diff --git a/aspnet-core/framework/security/LINGYUN.Abp.Claims.Mapping/LINGYUN.Abp.Claims.Mapping.csproj b/aspnet-core/framework/security/LINGYUN.Abp.Claims.Mapping/LINGYUN.Abp.Claims.Mapping.csproj
index 40a4d5d94..612afb912 100644
--- a/aspnet-core/framework/security/LINGYUN.Abp.Claims.Mapping/LINGYUN.Abp.Claims.Mapping.csproj
+++ b/aspnet-core/framework/security/LINGYUN.Abp.Claims.Mapping/LINGYUN.Abp.Claims.Mapping.csproj
@@ -16,6 +16,7 @@
+
diff --git a/aspnet-core/services/LY.MicroService.AuthServer/TokenWildcardIssuerValidator.cs b/aspnet-core/framework/security/LINGYUN.Abp.Claims.Mapping/Microsoft/IdentityModel/Tokens/TokenWildcardIssuerValidator.cs
similarity index 97%
rename from aspnet-core/services/LY.MicroService.AuthServer/TokenWildcardIssuerValidator.cs
rename to aspnet-core/framework/security/LINGYUN.Abp.Claims.Mapping/Microsoft/IdentityModel/Tokens/TokenWildcardIssuerValidator.cs
index 3d87d7862..42646c01c 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer/TokenWildcardIssuerValidator.cs
+++ b/aspnet-core/framework/security/LINGYUN.Abp.Claims.Mapping/Microsoft/IdentityModel/Tokens/TokenWildcardIssuerValidator.cs
@@ -1,5 +1,4 @@
using Microsoft.IdentityModel.Logging;
-using Microsoft.IdentityModel.Tokens;
using System;
using System.Collections.Generic;
using System.Globalization;
@@ -7,9 +6,10 @@ using System.Linq;
using System.Text;
using Volo.Abp.Text.Formatting;
-namespace LY.MicroService.AuthServer;
+namespace Microsoft.IdentityModel.Tokens;
///
+/// Copy from: https://github.com/maliming/Owl.TokenWildcardIssuerValidator
/// https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/blob/dev/src/Microsoft.IdentityModel.Tokens/Validators.cs#L207
///
public static class TokenWildcardIssuerValidator
@@ -128,3 +128,4 @@ public static class TokenWildcardIssuerValidator
return first ? Utility.Empty : sb.ToString();
}
}
+
diff --git a/aspnet-core/migrations/LY.MicroService.WebhooksManagement.EntityFrameworkCore/LY.MicroService.WebhooksManagement.EntityFrameworkCore.csproj b/aspnet-core/migrations/LY.MicroService.WebhooksManagement.EntityFrameworkCore/LY.MicroService.WebhooksManagement.EntityFrameworkCore.csproj
index d9dd920c0..0c9ad3341 100644
--- a/aspnet-core/migrations/LY.MicroService.WebhooksManagement.EntityFrameworkCore/LY.MicroService.WebhooksManagement.EntityFrameworkCore.csproj
+++ b/aspnet-core/migrations/LY.MicroService.WebhooksManagement.EntityFrameworkCore/LY.MicroService.WebhooksManagement.EntityFrameworkCore.csproj
@@ -18,7 +18,7 @@
-
+
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/AbpDynamicFeatureDefinitionStoreInMemoryCache.cs b/aspnet-core/services/LY.MicroService.Applications.Single/AbpDynamicFeatureDefinitionStoreInMemoryCache.cs
deleted file mode 100644
index ff908c19c..000000000
--- a/aspnet-core/services/LY.MicroService.Applications.Single/AbpDynamicFeatureDefinitionStoreInMemoryCache.cs
+++ /dev/null
@@ -1,112 +0,0 @@
-
-using Volo.Abp.DependencyInjection;
-
-namespace LY.MicroService.Applications.Single;
-
-[Dependency(ServiceLifetime.Singleton, ReplaceServices = true)]
-public class AbpDynamicFeatureDefinitionStoreInMemoryCache : IDynamicFeatureDefinitionStoreInMemoryCache
-{
- public string CacheStamp { get; set; }
-
- protected IDictionary FeatureGroupDefinitions { get; }
- protected IDictionary FeatureDefinitions { get; }
- protected StringValueTypeSerializer StateCheckerSerializer { get; }
- protected ILocalizableStringSerializer LocalizableStringSerializer { get; }
-
- public SemaphoreSlim SyncSemaphore { get; } = new(1, 1);
-
- public DateTime? LastCheckTime { get; set; }
-
- public AbpDynamicFeatureDefinitionStoreInMemoryCache(
- StringValueTypeSerializer stateCheckerSerializer,
- ILocalizableStringSerializer localizableStringSerializer)
- {
- StateCheckerSerializer = stateCheckerSerializer;
- LocalizableStringSerializer = localizableStringSerializer;
-
