tsai
/
abp-next-admin
mirror of https://github.com/colinin/abp-next-admin.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge pull request #1280 from colinin/multi-audience 

feat: Increase multi audience support
pull/1284/head
yx lin 7 months ago
committed by GitHub
parent
8cb3125075 3b951571ea
commit
cc2345b812
No known key found for this signature in database GPG Key ID: B5690EEEBB952194
11 changed files with 116 additions and 31 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.Configure.cs
  2. 97
      aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs
  3. 5
      aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.Configure.cs
  4. 5
      aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.Configure.cs
  5. 5
      aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.Configure.cs
  6. 5
      aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.Configure.cs
  7. 5
      aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.Configure.cs
  8. 5
      aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.Configure.cs
  9. 5
      aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.Configure.cs
  10. 5
      aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.Configure.cs
  11. 5
      aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.Configure.cs

5
aspnet-core/services/LY.MicroService.AuthServer.HttpApi.Host/AuthServerHttpApiHostModule.Configure.cs
View File

@ -484,6 +484,11 @@ public partial class AuthServerHttpApiHostModule
options.TokenValidationParameters.ValidIssuers = validIssuers;
options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
}
var validAudiences = configuration.GetSection("AuthServer:ValidAudiences").Get<List<string>>();
if (validAudiences?.Count > 0)
{
options.TokenValidationParameters.ValidAudiences = validAudiences;
}
});
if (!isDevelopment)

97
aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs
View File

@ -1,8 +1,4 @@
using LINGYUN.Abp.Identity;
using LINGYUN.Abp.OpenIddict.LinkUser;
using LINGYUN.Abp.OpenIddict.Sms;
using LINGYUN.Abp.OpenIddict.WeChat;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Configuration;
using OpenIddict.Abstractions;
using System;
using System.Collections.Generic;
@ -11,8 +7,6 @@ using System.Threading.Tasks;
using Volo.Abp.Authorization.Permissions;
using Volo.Abp.Data;
using Volo.Abp.DependencyInjection;
using Volo.Abp.Guids;
using Volo.Abp.Identity;
using Volo.Abp.MultiTenancy;
using Volo.Abp.OpenIddict.Applications;
using Volo.Abp.OpenIddict.Scopes;
@ -22,6 +16,30 @@ namespace LY.MicroService.AuthServer.DataSeeder;
public class ServerDataSeedContributor : IDataSeedContributor, ITransientDependency
{
public static HashSet<string> InitializeScopes = new HashSet<string>
{
// obsolete! microservice should be allocated separately
"lingyun-abp-application",
// admin service
"ams",
// identity service
"ids",
// localization service
"lts",
// platform service
"pts",
// message service
"mgs",
// task service
"tks",
// webhook service
"wks",
// workflow service
"wfs",
// wechat service
"was"
};
private readonly IConfiguration _configuration;
private readonly ICurrentTenant _currentTenant;
private readonly IOpenIddictApplicationManager _applicationManager;
@ -54,33 +72,37 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende
{
using (_currentTenant.Change(context.TenantId))
{
await CreateScopeAsync("lingyun-abp-application");
await CreateApplicationAsync("lingyun-abp-application");
await CreateScopeAsync(InitializeScopes);
await CreateApplicationAsync(InitializeScopes);
}
}
private async Task CreateScopeAsync(string scope)
private async Task CreateScopeAsync(IEnumerable<string> scopes)
{
if (await _scopeRepository.FindByNameAsync(scope) == null)
foreach (var scope in scopes)
{
await _scopeManager.CreateAsync(new OpenIddictScopeDescriptor()
if (await _scopeRepository.FindByNameAsync(scope) == null)
{
Name = scope,
DisplayName = scope + " access",
DisplayNames =
{
[CultureInfo.GetCultureInfo("zh-Hans")] = "Abp API 应用程序访问",
[CultureInfo.GetCultureInfo("en")] = "Abp API Application Access"
},
Resources =
await _scopeManager.CreateAsync(new OpenIddictScopeDescriptor()
{
scope
}
});
Name = scope,
DisplayName = scope + " access",
DisplayNames =
{
[CultureInfo.GetCultureInfo("zh-Hans")] = "Abp API 应用程序访问",
[CultureInfo.GetCultureInfo("en")] = "Abp API Application Access"
},
Resources =
{
scope
}
});
}
}
}
private async Task CreateApplicationAsync(string scope)
private async Task CreateApplicationAsync(IEnumerable<string> scopes)
{
var configurationSection = _configuration.GetSection("OpenIddict:Applications");
@ -91,7 +113,7 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende
if (await _applicationRepository.FindByClientIdAsync(vueClientId) == null)
{
await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
var application = new OpenIddictApplicationDescriptor
{
ClientId = vueClientId,
ClientSecret = configurationSection["VueAdmin:ClientSecret"],
@ -138,9 +160,14 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Address,
OpenIddictConstants.Permissions.Scopes.Phone,
OpenIddictConstants.Permissions.Prefixes.Scope + scope
}
});
};
foreach (var scope in scopes)
{
application.Permissions.AddIfNotContains(OpenIddictConstants.Permissions.Prefixes.Scope + scope);
}
await _applicationManager.CreateAsync(application);
var vueClientPermissions = new string[1]
{
@ -155,7 +182,7 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende
{
if (await _applicationRepository.FindByClientIdAsync(internalServiceClientId) == null)
{
await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
var application = new OpenIddictApplicationDescriptor
{
ClientId = internalServiceClientId,
ClientSecret = configurationSection["InternalService:ClientSecret"],
@ -193,9 +220,14 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Address,
OpenIddictConstants.Permissions.Scopes.Phone,
OpenIddictConstants.Permissions.Prefixes.Scope + scope
}
});
};
foreach (var scope in scopes)
{
application.Permissions.AddIfNotContains(OpenIddictConstants.Permissions.Prefixes.Scope + scope);
}
await _applicationManager.CreateAsync(application);
var internalServicePermissions = new string[2]
{
@ -247,9 +279,12 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Address,
OpenIddictConstants.Permissions.Scopes.Phone,
OpenIddictConstants.Permissions.Prefixes.Scope + scope
}
};
foreach (var scope in scopes)
{
application.Permissions.AddIfNotContains(OpenIddictConstants.Permissions.Prefixes.Scope + scope);
}
oauthClientRootUrls.ForEach(url =>
{

