From b51e51ffbc062409bb9482e664996ed1cda799f4 Mon Sep 17 00:00:00 2001 From: maliming Date: Sat, 5 Oct 2024 18:03:57 +0800 Subject: [PATCH 01/16] Upgrade to Openiddict 6.0.0. --- Directory.Packages.props | 10 ++-- .../Pages/Index.razor | 4 +- .../Program.cs | 2 +- .../ServerDataSeedContributor.cs | 8 ++-- ....cs => 20241005085943_Initial.Designer.cs} | 20 ++++++-- ...2_Initial.cs => 20241005085943_Initial.cs} | 6 ++- .../ServerDbContextModelSnapshot.cs | 18 +++++-- .../OpenIddictServerModule.cs | 19 +------- .../AbpOpenIddictAspNetCoreModule.cs | 16 +++---- .../Controllers/AuthorizeController.cs | 12 ++--- ...tController.cs => EndSessionController.cs} | 3 +- .../AbpValidateAuthorizedParty.cs | 6 +-- .../AbpValidateClientPostLogoutRedirectUri.cs | 6 +-- ...pValidatePostLogoutRedirectUriParameter.cs | 6 +-- .../AbpOpenIddictAuthorizationStore.cs | 17 +++++++ .../IOpenIddictAuthorizationRepository.cs | 4 ++ .../Tokens/AbpOpenIddictTokenStore.cs | 16 +++++++ .../Tokens/IOpenIddictTokenRepository.cs | 6 ++- ...EfCoreOpenIddictAuthorizationRepository.cs | 16 +++++++ .../Tokens/EfCoreOpenIddictTokenRepository.cs | 16 +++++++ .../MongoOpenIddictAuthorizationRepository.cs | 18 +++++++ .../Tokens/MongoOpenIddictTokenRepository.cs | 24 ++++++++-- .../AbpOpenIddictAuthorizationStore_Tests.cs | 36 +++++++------- .../Tokens/AbpOpenIddictTokenStore_Tests.cs | 10 ++-- .../Abp/OpenIddict/AbpOpenIddictTestData.cs | 9 ++-- ...OpenIddictAuthorizationRepository_Tests.cs | 46 +++++++++++++++--- .../OpenIddictDataSeedContributor.cs | 16 +++---- .../OpenIddictTokenRepository_Tests.cs | 47 ++++++++++++++++--- .../Data/OpenIddictDataSeedContributor.cs | 4 +- .../Data/OpenIddictDataSeedContributor.cs | 4 +- .../Data/OpenIddictDataSeedContributor.cs | 4 +- .../Data/OpenIddictDataSeedContributor.cs | 4 +- .../OpenIddictDataSeedContributor.cs | 4 +- .../OpenIddictDataSeedContributor.cs | 4 +- 34 files changed, 313 insertions(+), 128 deletions(-) rename modules/openiddict/app/OpenIddict.Demo.Server/Migrations/{20240829013142_Initial.Designer.cs => 20241005085943_Initial.Designer.cs} (98%) rename modules/openiddict/app/OpenIddict.Demo.Server/Migrations/{20240829013142_Initial.cs => 20241005085943_Initial.cs} (99%) rename modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/{LogoutController.cs => EndSessionController.cs} (93%) diff --git a/Directory.Packages.props b/Directory.Packages.props index f6db56e778..4d71fea445 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -120,11 +120,11 @@ - - - - - + + + + + diff --git a/modules/openiddict/app/OpenIddict.Demo.Client.BlazorWASM/Pages/Index.razor b/modules/openiddict/app/OpenIddict.Demo.Client.BlazorWASM/Pages/Index.razor index 7889736c35..648f6ab84b 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Client.BlazorWASM/Pages/Index.razor +++ b/modules/openiddict/app/OpenIddict.Demo.Client.BlazorWASM/Pages/Index.razor @@ -21,9 +21,9 @@ Welcome to your new app. @if (_claims.Count() > 0) { -

+

    @foreach (var claim in _claims) diff --git a/modules/openiddict/app/OpenIddict.Demo.Client.BlazorWASM/Program.cs b/modules/openiddict/app/OpenIddict.Demo.Client.BlazorWASM/Program.cs index f4a96ba0f8..a2bd2c85e3 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Client.BlazorWASM/Program.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Client.BlazorWASM/Program.cs @@ -15,7 +15,7 @@ builder.Services.AddOidcAuthentication(options => options.ProviderOptions.ClientId = "AbpBlazorWASMApp"; options.ProviderOptions.ResponseType = "code"; - options.UserOptions.NameClaim = JwtClaimTypes.Name; + options.UserOptions.NameClaim = JwtClaimTypes.PreferredUserName; options.UserOptions.RoleClaim = JwtClaimTypes.Role; options.ProviderOptions.DefaultScopes.Add("roles"); diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/EntityFrameworkCore/ServerDataSeedContributor.cs b/modules/openiddict/app/OpenIddict.Demo.Server/EntityFrameworkCore/ServerDataSeedContributor.cs index f63137a0e2..9d4aee74e7 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/EntityFrameworkCore/ServerDataSeedContributor.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Server/EntityFrameworkCore/ServerDataSeedContributor.cs @@ -67,10 +67,10 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende { OpenIddictConstants.Permissions.Endpoints.Authorization, OpenIddictConstants.Permissions.Endpoints.Token, - OpenIddictConstants.Permissions.Endpoints.Device, + OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization, OpenIddictConstants.Permissions.Endpoints.Introspection, OpenIddictConstants.Permissions.Endpoints.Revocation, - OpenIddictConstants.Permissions.Endpoints.Logout, + OpenIddictConstants.Permissions.Endpoints.EndSession, OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode, OpenIddictConstants.Permissions.GrantTypes.Implicit, @@ -125,10 +125,10 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende { OpenIddictConstants.Permissions.Endpoints.Authorization, OpenIddictConstants.Permissions.Endpoints.Token, - OpenIddictConstants.Permissions.Endpoints.Device, + OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization, OpenIddictConstants.Permissions.Endpoints.Introspection, OpenIddictConstants.Permissions.Endpoints.Revocation, - OpenIddictConstants.Permissions.Endpoints.Logout, + OpenIddictConstants.Permissions.Endpoints.EndSession, OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode, OpenIddictConstants.Permissions.GrantTypes.Implicit, diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20240829013142_Initial.Designer.cs b/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20241005085943_Initial.Designer.cs similarity index 98% rename from modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20240829013142_Initial.Designer.cs rename to modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20241005085943_Initial.Designer.cs index 158f345fbe..7fffd314e8 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20240829013142_Initial.Designer.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20241005085943_Initial.Designer.cs @@ -13,7 +13,7 @@ using Volo.Abp.EntityFrameworkCore; namespace OpenIddict.Demo.Server.Migrations { [DbContext(typeof(ServerDbContext))] - [Migration("20240829013142_Initial")] + [Migration("20241005085943_Initial")] partial class Initial { /// @@ -22,7 +22,7 @@ namespace OpenIddict.Demo.Server.Migrations #pragma warning disable 612, 618 modelBuilder .HasAnnotation("_Abp_DatabaseProvider", EfCoreDatabaseProvider.SqlServer) - .HasAnnotation("ProductVersion", "8.0.4") + .HasAnnotation("ProductVersion", "9.0.0-rc.1.24451.1") .HasAnnotation("Relational:MaxIdentifierLength", 128); SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder); @@ -394,6 +394,13 @@ namespace OpenIddict.Demo.Server.Migrations .HasMaxLength(64) .HasColumnType("nvarchar(64)"); + b.Property("ConcurrencyStamp") + .IsConcurrencyToken() + .IsRequired() + .HasMaxLength(40) + .HasColumnType("nvarchar(40)") + .HasColumnName("ConcurrencyStamp"); + b.Property("Device") .IsRequired() .HasMaxLength(64) @@ -403,9 +410,14 @@ namespace OpenIddict.Demo.Server.Migrations .HasMaxLength(64) .HasColumnType("nvarchar(64)"); + b.Property("ExtraProperties") + .IsRequired() + .HasColumnType("nvarchar(max)") + .HasColumnName("ExtraProperties"); + b.Property("IpAddresses") - .HasMaxLength(256) - .HasColumnType("nvarchar(256)"); + .HasMaxLength(2048) + .HasColumnType("nvarchar(2048)"); b.Property("LastAccessed") .HasColumnType("datetime2"); diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20240829013142_Initial.cs b/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20241005085943_Initial.cs similarity index 99% rename from modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20240829013142_Initial.cs rename to modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20241005085943_Initial.cs index 537745685f..62b23276c4 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20240829013142_Initial.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/20241005085943_Initial.cs @@ -232,9 +232,11 @@ namespace OpenIddict.Demo.Server.Migrations TenantId = table.Column(type: "uniqueidentifier", nullable: true), UserId = table.Column(type: "uniqueidentifier", nullable: false), ClientId = table.Column(type: "nvarchar(64)", maxLength: 64, nullable: true), - IpAddresses = table.Column(type: "nvarchar(256)", maxLength: 256, nullable: true), + IpAddresses = table.Column(type: "nvarchar(2048)", maxLength: 2048, nullable: true), SignedIn = table.Column(type: "datetime2", nullable: false), - LastAccessed = table.Column(type: "datetime2", nullable: true) + LastAccessed = table.Column(type: "datetime2", nullable: true), + ExtraProperties = table.Column(type: "nvarchar(max)", nullable: false), + ConcurrencyStamp = table.Column(type: "nvarchar(40)", maxLength: 40, nullable: false) }, constraints: table => { diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/ServerDbContextModelSnapshot.cs b/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/ServerDbContextModelSnapshot.cs index bdbb1fca9b..fbaf0bc710 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/ServerDbContextModelSnapshot.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Server/Migrations/ServerDbContextModelSnapshot.cs @@ -19,7 +19,7 @@ namespace OpenIddict.Demo.Server.Migrations #pragma warning disable 612, 618 modelBuilder .HasAnnotation("_Abp_DatabaseProvider", EfCoreDatabaseProvider.SqlServer) - .HasAnnotation("ProductVersion", "8.0.4") + .HasAnnotation("ProductVersion", "9.0.0-rc.1.24451.1") .HasAnnotation("Relational:MaxIdentifierLength", 128); SqlServerModelBuilderExtensions.UseIdentityColumns(modelBuilder); @@ -391,6 +391,13 @@ namespace OpenIddict.Demo.Server.Migrations .HasMaxLength(64) .HasColumnType("nvarchar(64)"); + b.Property("ConcurrencyStamp") + .IsConcurrencyToken() + .IsRequired() + .HasMaxLength(40) + .HasColumnType("nvarchar(40)") + .HasColumnName("ConcurrencyStamp"); + b.Property("Device") .IsRequired() .HasMaxLength(64) @@ -400,9 +407,14 @@ namespace OpenIddict.Demo.Server.Migrations .HasMaxLength(64) .HasColumnType("nvarchar(64)"); + b.Property("ExtraProperties") + .IsRequired() + .HasColumnType("nvarchar(max)") + .HasColumnName("ExtraProperties"); + b.Property("IpAddresses") - .HasMaxLength(256) - .HasColumnType("nvarchar(256)"); + .HasMaxLength(2048) + .HasColumnType("nvarchar(2048)"); b.Property("LastAccessed") .HasColumnType("datetime2"); diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs b/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs index b6e262ee32..dd8ba1df2d 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs @@ -89,24 +89,7 @@ public class OpenIddictServerModule : AbpModule PreConfigure(builder => { - //https://documentation.openiddict.com/configuration/encryption-and-signing-credentials.html - using (var algorithm = RSA.Create(keySizeInBits: 2048)) - { - var subject = new X500DistinguishedName("CN=Fabrikam Encryption Certificate"); - var request = new CertificateRequest(subject, algorithm, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); - request.CertificateExtensions.Add(new X509KeyUsageExtension(X509KeyUsageFlags.DigitalSignature, critical: true)); - var certificate = request.