identityResource = new IdentityResource(GuidGenerator.Create(), identityResourceCreate.Name, identityResourceCreate.DisplayName,
-                identityResourceCreate.Description, identityResourceCreate.Enabled, identityResourceCreate.Required, identityResourceCreate.Emphasize,
-                identityResourceCreate.ShowInDiscoveryDocument);
-            foreach(var claim in identityResourceCreate.UserClaims)
-            {
-                identityResource.AddUserClaim(claim.Type);
+                throw new UserFriendlyException(L[AbpIdentityServerErrorConsts.IdentityResourceNameExisted, input.Name]);
             }
+            var identityResource = new IdentityResource(GuidGenerator.Create(), input.Name, input.DisplayName,
+                input.Description, input.Enabled, input.Required, input.Emphasize,
+                input.ShowInDiscoveryDocument);
+            await UpdateApiResourceByInputAsync(identityResource, input);
+
+            await CurrentUnitOfWork.SaveChangesAsync();
+
             identityResource = await IdentityResourceRepository.InsertAsync(identityResource);
 
             return ObjectMapper.Map<IdentityResource, IdentityResourceDto>(identityResource);
         }
 
         [Authorize(AbpIdentityServerPermissions.IdentityResources.Update)]
-        public virtual async Task<IdentityResourceDto> UpdateAsync(IdentityResourceUpdateDto identityResourceUpdate)
+        public virtual async Task<IdentityResourceDto> UpdateAsync(Guid id, IdentityResourceCreateOrUpdateDto input)
         {
-            var identityResource = await IdentityResourceRepository.GetAsync(identityResourceUpdate.Id);
-            identityResource.ConcurrencyStamp = identityResourceUpdate.ConcurrencyStamp;
-            identityResource.Name = identityResourceUpdate.Name ?? identityResource.Name;
-            identityResource.DisplayName = identityResourceUpdate.DisplayName ?? identityResource.DisplayName;
-            identityResource.Description = identityResourceUpdate.Description ?? identityResource.Description;
-            identityResource.Enabled = identityResourceUpdate.Enabled;
-            identityResource.Emphasize = identityResourceUpdate.Emphasize;
-            identityResource.ShowInDiscoveryDocument = identityResourceUpdate.ShowInDiscoveryDocument;
-            if (identityResourceUpdate.UserClaims.Count > 0)
-            {
-                identityResource.RemoveAllUserClaims();
-                foreach (var claim in identityResourceUpdate.UserClaims)
-                {
-                    identityResource.AddUserClaim(claim.Type);
-                }
-            }
+            var identityResource = await IdentityResourceRepository.GetAsync(id);
+            await UpdateApiResourceByInputAsync(identityResource, input);
             identityResource = await IdentityResourceRepository.UpdateAsync(identityResource);
 
+            await CurrentUnitOfWork.SaveChangesAsync();
+
             return ObjectMapper.Map<IdentityResource, IdentityResourceDto>(identityResource);
         }
 
         [Authorize(AbpIdentityServerPermissions.IdentityResources.Delete)]
-        public virtual async Task DeleteAsync(IdentityResourceGetByIdInputDto identityResourceGetById)
+        public virtual async Task DeleteAsync(Guid id)
         {
-            await IdentityResourceRepository.DeleteAsync(identityResourceGetById.Id);
+            await IdentityResourceRepository.DeleteAsync(id);
         }
 
-        [Authorize(AbpIdentityServerPermissions.IdentityResources.Properties.Create)]
-        public virtual async Task<IdentityResourcePropertyDto> AddPropertyAsync(IdentityResourcePropertyCreateDto identityResourcePropertyCreate)
+        protected virtual async Task UpdateApiResourceByInputAsync(IdentityResource identityResource, IdentityResourceCreateOrUpdateDto input)
         {
-            var identityResource = await IdentityResourceRepository.GetAsync(identityResourcePropertyCreate.IdentityResourceId);
-
-            if (identityResource.Properties.ContainsKey(identityResourcePropertyCreate.Key))
+            if (!string.Equals(identityResource.Name, input.Name, StringComparison.InvariantCultureIgnoreCase))
             {
-                throw new UserFriendlyException(L[AbpIdentityServerErrorConsts.IdentityResourcePropertyExisted, identityResourcePropertyCreate.Key]);
+                identityResource.Name = input.Name;
             }
-            identityResource.ConcurrencyStamp = identityResourcePropertyCreate.ConcurrencyStamp;
-            identityResource.Properties.Add(identityResourcePropertyCreate.Key, identityResourcePropertyCreate.Value);
-
-            await IdentityResourceRepository.UpdateAsync(identityResource);
-            return new IdentityResourcePropertyDto
+            if (!string.Equals(identityResource.Description, input.Description, StringComparison.InvariantCultureIgnoreCase))
             {
-                Key = identityResourcePropertyCreate.Key,
-                Value = identityResourcePropertyCreate.Value
-            };
-        }
+                identityResource.Description = input.Description;
+            }
+            if (!string.Equals(identityResource.DisplayName, input.DisplayName, StringComparison.InvariantCultureIgnoreCase))
+            {
+                identityResource.DisplayName = input.DisplayName;
+            }
+            identityResource.Emphasize = input.Emphasize;
+            identityResource.Enabled = input.Enabled;
+            identityResource.Required = input.Required;
+            identityResource.ShowInDiscoveryDocument = input.ShowInDiscoveryDocument;
 
-        [Authorize(AbpIdentityServerPermissions.IdentityResources.Properties.Delete)]
-        public virtual async Task DeletePropertyAsync(IdentityResourcePropertyGetByKeyDto identityResourcePropertyGetByKey)
-        {
-            var identityResource = await IdentityResourceRepository.GetAsync(identityResourcePropertyGetByKey.IdentityResourceId);
+            if (await IsGrantAsync(AbpIdentityServerPermissions.IdentityResources.ManageClaims))
+            {
+                // 删除不存在的UserClaim
+                identityResource.UserClaims.RemoveAll(claim => input.UserClaims.Contains(claim.Type));
+                foreach (var inputClaim in input.UserClaims)
+                {
+                    var userClaim = identityResource.FindUserClaim(inputClaim);
+                    if (userClaim == null)
+                    {
+                        identityResource.AddUserClaim(inputClaim);
+                    }
+                }
+            }
 
-            if (!identityResource.Properties.ContainsKey(identityResourcePropertyGetByKey.Key))
+            if (await IsGrantAsync(AbpIdentityServerPermissions.IdentityResources.ManageProperties))
             {
-                throw new UserFriendlyException(L[AbpIdentityServerErrorConsts.IdentityResourcePropertyNotFound, identityResourcePropertyGetByKey.Key]);
+                // 删除不存在的Property
+                identityResource.Properties.RemoveAll(scope => !input.Properties.ContainsKey(scope.Key));
+                foreach (var inputProp in input.Properties)
+                {
+                    identityResource.Properties[inputProp.Key] = inputProp.Value;
+                }
             }
-            identityResource.Properties.Remove(identityResourcePropertyGetByKey.Key);
-            await IdentityResourceRepository.UpdateAsync(identityResource);
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Domain/LINGYUN/Abp/IdentityServer/ApiResources/IApiResourceRepository.cs

@@ -0,0 +1,11 @@
+using System.Collections.Generic;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace LINGYUN.Abp.IdentityServer.ApiResources
+{
+    public interface IApiResourceRepository : Volo.Abp.IdentityServer.ApiResources.IApiResourceRepository
+    {
+        Task<List<string>> GetNamesAsync(CancellationToken cancellationToken = default);
+    }
+}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Domain/LINGYUN/Abp/IdentityServer/Grants/IPersistentGrantRepository.cs

@@ -1,5 +1,4 @@
-using JetBrains.Annotations;
-using System.Collections.Generic;
+using System.Collections.Generic;
 using System.Threading;
 using System.Threading.Tasks;
 using Volo.Abp.IdentityServer.Grants;

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Domain/LINGYUN/Abp/IdentityServer/IdentityResources/IIdentityResourceRepository.cs

@@ -0,0 +1,11 @@
+using System.Collections.Generic;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace LINGYUN.Abp.IdentityServer.IdentityResources
+{
+    public interface IIdentityResourceRepository : Volo.Abp.IdentityServer.IdentityResources.IIdentityResourceRepository
+    {
+        Task<List<string>> GetNamesAsync(CancellationToken cancellationToken = default);
+    }
+}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.EntityFrameworkCore/LINGYUN/Abp/IdentityServer/ApiResources/EfCoreApiResourceRepository.cs

@@ -0,0 +1,35 @@
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading;
+using System.Threading.Tasks;
+using Volo.Abp.DependencyInjection;
+using Volo.Abp.EntityFrameworkCore;
+using Volo.Abp.IdentityServer.ApiResources;
+using Volo.Abp.IdentityServer.EntityFrameworkCore;
+
+namespace LINGYUN.Abp.IdentityServer.ApiResources
+{
+    [Dependency(ServiceLifetime.Transient)]
+    [ExposeServices(
+        typeof(IApiResourceRepository),
+        typeof(ApiResourceRepository),
+        typeof(Volo.Abp.IdentityServer.ApiResources.IApiResourceRepository))]
+    public class EfCoreApiResourceRepository : ApiResourceRepository, IApiResourceRepository
+    {
+        public EfCoreApiResourceRepository(
+            IDbContextProvider<IIdentityServerDbContext> dbContextProvider) 
+            : base(dbContextProvider)
+        {
+        }
+
+        public virtual async Task<List<string>> GetNamesAsync(CancellationToken cancellationToken = default)
+        {
+            return await DbSet
+                .Select(x => x.Name)
+                .Distinct()
+                .ToListAsync(GetCancellationToken(cancellationToken));
+        }
+    }
+}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.EntityFrameworkCore/LINGYUN/Abp/IdentityServer/IdentityResources/EfCoreIdentityResourceRepository.cs

@@ -0,0 +1,35 @@
+using Microsoft.EntityFrameworkCore;
+using Microsoft.Extensions.DependencyInjection;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading;
+using System.Threading.Tasks;
+using Volo.Abp.DependencyInjection;
+using Volo.Abp.EntityFrameworkCore;
+using Volo.Abp.IdentityServer.EntityFrameworkCore;
+using Volo.Abp.IdentityServer.IdentityResources;
+
+namespace LINGYUN.Abp.IdentityServer.IdentityResources
+{
+    [Dependency(ServiceLifetime.Transient)]
+    [ExposeServices(
+        typeof(IIdentityResourceRepository),
+        typeof(IdentityResourceRepository),
+        typeof(Volo.Abp.IdentityServer.IdentityResources.IIdentityResourceRepository))]
+    public class EfCoreIdentityResourceRepository : IdentityResourceRepository, IIdentityResourceRepository
+    {
+        public EfCoreIdentityResourceRepository(
+            IDbContextProvider<IIdentityServerDbContext> dbContextProvider) 
+            : base(dbContextProvider)
+        {
+        }
+
+        public virtual async Task<List<string>> GetNamesAsync(CancellationToken cancellationToken = default)
+        {
+            return await DbSet
+                   .Select(x => x.Name)
+                   .Distinct()
+                   .ToListAsync(GetCancellationToken(cancellationToken));
+        }
+    }
+}

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.HttpApi/LINGYUN/Abp/IdentityServer/AbpIdentityServerHttpApiModule.cs

@@ -1,5 +1,8 @@
-using Microsoft.Extensions.DependencyInjection;
+using Localization.Resources.AbpUi;
+using Microsoft.Extensions.DependencyInjection;
 using Volo.Abp.AspNetCore.Mvc;
+using Volo.Abp.IdentityServer.Localization;
+using Volo.Abp.Localization;
 using Volo.Abp.Modularity;
 
 namespace LINGYUN.Abp.IdentityServer
@@ -17,5 +20,15 @@ namespace LINGYUN.Abp.IdentityServer
                 mvcBuilder.AddApplicationPartIfNotExists(typeof(AbpIdentityServerHttpApiModule).Assembly);
             });
         }
+
+        public override void ConfigureServices(ServiceConfigurationContext context)
+        {
+            Configure<AbpLocalizationOptions>(options =>
+            {
+                options.Resources
+                    .Get<AbpIdentityServerResource>()
+                    .AddBaseTypes(typeof(AbpUiResource));
+            });
+        }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.HttpApi/LINGYUN/Abp/IdentityServer/ApiResources/ApiResourceController.cs

@@ -1,4 +1,5 @@
 using Microsoft.AspNetCore.Mvc;
+using System;
 using System.Threading.Tasks;
 using Volo.Abp;
 using Volo.Abp.Application.Dtos;
@@ -7,8 +8,8 @@ using Volo.Abp.AspNetCore.Mvc;
 namespace LINGYUN.Abp.IdentityServer.ApiResources
 {
     [RemoteService(Name = AbpIdentityServerConsts.RemoteServiceName)]
-    [Area("IdentityServer")]
-    [Route("api/IdentityServer/ApiResources")]
+    [Area("identity-server")]
+    [Route("api/identity-server/api-resources")]
     public class ApiResourceController : AbpController, IApiResourceAppService
     {
         protected IApiResourceAppService ApiResourceAppService { get; }
@@ -19,63 +20,36 @@ namespace LINGYUN.Abp.IdentityServer.ApiResources
         }
 
         [HttpGet]
-        [Route("{Id}")]
-        public virtual async Task<ApiResourceDto> GetAsync(ApiResourceGetByIdInputDto apiResourceGetById)
+        [Route("{id}")]
+        public virtual async Task<ApiResourceDto> GetAsync(Guid id)
         {
-            return await ApiResourceAppService.GetAsync(apiResourceGetById);
+            return await ApiResourceAppService.GetAsync(id);
         }
 
         [HttpGet]
-        public virtual async Task<PagedResultDto<ApiResourceDto>> GetAsync(ApiResourceGetByPagedInputDto apiResourceGetByPaged)
+        public virtual async Task<PagedResultDto<ApiResourceDto>> GetListAsync(ApiResourceGetByPagedInputDto input)
         {
-            return await ApiResourceAppService.GetAsync(apiResourceGetByPaged);
+            return await ApiResourceAppService.GetListAsync(input);
         }
 
         [HttpPost]
-        public virtual async Task<ApiResourceDto> CreateAsync(ApiResourceCreateDto apiResourceCreate)
+        public virtual async Task<ApiResourceDto> CreateAsync(ApiResourceCreateDto input)
         {
-            return await ApiResourceAppService.CreateAsync(apiResourceCreate);
+            return await ApiResourceAppService.CreateAsync(input);
         }
 
         [HttpPut]
-        public virtual async Task<ApiResourceDto> UpdateAsync(ApiResourceUpdateDto apiResourceUpdate)
+        [Route("{id}")]
+        public virtual async Task<ApiResourceDto> UpdateAsync(Guid id, ApiResourceUpdateDto input)
         {
-            return await ApiResourceAppService.UpdateAsync(apiResourceUpdate);
+            return await ApiResourceAppService.UpdateAsync(id, input);
         }
 
         [HttpDelete]
-        [Route("{Id}")]
-        public virtual async Task DeleteAsync(ApiResourceGetByIdInputDto apiResourceGetById)
+        [Route("{id}")]
+        public virtual async Task DeleteAsync(Guid id)
         {
-            await ApiResourceAppService.DeleteAsync(apiResourceGetById);
-        }
-
-        [HttpPost]
-        [Route("Secrets")]
-        public virtual async Task<ApiSecretDto> AddSecretAsync(ApiSecretCreateDto apiSecretCreate)
-        {
-            return await ApiResourceAppService.AddSecretAsync(apiSecretCreate);
-        }
-
-        [HttpDelete]
-        [Route("Secrets")]
-        public virtual async Task DeleteSecretAsync(ApiSecretGetByTypeInputDto apiSecretGetByType)
-        {
-            await ApiResourceAppService.DeleteSecretAsync(apiSecretGetByType);
-        }
-
-        [HttpPost]
-        [Route("Scopes")]
-        public virtual async Task<ApiScopeDto> AddScopeAsync(ApiScopeCreateDto apiScopeCreate)
-        {
-            return await ApiResourceAppService.AddScopeAsync(apiScopeCreate);
-        }
-
-        [HttpDelete]
-        [Route("Scopes")]
-        public virtual async Task DeleteScopeAsync(ApiScopeGetByNameInputDto apiScopeGetByName)
-        {
-            await ApiResourceAppService.DeleteScopeAsync(apiScopeGetByName);
+            await ApiResourceAppService.DeleteAsync(id);
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.HttpApi/LINGYUN/Abp/IdentityServer/Clients/ClientController.cs

@@ -1,4 +1,5 @@
 using Microsoft.AspNetCore.Mvc;
+using System;
 using System.Threading.Tasks;
 using Volo.Abp;
 using Volo.Abp.Application.Dtos;
@@ -7,8 +8,8 @@ using Volo.Abp.AspNetCore.Mvc;
 namespace LINGYUN.Abp.IdentityServer.Clients
 {
     [RemoteService(Name = AbpIdentityServerConsts.RemoteServiceName)]
-    [Area("IdentityServer")]
-    [Route("api/IdentityServer/Clients")]
+    [Area("identity-server")]
+    [Route("api/identity-server/clients")]
     public class ClientController : AbpController, IClientAppService
     {
         protected IClientAppService ClientAppService { get; }
@@ -18,105 +19,64 @@ namespace LINGYUN.Abp.IdentityServer.Clients
         }
 
         [HttpPost]
-        public virtual async Task<ClientDto> CreateAsync(ClientCreateDto clientCreate)
+        public virtual async Task<ClientDto> CreateAsync(ClientCreateDto input)
         {
-            return await ClientAppService.CreateAsync(clientCreate);
+            return await ClientAppService.CreateAsync(input);
         }
 
         [HttpDelete]
-        [Route("{Id}")]
-        public virtual async Task DeleteAsync(ClientGetByIdInputDto clientGetByIdInput)
+        [Route("{id}")]
+        public virtual async Task DeleteAsync(Guid id)
         {
-            await ClientAppService.DeleteAsync(clientGetByIdInput);
+            await ClientAppService.DeleteAsync(id);
         }
 
         [HttpGet]
-        [Route("{Id}")]
-        public virtual async Task<ClientDto> GetAsync(ClientGetByIdInputDto clientGetById)
+        [Route("{id}")]
+        public virtual async Task<ClientDto> GetAsync(Guid id)
         {
-            return await ClientAppService.GetAsync(clientGetById);
+            return await ClientAppService.GetAsync(id);
         }
 
         [HttpGet]
-        public virtual async Task<PagedResultDto<ClientDto>> GetAsync(ClientGetByPagedInputDto clientGetByPaged)
+        public virtual async Task<PagedResultDto<ClientDto>> GetListAsync(ClientGetByPagedDto input)
         {
-            return await ClientAppService.GetAsync(clientGetByPaged);
+            return await ClientAppService.GetListAsync(input);
         }
 
         [HttpPut]
-        public virtual async Task<ClientDto> UpdateAsync(ClientUpdateInputDto clientUpdateInput)
+        [Route("{id}")]
+        public virtual async Task<ClientDto> UpdateAsync(Guid id, ClientUpdateDto input)
         {
-            return await ClientAppService.UpdateAsync(clientUpdateInput);
+            return await ClientAppService.UpdateAsync(id, input);
         }
 
         [HttpPost]
-        [Route("Clone")]
-        public virtual async Task<ClientDto> CloneAsync(ClientCloneInputDto clientCloneInput)
+        [Route("{id}/clone")]
+        public virtual async Task<ClientDto> CloneAsync(Guid id, ClientCloneDto input)
         {
-            return await ClientAppService.CloneAsync(clientCloneInput);
+            return await ClientAppService.CloneAsync(id, input);
         }
 
-        [HttpPost]
-        [Route("Claims")]
-        public virtual async Task<ClientClaimDto> AddClaimAsync(ClientClaimCreateDto clientClaimCreate)
-        {
-            return await ClientAppService.AddClaimAsync(clientClaimCreate);
-        }
-
-        [HttpPut]
-        [Route("Claims")]
-        public virtual async Task<ClientClaimDto> UpdateClaimAsync(ClientClaimUpdateDto clientClaimUpdate)
-        {
-            return await ClientAppService.UpdateClaimAsync(clientClaimUpdate);
-        }
-
-        [HttpDelete]
-        [Route("Claims")]
-        public virtual async Task DeleteClaimAsync(ClientClaimGetByKeyInputDto clientClaimGetByKey)
-        {
-            await ClientAppService.DeleteClaimAsync(clientClaimGetByKey);
-        }
-
-        [HttpPost]
-        [Route("Properties")]
-        public virtual async Task<ClientPropertyDto> AddPropertyAsync(ClientPropertyCreateDto clientPropertyCreate)
-        {
-            return await ClientAppService.AddPropertyAsync(clientPropertyCreate);
-        }
-
-        [HttpPut]
-        [Route("Properties")]
-        public virtual async Task<ClientPropertyDto> UpdatePropertyAsync(ClientPropertyUpdateDto clientPropertyUpdate)
-        {
-            return await ClientAppService.UpdatePropertyAsync(clientPropertyUpdate);
-        }
-
-        [HttpDelete]
-        [Route("Properties")]
-        public virtual async Task DeletePropertyAsync(ClientPropertyGetByKeyDto clientPropertyGetByKey)
-        {
-            await ClientAppService.DeletePropertyAsync(clientPropertyGetByKey);
-        }
-
-        [HttpPost]
-        [Route("Secrets")]
-        public virtual async Task<ClientSecretDto> AddSecretAsync(ClientSecretCreateDto clientSecretCreate)
+        [HttpGet]
+        [Route("assignable-api-resources")]
+        public virtual async Task<ListResultDto<string>> GetAssignableApiResourcesAsync()
         {
-            return await ClientAppService.AddSecretAsync(clientSecretCreate);
+            return await ClientAppService.GetAssignableApiResourcesAsync();
         }
 