- FeatureGroupDefinitions = new Dictionary();
- FeatureDefinitions = new Dictionary();
- }
-
- public Task FillAsync(
- List featureGroupRecords,
- List featureRecords)
- {
- FeatureGroupDefinitions.Clear();
- FeatureDefinitions.Clear();
-
- var context = new FeatureDefinitionContext();
-
- foreach (var featureGroupRecord in featureGroupRecords)
- {
- var featureGroup = context.AddGroup(
- featureGroupRecord.Name,
- featureGroupRecord.DisplayName != null ? LocalizableStringSerializer.Deserialize(featureGroupRecord.DisplayName) : null
- );
-
- FeatureGroupDefinitions[featureGroup.Name] = featureGroup;
-
- foreach (var property in featureGroupRecord.ExtraProperties)
- {
- featureGroup[property.Key] = property.Value;
- }
-
- var featureRecordsInThisGroup = featureRecords
- .Where(p => p.GroupName == featureGroup.Name);
-
- foreach (var featureRecord in featureRecordsInThisGroup.Where(x => x.ParentName == null))
- {
- AddFeatureRecursively(featureGroup, featureRecord, featureRecords);
- }
- }
-
- return Task.CompletedTask;
- }
-
- public FeatureDefinition GetFeatureOrNull(string name)
- {
- return FeatureDefinitions.GetOrDefault(name);
- }
-
- public IReadOnlyList GetFeatures()
- {
- return FeatureDefinitions.Values.ToList();
- }
-
- public IReadOnlyList GetGroups()
- {
- return FeatureGroupDefinitions.Values.ToList();
- }
-
- private void AddFeatureRecursively(ICanCreateChildFeature featureContainer,
- FeatureDefinitionRecord featureRecord,
- List allFeatureRecords)
- {
- var feature = featureContainer.CreateChildFeature(
- featureRecord.Name,
- featureRecord.DefaultValue,
- featureRecord.DisplayName != null ? LocalizableStringSerializer.Deserialize(featureRecord.DisplayName) : null,
- featureRecord.Description != null ? LocalizableStringSerializer.Deserialize(featureRecord.Description) : null,
- StateCheckerSerializer.Deserialize(featureRecord.ValueType),
- featureRecord.IsVisibleToClients,
- featureRecord.IsAvailableToHost
- );
-
- FeatureDefinitions[feature.Name] = feature;
-
- if (!featureRecord.AllowedProviders.IsNullOrWhiteSpace())
- {
- feature.AllowedProviders.AddRange(featureRecord.AllowedProviders.Split(','));
- }
-
- foreach (var property in featureRecord.ExtraProperties)
- {
- feature[property.Key] = property.Value;
- }
-
- foreach (var subFeature in allFeatureRecords.Where(p => p.ParentName == featureRecord.Name))
- {
- AddFeatureRecursively(feature, subFeature, allFeatureRecords);
- }
- }
-}
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/GlobalUsings.cs b/aspnet-core/services/LY.MicroService.Applications.Single/GlobalUsings.cs
index b063a8e22..d9c8959de 100644
--- a/aspnet-core/services/LY.MicroService.Applications.Single/GlobalUsings.cs
+++ b/aspnet-core/services/LY.MicroService.Applications.Single/GlobalUsings.cs
@@ -142,6 +142,7 @@ global using Microsoft.AspNetCore.Server.Kestrel.Core;
global using Microsoft.Extensions.Caching.StackExchangeRedis;
global using Microsoft.Extensions.DependencyInjection;
global using Microsoft.IdentityModel.Logging;
+global using Microsoft.IdentityModel.Tokens;
global using Microsoft.OpenApi.Models;
global using MiniExcelLibs.Attributes;
global using OpenIddict.Server;
@@ -158,7 +159,6 @@ global using Volo.Abp.AspNetCore.Authentication.JwtBearer;
global using Volo.Abp.AspNetCore.Mvc;
global using Volo.Abp.AspNetCore.Mvc.AntiForgery;
global using Volo.Abp.AspNetCore.Mvc.UI.Bundling;
-//global using Volo.Abp.AspNetCore.Mvc.UI.Theme.Basic;
global using Volo.Abp.AspNetCore.Mvc.UI.Theme.LeptonXLite;
global using Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Bundling;
global using Volo.Abp.AspNetCore.Serilog;
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/LY.MicroService.Applications.Single.csproj b/aspnet-core/services/LY.MicroService.Applications.Single/LY.MicroService.Applications.Single.csproj
index 937882672..88e7de0e3 100644
--- a/aspnet-core/services/LY.MicroService.Applications.Single/LY.MicroService.Applications.Single.csproj