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddYears(2)); - builder.AddSigningCertificate(certificate); - } - - using (var algorithm = RSA.Create(keySizeInBits: 2048)) - { - var subject = new X500DistinguishedName("CN=Fabrikam Signing Certificate"); - var request = new CertificateRequest(subject, algorithm, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); - request.CertificateExtensions.Add(new X509KeyUsageExtension(X509KeyUsageFlags.KeyEncipherment, critical: true)); - var certificate = request.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddYears(2)); - builder.AddEncryptionCertificate(certificate); - } + builder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", "00000000-0000-0000-0000-000000000000"); builder.Configure(openIddictServerOptions => { diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs index 1b8fb5d39c..94e662f936 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs @@ -62,13 +62,13 @@ public class AbpOpenIddictAspNetCoreModule : AbpModule //.SetConfigurationEndpointUris() // .well-known/jwks //.SetCryptographyEndpointUris() - .SetDeviceEndpointUris("device") + .SetDeviceAuthorizationEndpointUris("device") .SetIntrospectionEndpointUris("connect/introspect") - .SetLogoutEndpointUris("connect/logout") + .SetEndSessionEndpointUris("connect/endsession") .SetRevocationEndpointUris("connect/revocat") .SetTokenEndpointUris("connect/token") - .SetUserinfoEndpointUris("connect/userinfo") - .SetVerificationEndpointUris("connect/verify"); + .SetUserInfoEndpointUris("connect/userinfo") + .SetEndUserVerificationEndpointUris("connect/verify"); builder .AllowAuthorizationCodeFlow() @@ -77,7 +77,7 @@ public class AbpOpenIddictAspNetCoreModule : AbpModule .AllowPasswordFlow() .AllowClientCredentialsFlow() .AllowRefreshTokenFlow() - .AllowDeviceCodeFlow() + .AllowDeviceAuthorizationFlow() .AllowNoneFlow(); builder.RegisterScopes(new[] @@ -94,9 +94,9 @@ public class AbpOpenIddictAspNetCoreModule : AbpModule builder.UseAspNetCore() .EnableAuthorizationEndpointPassthrough() .EnableTokenEndpointPassthrough() - .EnableUserinfoEndpointPassthrough() - .EnableLogoutEndpointPassthrough() - .EnableVerificationEndpointPassthrough() + .EnableUserInfoEndpointPassthrough() + .EnableEndSessionEndpointPassthrough() + .EnableEndUserVerificationEndpointPassthrough() .EnableStatusCodePagesIntegration(); if (builderOptions.AddDevelopmentEncryptionAndSigningCertificate) diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs index 5b28962f37..27f266b7ea 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs @@ -30,11 +30,11 @@ public class AuthorizeController : AbpOpenIdDictControllerBase // If prompt=login was specified by the client application, // immediately return the user agent to the login page. - if (request.HasPrompt(OpenIddictConstants.Prompts.Login)) + if (request.HasPrompt(OpenIddictConstants.PromptValues.Login)) { // To avoid endless login -> authorization redirects, the prompt=login flag // is removed from the authorization request payload before redirecting the user. - var prompt = string.Join(" ", request.GetPrompts().Remove(OpenIddictConstants.Prompts.Login)); + var prompt = string.Join(" ", request.GetPrompts().Remove(OpenIddictConstants.PromptValues.Login)); var parameters = Request.HasFormContentType ? Request.Form.Where(parameter => parameter.Key != OpenIddictConstants.Parameters.Prompt).ToList() : @@ -59,7 +59,7 @@ public class AuthorizeController : AbpOpenIdDictControllerBase { // If the client application requested promptless authentication, // return an error indicating that the user is not logged in. - if (request.HasPrompt(OpenIddictConstants.Prompts.None)) + if (request.HasPrompt(OpenIddictConstants.PromptValues.None)) { return Forbid( authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, @@ -137,7 +137,7 @@ public class AuthorizeController : AbpOpenIdDictControllerBase // return an authorization response without displaying the consent form. case OpenIddictConstants.ConsentTypes.Implicit: case OpenIddictConstants.ConsentTypes.External when authorizations.Any(): - case OpenIddictConstants.ConsentTypes.Explicit when authorizations.Any() && !request.HasPrompt(OpenIddictConstants.Prompts.Consent): + case OpenIddictConstants.ConsentTypes.Explicit when authorizations.Any() && !request.HasPrompt(OpenIddictConstants.PromptValues.Consent): var principal = await SignInManager.CreateUserPrincipalAsync(user); if (result.Properties != null && result.Properties.IsPersistent) @@ -173,8 +173,8 @@ public class AuthorizeController : AbpOpenIdDictControllerBase // At this point, no authorization was found in the database and an error must be returned // if the client application specified prompt=none in the authorization request. - case OpenIddictConstants.ConsentTypes.Explicit when request.HasPrompt(OpenIddictConstants.Prompts.None): - case OpenIddictConstants.ConsentTypes.Systematic when request.HasPrompt(OpenIddictConstants.Prompts.None): + case OpenIddictConstants.ConsentTypes.Explicit when request.HasPrompt(OpenIddictConstants.PromptValues.None): + case OpenIddictConstants.ConsentTypes.Systematic when request.HasPrompt(OpenIddictConstants.PromptValues.None): return Forbid( authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, properties: new AuthenticationProperties(new Dictionary diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/LogoutController.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/EndSessionController.cs similarity index 93% rename from modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/LogoutController.cs rename to modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/EndSessionController.cs index 34796ea6a9..627479813b 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/LogoutController.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/EndSessionController.cs @@ -1,11 +1,10 @@ using System.Threading.Tasks; -using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Mvc; using OpenIddict.Server.AspNetCore; namespace Volo.Abp.OpenIddict.Controllers; -[Route("connect/logout")] +[Route("connect/endsession")] [ApiExplorerSettings(IgnoreApi = true)] public class LogoutController : AbpOpenIdDictControllerBase { diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateAuthorizedParty.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateAuthorizedParty.cs index 5c22de29a2..eaae81d714 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateAuthorizedParty.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateAuthorizedParty.cs @@ -5,10 +5,10 @@ using OpenIddict.Server; namespace Volo.Abp.OpenIddict.WildcardDomains; -public class AbpValidateAuthorizedParty : AbpOpenIddictWildcardDomainBase +public class AbpValidateAuthorizedParty : AbpOpenIddictWildcardDomainBase { public static OpenIddictServerHandlerDescriptor Descriptor { get; } - = OpenIddictServerHandlerDescriptor.CreateBuilder() + = OpenIddictServerHandlerDescriptor.CreateBuilder() .UseScopedHandler() .SetOrder(OpenIddictServerHandlers.Session.ValidateEndpointPermissions.Descriptor.Order + 1_000) .SetType(OpenIddictServerHandlerType.BuiltIn) @@ -22,7 +22,7 @@ public class AbpValidateAuthorizedParty : AbpOpenIddictWildcardDomainBase +public class AbpValidateClientPostLogoutRedirectUri : AbpOpenIddictWildcardDomainBase { public static OpenIddictServerHandlerDescriptor Descriptor { get; } - = OpenIddictServerHandlerDescriptor.CreateBuilder() + = OpenIddictServerHandlerDescriptor.CreateBuilder() .AddFilter() .AddFilter() .UseScopedHandler() @@ -24,7 +24,7 @@ public class AbpValidateClientPostLogoutRedirectUri : AbpOpenIddictWildcardDomai OriginalHandler = new OpenIddictServerHandlers.Session.ValidateClientPostLogoutRedirectUri(applicationManager); } - public async override ValueTask HandleAsync(OpenIddictServerEvents.ValidateLogoutRequestContext context) + public async override ValueTask HandleAsync(OpenIddictServerEvents.ValidateEndSessionRequestContext context) { Check.NotNull(context, nameof(context)); Check.NotNullOrEmpty(context.PostLogoutRedirectUri, nameof(context.PostLogoutRedirectUri)); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidatePostLogoutRedirectUriParameter.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidatePostLogoutRedirectUriParameter.cs index d96592944c..fe54259121 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidatePostLogoutRedirectUriParameter.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidatePostLogoutRedirectUriParameter.cs @@ -4,10 +4,10 @@ using OpenIddict.Server; namespace Volo.Abp.OpenIddict.WildcardDomains; -public class AbpValidatePostLogoutRedirectUriParameter : AbpOpenIddictWildcardDomainBase +public class AbpValidatePostLogoutRedirectUriParameter : AbpOpenIddictWildcardDomainBase { public static OpenIddictServerHandlerDescriptor Descriptor { get; } - = OpenIddictServerHandlerDescriptor.CreateBuilder() + = OpenIddictServerHandlerDescriptor.CreateBuilder() .UseSingletonHandler() .SetOrder(int.MinValue + 100_000) .SetType(OpenIddictServerHandlerType.BuiltIn) @@ -18,7 +18,7 @@ public class AbpValidatePostLogoutRedirectUriParameter : AbpOpenIddictWildcardDo { } - public async override ValueTask HandleAsync(OpenIddictServerEvents.ValidateLogoutRequestContext context) + public async override ValueTask HandleAsync(OpenIddictServerEvents.ValidateEndSessionRequestContext context) { Check.NotNull(context, nameof(context)); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationStore.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationStore.cs index 7d63ebd97c..76e2d5b295 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationStore.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationStore.cs @@ -300,6 +300,23 @@ public class AbpOpenIddictAuthorizationStore : AbpOpenIddictStoreBase RevokeByApplicationIdAsync(string identifier, CancellationToken cancellationToken) + { + Check.NotNullOrEmpty(identifier, nameof(identifier)); + + var key = ConvertIdentifierFromString(identifier); + + return await Repository.RevokeByApplicationIdAsync(key, cancellationToken: cancellationToken); + } + + /// + public virtual async ValueTask RevokeBySubjectAsync(string subject, CancellationToken cancellationToken) + { + Check.NotNullOrEmpty(subject, nameof(subject)); + + return await Repository.RevokeBySubjectAsync(subject, cancellationToken: cancellationToken); + } + public virtual async ValueTask SetApplicationIdAsync(OpenIddictAuthorizationModel authorization, string identifier, CancellationToken cancellationToken) { Check.NotNull(authorization, nameof(authorization)); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/IOpenIddictAuthorizationRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/IOpenIddictAuthorizationRepository.cs index 98c98b3e58..ea5b943426 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/IOpenIddictAuthorizationRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/IOpenIddictAuthorizationRepository.cs @@ -23,4 +23,8 @@ public interface IOpenIddictAuthorizationRepository : IBasicRepository> ListAsync(int? count, int? offset, CancellationToken cancellationToken = default); Task PruneAsync(DateTime date, CancellationToken cancellationToken = default); + + ValueTask RevokeByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default); + + ValueTask RevokeBySubjectAsync(string subject, CancellationToken cancellationToken = default); } diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenStore.