feat(docs): 添加IdentityServer模块文档

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/README.EN.md

@@ -0,0 +1,79 @@
+# LINGYUN.Abp.IdentityServer.Application.Contracts
+
+IdentityServer application service contracts module, defining application service interfaces and DTOs for IdentityServer4 resource management functionality.
+
+## Features
+
+* Permission Definitions
+  * Client Permissions
+    * Default Permission - `AbpIdentityServer.Clients`
+    * Create Permission - `AbpIdentityServer.Clients.Create`
+    * Update Permission - `AbpIdentityServer.Clients.Update`
+    * Delete Permission - `AbpIdentityServer.Clients.Delete`
+    * Clone Permission - `AbpIdentityServer.Clients.Clone`
+    * Manage Permissions - `AbpIdentityServer.Clients.ManagePermissions`
+    * Manage Claims - `AbpIdentityServer.Clients.ManageClaims`
+    * Manage Secrets - `AbpIdentityServer.Clients.ManageSecrets`
+    * Manage Properties - `AbpIdentityServer.Clients.ManageProperties`
+
+  * API Resource Permissions
+    * Default Permission - `AbpIdentityServer.ApiResources`
+    * Create Permission - `AbpIdentityServer.ApiResources.Create`
+    * Update Permission - `AbpIdentityServer.ApiResources.Update`
+    * Delete Permission - `AbpIdentityServer.ApiResources.Delete`
+    * Manage Claims - `AbpIdentityServer.ApiResources.ManageClaims`
+    * Manage Secrets - `AbpIdentityServer.ApiResources.ManageSecrets`
+    * Manage Scopes - `AbpIdentityServer.ApiResources.ManageScopes`
+    * Manage Properties - `AbpIdentityServer.ApiResources.ManageProperties`
+
+  * API Scope Permissions
+    * Default Permission - `AbpIdentityServer.ApiScopes`
+    * Create Permission - `AbpIdentityServer.ApiScopes.Create`
+    * Update Permission - `AbpIdentityServer.ApiScopes.Update`
+    * Delete Permission - `AbpIdentityServer.ApiScopes.Delete`
+    * Manage Claims - `AbpIdentityServer.ApiScopes.ManageClaims`
+    * Manage Properties - `AbpIdentityServer.ApiScopes.ManageProperties`
+
+  * Identity Resource Permissions
+    * Default Permission - `AbpIdentityServer.IdentityResources`
+    * Create Permission - `AbpIdentityServer.IdentityResources.Create`
+    * Update Permission - `AbpIdentityServer.IdentityResources.Update`
+    * Delete Permission - `AbpIdentityServer.IdentityResources.Delete`
+    * Manage Claims - `AbpIdentityServer.IdentityResources.ManageClaims`
+    * Manage Properties - `AbpIdentityServer.IdentityResources.ManageProperties`
+
+  * Grant Permissions
+    * Default Permission - `AbpIdentityServer.Grants`
+    * Delete Permission - `AbpIdentityServer.Grants.Delete`
+
+* Localization Resources
+  * Support for multi-language localization
+  * Built-in Chinese and English resources
+
+## Module Dependencies
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerApplicationContractsModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## Required Modules
+
+* `AbpAuthorizationModule` - ABP Authorization Module
+* `AbpDddApplicationContractsModule` - ABP DDD Application Contracts Module
+* `AbpIdentityServerDomainSharedModule` - IdentityServer Domain Shared Module
+
+## Configuration and Usage
+
+The module provides application service interface definitions and data transfer objects required for IdentityServer4 resource management. All permissions are by default only available to the host tenant.
+
+Related Documentation:
+* [IdentityServer4 Documentation](https://identityserver4.readthedocs.io/)
+* [ABP Authorization Documentation](https://docs.abp.io/en/abp/latest/Authorization)
+
+[查看中文文档](README.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application.Contracts/README.md

@@ -0,0 +1,79 @@
+# LINGYUN.Abp.IdentityServer.Application.Contracts
+
+IdentityServer应用服务契约模块，定义IdentityServer4资源管理相关功能的应用服务接口和DTO。
+
+## 功能特性
+
+* 权限定义
+  * 客户端权限
+    * 默认权限 - `AbpIdentityServer.Clients`
+    * 创建权限 - `AbpIdentityServer.Clients.Create`
+    * 更新权限 - `AbpIdentityServer.Clients.Update`
+    * 删除权限 - `AbpIdentityServer.Clients.Delete`
+    * 克隆权限 - `AbpIdentityServer.Clients.Clone`
+    * 管理权限 - `AbpIdentityServer.Clients.ManagePermissions`
+    * 管理声明 - `AbpIdentityServer.Clients.ManageClaims`
+    * 管理密钥 - `AbpIdentityServer.Clients.ManageSecrets`
+    * 管理属性 - `AbpIdentityServer.Clients.ManageProperties`
+
+  * API资源权限
+    * 默认权限 - `AbpIdentityServer.ApiResources`
+    * 创建权限 - `AbpIdentityServer.ApiResources.Create`
+    * 更新权限 - `AbpIdentityServer.ApiResources.Update`
+    * 删除权限 - `AbpIdentityServer.ApiResources.Delete`
+    * 管理声明 - `AbpIdentityServer.ApiResources.ManageClaims`
+    * 管理密钥 - `AbpIdentityServer.ApiResources.ManageSecrets`
+    * 管理作用域 - `AbpIdentityServer.ApiResources.ManageScopes`
+    * 管理属性 - `AbpIdentityServer.ApiResources.ManageProperties`
+
+  * API作用域权限
+    * 默认权限 - `AbpIdentityServer.ApiScopes`
+    * 创建权限 - `AbpIdentityServer.ApiScopes.Create`
+    * 更新权限 - `AbpIdentityServer.ApiScopes.Update`
+    * 删除权限 - `AbpIdentityServer.ApiScopes.Delete`
+    * 管理声明 - `AbpIdentityServer.ApiScopes.ManageClaims`
+    * 管理属性 - `AbpIdentityServer.ApiScopes.ManageProperties`
+
+  * 身份资源权限
+    * 默认权限 - `AbpIdentityServer.IdentityResources`
+    * 创建权限 - `AbpIdentityServer.IdentityResources.Create`
+    * 更新权限 - `AbpIdentityServer.IdentityResources.Update`
+    * 删除权限 - `AbpIdentityServer.IdentityResources.Delete`
+    * 管理声明 - `AbpIdentityServer.IdentityResources.ManageClaims`
+    * 管理属性 - `AbpIdentityServer.IdentityResources.ManageProperties`
+
+  * 授权许可权限
+    * 默认权限 - `AbpIdentityServer.Grants`
+    * 删除权限 - `AbpIdentityServer.Grants.Delete`
+
+* 本地化资源
+  * 支持多语言本地化
+  * 内置中英文资源
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerApplicationContractsModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## 依赖模块
+
+* `AbpAuthorizationModule` - ABP授权模块
+* `AbpDddApplicationContractsModule` - ABP DDD应用服务契约模块
+* `AbpIdentityServerDomainSharedModule` - IdentityServer领域共享模块
+
+## 配置使用
+
+模块提供了IdentityServer4资源管理所需的应用服务接口定义和数据传输对象。所有权限默认只对宿主租户开放。
+
+相关文档:
+* [IdentityServer4文档](https://identityserver4.readthedocs.io/)
+* [ABP授权文档](https://docs.abp.io/en/abp/latest/Authorization)
+
+[查看英文文档](README.EN.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application/README.EN.md