+++ b/aspnet-core/services/LY.MicroService.Applications.Single/LY.MicroService.Applications.Single.csproj
@@ -104,6 +104,7 @@
+
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs b/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs
index 4efae197c..9cf69aa48 100644
--- a/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs
@@ -47,6 +47,10 @@ public partial class MicroServiceApplicationsSingleModule
return;
}
options
+ .UseMySql(mySqlOptions =>
+ {
+ configuration.GetSection("CAP:MySql").Bind(mySqlOptions);
+ })
.UseRabbitMQ(rabbitMQOptions =>
{
configuration.GetSection("CAP:RabbitMQ").Bind(rabbitMQOptions);
@@ -770,7 +774,7 @@ public partial class MicroServiceApplicationsSingleModule
Configure(options =>
{
options.ScriptBundles
- .Configure(StandardBundles.Styles.Global, bundle =>
+ .Configure(StandardBundles.Scripts.Global, bundle =>
{
bundle.AddContributors(typeof(SingleGlobalScriptContributor));
});
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.cs b/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.cs
index 8388f5609..1022d76c7 100644
--- a/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.cs
+++ b/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.cs
@@ -53,7 +53,6 @@ namespace LY.MicroService.Applications.Single;
typeof(AbpGdprWebModule),
// MVC Theme
- //typeof(AbpAspNetCoreMvcUiBasicThemeModule),
typeof(AbpAspNetCoreMvcUiLeptonXLiteThemeModule),
// 审计日志模块 应用服务
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/TokenWildcardIssuerValidator.cs b/aspnet-core/services/LY.MicroService.Applications.Single/TokenWildcardIssuerValidator.cs
deleted file mode 100644
index 57b993557..000000000
--- a/aspnet-core/services/LY.MicroService.Applications.Single/TokenWildcardIssuerValidator.cs
+++ /dev/null
@@ -1,127 +0,0 @@
-using Microsoft.IdentityModel.Tokens;
-using System.Globalization;
-using System.Text;
-using Volo.Abp.Text.Formatting;
-
-namespace LY.MicroService.Applications.Single;
-
-///
-/// https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/blob/dev/src/Microsoft.IdentityModel.Tokens/Validators.cs#L207
-///
-public static class TokenWildcardIssuerValidator
-{
- private const string IDX10204 = "IDX10204: Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null.";
- private const string IDX10205 = "IDX10205: Issuer validation failed. Issuer: '{0}'. Did not match: validationParameters.ValidIssuer: '{1}' or validationParameters.ValidIssuers: '{2}'.";
- private const string IDX10211 = "IDX10211: Unable to validate issuer. The 'issuer' parameter is null or whitespace";
- private const string IDX10235 = "IDX10235: ValidateIssuer property on ValidationParameters is set to false. Exiting without validating the issuer.";
- private const string IDX10236 = "IDX10236: Issuer Validated.Issuer: '{0}'";
-
- public static readonly IssuerValidator IssuerValidator = (issuer, token, validationParameters) =>
- {
- if (validationParameters == null)
- {
- throw LogHelper.LogArgumentNullException(nameof(validationParameters));
- }
-
- if (!validationParameters.ValidateIssuer)
- {
- LogHelper.LogInformation(IDX10235);
- return issuer;
- }
-
- if (string.IsNullOrWhiteSpace(issuer))
- {
- throw LogHelper.LogExceptionMessage(new SecurityTokenInvalidIssuerException(IDX10211)
- {
- InvalidIssuer = issuer
- });
- }
-
- // Throw if all possible places to validate against are null or empty
- if (string.IsNullOrWhiteSpace(validationParameters.ValidIssuer) &&
- validationParameters.ValidIssuers == null)
- {
- throw LogHelper.LogExceptionMessage(new SecurityTokenInvalidIssuerException(IDX10204)
- {
- InvalidIssuer = issuer
- });
- }
-
- if (string.Equals(validationParameters.ValidIssuer, issuer, StringComparison.Ordinal))
- {
- LogHelper.LogInformation(IDX10236, issuer);
- return issuer;
- }
-
- if (!string.IsNullOrWhiteSpace(validationParameters.ValidIssuer))
- {