-        [HttpDelete]
-        [Route("Secrets")]
-        public virtual async Task DeleteSecretAsync(ClientSecretGetByTypeDto clientSecretGetByType)
+        [HttpGet]
+        [Route("assignable-identity-resources")]
+        public virtual async Task<ListResultDto<string>> GetAssignableIdentityResourcesAsync()
         {
-            await ClientAppService.DeleteSecretAsync(clientSecretGetByType);
+            return await ClientAppService.GetAssignableIdentityResourcesAsync();
         }
 
-        [HttpPut]
-        [Route("Secrets")]
-        public virtual async Task<ClientSecretDto> UpdateSecretAsync(ClientSecretUpdateDto clientSecretUpdate)
+        [HttpGet]
+        [Route("distinct-cors-origins")]
+        public virtual async Task<ListResultDto<string>> GetAllDistinctAllowedCorsOriginsAsync()
         {
-            return await ClientAppService.UpdateSecretAsync(clientSecretUpdate);
+            return await ClientAppService.GetAllDistinctAllowedCorsOriginsAsync();
         }
     }
 }

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.HttpApi/LINGYUN/Abp/IdentityServer/IdentityResources/IdentityResourceController.cs

@@ -1,4 +1,5 @@
 using Microsoft.AspNetCore.Mvc;
+using System;
 using System.Threading.Tasks;
 using Volo.Abp;
 using Volo.Abp.Application.Dtos;
@@ -7,8 +8,8 @@ using Volo.Abp.AspNetCore.Mvc;
 namespace LINGYUN.Abp.IdentityServer.IdentityResources
 {
     [RemoteService(Name = AbpIdentityServerConsts.RemoteServiceName)]
-    [Area("IdentityServer")]
-    [Route("api/IdentityServer/IdentityResources")]
+    [Area("identity-server")]
+    [Route("api/identity-server/identity-resources")]
     public class IdentityResourceController : AbpController, IIdentityResourceAppService
     {
         protected IIdentityResourceAppService IdentityResourceAppService { get; }
@@ -19,48 +20,36 @@ namespace LINGYUN.Abp.IdentityServer.IdentityResources
         }
 
         [HttpGet]
-        [Route("{Id}")]
-        public virtual async Task<IdentityResourceDto> GetAsync(IdentityResourceGetByIdInputDto identityResourceGetById)
+        [Route("{id}")]
+        public virtual async Task<IdentityResourceDto> GetAsync(Guid id)
         {
-            return await IdentityResourceAppService.GetAsync(identityResourceGetById);
+            return await IdentityResourceAppService.GetAsync(id);
         }
 
         [HttpGet]
-        public virtual async Task<PagedResultDto<IdentityResourceDto>> GetAsync(IdentityResourceGetByPagedInputDto identityResourceGetByPaged)
+        public virtual async Task<PagedResultDto<IdentityResourceDto>> GetListAsync(IdentityResourceGetByPagedDto input)
         {
-            return await IdentityResourceAppService.GetAsync(identityResourceGetByPaged);
+            return await IdentityResourceAppService.GetListAsync(input);
         }
 
         [HttpPost]
-        public virtual async Task<IdentityResourceDto> CreateAsync(IdentityResourceCreateDto identityResourceCreate)
+        public virtual async Task<IdentityResourceDto> CreateAsync(IdentityResourceCreateOrUpdateDto input)
         {
-            return await IdentityResourceAppService.CreateAsync(identityResourceCreate);
+            return await IdentityResourceAppService.CreateAsync(input);
         }
 
         [HttpPut]
-        public virtual async Task<IdentityResourceDto> UpdateAsync(IdentityResourceUpdateDto identityResourceUpdate)
+        [Route("{id}")]
+        public virtual async Task<IdentityResourceDto> UpdateAsync(Guid id, IdentityResourceCreateOrUpdateDto input)
         {
-            return await IdentityResourceAppService.UpdateAsync(identityResourceUpdate);
+            return await IdentityResourceAppService.UpdateAsync(id, input);
         }
 
         [HttpDelete]
-        public virtual async Task DeleteAsync(IdentityResourceGetByIdInputDto identityResourceGetById)
+        [Route("{id}")]
+        public virtual async Task DeleteAsync(Guid id)
         {
-            await IdentityResourceAppService.DeleteAsync(identityResourceGetById);
-        }
-
-        [HttpPost]
-        [Route("Properties")]
-        public virtual async Task<IdentityResourcePropertyDto> AddPropertyAsync(IdentityResourcePropertyCreateDto identityResourcePropertyCreate)
-        {
-            return await IdentityResourceAppService.AddPropertyAsync(identityResourcePropertyCreate);
-        }
-
-        [HttpDelete]
-        [Route("Properties")]
-        public virtual async Task DeletePropertyAsync(IdentityResourcePropertyGetByKeyDto identityResourcePropertyGetByKey)
-        {
-            await IdentityResourceAppService.DeletePropertyAsync(identityResourcePropertyGetByKey);
+            await IdentityResourceAppService.DeleteAsync(id);
         }
     }
 }

aspnet-core/services/identity-server/LINGYUN.Abp.IdentityServer4.HttpApi.Host/AbpIdentityServerAdminHttpApiHostModule.cs

@@ -55,11 +55,11 @@ namespace LINGYUN.Abp.IdentityServer4
         typeof(LINGYUN.Abp.Account.AbpAccountHttpApiModule),
         typeof(LINGYUN.Abp.IdentityServer.AbpIdentityServerApplicationModule),
         typeof(LINGYUN.Abp.IdentityServer.AbpIdentityServerHttpApiModule),
+        typeof(LINGYUN.Abp.Identity.EntityFrameworkCore.AbpIdentityEntityFrameworkCoreModule),
+        typeof(LINGYUN.Abp.IdentityServer.EntityFrameworkCore.AbpIdentityServerEntityFrameworkCoreModule),
         typeof(AbpAccountApplicationModule),
         typeof(AbpAccountHttpApiModule),
         typeof(AbpEntityFrameworkCoreMySQLModule),
-        typeof(LINGYUN.Abp.Identity.EntityFrameworkCore.AbpIdentityEntityFrameworkCoreModule),
-        typeof(AbpIdentityServerEntityFrameworkCoreModule),
         typeof(AbpAuditLoggingEntityFrameworkCoreModule),
         typeof(AbpTenantManagementEntityFrameworkCoreModule),
         typeof(AbpSettingManagementEntityFrameworkCoreModule),
@@ -177,12 +177,6 @@ namespace LINGYUN.Abp.IdentityServer4
             Configure<RedisCacheOptions>(options =>
             {
                 var redisConfig = ConfigurationOptions.Parse(options.Configuration);
-                // 单独一个缓存数据库
-                var databaseConfig = configuration.GetSection("Redis:DefaultDatabase");
-                if (databaseConfig.Exists())
-                {
-                    redisConfig.DefaultDatabase = databaseConfig.Get<int>();
-                }
                 options.ConfigurationOptions = redisConfig;
                 options.InstanceName = configuration["Redis:InstanceName"];
             });

vueJs/src/api/abpconfiguration.ts

@@ -18,19 +18,19 @@ export default class AbpConfigurationService {
 /** 授权 */
 export class Auth {
   /** 权限集合 */
-  policies?: { [key: string]: boolean}
+  policies?: { [key: string]: boolean} = {}
   /** 已授权集合 */
-  grantedPolicies?: { [key: string]: boolean}
+  grantedPolicies?: { [key: string]: boolean} = {}
 }
 
 /** 当前租户 */
 export class CurrentTenant {
   /** 标识 */
-  id?: string
+  id? = ''
   /** 名称 */
-  name?: string
+  name? = ''
   /** 是否可用 */
-  isAvailable!: boolean
+  isAvailable = false
 
   public clear() {
     this.id = ''
@@ -42,101 +42,101 @@ export class CurrentTenant {
 /** 当前用户 */
 export class CurrentUser {
   /** 标识 */
-  id?: string
+  id? = ''
   /** 邮件地址 */
-  email?: string
+  email? = ''
   /** 邮件已验证 */
-  emailVerified!: boolean
+  emailVerified = false
   /** 手机号 */
-  phoneNumber?: string
+  phoneNumber? = ''
   /** 手机号已验证 */
-  phoneNumberVerified!: boolean
+  phoneNumberVerified = false
   /** 名称 */
-  name?: string
+  name? = ''
   /** 简称 */
-  surName?: string
+  surName? = ''
   /** 用户名 */
-  userName?: string
+  userName? = ''
   /** 所属租户 */
-  tenantId?: string
+  tenantId? = ''
   /** 是否已认证 */
-  isAuthenticated!: boolean
+  isAuthenticated = false
   /** 所属角色列表 */
-  roles!: string[]
+  roles = new Array<string>()
 }
 
 /** 功能 */
 export class Feature {
   /** 功能集合 */
-  values?: { [key: string]: string}
+  values?: { [key: string]: string} = {}
 }
 
 /** 时区转换 */
 export class DateTimeFormat {
   /** 日历算法 */
-  calendarAlgorithmType!: string
+  calendarAlgorithmType = ''
   /** 日期分隔符 */
-  dateSeparator!: string
+  dateSeparator = ''
   /** 日期时间格式 */
-  dateTimeFormatLong!: string
+  dateTimeFormatLong = ''
   /** 完整日期时间格式 */
-  fullDateTimePattern!: string
+  fullDateTimePattern = ''
   /** 长时间格式 */
-  longTimePattern!: string
+  longTimePattern = ''
   /** 短日期格式 */
-  shortDatePattern!: string
+  shortDatePattern = ''
   /** 短时间格式 */
-  shortTimePattern!: string
+  shortTimePattern = ''
 }
 
 /** 当前区域信息 */
 export class CurrentCulture {
   /** 本地化名称 */
-  cultureName!: string
+  cultureName = ''
   /** 显示名称 */
-  displayName!: string
+  displayName = ''
   /** 英文名称 */
-  englishName!: string
+  englishName = ''
   /** 是否从右到左 */
-  isRightToLeft!: boolean
+  isRightToLeft = false
   /** 名称 */
-  name!: string
+  name = ''
   /** 本地名称 */
-  nativeName!: string
+  nativeName = ''
   /** 三个字母的ISO名称 */
-  threeLetterIsoLanguageName!: string
+  threeLetterIsoLanguageName = ''
   /** 两个字母的ISO名称 */
-  twoLetterIsoLanguageName!: string
+  twoLetterIsoLanguageName = ''
   /** 日期时间格式 */
-  dateTimeFormat!: DateTimeFormat
+  dateTimeFormat = new DateTimeFormat()
 }
 
 /** 语言 */
 export class Language {
   /** 本地化名称 */
-  cultureName!: string
+  cultureName = ''
   /** 显示名称 */
-  displayName!: string
+  displayName = ''
   /** 图标 */
-  flagIcon?: string
+  flagIcon = ''
   /** 用户界面本地化名称 */
-  uiCultureName!: string
+  uiCultureName = ''
 }
 
 /** 本地化 */
 export class Localization {
   /** 当前区域 */
-  currentCulture!: CurrentCulture
+  currentCulture = new CurrentCulture()
   /** 默认本地化资源名称 */
-  defaultResourceName?: string
+  defaultResourceName = ''
   /** 支持的语言列表 */
-  languages!: Language[]
+  languages = new Array<Language>()
   /** 本地化资源集合 */
-  values!: {[key: string]: {[key: string]: string}}
+  values: {[key: string]: {[key: string]: string}} = {}
   /** 语言映射集合 */
-  languagesMap?: {[key: string]: INameValue<string>[]}
+  languagesMap: {[key: string]: INameValue<string>[]} = {}
   /** 语言文档映射集合 */
-  languageFilesMap?: {[key: string]: INameValue<string>[]}
+  languageFilesMap: {[key: string]: INameValue<string>[]} = {}
 }
 
 /** 多租户配置 */
@@ -148,7 +148,7 @@ export class MultiTenancy {
 /** 全局设置 */
 export class Setting {
   /** 设置集合 */
-  values?: {[key: string]: any}
+  values: {[key: string]: any} = {}
 }
 
 /** 实体查询属性扩展 */
@@ -166,11 +166,11 @@ export class ExtensionPropertyApiUpdate extends Available {
 /** 实体属性api定义 */
 export class ExtensionPropertyApi {
   /** 查询时 */
-  onGet!: ExtensionPropertyApiGet
+  onGet = new ExtensionPropertyApiGet()
   /** 创建时 */
-  onCreate!: ExtensionPropertyApiCreate
+  onCreate = new ExtensionPropertyApiCreate()
   /** 更新时 */
-  onUpdate!: ExtensionPropertyApiUpdate
+  onUpdate = new ExtensionPropertyApiUpdate()
 }
 
 export class ExtensionPropertyUiTable extends Available {
@@ -180,55 +180,55 @@ export class ExtensionPropertyUiForm extends Available {
 }
 
 export class ExtensionPropertyUi {
-  onTable!: ExtensionPropertyUiTable
-  onCreateForm!: ExtensionPropertyUiForm
-  onEditForm!: ExtensionPropertyUiForm
+  onTable = new ExtensionPropertyUiTable()
+  onCreateForm = new ExtensionPropertyUiForm()
+  onEditForm = new ExtensionPropertyUiForm()
 }
 
 export class LocalizableString {
-  name!: string
-  resource?: string
+  name = ''
+  resource = ''
 }
 
 export class ExtensionPropertyAttribute {
-  typeSimple?: string
-  config?: {[key: string]: any}
+  typeSimple = ''
+  config: {[key: string]: any} = {}
 }
 
 export class ExtensionProperty {
-  type!: string
-  typeSimple!: string
-  displayName?: LocalizableString
-  api!: ExtensionPropertyApi
-  ui!: ExtensionPropertyUi
-  attributes!: ExtensionPropertyAttribute[]
-  configuration!: {[key: string]: any}
-  defaultValue!: any
+  type = ''
+  typeSimple = ''
+  displayName = new LocalizableString()
+  api = new ExtensionPropertyApi()
+  ui = new ExtensionPropertyUi()
+  attributes = new Array<ExtensionPropertyAttribute>()
+  configuration: {[key: string]: any} = {}
+  defaultValue: any = ''
 }
 
 export class EntityExtension {
-  properties!: {[key: string]: ExtensionProperty}
-  configuration!: {[key: string]: any}
+  properties: {[key: string]: ExtensionProperty} = {}
+  configuration: {[key: string]: any} = {}
 }
 
 export class ModuleExtension {
-  entities!: {[key: string]: EntityExtension}
-  configuration!: {[key: string]: any}
+  entities: {[key: string]: EntityExtension} = {}
+  configuration: {[key: string]: any} = {}
 }
 
 export class ExtensionEnumField {
-  name!: string
-  value!: any
+  name = ''
+  value: any = ''
 }
 
 export class ExtensionEnum {
-  fields!: ExtensionEnumField[]
-  localizationResource!: string
+  fields = new Array<ExtensionEnumField>()
+  localizationResource = ''
 }
 
 export class ObjectExtension {
-  modules!: {[key: string]: ModuleExtension}
-  enums!: {[key: string]: ExtensionEnum}
+  modules: {[key: string]: ModuleExtension} = {}
+  enums: {[key: string]: ExtensionEnum} = {}
 }
 
 /** abp框架信息 */
@@ -254,25 +254,14 @@ export interface IAbpConfiguration {
 }
 
 export class AbpConfiguration implements IAbpConfiguration {
-  auth!: Auth
-  currentTenant!: CurrentTenant
-  currentUser!: CurrentUser
-  features!: Feature
-  localization!: Localization
-  multiTenancy!: MultiTenancy
-  objectExtensions!: ObjectExtension
-  setting!: Setting
-
-  constructor() {
-    this.auth = new Auth()
-    this.setting = new Setting()
-    this.features = new Feature()
-    this.currentUser = new CurrentUser()
-    this.localization = new Localization()
-    this.multiTenancy = new MultiTenancy()
-    this.currentTenant = new CurrentTenant()
-    this.objectExtensions = new ObjectExtension()
-  }
+  auth = new Auth()
+  currentTenant = new CurrentTenant()
+  currentUser = new CurrentUser()
+  features = new Feature()
+  localization = new Localization()
+  multiTenancy = new MultiTenancy()
+  objectExtensions = new ObjectExtension()
+  setting = new Setting()
 
   public getSetting(key: string) {
     if (this.setting.values && this.setting.values[key]) {

vueJs/src/api/api-resources.ts

@@ -0,0 +1,107 @@
+import ApiService from './serviceBase'
+import { FullAuditedEntityDto, PagedAndSortedResultRequestDto, PagedResultDto, SecretBase } from './types'
+
+const sourceUrl = '/api/identity-server/api-resources'
+const serviceUrl = process.env.VUE_APP_BASE_API
+
+export default class ApiResourceService {
+  /**
+   * 获取Api资源
+   * @param id Api资源标识
+   */
+  public static getApiResourceById(id: string) {
+    const _url = sourceUrl + '/' + id
+    return ApiService.Get<ApiResource>(_url, serviceUrl)
+  }
+
+  /**
+   * 获取Api资源列表
+   * @param payload 查询参数
+   */
+  public static getApiResources(payload: ApiResourceGetByPaged) {
+    let _url = sourceUrl + '?filter=' + payload.filter
+    _url += '&sorting=' + payload.sorting
+    _url += '&skipCount=' + payload.skipCount
+    _url += '&maxResultCount=' + payload.maxResultCount
+    return ApiService.Get<PagedResultDto<ApiResource>>(_url, serviceUrl)
+  }
+
+  /**
+   * 创建Api资源
+   * @param payload api资源参数
+   */
+  public static createApiResource(payload: ApiResourceCreate) {
+    return ApiService.Post<ApiResource>(sourceUrl, payload, serviceUrl)
+  }
+
+  /**
+   * 变更Api资源
+   * @param payload api资源参数
+   */
+  public static updateApiResource(id: string, payload: ApiResourceUpdate) {
+    const _url = sourceUrl + '/' + id
+    return ApiService.Put<ApiResource>(_url, payload, serviceUrl)
+  }
+
+  /**
+   * 删除Api资源
+   * @param id Api资源标识
+   */
+  public static deleteApiResource(id: string) {
+    const _url = sourceUrl + '/' + id
+    return ApiService.Delete(_url, serviceUrl)
+  }
+}
+
+export enum HashType {
+  Sha256,
+  Sha512
+}
+
+export class ApiScope {
+  name = ''
+  displayName?: string = ''
+  description?: string = ''
+  required = false
+  emphasize = false
+  showInDiscoveryDocument = true
+  userClaims = new Array<string>()
+}
+
+export class ApiSecret extends SecretBase {}
+
+export class ApiSecretCreateOrUpdate extends SecretBase {
+  hashType = HashType.Sha256
+}
+
+export class ApiResourceCreateOrUpdate {
+  displayName?: string = ''
+  description?: string = ''
+  enabled = true
+  userClaims = new Array<string>()
+  scopes = new Array<ApiScope>()
+  secrets = new Array<ApiSecretCreateOrUpdate>()
+  properties: {[key: string]: string} = {}
+}
+
+export class ApiResourceCreate extends ApiResourceCreateOrUpdate {
+  name = ''
+}
+
+export class ApiResourceUpdate extends ApiResourceCreateOrUpdate {}
+
+export class ApiResource extends FullAuditedEntityDto {
+  id!: string
+  name!: string
+  displayName?: string
+  description?: string
+  enabled!: boolean
+  userClaims = new Array<string>()
+  scopes = new Array<ApiScope>()
+  secrets = new Array<ApiSecretCreateOrUpdate>()
+  properties: {[key: string]: string} = {}
+}
+
+export class ApiResourceGetByPaged extends PagedAndSortedResultRequestDto {
+  filter = ''
+}