@@ -0,0 +1,61 @@
+# LINGYUN.Abp.IdentityServer.Application
+
+IdentityServer application service module, providing application layer implementation for IdentityServer4 resource management functionality.
+
+## Features
+
+* Client Management Services
+  * Client Secret Management
+  * Client Scope Management
+  * Client Grant Type Management
+  * Client CORS Origin Management
+  * Client Redirect URI Management
+  * Client Post-Logout Redirect URI Management
+  * Client Identity Provider Restriction Management
+  * Client Claim Management
+  * Client Property Management
+
+* API Resource Management Services
+  * API Resource Property Management
+  * API Resource Secret Management
+  * API Resource Scope Management
+  * API Resource Claim Management
+
+* API Scope Management Services
+  * API Scope Claim Management
+  * API Scope Property Management
+
+* Identity Resource Management Services
+  * Identity Resource Claim Management
+  * Identity Resource Property Management
+
+* Persisted Grant Management Services
+
+## Module Dependencies
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerApplicationModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## Required Modules
+
+* `AbpIdentityServerApplicationContractsModule` - IdentityServer Application Contracts Module
+* `AbpIdentityServerDomainModule` - IdentityServer Domain Module
+* `AbpDddApplicationModule` - ABP DDD Application Base Module
+* `AbpAutoMapperModule` - ABP AutoMapper Object Mapping Module
+
+## Configuration and Usage
+
+The module implements CRUD operations for IdentityServer4 resources, primarily used for managing IdentityServer4 configuration resources.
+
+Related Documentation:
+* [IdentityServer4 Documentation](https://identityserver4.readthedocs.io/)
+* [ABP Authorization Documentation](https://docs.abp.io/en/abp/latest/Authorization)
+
+[查看中文文档](README.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Application/README.md

@@ -0,0 +1,61 @@
+# LINGYUN.Abp.IdentityServer.Application
+
+IdentityServer应用服务模块，提供IdentityServer4资源管理相关功能的应用层实现。
+
+## 功能特性
+
+* 客户端管理服务
+  * 客户端密钥管理
+  * 客户端作用域管理
+  * 客户端授权类型管理
+  * 客户端跨域来源管理
+  * 客户端重定向URI管理
+  * 客户端登出重定向URI管理
+  * 客户端身份提供程序限制管理
+  * 客户端声明管理
+  * 客户端属性管理
+
+* API资源管理服务
+  * API资源属性管理
+  * API资源密钥管理
+  * API资源作用域管理
+  * API资源声明管理
+
+* API作用域管理服务
+  * API作用域声明管理
+  * API作用域属性管理
+
+* 身份资源管理服务
+  * 身份资源声明管理
+  * 身份资源属性管理
+
+* 持久授权管理服务
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerApplicationModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## 依赖模块
+
+* `AbpIdentityServerApplicationContractsModule` - IdentityServer应用服务契约模块
+* `AbpIdentityServerDomainModule` - IdentityServer领域模块
+* `AbpDddApplicationModule` - ABP DDD应用服务基础模块
+* `AbpAutoMapperModule` - ABP AutoMapper对象映射模块
+
+## 配置使用
+
+模块实现了IdentityServer4资源的CRUD操作，主要用于管理IdentityServer4的配置资源。
+
+相关文档:
+* [IdentityServer4文档](https://identityserver4.readthedocs.io/)
+* [ABP授权文档](https://docs.abp.io/en/abp/latest/Authorization)
+
+[查看英文文档](README.EN.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Domain/README.EN.md

@@ -0,0 +1,69 @@
+# LINGYUN.Abp.IdentityServer.Domain
+
+IdentityServer domain module, extending the domain layer functionality of IdentityServer4.
+
+## Features
+
+* Event Service Extensions
+  * Custom Event Service Implementation - `AbpEventService`
+  * Configurable Event Handlers - `IAbpIdentityServerEventServiceHandler`
+  * Default Event Handler - `AbpIdentityServerEventServiceHandler`
+    * Support for Failure Event Logging
+    * Support for Information Event Logging
+    * Support for Success Event Logging
+    * Support for Error Event Logging
+  * Event Handler Registration Mechanism
+    * Configure Event Handlers through `AbpIdentityServerEventOptions`
+
+## Module Dependencies
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerDomainModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## Required Modules
+
+* `Volo.Abp.IdentityServer.AbpIdentityServerDomainModule` - ABP IdentityServer Domain Module
+
+## Configuration and Usage
+
+### Event Handler Configuration
+
+```csharp
+Configure<AbpIdentityServerEventOptions>(options =>
+{
+    // Add custom event handler
+    options.EventServiceHandlers.Add<YourEventServiceHandler>();
+});
+```
+
+### Event Handler Implementation
+
+```csharp
+public class YourEventServiceHandler : IAbpIdentityServerEventServiceHandler
+{
+    public virtual bool CanRaiseEventType(EventTypes evtType)
+    {
+        // Implement event type validation logic
+        return true;
+    }
+
+    public virtual Task RaiseAsync(Event evt)
+    {
+        // Implement event handling logic
+        return Task.CompletedTask;
+    }
+}
+```
+
+Related Documentation:
+* [IdentityServer4 Documentation](https://identityserver4.readthedocs.io/)
+* [ABP IdentityServer Documentation](https://docs.abp.io/en/abp/latest/Modules/IdentityServer)
+
+[查看中文文档](README.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Domain/README.md