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenStore.cs index 7e2bf3dff3..8e4123b0db 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenStore.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenStore.cs @@ -320,6 +320,15 @@ public class AbpOpenIddictTokenStore : AbpOpenIddictStoreBase RevokeByApplicationIdAsync(string identifier, CancellationToken cancellationToken) + { + Check.NotNullOrEmpty(identifier, nameof(identifier)); + + var key = ConvertIdentifierFromString(identifier); + + return await Repository.RevokeByApplicationIdAsync(key, cancellationToken); + } + public virtual async ValueTask SetApplicationIdAsync(OpenIddictTokenModel token, string identifier, CancellationToken cancellationToken) { Check.NotNull(token, nameof(token)); @@ -335,6 +344,13 @@ public class AbpOpenIddictTokenStore : AbpOpenIddictStoreBase RevokeBySubjectAsync(string subject, CancellationToken cancellationToken) + { + Check.NotNullOrEmpty(subject, nameof(subject)); + + return await Repository.RevokeBySubjectAsync(subject, cancellationToken); + } + public virtual async ValueTask SetAuthorizationIdAsync(OpenIddictTokenModel token, string identifier, CancellationToken cancellationToken) { Check.NotNull(token, nameof(token)); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/IOpenIddictTokenRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/IOpenIddictTokenRepository.cs index 1a1877746a..b17ab2eb19 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/IOpenIddictTokenRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/IOpenIddictTokenRepository.cs @@ -34,5 +34,9 @@ public interface IOpenIddictTokenRepository : IBasicRepository PruneAsync(DateTime date, CancellationToken cancellationToken = default); - ValueTask RevokeByAuthorizationIdAsync(Guid id, CancellationToken cancellationToken); + ValueTask RevokeByAuthorizationIdAsync(Guid id, CancellationToken cancellationToken = default); + + ValueTask RevokeByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default); + + ValueTask RevokeBySubjectAsync(string subject, CancellationToken cancellationToken = default); } diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Authorizations/EfCoreOpenIddictAuthorizationRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Authorizations/EfCoreOpenIddictAuthorizationRepository.cs index 62cf3abdd4..d6ecad1bc4 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Authorizations/EfCoreOpenIddictAuthorizationRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Authorizations/EfCoreOpenIddictAuthorizationRepository.cs @@ -98,4 +98,20 @@ public class EfCoreOpenIddictAuthorizationRepository : EfCoreRepository authorizations.Contains(x.Id)).ExecuteDeleteAsync(cancellationToken); } + + public virtual async ValueTask RevokeByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default) + { + return await (from authorization in await GetQueryableAsync() + where authorization.ApplicationId == applicationId + select authorization).ExecuteUpdateAsync(entity => entity.SetProperty( + authorization => authorization.Status, OpenIddictConstants.Statuses.Revoked), cancellationToken); + } + + public virtual async ValueTask RevokeBySubjectAsync(string subject, CancellationToken cancellationToken = default) + { + return await (from authorization in await GetQueryableAsync() + where authorization.Subject == subject + select authorization).ExecuteUpdateAsync(entity => entity.SetProperty( + authorization => authorization.Status, OpenIddictConstants.Statuses.Revoked), cancellationToken); + } } diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Tokens/EfCoreOpenIddictTokenRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Tokens/EfCoreOpenIddictTokenRepository.cs index d861f8b54e..4c99be15ce 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Tokens/EfCoreOpenIddictTokenRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Tokens/EfCoreOpenIddictTokenRepository.cs @@ -117,4 +117,20 @@ public class EfCoreOpenIddictTokenRepository : EfCoreRepository entity.SetProperty(token => token.Status, OpenIddictConstants.Statuses.Revoked), GetCancellationToken(cancellationToken)); } + + public virtual async ValueTask RevokeByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken) + { + return await (from token in await GetQueryableAsync() + where token.ApplicationId == applicationId + select token).ExecuteUpdateAsync(entity => entity.SetProperty( + token => token.Status, OpenIddictConstants.Statuses.Revoked), cancellationToken); + } + + public virtual async ValueTask RevokeBySubjectAsync(string subject, CancellationToken cancellationToken) + { + return await (from token in await GetQueryableAsync() + where token.Subject == subject + select token).ExecuteUpdateAsync(entity => entity.SetProperty( + token => token.Status, OpenIddictConstants.Statuses.Revoked), cancellationToken); + } } diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Authorizations/MongoOpenIddictAuthorizationRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Authorizations/MongoOpenIddictAuthorizationRepository.cs index 3e30912a8d..e76e59c1b0 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Authorizations/MongoOpenIddictAuthorizationRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Authorizations/MongoOpenIddictAuthorizationRepository.cs @@ -109,4 +109,22 @@ public class MongoOpenIddictAuthorizationRepository : MongoDbRepository RevokeByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default) + { + return (await (await GetCollectionAsync(cancellationToken)).UpdateManyAsync( + filter : authorization => authorization.ApplicationId == applicationId, + update : Builders.Update.Set(authorization => authorization.Status, OpenIddictConstants.Statuses.Revoked), + options : null, + cancellationToken: cancellationToken)).MatchedCount; + } + + public virtual async ValueTask RevokeBySubjectAsync(string subject, CancellationToken cancellationToken = default) + { + return (await (await GetCollectionAsync(cancellationToken)).UpdateManyAsync( + filter : authorization => authorization.Subject == subject, + update : Builders.Update.Set(authorization => authorization.Status, OpenIddictConstants.Statuses.Revoked), + options : null, + cancellationToken: cancellationToken)).MatchedCount; + } } diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Tokens/MongoOpenIddictTokenRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Tokens/MongoOpenIddictTokenRepository.cs index 13898b0e4c..548a1c6638 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Tokens/MongoOpenIddictTokenRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Tokens/MongoOpenIddictTokenRepository.cs @@ -132,9 +132,27 @@ public class MongoOpenIddictTokenRepository : MongoDbRepository RevokeByAuthorizationIdAsync(Guid id, CancellationToken cancellationToken) { return (await (await GetCollectionAsync(GetCancellationToken(cancellationToken))).UpdateManyAsync( - filter: token => token.AuthorizationId == id, - update: Builders.Update.Set(token => token.Status, OpenIddictConstants.Statuses.Revoked), - options: null, + filter : token => token.AuthorizationId == id, + update : Builders.Update.Set(token => token.Status, OpenIddictConstants.Statuses.Revoked), + options : null, cancellationToken: GetCancellationToken(cancellationToken))).MatchedCount; } + + public virtual async ValueTask RevokeByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken) + { + return (await (await GetCollectionAsync(cancellationToken)).UpdateManyAsync( + filter : token => token.ApplicationId == applicationId, + update : Builders.Update.Set(token => token.Status, OpenIddictConstants.Statuses.Revoked), + options : null, + cancellationToken: cancellationToken)).MatchedCount; + } + + public virtual async ValueTask RevokeBySubjectAsync(string subject, CancellationToken cancellationToken) + { + return (await (await GetCollectionAsync(cancellationToken)).UpdateManyAsync( + filter : token => token.Subject == subject, + update : Builders.Update.Set(token => token.Status, OpenIddictConstants.Statuses.Revoked), + options : null, + cancellationToken: cancellationToken)).MatchedCount; + } } diff --git a/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationStore_Tests.cs b/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationStore_Tests.cs index 2fbd875713..3e2cf71b1d 100644 --- a/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationStore_Tests.cs +++ b/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationStore_Tests.cs @@ -13,13 +13,13 @@ public class AbpOpenIddictAuthorizationStore_Tests : OpenIddictDomainTestBase { private readonly IOpenIddictAuthorizationStore _authorizationStore; private readonly AbpOpenIddictTestData _testData; - + public AbpOpenIddictAuthorizationStore_Tests() { _authorizationStore = ServiceProvider.GetRequiredService>(); _testData = ServiceProvider.GetRequiredService(); } - + [Fact] public async Task CountAsync() { @@ -35,7 +35,7 @@ public class AbpOpenIddictAuthorizationStore_Tests : OpenIddictDomainTestBase Id = id, ApplicationId = _testData.App1Id, Status = "TestStatus3", - Subject = "TestSubject3", + Subject = _testData.Subject3, Type = OpenIddictConstants.AuthorizationTypes.Permanent }, CancellationToken.None); @@ -43,7 +43,7 @@ public class AbpOpenIddictAuthorizationStore_Tests : OpenIddictDomainTestBase authorization.ShouldNotBeNull(); authorization.Status.ShouldBe("TestStatus3"); - authorization.Subject.ShouldBe("TestSubject3"); + authorization.Subject.ShouldBe(_testData.Subject3); authorization.Type.ShouldBe(OpenIddictConstants.AuthorizationTypes.Permanent); } @@ -52,7 +52,7 @@ public class AbpOpenIddictAuthorizationStore_Tests : OpenIddictDomainTestBase { var authorization = await _authorizationStore.FindByIdAsync(_testData.Authorization1Id.ToString(), CancellationToken.None); await _authorizationStore.DeleteAsync(authorization, CancellationToken.None); - + authorization = await _authorizationStore.FindByIdAsync(_testData.Authorization1Id.ToString(), CancellationToken.None); authorization.ShouldBeNull(); } @@ -63,22 +63,22 @@ public class AbpOpenIddictAuthorizationStore_Tests : OpenIddictDomainTestBase var authorization = await _authorizationStore.FindByIdAsync(new Guid().ToString(), CancellationToken.None); authorization.ShouldBeNull(); } - + [Fact] public async Task FindByIdAsync_Should_Return_Authorization_If_Not_Found() { var authorization = await _authorizationStore.FindByIdAsync(_testData.Authorization1Id.ToString(), CancellationToken.None); authorization.ShouldNotBeNull(); authorization.Status.ShouldBe(OpenIddictConstants.Statuses.Valid); - authorization.Subject.ShouldBe("TestSubject1"); + authorization.Subject.ShouldBe(_testData.Subject1); authorization.Type.ShouldBe(OpenIddictConstants.AuthorizationTypes.Permanent); } - + [Fact] public