vueJs/src/api/apiresources.ts

@@ -1,279 +0,0 @@
-import ApiService from './serviceBase'
-import { FullAuditedEntityDto, PagedAndSortedResultRequestDto, PagedResultDto } from './types'
-
-const serviceUrl = process.env.VUE_APP_BASE_API
-
-export default class ApiResourceService {
-  /**
-   * 获取Api资源
-   * @param id Api资源标识
-   */
-  public static getApiResourceById(id: string) {
-    let _url = '/api/IdentityServer/ApiResources/'
-    _url += id
-    return ApiService.Get<ApiResource>(_url, serviceUrl)
-  }
-
-  /**
-   * 获取Api资源列表
-   * @param payload 查询参数
-   */
-  public static getApiResources(payload: ApiResourceGetByPaged) {
-    let _url = '/api/IdentityServer/ApiResources'
-    _url += '?filter=' + payload.filter
-    _url += '&sorting=' + payload.sorting
-    _url += '&skipCount=' + payload.skipCount
-    _url += '&maxResultCount=' + payload.maxResultCount
-    return ApiService.Get<PagedResultDto<ApiResource>>(_url, serviceUrl)
-  }
-
-  /**
-   * 创建Api资源
-   * @param payload api资源参数
-   */
-  public static createApiResource(payload: ApiResourceCreate) {
-    const _url = '/api/IdentityServer/ApiResources'
-    return ApiService.Post<ApiResource>(_url, payload, serviceUrl)
-  }
-
-  /**
-   * 变更Api资源
-   * @param payload api资源参数
-   */
-  public static updateApiResource(payload: ApiResourceUpdate) {
-    const _url = '/api/IdentityServer/ApiResources'
-    return ApiService.Put<ApiResource>(_url, payload, serviceUrl)
-  }
-
-  /**
-   * 删除Api资源
-   * @param id Api资源标识
-   */
-  public static deleteApiResource(id: string) {
-    let _url = '/api/IdentityServer/ApiResources/'
-    _url += id
-    return ApiService.Delete(_url, serviceUrl)
-  }
-
-  /**
-   * 增加Api密钥
-   * @param payload Api密钥参数
-   */
-  public static addApiSecret(payload: ApiSecretCreate) {
-    const _url = '/api/IdentityServer/ApiResources/Secrets'
-    return ApiService.Post<ApiSecret>(_url, payload, serviceUrl)
-  }
-
-  /**
-   * 删除Api密钥
-   * @param apiResourceId 资源标识
-   * @param type 密钥类型
-   * @param value 密钥值
-   */
-  public static deleteApiSecret(apiResourceId: string, type: string, value: string) {
-    let _url = '/api/IdentityServer/ApiResources/Secrets/'
-    _url += '?apiResourceId=' + apiResourceId
-    _url += '&type=' + type
-    _url += '&value=' + value
-    return ApiService.Delete(_url, serviceUrl)
-  }
-
-  /**
-   * 增加Api授权范围
-   * @param payload api授权范围参数
-   */
-  public static addApiScope(payload: ApiScopeCreate) {
-    const _url = '/api/IdentityServer/ApiResources/Scopes'
-    return ApiService.Post<ApiScope>(_url, payload, serviceUrl)
-  }
-
-  /**
-   * 删除Api授权范围
-   * @param apiResourceId api资源标识
-   * @param name 授权范围名称
-   */
-  public static deleteApiScope(apiResourceId: string, name: string) {
-    let _url = '/api/IdentityServer/ApiResources/Scopes'
-    _url += '?apiResourceId=' + apiResourceId
-    _url += '&name=' + name
-    return ApiService.Delete(_url, serviceUrl)
-  }
-}
-
-export enum HashType {
-  Sha256,
-  Sha512
-}
-
-export class ApiSecret {
-  type!: string
-  value!: string
-  hashType?: HashType
-  description?: string
-  expiration?: Date
-}
-
-export class ApiScopeClaim {
-  type!: string
-}
-
-export class ApiResourceClaim {
-  type!: string
-}
-
-export class ApiScope {
-  name!: string
-  displayName?: string
-  description?: string
-  required!: boolean
-  emphasize!: boolean
-  showInDiscoveryDocument!: boolean
-  userClaims: ApiScopeClaim[]
-
-  constructor() {
-    this.userClaims = new Array<ApiScopeClaim>()
-  }
-}
-
-export class ApiScopeCreate {
-  apiResourceId!: string
-  name!: string
-  displayName?: string
-  description?: string
-  required!: boolean
-  emphasize!: boolean
-  showInDiscoveryDocument!: boolean
-  userClaims: ApiScopeClaim[]
-
-  constructor() {
-    this.apiResourceId = ''
-    this.name = ''
-    this.displayName = ''
-    this.description = ''
-    this.required = false
-    this.emphasize = false
-    this.showInDiscoveryDocument = false
-    this.userClaims = new Array<ApiScopeClaim>()
-  }
-
-  public static empty() {
-    return new ApiScopeCreate()
-  }
-}
-
-export class ApiSecretCreate {
-  apiResourceId!: string
-  type!: string
-  value!: string
-  hashType?: HashType
-  description?: string
-  expiration?: Date
-
-  constructor() {
-    this.type = 'SharedSecret'
-    this.value = ''
-    this.hashType = HashType.Sha256
-    this.description = ''
-    this.expiration = undefined
-  }
-
-  public static empty() {
-    return new ApiSecretCreate()
-  }
-}
-
-export class ApiResourceCreate {
-  name!: string
-  displayName?: string
-  description?: string
-  enabled!: boolean
-  userClaims!: ApiResourceClaim[]
-
-  constructor() {
-    this.name = ''
-    this.displayName = ''
-    this.description = ''
-    this.enabled = true
-    this.userClaims = new Array<ApiResourceClaim>()
-  }
-
-  public static empty() {
-    return new ApiResourceCreate()
-  }
-
-  public static create(apiResource: ApiResource) {
-    const resource = ApiResourceCreate.empty()
-    resource.name = apiResource.name
-    resource.displayName = apiResource.displayName
-    resource.description = apiResource.description
-    resource.enabled = apiResource.enabled
-    resource.userClaims = apiResource.userClaims
-    return resource
-  }
-}
-
-export class ApiResourceUpdate {
-  id!: string
-  displayName?: string
-  description?: string
-  enabled!: boolean
-  userClaims!: ApiResourceClaim[]
-
-  constructor() {
-    this.id = ''
-    this.displayName = ''
-    this.description = ''
-    this.enabled = true
-    this.userClaims = new Array<ApiResourceClaim>()
-  }
-
-  public static empty() {
-    return new ApiResourceUpdate()
-  }
-
-  public static create(apiResource: ApiResource) {
-    const resource = ApiResourceUpdate.empty()
-    resource.id = apiResource.id
-    resource.displayName = apiResource.displayName
-    resource.description = apiResource.description
-    resource.enabled = apiResource.enabled
-    resource.userClaims = apiResource.userClaims
-    return resource
-  }
-}
-
-export class ApiResource extends FullAuditedEntityDto {
-  id!: string
-  name!: string
-  displayName?: string
-  description?: string
-  enabled!: boolean
-  secrets!: ApiSecret[]
-  scopes!: ApiScope[]
-  userClaims!: ApiResourceClaim[]
-
-  constructor() {
-    super()
-    this.id = ''
-    this.name = ''
-    this.displayName = ''
-    this.description = ''
-    this.enabled = true
-    this.scopes = new Array<ApiScope>()
-    this.secrets = new Array<ApiSecret>()
-    this.userClaims = new Array<ApiResourceClaim>()
-  }
-
-  public static empty() {
-    return new ApiResource()
-  }
-}
-
-export class ApiResourceGetByPaged extends PagedAndSortedResultRequestDto {
-  filter!: string
-
-  constructor() {
-    super()
-    this.filter = ''
-  }
-}

vueJs/src/api/clients.ts

@@ -1,18 +1,17 @@
 import ApiService from './serviceBase'
-import { FullAuditedEntityDto, PagedAndSortedResultRequestDto, PagedResultDto } from './types'
+import { FullAuditedEntityDto, PagedAndSortedResultRequestDto, ListResultDto, PagedResultDto, SecretBase, Claim } from './types'
 
+const sourceUrl = '/api/identity-server/clients'
 const serviceUrl = process.env.VUE_APP_BASE_API
 
 export default class ClientService {
   public static getClientById(id: string) {
-    let _url = '/api/IdentityServer/Clients/'
-    _url += id
+    const _url = sourceUrl + '/' + id
     return ApiService.Get<Client>(_url, serviceUrl)
   }
 
   public static getClients(payload: ClientGetByPaged) {
-    let _url = '/api/IdentityServer/Clients'
-    _url += '?filter=' + payload.filter
+    let _url = sourceUrl + '?filter=' + payload.filter
     _url += '&sorting=' + payload.sorting
     _url += '&skipCount=' + payload.skipCount
     _url += '&maxResultCount=' + payload.maxResultCount
@@ -20,144 +19,56 @@ export default class ClientService {
   }
 
   public static createClient(payload: ClientCreate) {
-    const _url = '/api/IdentityServer/Clients'
-    return ApiService.Post<Client>(_url, payload, serviceUrl)
+    return ApiService.Post<Client>(sourceUrl, payload, serviceUrl)
   }
 
-  public static cloneClient(payload: ClientClone) {
-    const _url = '/api/IdentityServer/Clients/Clone'
+  public static cloneClient(id: string, payload: ClientClone) {
+    const _url = sourceUrl + '/' + id + '/clone'
     return ApiService.Post<Client>(_url, payload, serviceUrl)
   }
 
-  public static updateClient(payload: ClientUpdate) {
-    const _url = '/api/IdentityServer/Clients'
+  public static updateClient(id: string, payload: ClientUpdate) {
+    const _url = sourceUrl + '/' + id
     return ApiService.Put<Client>(_url, payload, serviceUrl)
   }
 
   public static deleteClient(id: string) {
-    const _url = '/api/IdentityServer/Clients/' + id
-    return ApiService.Delete(_url, serviceUrl)
-  }
-
-  public static addClientSecret(payload: ClientSecretCreate) {
-    const _url = '/api/IdentityServer/Clients/Secrets'
-    return ApiService.Post<ClientSecret>(_url, payload, serviceUrl)
-  }
-
-  public static deleteClientSecret(clientId: string, type: string, value: string) {
-    let _url = '/api/IdentityServer/Clients/Secrets'
-    _url += '?clientId=' + clientId
-    _url += '&type=' + type
-    _url += '&value=' + value
+    const _url = sourceUrl + '/' + id
     return ApiService.Delete(_url, serviceUrl)
   }
 
-  public static addClientProperty(payload: ClientPropertyCreate) {
-    const _url = '/api/IdentityServer/Clients/Properties'
-    return ApiService.Post<ClientProperty>(_url, payload, serviceUrl)
-  }
-
-  public static deleteClientProperty(clientId: string, key: string, value: string) {
-    let _url = '/api/IdentityServer/Clients/Properties'
-    _url += '?clientId=' + clientId
-    _url += '&key=' + key
-    _url += '&value=' + value
-    return ApiService.Delete(_url, serviceUrl)
+  public static getAssignableApiResources() {
+    const _url = sourceUrl + '/assignable-api-resources'
+    return ApiService.Get<ListResultDto<string>>(_url, serviceUrl)
   }
 
-  public static addClientClaim(payload: ClientClaimCreate) {
-    const _url = '/api/IdentityServer/Clients/Claims'
-    return ApiService.Post<ClientClaim>(_url, payload, serviceUrl)
+  public static getAssignableIdentityResources() {
+    const _url = sourceUrl + '/assignable-identity-resources'
+    return ApiService.Get<ListResultDto<string>>(_url, serviceUrl)
   }
 
-  public static deleteClientClaim(clientId: string, type: string, value: string) {
-    let _url = '/api/IdentityServer/Clients/Claims'
-    _url += '?clientId=' + clientId
-    _url += '&type=' + type
-    _url += '&value=' + value
-    return ApiService.Delete(_url, serviceUrl)
+  public static getAllDistinctAllowedCorsOrigins() {
+    const _url = sourceUrl + '/distinct-cors-origins'
+    return ApiService.Get<ListResultDto<string>>(_url, serviceUrl)
   }
 }
 
-export class ClientGetByPaged extends PagedAndSortedResultRequestDto {
-  filter = ''
-}
-
 export enum HashType {
-  Sha256,
-  Sha512
+  Sha256 = 0,
+	Sha512 = 1
 }
 
-export class ClientSecret {
-  type = ''
-  value = ''
+export class SecretCreateOrUpdate extends SecretBase {
   hashType = HashType.Sha256
-  description? = ''
-  expiration? = undefined
-}
-
-export class ClientRedirectUri {
-  redirectUri = ''
-}
-
-export class ClientClaim {
-  type = ''
-  value = ''
-}
-
-export class ClientCorsOrigin {
-  origin = ''
-}
-
-export class ClientGrantType {
-  grantType = ''
-}
-
-export class ClientIdPRestriction {
-  provider = ''
-}
-
-export class ClientPostLogoutRedirectUri {
-  postLogoutRedirectUri = ''
-}
-
-export class ClientProperty {
-  key = ''
-  value = ''
-}
-
-export class ClientScope {
-  scope = ''
 }
 
-export class ClientSecretCreate extends ClientSecret {
-  clientId!: string
-
-  constructor() {
-    super()
-    this.type = 'SharedSecret'
-    this.hashType = HashType.Sha256
-  }
-}
-
-export class ClientClaimCreate extends ClientClaim {
-  clientId!: string
-}
-
-export class ClientPropertyCreate extends ClientProperty {
-  clientId!: string
+export class ClientGetByPaged extends PagedAndSortedResultRequestDto {
+  filter = ''
 }
 
-export class ClientCreate {
-  clientId = ''
-  clientName = ''
-  description? = ''
-  allowedGrantTypes?: ClientGrantType[]
+export class ClientClaim extends Claim {}
 
-  constructor() {
-    this.allowedGrantTypes = new Array<ClientGrantType>()
-  }
-}
+export class ClientSecret extends SecretCreateOrUpdate {}
 
 export class ClientClone {
   sourceClientId = ''
@@ -168,6 +79,7 @@ export class ClientClone {
   copyRedirectUri = true
   copyAllowedScope = true
   copyClaim = true
+  copySecret = true
   copyAllowedCorsOrigin = true
   copyPostLogoutRedirectUri = true
   copyPropertie = true
@@ -218,39 +130,27 @@ export class Client extends FullAuditedEntityDto {
   userSsoLifetime!: number
   userCodeType?: string
   deviceCodeLifetime!: number
-  allowedScopes!: ClientScope[]
-  clientSecrets!: ClientSecret[]
-  allowedGrantTypes!: ClientGrantType[]
-  allowedCorsOrigins!: ClientCorsOrigin[]
-  redirectUris!: ClientRedirectUri[]
-  postLogoutRedirectUris!: ClientPostLogoutRedirectUri[]
-  identityProviderRestrictions!: ClientIdPRestriction[]
-  claims!: ClientClaim[]
-  properties!: ClientProperty[]
-
-  constructor() {
-    super()
-    this.allowedScopes = new Array<ClientScope>()
-    this.clientSecrets = new Array<ClientSecret>()
-    this.allowedGrantTypes = new Array<ClientGrantType>()
-    this.allowedCorsOrigins = new Array<ClientCorsOrigin>()
-    this.redirectUris = new Array<ClientRedirectUri>()
-    this.postLogoutRedirectUris = new Array<ClientPostLogoutRedirectUri>()
-    this.identityProviderRestrictions = new Array<ClientIdPRestriction>()
-    this.claims = new Array<ClientClaim>()
-    this.properties = new Array<ClientProperty>()
-  }
-
-  public static empty() {
-    return new Client()
-  }
-}
-
-export class ClientUpdateData {
-  concurrencyStamp!: string
+  allowedScopes = new Array<string>()
+  clientSecrets = new Array<ClientSecret>()
+  allowedGrantTypes = new Array<string>()
+  allowedCorsOrigins = new Array<string>()
+  redirectUris = new Array<string>()
+  postLogoutRedirectUris = new Array<string>()
+  identityProviderRestrictions = new Array<string>()
+  claims = new Array<ClientClaim>()
+  properties:{[key: string]: string} = {}
+}
+
+export class ClientCreateOrUpdate {
   clientId = ''
   clientName = ''
   description? = ''
+  allowedGrantTypes = new Array<string>()
+}
+
+export class ClientCreate extends ClientCreateOrUpdate {}
+
+export class ClientUpdate extends ClientCreateOrUpdate {
   clientUri? = ''
   logoUri? = ''
   enabled = true
@@ -266,7 +166,7 @@ export class ClientUpdateData {
   frontChannelLogoutSessionRequired = true
   backChannelLogoutUri? = ''
   backChannelLogoutSessionRequired = true
-  allowOfflineAccess = false
+  allowOfflineAccess = true
   identityTokenLifetime = 300
   accessTokenLifetime = 3600
   authorizationCodeLifetime = 300
@@ -285,75 +185,57 @@ export class ClientUpdateData {
   userSsoLifetime!: number
   userCodeType? = ''
   deviceCodeLifetime = 300
-  allowedScopes!: ClientScope[]
-  allowedGrantTypes!: ClientGrantType[]
-  allowedCorsOrigins!: ClientCorsOrigin[]
-  redirectUris!: ClientRedirectUri[]
-  postLogoutRedirectUris!: ClientPostLogoutRedirectUri[]
-  identityProviderRestrictions!: ClientIdPRestriction[]
-
-  constructor() {
-    this.allowedScopes = new Array<ClientScope>()
-    this.allowedGrantTypes = new Array<ClientGrantType>()
-    this.allowedCorsOrigins = new Array<ClientCorsOrigin>()
-    this.redirectUris = new Array<ClientRedirectUri>()
-    this.postLogoutRedirectUris = new Array<ClientPostLogoutRedirectUri>()
-    this.identityProviderRestrictions = new Array<ClientIdPRestriction>()
-  }
-
-  public setClient(client: Client) {
-    this.absoluteRefreshTokenLifetime = client.absoluteRefreshTokenLifetime
-    this.accessTokenLifetime = client.accessTokenLifetime
-    this.accessTokenType = client.accessTokenType
-    this.allowAccessTokensViaBrowser = client.allowAccessTokensViaBrowser
-    this.allowOfflineAccess = client.allowOfflineAccess
-    this.allowPlainTextPkce = client.allowPlainTextPkce
-    this.allowRememberConsent = client.allowRememberConsent
-    this.allowedCorsOrigins = client.allowedCorsOrigins
-    this.allowedGrantTypes = client.allowedGrantTypes
-    this.allowedScopes = client.allowedScopes
-    this.alwaysIncludeUserClaimsInIdToken = client.alwaysIncludeUserClaimsInIdToken
-    this.alwaysSendClientClaims = client.alwaysSendClientClaims
-    this.authorizationCodeLifetime = client.authorizationCodeLifetime
-    this.backChannelLogoutSessionRequired = client.backChannelLogoutSessionRequired
-    this.backChannelLogoutUri = client.backChannelLogoutUri
-    this.clientClaimsPrefix = client.clientClaimsPrefix
-    this.clientId = client.clientId
-    this.clientName = client.clientName
+  allowedScopes = new Array<string>()
+  allowedCorsOrigins = new Array<string>()
+  redirectUris = new Array<string>()
+  postLogoutRedirectUris = new Array<string>()
+  identityProviderRestrictions = new Array<string>()
+  properties: {[key: string]: string} = {}
+  secrets = new Array<SecretCreateOrUpdate>()
+  claims = new Array<ClientClaim>()
+
+  public updateByClient(client: Client) {
     this.clientUri = client.clientUri
-    this.concurrencyStamp = client.concurrencyStamp
-    this.consentLifetime = client.consentLifetime
-    this.description = client.description
-    this.deviceCodeLifetime = client.deviceCodeLifetime
-    this.enableLocalLogin = client.enableLocalLogin
-    this.enabled = client.enabled
-    this.frontChannelLogoutSessionRequired = client.frontChannelLogoutSessionRequired
-    this.frontChannelLogoutUri = client.frontChannelLogoutUri
-    this.identityProviderRestrictions = client.identityProviderRestrictions
-    this.identityTokenLifetime = client.identityTokenLifetime
-    this.includeJwtId = client.includeJwtId
     this.logoUri = client.logoUri
-    this.pairWiseSubjectSalt = client.pairWiseSubjectSalt
-    this.postLogoutRedirectUris = client.postLogoutRedirectUris
+    this.enabled = client.enabled
     this.protocolType = client.protocolType
-    this.redirectUris = client.redirectUris
-    this.refreshTokenExpiration = client.refreshTokenExpiration
-    this.refreshTokenUsage = client.refreshTokenUsage
     this.requireClientSecret = client.requireClientSecret
     this.requireConsent = client.requireConsent
+    this.allowRememberConsent = client.allowRememberConsent
+    this.alwaysIncludeUserClaimsInIdToken = client.alwaysIncludeUserClaimsInIdToken
     this.requirePkce = client.requirePkce
+    this.allowPlainTextPkce = client.allowPlainTextPkce
+    this.allowAccessTokensViaBrowser = client.allowAccessTokensViaBrowser
+    this.frontChannelLogoutUri = client.frontChannelLogoutUri
+    this.frontChannelLogoutSessionRequired = client.frontChannelLogoutSessionRequired
+    this.backChannelLogoutUri = client.backChannelLogoutUri
+    this.backChannelLogoutSessionRequired = client.backChannelLogoutSessionRequired
+    this.allowOfflineAccess = client.allowOfflineAccess
+    this.identityTokenLifetime = client.identityTokenLifetime
+    this.accessTokenLifetime = client.accessTokenLifetime
+    this.authorizationCodeLifetime = client.authorizationCodeLifetime
+    this.consentLifetime = client.consentLifetime
+    this.absoluteRefreshTokenLifetime = client.absoluteRefreshTokenLifetime
     this.slidingRefreshTokenLifetime = client.slidingRefreshTokenLifetime
+    this.refreshTokenUsage = client.refreshTokenUsage
     this.updateAccessTokenClaimsOnRefresh = client.updateAccessTokenClaimsOnRefresh
-    this.userCodeType = client.userCodeType
+    this.refreshTokenExpiration = client.refreshTokenExpiration
+    this.accessTokenType = client.accessTokenType
+    this.enableLocalLogin = client.enableLocalLogin
+    this.includeJwtId = client.includeJwtId
+    this.alwaysSendClientClaims = client.alwaysSendClientClaims
+    this.clientClaimsPrefix = client.clientClaimsPrefix
+    this.pairWiseSubjectSalt = client.pairWiseSubjectSalt
     this.userSsoLifetime = client.userSsoLifetime
-  }
-}
-
-export class ClientUpdate {
-  id!: string
-  client!: ClientUpdateData
-
-  constructor() {
-    this.client = new ClientUpdateData()
+    this.userCodeType = client.userCodeType
+    this.deviceCodeLifetime = client.deviceCodeLifetime
+    this.allowedCorsOrigins = client.allowedCorsOrigins
+    this.redirectUris = client.redirectUris
+    this.postLogoutRedirectUris = client.postLogoutRedirectUris
+    this.identityProviderRestrictions = client.identityProviderRestrictions
+    this.allowedScopes = client.allowedScopes
+    this.secrets = client.clientSecrets
+    this.claims = client.claims
+    this.properties = client.properties
   }
 }

