tsai
/
abp-next-admin2
mirror of https://github.com/colinin/abp-next-admin.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

feat(auth-server): Increase the configuration of the swagget client

pull/1255/head
colin 9 months ago
parent
a3304e30f4
commit
1b50dbff0b
2 changed files with 208 additions and 119 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 315
      aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs
  2. 12
      aspnet-core/services/LY.MicroService.AuthServer/appsettings.Development.json

315
aspnet-core/services/LY.MicroService.AuthServer/DataSeeder/AuthServerDataSeedContributor.cs
View File

@ -2,10 +2,12 @@
using LINGYUN.Abp.OpenIddict.LinkUser; using LINGYUN.Abp.OpenIddict.LinkUser;
using LINGYUN.Abp.OpenIddict.Sms; using LINGYUN.Abp.OpenIddict.Sms;
using LINGYUN.Abp.OpenIddict.WeChat; using LINGYUN.Abp.OpenIddict.WeChat;
using Microsoft.Extensions.Configuration;
using OpenIddict.Abstractions; using OpenIddict.Abstractions;
using System; using System;
using System.Globalization; using System.Globalization;
using System.Threading.Tasks; using System.Threading.Tasks;
using Volo.Abp.Authorization.Permissions;
using Volo.Abp.Data; using Volo.Abp.Data;
using Volo.Abp.DependencyInjection; using Volo.Abp.DependencyInjection;
using Volo.Abp.Guids; using Volo.Abp.Guids;
@ -13,173 +15,256 @@ using Volo.Abp.Identity;
using Volo.Abp.MultiTenancy; using Volo.Abp.MultiTenancy;
using Volo.Abp.OpenIddict.Applications; using Volo.Abp.OpenIddict.Applications;
using Volo.Abp.OpenIddict.Scopes; using Volo.Abp.OpenIddict.Scopes;
using Volo.Abp.PermissionManagement;
namespace LY.MicroService.AuthServer.DataSeeder; namespace LY.MicroService.AuthServer.DataSeeder;
public class ServerDataSeedContributor : IDataSeedContributor, ITransientDependency public class ServerDataSeedContributor : IDataSeedContributor, ITransientDependency
{ {
private readonly IConfiguration _configuration;
private readonly ICurrentTenant _currentTenant; private readonly ICurrentTenant _currentTenant;
private readonly IGuidGenerator _guidGenerator;
private readonly IOpenIddictApplicationManager _applicationManager; private readonly IOpenIddictApplicationManager _applicationManager;
private readonly IOpenIddictApplicationRepository _applicationRepository; private readonly IOpenIddictApplicationRepository _applicationRepository;
private readonly IPermissionDataSeeder _permissionDataSeeder;
private readonly IOpenIddictScopeManager _scopeManager; private readonly IOpenIddictScopeManager _scopeManager;
private readonly IOpenIddictScopeRepository _scopeRepository; private readonly IOpenIddictScopeRepository _scopeRepository;
private readonly IIdentityClaimTypeRepository _claimTypeRepository;
public ServerDataSeedContributor( public ServerDataSeedContributor(
IConfiguration configuration,
ICurrentTenant currentTenant, ICurrentTenant currentTenant,
IGuidGenerator guidGenerator,
IOpenIddictScopeManager scopeManager, IOpenIddictScopeManager scopeManager,
IOpenIddictScopeRepository scopeRepository, IOpenIddictScopeRepository scopeRepository,
IPermissionDataSeeder permissionDataSeeder,
IOpenIddictApplicationManager applicationManager, IOpenIddictApplicationManager applicationManager,
IOpenIddictApplicationRepository applicationRepository, IOpenIddictApplicationRepository applicationRepository)
IIdentityClaimTypeRepository identityClaimTypeRepository)
{ {
_configuration = configuration;
_currentTenant = currentTenant; _currentTenant = currentTenant;
_guidGenerator = guidGenerator;
_scopeManager = scopeManager; _scopeManager = scopeManager;
_scopeRepository = scopeRepository; _scopeRepository = scopeRepository;
_permissionDataSeeder = permissionDataSeeder;
_applicationManager = applicationManager; _applicationManager = applicationManager;
_applicationRepository = applicationRepository; _applicationRepository = applicationRepository;
_claimTypeRepository = identityClaimTypeRepository;
} }
public async Task SeedAsync(DataSeedContext context) public async Task SeedAsync(DataSeedContext context)
{ {
if (!await _claimTypeRepository.AnyAsync(IdentityConsts.ClaimType.Avatar.Name)) using (_currentTenant.Change(context.TenantId))
{ {
await _claimTypeRepository.InsertAsync( await CreateScopeAsync("lingyun-abp-application");
new IdentityClaimType( await CreateApplicationAsync("lingyun-abp-application");
_guidGenerator.Create(),
IdentityConsts.ClaimType.Avatar.Name,
isStatic: true
)
);
} }
}
if (await _scopeRepository.FindByNameAsync("lingyun-abp-application") == null) private async Task CreateScopeAsync(string scope)
{
if (await _scopeRepository.FindByNameAsync(scope) == null)
{ {
await _scopeManager.CreateAsync(new OpenIddictScopeDescriptor() await _scopeManager.CreateAsync(new OpenIddictScopeDescriptor()
{ {
Name = "lingyun-abp-application", Name = scope,
DisplayName = "lingyun-abp-application", DisplayName = scope + " access",
DisplayNames = DisplayNames =
{ {
[CultureInfo.GetCultureInfo("en")] = "abp application", [CultureInfo.GetCultureInfo("zh-Hans")] = "Abp API 应用程序访问",
[CultureInfo.GetCultureInfo("zh-Hans")] = "abp application", [CultureInfo.GetCultureInfo("en")] = "Abp API Application Access"
}, },
Resources = Resources =
{ {
"lingyun-abp-application" scope
} }
}); });
} }
}
if (await _applicationRepository.FindByClientIdAsync("vue-admin-client") == null) private async Task CreateApplicationAsync(string scope)
{
