Merge pull request #85 from colinin/3.1

backlog commits
5 years ago · a2311a99af
15 changed files with 106 additions and 14 deletions
--- a/aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN/Abp/Account/AccountAppService.cs
+++ b/aspnet-core/modules/account/LINGYUN.Abp.Account.Application/LINGYUN/Abp/Account/AccountAppService.cs
@ -55,7 +55,7 @@ namespace LINGYUN.Abp.Account
                throw new UserFriendlyException(L["DuplicateWeChat"]);
            }
            var userName = input.UserName ?? wehchatOpenId.OpenId;
-            var userEmail = input.EmailAddress ?? $"{userName}@{new Random().Next(1000, 99999)}.com";//如果邮件地址不验证,随意写入一个
+            var userEmail = input.EmailAddress ?? $"{userName}@default.io";//如果邮件地址不验证,随意写入一个

            user = new IdentityUser(GuidGenerator.Create(), userName, userEmail, CurrentTenant.Id)
            {
@ -101,7 +101,7 @@ namespace LINGYUN.Abp.Account
            //    }
            //}

-            var userEmail = input.EmailAddress ?? $"{input.PhoneNumber}@{new Random().Next(1000, 99999)}.com";//如果邮件地址不验证,随意写入一个
+            var userEmail = input.EmailAddress ?? $"{input.PhoneNumber}@default.io";//如果邮件地址不验证,随意写入一个
            var userName = input.UserName ?? input.PhoneNumber;
            var user = new IdentityUser(GuidGenerator.Create(), userName, userEmail, CurrentTenant.Id)
            {
--- a/aspnet-core/modules/common/LINGYUN.Abp.IdentityServer.WeChatValidator/LINGYUN/Abp/IdentityServer/AbpIdentityServerWeChatValidatorModule.cs
+++ b/aspnet-core/modules/common/LINGYUN.Abp.IdentityServer.WeChatValidator/LINGYUN/Abp/IdentityServer/AbpIdentityServerWeChatValidatorModule.cs
@ -1,4 +1,5 @@
-using LINGYUN.Abp.IdentityServer.WeChatValidator;
+using LINGYUN.Abp.IdentityServer.AspNetIdentity;
+using LINGYUN.Abp.IdentityServer.WeChatValidator;
 using LINGYUN.Abp.WeChat.Authorization;
 using Microsoft.Extensions.DependencyInjection;
 using Volo.Abp.IdentityServer;
@ -18,6 +19,7 @@ namespace LINGYUN.Abp.IdentityServer
        {
            PreConfigure<IIdentityServerBuilder>(builder =>
            {
+                builder.AddProfileService<AbpWeChatProfileServicee>();
                builder.AddExtensionGrantValidator<WeChatTokenGrantValidator>();
            });
        }
--- a/aspnet-core/modules/common/LINGYUN.Abp.IdentityServer.WeChatValidator/LINGYUN/Abp/IdentityServer/AspNetIdentity/AbpWeChatProfileService.cs
+++ b/aspnet-core/modules/common/LINGYUN.Abp.IdentityServer.WeChatValidator/LINGYUN/Abp/IdentityServer/AspNetIdentity/AbpWeChatProfileService.cs
@ -0,0 +1,49 @@
+using IdentityServer4.AspNetIdentity;
+using IdentityServer4.Models;
+using System.Linq;
+using System.Security.Principal;
+using System.Threading.Tasks;
+using Volo.Abp.Identity;
+using Volo.Abp.MultiTenancy;
+using Volo.Abp.Security.Claims;
+using Volo.Abp.Uow;
+
+namespace LINGYUN.Abp.IdentityServer.AspNetIdentity
+{
+    public class AbpWeChatProfileServicee : ProfileService<IdentityUser>
+    {
+        protected ICurrentTenant CurrentTenant { get; }
+        public AbpWeChatProfileServicee(
+            IdentityUserManager userManager,
+            Microsoft.AspNetCore.Identity.IUserClaimsPrincipalFactory<IdentityUser> claimsFactory,
+            ICurrentTenant currentTenant)
+            : base(userManager, claimsFactory)
+        {
+            CurrentTenant = currentTenant;
+        }
+
+        [UnitOfWork]
+        public override async Task GetProfileDataAsync(ProfileDataRequestContext context)
+        {
+            using (CurrentTenant.Change(context.Subject.FindTenantId()))
+            {
+                await base.GetProfileDataAsync(context);
+
+                // TODO: 可以从令牌获取openid, 安全性呢?
+                if (context.RequestedClaimTypes.Any(rc => rc.Contains(WeChatClaimTypes.OpenId)))
+                {
+                    context.IssuedClaims.Add(context.Subject.FindFirst(WeChatClaimTypes.OpenId));
+                }
+            }
+        }
+
+        [UnitOfWork]
+        public override async Task IsActiveAsync(IsActiveContext context)
+        {
+            using (CurrentTenant.Change(context.Subject.FindTenantId()))
+            {
+                await base.IsActiveAsync(context);
+            }
+        }
+    }
+}
--- a/aspnet-core/modules/common/LINGYUN.Abp.IdentityServer.WeChatValidator/LINGYUN/Abp/IdentityServer/WeChatValidator/WeChatTokenGrantValidator.cs
+++ b/aspnet-core/modules/common/LINGYUN.Abp.IdentityServer.WeChatValidator/LINGYUN/Abp/IdentityServer/WeChatValidator/WeChatTokenGrantValidator.cs
@ -96,7 +96,7 @@ namespace LINGYUN.Abp.IdentityServer.WeChatValidator
            {
                additionalClaims.Add(new Claim(AbpClaimTypes.TenantId, currentUser.TenantId?.ToString()));
            }
-            additionalClaims.Add(new Claim(WeChatValidatorConsts.ClaimTypes.OpenId, wechatOpenId.OpenId));
+            additionalClaims.Add(new Claim(WeChatClaimTypes.OpenId, wechatOpenId.OpenId));