- var extractResult = FormattedStringValueExtracter.Extract(issuer, validationParameters.ValidIssuer, ignoreCase: true);
- if (extractResult.IsMatch &&
- extractResult.Matches.Aggregate(validationParameters.ValidIssuer, (current, nameValue) => current.Replace($"{{{nameValue.Name}}}", nameValue.Value))
- .IndexOf(issuer, StringComparison.OrdinalIgnoreCase) >= 0)
- {
- return issuer;
- }
- }
-
- if (null != validationParameters.ValidIssuers)
- {
- foreach (var str in validationParameters.ValidIssuers)
- {
- if (string.IsNullOrEmpty(str))
- {
- LogHelper.LogInformation(IDX10235);
- continue;
- }
-
- if (string.Equals(str, issuer, StringComparison.Ordinal))
- {
- LogHelper.LogInformation(IDX10236, issuer);
- return issuer;
- }
-
- var extractResult = FormattedStringValueExtracter.Extract(issuer, str, ignoreCase: true);
- if (extractResult.IsMatch &&
- extractResult.Matches.Aggregate(str, (current, nameValue) => current.Replace($"{{{nameValue.Name}}}", nameValue.Value))
- .IndexOf(issuer, StringComparison.OrdinalIgnoreCase) >= 0)
- {
- return issuer;
- }
- }
- }
-
- throw LogHelper.LogExceptionMessage(
- new SecurityTokenInvalidIssuerException(LogHelper.FormatInvariant(IDX10205, issuer,
- (validationParameters.ValidIssuer ?? "null"),
- SerializeAsSingleCommaDelimitedString(validationParameters.ValidIssuers)))
- {
- InvalidIssuer = issuer
- });
- };
-
- private static string SerializeAsSingleCommaDelimitedString(IEnumerable strings)
- {
- if (strings == null)
- {
- return Utility.Null;
- }
-
- var sb = new StringBuilder();
- var first = true;
- foreach (var str in strings)
- {
- if (first)
- {
- sb.AppendFormat(CultureInfo.InvariantCulture, "{0}", str ?? Utility.Null);
- first = false;
- }
- else
- {
- sb.AppendFormat(CultureInfo.InvariantCulture, ", {0}", str ?? Utility.Null);
- }
- }
-
- return first ? Utility.Empty : sb.ToString();
- }
-}
-
diff --git a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.Configure.cs
index 987b440e9..c4cac9f55 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.Configure.cs
@@ -21,9 +21,11 @@ using Microsoft.Extensions.Caching.StackExchangeRedis;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Logging;
+using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using StackExchange.Redis;
using System;
+using System.Collections.Generic;
using System.Linq;
using System.Text.Encodings.Web;
using System.Text.Unicode;
@@ -447,9 +449,16 @@ public partial class AuthServerHttpApiHostModule
private void ConfigureSecurity(IServiceCollection services, IConfiguration configuration, bool isDevelopment = false)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
- .AddJwtBearer(options =>
+ .AddAbpJwtBearer(options =>
{
configuration.GetSection("AuthServer").Bind(options);
+
+ var validIssuers = configuration.GetSection("AuthServer:ValidIssuers").Get>();
+ if (validIssuers?.Count > 0)
+ {
+ options.TokenValidationParameters.ValidIssuers = validIssuers;
+ options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
+ }
});
if (!isDevelopment)
diff --git a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.cs b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.cs
index 649d485e7..e51335ce6 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.cs
+++ b/aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.cs
@@ -38,6 +38,7 @@ using Volo.Abp.EntityFrameworkCore.MySQL;
using Volo.Abp.FeatureManagement.EntityFrameworkCore;
using Volo.Abp.Http.Client;
using Volo.Abp.Modularity;
+using Volo.Abp.MultiTenancy;
using Volo.Abp.OpenIddict.EntityFrameworkCore;
using Volo.Abp.PermissionManagement.EntityFrameworkCore;
using Volo.Abp.SettingManagement.EntityFrameworkCore;
diff --git a/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs b/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs
index 855c61ac8..78dced076 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs
@@ -380,6 +380,7 @@ public partial class AuthServerModule