var configurationSection = _configuration.GetSection("OpenIddict:Applications");
var vueClientId = configurationSection["VueAdmin:ClientId"];
if (!vueClientId.IsNullOrWhiteSpace())
{ {
await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor var vueClientRootUrl = configurationSection["VueAdmin:RootUrl"].EnsureEndsWith('/');
if (await _applicationRepository.FindByClientIdAsync(vueClientId) == null)
{ {
ClientId = "vue-admin-client", await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
ClientSecret = "1q2w3e*",
ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
DisplayName = "Vue Vben Admin Abp Application",
PostLogoutRedirectUris =
{ {
new Uri("https://127.0.0.1:3100/signout-callback-oidc"), ClientId = vueClientId,
new Uri("http://127.0.0.1:3100") ClientSecret = configurationSection["VueAdmin:ClientSecret"],
}, ApplicationType = OpenIddictConstants.ApplicationTypes.Web,
RedirectUris = ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
DisplayName = "Abp Vue Admin Client",
PostLogoutRedirectUris =
{
new Uri(vueClientRootUrl + "signout-callback"),
new Uri(vueClientRootUrl)
},
RedirectUris =
{
new Uri(vueClientRootUrl + "signin-callback"),
new Uri(vueClientRootUrl)
},
Permissions =
{
OpenIddictConstants.Permissions.Endpoints.Authorization,
OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization,
OpenIddictConstants.Permissions.Endpoints.Introspection,
OpenIddictConstants.Permissions.Endpoints.Revocation,
OpenIddictConstants.Permissions.Endpoints.EndSession,
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
OpenIddictConstants.Permissions.GrantTypes.Implicit,
OpenIddictConstants.Permissions.GrantTypes.Password,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.GrantTypes.DeviceCode,
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
OpenIddictConstants.Permissions.ResponseTypes.Code,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
OpenIddictConstants.Permissions.ResponseTypes.IdToken,
OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.None,
OpenIddictConstants.Permissions.ResponseTypes.Token,
OpenIddictConstants.Permissions.Scopes.Roles,
OpenIddictConstants.Permissions.Scopes.Profile,
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Address,
OpenIddictConstants.Permissions.Scopes.Phone,
OpenIddictConstants.Permissions.Prefixes.Scope + scope
}
});
var vueClientPermissions = new string[1]
{ {
new Uri("https://127.0.0.1:3100/signin-oidc"), "AbpIdentity.UserLookup"
new Uri("http://127.0.0.1:3100") };
}, await _permissionDataSeeder.SeedAsync(ClientPermissionValueProvider.ProviderName, vueClientId, vueClientPermissions);
Permissions = }
}
var internalServiceClientId = configurationSection["InternalService:ClientId"];
if (!internalServiceClientId.IsNullOrWhiteSpace())
{
if (await _applicationRepository.FindByClientIdAsync(internalServiceClientId) == null)
{
await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
{ {
OpenIddictConstants.Permissions.Endpoints.Authorization, ClientId = internalServiceClientId,
OpenIddictConstants.Permissions.Endpoints.Token, ClientSecret = configurationSection["InternalService:ClientSecret"],
OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization, ClientType = OpenIddictConstants.ClientTypes.Confidential,
OpenIddictConstants.Permissions.Endpoints.Introspection, ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
OpenIddictConstants.Permissions.Endpoints.Revocation, ApplicationType = OpenIddictConstants.ApplicationTypes.Native,
OpenIddictConstants.Permissions.Endpoints.EndSession, DisplayName = "Abp Vue Admin Client",
Permissions =
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode, {
OpenIddictConstants.Permissions.GrantTypes.Implicit, OpenIddictConstants.Permissions.Endpoints.Authorization,
OpenIddictConstants.Permissions.GrantTypes.Password, OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.GrantTypes.RefreshToken, OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization,
OpenIddictConstants.Permissions.GrantTypes.DeviceCode, OpenIddictConstants.Permissions.Endpoints.Introspection,
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials, OpenIddictConstants.Permissions.Endpoints.Revocation,
OpenIddictConstants.Permissions.Prefixes.GrantType + WeChatTokenExtensionGrantConsts.OfficialGrantType, OpenIddictConstants.Permissions.Endpoints.EndSession,
OpenIddictConstants.Permissions.Prefixes.GrantType + WeChatTokenExtensionGrantConsts.MiniProgramGrantType,
OpenIddictConstants.Permissions.Prefixes.GrantType + SmsTokenExtensionGrantConsts.GrantType, OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
OpenIddictConstants.Permissions.Prefixes.GrantType + LinkUserTokenExtensionGrantConsts.GrantType, OpenIddictConstants.Permissions.GrantTypes.Implicit,
OpenIddictConstants.Permissions.GrantTypes.Password,
OpenIddictConstants.Permissions.ResponseTypes.Code, OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken, OpenIddictConstants.Permissions.GrantTypes.DeviceCode,
OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken, OpenIddictConstants.Permissions.GrantTypes.ClientCredentials,
OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
OpenIddictConstants.Permissions.ResponseTypes.IdToken, OpenIddictConstants.Permissions.ResponseTypes.Code,
OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken, OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