@@ -0,0 +1,69 @@
+# LINGYUN.Abp.IdentityServer.Domain
+
+IdentityServer领域模块，扩展IdentityServer4的领域层功能。
+
+## 功能特性
+
+* 事件服务扩展
+  * 自定义事件服务实现 - `AbpEventService`
+  * 可配置的事件处理程序 - `IAbpIdentityServerEventServiceHandler`
+  * 默认事件处理程序 - `AbpIdentityServerEventServiceHandler`
+    * 支持失败事件记录
+    * 支持信息事件记录
+    * 支持成功事件记录
+    * 支持错误事件记录
+  * 事件处理程序注册机制
+    * 通过`AbpIdentityServerEventOptions`配置事件处理程序
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerDomainModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## 依赖模块
+
+* `Volo.Abp.IdentityServer.AbpIdentityServerDomainModule` - ABP IdentityServer领域模块
+
+## 配置使用
+
+### 事件处理程序配置
+
+```csharp
+Configure<AbpIdentityServerEventOptions>(options =>
+{
+    // 添加自定义事件处理程序
+    options.EventServiceHandlers.Add<YourEventServiceHandler>();
+});
+```
+
+### 事件处理程序实现
+
+```csharp
+public class YourEventServiceHandler : IAbpIdentityServerEventServiceHandler
+{
+    public virtual bool CanRaiseEventType(EventTypes evtType)
+    {
+        // 实现事件类型判断逻辑
+        return true;
+    }
+
+    public virtual Task RaiseAsync(Event evt)
+    {
+        // 实现事件处理逻辑
+        return Task.CompletedTask;
+    }
+}
+```
+
+相关文档:
+* [IdentityServer4文档](https://identityserver4.readthedocs.io/)
+* [ABP IdentityServer文档](https://docs.abp.io/en/abp/latest/Modules/IdentityServer)
+
+[查看英文文档](README.EN.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.EntityFrameworkCore/README.EN.md

@@ -0,0 +1,71 @@
+# LINGYUN.Abp.IdentityServer.EntityFrameworkCore
+
+IdentityServer EntityFrameworkCore module, providing Entity Framework Core implementation for IdentityServer4.
+
+## Features
+
+* Repository Implementations
+  * API Resource Repository - `EfCoreApiResourceRepository`
+    * Get API Resource Names List
+    * Inherits from ABP Framework's API Resource Repository Base Class
+
+  * Identity Resource Repository - `EfCoreIdentityResourceRepository`
+    * Inherits from ABP Framework's Identity Resource Repository Base Class
+
+  * Persistent Grant Repository - `EfCorePersistentGrantRepository`
+    * Inherits from ABP Framework's Persistent Grant Repository Base Class
+
+* Database Context
+  * Uses ABP Framework's `IIdentityServerDbContext`
+  * Supports Multi-tenant Data Isolation
+
+## Module Dependencies
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerEntityFrameworkCoreModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## Required Modules
+
+* `LINGYUN.Abp.IdentityServer.AbpIdentityServerDomainModule` - IdentityServer Domain Module
+* `Volo.Abp.IdentityServer.EntityFrameworkCore.AbpIdentityServerEntityFrameworkCoreModule` - ABP IdentityServer EntityFrameworkCore Module
+
+## Configuration and Usage
+
+### Configure Database Context
+
+```csharp
+public class YourDbContext : AbpDbContext<YourDbContext>, IIdentityServerDbContext
+{
+    public DbSet<ApiResource> ApiResources { get; set; }
+    public DbSet<ApiScope> ApiScopes { get; set; }
+    public DbSet<IdentityResource> IdentityResources { get; set; }
+    public DbSet<Client> Clients { get; set; }
+    public DbSet<PersistedGrant> PersistedGrants { get; set; }
+    public DbSet<DeviceFlowCodes> DeviceFlowCodes { get; set; }
+
+    public YourDbContext(DbContextOptions<YourDbContext> options)
+        : base(options)
+    {
+    }
+
+    protected override void OnModelCreating(ModelBuilder modelBuilder)
+    {
+        base.OnModelCreating(modelBuilder);
+
+        modelBuilder.ConfigureIdentityServer();
+    }
+}
+```
+
+Related Documentation:
+* [IdentityServer4 Documentation](https://identityserver4.readthedocs.io/)
+* [ABP EntityFrameworkCore Documentation](https://docs.abp.io/en/abp/latest/Entity-Framework-Core)
+
+[查看中文文档](README.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.EntityFrameworkCore/README.md