5
aspnet-core/services/LY.MicroService.BackendAdmin.HttpApi.Host/BackendAdminHttpApiHostModule.Configure.cs
View File

@ -449,6 +449,11 @@ public partial class BackendAdminHttpApiHostModule
options.TokenValidationParameters.ValidIssuers = validIssuers;
options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
}
var validAudiences = configuration.GetSection("AuthServer:ValidAudiences").Get<List<string>>();
if (validAudiences?.Count > 0)
{
options.TokenValidationParameters.ValidAudiences = validAudiences;
}
});
if (!isDevelopment)

5
aspnet-core/services/LY.MicroService.IdentityServer.HttpApi.Host/IdentityServerHttpApiHostModule.Configure.cs
View File

@ -470,6 +470,11 @@ public partial class IdentityServerHttpApiHostModule
options.TokenValidationParameters.ValidIssuers = validIssuers;
options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
}
var validAudiences = configuration.GetSection("AuthServer:ValidAudiences").Get<List<string>>();
if (validAudiences?.Count > 0)
{
options.TokenValidationParameters.ValidAudiences = validAudiences;
}
});
if (!isDevelopment)

5
aspnet-core/services/LY.MicroService.LocalizationManagement.HttpApi.Host/LocalizationManagementHttpApiHostModule.Configure.cs
View File