OpenIddictConstants.Permissions.ResponseTypes.None, OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.Token, OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
OpenIddictConstants.Permissions.ResponseTypes.IdToken,
OpenIddictConstants.Permissions.Scopes.Roles, OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
OpenIddictConstants.Permissions.Scopes.Profile, OpenIddictConstants.Permissions.ResponseTypes.None,
OpenIddictConstants.Permissions.Scopes.Email, OpenIddictConstants.Permissions.ResponseTypes.Token,
OpenIddictConstants.Permissions.Scopes.Address,
OpenIddictConstants.Permissions.Scopes.Phone, OpenIddictConstants.Permissions.Scopes.Roles,
OpenIddictConstants.Permissions.Prefixes.Scope + WeChatTokenExtensionGrantConsts.ProfileKey, OpenIddictConstants.Permissions.Scopes.Profile,
OpenIddictConstants.Permissions.Prefixes.Scope + "lingyun-abp-application" OpenIddictConstants.Permissions.Scopes.Email,
} OpenIddictConstants.Permissions.Scopes.Address,
}); OpenIddictConstants.Permissions.Scopes.Phone,
OpenIddictConstants.Permissions.Prefixes.Scope + scope
}
});
var internalServicePermissions = new string[2]
{
"AbpIdentity.UserLookup","AbpIdentity.Users"
};
await _permissionDataSeeder.SeedAsync(ClientPermissionValueProvider.ProviderName, internalServiceClientId, internalServicePermissions);
}
} }
if (await _applicationRepository.FindByClientIdAsync("InternalServiceClient") == null) var oauthClientId = configurationSection["VueOAuthClient:ClientId"];
if (!oauthClientId.IsNullOrWhiteSpace())
{ {
await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor var oauthClientRootUrl = configurationSection["VueOAuthClient:RootUrl"].EnsureEndsWith('/');
if (await _applicationRepository.FindByClientIdAsync(oauthClientId) == null)
{ {
ClientId = "InternalServiceClient", await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor
ClientSecret = "1q2w3e*",
ClientType = OpenIddictConstants.ClientTypes.Confidential,
ConsentType = OpenIddictConstants.ConsentTypes.Explicit,
DisplayName = "Internal Service Client",
PostLogoutRedirectUris = {},
RedirectUris = {},
Permissions =
{ {
OpenIddictConstants.Permissions.Endpoints.Authorization, ClientId = oauthClientId,
OpenIddictConstants.Permissions.Endpoints.Token, ClientSecret = null,
OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization, ApplicationType = OpenIddictConstants.ApplicationTypes.Web,
OpenIddictConstants.Permissions.Endpoints.Introspection, ConsentType = OpenIddictConstants.ConsentTypes.Implicit,
OpenIddictConstants.Permissions.Endpoints.Revocation, DisplayName = "OAuth Client",
OpenIddictConstants.Permissions.Endpoints.EndSession, PostLogoutRedirectUris =
{
OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode, new Uri(oauthClientRootUrl + "signout-callback"),
OpenIddictConstants.Permissions.GrantTypes.Implicit, new Uri(oauthClientRootUrl)
OpenIddictConstants.Permissions.GrantTypes.Password, },
OpenIddictConstants.Permissions.GrantTypes.RefreshToken, RedirectUris =
OpenIddictConstants.Permissions.GrantTypes.DeviceCode, {
OpenIddictConstants.Permissions.GrantTypes.ClientCredentials, new Uri(oauthClientRootUrl + "signin-callback"),
new Uri(oauthClientRootUrl + "swagger/oauth2-redirect.html"),
OpenIddictConstants.Permissions.ResponseTypes.Code, new Uri(oauthClientRootUrl)
OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken, },
OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken, Permissions =
OpenIddictConstants.Permissions.ResponseTypes.CodeToken, {
OpenIddictConstants.Permissions.ResponseTypes.IdToken, OpenIddictConstants.Permissions.Endpoints.Authorization,
OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken, OpenIddictConstants.Permissions.Endpoints.Token,
OpenIddictConstants.Permissions.ResponseTypes.None, OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization,
OpenIddictConstants.Permissions.ResponseTypes.Token, OpenIddictConstants.Permissions.Endpoints.Introspection,
OpenIddictConstants.Permissions.Endpoints.Revocation,
OpenIddictConstants.Permissions.Scopes.Roles, OpenIddictConstants.Permissions.Endpoints.EndSession,
OpenIddictConstants.Permissions.Scopes.Profile,
OpenIddictConstants.Permissions.Scopes.Email, OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode,
OpenIddictConstants.Permissions.Scopes.Address, OpenIddictConstants.Permissions.GrantTypes.RefreshToken,
OpenIddictConstants.Permissions.Scopes.Phone,
OpenIddictConstants.Permissions.ResponseTypes.Code,
OpenIddictConstants.Permissions.Prefixes.Scope + "lingyun-abp-application" OpenIddictConstants.Permissions.ResponseTypes.CodeIdToken,
} OpenIddictConstants.Permissions.ResponseTypes.CodeIdTokenToken,
}); OpenIddictConstants.Permissions.ResponseTypes.CodeToken,
OpenIddictConstants.Permissions.ResponseTypes.IdToken,
OpenIddictConstants.Permissions.ResponseTypes.IdTokenToken,
OpenIddictConstants.Permissions.ResponseTypes.None,
OpenIddictConstants.Permissions.ResponseTypes.Token,
OpenIddictConstants.Permissions.Scopes.Roles,
OpenIddictConstants.Permissions.Scopes.Profile,
OpenIddictConstants.Permissions.Scopes.Email,
OpenIddictConstants.Permissions.Scopes.Address,
OpenIddictConstants.Permissions.Scopes.Phone,
OpenIddictConstants.Permissions.Prefixes.Scope + scope
}
});
var oauthClientPermissions = new string[1]
{
"AbpIdentity.UserLookup"
};
await _permissionDataSeeder.SeedAsync(ClientPermissionValueProvider.ProviderName, oauthClientId, oauthClientPermissions);
}
} }
} }
} }