async Task FindByApplicationIdAsync_Should_Return_Empty_If_Not_Found() { var authorizations = await _authorizationStore.FindByApplicationIdAsync(new Guid().ToString(), CancellationToken.None).ToListAsync(); - + authorizations.Count.ShouldBe(0); } @@ -86,24 +86,24 @@ public class AbpOpenIddictAuthorizationStore_Tests : OpenIddictDomainTestBase public async Task FindByApplicationIdAsync_Should_Return_Authorizations_If_Found() { var authorizations = await _authorizationStore.FindByApplicationIdAsync(_testData.App1Id.ToString(), CancellationToken.None).ToListAsync(); - - authorizations.Count.ShouldBe(1); + + authorizations.Count.ShouldBe(1); } - + [Fact] public async Task FindBySubjectAsync_Should_Return_Empty_If_Not_Found() { var authorizations = await _authorizationStore.FindBySubjectAsync(new Guid().ToString(), CancellationToken.None).ToListAsync(); - + authorizations.Count.ShouldBe(0); } [Fact] public async Task FindBySubjectAsync_Should_Return_Authorizations_If_Found() { - var authorizations = await _authorizationStore.FindBySubjectAsync("TestSubject1", CancellationToken.None).ToListAsync(); - - authorizations.Count.ShouldBe(1); + var authorizations = await _authorizationStore.FindBySubjectAsync(_testData.Subject1, CancellationToken.None).ToListAsync(); + + authorizations.Count.ShouldBe(1); } [Fact] @@ -117,9 +117,9 @@ public class AbpOpenIddictAuthorizationStore_Tests : OpenIddictDomainTestBase authorization.ApplicationId = _testData.App2Id; await _authorizationStore.UpdateAsync(authorization, CancellationToken.None); - + authorization = await _authorizationStore.FindByIdAsync(_testData.Authorization1Id.ToString(), CancellationToken.None); - + authorization.Status.ShouldBe("New status"); authorization.Subject.ShouldBe("New subject"); authorization.Type.ShouldBe(OpenIddictConstants.AuthorizationTypes.AdHoc); diff --git a/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenStore_Tests.cs b/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenStore_Tests.cs index feaa7b38a4..2b3ac233f3 100644 --- a/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenStore_Tests.cs +++ b/modules/openiddict/test/Volo.Abp.OpenIddict.Domain.Tests/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenStore_Tests.cs @@ -34,19 +34,19 @@ public class AbpOpenIddictTokenStore_Tests : OpenIddictDomainTestBase { ApplicationId = _testData.App1Id, Payload = "TestPayload3", - Subject = "TestSubject3", + Subject = _testData.Subject3, Type = "TestType3", Status = OpenIddictConstants.Statuses.Inactive, }, CancellationToken.None); - var tokens = await _tokenStore.FindBySubjectAsync("TestSubject3", CancellationToken.None).ToListAsync(); + var tokens = await _tokenStore.FindBySubjectAsync(_testData.Subject3, CancellationToken.None).ToListAsync(); tokens.Count.ShouldBe(1); var token = tokens.First(); token.ApplicationId.ShouldBe(_testData.App1Id); token.Payload.ShouldBe("TestPayload3"); - token.Subject.ShouldBe("TestSubject3"); + token.Subject.ShouldBe(_testData.Subject3); token.Type.ShouldBe("TestType3"); token.Status.ShouldBe(OpenIddictConstants.Statuses.Inactive); } @@ -73,7 +73,7 @@ public class AbpOpenIddictTokenStore_Tests : OpenIddictDomainTestBase [Fact] public async Task FindAsync_Should_Return_Tokens_If_Found() { - var tokens = await _tokenStore.FindAsync("TestSubject1", _testData.App1Id.ToString(),OpenIddictConstants.Statuses.Redeemed, "TestType1", CancellationToken.None).ToListAsync(); + var tokens = await _tokenStore.FindAsync(_testData.Subject1, _testData.App1Id.ToString(),OpenIddictConstants.Statuses.Redeemed, "TestType1", CancellationToken.None).ToListAsync(); tokens.Count.ShouldBe(1); } @@ -110,7 +110,7 @@ public class AbpOpenIddictTokenStore_Tests : OpenIddictDomainTestBase token.ShouldNotBeNull(); token.ApplicationId.ShouldBe(_testData.App1Id); token.Payload.ShouldBe("TestPayload1"); - token.Subject.ShouldBe("TestSubject1"); + token.Subject.ShouldBe(_testData.Subject1); token.Type.ShouldBe("TestType1"); token.Status.ShouldBe(OpenIddictConstants.Statuses.Redeemed); token.ExpirationDate.ShouldNotBeNull(); diff --git a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/AbpOpenIddictTestData.cs b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/AbpOpenIddictTestData.cs index f31208ed2f..3505a8d903 100644 --- a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/AbpOpenIddictTestData.cs +++ b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/AbpOpenIddictTestData.cs @@ -9,10 +9,13 @@ public class AbpOpenIddictTestData : ISingletonDependency public string App1ClientId { get; set; } = "Client1"; public Guid App2Id { get; set; } = Guid.NewGuid(); public string App2ClientId { get; set; } = "Client2"; - public Guid Scope1Id { get; set; } = Guid.NewGuid(); public string Scope1Name { get; set; } = "Scope1"; public Guid Scope2Id { get; set; } = Guid.NewGuid(); + public string Subject1 { get; set; } = "Subject1"; + public string Subject2 { get; set; } = "Subject2"; + public string Subject3 { get; set; } = "Subject3"; + public string Scope2Name { get; set; } = "Scope2"; public Guid Token1Id { get; set; } = Guid.NewGuid(); @@ -20,6 +23,6 @@ public class AbpOpenIddictTestData : ISingletonDependency public Guid Token2Id { get; set; } = Guid.NewGuid(); public Guid Authorization1Id { get; set; } = Guid.NewGuid(); - + public Guid Authorization2Id { get; set; } = Guid.NewGuid(); -} \ No newline at end of file +} diff --git a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictAuthorizationRepository_Tests.cs b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictAuthorizationRepository_Tests.cs index 529849ed66..e545854a06 100644 --- a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictAuthorizationRepository_Tests.cs +++ b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictAuthorizationRepository_Tests.cs @@ -24,12 +24,12 @@ public abstract class OpenIddictAuthorizationRepository_Tests : [Fact] public async Task FindAsync() { - (await _authorizationRepository.FindAsync(subject:"TestSubject1", client: new Guid())).Count.ShouldBe(0); - (await _authorizationRepository.FindAsync(subject:"TestSubject1", client: _testData.App1Id)).Count.ShouldBe(1); - (await _authorizationRepository.FindAsync(subject:"TestSubject1", client: _testData.App1Id, status: "NonExistsStatus")).Count.ShouldBe(0); - (await _authorizationRepository.FindAsync(subject:"TestSubject1", client: _testData.App1Id, status: OpenIddictConstants.Statuses.Valid)).Count.ShouldBe(1); - (await _authorizationRepository.FindAsync(subject:"TestSubject1", client: _testData.App1Id, status: OpenIddictConstants.Statuses.Valid ,type: "NonExistsType")).Count.ShouldBe(0); - (await _authorizationRepository.FindAsync(subject:"TestSubject1", client: _testData.App1Id, status: OpenIddictConstants.Statuses.Valid ,type: OpenIddictConstants.AuthorizationTypes.Permanent)).Count.ShouldBe(1); + (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: new Guid())).Count.ShouldBe(0); + (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id)).Count.ShouldBe(1); + (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id, status: "NonExistsStatus")).Count.ShouldBe(0); + (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id, status: OpenIddictConstants.Statuses.Valid)).Count.ShouldBe(1); + (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id, status: OpenIddictConstants.Statuses.Valid ,type: "NonExistsType")).Count.ShouldBe(0); + (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id, status: OpenIddictConstants.Statuses.Valid ,type: OpenIddictConstants.AuthorizationTypes.Permanent)).Count.ShouldBe(1); } [Fact] @@ -53,7 +53,7 @@ public abstract class OpenIddictAuthorizationRepository_Tests : [Fact] public async Task FindBySubjectAsync() { - (await _authorizationRepository.FindBySubjectAsync(subject:"TestSubject1")).Count.ShouldBe(1); + (await _authorizationRepository.FindBySubjectAsync(subject: _testData.Subject1)).Count.ShouldBe(1); } [Fact] @@ -70,4 +70,36 @@ public abstract class OpenIddictAuthorizationRepository_Tests : await _authorizationRepository.PruneAsync(DateTime.UtcNow - TimeSpan.FromDays(14)); (await _authorizationRepository.ListAsync(int.MaxValue, 0)).Count.ShouldBe(1); } + + [Fact] + public async Task RevokeByApplicationIdAsync() + { + var authorizations = await _authorizationRepository.FindByApplicationIdAsync(_testData.App1Id); + authorizations.Count.ShouldBe(1); + authorizations.First().ApplicationId.ShouldBe(_testData.App1Id); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Valid); + + (await _authorizationRepository.RevokeByApplicationIdAsync(_testData.App1Id)).ShouldBe(1); + + authorizations = await _authorizationRepository.FindByApplicationIdAsync(_testData.App1Id); + authorizations.Count.ShouldBe(1); + authorizations.First().ApplicationId.ShouldBe(_testData.App1Id); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Revoked); + } + + [Fact] + public async Task RevokeBySubjectAsync() + { + var authorizations = await _authorizationRepository.FindBySubjectAsync(_testData.Subject1); + authorizations.Count.ShouldBe(1); + authorizations.First().Subject.ShouldBe(_testData.Subject1); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Valid); + + (await _authorizationRepository.RevokeBySubjectAsync(_testData.Subject1)).ShouldBe(1); + + authorizations = await _authorizationRepository.FindBySubjectAsync(_testData.Subject1); + authorizations.Count.ShouldBe(1); + authorizations.First().Subject.ShouldBe(_testData.Subject1); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Revoked); + } } diff --git a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictDataSeedContributor.cs b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictDataSeedContributor.cs index df8a88a9d3..326568475e 100644 --- a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictDataSeedContributor.cs +++ b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictDataSeedContributor.cs @@ -109,10 +109,10 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep { OpenIddictConstants.Permissions.Endpoints.Authorization, OpenIddictConstants.Permissions.Endpoints.Token, - OpenIddictConstants.Permissions.Endpoints.Device, + OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization, OpenIddictConstants.Permissions.Endpoints.Introspection, OpenIddictConstants.Permissions.Endpoints.Revocation, - OpenIddictConstants.Permissions.Endpoints.Logout, + OpenIddictConstants.Permissions.Endpoints.EndSession, OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode, OpenIddictConstants.Permissions.GrantTypes.Implicit, @@ -159,10 +159,10 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep { OpenIddictConstants.Permissions.Endpoints.Authorization, OpenIddictConstants.Permissions.Endpoints.Token, - OpenIddictConstants.Permissions.Endpoints.Device, + OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization, OpenIddictConstants.Permissions.Endpoints.Introspection, OpenIddictConstants.Permissions.Endpoints.Revocation, - OpenIddictConstants.Permissions.Endpoints.Logout, + OpenIddictConstants.Permissions.Endpoints.EndSession, OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode, OpenIddictConstants.Permissions.GrantTypes.Implicit, @@ -207,7 +207,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep { ApplicationId = _testData.App1Id.ToString(), AuthorizationId = _testData.Authorization1Id.ToString(), - Subject = "TestSubject1", + Subject = _testData.Subject1, Type = "TestType1", Status = OpenIddictConstants.Statuses.Redeemed, Payload = "TestPayload1", @@ -220,7 +220,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep { ApplicationId = _testData.App2Id.ToString(), AuthorizationId = _testData.Authorization1Id.ToString(), - Subject = "TestSubject2", + Subject = _testData.Subject2, Type = "TestType2", Status = OpenIddictConstants.Statuses.Valid, Payload = "TestPayload2", @@ -241,7 +241,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep { ApplicationId = _testData.App1Id.ToString(), Status = OpenIddictConstants.Statuses.Valid, - Subject = "TestSubject1", + Subject = _testData.Subject1, Type = OpenIddictConstants.AuthorizationTypes.Permanent, CreationDate = _clock.Now })); @@ -250,7 +250,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep { ApplicationId = _testData.App2Id.ToString(), Status = OpenIddictConstants.Statuses.Inactive, - Subject = "TestSubject2", + Subject = _testData.Subject2, Type = OpenIddictConstants.AuthorizationTypes.AdHoc, CreationDate = _clock.Now.AddDays(-30) })); diff --git a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictTokenRepository_Tests.cs b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictTokenRepository_Tests.cs index fe351e4301..5525f082eb 100644 --- a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictTokenRepository_Tests.cs +++ b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictTokenRepository_Tests.cs @@ -1,4 +1,5 @@ using System; +using System.Linq; using System.Threading.Tasks; using OpenIddict.Abstractions; using Shouldly; @@ -61,12 +62,12 @@ public abstract class OpenIddictTokenRepository_Tests : OpenIddi [Fact] public async Task FindAsync() { - (await _tokenRepository.FindAsync("TestSubject1", new Guid())).Count.ShouldBe(0); - (await _tokenRepository.FindAsync("TestSubject1", _testData.App1Id)).Count.ShouldBe(1); - (await _tokenRepository.FindAsync("TestSubject1", _testData.App1Id, "NonExistsStatus")).Count.ShouldBe(0); - (await _tokenRepository.FindAsync("TestSubject1", _testData.App1Id, OpenIddictConstants.Statuses.Redeemed)).Count.ShouldBe(1); - (await _tokenRepository.FindAsync("TestSubject1", _testData.App1Id, OpenIddictConstants.Statuses.Redeemed, "NonExistsType")).Count.ShouldBe(0); - (await _tokenRepository.FindAsync("TestSubject1", _testData.App1Id, OpenIddictConstants.Statuses.Redeemed, "TestType1")).Count.ShouldBe(1); + (await _tokenRepository.FindAsync( _testData.Subject1, new Guid())).Count.ShouldBe(0); + (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id)).Count.ShouldBe(1); + (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id, "NonExistsStatus")).Count.ShouldBe(0); + (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id, OpenIddictConstants.Statuses.Redeemed)).Count.ShouldBe(1); + (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id, OpenIddictConstants.Statuses.Redeemed, "NonExistsType")).Count.ShouldBe(0); + (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id, OpenIddictConstants.Statuses.Redeemed, "TestType1")).Count.ShouldBe(1); } [Fact] @@ -103,7 +104,7 @@ public abstract class OpenIddictTokenRepository_Tests : OpenIddi [Fact] public async Task FindBySubjectAsync() { - (await _tokenRepository.FindBySubjectAsync("TestSubject1")).Count.ShouldBe(1); + (await _tokenRepository.FindBySubjectAsync( _testData.Subject1)).Count.ShouldBe(1); } [Fact] @@ -122,4 +123,36 @@ public abstract class OpenIddictTokenRepository_Tests : OpenIddi (await _tokenRepository.ListAsync(int.MaxValue, 0)).Count.ShouldBe(1); } + + [Fact] + public async Task RevokeByApplicationIdAsync() + { + var authorizations = await _tokenRepository.FindByApplicationIdAsync(_testData.App2Id); + authorizations.Count.ShouldBe(1); + authorizations.First().ApplicationId.ShouldBe(_testData.App2Id); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Valid); + + (await _tokenRepository.RevokeByApplicationIdAsync(_testData.App2Id)).ShouldBe(1); + + authorizations = await _tokenRepository.FindByApplicationIdAsync(_testData.App2Id); + authorizations.Count.ShouldBe(1); + authorizations.First().ApplicationId.ShouldBe(_testData.App2Id); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Revoked); + } + + [Fact] + public async Task RevokeBySubjectAsync() + { + var authorizations = await _tokenRepository.FindBySubjectAsync(_testData.Subject2); + authorizations.Count.ShouldBe(1); + authorizations.First().Subject.ShouldBe(_testData.Subject2); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Valid); + + (await _tokenRepository.RevokeBySubjectAsync(_testData.Subject2)).ShouldBe(1); + + authorizations = await _tokenRepository.FindBySubjectAsync(_testData.Subject2); + authorizations.Count.ShouldBe(1); + authorizations.First().Subject.ShouldBe(_testData.Subject2); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Revoked); + } } diff --git a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server.Mongo/Data/OpenIddictDataSeedContributor.cs b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server.Mongo/Data/OpenIddictDataSeedContributor.cs index 117aeeb123..8bbf2284f6 100644 --- a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server.Mongo/Data/OpenIddictDataSeedContributor.cs +++ b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server.Mongo/Data/OpenIddictDataSeedContributor.cs @@ -175,7 +175,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (!redirectUri.IsNullOrWhiteSpace() || !postLogoutRedirectUri.IsNullOrWhiteSpace()) { - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Logout); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.EndSession); } var buildInGrantTypes = new [] @@ -235,7 +235,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Device); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) diff --git a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server/Data/OpenIddictDataSeedContributor.cs b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server/Data/OpenIddictDataSeedContributor.cs index 117aeeb123..8bbf2284f6 100644 --- a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server/Data/OpenIddictDataSeedContributor.cs +++ b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server/Data/OpenIddictDataSeedContributor.cs @@ -175,7 +175,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (!redirectUri.IsNullOrWhiteSpace() || !postLogoutRedirectUri.IsNullOrWhiteSpace()) { - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Logout); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.EndSession); } var buildInGrantTypes = new [] @@ -235,7 +235,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Device); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) diff --git a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host.Mongo/Data/OpenIddictDataSeedContributor.cs b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host.Mongo/Data/OpenIddictDataSeedContributor.cs index 37ca7e6c12..39b651f211 100644 --- a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host.Mongo/Data/OpenIddictDataSeedContributor.cs +++ b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host.Mongo/Data/OpenIddictDataSeedContributor.cs @@ -174,7 +174,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (!redirectUri.IsNullOrWhiteSpace() || !postLogoutRedirectUri.IsNullOrWhiteSpace()) { - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Logout); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.EndSession); } var buildInGrantTypes = new [] @@ -234,7 +234,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Device); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) diff --git a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host/Data/OpenIddictDataSeedContributor.cs b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host/Data/OpenIddictDataSeedContributor.cs index 37ca7e6c12..39b651f211 100644 --- a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host/Data/OpenIddictDataSeedContributor.cs +++ b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host/Data/OpenIddictDataSeedContributor.cs @@ -174,7 +174,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (!redirectUri.IsNullOrWhiteSpace() || !postLogoutRedirectUri.IsNullOrWhiteSpace()) { - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Logout); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.EndSession); } var buildInGrantTypes = new [] @@ -234,7 +234,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Device); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) diff --git a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/OpenIddict/OpenIddictDataSeedContributor.cs b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/OpenIddict/OpenIddictDataSeedContributor.cs index f4aa9d708d..b65e024047 100644 --- a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/OpenIddict/OpenIddictDataSeedContributor.cs +++ b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/OpenIddict/OpenIddictDataSeedContributor.cs @@ -277,7 +277,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (!redirectUri.IsNullOrWhiteSpace() || !postLogoutRedirectUri.IsNullOrWhiteSpace()) { - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Logout); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.EndSession); } var buildInGrantTypes = new[] { @@ -334,7 +334,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Device); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) diff --git a/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.AuthServer/OpenIddict/OpenIddictDataSeedContributor.cs b/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.AuthServer/OpenIddict/OpenIddictDataSeedContributor.cs index 29b1751bee..5c4219e7ba 100644 --- a/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.AuthServer/OpenIddict/OpenIddictDataSeedContributor.cs +++ b/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.AuthServer/OpenIddict/OpenIddictDataSeedContributor.cs @@ -226,7 +226,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (!redirectUri.IsNullOrWhiteSpace() || !postLogoutRedirectUri.IsNullOrWhiteSpace()) { - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Logout); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.EndSession); } var buildInGrantTypes = new [] @@ -286,7 +286,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.Device); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) From 21b5446a119c3145b1fb57555e56ea61a3cdf7ec Mon Sep 17 00:00:00 2001 From: maliming Date: Sat, 5 Oct 2024 18:05:30 +0800 Subject: [PATCH 02/16] Create openiddict.pfx --- .../app/OpenIddict.Demo.Server/openiddict.pfx | Bin 0 -> 2383 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 modules/openiddict/app/OpenIddict.Demo.Server/openiddict.pfx diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/openiddict.pfx b/modules/openiddict/app/OpenIddict.Demo.Server/openiddict.pfx new file mode 100644 index 0000000000000000000000000000000000000000..8dc3bf177173105feba1893a9bb1cc6339293660 GIT binary patch literal 2383 zcmZXUcQhM{9>+r>5v8pXt#UP7TM>Jf8kYv4R_wiMw3Wt16IDWuw)Q2rYOiM%sgc-K z6sZxh1+Adyc-B?