From 1d859069b9f5e3c4dd562a848343d3e4e0334da4 Mon Sep 17 00:00:00 2001 From: maliming Date: Wed, 18 May 2022 12:36:15 +0800 Subject: [PATCH] Use `PreferredUsername` instead of `Name` for UserName clasim. --- .../OpenIddict.Demo.Server/OpenIddictServerModule.cs | 10 ++++++++++ .../openiddict/app/OpenIddict.Demo.Server/Program.cs | 7 ------- .../Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs | 2 +- .../AbpDefaultOpenIddictClaimDestinationsProvider.cs | 2 +- .../Controllers/TokenController.ClientCredentials.cs | 6 +++--- .../Abp/OpenIddict/Controllers/UserInfoController.cs | 2 +- .../MyProjectNameBlazorModule.cs | 2 -- 7 files changed, 16 insertions(+), 15 deletions(-) diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs b/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs index 3f0b36ed66..616b3ef0c7 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs @@ -1,7 +1,10 @@ using System.Text; using Microsoft.EntityFrameworkCore; using Microsoft.IdentityModel.Tokens; +using OpenIddict.Abstractions; using OpenIddict.Demo.Server.EntityFrameworkCore; +using OpenIddict.Server.AspNetCore; +using OpenIddict.Validation.AspNetCore; using Volo.Abp; using Volo.Abp.Account; using Volo.Abp.Account.Web; @@ -107,6 +110,13 @@ public class OpenIddictServerModule : AbpModule public override void ConfigureServices(ServiceConfigurationContext context) { + context.Services.ConfigureApplicationCookie(options => + { + options.ForwardDefaultSelector = ctx => ctx.Request.Path.StartsWithSegments("/api") + ? OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme + : null; + }); + Configure(options => { options.AddDevelopmentEncryptionAndSigningCertificate = false; diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs b/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs index eb5b1673b2..3bfc26a9a3 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs @@ -41,13 +41,6 @@ builder.Services.Configure(options => // options.TokenValidationParameters.TokenDecryptionKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("Abp_OpenIddict_Demo_87E33FC57D80")); // }); -// builder.Services.ConfigureApplicationCookie(options => -// { -// options.ForwardDefaultSelector = ctx => ctx.Request.Path.StartsWithSegments("/api") -// ? OtherScheme -// : null; -// }); - await builder.AddApplicationAsync(); var app = builder.Build(); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs index 9a2a289d08..77971ff5f6 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs @@ -40,7 +40,7 @@ public class AbpOpenIddictAspNetCoreModule : AbpModule { AbpClaimTypes.UserId = OpenIddictConstants.Claims.Subject; AbpClaimTypes.Role = OpenIddictConstants.Claims.Role; - AbpClaimTypes.UserName = OpenIddictConstants.Claims.Name; + AbpClaimTypes.UserName = OpenIddictConstants.Claims.PreferredUsername; AbpClaimTypes.Name = OpenIddictConstants.Claims.GivenName; AbpClaimTypes.SurName = OpenIddictConstants.Claims.FamilyName; AbpClaimTypes.PhoneNumber = OpenIddictConstants.Claims.PhoneNumber; diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/ClaimDestinations/AbpDefaultOpenIddictClaimDestinationsProvider.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/ClaimDestinations/AbpDefaultOpenIddictClaimDestinationsProvider.cs index 7f54cd81aa..c00339a339 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/ClaimDestinations/AbpDefaultOpenIddictClaimDestinationsProvider.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/ClaimDestinations/AbpDefaultOpenIddictClaimDestinationsProvider.cs @@ -27,7 +27,7 @@ public class AbpDefaultOpenIddictClaimDestinationsProvider : IAbpOpenIddictClaim switch (claim.Type) { - case OpenIddictConstants.Claims.Name: + case OpenIddictConstants.Claims.PreferredUsername: claim.SetDestinations(OpenIddictConstants.Destinations.AccessToken); if (context.Principal.HasScope(OpenIddictConstants.Scopes.Profile)) { diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.ClientCredentials.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.ClientCredentials.cs index 0d0c26166a..21fa7bf1cd 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.ClientCredentials.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.ClientCredentials.cs @@ -26,13 +26,13 @@ public partial class TokenController // will be used to create an id_token, a token or a code. var identity = new ClaimsIdentity( TokenValidationParameters.DefaultAuthenticationType, - OpenIddictConstants.Claims.Name, OpenIddictConstants.Claims.Role); + OpenIddictConstants.Claims.PreferredUsername, OpenIddictConstants.Claims.Role); // Use the client_id as the subject identifier. identity.AddClaim(OpenIddictConstants.Claims.Subject, await ApplicationManager.GetClientIdAsync(application), OpenIddictConstants.Destinations.AccessToken, OpenIddictConstants.Destinations.IdentityToken); - identity.AddClaim(OpenIddictConstants.Claims.Name, await ApplicationManager.GetDisplayNameAsync(application), + identity.AddClaim(OpenIddictConstants.Claims.PreferredUsername, await ApplicationManager.GetDisplayNameAsync(application), OpenIddictConstants.Destinations.AccessToken, OpenIddictConstants.Destinations.IdentityToken); // Note: In the original OAuth 2.0 specification, the client credentials grant @@ -65,7 +65,7 @@ public partial class TokenController // whether they should be included in access tokens, in identity tokens or in both. return claim.Type switch { - OpenIddictConstants.Claims.Name or OpenIddictConstants.Claims.Subject + OpenIddictConstants.Claims.PreferredUsername or OpenIddictConstants.Claims.Subject => ImmutableArray.Create(OpenIddictConstants.Destinations.AccessToken, OpenIddictConstants.Destinations.IdentityToken), diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/UserInfoController.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/UserInfoController.cs index 9655695924..8d1c48760b 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/UserInfoController.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/UserInfoController.cs @@ -40,7 +40,7 @@ public class UserInfoController : AbpOpenIdDictControllerBase if (User.HasScope(OpenIddictConstants.Scopes.Profile)) { claims[AbpClaimTypes.TenantId] = user.TenantId; - claims[OpenIddictConstants.Claims.Name] = user.UserName; + claims[OpenIddictConstants.Claims.PreferredUsername] = user.UserName; claims[OpenIddictConstants.Claims.FamilyName] = user.Surname; } diff --git a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Blazor/MyProjectNameBlazorModule.cs b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Blazor/MyProjectNameBlazorModule.cs index f76c845926..c970430580 100644 --- a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Blazor/MyProjectNameBlazorModule.cs +++ b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Blazor/MyProjectNameBlazorModule.cs @@ -82,8 +82,6 @@ public class MyProjectNameBlazorModule : AbpModule options.ProviderOptions.DefaultScopes.Add("email"); options.ProviderOptions.DefaultScopes.Add("phone"); }); - - AbpClaimTypes.UserName = OpenIddictConstants.Claims.Name; } private static void ConfigureUI(WebAssemblyHostBuilder builder)