.AddJwtBearer(options =>
{
configuration.GetSection("AuthServer").Bind(options);
+
var validIssuers = configuration.GetSection("AuthServer:ValidIssuers").Get>();
if (validIssuers?.Count > 0)
{
diff --git a/aspnet-core/services/LY.MicroService.AuthServer/LY.MicroService.AuthServer.csproj b/aspnet-core/services/LY.MicroService.AuthServer/LY.MicroService.AuthServer.csproj
index 3e66a46de..765b7485a 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer/LY.MicroService.AuthServer.csproj
+++ b/aspnet-core/services/LY.MicroService.AuthServer/LY.MicroService.AuthServer.csproj
@@ -33,7 +33,6 @@
-
@@ -52,6 +51,7 @@
+
diff --git a/aspnet-core/services/LY.MicroService.AuthServer/package.json b/aspnet-core/services/LY.MicroService.AuthServer/package.json
index bc16ffb7e..ab420c545 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer/package.json
+++ b/aspnet-core/services/LY.MicroService.AuthServer/package.json
@@ -1,9 +1,9 @@
{
- "version": "9.1.3",
+ "version": "9.2.0",
"name": "my-app-authserver",
"private": true,
"dependencies": {
- "@abp/aspnetcore.mvc.ui.theme.leptonxlite": "4.1.3",
- "@abp/qrcode": "9.1.3"
+ "@abp/aspnetcore.mvc.ui.theme.leptonxlite": "4.2.0",
+ "@abp/qrcode": "9.2.0"
}
}
\ No newline at end of file
diff --git a/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.Configure.cs
index 93b4d439f..bac9e49e5 100644
--- a/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.Configure.cs
@@ -20,6 +20,7 @@ using Microsoft.Extensions.Caching.StackExchangeRedis;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Logging;
+using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using StackExchange.Redis;
using System;
@@ -413,14 +414,16 @@ public partial class BackendAdminHttpApiHostModule
private void ConfigureSecurity(IServiceCollection services, IConfiguration configuration, bool isDevelopment = false)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
- .AddJwtBearer(options =>
+ .AddAbpJwtBearer(options =>
{
configuration.GetSection("AuthServer").Bind(options);
- //options.Authority = configuration["AuthServer:Authority"];
- //options.RequireHttpsMetadata = false;
- //options.Audience = configuration["AuthServer:ApiName"];
- //options.MapInboundClaims = false;
+ var validIssuers = configuration.GetSection("AuthServer:ValidIssuers").Get>();
+ if (validIssuers?.Count > 0)
+ {
+ options.TokenValidationParameters.ValidIssuers = validIssuers;
+ options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
+ }
});
if (!isDevelopment)
diff --git a/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.Configure.cs
index aeecd08fb..65227054a 100644
--- a/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.Configure.cs
@@ -19,6 +19,7 @@ using Microsoft.Extensions.Caching.StackExchangeRedis;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Logging;
+using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using StackExchange.Redis;
using System;
@@ -436,9 +437,16 @@ public partial class IdentityServerHttpApiHostModule
private void ConfigureSecurity(IServiceCollection services, IConfiguration configuration, bool isDevelopment = false)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
- .AddJwtBearer(options =>
+ .AddAbpJwtBearer(options =>
{
configuration.GetSection("AuthServer").Bind(options);
+
+ var validIssuers = configuration.GetSection("AuthServer:ValidIssuers").Get>();
+ if (validIssuers?.Count > 0)
+ {
+ options.TokenValidationParameters.ValidIssuers = validIssuers;
+ options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
+ }
});
if (!isDevelopment)
diff --git a/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.Configure.cs
index 79347f952..83e76f899 100644
--- a/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.Configure.cs
@@ -17,9 +17,11 @@ using Microsoft.Extensions.Caching.StackExchangeRedis;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Logging;