(%IiJnz5C8P?|07cpU>xffB*fy2m;icoehW}Kp|kLY{IRC10FUA zTM>ct5Jceo13}>2Mi4l({zq}hf(RUvKd{)36#<|7cZ!>fjlGBf`i>xgb`j!WuK(a4 z#|1zab>vrTUlV85vRA(3K4q`Qv9m*HAOdKx7*YM;Rii2Q@`Hhs7q!r0hC$pe$r9fB z5ul(s*uu#QvRC(3T~Io_Cei9K@4C!>*j3<+r?$}fDI(hD@H5`E!klxqbtn`V(q1Ci zGEfKn?Lcb6V^?jrTwZw3VvCU!%Q9{6=Q@rJkuYLc&Y;Nx$hCcMXK3DcgtPM3$4J(m z>;9;SR?Z8&OZTV?BlEO?IO7>^v+jP(!@USf$ScF;c|KQ7a2dKjtlumxDJ5ERv^JkAl0s-lpE5y51qvKV zItrJ0^?RsSr}HZYCcUIk+8?ZG7+Egd;_w6+gAwZ6rZ7Td!}P}ZX$`-eYGX96h6?%! z@pzTq+0H=K6OB&aw?J+xPudFY;hyEa>Zv_A9HVotWb_NSa=x@znykYYiMSr^tW0Fr^$H0^#tD`*LFrRa)7F+g1U4 zDaj6~0~JPp|6ApnG8Ip8p^D8Fq%dw1zdHj^%pIbPeN%IT#%Z7`V*-PZI+ueJ-K@51 z`8SS<>xzkVy|Qua z><9jh69{**=1(OUO2?%s0S!iZ`1Iv0l*3_KutC%v603KoMGSbLH%8uoHNbkCk3Jsu zMgdV=txxRjD{wHY@sxhsvYTn>1i+gbq`WO+=g}>l+qnxF6<_6#vy!^ga?Y81HzF1e zRw*Lk8bRA7ebo(k_^#FI!Mn4ssX7n?bvd4j>=(5r`MAljH;z)Sew;GO-r@xQ$Gr?^ z?nG75i~vmch=L7ww8cs6YsW|l;sy?zuKlb?YviQU-D+u_lYDx^4l|SHE&q8#e}Kb3 zZnR|NqJ2%I!)BF0utH#@rElpNAy}dy&!o}+&7)N;d3E0}S9$(P9$TE~D{z0&ON%)u zg|*=%E%GhUuR<%B61^0Q`gmmSI5n5o6stUiaTNT3x^55U)c0FNGo9!Ysz$Rzo;gY| z1mE8+356+vK_I}7K@foTe`5%^hyX15f%4ed{xaGBHEjRin8hKAO{_2P)>fxoJtE_! z7=JZp3<2l~E3S-@*A@Qh%9exPkg&Pr)Fpo&Wo+}eJ-A|@O~QJ`!@2<*H4!y|QQVY} z)NPTw9hCgg)A+DNv)HnR_&~L$@bQE{^C2u&x(hK>(WH`eX>p)Goxcgcs!C3h7VN(4 zZpz)Vv->0&O_2*h+-m!M&*McuS}eD1Mt-Ps#-mq!l6(P+SAEYMp@4df$$nK=JEr65 zrkZP02`!UXrVg=crhA~k@l>zd-tUVWqdU5(0bqKyV3Ln^@H6|mQ*@tt-}0_?2(~e) zYhA(lESqo3!U@dH0X@~EeXu1s zdB^#inCxQvZ%Mk5R?^PpMe0Ln%gfG6AqQXY&990bXgP7paPtiRad6^DdRcs3 z4!z_`OBKI$MetDLL49DKrBizW_cgebD=Dkj^P!E5_)EF^e7gO^`x+5M0UNZ)+1;f< zis+3jS#~96_b_#HeD*g+*U2JojV3!${#ib)&4vqQSJ9OgSVu-qoBDk56yq^NL^IG- zH~z{gWYyf=$Im@oxO_4(a$D&#rK4C5SWk-PcvQ{(dX!i@p1FsVi!88Su$~ZPR#GzBzn_FK%bP9r5H|dSU;&R{YvK;4%KQRR)@mDr8Cb zdzxK?T;_BY4KbpE)DSLd+)XkrThHrAX{V zgfnw!%S%-@X~+w&6~wmy@#%4D`qvwu&4|0%&D+fC(4G9)d`-AsvNMr_)GJSR$5PD% zR+BYYy?91k%#6-(d^oY0o?i1%nmmF;=pe2kAYcx;^Fa2iAbx~~ uAd6uooQ@X37XsZq2-}X!BoIG+&<2{#ft~2dFFa?fk}5iHaxD7SgZ>L2N`IXI literal 0 HcmV?d00001 From 4e93d0b8ad51865f223bafd1b995bf99e8030dd5 Mon Sep 17 00:00:00 2001 From: maliming Date: Thu, 10 Oct 2024 16:28:40 +0800 Subject: [PATCH 03/16] Update Directory.Packages.props --- Directory.Packages.props | 3 --- 1 file changed, 3 deletions(-) diff --git a/Directory.Packages.props b/Directory.Packages.props index fab1ffdf5f..b0fc168504 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -119,9 +119,6 @@ - - - From 2624a4b3b48428a8ff993ae13fb373471e285e17 Mon Sep 17 00:00:00 2001 From: maliming Date: Fri, 1 Nov 2024 15:50:58 +0800 Subject: [PATCH 04/16] Upgrade OpenIddict to `6.0.0-preview1.24504.78` --- Directory.Packages.props | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Directory.Packages.props b/Directory.Packages.props index b0fc168504..8ee873c851 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -120,11 +120,11 @@ - - - - - + + + + + From 5b9296c1d61998e2986a815d90086d39b219ec86 Mon Sep 17 00:00:00 2001 From: maliming Date: Mon, 4 Nov 2024 16:39:56 +0800 Subject: [PATCH 05/16] Upgrade to `OpenIddict 6.0.0-preview3`. --- Directory.Packages.props | 10 +-- .../Controllers/AuthorizeController.cs | 12 +-- .../AbpOpenIddictAuthorizationCache.cs | 78 +------------------ .../AbpOpenIddictAuthorizationStore.cs | 62 ++++----------- .../IOpenIddictAuthorizationRepository.cs | 8 +- .../Tokens/AbpOpenIddictTokenCache.cs | 52 ------------- .../Tokens/AbpOpenIddictTokenStore.cs | 45 ++++------- .../Tokens/IOpenIddictTokenRepository.cs | 8 +- ...EfCoreOpenIddictAuthorizationRepository.cs | 33 ++++---- .../Tokens/EfCoreOpenIddictTokenRepository.cs | 31 +++++--- .../MongoOpenIddictAuthorizationRepository.cs | 54 +++++++++---- .../Scopes/MongoOpenIddictScopeRepository.cs | 19 +++-- .../Tokens/MongoOpenIddictTokenRepository.cs | 65 +++++++++++----- ...OpenIddictAuthorizationRepository_Tests.cs | 37 ++++++++- .../OpenIddictTokenRepository_Tests.cs | 8 +- 15 files changed, 218 insertions(+), 304 deletions(-) diff --git a/Directory.Packages.props b/Directory.Packages.props index 3dfacb659c..47cf466252 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -120,11 +120,11 @@ - - - - - + + + + + diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs index 27f266b7ea..f61d6fde45 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs @@ -30,11 +30,11 @@ public class AuthorizeController : AbpOpenIdDictControllerBase // If prompt=login was specified by the client application, // immediately return the user agent to the login page. - if (request.HasPrompt(OpenIddictConstants.PromptValues.Login)) + if (request.HasPromptValue(OpenIddictConstants.PromptValues.Login)) { // To avoid endless login -> authorization redirects, the prompt=login flag // is removed from the authorization request payload before redirecting the user. - var prompt = string.Join(" ", request.GetPrompts().Remove(OpenIddictConstants.PromptValues.Login)); + var prompt = string.Join(" ", request.GetPromptValues().Remove(OpenIddictConstants.PromptValues.Login)); var parameters = Request.HasFormContentType ? Request.Form.Where(parameter => parameter.Key != OpenIddictConstants.Parameters.Prompt).ToList() : @@ -59,7 +59,7 @@ public class AuthorizeController : AbpOpenIdDictControllerBase { // If the client application requested promptless authentication, // return an error indicating that the user is not logged in. - if (request.HasPrompt(OpenIddictConstants.PromptValues.None)) + if (request.HasPromptValue(OpenIddictConstants.PromptValues.None)) { return Forbid( authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, @@ -137,7 +137,7 @@ public class AuthorizeController : AbpOpenIdDictControllerBase // return an authorization response without displaying the consent form. case OpenIddictConstants.ConsentTypes.Implicit: case OpenIddictConstants.ConsentTypes.External when authorizations.Any(): - case OpenIddictConstants.ConsentTypes.Explicit when authorizations.Any() && !request.HasPrompt(OpenIddictConstants.PromptValues.Consent): + case OpenIddictConstants.ConsentTypes.Explicit when authorizations.Any() && !request.HasPromptValue(OpenIddictConstants.PromptValues.Consent): var principal = await SignInManager.CreateUserPrincipalAsync(user); if (result.Properties != null && result.Properties.IsPersistent) @@ -173,8 +173,8 @@ public class AuthorizeController : AbpOpenIdDictControllerBase // At this point, no authorization was found in the database and an error must be returned // if the client application specified prompt=none in the authorization request. - case OpenIddictConstants.ConsentTypes.Explicit when request.HasPrompt(OpenIddictConstants.PromptValues.None): - case OpenIddictConstants.ConsentTypes.Systematic when request.HasPrompt(OpenIddictConstants.PromptValues.None): + case OpenIddictConstants.ConsentTypes.Explicit when request.HasPromptValue(OpenIddictConstants.PromptValues.None): + case OpenIddictConstants.ConsentTypes.Systematic when request.HasPromptValue(OpenIddictConstants.PromptValues.None): return Forbid( authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, properties: new AuthenticationProperties(new Dictionary diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationCache.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationCache.cs index 5149d26c75..ca9d8931db 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationCache.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/AbpOpenIddictAuthorizationCache.cs @@ -30,82 +30,8 @@ public class AbpOpenIddictAuthorizationCache : AbpOpenIddictCacheBase FindAsync(string subject, string client, [EnumeratorCancellation] CancellationToken cancellationToken) + public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, string type, ImmutableArray? scopes, [EnumeratorCancellation] CancellationToken cancellationToken) { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - - var authorizations = await ArrayCache.GetOrAddAsync($"{nameof(FindAsync)}_{subject}_{client}", async () => - { - var applications = new List(); - await foreach (var authorization in Store.FindAsync(subject, client, cancellationToken)) - { - applications.Add(authorization); - await AddAsync(authorization, cancellationToken); - } - return applications.ToArray(); - }, token: cancellationToken); - - foreach (var authorization in authorizations) - { - yield return authorization; - } - } - - public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, [EnumeratorCancellation] CancellationToken cancellationToken) - { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - Check.NotNullOrEmpty(status, nameof(status)); - - var authorizations = await ArrayCache.GetOrAddAsync($"{nameof(FindAsync)}_{subject}_{client}_{status}", async () => - { - var applications = new List(); - await foreach (var authorization in Store.FindAsync(subject, client, status, cancellationToken)) - { - applications.Add(authorization); - await AddAsync(authorization, cancellationToken); - } - return applications.ToArray(); - }, token: cancellationToken); - - foreach (var authorization in authorizations) - { - yield return authorization; - } - } - - public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, string type, [EnumeratorCancellation] CancellationToken cancellationToken) - { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - Check.NotNullOrEmpty(status, nameof(status)); - Check.NotNullOrEmpty(type, nameof(type)); - - var authorizations = await ArrayCache.GetOrAddAsync($"{nameof(FindAsync)}_{subject}_{client}_{status}_{type}", async () => - { - var applications = new List(); - await foreach (var authorization in Store.FindAsync(subject, client, status, type, cancellationToken)) - { - applications.Add(authorization); - await AddAsync(authorization, cancellationToken); - } - return applications.ToArray(); - }, token: cancellationToken); - - foreach (var authorization in authorizations) - { - yield return authorization; - } - } - - public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, string type, ImmutableArray scopes, [EnumeratorCancellation] CancellationToken cancellationToken) - { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - Check.NotNullOrEmpty(status, nameof(status)); - Check.NotNullOrEmpty(type, nameof(type)); - // Note: this method is only partially cached. await foreach (var authorization in Store.FindAsync(subject, client, status, type, scopes, cancellationToken)) { @@ -170,8 +96,6 @@ public class AbpOpenIddictAuthorizationCache : AbpOpenIddictCacheBase FindAsync(string subject, string client, [EnumeratorCancellation] CancellationToken cancellationToken) + public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, string type, ImmutableArray? scopes, [EnumeratorCancellation] CancellationToken