@@ -0,0 +1,71 @@
+# LINGYUN.Abp.IdentityServer.EntityFrameworkCore
+
+IdentityServer EntityFrameworkCore模块，提供IdentityServer4的Entity Framework Core实现。
+
+## 功能特性
+
+* 仓储实现
+  * API资源仓储 - `EfCoreApiResourceRepository`
+    * 获取API资源名称列表
+    * 继承自ABP框架的API资源仓储基类
+
+  * 身份资源仓储 - `EfCoreIdentityResourceRepository`
+    * 继承自ABP框架的身份资源仓储基类
+
+  * 持久授权仓储 - `EfCorePersistentGrantRepository`
+    * 继承自ABP框架的持久授权仓储基类
+
+* 数据库上下文
+  * 使用ABP框架的`IIdentityServerDbContext`
+  * 支持多租户数据隔离
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerEntityFrameworkCoreModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## 依赖模块
+
+* `LINGYUN.Abp.IdentityServer.AbpIdentityServerDomainModule` - IdentityServer领域模块
+* `Volo.Abp.IdentityServer.EntityFrameworkCore.AbpIdentityServerEntityFrameworkCoreModule` - ABP IdentityServer EntityFrameworkCore模块
+
+## 配置使用
+
+### 配置数据库上下文
+
+```csharp
+public class YourDbContext : AbpDbContext<YourDbContext>, IIdentityServerDbContext
+{
+    public DbSet<ApiResource> ApiResources { get; set; }
+    public DbSet<ApiScope> ApiScopes { get; set; }
+    public DbSet<IdentityResource> IdentityResources { get; set; }
+    public DbSet<Client> Clients { get; set; }
+    public DbSet<PersistedGrant> PersistedGrants { get; set; }
+    public DbSet<DeviceFlowCodes> DeviceFlowCodes { get; set; }
+
+    public YourDbContext(DbContextOptions<YourDbContext> options)
+        : base(options)
+    {
+    }
+
+    protected override void OnModelCreating(ModelBuilder modelBuilder)
+    {
+        base.OnModelCreating(modelBuilder);
+
+        modelBuilder.ConfigureIdentityServer();
+    }
+}
+```
+
+相关文档:
+* [IdentityServer4文档](https://identityserver4.readthedocs.io/)
+* [ABP EntityFrameworkCore文档](https://docs.abp.io/en/abp/latest/Entity-Framework-Core)
+
+[查看英文文档](README.EN.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.HttpApi/README.EN.md

@@ -0,0 +1,69 @@
+# LINGYUN.Abp.IdentityServer.HttpApi
+
+IdentityServer HTTP API module, providing HTTP API interfaces for IdentityServer4 resource management.
+
+## Features
+
+* API Controllers
+  * API Scope Controller - `ApiScopeController`
+    * Create API Scope - POST `/api/identity-server/api-scopes`
+    * Delete API Scope - DELETE `/api/identity-server/api-scopes/{id}`
+    * Get API Scope - GET `/api/identity-server/api-scopes/{id}`
+    * Get API Scope List - GET `/api/identity-server/api-scopes`
+    * Update API Scope - PUT `/api/identity-server/api-scopes/{id}`
+
+  * API Resource Controller - `ApiResourceController`
+    * Provides CRUD operation interfaces for API resources
+    * Route prefix: `/api/identity-server/api-resources`
+
+* Localization Support
+  * Inherits ABP UI resource localization configuration
+  * Supports multiple languages
+
+## Module Dependencies
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerHttpApiModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## Required Modules
+
+* `AbpIdentityServerApplicationContractsModule` - IdentityServer Application Contracts Module
+* `AbpAspNetCoreMvcModule` - ABP ASP.NET Core MVC Module
+
+## Configuration and Usage
+
+### Configure Remote Service Name
+
+```csharp
+[RemoteService(Name = AbpIdentityServerConsts.RemoteServiceName)]
+[Area("identity-server")]
+[Route("api/identity-server/[controller]")]
+public class YourController : AbpControllerBase
+{
+    // ...
+}
+```
+
+### Add Localization Resource
+
+```csharp
+Configure<AbpLocalizationOptions>(options =>
+{
+    options.Resources
+        .Get<AbpIdentityServerResource>()
+        .AddBaseTypes(typeof(AbpUiResource));
+});
+```
+
+Related Documentation:
+* [IdentityServer4 Documentation](https://identityserver4.readthedocs.io/)
+* [ABP ASP.NET Core MVC Documentation](https://docs.abp.io/en/abp/latest/AspNetCore-MVC)
+
+[查看中文文档](README.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.HttpApi/README.md

@@ -0,0 +1,69 @@
+# LINGYUN.Abp.IdentityServer.HttpApi
+
+IdentityServer HTTP API模块，提供IdentityServer4资源管理的HTTP API接口。
+
+## 功能特性
+
+* API控制器
+  * API作用域控制器 - `ApiScopeController`
+    * 创建API作用域 - POST `/api/identity-server/api-scopes`
+    * 删除API作用域 - DELETE `/api/identity-server/api-scopes/{id}`
+    * 获取API作用域 - GET `/api/identity-server/api-scopes/{id}`
+    * 获取API作用域列表 - GET `/api/identity-server/api-scopes`
+    * 更新API作用域 - PUT `/api/identity-server/api-scopes/{id}`
+
+  * API资源控制器 - `ApiResourceController`
+    * 提供API资源的CRUD操作接口
+    * 路由前缀：`/api/identity-server/api-resources`
+
+* 本地化支持
+  * 继承ABP UI资源的本地化配置
+  * 支持多语言
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerHttpApiModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## 依赖模块
+
+* `AbpIdentityServerApplicationContractsModule` - IdentityServer应用服务契约模块
+* `AbpAspNetCoreMvcModule` - ABP ASP.NET Core MVC模块
+
+## 配置使用
+
+### 配置远程服务名称
+
+```csharp
+[RemoteService(Name = AbpIdentityServerConsts.RemoteServiceName)]
+[Area("identity-server")]
+[Route("api/identity-server/[controller]")]
+public class YourController : AbpControllerBase
+{
+    // ...
+}
+```
+
+### 添加本地化资源
+
+```csharp
+Configure<AbpLocalizationOptions>(options =>
+{
+    options.Resources
+        .Get<AbpIdentityServerResource>()
+        .AddBaseTypes(typeof(AbpUiResource));
+});
+```
+
+相关文档:
+* [IdentityServer4文档](https://identityserver4.readthedocs.io/)
+* [ABP ASP.NET Core MVC文档](https://docs.abp.io/en/abp/latest/AspNetCore-MVC)
+
+[查看英文文档](README.EN.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.LinkUser/README.EN.md