+using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using StackExchange.Redis;
using System;
+using System.Collections.Generic;
using System.Linq;
using System.Text.Encodings.Web;
using System.Text.Unicode;
@@ -319,9 +321,16 @@ public partial class LocalizationManagementHttpApiHostModule
private void ConfigureSecurity(IServiceCollection services, IConfiguration configuration, bool isDevelopment = false)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
- .AddJwtBearer(options =>
+ .AddAbpJwtBearer(options =>
{
configuration.GetSection("AuthServer").Bind(options);
+
+ var validIssuers = configuration.GetSection("AuthServer:ValidIssuers").Get>();
+ if (validIssuers?.Count > 0)
+ {
+ options.TokenValidationParameters.ValidIssuers = validIssuers;
+ options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
+ }
});
if (isDevelopment)
diff --git a/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.Configure.cs
index 42bfba928..42f9e7484 100644
--- a/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.Configure.cs
@@ -21,9 +21,11 @@ using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.IdentityModel.Logging;
+using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using StackExchange.Redis;
using System;
+using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text.Encodings.Web;
@@ -209,6 +211,7 @@ public partial class PlatformManagementHttpApiHostModule
{
Configure(options =>
{
+ options.IsEnabledForIntegrationServices = true;
options.ApplicationName = ApplicationName;
// 是否启用实体变更记录
var allEntitiesSelectorIsEnabled = configuration["Auditing:AllEntitiesSelector"];
@@ -395,9 +398,17 @@ public partial class PlatformManagementHttpApiHostModule
private void ConfigureSecurity(IServiceCollection services, IConfiguration configuration, bool isDevelopment = false)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
- .AddJwtBearer(options =>
+ .AddAbpJwtBearer(options =>
{
configuration.GetSection("AuthServer").Bind(options);
+
+ var validIssuers = configuration.GetSection("AuthServer:ValidIssuers").Get>();
+ if (validIssuers?.Count > 0)
+ {
+ options.TokenValidationParameters.ValidIssuers = validIssuers;
+ options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
+ }
+
options.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
@@ -414,6 +425,8 @@ public partial class PlatformManagementHttpApiHostModule
};
});
+ services.AddAlwaysAllowAuthorization();
+
if (!isDevelopment)
{
var redis = ConnectionMultiplexer.Connect(configuration["Redis:Configuration"]);
diff --git a/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.Configure.cs
index 6c962347f..ae2980204 100644
--- a/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.Configure.cs
@@ -22,6 +22,7 @@ using Microsoft.Extensions.Caching.StackExchangeRedis;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Logging;
+using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using Quartz;
using StackExchange.Redis;
@@ -422,9 +423,17 @@ public partial class RealtimeMessageHttpApiHostModule
private void ConfigureSecurity(IServiceCollection services, IConfiguration configuration, bool isDevelopment = false)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
- .AddJwtBearer(options =>
+ .AddAbpJwtBearer(options =>
{
configuration.GetSection("AuthServer").Bind(options);
+
+ var validIssuers = configuration.GetSection("AuthServer:ValidIssuers").Get>();
+ if (validIssuers?.Count > 0)
+ {
+ options.TokenValidationParameters.ValidIssuers = validIssuers;
+ options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
+ }
+
options.Events = new JwtBearerEvents
{
OnMessageReceived = context =>
diff --git a/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.Configure.cs
index e01b17552..e44fe2ea0 100644
--- a/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.Configure.cs
@@ -18,6 +18,7 @@ using Microsoft.Extensions.Caching.StackExchangeRedis;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Logging;