12
aspnet-core/services/LY.MicroService.AuthServer/appsettings.Development.json
View File

@ -10,7 +10,7 @@
"configCacheEncrypt": true "configCacheEncrypt": true
}, },
"App": { "App": {
"CorsOrigins": "http://127.0.0.1:3100", "CorsOrigins": "http://127.0.0.1:5666,http://localhost:5666",
"Urls": { "Urls": {
"Applications": { "Applications": {
"MVC": { "MVC": {
@ -24,7 +24,7 @@
"RootUrl": "http://127.0.0.1:44385/" "RootUrl": "http://127.0.0.1:44385/"
}, },
"VueVbenAdmin": { "VueVbenAdmin": {
"RootUrl": "http://127.0.0.1:3100/", "RootUrl": "http://127.0.0.1:5666/",
"Urls": { "Urls": {
"Abp.Account.EmailConfirm": "account/email-confirm", "Abp.Account.EmailConfirm": "account/email-confirm",
"Abp.Account.EmailVerifyLogin": "account/verify-code" "Abp.Account.EmailVerifyLogin": "account/verify-code"
@ -95,14 +95,18 @@
}, },
"OpenIddict": { "OpenIddict": {
"Applications": { "Applications": {
"AuthVueAdmin": { "VueAdmin": {
"ClientId": "vue-admin-client", "ClientId": "vue-admin-client",
"ClientSecret": "1q2w3e*", "ClientSecret": "1q2w3e*",
"RootUrl": "http://127.0.0.1:3100/" "RootUrl": "http://127.0.0.1:5666/"
}, },
"InternalService": { "InternalService": {
"ClientId": "InternalServiceClient", "ClientId": "InternalServiceClient",
"ClientSecret": "1q2w3e*" "ClientSecret": "1q2w3e*"
},
"VueOAuthClient": {
"ClientId": "vue-oauth-client",
"RootUrl": "http://localhost:5666"
} }
} }
}, },

Write Preview
Loading…
Cancel
Save