vueJs/src/api/identity-resources.ts

@@ -0,0 +1,89 @@
+import ApiService from './serviceBase'
+import { FullAuditedEntityDto, PagedResultDto, PagedAndSortedResultRequestDto } from './types'
+
+const sourceUrl = '/api/identity-server/identity-resources'
+/** 远程服务地址 */
+const serviceUrl = process.env.VUE_APP_BASE_API
+
+/** 身份资源Api接口 */
+export default class IdentityResourceService {
+  /**
+   * 获取身份资源
+   * @param id 身份资源标识
+   * @returns 返回类型为 IdentityResource 的对象
+   */
+  public static getIdentityResourceById(id: string) {
+    const _url = sourceUrl + '/' + id
+    return ApiService.Get<IdentityResource>(_url, serviceUrl)
+  }
+
+  /**
+   * 获取身份资源列表
+   * @param payload 分页查询过滤对象
+   * @returns 返回类型为 IdentityResource 的对象列表
+   */
+  public static getIdentityResources(payload: IdentityResourceGetByPaged) {
+    let _url = sourceUrl + '?filter=' + payload.filter
+    _url += '&sorting=' + payload.sorting
+    _url += '&skipCount=' + payload.skipCount
+    _url += '&maxResultCount=' + payload.maxResultCount
+    return ApiService.Get<PagedResultDto<IdentityResource>>(_url, serviceUrl)
+  }
+
+  /**
+   * 创建身份资源
+   * @param payload 类型为 IdentityResourceCreate 的对象
+   * @returns 返回类型为 IdentityResource 的对象
+   */
+  public static createIdentityResource(payload: IdentityResourceCreateOrUpdate) {
+    return ApiService.Post<IdentityResource>(sourceUrl, payload, serviceUrl)
+  }
+
+  /**
+   * 变更身份资源
+   * @param payload 类型为 IdentityResourceUpdate 的对象
+   * @returns 返回类型为 IdentityResource 的对象
+   */
+  public static updateIdentityResource(id: string, payload: IdentityResourceCreateOrUpdate) {
+    const _url = sourceUrl + '/' + id
+    return ApiService.Put<IdentityResource>(_url, payload, serviceUrl)
+  }
+
+  /**
+   * 删除身份资源
+   * @param id 身份资源标识
+   */
+  public static deleteIdentityResource(id: string) {
+    const _url = sourceUrl + '/' + id
+    return ApiService.Delete(_url, serviceUrl)
+  }
+}
+
+export class IdentityResource extends FullAuditedEntityDto {
+  id!: string
+  name = ''
+  displayName?: string = ''
+  description?: string = ''
+  enabled = true
+  required = false
+  emphasize = false
+  showInDiscoveryDocument = true
+  userClaims = new Array<string>()
+  properties: {[key: string]: string} = {}
+}
+
+export class IdentityResourceGetByPaged extends PagedAndSortedResultRequestDto {
+  filter = ''
+}
+
+export class IdentityResourceCreateOrUpdate {
+  name = ''
+  displayName?: string = ''
+  description?: string = ''
+  enabled = true
+  required = false
+  emphasize = false
+  showInDiscoveryDocument = true
+  userClaims = new Array<string>()
+  properties: {[key: string]: string} = {}
+}

vueJs/src/api/identity-server4.ts

@@ -0,0 +1,36 @@
+import ApiService from './serviceBase'
+
+const openIdConfigurationUrl = '/.well-known/openid-configuration'
+
+export default class IdentityServer4Service {
+  public static getOpenIdConfiguration() {
+    return ApiService.Get<OpenIdConfiguration>(openIdConfigurationUrl)
+  }
+}
+
+export class OpenIdConfiguration {
+  issuer!: string
+  jwks_uri!: string
+  authorization_endpoint!: string
+  token_endpoint!: string
+  userinfo_endpoint!: string
+  end_session_endpoint!: string
+  check_session_iframe!: string
+  revocation_endpoint!: string
+  introspection_endpoint!: string
+  device_authorization_endpoint!: string
+  frontchannel_logout_supported!: boolean
+  frontchannel_logout_session_supported!: boolean
+  backchannel_logout_supported!: boolean
+  backchannel_logout_session_supported!: boolean
+  scopes_supported = new Array<string>()
+  claims_supported = new Array<string>()
+  grant_types_supported = new Array<string>()
+  response_types_supported = new Array<string>()
+  response_modes_supported = new Array<string>()
+  token_endpoint_auth_methods_supported = new Array<string>()
+  id_token_signing_alg_values_supported = new Array<string>()
+  subject_types_supported = new Array<string>()
+  code_challenge_methods_supported = new Array<string>()
+  request_parameter_supported!: boolean
+}

vueJs/src/api/identityresources.ts

@@ -1,244 +0,0 @@
-import ApiService from './serviceBase'
-import { FullAuditedEntityDto, PagedResultDto, PagedAndSortedResultRequestDto } from './types'
-
-/** 远程服务地址 */
-const serviceUrl = process.env.VUE_APP_BASE_API
-
-/** 身份资源Api接口 */
-export default class IdentityResourceService {
-  /**
-   * 获取身份资源
-   * @param id 身份资源标识
-   * @returns 返回类型为 IdentityResource 的对象
-   */
-  public static getIdentityResourceById(id: string) {
-    let _url = '/api/IdentityServer/IdentityResources/'
-    _url += id
-    return ApiService.Get<IdentityResource>(_url, serviceUrl)
-  }
-
-  /**
-   * 获取身份资源列表
-   * @param payload 分页查询过滤对象
-   * @returns 返回类型为 IdentityResource 的对象列表
-   */
-  public static getIdentityResources(payload: IdentityResourceGetByPaged) {
-    let _url = '/api/IdentityServer/IdentityResources'
-    _url += '?filter=' + payload.filter
-    _url += '&sorting=' + payload.sorting
-    _url += '&skipCount=' + payload.skipCount
-    _url += '&maxResultCount=' + payload.maxResultCount
-    return ApiService.Get<PagedResultDto<IdentityResource>>(_url, serviceUrl)
-  }
-
-  /**
-   * 创建身份资源
-   * @param payload 类型为 IdentityResourceCreate 的对象
-   * @returns 返回类型为 IdentityResource 的对象
-   */
-  public static createIdentityResource(payload: IdentityResourceCreate) {
-    const _url = '/api/IdentityServer/IdentityResources'
-    return ApiService.Post<IdentityResource>(_url, payload, serviceUrl)
-  }
-
-  /**
-   * 变更身份资源
-   * @param payload 类型为 IdentityResourceUpdate 的对象
-   * @returns 返回类型为 IdentityResource 的对象
-   */
-  public static updateIdentityResource(payload: IdentityResourceUpdate) {
-    const _url = '/api/IdentityServer/IdentityResources'
-    return ApiService.Put<IdentityResource>(_url, payload, serviceUrl)
-  }
-
-  /**
-   * 删除身份资源
-   * @param id 身份资源标识
-   */
-  public static deleteIdentityResource(id: string) {
-    let _url = '/api/IdentityServer/IdentityResources'
-    _url += '?id=' + id
-    return ApiService.Delete(_url, serviceUrl)
-  }
-
-  /**
-   * 创建身份资源属性
-   * @param payload 类型为 IdentityPropertyCreate 的对象
-   * @returns 返回类型为 IdentityProperty 的对象
-   */
-  public static createProperty(payload: IdentityPropertyCreate) {
-    const _url = '/api/IdentityServer/IdentityResources/Properties'
-    return ApiService.Post<IdentityProperty>(_url, payload, serviceUrl)
-  }
-
-  /**
-   * 删除身份资源属性
-   * @param identityResourceId 身份资源标识
-   * @param key 身份资源属性键
-   */
-  public static deleteProperty(identityResourceId: string, key: string) {
-    let _url = '/api/IdentityServer/IdentityResources/Properties'
-    _url += '?identityResourceId=' + identityResourceId
-    _url += '&key=' + key
-    return ApiService.Delete(_url, serviceUrl)
-  }
-}
-
-/** 身份资源用户声明 */
-export class IdentityClaim {
-  /** 用户声明 */
-  type = ''
-}
-
-/** 身份资源属性 */
-export class IdentityProperty {
-  /** 键 */
-  key = ''
-  /** 值 */
-  value = ''
-}
-
-/** 身份资源属性创建对象 */
-export class IdentityPropertyCreate {
-  /** 身份资源标识 */
-  identityResourceId = ''
-  /** 键 */
-  key = ''
-  /** 值 */
-  value = ''
-  /** 并发令牌 */
-  concurrencyStamp = ''
-
-  /** 返回一个空对象 */
-  public static empty() {
-    return new IdentityPropertyCreate()
-  }
-}
-
-/** 身份资源分页查询对象 */
-export class IdentityResourceGetByPaged extends PagedAndSortedResultRequestDto {
-  /** 过滤参数 */
-  filter = ''
-
-  /** 返回一个空对象 */
-  public static empty() {
-    return new IdentityResourceGetByPaged()
-  }
-}
-
-/** 身份资源创建对象 */
-export class IdentityResourceCreate {
-  /** 名称 */
-  name = ''
-  /** 显示名称 */
-  displayName? = ''
-  /** 说明 */
-  description? = ''
-  /** 启用 */
-  enabled = true
-  /** 必须 */
-  required = false
-  /** 强调 */
-  emphasize = false
-  /** 在发现文档显示 */
-  showInDiscoveryDocument = false
-  /** 用户声明 */
-  userClaims = new Array<IdentityClaim>()
-
-  /** 返回一个空对象 */
-  public static empty() {
-    return new IdentityResourceCreate()
-  }
-
-  /** 创建身份资源 */
-  public static create(identityResource: IdentityResource) {
-    const resource = new IdentityResourceCreate()
-    resource.description = identityResource.description
-    resource.displayName = identityResource.displayName
-    resource.emphasize = identityResource.emphasize
-    resource.enabled = identityResource.enabled
-    resource.name = identityResource.name
-    resource.required = identityResource.required
-    resource.showInDiscoveryDocument = identityResource.showInDiscoveryDocument
-    resource.userClaims = identityResource.userClaims
-    return resource
-  }
-}
-
-/** 身份资源变更对象 */
-export class IdentityResourceUpdate {
-  /** 身份资源标识 */
-  id = ''
-  /** 名称 */
-  name = ''
-  /** 显示名称 */
-  displayName? = ''
-  /** 说明 */
-  description? = ''
-  /** 启用 */
-  enabled = true
-  /** 必须 */
-  required = false
-  /** 强调 */
-  emphasize = false
-  /** 在发现文档显示 */
-  showInDiscoveryDocument = false
-  /** 并发令牌 */
-  concurrencyStamp = ''
-  /** 用户声明 */
-  userClaims = new Array<IdentityClaim>()
-
-  /** 返回一个空对象 */
-  public static empty() {
-    return new IdentityResourceUpdate()
-  }
-
-  /** 创建身份资源 */
-  public static create(identityResource: IdentityResource) {
-    const resource = new IdentityResourceUpdate()
-    resource.concurrencyStamp = identityResource.concurrencyStamp
-    resource.description = identityResource.description
-    resource.displayName = identityResource.displayName
-    resource.emphasize = identityResource.emphasize
-    resource.enabled = identityResource.enabled
-    resource.id = identityResource.id
-    resource.name = identityResource.name
-    resource.required = identityResource.required
-    resource.showInDiscoveryDocument = identityResource.showInDiscoveryDocument
-    resource.userClaims = identityResource.userClaims
-    return resource
-  }
-}
-
-/** 身份资源对象 */
-export class IdentityResource extends FullAuditedEntityDto {
-  /** 身份资源标识 */
-  id!: string
-  /** 名称 */
-  name!: string
-  /** 显示名称 */
-  displayName?: string
-  /** 说明 */
-  description?: string
-  /** 并发令牌 */
-  concurrencyStamp!: string
-  /** 启用 */
-  enabled!: boolean
-  /** 必须 */
-  required!: boolean
-  /** 强调 */
-  emphasize!: boolean
-  /** 在发现文档显示 */
-  showInDiscoveryDocument!: boolean
-  /** 用户声明 */
-  userClaims!: IdentityClaim[]
-  /** 属性 */
-  properties!: IdentityProperty[]
-
-  /** 返回一个空对象 */
-  public static empty() {
-    const resource = new IdentityResource()
-    resource.enabled = true
-    return resource
-  }
-}

vueJs/src/api/permission.ts

@@ -30,17 +30,29 @@ export default class PermissionService {
   }
 }
 
+export class UpdatePermissionDto implements IPermission {
+  name!: string
+  isGranted!: boolean
+
+  constructor(
+    name: string,
+    isGranted: boolean
+  ) {
+    this.name = name
+    this.isGranted = isGranted
+  }
+}
+
 export class UpdatePermissionsDto {
   permissions!: UpdatePermissionDto[]
 
   constructor() {
     this.permissions = new Array<UpdatePermissionDto>()
   }
-}
 
-export class UpdatePermissionDto implements IPermission {
-  name!: string
-  isGranted!: boolean
+  public addPermission(name: string, isGranted: boolean) {
+    this.permissions.push(new UpdatePermissionDto(name, isGranted))
+  }
 }
 
 export class PermissionProvider {

vueJs/src/api/roles.ts

@@ -50,6 +50,28 @@ export default class RoleService {
     _url += id
     return ApiService.Delete(_url, IdentityServiceUrl)
   }
+
+  public static getRoleClaims(roleId: string) {
+    const _url = '/api/identity/roles/claims/' + roleId
+    return ApiService.Get<ListResultDto<RoleClaim>>(_url, IdentityServiceUrl)
+  }
+
+  public static addRoleClaim(roleId: string, payload: RoleClaimCreateOrUpdate) {
+    const _url = '/api/identity/roles/claims/' + roleId
+    return ApiService.Post<void>(_url, payload, IdentityServiceUrl)
+  }
+
+  public static updateRoleClaim(roleId: string, payload: RoleClaimCreateOrUpdate) {
+    const _url = '/api/identity/roles/claims/' + roleId
+    return ApiService.Put<void>(_url, payload, IdentityServiceUrl)
+  }
+
+  public static deleteRoleClaim(roleId: string, payload: RoleClaimDelete) {
+    let _url = '/api/identity/roles/claims/' + roleId
+    _url += '?claimType=' + payload.claimType
+    _url += '&claimValue=' + payload.claimValue
+    return ApiService.Delete(_url, IdentityServiceUrl)
+  }
 }
 
 export class RoleBaseDto {
@@ -73,6 +95,7 @@ export class CreateRoleDto extends RoleBaseDto {
     super()
     this.isDefault = false
     this.isPublic = true
+    this.name = ''
   }
 }
 
@@ -89,3 +112,17 @@ export class UpdateRoleDto extends RoleBaseDto {
 export class ChangeRoleOrganizationUnitDto {
   organizationUnitIds = new Array<string>()
 }
+
+export class RoleClaimCreateOrUpdate {
+  claimType = ''
+  claimValue = ''
+}
+
+export class RoleClaimDelete {
+  claimType = ''
+  claimValue = ''
+}
+
+export class RoleClaim extends RoleClaimCreateOrUpdate {
+  id!: string
+}

vueJs/src/api/types.ts

@@ -251,3 +251,28 @@ export interface IClaim {
   /** 数值 */
   value: string
 }
+
+export class SecretBase implements ISecret {
+  type = ''
+  value = ''
+  description = ''
+  expiration: Date | undefined
+}
+
+export enum HashType {
+  Sha256,
+  Sha512
+}
+
+export class Claim implements IClaim {
+  type = ''
+  value = ''
+
+  constructor(
+    type: string,
+    value: string
+  ) {
+    this.type = type
+    this.value = value
+  }
+}

vueJs/src/api/users.ts

@@ -1,5 +1,5 @@
 import qs from 'querystring'
-import { PagedAndSortedResultRequestDto, FullAuditedEntityDto, PagedResultDto, ListResultDto } from '@/api/types'
+import { PagedAndSortedResultRequestDto, FullAuditedEntityDto, PagedResultDto, ListResultDto, ExtensibleObject } from '@/api/types'
 import { OrganizationUnit } from './organizationunit'
 import ApiService from './serviceBase'
 
@@ -17,25 +17,25 @@ export default class UserApiService {
     if (input.filter) {
       _url += '&filter=' + input.filter
     }
-    return ApiService.Get<PagedResultDto<UserDataDto>>(_url, IdentityServiceUrl)
+    return ApiService.Get<PagedResultDto<User>>(_url, IdentityServiceUrl)
   }
 
   public static getUserById(userId: string) {
     let _url = '/api/identity/users/'
     _url += userId
-    return ApiService.Get<UserDataDto>(_url, IdentityServiceUrl)
+    return ApiService.Get<User>(_url, IdentityServiceUrl)
   }
 
   public static getUserByName(userName: string) {
     let _url = '/api/identity/users/by-username/'
     _url += userName
-    return ApiService.Get<UserDataDto>(_url, IdentityServiceUrl)
+    return ApiService.Get<User>(_url, IdentityServiceUrl)
   }
 
-  public static updateUser(userId: string | undefined, userData: UserUpdateDto) {
+  public static updateUser(userId: string, userData: UserUpdate) {
     let _url = '/api/identity/users/'
     _url += userId
-    return ApiService.Put<UserDataDto>(_url, userData, IdentityServiceUrl)
+    return ApiService.Put<User>(_url, userData, IdentityServiceUrl)
   }
 
   public static deleteUser(userId: string | undefined) {
@@ -44,9 +44,9 @@ export default class UserApiService {
     return ApiService.Delete(_url, IdentityServiceUrl)
   }
 
-  public static createUser(userData: UserCreateDto) {
+  public static createUser(userData: UserCreate) {
     const _url = '/api/identity/users'
-    return ApiService.Post<UserDataDto>(_url, userData, IdentityServiceUrl)
+    return ApiService.Post<User>(_url, userData, IdentityServiceUrl)
   }
 
   public static getUserRoles(userId: string) {
@@ -122,7 +122,7 @@ export default class UserApiService {
 
   public static userRegister(registerData: UserRegisterData) {
     const _url = '/api/account/phone/register'
-    return ApiService.HttpRequest<UserDataDto>({
+    return ApiService.HttpRequest<User>({
       baseURL: IdentityServiceUrl,
       url: _url,
       method: 'POST',
@@ -317,34 +317,6 @@ export class UserLoginResult {
   refresh_token!: string
 }
 
-/** 创建用户对象 */
-export class UserCreateDto {
-  /** 用户名 */
-  name!: string
-  /** 用户账户 */
-  userName!: string
-  /** 用户密码 */
-  password!: string
-  /** 用户简称 */
-  surname?: string
-  /** 邮件地址 */
-  email!: string
-  /** 联系方式 */
-  phoneNumber: number | undefined
-  /** 双因素验证 */
-  twoFactorEnabled!: boolean
-  /** 登录失败锁定 */
-  lockoutEnabled!: boolean
-  /** 用户列表 */
-  roleNames?: string[]
-
-  constructor() {
-    this.twoFactorEnabled = false
-    this.lockoutEnabled = true
-    this.roleNames = new Array<string>()
-  }
-}
-
 /** 用户密码变更对象 */
 export class UserChangePasswordDto {
   /** 当前密码 */
@@ -375,68 +347,68 @@ export class UserRole implements IUserRole {
   isStatic!: boolean
   /** 是否公共角色 */
   isPublic!: boolean
-  /** 并发令牌 */
-  concurrencyStamp: string | undefined
 }
 
-/** 变更用户对象 */
-export class UserUpdateDto implements IUserData {
+export class UserCreateOrUpdate extends ExtensibleObject {
   /** 用户名 */
-  name!: string;
+  name = ''
   /** 用户账户 */
-  userName!: string;
+  userName = ''
   /** 用户简称 */
-  surname?: string;
+  surname = ''
   /** 邮件地址 */
-  email!: string;
+  email = ''
   /** 联系方式 */
-  phoneNumber?: number;
-  /** 双因素验证 */
-  twoFactorEnabled!: boolean;
+  phoneNumber = ''
   /** 登录锁定 */
-  lockoutEnabled!: boolean;
+  lockoutEnabled = false
+  /** 角色列表 */
+  roleNames: string[] | null = null
+  /** 密码 */
+  password: string | null = null
+}
+
+/** 变更用户对象 */
+export class UserUpdate extends UserCreateOrUpdate {
   /** 并发令牌 */
-  concurrencyStamp!: string;
-  /** 用户角色列表 */
-  roles: string[]
+  concurrencyStamp = ''
+}
 
-  constructor() {
-    this.roles = new Array<string>()
-  }
+export class UserCreate extends UserCreateOrUpdate {
 }
 
 /** 用户对象 */
-export class UserDataDto extends FullAuditedEntityDto implements IUserData {
+export class User extends FullAuditedEntityDto implements IUser {
   /** 用户名 */
-  name!: string
+  name = ''
   /** 用户账户 */
-  userName!: string
+  userName = ''
   /** 用户简称 */
-  surname!: string
+  surname = ''
   /** 邮件地址 */
-  email!: string
+  email = ''
   /** 联系方式 */
-  phoneNumber?: number
+  phoneNumber = ''
   /** 双因素验证 */
-  twoFactorEnabled!: boolean
+  twoFactorEnabled = false
   /** 登录锁定 */
-  lockoutEnabled!: boolean
-  /** 并发令牌 */
-  concurrencyStamp!: string
+  lockoutEnabled = false
   /** 用户标识 */
-  id!: string
+  id = ''
   /** 租户标识 */
-  tenentId: string | undefined
+  tenentId? = ''
   /** 邮箱已验证 */
-  emailConfirmed!: boolean
+  emailConfirmed = false
   /** 联系方式已验证 */
-  phoneNumberConfirmed!: boolean
+  phoneNumberConfirmed = false
   /** 锁定截止时间 */
-  lockoutEnd: Date | undefined
+  lockoutEnd?: Date = undefined
+  /** 并发令牌 */
+  concurrencyStamp = ''
 }
 