+using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using Quartz;
using StackExchange.Redis;
@@ -374,9 +375,16 @@ public partial class TaskManagementHttpApiHostModule
private void ConfigureSecurity(IServiceCollection services, IConfiguration configuration, bool isDevelopment = false)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
- .AddJwtBearer(options =>
+ .AddAbpJwtBearer(options =>
{
configuration.GetSection("AuthServer").Bind(options);
+
+ var validIssuers = configuration.GetSection("AuthServer:ValidIssuers").Get>();
+ if (validIssuers?.Count > 0)
+ {
+ options.TokenValidationParameters.ValidIssuers = validIssuers;
+ options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
+ }
});
if (!isDevelopment)
diff --git a/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.Configure.cs
index a5912378e..a629eb97a 100644
--- a/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.Configure.cs
@@ -21,6 +21,7 @@ using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.IdentityModel.Logging;
+using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using Quartz;
using StackExchange.Redis;
@@ -404,9 +405,16 @@ public partial class WebhooksManagementHttpApiHostModule
private void ConfigureSecurity(IServiceCollection services, IConfiguration configuration, bool isDevelopment = false)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
- .AddJwtBearer(options =>
+ .AddAbpJwtBearer(options =>
{
configuration.GetSection("AuthServer").Bind(options);
+
+ var validIssuers = configuration.GetSection("AuthServer:ValidIssuers").Get>();
+ if (validIssuers?.Count > 0)
+ {
+ options.TokenValidationParameters.ValidIssuers = validIssuers;
+ options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
+ }
});
if (!isDevelopment)
diff --git a/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.Configure.cs
index c6837111b..9a7eb8347 100644
--- a/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.Configure.cs
@@ -16,6 +16,7 @@ using Microsoft.Extensions.Caching.StackExchangeRedis;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Logging;
+using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using StackExchange.Redis;
using System;
@@ -354,9 +355,16 @@ public partial class WechatManagementHttpApiHostModule
private void ConfigureSecurity(IServiceCollection services, IConfiguration configuration, bool isDevelopment = false)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
- .AddJwtBearer(options =>
+ .AddAbpJwtBearer(options =>
{
configuration.GetSection("AuthServer").Bind(options);
+
+ var validIssuers = configuration.GetSection("AuthServer:ValidIssuers").Get>();
+ if (validIssuers?.Count > 0)
+ {
+ options.TokenValidationParameters.ValidIssuers = validIssuers;
+ options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
+ }
});
if (!isDevelopment)
diff --git a/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.Configure.cs b/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.Configure.cs
index 6efe6caa6..bcb0f487c 100644
--- a/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.Configure.cs
@@ -22,6 +22,7 @@ using Microsoft.Extensions.Caching.StackExchangeRedis;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.IdentityModel.Logging;
+using Microsoft.IdentityModel.Tokens;
using Microsoft.OpenApi.Models;
using Quartz;
using StackExchange.Redis;
@@ -457,9 +458,16 @@ public partial class WorkflowManagementHttpApiHostModule
});
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
- .AddJwtBearer(options =>
+ .AddAbpJwtBearer(options =>
{
configuration.GetSection("AuthServer").Bind(options);
+
+ var validIssuers = configuration.GetSection("AuthServer:ValidIssuers").Get>();
+ if (validIssuers?.Count > 0)
+ {
+ options.TokenValidationParameters.ValidIssuers = validIssuers;
+ options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
+ }
});
//services.AddElsaJwtBearerAuthentication(options =>