@ -355,6 +355,11 @@ public partial class LocalizationManagementHttpApiHostModule
options.TokenValidationParameters.ValidIssuers = validIssuers;
options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
}
var validAudiences = configuration.GetSection("AuthServer:ValidAudiences").Get<List<string>>();
if (validAudiences?.Count > 0)
{
options.TokenValidationParameters.ValidAudiences = validAudiences;
}
});
if (isDevelopment)

5
aspnet-core/services/LY.MicroService.PlatformManagement.HttpApi.Host/PlatformManagementHttpApiHostModule.Configure.cs
View File

@ -432,6 +432,11 @@ public partial class PlatformManagementHttpApiHostModule
options.TokenValidationParameters.ValidIssuers = validIssuers;
options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
}
var validAudiences = configuration.GetSection("AuthServer:ValidAudiences").Get<List<string>>();
if (validAudiences?.Count > 0)
{
options.TokenValidationParameters.ValidAudiences = validAudiences;
}
options.Events = new JwtBearerEvents
{

5
aspnet-core/services/LY.MicroService.RealtimeMessage.HttpApi.Host/RealtimeMessageHttpApiHostModule.Configure.cs
View File

@ -458,6 +458,11 @@ public partial class RealtimeMessageHttpApiHostModule
options.TokenValidationParameters.ValidIssuers = validIssuers;
options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
}
var validAudiences = configuration.GetSection("AuthServer:ValidAudiences").Get<List<string>>();
if (validAudiences?.Count > 0)
{
options.TokenValidationParameters.ValidAudiences = validAudiences;
}
options.Events = new JwtBearerEvents
{

5
aspnet-core/services/LY.MicroService.TaskManagement.HttpApi.Host/TaskManagementHttpApiHostModule.Configure.cs
View File

@ -409,6 +409,11 @@ public partial class TaskManagementHttpApiHostModule
options.TokenValidationParameters.ValidIssuers = validIssuers;
options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
}
var validAudiences = configuration.GetSection("AuthServer:ValidAudiences").Get<List<string>>();
if (validAudiences?.Count > 0)
{
options.TokenValidationParameters.ValidAudiences = validAudiences;
}
});
if (!isDevelopment)

5
aspnet-core/services/LY.MicroService.WebhooksManagement.HttpApi.Host/WebhooksManagementHttpApiHostModule.Configure.cs
View File

@ -465,6 +465,11 @@ public partial class WebhooksManagementHttpApiHostModule
options.TokenValidationParameters.ValidIssuers = validIssuers;
options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
}
var validAudiences = configuration.GetSection("AuthServer:ValidAudiences").Get<List<string>>();
if (validAudiences?.Count > 0)
{
options.TokenValidationParameters.ValidAudiences = validAudiences;
}
});
if (!isDevelopment)

5
aspnet-core/services/LY.MicroService.WechatManagement.HttpApi.Host/WechatManagementHttpApiHostModule.Configure.cs
View File

@ -401,6 +401,11 @@ public partial class WechatManagementHttpApiHostModule
options.TokenValidationParameters.ValidIssuers = validIssuers;
options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
}
var validAudiences = configuration.GetSection("AuthServer:ValidAudiences").Get<List<string>>();
if (validAudiences?.Count > 0)
{
options.TokenValidationParameters.ValidAudiences = validAudiences;
}
});
if (!isDevelopment)

5
aspnet-core/services/LY.MicroService.WorkflowManagement.HttpApi.Host/WorkflowManagementHttpApiHostModule.Configure.cs
View File

@ -486,6 +486,11 @@ public partial class WorkflowManagementHttpApiHostModule
options.TokenValidationParameters.ValidIssuers = validIssuers;
options.TokenValidationParameters.IssuerValidator = TokenWildcardIssuerValidator.IssuerValidator;
}
var validAudiences = configuration.GetSection("AuthServer:ValidAudiences").Get<List<string>>();
if (validAudiences?.Count > 0)
{
options.TokenValidationParameters.ValidAudiences = validAudiences;
}
});
//services.AddElsaJwtBearerAuthentication(options =>

Write Preview
Loading…
Cancel
Save