 /** 用户对象接口 */
-export interface IUserData {
+export interface IUser {
   /** 用户名 */
   name: string
   /** 用户账户 */
@@ -446,13 +418,11 @@ export interface IUserData {
   /** 邮件地址 */
   email: string
   /** 联系方式 */
-  phoneNumber?: number
+  phoneNumber?: string
   /** 双因素验证 */
   twoFactorEnabled: boolean
   /** 登录锁定 */
   lockoutEnabled: boolean
-  /** 锁定截止时间 */
-  concurrencyStamp: string | undefined
 }
 
 /** 用户角色接口 */
@@ -467,8 +437,6 @@ export interface IUserRole {
   isStatic: boolean
   /** 公共角色 */
   isPublic: boolean
-  /** 并发令牌 */
-  concurrencyStamp: string | undefined
 }
 
 export class ChangeUserOrganizationUnitDto {

vueJs/src/components/PermissionForm/index.vue

@@ -0,0 +1,473 @@
+<template>
+  <el-dialog
+    v-el-draggable-dialog
+    width="800px"
+    :visible="showDialog"
+    :title="$t('AbpPermissionManagement.Permissions') + '-' + entityDisplayName"
+    custom-class="modal-form"
+    :close-on-click-modal="false"
+    :close-on-press-escape="false"
+    :show-close="false"
+    @close="onFormClosed"
+  >
+    <el-form>
+      <el-checkbox
+        :disabled="readonly"
+        :value="grantAllCheckBoxCheckAll"
+        :indeterminate="grantAllCheckBoxForward"
+        @change="onGrantAllClicked"
+      >
+        {{ $t('AbpPermissionManagement.SelectAllInAllTabs') }}
+      </el-checkbox>
+      <el-divider />
+      <el-tabs
+        v-model="activeTabPane"
+        tab-position="left"
+        type="card"
+      >
+        <el-tab-pane
+          v-for="group in permissionGroups"
+          :key="group.name"
+          :label="group.displayName + ' (' + grantedCount(group) + ')'"
+          :name="group.name"
+        >
+          <el-card shadow="never">
+            <div
+              slot="header"
+              class="clearfix"
+            >
+              <h3>{{ group.displayName }}</h3>
+            </div>
+            <el-checkbox
+              :disabled="readonly"
+              :value="scopeCheckBoxCheckAll(group)"
+              :indeterminate="scopeCheckBoxForward(group)"
+              @change="(checked) => onCheckScopeAllClicked(checked, group, 'permissionTree-' + group.name)"
+            >
+              {{ $t('AbpPermissionManagement.SelectAllInThisTab') }}
+            </el-checkbox>
+            <el-divider />
+            <el-tree
+              :ref="'permissionTree-' + group.name"
+              show-checkbox
+              :check-strictly="true"
+              node-key="id"
+              :data="group.permissions"
+              :default-checked-keys="grantedPermissionKeys(group)"
+              @check-change="(permission, checked) => onPermissionTreeNodeCheckChanged(permission, checked, group, 'permissionTree-' + group.name)"
+            />
+          </el-card>
+        </el-tab-pane>
+      </el-tabs>
+      <el-divider />
+      <el-form-item>
+        <el-button
+          class="cancel"
+          type="info"
+          style="width:100px"
+          @click="onFormClosed"
+        >
+          {{ $t('AbpPermissionManagement.Cancel') }}
+        </el-button>
+        <el-button
+          :disabled="readonly"
+          class="confirm"
+          type="primary"
+          style="width:100px"
+          icon="el-icon-check"
+          :loading="confirmButtonBusy"
+          @click="onSave"
+        >
+          {{ confirmButtonTitle }}
+        </el-button>
+      </el-form-item>
+    </el-form>
+  </el-dialog>
+</template>
+
+<script lang="ts">
+import { Component, Vue, Prop, Watch } from 'vue-property-decorator'
+import PermissionApiService, { Permission, UpdatePermissionsDto } from '@/api/permission'
+import { Tree } from 'element-ui'
+
+/** element权限树 */
+export class PermissionItem {
+  /** 权限标识 */
+  id = ''
+  /** 显示名称 */
+  label = ''
+  /** 是否授权 */
+  isGrant = false
+  /** 是否禁用 */
+  disabled = false
+  /** 子节点 */
+  children = new Array<PermissionItem>()
+  /** 父节点 */
+  parent?: PermissionItem
+
+  constructor(
+    id: string,
+    label: string,
+    isGrant: boolean
+  ) {
+    this.id = id
+    this.label = label
+    this.isGrant = isGrant
+  }
+
+  public createChildren(permission: PermissionItem) {
+    permission.parent = this
+    this.children.push(permission)
+  }
+
+  public setGrant(grant: boolean) {
+    this.isGrant = grant
+    if (this.parent) {
+      this.parent.setGrant(grant)
+    }
+  }
+
+  public static setPermissionGrant(grant: boolean, permission: PermissionItem) {
+    permission.setGrant(grant)
+    if (!grant) {
+      permission.children.map(p => {
+        PermissionItem.setPermissionGrant(false, p)
+      })
+    }
+  }
+
+  public static setAllPermissionGrant(grant: boolean, permission: PermissionItem) {
+    permission.setGrant(grant)
+    permission.children.map(p => {
+      PermissionItem.setAllPermissionGrant(grant, p)
+    })
+  }
+}
+
+export class PermissionGroup {
+  name = ''
+  displayName = ''
+  permissions = new Array<PermissionItem>()
+
+  constructor(
+    name: string,
+    displayName: string
+  ) {
+    this.name = name
+    this.displayName = displayName
+  }
+
+  public permissionCount() {
+    let count = 0
+    count += this.deepPermissionCount(this.permissions)
+    return count
+  }
+
+  public addPermission(permission: PermissionItem) {
+    this.permissions.push(permission)
+  }
+
+  public setAllGrant(grant: boolean) {
+    this.permissions.map(p => {
+      PermissionItem.setAllPermissionGrant(grant, p)
+    })
+  }
+
+  public grantedPermissionKeys() {
+    const keys = new Array<string>()
+    this.deepGrantedPermissionKeys(keys, this.permissions)
+    return keys
+  }
+
+  public grantedCount() {
+    let count = 0
+    count += this.deepGrantedCount(this.permissions)
+    return count
+  }
+
+  private deepGrantedCount(permissions: PermissionItem[]) {
+    let count = 0
+    count += permissions.filter(p => p.isGrant).length
+    permissions.forEach(p => {
+      count += this.deepGrantedCount(p.children)
+    })
+    return count
+  }
+
+  private deepGrantedPermissionKeys(keys: string[], permissions: PermissionItem[]) {
+    permissions.forEach(p => {
+      if (p.isGrant) {
+        keys.push(p.id)
+      }
+      this.deepGrantedPermissionKeys(keys, p.children)
+    })
+  }
+
+  private deepPermissionCount(permissions: PermissionItem[]) {
+    let count = 0
+    count += permissions.length
+    permissions.forEach(p => {
+      count += this.deepPermissionCount(p.children)
+    })
+    return count
+  }
+}
+
+/**
+ * 权限编辑组件
+ * 大量的计算属性与事件响应,还能再优化
+ */
+@Component({
+  name: 'PermissionForm'
+})
+export default class PermissionForm extends Vue {
+  /** 权限提供者名称 */
+  @Prop({ default: '' })
+  private providerName!: string
+
+  /** 权限提供者标识 */
+  @Prop({ default: '' })
+  private providerKey!: string
+
+  /** 是否展示权限编辑组件 */
+  @Prop({ default: false })
+  private showDialog!: boolean
+
+  /** 权限节点是否只读 */
+  @Prop({ default: false })
+  private readonly!: boolean
+
+  /** 激活tab页 */
+  private activeTabPane = ''
+  /** 确认按钮忙碌状态 */
+  private confirmButtonBusy = false
+  /** 当前编辑权限实体名称 */
+  private entityDisplayName = ''
+  /** 得到的权限组集合 */
+  private permissionGroups = new Array<PermissionGroup>()
+
+  /** 某个权限组已授权数量
+   * 用于显示已授权数量
+   */
+  get grantedCount() {
+    return (group: PermissionGroup) => {
+      return group.grantedCount()
+    }
+  }
+
+  /**
+   * 所有已授权数量
+   */
+  get grantAllCount() {
+    let count = 0
+    this.permissionGroups.forEach(group => {
+      count += group.grantedCount()
+    })
+    return count
+  }
+
+  /** 某个权限组已授权节点
+   * 用于勾选TreeNode
+   */
+  get grantedPermissionKeys() {
+    return (group: PermissionGroup) => {
+      return group.grantedPermissionKeys()
+    }
+  }
+
+  /**
+   * 某个权限组权限数量
+   * 用于设定单个Tree的全选CheckBox状态
+   */
+  get permissionCount() {
+    return (group: PermissionGroup) => {
+      return group.permissionCount()
+    }
+  }
+
+  /**
+   * 所有权限数量
+   */
+  get permissionAllCount() {
+    let count = 0
+    this.permissionGroups.forEach(group => {
+      count += group.permissionCount()
+    })
+    return count
+  }
+
+  /**
+   * 单个Tree的全选CheckBox是否为选中状态
+   */
+  get scopeCheckBoxCheckAll() {
+    return (group: PermissionGroup) => {
+      const grantCount = group.grantedCount()
+      return grantCount === group.permissionCount()
+    }
+  }
+
+  /**
+   * 单个Tree的全选CheckBox状态是否为预选状态
+   */
+  get scopeCheckBoxForward() {
+    return (group: PermissionGroup) => {
+      const grantCount = group.grantedCount()
+      return grantCount > 0 && grantCount < group.permissionCount()
+    }
+  }
+
+  /**
+   * 授权所有CheckBox是否为选中状态
+   */
+  get grantAllCheckBoxCheckAll() {
+    return this.grantAllCount === this.permissionAllCount
+  }
+
+  /**
+   * 授权所有CheckBox状态是否为预选状态
+   */
+  get grantAllCheckBoxForward() {
+    const grantCount = this.grantAllCount
+    return grantCount > 0 && grantCount < this.permissionAllCount
+  }
+
+  /**
+   * 确认按钮标题
+   */
+  get confirmButtonTitle() {
+    if (this.confirmButtonBusy) {
+      return this.$t('AbpPermissionManagement.SavingWithThreeDot')
+    }
+    return this.$t('AbpPermissionManagement.Save')
+  }
+
+  /**
+   * 响应组件可视事件
+   */
+  @Watch('showDialog', { immediate: true })
+  private onShowDialogChanged() {
+    this.handleGetPermissions()
+  }
+
+  /**
+   * 获取权限集合
+   */
+  private handleGetPermissions() {
+    this.activeTabPane = ''
+    this.permissionGroups.length = 0
+    if (this.showDialog && this.providerName) {
+      PermissionApiService.getPermissionsByKey(this.providerName, this.providerKey).then(res => {
+        this.entityDisplayName = res.entityDisplayName
+        res.groups.map(g => {
+          const group = new PermissionGroup(g.name, g.displayName)
+          const parents = g.permissions.filter(p => p.parentName === null)
+          parents.forEach(parent => {
+            const permission = new PermissionItem(parent.name, parent.displayName, parent.isGranted)
+            permission.disabled = this.readonly
+            const subPermissions = g.permissions.filter(p => p.parentName?.startsWith(parent.name))
+            this.generatePermission(permission, subPermissions)
+            group.addPermission(permission)
+          })
+          this.permissionGroups.push(group)
+        })
+        if (this.permissionGroups.length > 0) {
+          this.activeTabPane = this.permissionGroups[0].name
+        }
+      })
+    }
+  }
+
+  /** 递归生成子节点
+   * @param permissionTree 二级权限树
+   * @param permissions 权限列表
+   */
+  private generatePermission(permission: PermissionItem, permissions: Permission[]) {
+    const subPermissions = permissions.filter(p => p.parentName !== permission.id)
+    permissions = permissions.filter(p => p.parentName === permission.id)
+    permissions.forEach(p => {
+      const children = new PermissionItem(p.name, p.displayName, p.isGranted)
+      children.disabled = this.readonly
+      const itemSubPermissions = subPermissions.filter(sp => sp.parentName === p.name)
+      if (itemSubPermissions.length > 0) {
+        this.generatePermission(children, itemSubPermissions)
+      }
+      permission.createChildren(children)
+    })
+  }
+
+  /**
+   * 保存权限
+   */
+  private onSave() {
+    const updatePermission = new UpdatePermissionsDto()
+    this.permissionGroups.forEach(group => {
+      this.updatePermissionByInput(updatePermission, group.permissions)
+    })
+    this.confirmButtonBusy = true
+    PermissionApiService
+      .setPermissionsByKey(this.providerName, this.providerKey, updatePermission)
+      .then(() => {
+        this.$message.success(this.$t('global.successful').toString())
+      })
+      .finally(() => {
+        this.confirmButtonBusy = false
+      })
+  }
+
+  private updatePermissionByInput(permissions: UpdatePermissionsDto, items: PermissionItem[]) {
+    items.forEach(p => {
+      permissions.addPermission(p.id, p.isGrant)
+      this.updatePermissionByInput(permissions, p.children)
+    })
+  }
+
+  /**
+   * 窗口关闭事件
+   */
+  private onFormClosed() {
+    this.$emit('closed')
+  }
+
+  /**
+   * 授予所有权限 按钮事件
+   */
+  private onGrantAllClicked(checked: boolean) {
+    this.permissionGroups.forEach(group => {
+      group.setAllGrant(checked)
+      const trees = this.$refs['permissionTree-' + group.name] as Tree[]
+      trees[0].setCheckedKeys(this.grantedPermissionKeys(group))
+    })
+  }
+
+  /**
+   * Permission Tree 全选按钮事件
+   */
+  private onCheckScopeAllClicked(checked: boolean, group: PermissionGroup, treeRef: any) {
+    group.setAllGrant(checked)
+    const trees = this.$refs[treeRef] as Tree[]
+    trees[0].setCheckedKeys(this.grantedPermissionKeys(group))
+  }
+
+  /**
+   * Permission TreeNode 变更事件
+   */
+  private onPermissionTreeNodeCheckChanged(permission: PermissionItem, checked: boolean, group: PermissionGroup, treeRef: any) {
+    PermissionItem.setPermissionGrant(checked, permission)
+    if (permission.children.length > 0) {
+      const trees = this.$refs[treeRef] as Tree[]
+      trees[0].setCheckedKeys(this.grantedPermissionKeys(group))
+    }
+  }
+}
+</script>
+
+<style lang="scss" scoped>
+.confirm {
+  position: absolute;
+  right: 10px;
+}
+.cancel {
+  position: absolute;
+  right: 120px;
+}
+</style>

vueJs/src/components/PermissionTree/index.vue

@@ -1,236 +0,0 @@
-<template>
-  <el-tree
-    ref="tree"
-    show-checkbox
-    node-key="id"
-    :data="permissionTreeData"
-    :default-checked-keys="[]"
-    :render-content="renderContent"
-    :default-expanded-keys="permissionExpandedKeys"
-    @check="handlePermissionChecked"
-    @node-expand="handleNodeExpand"
-  />
-</template>
-
-<script lang="ts">
-import { IPermission } from '@/api/types'
-import { Component, Vue, Prop, Watch } from 'vue-property-decorator'
-import { PermissionDto, PermissionGroup, Permission } from '@/api/permission'
-
-/** element权限树 */
-export class PermissionTree {
-  /** 权限标识 */
-  id!: string
-  /** 显示名称 */
-  label!: string
-  /** 是否禁用 */
-  disabled!: boolean
-  /** 父节点 */
-  parent!: string
-  /** 子节点 */
-  children!: PermissionTree[]
-
-  constructor() {
-    this.disabled = false
-    this.children = new Array<PermissionTree>()
-  }
-}
-
-/** 权限树组件 */
-@Component({
-  name: 'PermissionTree'
-})
-export default class extends Vue {
-  /** 是否只读 */
-  @Prop({ default: false }) private readonly!: boolean
-  /** 是否展开权限树 */
-  @Prop({ default: false }) private expanded!: boolean
-  /** 是否水平排列
-   * @description 功能实现来自：https://www.jianshu.com/p/f740e8c9fca6
-   */
-  @Prop({ default: false }) private horizontally!: boolean
-  /** 权限列表 */
-  @Prop({ default: () => new PermissionDto() }) private permission!: PermissionDto
-  /** 权限树 */
-  private permissionTreeData: PermissionTree[]
-  /** 权限树选中节点 */
-  private permissionCheckedKeys: string[]
-  /** 权限树展开节点 */
-  private permissionExpandedKeys: string[]
-  /** 授权接口集合 */
-  private permissionEditData: IPermission[]
-
-  constructor() {
-    super()
-    this.permissionTreeData = new Array<PermissionTree>()
-    this.permissionCheckedKeys = new Array<string>()
-    this.permissionExpandedKeys = new Array<string>()
-    this.permissionEditData = new Array<IPermission>()
-  }
-
-  @Watch('permission', { immediate: true })
-  private onPermissionChanged(permission: PermissionDto) {
-    this.initilzePermissionTree(permission)
-    setTimeout(() => {
-      const treeControl = this.$refs.tree as any
-      treeControl.setCheckedKeys(this.permissionCheckedKeys)
-    }, 10)
-  }
-
-  /** 重置权限树 */
-  public resetPermissions() {
-    this.permissionTreeData.splice(0)
-    this.permissionCheckedKeys.splice(0)
-    this.permissionExpandedKeys.splice(0)
-    this.permissionEditData.splice(0)
-  }
-
-  /** 初始化权限树
-   * @param permission 权限数据
-   */
-  private initilzePermissionTree(permission: PermissionDto) {
-    this.resetPermissions()
-    const permissionTree = new PermissionTree()
-    permissionTree.id = permission.entityDisplayName
-    permissionTree.label = '权限设置'
-    permissionTree.disabled = this.readonly
-    this.generatePermissionGroup(permissionTree, permission.groups)
-    this.permissionTreeData.push(permissionTree)
-    this.permissionExpandedKeys.push(permissionTree.id)
-  }
-
-  /** 根据权限组生成二级权限树
-   * @param permissionTree 根权限树
-   * @param permissionGroups 根权限组
-   */
-  private generatePermissionGroup(permissionTree: PermissionTree, permissionGroups: PermissionGroup[]) {
-    permissionGroups.forEach((group) => {
-      const permissionTreeItem = new PermissionTree()
-      permissionTreeItem.id = group.name
-      permissionTreeItem.label = group.displayName
-      permissionTreeItem.disabled = this.readonly
-      // 父节点是否全部展开
-      if (this.expanded) {
-        this.permissionExpandedKeys.push(group.name)
-      }
-      this.generatePermission(permissionTreeItem, group.permissions)
-      permissionTree.children.push(permissionTreeItem)
-      // 父权限加入编辑权限列表
-      // 按照abp框架的授权规则,Group（也就是二级权限数据）是不允许赋值的,要么后台过滤,要么前台不传,这里采用前台不传
-      // this.permissionEditData.push({ name: group.name, isGranted: group.permissions.some(p => p.isGranted) })
-    })
-  }
-
-  /** 根据权限列表生成三级权限树
-   * @param permissionTree 二级权限树
-   * @param permissions 权限列表
-   */
-  private generatePermission(permissionTree: PermissionTree, permissions: Permission[]) {
-    const parentPermissions = permissions.filter(p => !p.parentName)
-    parentPermissions.forEach((permission) => {
-      const permissionTreeItem = new PermissionTree()
-      permissionTreeItem.id = permission.name
-      permissionTreeItem.label = permission.displayName
-      permissionTreeItem.disabled = this.readonly
-      this.permissionEditData.push(permission)
-      const subPermissions = permissions.filter(p => p.parentName === permission.name)
-      // 2020-08-28 如果这个权限没有子节点且已经授权,则选中节点
-      if (subPermissions.length === 0) {
-        if (permission.isGranted) {
-          this.permissionCheckedKeys.push(permissionTreeItem.id)
-        }
-      } else {
-        this.generateSubPermission(permissionTreeItem, subPermissions, permissions)
-      }
-      permissionTree.children.push(permissionTreeItem)
-    })
-  }
-
-  /** 递归生成子节点权限树
-   * @param permissionTree 父权限树
-   * @param permissions 当前遍历权限节点
-   * @param parentPermissions 当前遍历权限的父权限节点
-   * @description abp框架定义所有子节点都在第三级里面.所以需要传递父节点来判断当前循环的权限的子权限节点
-   */
-  private generateSubPermission(permissionTree: PermissionTree, permissions: Permission[], parentPermissions: Permission[]) {
-    permissions.forEach((permission) => {
-      const permissionTreeItem = new PermissionTree()
-      permissionTreeItem.id = permission.name
-      permissionTreeItem.label = permission.displayName
-      permissionTreeItem.disabled = this.readonly
-      this.permissionEditData.push(permission)
-      // 查询当前权限里面的子节点
-      const subPermissions = parentPermissions.filter(p => p.parentName === permission.name)
-      // 生成下一级权限树
-      if (subPermissions.length > 0) {
-        this.generateSubPermission(permissionTreeItem, subPermissions, permissions)
-      } else { // 如果存在下一级权限，那么在下一级循环里面添加选中,避免选中当前根节点
-        if (permission.isGranted) {
-          this.permissionCheckedKeys.push(permissionTreeItem.id)
-        }
-      }
-      permissionTree.children.push(permissionTreeItem)
-    })
-  }
-
-  /** 权限树选择相应事件 */
-  private handlePermissionChecked(data: any, treeCheckData: any) {
-    this.permissionEditData.forEach((permission: IPermission) => {
-      permission.isGranted = treeCheckData.checkedKeys.some((k: string) => k.indexOf(permission.name) !== -1)
-    })
-    // 传递权限变更事件,事件参数为授权接口集合
-    this.$emit('onPermissionChanged', this.permissionEditData)
-  }
-
-  /** 节点展开事件
-   * @description 监听节点展开完毕事件,刷新子节点样式
-   */
-  private handleNodeExpand() {
-    this.$nextTick().then(() => {
-      this.changeTree()
-    })
-  }
-
-  /** 自定义权限树子节点渲染 */
-  private renderContent(h: any, context: { node: any, data: PermissionTree}) {
-    if (this.horizontally) {
-      if (context.data.children.length > 0) {
-        return h(
-          'span',
-          { class: 'el-tree-node__label' },
-          [context.node.label]
-        )
-      } else {
-        return h(
-          'div',
-          { class: 'horizontally' },
-          [context.node.label])
-      }
-    }
-    return h(
-      'span',
-      { class: 'el-tree-node__label' },
-      [context.node.label]
-    )
-  }
-
-  /** 变更权限树样式
-   * @description https://www.jianshu.com/p/f740e8c9fca6
-   */
-  private changeTree() {
-    const classDomList = document.getElementsByClassName('horizontally')
-    for (let i = 0; i < classDomList.length; i++) {
-      const parentNode = classDomList[i].parentNode as any
-      parentNode.style.cssText = 'float: left'
-      parentNode.className = 'el-tree-node__content option-wrapper'
-      parentNode.parentNode.style.marginLeft = '70px'
-    }
-  }
-}
-</script>
-
-<style lang="scss" scoped>
-.option-wrapper {
-  padding: 0 !important;
-}
-</style>