@@ -0,0 +1,75 @@
+# LINGYUN.Abp.IdentityServer.LinkUser
+
+IdentityServer user linking module, providing support for user linking extension grant type.
+
+## Features
+
+* Extension Grant Validator
+  * `LinkUserGrantValidator` - User Linking Grant Validator
+    * Grant Type: `link_user`
+    * Supports access token validation
+    * Supports user linking relationship validation
+    * Supports multi-tenant scenarios
+    * Supports custom claims extension
+
+* Localization Support
+  * Built-in Chinese and English resources
+  * Support for extending other languages
+
+## Module Dependencies
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerLinkUserModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## Required Modules
+
+* `AbpIdentityServerDomainModule` - ABP IdentityServer Domain Module
+
+## Configuration and Usage
+
+### Authorization Request Parameters
+
+* `grant_type` - Must be `link_user`
+* `access_token` - Current user's access token
+* `LinkUserId` - Target user ID to link
+* `LinkTenantId` - Target user's tenant ID (optional)
+
+### Authorization Request Example
+
+```http
+POST /connect/token
+Content-Type: application/x-www-form-urlencoded
+
+grant_type=link_user&
+access_token=current_user_access_token&
+LinkUserId=target_user_id&
+LinkTenantId=target_tenant_id
+```
+
+### Custom Claims Extension
+
+```csharp
+public class CustomLinkUserGrantValidator : LinkUserGrantValidator
+{
+    protected override Task AddCustomClaimsAsync(List<Claim> customClaims, IdentityUser user, ExtensionGrantValidationContext context)
+    {
+        // Add custom claims
+        customClaims.Add(new Claim("custom_claim", "custom_value"));
+
+        return base.AddCustomClaimsAsync(customClaims, user, context);
+    }
+}
+```
+
+Related Documentation:
+* [IdentityServer4 Documentation](https://identityserver4.readthedocs.io/)
+* [ABP Authentication Documentation](https://docs.abp.io/en/abp/latest/Authentication)
+
+[查看中文文档](README.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.LinkUser/README.md

@@ -0,0 +1,75 @@
+# LINGYUN.Abp.IdentityServer.LinkUser
+
+IdentityServer用户关联模块，提供用户关联的扩展授权类型支持。
+
+## 功能特性
+
+* 扩展授权验证器
+  * `LinkUserGrantValidator` - 用户关联授权验证器
+    * 授权类型：`link_user`
+    * 支持验证访问令牌
+    * 支持验证用户关联关系
+    * 支持多租户场景
+    * 支持自定义声明扩展
+
+* 本地化支持
+  * 内置中英文资源
+  * 支持扩展其他语言
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerLinkUserModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## 依赖模块
+
+* `AbpIdentityServerDomainModule` - ABP IdentityServer领域模块
+
+## 配置使用
+
+### 授权请求参数
+
+* `grant_type` - 必须为 `link_user`
+* `access_token` - 当前用户的访问令牌
+* `LinkUserId` - 要关联的用户ID
+* `LinkTenantId` - 要关联的用户所属租户ID（可选）
+
+### 授权请求示例
+
+```http
+POST /connect/token
+Content-Type: application/x-www-form-urlencoded
+
+grant_type=link_user&
+access_token=current_user_access_token&
+LinkUserId=target_user_id&
+LinkTenantId=target_tenant_id
+```
+
+### 自定义声明扩展
+
+```csharp
+public class CustomLinkUserGrantValidator : LinkUserGrantValidator
+{
+    protected override Task AddCustomClaimsAsync(List<Claim> customClaims, IdentityUser user, ExtensionGrantValidationContext context)
+    {
+        // 添加自定义声明
+        customClaims.Add(new Claim("custom_claim", "custom_value"));
+
+        return base.AddCustomClaimsAsync(customClaims, user, context);
+    }
+}
+```
+
+相关文档:
+* [IdentityServer4文档](https://identityserver4.readthedocs.io/)
+* [ABP身份认证文档](https://docs.abp.io/en/abp/latest/Authentication)
+
+[查看英文文档](README.EN.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Portal/README.EN.md

@@ -0,0 +1,94 @@
+# LINGYUN.Abp.IdentityServer.Portal
+
+IdentityServer portal authentication module that provides enterprise portal authentication functionality.
+
+## Features
+
+* Portal Authentication
+  * `PortalGrantValidator` - Portal Grant Validator
+    * Supports enterprise portal login
+    * Supports multi-tenant authentication
+    * Automatic tenant switching
+    * Enterprise information validation
+    * User password validation
+    * Security log recording
+
+* Authentication Flow
+  1. User initiates login request using portal
+  2. Check if enterprise identifier (EnterpriseId) is provided
+     * Without EnterpriseId: Returns list of enterprises with tenant information
+     * With EnterpriseId: Retrieves associated tenant information and switches to specified tenant
+  3. Performs login validation using password method
+  4. Returns token upon successful login
+
+## Module Reference
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerPortalModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## Dependencies
+
+* `AbpIdentityServerDomainModule` - ABP IdentityServer Domain Module
+* `AbpAspNetCoreMultiTenancyModule` - ABP Multi-tenancy Module
+* `PlatformDomainModule` - Platform Domain Module
+
+## Configuration and Usage
+
+### Configure Portal Authentication
+
+```csharp
+public override void PreConfigureServices(ServiceConfigurationContext context)
+{
+    PreConfigure<IIdentityServerBuilder>(builder =>
+    {
+        builder.AddExtensionGrantValidator<PortalGrantValidator>();
+    });
+}
+```
+
+### Authentication Request Parameters
+
+* `grant_type`: "portal" (required)
+* `enterpriseId`: Enterprise identifier (optional)
+* `username`: Username (required)
+* `password`: Password (required)
+* `scope`: Request scope (optional)
+
+### Authentication Response
+
+* When enterpriseId is not provided:
+```json
+{
+    "error": "invalid_grant",
+    "enterprises": [
+        {
+            "id": "enterprise_id",
+            "name": "enterprise_name",
+            "code": "enterprise_code"
+        }
+    ]
+}
+```
+
+* On successful authentication:
+```json
+{
+    "access_token": "access_token",
+    "expires_in": expiration_time,
+    "token_type": "Bearer",
+    "refresh_token": "refresh_token"
+}
+```
+
+Related Documentation:
+* [IdentityServer4 Documentation](https://identityserver4.readthedocs.io/)
+* [ABP Multi-tenancy Documentation](https://docs.abp.io/en/abp/latest/Multi-Tenancy)
+
+[查看中文文档](README.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Portal/README.md