            await EventService.RaiseAsync(new UserLoginSuccessEvent(currentUser.UserName, wechatOpenId.OpenId, null));
            context.Result = new GrantValidationResult(sub, 
--- a/aspnet-core/modules/common/LINGYUN.Abp.IdentityServer.WeChatValidator/LINGYUN/Abp/IdentityServer/WeChatValidator/WeChatValidatorConsts.cs
+++ b/aspnet-core/modules/common/LINGYUN.Abp.IdentityServer.WeChatValidator/LINGYUN/Abp/IdentityServer/WeChatValidator/WeChatValidatorConsts.cs
@ -8,11 +8,6 @@

        public const string WeChatValidatorTokenName = "code";

-        public class ClaimTypes
-        {
-            public const string OpenId = "wx-openid";
-        }
-
        public class AuthenticationMethods
        {
            public const string BasedWeChatAuthentication = "wca";
--- a/aspnet-core/modules/common/LINGYUN.Abp.WeChat.Authorization/Volo/Abp/Security/Claims/WeChatClaimTypes.cs
+++ b/aspnet-core/modules/common/LINGYUN.Abp.WeChat.Authorization/Volo/Abp/Security/Claims/WeChatClaimTypes.cs
@ -0,0 +1,7 @@
+namespace Volo.Abp.Security.Claims
+{
+    public class WeChatClaimTypes
+    {
+        public static string OpenId { get; set; } = "wx-openid";
+    }
+}
--- a/aspnet-core/modules/common/LINGYUN.Abp.WeChat.Authorization/Volo/Abp/Users/CurrentUserExtensions.cs
+++ b/aspnet-core/modules/common/LINGYUN.Abp.WeChat.Authorization/Volo/Abp/Users/CurrentUserExtensions.cs
@ -0,0 +1,23 @@
+using Volo.Abp.Security.Claims;
+
+namespace Volo.Abp.Users
+{
+    public static class CurrentUserExtensions
+    {
+        /// <summary>
+        /// 获取用户微信id,如果不存在返回空值
+        /// </summary>
+        /// <param name="currentUser"></param>
+        /// <returns></returns>
+        public static string FindWeChatId(this ICurrentUser currentUser)
+        {
+            var weChatClaim = currentUser.FindClaim(WeChatClaimTypes.OpenId);
+            if (weChatClaim == null)
+            {
+                return null;
+            }
+
+            return weChatClaim.Value;
+        }
+    }
+}
--- a/aspnet-core/services/account/AuthServer.Host/AuthIdentityServerModule.cs
+++ b/aspnet-core/services/account/AuthServer.Host/AuthIdentityServerModule.cs
@ -192,6 +192,7 @@ namespace AuthServer.Host
            app.UseRouting();
            app.UseCors(DefaultCorsPolicyName);
            app.UseAuthentication();
+            app.UseAbpClaimsMap();
            app.UseMultiTenancy();
            app.UseIdentityServer();
            app.UseAuthorization();
--- a/aspnet-core/services/account/AuthServer.Host/DataSeeder/IdentityServerDataSeedContributor.cs
+++ b/aspnet-core/services/account/AuthServer.Host/DataSeeder/IdentityServerDataSeedContributor.cs
@ -1,5 +1,4 @@
-using LINGYUN.Abp.IdentityServer.WeChatValidator;
-using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Configuration;
 using System;
 using System.Collections.Generic;
 using System.IO;
@ -14,6 +13,7 @@ using Volo.Abp.IdentityServer.ApiResources;
 using Volo.Abp.IdentityServer.Clients;
 using Volo.Abp.IdentityServer.IdentityResources;
 using Volo.Abp.PermissionManagement;
+using Volo.Abp.Security.Claims;
 using Volo.Abp.Uow;