vueJs/src/lang/en.ts

@@ -427,148 +427,6 @@ export default {
     aggregateJsonPath: 'Json路径',
     definedAggregatorProviders: '聚合提供者'
   },
-  identityServer: {
-    otherOpera: '更多操作',
-    enabled: '启用客户端',
-    disbled: '停用客户端',
-    clientStatus: '客户端状态',
-    deleteClient: '删除客户端',
-    updateClient: '编辑客户端',
-    updateClientByName: '编辑客户端  {name}',
-    deleteClientById: '是否要删除客户端: {id}',
-    deleteClientSuccess: '客户端: {id} 已删除!',
-    createClientSuccess: '客户端: {id} 已添加!',
-    updateClientSuccess: '客户端: {id} 已修改!',
-    clientClaim: '客户端声明',
-    clientProperty: '客户端属性',
-    clientSecret: '客户端密钥',
-    clientPermission: '客户端权限',
-    deleteSecret: '删除密钥',
-    deleteSecretByType: '是否要删除客户端密钥: {type}',
-    deleteSecretSuccess: '客户端密钥: {type} 已删除!',
-    createSecretSuccess: '客户端密钥: {type} 已添加!',
-    createSecret: '添加客户端密钥',
-    deleteClaim: '删除声明',
-    deleteClaimByType: '是否要删除客户端声明: {type}',
-    deleteClaimSuccess: '客户端声明: {type} 已删除!',
-    createClaimSuccess: '客户端声明: {type} 已添加!',
-    createClaim: '添加客户端声明',
-    deleteProperty: '删除属性',
-    deleteClientPropertyByType: '是否要删除客户端属性: {key}',
-    deleteClientPropertySuccess: '客户端属性: {key} 已删除!',
-    createClientPropertySuccess: '客户端属性: {key} 已添加!',
-    createClientProperty: '添加客户端属性',
-    createClient: '添加客户端',
-    clientId: '客户端标识',
-    clientName: '客户端名称',
-    description: '客户端说明',
-    cloneClint: '克隆客户端',
-    copyAllowedGrantType: '复制客户端授权类型',
-    copyRedirectUri: '复制客户端重定向Uri',
-    copyAllowedScope: '复制客户端作用域',
-    copyClaim: '复制客户端声明',
-    copyAllowedCorsOrigin: '复制客户端跨域来源',
-    copyPostLogoutRedirectUri: '复制客户端注销重定向Uri',
-    copyPropertie: '复制客户端属性',
-    copyIdentityProviderRestriction: '复制身份提供程序限制',
-    protocolType: '协议类型',
-    requireClientSecret: '需要客户端密钥',
-    requirePkce: '需要Pkce',
-    allowPlainTextPkce: '允许纯文本Pkce',
-    allowOfflineAccess: '允许离线访问',
-    allowedScopes: '允许的作用域',
-    redirectUris: '重定向Uri',
-    allowedGrantTypes: '允许的授权类型',
-    allowAccessTokensViaBrowser: '允许通过浏览器访问令牌',
-    identityTokenLifetime: '身份令牌有效期(s)',
-    accessTokenLifetime: '访问令牌有效期(s)',
-    authorizationCodeLifetime: '授权码有效期(s)',
-    absoluteRefreshTokenLifetime: '绝对刷新令牌有效期(s)',
-    slidingRefreshTokenLifetime: '滚动刷新令牌有效期(s)',
-    deviceCodeLifetime: '设备授权码有效期(s)',
-    clientClaimsPrefix: '客户端声明前缀',
-    basicOptions: '基本设置',
-    frontChannelLogoutUri: '前端通道注销 Uri',
-    frontChannelLogoutSessionRequired: '需要前端通道注销会话',
-    backChannelLogoutUri: '后端通道退出 Uri',
-    backChannelLogoutSessionRequired: '需要后端通道注销会话',
-    enableLocalLogin: '启用本地登录',
-    postLogoutRedirectUris: '注销重定向 Uri',
-    identityProviderRestrictions: '身份提供程序限制',
-    userSsoLifetime: '用户 SSO 生命周期',
-    accessTokenType: '访问令牌类型',
-    refreshTokenUsage: '刷新令牌使用情况',
-    refreshTokenExpiration: '刷新令牌过期方式',
-    allowedCorsOrigins: '允许跨域来源',
-    updateAccessTokenClaimsOnRefresh: '刷新时更新访问令牌声明',
-    includeJwtId: '包括 Jwt 标识',
-    alwaysSendClientClaims: '始终发送客户端声明',
-    alwaysIncludeUserClaimsInIdToken: '始终在标识令牌中包含用户声明',
-    pairWiseSubjectSalt: '配对主体盐',
-    requireConsent: '需要同意',
-    allowRememberConsent: '允许记住同意',
-    clientUri: '客户端 Uri',
-    logoUri: '徽标 Uri',
-    userCodeType: '用户代码类型',
-    secretType: '密钥类型',
-    secretValue: '密钥值',
-    secretHashType: '哈希类型',
-    hashOnlySharedSecret: '哈希类型仅适用于 SharedSecret 类型',
-    secretDescription: '密钥说明',
-    expiration: '过期日期',
-    claimType: '声明类型',
-    claimValue: '声明值',
-    propertyKey: '属性名称',
-    propertyValue: '属性值',
-    createApiResource: '添加Api资源',
-    updateApiResource: '编辑Api资源',
-    updateApiResourceByName: '编辑Api资源  {name}',
-    deleteApiResourceByName: '删除Api资源  {name}',
-    createApiResourceSuccess: 'Api资源  {name} 已添加!',
-    deleteApiResourceSuccess: 'Api资源  {name} 已删除!',
-    updateApiResourceSuccess: 'Api资源  {name} 已修改!',
-    createApiSecret: '添加Api密钥',
-    deleteApiSecret: '删除Api密钥',
-    deleteApiSecretByType: '删除Api密钥  {type}',
-    createApiSecretSuccess: 'Api密钥  {type} 已添加!',
-    deleteApiSecretSuccess: 'Api密钥  {type} 已删除!',
-    apiResourceSecret: 'Api 密钥',
-    createApiScope: '添加Api作用域',
-    deleteApiScope: '删除Api作用域',
-    deleteApiScopeByName: '删除Api作用域  {name}',
-    createApiScopeSuccess: 'Api作用域  {name} 已添加!',
-    deleteApiScopeSuccess: 'Api作用域  {name} 已删除!',
-    apiResourceScope: 'Api 作用域',
-    deleteApiResource: '删除资源',
-    resourceName: '资源名称',
-    resourceDisplayName: '显示名称',
-    enabledResource: '启用资源',
-    resourceStatus: '资源状态',
-    resourceDescription: '资源说明',
-    resourceUserClaims: '用户声明',
-    apiScopeName: '名称',
-    apiScopeDisplayName: '显示名称',
-    apiScopeDescription: '描述',
-    apiScopeRequired: '必须',
-    apiScopeEmphasize: '强调',
-    apiScopeShowInDiscoveryDocument: '在发现文档显示',
-    createIdentityResource: '添加身份资源',
-    updateIdentityResource: '编辑身份资源',
-    identityResourceProperties: '资源属性',
-    deleteIdentityResource: '删除资源',
-    updateIdentityResourceByName: '编辑身份资源  {name}',
-    deleteIdentityResourceByName: '删除身份资源  {name}',
-    createIdentityResourceSuccess: '身份资源  {name} 已添加!',
-    deleteIdentityResourceSuccess: '身份资源  {name} 已删除!',
-    updateIdentityResourceSuccess: '身份资源  {name} 已修改!',
-    identityResourceRequired: '必须',
-    identityResourceEmphasize: '强调',
-    identityResourceShowInDiscoveryDocument: '在发现文档显示',
-    deleteIdentityPropertyByKey: '是否要删除身份资源属性: {key}',
-    deleteIdentityPropertySuccess: '身份资源属性: {key} 已删除!',
-    createIdentityPropertySuccess: '身份资源属性: {key} 已添加!',
-    createIdentityProperty: '添加身份资源属性'
-  },
   tenant: {
     createTenant: '创建租户',
     updateTenant: '编辑租户',

vueJs/src/lang/zh.ts

@@ -431,148 +431,6 @@ export default {
     aggregateJsonPath: 'Json路径',
     definedAggregatorProviders: '聚合提供者'
   },
-  identityServer: {
-    otherOpera: '更多操作',
-    enabled: '启用客户端',
-    disbled: '停用客户端',
-    clientStatus: '客户端状态',
-    deleteClient: '删除客户端',
-    updateClient: '编辑客户端',
-    updateClientByName: '编辑客户端  {name}',
-    deleteClientById: '是否要删除客户端: {id}',
-    deleteClientSuccess: '客户端: {id} 已删除!',
-    createClientSuccess: '客户端: {id} 已添加!',
-    updateClientSuccess: '客户端: {id} 已修改!',
-    clientClaim: '客户端声明',
-    clientProperty: '客户端属性',
-    clientSecret: '客户端密钥',
-    clientPermission: '客户端权限',
-    deleteSecret: '删除密钥',
-    deleteSecretByType: '是否要删除客户端密钥: {type}',
-    deleteSecretSuccess: '客户端密钥: {type} 已删除!',
-    createSecretSuccess: '客户端密钥: {type} 已添加!',
-    createSecret: '添加客户端密钥',
-    deleteClaim: '删除声明',
-    deleteClaimByType: '是否要删除客户端声明: {type}',
-    deleteClaimSuccess: '客户端声明: {type} 已删除!',
-    createClaimSuccess: '客户端声明: {type} 已添加!',
-    createClaim: '添加客户端声明',
-    deleteProperty: '删除属性',
-    deleteClientPropertyByType: '是否要删除客户端属性: {key}',
-    deleteClientPropertySuccess: '客户端属性: {key} 已删除!',
-    createClientPropertySuccess: '客户端属性: {key} 已添加!',
-    createClientProperty: '添加客户端属性',
-    createClient: '添加客户端',
-    clientId: '客户端标识',
-    clientName: '客户端名称',
-    description: '客户端说明',
-    cloneClint: '克隆客户端',
-    copyAllowedGrantType: '复制客户端授权类型',
-    copyRedirectUri: '复制客户端重定向Uri',
-    copyAllowedScope: '复制客户端作用域',
-    copyClaim: '复制客户端声明',
-    copyAllowedCorsOrigin: '复制客户端跨域来源',
-    copyPostLogoutRedirectUri: '复制客户端注销重定向Uri',
-    copyPropertie: '复制客户端属性',
-    copyIdentityProviderRestriction: '复制身份提供程序限制',
-    protocolType: '协议类型',
-    requireClientSecret: '需要客户端密钥',
-    requirePkce: '需要Pkce',
-    allowPlainTextPkce: '允许纯文本Pkce',
-    allowOfflineAccess: '允许离线访问',
-    allowedScopes: '允许的作用域',
-    redirectUris: '重定向Uri',
-    allowedGrantTypes: '允许的授权类型',
-    allowAccessTokensViaBrowser: '允许通过浏览器访问令牌',
-    identityTokenLifetime: '身份令牌有效期(s)',
-    accessTokenLifetime: '访问令牌有效期(s)',
-    authorizationCodeLifetime: '授权码有效期(s)',
-    absoluteRefreshTokenLifetime: '绝对刷新令牌有效期(s)',
-    slidingRefreshTokenLifetime: '滚动刷新令牌有效期(s)',
-    deviceCodeLifetime: '设备授权码有效期(s)',
-    clientClaimsPrefix: '客户端声明前缀',
-    basicOptions: '基本设置',
-    frontChannelLogoutUri: '前端通道注销 Uri',
-    frontChannelLogoutSessionRequired: '需要前端通道注销会话',
-    backChannelLogoutUri: '后端通道退出 Uri',
-    backChannelLogoutSessionRequired: '需要后端通道注销会话',
-    enableLocalLogin: '启用本地登录',
-    postLogoutRedirectUris: '注销重定向 Uri',
-    identityProviderRestrictions: '身份提供程序限制',
-    userSsoLifetime: '用户 SSO 生命周期',
-    accessTokenType: '访问令牌类型',
-    refreshTokenUsage: '刷新令牌使用情况',
-    refreshTokenExpiration: '刷新令牌过期方式',
-    allowedCorsOrigins: '允许跨域来源',
-    updateAccessTokenClaimsOnRefresh: '刷新时更新访问令牌声明',
-    includeJwtId: '包括 Jwt 标识',
-    alwaysSendClientClaims: '始终发送客户端声明',
-    alwaysIncludeUserClaimsInIdToken: '始终在标识令牌中包含用户声明',
-    pairWiseSubjectSalt: '配对主体盐',
-    requireConsent: '需要同意',
-    allowRememberConsent: '允许记住同意',
-    clientUri: '客户端 Uri',
-    logoUri: '徽标 Uri',
-    userCodeType: '用户代码类型',
-    secretType: '密钥类型',
-    secretValue: '密钥值',
-    secretHashType: '哈希类型',
-    hashOnlySharedSecret: '哈希类型仅适用于 SharedSecret 类型',
-    secretDescription: '密钥说明',
-    expiration: '过期日期',
-    claimType: '声明类型',
-    claimValue: '声明值',
-    propertyKey: '属性名称',
-    propertyValue: '属性值',
-    createApiResource: '添加Api资源',
-    updateApiResource: '编辑Api资源',
-    updateApiResourceByName: '编辑Api资源  {name}',
-    deleteApiResourceByName: '删除Api资源  {name}',
-    createApiResourceSuccess: 'Api资源  {name} 已添加!',
-    deleteApiResourceSuccess: 'Api资源  {name} 已删除!',
-    updateApiResourceSuccess: 'Api资源  {name} 已修改!',
-    createApiSecret: '添加Api密钥',
-    deleteApiSecret: '删除Api密钥',
-    deleteApiSecretByType: '删除Api密钥  {type}',
-    createApiSecretSuccess: 'Api密钥  {type} 已添加!',
-    deleteApiSecretSuccess: 'Api密钥  {type} 已删除!',
-    apiResourceSecret: 'Api 密钥',
-    createApiScope: '添加Api作用域',
-    deleteApiScope: '删除Api作用域',
-    deleteApiScopeByName: '删除Api作用域  {name}',
-    createApiScopeSuccess: 'Api作用域  {name} 已添加!',
-    deleteApiScopeSuccess: 'Api作用域  {name} 已删除!',
-    apiResourceScope: 'Api 作用域',
-    deleteApiResource: '删除资源',
-    resourceName: '资源名称',
-    resourceDisplayName: '显示名称',
-    enabledResource: '启用资源',
-    resourceStatus: '资源状态',
-    resourceDescription: '资源说明',
-    resourceUserClaims: '用户声明',
-    apiScopeName: '名称',
-    apiScopeDisplayName: '显示名称',
-    apiScopeDescription: '描述',
-    apiScopeRequired: '必须',
-    apiScopeEmphasize: '强调',
-    apiScopeShowInDiscoveryDocument: '在发现文档显示',
-    createIdentityResource: '添加身份资源',
-    updateIdentityResource: '编辑身份资源',
-    identityResourceProperties: '资源属性',
-    deleteIdentityResource: '删除资源',
-    updateIdentityResourceByName: '编辑身份资源  {name}',
-    deleteIdentityResourceByName: '删除身份资源  {name}',
-    createIdentityResourceSuccess: '身份资源  {name} 已添加!',
-    deleteIdentityResourceSuccess: '身份资源  {name} 已删除!',
-    updateIdentityResourceSuccess: '身份资源  {name} 已修改!',
-    identityResourceRequired: '必须',
-    identityResourceEmphasize: '强调',
-    identityResourceShowInDiscoveryDocument: '在发现文档显示',
-    deleteIdentityPropertyByKey: '是否要删除身份资源属性: {key}',
-    deleteIdentityPropertySuccess: '身份资源属性: {key} 已删除!',
-    createIdentityPropertySuccess: '身份资源属性: {key} 已添加!',
-    createIdentityProperty: '添加身份资源属性'
-  },
   tenant: {
     createTenant: '创建租户',
     updateTenant: '编辑租户',
@@ -654,5 +512,16 @@ export default {
     uploadSuccess: '上传成功',
     folderNameIsRequired: '目录名称不能为空',
     folderCreateSuccess: '目录 {name} 已创建!'
+  },
+  AbpValidation: {
+    ThisFieldIsNotAValidEmailAddress: '字段不是有效的邮箱地址',
+    ThisFieldMustBeAStringWithAMinimumLengthOf: '字段必须是最小长度为{0}的字符串'
+  },
+  AbpIdentity: {
+    Lock: '锁定',
+    LockoutEnd: '锁定日期',
+    LockoutEnabled: '登录尝试失败后锁定帐户',
+    RoleList: '角色列表',
+    HasRoles: '已有角色'
   }
 }

vueJs/src/mixins/EventBusMiXin.ts

@@ -44,8 +44,8 @@ export default class EventBusMiXin extends Vue {
    * @param name 事件名称
    * @param callback 注销回调
    */
-  protected unSubscribe(name: string, callback: (eventData: any) => void | undefined) {
-    this.$events.off(name, callback)
+  protected unSubscribe(name: string) {
+    this.$events.off(name, undefined)
   }
 
   /**

vueJs/src/router/modules/identityServer.ts

@@ -7,7 +7,7 @@ const identityServerRouter: RouteConfig = {
   meta: {
     title: 'identityServer',
     icon: 'identity-server',
-    roles: ['IdentityServer.Clients', 'IdentityServer.ApiResources', 'IdentityServer.IdentityResources'],
+    roles: ['AbpIdentityServer.Clients', 'AbpIdentityServer.ApiResources', 'AbpIdentityServer.IdentityResources'],
     alwaysShow: true
   },
   children: [
@@ -18,7 +18,7 @@ const identityServerRouter: RouteConfig = {
       meta: {
         title: 'clients',
         icon: 'client',
-        roles: ['IdentityServer.Clients']
+        roles: ['AbpIdentityServer.Clients']
       }
     },
     {
@@ -28,7 +28,7 @@ const identityServerRouter: RouteConfig = {
       meta: {
         title: 'apiresources',
         icon: 'api',
-        roles: ['IdentityServer.ApiResources']
+        roles: ['AbpIdentityServer.ApiResources']
       }
     },
     {
@@ -38,7 +38,7 @@ const identityServerRouter: RouteConfig = {
       meta: {
         title: 'identityresources',
         icon: 'identity',
-        roles: ['IdentityServer.IdentityResources']
+        roles: ['AbpIdentityServer.IdentityResources']
       }
     }
   ]

vueJs/src/views/admin/claim-type/components/CreateOrUpdateCliamTypeForm.vue

@@ -153,11 +153,6 @@ export default class CreateOrUpdateCliamTypeForm extends Vue {
     return false
   }
 