@@ -0,0 +1,94 @@
+# LINGYUN.Abp.IdentityServer.Portal
+
+IdentityServer门户认证模块，提供企业门户的认证功能。
+
+## 功能特性
+
+* 门户认证
+  * `PortalGrantValidator` - 门户授权验证器
+    * 支持企业门户登录
+    * 支持多租户认证
+    * 自动切换租户
+    * 企业信息验证
+    * 用户密码验证
+    * 安全日志记录
+
+* 认证流程
+  1. 用户使用portal发起登录请求
+  2. 检查是否携带企业标识字段(EnterpriseId)
+     * 未携带EnterpriseId: 返回关联了租户信息的企业列表
+     * 携带EnterpriseId: 检索关联租户信息并切换到指定租户
+  3. 使用password方式进行登录验证
+  4. 登录成功返回token
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerPortalModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## 依赖模块
+
+* `AbpIdentityServerDomainModule` - ABP IdentityServer领域模块
+* `AbpAspNetCoreMultiTenancyModule` - ABP多租户模块
+* `PlatformDomainModule` - 平台领域模块
+
+## 配置使用
+
+### 配置门户认证
+
+```csharp
+public override void PreConfigureServices(ServiceConfigurationContext context)
+{
+    PreConfigure<IIdentityServerBuilder>(builder =>
+    {
+        builder.AddExtensionGrantValidator<PortalGrantValidator>();
+    });
+}
+```
+
+### 认证请求参数
+
+* `grant_type`: "portal" (必填)
+* `enterpriseId`: 企业标识 (可选)
+* `username`: 用户名 (必填)
+* `password`: 密码 (必填)
+* `scope`: 请求范围 (可选)
+
+### 认证响应
+
+* 未提供enterpriseId时:
+```json
+{
+    "error": "invalid_grant",
+    "enterprises": [
+        {
+            "id": "企业标识",
+            "name": "企业名称",
+            "code": "企业编码"
+        }
+    ]
+}
+```
+
+* 认证成功:
+```json
+{
+    "access_token": "访问令牌",
+    "expires_in": 有效期,
+    "token_type": "Bearer",
+    "refresh_token": "刷新令牌"
+}
+```
+
+相关文档:
+* [IdentityServer4文档](https://identityserver4.readthedocs.io/)
+* [ABP多租户文档](https://docs.abp.io/en/abp/latest/Multi-Tenancy)
+
+[查看英文文档](README.EN.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Session/README.EN.md

@@ -0,0 +1,77 @@
+# LINGYUN.Abp.IdentityServer.Session
+
+IdentityServer session management module that provides user session management and validation functionality.
+
+## Features
+
+* Session Validation
+  * `AbpIdentitySessionUserInfoRequestValidator` - User Info Request Validator
+    * Validates user session status
+    * Validates access token validity
+    * Validates user active status
+    * Supports OpenID Connect standard
+
+* Session Event Handling
+  * `AbpIdentitySessionEventServiceHandler` - Session Event Handler
+    * Handles user login success events
+      * Saves session information
+      * Supports multi-tenancy
+      * Records client identifier
+    * Handles user logout success events
+      * Revokes session
+    * Handles token revocation success events
+      * Revokes session
+
+* Configuration Options
+  * Session Claims Configuration
+    * Add SessionId claim
+  * Session Login Configuration
+    * Disable explicit session saving
+    * Enable explicit session logout
+
+## Module Reference
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerSessionModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## Dependencies
+
+* `AbpIdentityServerDomainModule` - ABP IdentityServer Domain Module
+* `AbpIdentityDomainModule` - ABP Identity Domain Module
+* `AbpIdentitySessionModule` - ABP Identity Session Module
+
+## Configuration and Usage
+
+### Configure Session Options
+
+```csharp
+Configure<IdentitySessionSignInOptions>(options =>
+{
+    // UserLoginSuccessEvent is published by IdentityServer, no need for explicit session saving
+    options.SignInSessionEnabled = false;
+    // UserLoginSuccessEvent is published by user, requires explicit session logout
+    options.SignOutSessionEnabled = true;
+});
+```
+
+### Configure Claims Options
+
+```csharp
+Configure<AbpClaimsServiceOptions>(options =>
+{
+    options.RequestedClaims.Add(AbpClaimTypes.SessionId);
+});
+```
+
+Related Documentation:
+* [IdentityServer4 Documentation](https://identityserver4.readthedocs.io/)
+* [ABP Identity Documentation](https://docs.abp.io/en/abp/latest/Modules/Identity)
+
+[查看中文文档](README.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Session/README.md

@@ -1,17 +1,77 @@
 # LINGYUN.Abp.IdentityServer.Session
 
-IdentityServer集成模块用户会话扩展,通过IdentityServer暴露的事件接口处理用户会话  
+IdentityServer会话管理模块，提供用户会话管理和验证功能。
 
-## 参考实现
+## 功能特性
 
-* [Session Management](https://github.com/abpio/abp-commercial-docs/blob/dev/en/modules/identity/session-management.md#identitysessioncleanupoptions)
+* 会话验证
+  * `AbpIdentitySessionUserInfoRequestValidator` - 用户信息请求验证器
+    * 验证用户会话状态
+    * 验证访问令牌有效性
+    * 验证用户活动状态
+    * 支持OpenID Connect标准
 