cancellationToken) { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - - var authorizations = await Repository.FindAsync(subject, ConvertIdentifierFromString(client), cancellationToken); - foreach (var authorization in authorizations) - { - yield return authorization.ToModel(); - } - } - - public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, [EnumeratorCancellation] CancellationToken cancellationToken) - { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - Check.NotNullOrEmpty(status, nameof(status)); - - var authorizations = await Repository.FindAsync(subject, ConvertIdentifierFromString(client), status, cancellationToken); - foreach (var authorization in authorizations) - { - yield return authorization.ToModel(); - } - } - - public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, string type, [EnumeratorCancellation] CancellationToken cancellationToken) - { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - Check.NotNullOrEmpty(status, nameof(status)); - Check.NotNullOrEmpty(type, nameof(type)); - - var authorizations = await Repository.FindAsync(subject, ConvertIdentifierFromString(client), status, type, cancellationToken); - foreach (var authorization in authorizations) + Guid? identifier = null; + if (!string.IsNullOrEmpty(client)) { - yield return authorization.ToModel(); + identifier = ConvertIdentifierFromString(client); } - } - - public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, string type, ImmutableArray scopes, [EnumeratorCancellation] CancellationToken cancellationToken) - { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - Check.NotNullOrEmpty(status, nameof(status)); - Check.NotNullOrEmpty(type, nameof(type)); - var authorizations = await Repository.FindAsync(subject, ConvertIdentifierFromString(client), status, type, cancellationToken); + var authorizations = await Repository.FindAsync(subject, identifier, status, type, cancellationToken); foreach (var authorization in authorizations) { - if (new HashSet(await GetScopesAsync(authorization.ToModel(), cancellationToken), StringComparer.Ordinal).IsSupersetOf(scopes)) + if (new HashSet(await GetScopesAsync(authorization.ToModel(), cancellationToken), StringComparer.Ordinal).IsSupersetOf(scopes!)) { yield return authorization.ToModel(); } @@ -300,6 +262,17 @@ public class AbpOpenIddictAuthorizationStore : AbpOpenIddictStoreBase RevokeAsync(string subject, string client, string status, string type, CancellationToken cancellationToken) + { + Guid? identifier = null; + if (!string.IsNullOrEmpty(client)) + { + identifier = ConvertIdentifierFromString(client); + } + + return await Repository.RevokeAsync(subject, identifier, status, type, cancellationToken); + } + public virtual async ValueTask RevokeByApplicationIdAsync(string identifier, CancellationToken cancellationToken) { Check.NotNullOrEmpty(identifier, nameof(identifier)); @@ -309,7 +282,6 @@ public class AbpOpenIddictAuthorizationStore : AbpOpenIddictStoreBase public virtual async ValueTask RevokeBySubjectAsync(string subject, CancellationToken cancellationToken) { Check.NotNullOrEmpty(subject, nameof(subject)); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/IOpenIddictAuthorizationRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/IOpenIddictAuthorizationRepository.cs index ea5b943426..632339687a 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/IOpenIddictAuthorizationRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Authorizations/IOpenIddictAuthorizationRepository.cs @@ -8,11 +8,7 @@ namespace Volo.Abp.OpenIddict.Authorizations; public interface IOpenIddictAuthorizationRepository : IBasicRepository { - Task> FindAsync(string subject, Guid client, CancellationToken cancellationToken = default); - - Task> FindAsync(string subject, Guid client, string status, CancellationToken cancellationToken = default); - - Task> FindAsync(string subject, Guid client, string status, string type, CancellationToken cancellationToken = default); + Task> FindAsync(string subject, Guid? client, string status, string type, CancellationToken cancellationToken = default); Task> FindByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default); @@ -24,6 +20,8 @@ public interface IOpenIddictAuthorizationRepository : IBasicRepository PruneAsync(DateTime date, CancellationToken cancellationToken = default); + ValueTask RevokeAsync(string subject, Guid? applicationId, string status, string type, CancellationToken cancellationToken = default); + ValueTask RevokeByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default); ValueTask RevokeBySubjectAsync(string subject, CancellationToken cancellationToken = default); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenCache.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenCache.cs index 1ec1743ae6..614a8d8ce9 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenCache.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/AbpOpenIddictTokenCache.cs @@ -30,58 +30,8 @@ public class AbpOpenIddictTokenCache : AbpOpenIddictCacheBase FindAsync(string subject, string client, [EnumeratorCancellation] CancellationToken cancellationToken) - { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - - var tokens = await ArrayCache.GetOrAddAsync($"{nameof(FindAsync)}_{subject}_{client}", async () => - { - var tokens = new List(); - await foreach (var token in Store.FindAsync(subject, client, cancellationToken)) - { - tokens.Add(token); - await AddAsync(token, cancellationToken); - } - return tokens.ToArray(); - }, token: cancellationToken); - - foreach (var token in tokens) - { - yield return token; - } - } - - public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, [EnumeratorCancellation] CancellationToken cancellationToken) - { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - Check.NotNullOrEmpty(status, nameof(status)); - - var tokens = await ArrayCache.GetOrAddAsync($"{nameof(FindAsync)}_{subject}_{client}_{status}", async () => - { - var tokens = new List(); - await foreach (var token in Store.FindAsync(subject, client, status, cancellationToken)) - { - tokens.Add(token); - await AddAsync(token, cancellationToken); - } - return tokens.ToArray(); - }, token: cancellationToken); - - foreach (var token in tokens) - { - yield return token; - } - } - public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, string type, [EnumeratorCancellation] CancellationToken cancellationToken) { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - Check.NotNullOrEmpty(status, nameof(status)); - Check.NotNullOrEmpty(type, nameof(type)); - var tokens = await ArrayCache.GetOrAddAsync($"{nameof(FindAsync)}_{subject}_{client}_{status}_{type}", async () => { var tokens = new List(); @@ -196,8 +146,6 @@ public class AbpOpenIddictTokenCache : AbpOpenIddictCacheBase FindAsync(string subject, string client, [EnumeratorCancellation] CancellationToken cancellationToken) + public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, string type, [EnumeratorCancellation] CancellationToken cancellationToken) { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - - var tokens = await Repository.FindAsync(subject, ConvertIdentifierFromString(client), cancellationToken); - foreach (var token in tokens) + Guid? identifier = null; + if (!string.IsNullOrEmpty(client)) { - yield return token.ToModel(); + identifier = ConvertIdentifierFromString(client); } - } - public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, [EnumeratorCancellation] CancellationToken cancellationToken) - { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - Check.NotNullOrEmpty(status, nameof(status)); - - var tokens = await Repository.FindAsync(subject, ConvertIdentifierFromString(client), status, cancellationToken); - foreach (var token in tokens) - { - yield return token.ToModel(); - } - } - - public virtual async IAsyncEnumerable FindAsync(string subject, string client, string status, string type, [EnumeratorCancellation] CancellationToken cancellationToken) - { - Check.NotNullOrEmpty(subject, nameof(subject)); - Check.NotNullOrEmpty(client, nameof(client)); - Check.NotNullOrEmpty(status, nameof(status)); - Check.NotNullOrEmpty(type, nameof(type)); - - var tokens = await Repository.FindAsync(subject, ConvertIdentifierFromString(client), status, type, cancellationToken); + var tokens = await Repository.FindAsync(subject, identifier, status, type, cancellationToken); foreach (var token in tokens) { yield return token.ToModel(); @@ -320,6 +296,17 @@ public class AbpOpenIddictTokenStore : AbpOpenIddictStoreBase RevokeAsync(string subject, string client, string status, string type, CancellationToken cancellationToken) + { + Guid? identifier = null; + if (!string.IsNullOrEmpty(client)) + { + identifier = ConvertIdentifierFromString(client); + } + + return await Repository.RevokeAsync(subject, identifier, status, type, cancellationToken); + } + public virtual async ValueTask RevokeByApplicationIdAsync(string identifier, CancellationToken cancellationToken) { Check.NotNullOrEmpty(identifier, nameof(identifier)); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/IOpenIddictTokenRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/IOpenIddictTokenRepository.cs index b17ab2eb19..3f7305b26d 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/IOpenIddictTokenRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/IOpenIddictTokenRepository.cs @@ -14,11 +14,7 @@ public interface IOpenIddictTokenRepository : IBasicRepository> FindAsync(string subject, Guid client, CancellationToken cancellationToken = default); - - Task> FindAsync(string subject, Guid client, string status, CancellationToken cancellationToken = default); - - Task> FindAsync(string subject, Guid client, string status, string type, CancellationToken cancellationToken = default); + Task> FindAsync(string subject, Guid? client, string status, string type, CancellationToken cancellationToken = default); Task> FindByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default); @@ -34,6 +30,8 @@ public interface IOpenIddictTokenRepository : IBasicRepository PruneAsync(DateTime date, CancellationToken cancellationToken = default); + ValueTask RevokeAsync(string subject, Guid? applicationId, string status, string type, CancellationToken cancellationToken = default); + ValueTask RevokeByAuthorizationIdAsync(Guid id, CancellationToken cancellationToken = default); ValueTask RevokeByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Authorizations/EfCoreOpenIddictAuthorizationRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Authorizations/EfCoreOpenIddictAuthorizationRepository.cs index d6ecad1bc4..49d3291100 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Authorizations/EfCoreOpenIddictAuthorizationRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Authorizations/EfCoreOpenIddictAuthorizationRepository.cs @@ -20,24 +20,13 @@ public class EfCoreOpenIddictAuthorizationRepository : EfCoreRepository> FindAsync(string subject, Guid client, CancellationToken cancellationToken = default) + public virtual async Task> FindAsync(string