-  @Watch('claimTypeId')
-  private onClaimTypeIdChanged() {
-    this.handleGetClaimType()
-  }
-
   @Watch('showDialog', { immediate: true })
   private onShowDialogChanged() {
     this.handleGetClaimType()

vueJs/src/views/admin/components/RoleReference.vue

@@ -1,45 +0,0 @@
-<template>
-  <div class="role-reference-pane">
-    <el-table
-      ref="roleTable"
-      v-loading="userLoading"
-      row-key="id"
-      :data="userList"
-      border
-      fit
-      highlight-current-row
-      max-height="250px"
-      @row-click="onRowClick"
-    />
-  </div>
-</template>
-
-<script lang="ts">
-import { dateFormat } from '@/utils'
-import { Component, Vue } from 'vue-property-decorator'
-import RoleAppService, { RoleGetPagedDto } from '@/api/roles'
-
-@Component({
-  name: 'RoleReference',
-  filters: {
-    dateTimeFilter(datetime: string) {
-      const date = new Date(datetime)
-      return dateFormat(date, 'YYYY-mm-dd HH:MM')
-    }
-  }
-})
-export default class extends Vue {
-  private roleQueryFilter = new RoleGetPagedDto()
-
-  private hanldGetRoles() {
-    // TODO 待完成
-    RoleAppService.getRoles(this.roleQueryFilter).then(res => {
-      console.log(res)
-    })
-  }
-}
-</script>
-
-<style lang="stylus" scoped>
-
-</style>

vueJs/src/views/admin/components/UserReference.vue

@@ -1,176 +0,0 @@
-<template>
-  <div class="user-reference-pane">
-    <el-form>
-      <el-form-item>
-        <el-button
-          class="confirm"
-          type="primary"
-          style="width:100px"
-        >
-          {{ $t('global.confirm') }}
-        </el-button>
-        <el-button
-          class="cancel"
-          style="width:100px"
-        >
-          {{ $t('global.cancel') }}
-        </el-button>
-      </el-form-item>
-      <el-form-item>
-        <el-table
-          ref="userTable"
-          v-loading="userLoading"
-          row-key="id"
-          :data="userList"
-          border
-          fit
-          highlight-current-row
-          max-height="250px"
-          @row-click="onRowClick"
-        >
-          <el-table-column
-            type="selection"
-            width="50"
-            align="center"
-          />
-          <el-table-column
-            :label="$t('users.userName')"
-            prop="userName"
-            sortable
-            width="110px"
-            align="center"
-          >
-            <template slot-scope="{row}">
-              <span>{{ row.userName }}</span>
-            </template>
-          </el-table-column>
-          <el-table-column
-            :label="$t('users.name')"
-            prop="name"
-            width="110px"
-            align="center"
-          >
-            <template slot-scope="{row}">
-              <span>{{ row.name }}</span>
-            </template>
-          </el-table-column>
-          <el-table-column
-            :label="$t('users.email')"
-            prop="email"
-            sortable
-            min-width="180"
-            align="center"
-          >
-            <template slot-scope="{row}">
-              <span>{{ row.email }}</span>
-            </template>
-          </el-table-column>
-          <el-table-column
-            :label="$t('users.phoneNumber')"
-            prop="phoneNumber"
-            width="140px"
-            align="center"
-          >
-            <template slot-scope="{row}">
-              <span>{{ row.phoneNumber }}</span>
-            </template>
-          </el-table-column>
-          <el-table-column
-            :label="$t('users.lockoutEnd')"
-            prop="lockoutEnd"
-            sortable
-            width="140px"
-            align="center"
-          >
-            <template slot-scope="{row}">
-              <span>{{ row.lockoutEnd | dateTimeFilter }}</span>
-            </template>
-          </el-table-column>
-          <el-table-column
-            :label="$t('users.creationTime')"
-            prop="creationTime"
-            sortable
-            width="140px"
-            align="center"
-          >
-            <template slot-scope="{row}">
-              <span>{{ row.creationTime | dateTimeFilter }}</span>
-            </template>
-          </el-table-column>
-        </el-table>
-
-        <pagination
-          v-show="userCount>0"
-          :total="userCount"
-          :page.sync="userQueryFilter.skipCount"
-          :limit.sync="userQueryFilter.maxResultCount"
-          @pagination="handleGetUserList"
-        />
-      </el-form-item>
-    </el-form>
-  </div>
-</template>
-
-<script lang="ts">
-import { dateFormat } from '@/utils'
-import { Component, Vue } from 'vue-property-decorator'
-import Pagination from '@/components/Pagination/index.vue'
-import UserAppService, { UsersGetPagedDto, UserDataDto } from '@/api/users'
-
-@Component({
-  name: 'UserReference',
-  components: {
-    Pagination
-  },
-  filters: {
-    dateTimeFilter(datetime: string) {
-      const date = new Date(datetime)
-      return dateFormat(date, 'YYYY-mm-dd HH:MM')
-    }
-  }
-})
-export default class extends Vue {
-  private userCount = 0
-  private userLoading = false
-  private userList = new Array<UserDataDto>()
-  private userQueryFilter = new UsersGetPagedDto()
-
-  mounted() {
-    this.handleGetUserList()
-    // 滚动延迟加载
-    // const userTable = this.$refs.userTable as any
-    // userTable.bodyWrapper.addEventListener('scroll', (res: any) => this.onTableScrollChanged(res), true)
-  }
-
-  private handleGetUserList() {
-    this.userLoading = true
-    UserAppService.getUsers(this.userQueryFilter).then(res => {
-      this.userList = res.items
-      this.userCount = res.totalCount
-      this.userLoading = false
-    })
-  }
-
-  private onRowClick(row: any) {
-    const table = this.$refs.userTable as any
-    table.toggleRowSelection(row)
-  }
-
-  private onTableScrollChanged(dom: any) {
-    console.log(dom)
-  }
-}
-</script>
-
-<style lang="scss" scoped>
-.user-reference-pane .user-table {
-  width: 100%;
-  cursor: pointer;
-}
-.confirm {
-  position: relative;
-}
-.cancel {
-  position: relative;
-}
-</style>

vueJs/src/views/admin/identityServer/api-resources/components/ApiResourceCreateOrEditForm.vue

@@ -15,67 +15,167 @@
         ref="formApiResource"
         label-width="100px"
         :model="apiResource"
-        :rules="apiResourceRules"
       >
-        <el-form-item
-          prop="enabled"
-          :label="$t('identityServer.enabledResource')"
+        <el-tabs
+          v-model="activeTabPane"
+          type="border-card"
         >
-          <el-switch
-            v-model="apiResource.enabled"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="name"
-          :label="$t('identityServer.resourceName')"
-        >
-          <el-input
-            v-model="apiResource.name"
-            :readonly="isEdit"
-            :placeholder="$t('pleaseInputBy', {key: $t('identityServer.resourceName')})"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="displayName"
-          :label="$t('identityServer.resourceDisplayName')"
-        >
-          <el-input
-            v-model="apiResource.displayName"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="description"
-          :label="$t('identityServer.resourceDescription')"
-        >
-          <el-input
-            v-model="apiResource.description"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="userClaims"
-          :label="$t('identityServer.resourceUserClaims')"
-        >
-          <el-input-tag-ex
-            v-model="apiResource.userClaims"
-            label="type"
-          />
-        </el-form-item>
+          <el-tab-pane
+            name="basics"
+            :label="$t('AbpIdentityServer.Basics')"
+          >
+            <el-form-item
+              prop="enabled"
+              :label="$t('AbpIdentityServer.Resource:Enabled')"
+            >
+              <el-switch
+                v-model="apiResource.enabled"
+              />
+            </el-form-item>
+            <el-form-item
+              prop="name"
+              :label="$t('AbpIdentityServer.Name')"
+              :rules="{
+                required: true,
+                message: $t('pleaseInputBy', {key: $t('AbpIdentityServer.Name')}),
+                trigger: 'blur'
+              }"
+            >
+              <el-input
+                v-model="apiResource.name"
+                :readonly="isEdit"
+                :placeholder="$t('pleaseInputBy', {key: $t('AbpIdentityServer.Name')})"
+              />
+            </el-form-item>
+            <el-form-item
+              prop="displayName"
+              :label="$t('AbpIdentityServer.DisplayName')"
+            >
+              <el-input
+                v-model="apiResource.displayName"
+              />
+            </el-form-item>
+            <el-form-item
+              prop="description"
+              :label="$t('AbpIdentityServer.Description')"
+            >
+              <el-input
+                v-model="apiResource.description"
+              />
+            </el-form-item>
+          </el-tab-pane>
+          <el-tab-pane
+            name="userClaim"
+            :label="$t('AbpIdentityServer.UserClaim')"
+          >
+            <el-transfer
+              v-model="apiResource.userClaims"
+              class="transfer-scope"
+              :data="apiResourceClaims"
+              :props="{
+                key: 'type',
+                label: 'value'
+              }"
+              :titles="[$t('AbpIdentityServer.NoClaim'), $t('AbpIdentityServer.ExistsClaim')]"
+            />
+          </el-tab-pane>
+          <el-tab-pane
+            v-if="isEdit"
+            name="avanced"
+          >
+            <el-dropdown
+              slot="label"
+              @command="onDropdownMenuItemChanged"
+            >
+              <span class="el-dropdown-link">
+                {{ $t('AbpIdentityServer.Advanced') }}<i class="el-icon-arrow-down el-icon--right" />
+              </span>
+              <el-dropdown-menu slot="dropdown">
+                <el-dropdown-item command="api-resource-scope-edit-form">
+                  {{ $t('AbpIdentityServer.Scope') }}
+                </el-dropdown-item>
+                <el-dropdown-item command="secret-edit-form">
+                  {{ $t('AbpIdentityServer.Secret') }}
+                </el-dropdown-item>
+                <el-dropdown-item command="properties-edit-form">
+                  {{ $t('AbpIdentityServer.Propertites') }}
+                </el-dropdown-item>
+              </el-dropdown-menu>
+            </el-dropdown>
+            <component
+              :is="advancedComponent"
+              :user-claims="apiResourceClaims"
+              :api-resource-scopes="apiResource.scopes"
+              :secrets="apiResource.secrets"
+              :allowed-create="checkPermission(['AbpIdentityServer.ApiResources.ManageProperties'])"
+              :allowed-delete="checkPermission(['AbpIdentityServer.ApiResources.ManageProperties'])"
+              :allowed-create-secret="checkPermission(['AbpIdentityServer.ApiResources.ManageSecrets'])"
+              :allowed-delete-secret="checkPermission(['AbpIdentityServer.ApiResources.ManageSecrets'])"
+              :properties="apiResource.properties"
+              @onScopeCreated="apiResourceScopeCreated"
+              @onScopeDeleted="apiResourceScopeDeleted"
+              @onSecretCreated="apiResourceSecretCreated"
+              @onSecretDeleted="apiResourceSecretDeleted"
+              @onCreated="onPropertyCreated"
+              @onDeleted="onPropertyDeleted"
+            />
+          </el-tab-pane>
+          <!-- <el-tab-pane
+            v-if="isEdit"
+            name="scopes"
+            :label="$t('AbpIdentityServer.Scope')"
+          >
+            <api-resource-scope-edit-form
+              :user-claims="apiResourceClaims"
+              :api-resource-scopes="apiResource.scopes"
+              @onScopeCreated="apiResourceScopeCreated"
+              @onScopeDeleted="apiResourceScopeDeleted"
+            />
+          </el-tab-pane>
+          <el-tab-pane
+            v-if="isEdit"
+            name="secrets"
+            :label="$t('AbpIdentityServer.Secret')"
+          >
+            <el-card>
+              <secret-edit-form
+                :secrets="apiResource.secrets"
+                @onSecretCreated="apiResourceSecretCreated"
+                @onSecretDeleted="apiResourceSecretDeleted"
+              />
+            </el-card>
+          </el-tab-pane>
+
+          <el-tab-pane
+            v-if="isEdit"
+            name="properties"
+            :label="$t('AbpIdentityServer.Propertites')"
+          >
+            <properties-edit-form
+              :allowed-create="checkPermission(['AbpIdentityServer.ApiResources.ManageProperties'])"
+              :allowed-delete="checkPermission(['AbpIdentityServer.ApiResources.ManageProperties'])"
+              :properties="apiResource.properties"
+              @onCreated="onPropertyCreated"
+              @onDeleted="onPropertyDeleted"
+            />
+          </el-tab-pane> -->
+        </el-tabs>
 
         <el-form-item>
           <el-button
             class="cancel"
-            style="width:100px"
+            type="info"
             @click="onCancel"
           >
-            {{ $t('table.cancel') }}
+            {{ $t('AbpIdentityServer.Cancel') }}
           </el-button>
           <el-button
             class="confirm"
             type="primary"
-            style="width:100px"
-            @click="onSaveApiResource"
+            icon="el-icon-check"
+            @click="onSave"
           >
-            {{ $t('table.confirm') }}
+            {{ $t('AbpIdentityServer.Save') }}
           </el-button>
         </el-form-item>
       </el-form>
@@ -84,14 +184,41 @@
 </template>
 
 <script lang="ts">
-import ApiResourceService, { ApiResourceCreate, ApiResourceUpdate, ApiResource } from '@/api/apiresources'
+import ApiResourceService, {
+  ApiScope,
+  ApiResource,
+  ApiResourceCreate,
+  ApiResourceUpdate,
+  ApiSecretCreateOrUpdate,
+  ApiResourceCreateOrUpdate
+} from '@/api/api-resources'
 import { Component, Prop, Vue, Watch } from 'vue-property-decorator'
-import ElInputTagEx from '@/components/InputTagEx/index.vue'
+import ClaimTypeApiService from '@/api/cliam-type'
+import { checkPermission } from '@/utils/permission'
+import { dateFormat } from '@/utils/index'
+import { Claim } from '@/api/types'
+import ApiResourceScopeEditForm from './ApiResourceScopeEditForm.vue'
+import PropertiesEditForm from '../../components/PropertiesEditForm.vue'
+import SecretEditForm from '../../components/SecretEditForm.vue'
 
 @Component({
   name: 'ApiResourceCreateOrEditForm',
   components: {
-    ElInputTagEx
+    SecretEditForm,
+    PropertiesEditForm,
+    ApiResourceScopeEditForm
+  },
+  filters: {
+    dateTimeFilter(datetime: string) {
+      if (datetime) {
+        const date = new Date(datetime)
+        return dateFormat(date, 'YYYY-mm-dd HH:MM:SS')
+      }
+      return ''
+    }
+  },
+  methods: {
+    checkPermission
   }
 })
 export default class extends Vue {
@@ -104,53 +231,105 @@ export default class extends Vue {
   @Prop({ default: '' })
   private apiResourceId!: string
 
-  private apiResource: ApiResource
-  private apiResourceRules = {
-    name: [
-      { required: true, message: this.l('pleaseInputBy', { key: this.l('identityServer.resourceName') }), trigger: 'blur' }
-    ]
-  }
+  private activeTabPane = 'basics'
+  private advancedComponent = 'api-resource-scope-edit-form'
+  private apiResource = new ApiResource()
+  private apiResourceClaims = new Array<Claim>()
+  private newApiSecret = new ApiSecretCreateOrUpdate()
 
   get isEdit() {
-    if (this.apiResource.id) {
+    if (this.apiResourceId) {
       return true
     }
     return false
   }
 
-  constructor() {
-    super()
-    this.apiResource = ApiResource.empty()
+  @Watch('showDialog', { immediate: true })
+  private onShowDialogChanged() {
+    this.handleGetApiResource()
   }
 
-  @Watch('apiResourceId', { immediate: true })
-  private onApiResourceIdChanged() {
-    if (this.apiResourceId) {
-      ApiResourceService.getApiResourceById(this.apiResourceId).then(resource => {
-        this.apiResource = resource
+  mounted() {
+    this.handleGetClaimTypes()
+  }
+
+  private handleGetClaimTypes() {
+    ClaimTypeApiService.getActivedClaimTypes().then(res => {
+      res.items.map(claim => {
+        this.apiResourceClaims.push(new Claim(claim.name, claim.name))
+      })
+    })
+  }
+
+  private handleGetApiResource() {
+    this.activeTabPane = 'basics'
+    if (this.apiResourceId && this.showDialog) {
+      ApiResourceService.getApiResourceById(this.apiResourceId).then(res => {
+        this.apiResource = res
       })
     } else {
-      this.apiResource = ApiResource.empty()
+      this.apiResource = new ApiResource()
     }
   }
 
-  private onSaveApiResource() {
+  private apiResourceSecretCreated(secret: any) {
+    const apiSecret = new ApiSecretCreateOrUpdate()
+    apiSecret.hashType = secret.hashType
+    apiSecret.type = secret.type
+    apiSecret.value = secret.value
+    apiSecret.description = secret.description
+    apiSecret.expiration = secret.expiration
+    this.apiResource.secrets.push(apiSecret)
+  }
+
+  private apiResourceSecretDeleted(type: string, value: string) {
+    const secretIndex = this.apiResource.secrets.findIndex(secret => secret.type === type && secret.value === value)
+    this.apiResource.secrets.splice(secretIndex, 1)
+  }
+
+  private apiResourceScopeCreated(name: string, required: boolean, emphasize: boolean, showInDiscoveryDocument: boolean,
+    userClaims: string[], displayName?: string, description?: string) {
+    const apiScope = new ApiScope()
+    apiScope.name = name
+    apiScope.displayName = displayName
+    apiScope.description = description
+    apiScope.required = required
+    apiScope.emphasize = emphasize
+    apiScope.showInDiscoveryDocument = showInDiscoveryDocument
+    apiScope.userClaims.push(...userClaims)
+    this.apiResource.scopes.push(apiScope)
+  }
+
+  private apiResourceScopeDeleted(name: string) {
+    const scopeIndex = this.apiResource.scopes.findIndex(scope => scope.name === name)
+    this.apiResource.scopes.splice(scopeIndex, 1)
+  }
+
+  private onDropdownMenuItemChanged(component: any) {
+    this.activeTabPane = 'avanced'
+    this.advancedComponent = component
+  }
+
+  private onSave() {
     const frmApiResource = this.$refs.formApiResource as any
     frmApiResource.validate((valid: boolean) => {
       if (valid) {
         if (this.isEdit) {
-          const updateApiResource = ApiResourceUpdate.create(this.apiResource)
-          ApiResourceService.updateApiResource(updateApiResource).then(resource => {
+          const updateApiResource = new ApiResourceUpdate()
+          this.updateApiResourceByInput(updateApiResource)
+          ApiResourceService.updateApiResource(this.apiResourceId, updateApiResource).then(resource => {
             this.apiResource = resource
-            const successMessage = this.l('identityServer.updateApiResourceSuccess', { name: resource.name })
+            const successMessage = this.l('global.successful')
             this.$message.success(successMessage)
             this.onFormClosed(true)
           })
         } else {
-          const createApiResource = ApiResourceCreate.create(this.apiResource)
+          const createApiResource = new ApiResourceCreate()
+          this.updateApiResourceByInput(createApiResource)
+          createApiResource.name = this.apiResource.name
           ApiResourceService.createApiResource(createApiResource).then(resource => {
             this.apiResource = resource
-            const successMessage = this.l('identityServer.createApiResourceSuccess', { name: resource.name })
+            const successMessage = this.l('global.successful')
             this.$message.success(successMessage)
             this.onFormClosed(true)
           })
@@ -159,6 +338,16 @@ export default class extends Vue {
     })
   }
 
+  private updateApiResourceByInput(apiResource: ApiResourceCreateOrUpdate) {
+    apiResource.displayName = this.apiResource.displayName
+    apiResource.description = this.apiResource.description
+    apiResource.enabled = this.apiResource.enabled
+    apiResource.userClaims = this.apiResource.userClaims
+    apiResource.scopes = this.apiResource.scopes
+    apiResource.secrets = this.apiResource.secrets
+    apiResource.properties = this.apiResource.properties
+  }
+
   private onFormClosed(changed: boolean) {
     this.resetFields()
     this.$emit('closed', changed)
@@ -168,6 +357,14 @@ export default class extends Vue {
     this.onFormClosed(false)
   }
 
+  private onPropertyCreated(key: string, value: string) {
+    this.$set(this.apiResource.properties, key, value)
+  }
+
+  private onPropertyDeleted(key: string) {
+    this.$delete(this.apiResource.properties, key)
+  }
+
   public resetFields() {
     const frmApiResource = this.$refs.formApiResource as any
     frmApiResource.resetFields()
@@ -183,9 +380,19 @@ export default class extends Vue {
 .confirm {
   position: absolute;
   right: 10px;
+  top: 20px;
+  width:100px;
 }
 .cancel {
   position: absolute;
   right: 120px;
+  top: 20px;
+  width:100px;
+}
+.full-select {
+  width: 100%;
+}
+.transfer-scope ::v-deep .el-transfer-panel{
+  width: 250px;
 }
 </style>

vueJs/src/views/admin/identityServer/api-resources/components/ApiResourceScopeEditForm.vue