-## 配置使用
+* 会话事件处理
+  * `AbpIdentitySessionEventServiceHandler` - 会话事件处理器
+    * 处理用户登录成功事件
+      * 保存会话信息
+      * 支持多租户
+      * 记录客户端标识
+    * 处理用户登出成功事件
+      * 撤销会话
+    * 处理令牌撤销成功事件
+      * 撤销会话
+
+* 配置选项
+  * 会话声明配置
+    * 添加SessionId声明
+  * 会话登录配置
+    * 禁用显式保存会话
+    * 启用显式注销会话
+
+## 模块引用
 
 ```csharp
-[DependsOn(typeof(AbpIdentityServerSessionModule))]
+[DependsOn(
-public class YouProjectModule : AbpModule
+    typeof(AbpIdentityServerSessionModule)
+)]
+public class YourModule : AbpModule
 {
-  // other
+    // ...
 }
 ```
+
+## 依赖模块
+
+* `AbpIdentityServerDomainModule` - ABP IdentityServer领域模块
+* `AbpIdentityDomainModule` - ABP Identity领域模块
+* `AbpIdentitySessionModule` - ABP Identity会话模块
+
+## 配置使用
+
+### 配置会话选项
+
+```csharp
+Configure<IdentitySessionSignInOptions>(options =>
+{
+    // UserLoginSuccessEvent由IdentityServer发布, 无需显式保存会话
+    options.SignInSessionEnabled = false;
+    // UserLoginSuccessEvent由用户发布, 需要显式注销会话
+    options.SignOutSessionEnabled = true;
+});
+```
+
+### 配置声明选项
+
+```csharp
+Configure<AbpClaimsServiceOptions>(options =>
+{
+    options.RequestedClaims.Add(AbpClaimTypes.SessionId);
+});
+```
+
+相关文档:
+* [IdentityServer4文档](https://identityserver4.readthedocs.io/)
+* [ABP Identity文档](https://docs.abp.io/en/abp/latest/Modules/Identity)
+
+[查看英文文档](README.EN.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.SmsValidator/README.EN.md

@@ -0,0 +1,92 @@
+# LINGYUN.Abp.IdentityServer.SmsValidator
+
+IdentityServer SMS verification module that provides authentication functionality based on phone numbers and SMS verification codes.
+
+## Features
+
+* SMS Verification
+  * `SmsTokenGrantValidator` - SMS Token Grant Validator
+    * Phone number validation
+    * SMS verification code validation
+    * Brute force protection
+    * User lockout check
+    * Security log recording
+    * Event notifications
+
+* Authentication Flow
+  1. User initiates login request with phone number and SMS verification code
+  2. Validates phone number and verification code
+  3. Checks user status (whether locked)
+  4. Generates access token upon successful validation
+  5. Records security logs and events
+
+## Module Reference
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerSmsValidatorModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## Dependencies
+
+* `AbpIdentityServerDomainModule` - ABP IdentityServer Domain Module
+
+## Configuration and Usage
+
+### Configure SMS Validation
+
+```csharp
+public override void PreConfigureServices(ServiceConfigurationContext context)
+{
+    PreConfigure<IIdentityServerBuilder>(builder =>
+    {
+        builder.AddExtensionGrantValidator<SmsTokenGrantValidator>();
+    });
+}
+```
+
+### Authentication Request Parameters
+
+* `grant_type`: "phone_verify" (required)
+* `phone_number`: Phone number (required)
+* `phone_verify_code`: SMS verification code (required)
+* `scope`: Request scope (optional)
+
+### Authentication Response
+
+* On successful authentication:
+```json
+{
+    "access_token": "access_token",
+    "expires_in": expiration_time,
+    "token_type": "Bearer",
+    "refresh_token": "refresh_token"
+}
+```
+
+* On authentication failure:
+```json
+{
+    "error": "invalid_grant",
+    "error_description": "error description"
+}
+```
+
+### Error Types
+
+* `invalid_grant`: Grant validation failed
+  * Phone number not registered
+  * Invalid verification code
+  * User locked out
+  * Missing parameters
+
+Related Documentation:
+* [IdentityServer4 Documentation](https://identityserver4.readthedocs.io/)
+* [ABP Identity Documentation](https://docs.abp.io/en/abp/latest/Modules/Identity)
+
+[查看中文文档](README.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.SmsValidator/README.md

@@ -0,0 +1,92 @@
+# LINGYUN.Abp.IdentityServer.SmsValidator
+
+IdentityServer短信验证模块，提供基于手机号和短信验证码的身份认证功能。
+
+## 功能特性
+
+* 短信验证
+  * `SmsTokenGrantValidator` - 短信验证授权器
+    * 支持手机号验证
+    * 支持短信验证码验证
+    * 防暴力破解保护
+    * 用户锁定检查
+    * 安全日志记录
+    * 事件通知
+
+* 认证流程
+  1. 用户使用手机号和短信验证码发起登录请求
+  2. 验证手机号和验证码的有效性
+  3. 验证用户状态（是否被锁定）
+  4. 验证通过后生成访问令牌
+  5. 记录安全日志和事件
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerSmsValidatorModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## 依赖模块
+
+* `AbpIdentityServerDomainModule` - ABP IdentityServer领域模块
+
+## 配置使用
+
+### 配置短信验证
+
+```csharp
+public override void PreConfigureServices(ServiceConfigurationContext context)
+{
+    PreConfigure<IIdentityServerBuilder>(builder =>
+    {
+        builder.AddExtensionGrantValidator<SmsTokenGrantValidator>();
+    });
+}
+```
+
+### 认证请求参数
+
+* `grant_type`: "phone_verify" (必填)
+* `phone_number`: 手机号 (必填)
+* `phone_verify_code`: 短信验证码 (必填)
+* `scope`: 请求范围 (可选)
+
+### 认证响应
+
+* 认证成功:
+```json
+{
+    "access_token": "访问令牌",
+    "expires_in": 有效期,
+    "token_type": "Bearer",
+    "refresh_token": "刷新令牌"
+}
+```
+
+* 认证失败:
+```json
+{
+    "error": "invalid_grant",
+    "error_description": "错误描述"
+}
+```
+
+### 错误类型
+
+* `invalid_grant`: 授权验证失败
+  * 手机号未注册
+  * 验证码无效
+  * 用户被锁定
+  * 参数缺失
+
+相关文档:
+* [IdentityServer4文档](https://identityserver4.readthedocs.io/)
+* [ABP Identity文档](https://docs.abp.io/en/abp/latest/Modules/Identity)
+
+[查看英文文档](README.EN.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.WeChat.Work/README.EN.md