 namespace AuthServer.DataSeeder
@ -62,9 +62,9 @@ namespace AuthServer.DataSeeder

        private async Task CreateWeChatClaimTypeAsync()
        {
-            if (!await _identityClaimTypeRepository.AnyAsync(WeChatValidatorConsts.ClaimTypes.OpenId))
+            if (!await _identityClaimTypeRepository.AnyAsync(WeChatClaimTypes.OpenId))
            {
-                var wechatClaimType = new IdentityClaimType(_guidGenerator.Create(), WeChatValidatorConsts.ClaimTypes.OpenId,
+                var wechatClaimType = new IdentityClaimType(_guidGenerator.Create(), WeChatClaimTypes.OpenId,
                    isStatic: true, description: "适用于微信认证的用户标识");

                await _identityClaimTypeRepository.InsertAsync(wechatClaimType);
--- a/aspnet-core/services/admin/LINGYUN.Abp.BackendAdmin.HttpApi.Host/BackendAdminHostModule.cs
+++ b/aspnet-core/services/admin/LINGYUN.Abp.BackendAdmin.HttpApi.Host/BackendAdminHostModule.cs
@ -292,6 +292,7 @@ namespace LINGYUN.Abp.BackendAdmin
            app.UseRouting();
            // 认证
            app.UseAuthentication();
+            app.UseAbpClaimsMap();
            // jwt
            app.UseJwtTokenMiddleware();
            // 多租户
--- a/aspnet-core/services/apigateway/LINGYUN.ApiGateway.Host/ApiGatewayHostModule.cs
+++ b/aspnet-core/services/apigateway/LINGYUN.ApiGateway.Host/ApiGatewayHostModule.cs
@ -173,8 +173,18 @@ namespace LINGYUN.ApiGateway
            var app = context.GetApplicationBuilder();

            app.UseAuditing();
+            app.UseVirtualFiles();
            app.UseRouting();
-            app.UseConfiguredEndpoints();
+            app.UseAuthentication();
+            app.UseAbpClaimsMap();
+            app.MapWhen(
+                ctx => ctx.Request.Path.ToString().StartsWith("/api/ApiGateway/Basic/"),
+                appNext =>
+                {
+                    // 仅针对属于网关自己的控制器进入MVC管道
+                    appNext.UseRouting();
+                    appNext.UseConfiguredEndpoints();
+                });
            // 启用ws协议
            app.UseWebSockets();
            app.UseOcelot().Wait();
--- a/aspnet-core/services/apigateway/LINGYUN.ApiGateway.HttpApi.Host/ApiGatewayHttpApiHostModule.cs
+++ b/aspnet-core/services/apigateway/LINGYUN.ApiGateway.HttpApi.Host/ApiGatewayHttpApiHostModule.cs
@ -198,6 +198,7 @@ namespace LINGYUN.ApiGateway
            app.UseRouting();
            // 认证
            app.UseAuthentication();
+            app.UseAbpClaimsMap();
            // 多租户
            // app.UseMultiTenancy();
            // 本地化
--- a/aspnet-core/services/identity-server/LINGYUN.Abp.IdentityServer4.HttpApi.Host/AbpIdentityServerAdminHttpApiHostModule.cs
+++ b/aspnet-core/services/identity-server/LINGYUN.Abp.IdentityServer4.HttpApi.Host/AbpIdentityServerAdminHttpApiHostModule.cs
@ -262,6 +262,7 @@ namespace LINGYUN.Abp.IdentityServer4
            app.UseRouting();
            // 认证
            app.UseAuthentication();
+            app.UseAbpClaimsMap();
            // jwt
            app.UseJwtTokenMiddleware();
            // 多租户
--- a/aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/AbpMessageServiceHttpApiHostModule.cs
+++ b/aspnet-core/services/messages/LINGYUN.Abp.MessageService.HttpApi.Host/AbpMessageServiceHttpApiHostModule.cs
@ -291,6 +291,7 @@ namespace LINGYUN.Abp.MessageService
            app.UseHangfireJwtToken();
            // 认证
            app.UseAuthentication();
+            app.UseAbpClaimsMap();
            // jwt
            app.UseJwtTokenMiddleware();
            // 授权
--- a/aspnet-core/services/platform/LINGYUN.Platform.HttpApi.Host/AppPlatformHttpApiHostModule.cs
+++ b/aspnet-core/services/platform/LINGYUN.Platform.HttpApi.Host/AppPlatformHttpApiHostModule.cs
@ -265,6 +265,7 @@ namespace LINGYUN.Platform
            app.UseRouting();
            // 认证
            app.UseAuthentication();
+            app.UseAbpClaimsMap();
            // jwt
            app.UseJwtTokenMiddleware();
            // 授权