@@ -1,166 +1,209 @@
 <template>
-  <el-dialog
-    v-el-draggable-dialog
-    width="800px"
-    :visible="showDialog"
-    :title="$t('identityServer.apiResourceScope')"
-    custom-class="modal-form"
-    :show-close="false"
-    @close="onFormClosed"
-  >
-    <div class="app-container">
-      <el-form
-        v-if="checkPermission(['IdentityServer.ApiResources.Secrets.Create'])"
-        ref="formApiScope"
-        label-width="120px"
-        :model="apiScope"
-        :rules="apiScopeRules"
-      >
-        <el-form-item
-          prop="name"
-          :label="$t('identityServer.apiScopeName')"
-        >
-          <el-input
-            v-model="apiScope.name"
-            :placeholder="$t('pleaseInputBy', {key: $t('identityServer.apiScopeName')})"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="displayName"
-          :label="$t('identityServer.apiScopeDisplayName')"
-        >
-          <el-input
-            v-model="apiScope.displayName"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="description"
-          :label="$t('identityServer.apiScopeDescription')"
-        >
-          <el-input
-            v-model="apiScope.description"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="required"
-          :label="$t('identityServer.apiScopeRequired')"
-        >
-          <el-switch
-            v-model="apiScope.required"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="emphasize"
-          :label="$t('identityServer.apiScopeEmphasize')"
-        >
-          <el-switch
-            v-model="apiScope.emphasize"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="showInDiscoveryDocument"
-          :label="$t('identityServer.apiScopeShowInDiscoveryDocument')"
-        >
-          <el-switch
-            v-model="apiScope.showInDiscoveryDocument"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="userClaims"
-          :label="$t('identityServer.resourceUserClaims')"
-        >
-          <el-input-tag-ex
-            v-model="apiScope.userClaims"
-            label="type"
-          />
-        </el-form-item>
-
-        <el-form-item
-          style="text-align: center;"
-          label-width="0px"
-        >
-          <el-button
-            type="primary"
-            style="width:180px"
-            @click="onSaveApiScope"
-          >
-            {{ $t('identityServer.createApiScope') }}
-          </el-button>
-        </el-form-item>
-        <el-divider />
-      </el-form>
-    </div>
-
-    <el-table
-      row-key="value"
-      :data="apiScopes"
-      border
-      fit
-      highlight-current-row
-      style="width: 100%;"
+  <div>
+    <el-form
+      ref="apiResourceScopeEditForm"
+      v-permission="['AbpIdentityServer.ApiResources.ManageScopes']"
+      label-width="80px"
+      :model="apiResourceScope"
     >
-      <el-table-column
-        :label="$t('identityServer.apiScopeName')"
-        prop="name"
-        sortable
-        width="150px"
-        align="center"
+      <el-tabs
+        type="border-card"
+        style="width: 100%;"
       >
-        <template slot-scope="{row}">
-          <span>{{ row.name }}</span>
-        </template>
-      </el-table-column>
-      <el-table-column
-        :label="$t('identityServer.apiScopeDisplayName')"
-        prop="displayName"
-        sortable
-        width="200px"
-        align="center"
-      >
-        <template slot-scope="{row}">
-          <span>{{ row.displayName }}</span>
-        </template>
-      </el-table-column>
-      <el-table-column
-        :label="$t('identityServer.apiScopeDescription')"
-        prop="description"
-        width="300px"
-        align="center"
+        <el-tab-pane :label="$t('AbpIdentityServer.Basics')">
+          <el-row>
+            <el-col :span="12">
+              <el-form-item
+                prop="name"
+                :label="$t('AbpIdentityServer.Name')"
+                :rules="{
+                  required: true,
+                  message: $t('pleaseInputBy', {key: $t('AbpIdentityServer.Name')}),
+                  trigger: 'blur'
+                }"
+              >
+                <el-input v-model="apiResourceScope.name" />
+              </el-form-item>
+            </el-col>
+            <el-col :span="12">
+              <el-form-item
+                prop="displayName"
+                :label="$t('AbpIdentityServer.DisplayName')"
+              >
+                <el-input v-model="apiResourceScope.displayName" />
+              </el-form-item>
+            </el-col>
+          </el-row>
+          <el-form-item
+            prop="description"
+            :label="$t('AbpIdentityServer.Description')"
+          >
+            <el-input v-model="apiResourceScope.description" />
+          </el-form-item>
+          <el-row>
+            <el-col :span="6">
+              <el-form-item
+                prop="required"
+                :label="$t('AbpIdentityServer.Required')"
+              >
+                <el-switch v-model="apiResourceScope.required" />
+              </el-form-item>
+            </el-col>
+            <el-col :span="6">
+              <el-form-item
+                prop="emphasize"
+                :label="$t('AbpIdentityServer.Emphasize')"
+              >
+                <el-switch v-model="apiResourceScope.emphasize" />
+              </el-form-item>
+            </el-col>
+            <el-col :span="12">
+              <el-form-item
+                prop="showInDiscoveryDocument"
+                :label="$t('AbpIdentityServer.ShowInDiscoveryDocument')"
+                label-width="150px"
+              >
+                <el-switch v-model="apiResourceScope.showInDiscoveryDocument" />
+              </el-form-item>
+            </el-col>
+          </el-row>
+        </el-tab-pane>
+        <el-tab-pane :label="$t('AbpIdentityServer.UserClaim')">
+          <el-transfer
+            v-model="apiResourceScope.userClaims"
+            class="transfer-scope-new"
+            :data="userClaims"
+            :props="{
+              key: 'type',
+              label: 'value'
+            }"
+            :titles="[$t('AbpIdentityServer.NoClaim'), $t('AbpIdentityServer.ExistsClaim')]"
+          />
+        </el-tab-pane>
+      </el-tabs>
+      <el-form-item
+        style="text-align: center;"
+        label-width="0px"
       >
-        <template slot-scope="{row}">
-          <span>{{ row.description }}</span>
-        </template>
-      </el-table-column>
-      <el-table-column
-        :label="$t('operaActions')"
-        align="center"
-        width="150px"
-        fixed="right"
+        <el-button
+          type="primary"
+          style="width:180px; margin-top: 20px;"
+          @click="onSave"
+        >
+          {{ $t('AbpIdentityServer.Scope:New') }}
+        </el-button>
+      </el-form-item>
+    </el-form>
+    <el-collapse accordion>
+      <el-collapse-item
+        v-for="(scope, index) in apiResourceScopes"
+        :key="index"
       >
-        <template slot-scope="{row}">
-          <el-button
-            :disabled="!checkPermission(['IdentityServer.ApiResources.Scope.Delete'])"
-            size="mini"
-            type="primary"
-            @click="handleDeleteApiScope(row.name)"
+        <h3 slot="title">
+          {{ scope.name }}
+        </h3>
+        <el-card>
+          <el-form
+            :model="scope"
+            label-width="80px"
           >
-            {{ $t('identityServer.deleteApiScope') }}
-          </el-button>
-        </template>
-      </el-table-column>
-    </el-table>
-  </el-dialog>
+            <el-button
+              v-permission="['AbpIdentityServer.ApiResources.ManageScopes']"
+              type="danger"
+              icon="el-icon-delete"
+              size="mini"
+              style="margin-bottom: 10px;"
+              @click="handleDeleteApiScope(scope.name)"
+            >
+              {{ $t('AbpIdentityServer.Scope:Delete') }}
+            </el-button>
+            <el-tabs type="border-card">
+              <el-tab-pane :label="$t('AbpIdentityServer.Basics')">
+                <el-row>
+                  <el-col :span="12">
+                    <el-form-item :label="$t('AbpIdentityServer.Name')">
+                      <el-input
+                        v-model="scope.name"
+                        :readonly="readonly"
+                      />
+                    </el-form-item>
+                  </el-col>
+                  <el-col :span="12">
+                    <el-form-item :label="$t('AbpIdentityServer.DisplayName')">
+                      <el-input
+                        v-model="scope.displayName"
+                        :readonly="readonly"
+                      />
+                    </el-form-item>
+                  </el-col>
+                </el-row>
+                <el-form-item :label="$t('AbpIdentityServer.Description')">
+                  <el-input
+                    v-model="scope.description"
+                    :readonly="readonly"
+                  />
+                </el-form-item>
+                <el-row>
+                  <el-col :span="6">
+                    <el-form-item :label="$t('AbpIdentityServer.Required')">
+                      <el-switch
+                        v-model="scope.required"
+                        :readonly="readonly"
+                      />
+                    </el-form-item>
+                  </el-col>
+                  <el-col :span="6">
+                    <el-form-item :label="$t('AbpIdentityServer.Emphasize')">
+                      <el-switch
+                        v-model="scope.emphasize"
+                        :readonly="readonly"
+                      />
+                    </el-form-item>
+                  </el-col>
+                  <el-col :span="12">
+                    <el-form-item
+                      :label="$t('AbpIdentityServer.ShowInDiscoveryDocument')"
+                      label-width="150px"
+                    >
+                      <el-switch
+                        v-model="scope.showInDiscoveryDocument"
+                        :readonly="readonly"
+                      />
+                    </el-form-item>
+                  </el-col>
+                </el-row>
+              </el-tab-pane>
+              <el-tab-pane :label="$t('AbpIdentityServer.UserClaim')">
+                <el-transfer
+                  v-model="scope.userClaims"
+                  class="transfer-scope-edit"
+                  :data="userClaims"
+                  :props="{
+                    key: 'type',
+                    label: 'value'
+                  }"
+                  :titles="[$t('AbpIdentityServer.NoClaim'), $t('AbpIdentityServer.ExistsClaim')]"
+                />
+              </el-tab-pane>
+            </el-tabs>
+          </el-form>
+        </el-card>
+      </el-collapse-item>
+    </el-collapse>
+  </div>
 </template>
 
 <script lang="ts">
-import ApiResourceService, { ApiScope, ApiScopeCreate } from '@/api/apiresources'
-import { Component, Vue, Prop, Watch } from 'vue-property-decorator'
+import { ApiScope } from '@/api/api-resources'
+import { Component, Vue, Prop } from 'vue-property-decorator'
 import { dateFormat } from '@/utils/index'
 import { checkPermission } from '@/utils/permission'
 import ElInputTagEx from '@/components/InputTagEx/index.vue'
+import { Claim } from '@/api/types'
+import { Form } from 'element-ui'
 
 @Component({
-  name: 'ApiScopeEditForm',
+  name: 'ApiResourceScopeEditForm',
   components: {
     ElInputTagEx
   },
@@ -177,77 +220,37 @@ import ElInputTagEx from '@/components/InputTagEx/index.vue'
     checkPermission
   }
 })
-export default class extends Vue {
-  @Prop({ default: false })
-  private showDialog!: boolean
-
-  @Prop({ default: '' })
-  private apiResourceId!: string
-
-  @Prop({ default: () => new Array<ApiScope>() })
-  private apiScopes!: ApiScope[]
+export default class ApiResourceScopeEditForm extends Vue {
+  @Prop({ default: () => { return new Array<Claim>() } })
+  private userClaims!: Claim[]
 
-  private apiScopeChanged: boolean
-  private apiScope: ApiScopeCreate
-  private apiScopeRules = {
-    name: [
-      { required: true, message: this.l('pleaseInputBy', { key: this.l('identityServer.apiScopeName') }), trigger: 'blur' }
-    ]
-  }
+  @Prop({ default: () => { return new Array<ApiScope>() } })
+  private apiResourceScopes!: ApiScope[]
 
-  constructor() {
-    super()
-    this.apiScopeChanged = false
-    this.apiScope = ApiScopeCreate.empty()
+  get readonly() {
+    return !checkPermission(['AbpIdentityServer.ApiResources.ManageScopes'])
   }
 
-  @Watch('apiResourceId', { immediate: true })
-  private onApiResourceIdChanged() {
-    this.apiScope.apiResourceId = this.apiResourceId
-  }
+  private apiResourceScope = new ApiScope()
 
   private handleDeleteApiScope(name: string) {
-    this.$confirm(this.l('identityServer.deleteApiScopeByName', { name: name }),
-      this.l('identityServer.deleteApiScope'), {
-        callback: (action) => {
-          if (action === 'confirm') {
-            ApiResourceService.deleteApiScope(this.apiResourceId, name).then(() => {
-              const deleteScopeIndex = this.apiScopes.findIndex(scope => scope.name === name)
-              this.apiScopes.splice(deleteScopeIndex, 1)
-              this.$message.success(this.l('identityServer.deleteApiScopeSuccess', { name: name }))
-              this.$emit('apiScopeChanged')
-            })
-          }
-        }
-      })
+    this.$emit('onScopeDeleted', name)
   }
 
-  private onSaveApiScope() {
-    const frmApiScope = this.$refs.formApiScope as any
-    frmApiScope.validate((valid: boolean) => {
+  private onSave() {
+    const apiResourceScopeEditForm = this.$refs.apiResourceScopeEditForm as Form
+    apiResourceScopeEditForm.validate(valid => {
       if (valid) {
-        this.apiScope.apiResourceId = this.apiResourceId
-        ApiResourceService.addApiScope(this.apiScope).then(scope => {
-          this.apiScopes.push(scope)
-          const successMessage = this.l('identityServer.createApiScopeSuccess', { name: this.apiScope.name })
-          this.$message.success(successMessage)
-          this.$emit('apiScopeChanged')
-          this.onFormClosed()
-        })
+        this.$emit('onScopeCreated',
+          this.apiResourceScope.name, this.apiResourceScope.required,
+          this.apiResourceScope.emphasize, this.apiResourceScope.showInDiscoveryDocument,
+          this.apiResourceScope.userClaims, this.apiResourceScope.displayName, this.apiResourceScope.description)
+        apiResourceScopeEditForm.resetFields()
+        this.apiResourceScope.userClaims.length = 0
       }
     })
   }
 
-  private onFormClosed() {
-    this.resetFields()
-    this.$emit('closed')
-  }
-
-  public resetFields() {
-    const frmApiScope = this.$refs.formApiScope as any
-    frmApiScope.resetFields()
-  }
-
   private l(name: string, values?: any[] | { [key: string]: any }) {
     return this.$t(name, values).toString()
   }
@@ -258,4 +261,10 @@ export default class extends Vue {
 .full-select {
   width: 100%;
 }
+.transfer-scope-new ::v-deep .el-transfer-panel{
+  width: 236px;
+}
+.transfer-scope-edit ::v-deep .el-transfer-panel{
+  width: 216px;
+}
 </style>

vueJs/src/views/admin/identityServer/api-resources/components/ApiResourceSecretEditForm.vue

@@ -1,304 +0,0 @@
-<template>
-  <el-dialog
-    v-el-draggable-dialog
-    width="800px"
-    :visible="showDialog"
-    :title="$t('identityServer.apiResourceSecret')"
-    custom-class="modal-form"
-    :show-close="false"
-    @close="onFormClosed"
-  >
-    <div class="app-container">
-      <el-form
-        v-if="checkPermission(['IdentityServer.ApiResources.Secrets.Create'])"
-        ref="formApiSecret"
-        label-width="100px"
-        :model="apiSecret"
-        :rules="apiSecretRules"
-      >
-        <el-form-item
-          prop="type"
-          :label="$t('identityServer.secretType')"
-        >
-          <el-select
-            v-model="apiSecret.type"
-            class="full-select"
-            :placeholder="$t('pleaseSelectBy', {key: $t('identityServer.secretType')})"
-          >
-            <el-option
-              key="JWK"
-              label="JsonWebKey"
-              value="JWK"
-            />
-            <el-option
-              key="SharedSecret"
-              label="SharedSecret"
-              value="SharedSecret"
-            />
-            <el-option
-              key="X509Name"
-              label="X509CertificateName"
-              value="X509Name"
-            />
-            <el-option
-              key="X509CertificateBase64"
-              label="X509CertificateBase64"
-              value="X509CertificateBase64"
-            />
-            <el-option
-              key="X509Thumbprint"
-              label="X509CertificateThumbprint"
-              value="X509Thumbprint"
-            />
-          </el-select>
-        </el-form-item>
-        <el-form-item
-          prop="hashType"
-          :label="$t('identityServer.secretHashType')"
-        >
-          <el-popover
-            ref="popHashType"
-            placement="top-start"
-            trigger="hover"
-            :content="$t('identityServer.hashOnlySharedSecret')"
-          />
-          <el-select
-            v-model="apiSecret.hashType"
-            v-popover:popHashType
-            :disabled="apiSecret.type !== 'SharedSecret'"
-            class="full-select"
-            :placeholder="$t('pleaseSelectBy', {key: $t('identityServer.secretHashType')})"
-          >
-            <el-option
-              :key="0"
-              label="Sha256"
-              :value="0"
-            />
-            <el-option
-              :key="1"
-              label="Sha512"
-              :value="1"
-            />
-          </el-select>
-        </el-form-item>
-        <el-form-item
-          prop="value"
-          :label="$t('identityServer.secretValue')"
-        >
-          <el-input
-            v-model="apiSecret.value"
-            :placeholder="$t('pleaseInputBy', {key: $t('identityServer.secretValue')})"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="description"
-          :label="$t('identityServer.secretDescription')"
-        >
-          <el-input
-            v-model="apiSecret.description"
-          />
-        </el-form-item>
-        <el-form-item
-          prop="expiration"
-          :label="$t('identityServer.expiration')"
-        >
-          <el-date-picker
-            v-model="apiSecret.expiration"
-            class="full-select"
-            type="datetime"
-          />
-        </el-form-item>
-
-        <el-form-item
-          style="text-align: center;"
-          label-width="0px"
-        >
-          <el-button
-            type="primary"
-            style="width:180px"
-            @click="onSaveApiSecret"
-          >
-            {{ $t('identityServer.createApiSecret') }}
-          </el-button>
-        </el-form-item>
-        <el-divider />
-      </el-form>
-    </div>
-
-    <el-table
-      row-key="value"
-      :data="apiSecrets"
-      border
-      fit
-      highlight-current-row
-      style="width: 100%;"
-    >
-      <el-table-column
-        :label="$t('identityServer.secretType')"
-        prop="type"
-        sortable
-        width="150px"
-        align="center"
-      >
-        <template slot-scope="{row}">
-          <span>{{ row.type }}</span>
-        </template>
-      </el-table-column>
-      <el-table-column
-        :label="$t('identityServer.secretValue')"
-        prop="value"
-        sortable
-        width="200px"
-        align="center"
-      >
-        <template slot-scope="{row}">
-          <span>{{ row.value }}</span>
-        </template>
-      </el-table-column>
-      <el-table-column
-        :label="$t('identityServer.secretDescription')"
-        prop="description"
-        width="170px"
-        align="center"
-      >
-        <template slot-scope="{row}">
-          <span>{{ row.description }}</span>
-        </template>
-      </el-table-column>
-      <el-table-column
-        :label="$t('identityServer.expiration')"
-        prop="expiration"
-        width="170px"
-        align="center"
-      >
-        <template slot-scope="{row}">
-          <span>{{ row.expiration | dateTimeFilter }}</span>
-        </template>
-      </el-table-column>
-      <el-table-column
-        :label="$t('operaActions')"
-        align="center"
-        width="150px"
-        fixed="right"
-      >
-        <template slot-scope="{row}">
-          <el-button
-            :disabled="!checkPermission(['IdentityServer.ApiResources.Secrets.Delete'])"
-            size="mini"
-            type="primary"
-            @click="handleDeleteApiSecret(row.type, row.value)"
-          >
-            {{ $t('identityServer.deleteApiSecret') }}
-          </el-button>
-        </template>
-      </el-table-column>
-    </el-table>
-  </el-dialog>
-</template>
-
-<script lang="ts">
-import ApiResourceService, { ApiSecret, ApiSecretCreate } from '@/api/apiresources'
-import { Component, Vue, Prop, Watch } from 'vue-property-decorator'
-import { dateFormat } from '@/utils/index'
-import { checkPermission } from '@/utils/permission'
-
-@Component({
-  name: 'ApiSecretEditForm',
-  filters: {
-    dateTimeFilter(datetime: string) {
-      if (datetime) {
-        const date = new Date(datetime)
-        return dateFormat(date, 'YYYY-mm-dd HH:MM')
-      }
-      return ''
-    }
-  },
-  methods: {
-    checkPermission
-  }
-})
-export default class extends Vue {
-  @Prop({ default: false })
-  private showDialog!: boolean
-
-  @Prop({ default: '' })
-  private apiResourceId!: string
-
-  @Prop({ default: () => new Array<ApiSecret>() })
-  private apiSecrets!: ApiSecret[]
-
-  private apiSecretChanged: boolean
-  private apiSecret: ApiSecretCreate
-  private apiSecretRules = {
-    type: [
-      { required: true, message: this.l('pleaseSelectBy', { key: this.l('identityServer.secretType') }), trigger: 'change' }
-    ],
-    value: [
-      { required: true, message: this.l('pleaseInputBy', { key: this.l('identityServer.secretValue') }), trigger: 'blur' }
-    ]
-  }
-
-  constructor() {
-    super()
-    this.apiSecretChanged = false
-    this.apiSecret = ApiSecretCreate.empty()
-  }
-
-  @Watch('apiResourceId', { immediate: true })
-  private onApiResourceIdChanged() {
-    this.apiSecret.apiResourceId = this.apiResourceId
-  }
-
-  private handleDeleteApiSecret(type: string, value: string) {
-    this.$confirm(this.l('identityServer.deleteApiSecretByType', { type: value }),
-      this.l('identityServer.deleteApiSecret'), {
-        callback: (action) => {
-          if (action === 'confirm') {
-            ApiResourceService.deleteApiSecret(this.apiResourceId, type, value).then(() => {
-              const deleteSecretIndex = this.apiSecrets.findIndex(secret => secret.type === type)
-              this.apiSecrets.splice(deleteSecretIndex, 1)
-              this.$message.success(this.l('identityServer.deleteApiSecretSuccess', { type: value }))
-              this.$emit('apiSecretChanged')
-            })
-          }
-        }
-      })
-  }
-
-  private onSaveApiSecret() {
-    const frmApiSecret = this.$refs.formApiSecret as any
-    frmApiSecret.validate((valid: boolean) => {
-      if (valid) {
-        this.apiSecret.apiResourceId = this.apiResourceId
-        ApiResourceService.addApiSecret(this.apiSecret).then(secret => {
-          this.apiSecrets.push(secret)
-          const successMessage = this.l('identityServer.createApiSecretSuccess', { type: this.apiSecret.type })
-          this.$message.success(successMessage)
-          this.$emit('apiSecretChanged')
-          this.onFormClosed()
-        })
-      }
-    })
-  }
-
-  private onFormClosed() {
-    this.resetFields()
-    this.$emit('closed')
-  }
-
-  private resetFields() {
-    const frmApiSecret = this.$refs.formApiSecret as any
-    frmApiSecret.resetFields()
-  }
-
-  private l(name: string, values?: any[] | { [key: string]: any }) {
-    return this.$t(name, values).toString()
-  }
-}
-</script>
-
-<style lang="scss" scoped>
-.full-select {
-  width: 100%;
-}
-</style>