@@ -0,0 +1,106 @@
+# LINGYUN.Abp.IdentityServer.WeChat.Work
+
+IdentityServer WeChat Work authentication module that provides identity authentication functionality based on WeChat Work.
+
+## Features
+
+* WeChat Work Authentication
+  * `WeChatWorkGrantValidator` - WeChat Work Grant Validator
+    * WeChat Work login support
+    * Multi-tenant support
+    * Automatic user registration
+    * Security log recording
+    * Event notifications
+    * Localization support
+
+* Authentication Flow
+  1. User initiates login request through WeChat Work
+  2. Validates AgentId and Code
+  3. Retrieves WeChat Work user information
+  4. Verifies user registration status
+     * Direct login for registered users
+     * Automatic registration based on configuration for unregistered users
+  5. Generates access token
+  6. Records security logs and events
+
+## Module Reference
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerWeChatWorkModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## Dependencies
+
+* `AbpIdentityServerDomainModule` - ABP IdentityServer Domain Module
+* `AbpWeChatWorkModule` - ABP WeChat Work Module
+
+## Configuration and Usage
+
+### Configure WeChat Work Authentication
+
+```csharp
+public override void PreConfigureServices(ServiceConfigurationContext context)
+{
+    PreConfigure<IIdentityServerBuilder>(builder =>
+    {
+        builder.AddExtensionGrantValidator<WeChatWorkGrantValidator>();
+    });
+}
+```
+
+### Authentication Request Parameters
+
+* `grant_type`: "wechat_work" (required)
+* `agent_id`: WeChat Work application ID (required)
+* `code`: WeChat Work authorization code (required)
+* `scope`: Request scope (optional)
+
+### Authentication Response
+
+* On successful authentication:
+```json
+{
+    "access_token": "access_token",
+    "expires_in": expiration_time,
+    "token_type": "Bearer",
+    "refresh_token": "refresh_token"
+}
+```
+
+* On authentication failure:
+```json
+{
+    "error": "invalid_grant",
+    "error_description": "error description"
+}
+```
+
+### Configuration Options
+
+* Quick Login
+```csharp
+Configure<AbpSettingOptions>(options =>
+{
+    // Enable quick login for unregistered users
+    options.SetDefault(WeChatWorkSettingNames.EnabledQuickLogin, true);
+});
+```
+
+### Error Types
+
+* `invalid_grant`: Grant validation failed
+  * Invalid AgentId or Code
+  * User not registered and quick login not enabled
+  * WeChat Work API call failed
+
+Related Documentation:
+* [IdentityServer4 Documentation](https://identityserver4.readthedocs.io/)
+* [WeChat Work API Documentation](https://work.weixin.qq.com/api/doc)
+
+[查看中文文档](README.md)

aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.WeChat.Work/README.md

@@ -1,25 +1,106 @@
 # LINGYUN.Abp.IdentityServer.WeChat.Work
 
-企业微信扩展登录集成
+IdentityServer企业微信认证模块，提供基于企业微信的身份认证功能。
 
+## 功能特性
+
+* 企业微信认证
+  * `WeChatWorkGrantValidator` - 企业微信授权验证器
+    * 支持企业微信登录
+    * 支持多租户
+    * 自动用户注册
+    * 安全日志记录
+    * 事件通知
+    * 本地化支持
+
+* 认证流程
+  1. 用户通过企业微信发起登录请求
+  2. 验证AgentId和Code的有效性
+  3. 获取企业微信用户信息
+  4. 验证用户注册状态
+     * 已注册用户直接登录
+     * 未注册用户根据配置自动注册
+  5. 生成访问令牌
+  6. 记录安全日志和事件
+
+## 模块引用
+
+```csharp
+[DependsOn(
+    typeof(AbpIdentityServerWeChatWorkModule)
+)]
+public class YourModule : AbpModule
+{
+    // ...
+}
+```
+
+## 依赖模块
+
+* `AbpIdentityServerDomainModule` - ABP IdentityServer领域模块
+* `AbpWeChatWorkModule` - ABP企业微信模块
 
 ## 配置使用
 
+### 配置企业微信认证
+
 ```csharp
-[DependsOn(typeof(AbpIdentityServerWeChatWorkModule))]
+public override void PreConfigureServices(ServiceConfigurationContext context)
-public class YouProjectModule : AbpModule
+{
+    PreConfigure<IIdentityServerBuilder>(builder =>
+    {
+        builder.AddExtensionGrantValidator<WeChatWorkGrantValidator>();
+    });
+}
+```
+
+### 认证请求参数
+
+* `grant_type`: "wechat_work" (必填)
+* `agent_id`: 企业微信应用ID (必填)
+* `code`: 企业微信授权码 (必填)
+* `scope`: 请求范围 (可选)
+
+### 认证响应
+
+* 认证成功:
+```json
+{
+    "access_token": "访问令牌",
+    "expires_in": 有效期,
+    "token_type": "Bearer",
+    "refresh_token": "刷新令牌"
+}
+```
+
+* 认证失败:
+```json
 {
-  // other
+    "error": "invalid_grant",
+    "error_description": "错误描述"
 }
 ```
 
-```shell
+### 配置选项
 
-curl -X POST "http://127.0.0.1:44385/connect/token" \
+* 快速登录
---header 'Content-Type: application/x-www-form-urlencoded' \
+```csharp
---data-urlencode 'grant_type=wx-work' \
+Configure<AbpSettingOptions>(options =>
---data-urlencode 'client_id=你的客户端标识' \
+{
---data-urlencode 'client_secret=你的客户端密钥' \
+    // 启用未注册用户快速登录
---data-urlencode 'agent_id=你的企业微信应用标识' \
+    options.SetDefault(WeChatWorkSettingNames.EnabledQuickLogin, true);
---data-urlencode 'code=用户扫描登录二维码后重定向页面携带的code标识, 换取用户信息的关键' \
+});
 ```
+
+### 错误类型
+
+* `invalid_grant`: 授权验证失败
+  * AgentId或Code无效
+  * 用户未注册且未启用快速登录
+  * 企业微信API调用失败
+
+相关文档:
+* [IdentityServer4文档](https://identityserver4.readthedocs.io/)
+* [企业微信开发文档](https://work.weixin.qq.com/api/doc)
+
+[查看英文文档](README.EN.md)