subject, Guid? client, string status, string type, CancellationToken cancellationToken = default) { return await (await GetDbSetAsync()) - .Where(x => x.Subject == subject && x.ApplicationId == client) - .ToListAsync(GetCancellationToken(cancellationToken)); - } - - public virtual async Task> FindAsync(string subject, Guid client, string status, CancellationToken cancellationToken = default) - { - return await (await GetDbSetAsync()) - .Where(x => x.Subject == subject && x.Status == status && x.ApplicationId == client) - .ToListAsync(GetCancellationToken(cancellationToken)); - } - - public virtual async Task> FindAsync(string subject, Guid client, string status, string type, CancellationToken cancellationToken = default) - { - return await (await GetDbSetAsync()) - .Where(x => x.Subject == subject && x.Status == status && x.Type == type && x.ApplicationId == client) + .WhereIf(!subject.IsNullOrWhiteSpace(), x => x.Subject == subject) + .WhereIf(client.HasValue, x => x.ApplicationId == client) + .WhereIf(!status.IsNullOrWhiteSpace(), x => x.Status == status) + .WhereIf(!type.IsNullOrWhiteSpace(), x => x.Type == type) .ToListAsync(GetCancellationToken(cancellationToken)); } @@ -99,6 +88,18 @@ public class EfCoreOpenIddictAuthorizationRepository : EfCoreRepository authorizations.Contains(x.Id)).ExecuteDeleteAsync(cancellationToken); } + public virtual async ValueTask RevokeAsync(string subject, Guid? applicationId, string status, string type, CancellationToken cancellationToken = default) + { + var query = (await GetQueryableAsync()) + .WhereIf(!subject.IsNullOrWhiteSpace(), x => x.Subject == subject) + .WhereIf(applicationId.HasValue, x => x.ApplicationId == applicationId) + .WhereIf(!status.IsNullOrWhiteSpace(), x => x.Status == status) + .WhereIf(!type.IsNullOrWhiteSpace(), x => x.Type == type); + + return await query.ExecuteUpdateAsync(entity => entity.SetProperty( + authorization => authorization.Status, OpenIddictConstants.Statuses.Revoked), cancellationToken); + } + public virtual async ValueTask RevokeByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default) { return await (from authorization in await GetQueryableAsync() diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Tokens/EfCoreOpenIddictTokenRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Tokens/EfCoreOpenIddictTokenRepository.cs index 4c99be15ce..a4bb381d95 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Tokens/EfCoreOpenIddictTokenRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.EntityFrameworkCore/Volo/Abp/OpenIddict/Tokens/EfCoreOpenIddictTokenRepository.cs @@ -47,19 +47,14 @@ public class EfCoreOpenIddictTokenRepository : EfCoreRepository> FindAsync(string subject, Guid client, CancellationToken cancellationToken = default) + public virtual async Task> FindAsync(string subject, Guid? client, string status, string type, CancellationToken cancellationToken = default) { - return await (await GetQueryableAsync()).Where(x => x.Subject == subject && x.ApplicationId == client).ToListAsync(GetCancellationToken(cancellationToken)); - } - - public virtual async Task> FindAsync(string subject, Guid client, string status, CancellationToken cancellationToken = default) - { - return await (await GetQueryableAsync()).Where(x => x.Subject == subject && x.ApplicationId == client && x.Status == status).ToListAsync(GetCancellationToken(cancellationToken)); - } - - public virtual async Task> FindAsync(string subject, Guid client, string status, string type, CancellationToken cancellationToken = default) - { - return await (await GetQueryableAsync()).Where(x => x.Subject == subject && x.ApplicationId == client && x.Status == status && x.Type == type).ToListAsync(GetCancellationToken(cancellationToken)); + return await (await GetQueryableAsync()) + .WhereIf(!subject.IsNullOrWhiteSpace(), x => x.Subject == subject) + .WhereIf(client.HasValue, x => x.ApplicationId == client) + .WhereIf(!status.IsNullOrWhiteSpace(), x => x.Status == status) + .WhereIf(!type.IsNullOrWhiteSpace(), x => x.Type == type) + .ToListAsync(GetCancellationToken(cancellationToken)); } public virtual async Task> FindByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default) @@ -110,6 +105,18 @@ public class EfCoreOpenIddictTokenRepository : EfCoreRepository RevokeAsync(string subject, Guid? applicationId, string status, string type, CancellationToken cancellationToken = default) + { + var query = (await GetQueryableAsync()) + .WhereIf(!subject.IsNullOrWhiteSpace(), x => x.Subject == subject) + .WhereIf(applicationId.HasValue, x => x.ApplicationId == applicationId) + .WhereIf(!status.IsNullOrWhiteSpace(), x => x.Status == status) + .WhereIf(!type.IsNullOrWhiteSpace(), x => x.Type == type); + + return await query.ExecuteUpdateAsync(entity => entity.SetProperty( + authorization => authorization.Status, OpenIddictConstants.Statuses.Revoked), cancellationToken); + } + public virtual async ValueTask RevokeByAuthorizationIdAsync(Guid id, CancellationToken cancellationToken) { return await (from token in await GetQueryableAsync() where token.AuthorizationId == id select token) diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Authorizations/MongoOpenIddictAuthorizationRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Authorizations/MongoOpenIddictAuthorizationRepository.cs index e76e59c1b0..f4bd5f4817 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Authorizations/MongoOpenIddictAuthorizationRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Authorizations/MongoOpenIddictAuthorizationRepository.cs @@ -4,6 +4,7 @@ using System.Linq; using System.Linq.Dynamic.Core; using System.Threading; using System.Threading.Tasks; +using MongoDB.Bson; using MongoDB.Driver; using MongoDB.Driver.Linq; using OpenIddict.Abstractions; @@ -26,24 +27,14 @@ public class MongoOpenIddictAuthorizationRepository : MongoDbRepository> FindAsync(string subject, Guid client, CancellationToken cancellationToken = default) + public virtual async Task> FindAsync(string subject, Guid? client, string status, string type, CancellationToken cancellationToken = default) { return await (await GetMongoQueryableAsync(cancellationToken)) - .Where(x => x.Subject == subject && x.ApplicationId == client) - .ToListAsync(GetCancellationToken(cancellationToken)); - } - - public virtual async Task> FindAsync(string subject, Guid client, string status, CancellationToken cancellationToken = default) - { - return await (await GetMongoQueryableAsync(cancellationToken)) - .Where(x => x.Subject == subject && x.Status == status && x.ApplicationId == client) - .ToListAsync(GetCancellationToken(cancellationToken)); - } - - public virtual async Task> FindAsync(string subject, Guid client, string status, string type, CancellationToken cancellationToken = default) - { - return await (await GetMongoQueryableAsync(cancellationToken)) - .Where(x => x.Subject == subject && x.Status == status && x.Type == type && x.ApplicationId == client) + .WhereIf(!subject.IsNullOrWhiteSpace(), x => x.Subject == subject) + .WhereIf(client.HasValue, x => x.ApplicationId == client) + .WhereIf(!status.IsNullOrWhiteSpace(), x => x.Status == status) + .WhereIf(!type.IsNullOrWhiteSpace(), x => x.Type == type) + .As>() .ToListAsync(GetCancellationToken(cancellationToken)); } @@ -110,6 +101,37 @@ public class MongoOpenIddictAuthorizationRepository : MongoDbRepository RevokeAsync(string subject, Guid? applicationId, string status, string type, CancellationToken cancellationToken = default) + { + var filter = Builders.Filter.Empty; + + if (!string.IsNullOrEmpty(subject)) + { + filter &= Builders.Filter.Where(authorization => authorization.Subject == subject); + } + + if (applicationId.HasValue) + { + filter &= Builders.Filter.Where(authorization => authorization.ApplicationId == applicationId); + } + + if (!string.IsNullOrEmpty(status)) + { + filter &= Builders.Filter.Where(authorization => authorization.Status == status); + } + + if (!string.IsNullOrEmpty(type)) + { + filter &= Builders.Filter.Where(authorization => authorization.Type == type); + } + + return (await (await GetCollectionAsync(cancellationToken)).UpdateManyAsync( + filter : filter, + update : Builders.Update.Set(authorization => authorization.Status, OpenIddictConstants.Statuses.Revoked), + options : null, + cancellationToken: cancellationToken)).MatchedCount; + } + public virtual async ValueTask RevokeByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default) { return (await (await GetCollectionAsync(cancellationToken)).UpdateManyAsync( diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Scopes/MongoOpenIddictScopeRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Scopes/MongoOpenIddictScopeRepository.cs index af42fbb4b6..4813695e02 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Scopes/MongoOpenIddictScopeRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Scopes/MongoOpenIddictScopeRepository.cs @@ -17,12 +17,12 @@ public class MongoOpenIddictScopeRepository : MongoDbRepository dbContextProvider) : base(dbContextProvider) { } - + public virtual async Task> GetListAsync(string sorting, int skipCount, int maxResultCount, string filter = null, CancellationToken cancellationToken = default) { return await (await GetMongoQueryableAsync(cancellationToken)) - .WhereIf(!filter.IsNullOrWhiteSpace(), x => + .WhereIf(!filter.IsNullOrWhiteSpace(), x => x.Name.Contains(filter) || x.DisplayName.Contains(filter) || x.Description.Contains(filter)) @@ -35,7 +35,7 @@ public class MongoOpenIddictScopeRepository : MongoDbRepository GetCountAsync(string filter = null, CancellationToken cancellationToken = default) { return await (await GetMongoQueryableAsync(cancellationToken)) - .WhereIf(!filter.IsNullOrWhiteSpace(), x => + .WhereIf(!filter.IsNullOrWhiteSpace(), x => x.Name.Contains(filter) || x.DisplayName.Contains(filter) || x.Description.Contains(filter)) @@ -55,21 +55,24 @@ public class MongoOpenIddictScopeRepository : MongoDbRepository> FindByNamesAsync(string[] names, CancellationToken cancellationToken = default) { - return await Queryable.Where((await GetMongoQueryableAsync(cancellationToken)), x => names.Contains(x.Name)) + return await (await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))) + .Where(x => names.Contains(x.Name)) .As>() - .ToListAsync(cancellationToken: GetCancellationToken(cancellationToken)); + .ToListAsync(GetCancellationToken(cancellationToken)); } public virtual async Task> FindByResourceAsync(string resource, CancellationToken cancellationToken = default) { - return await Queryable.Where((await GetMongoQueryableAsync(cancellationToken)), x => x.Resources.Contains(resource)) + return await (await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))) + .Where(x => x.Resources.Contains(resource)) .As>() - .ToListAsync(cancellationToken: GetCancellationToken(cancellationToken)); + .ToListAsync(GetCancellationToken(cancellationToken)); } public virtual async Task> ListAsync(int? count, int? offset, CancellationToken cancellationToken = default) { - return await Queryable.OrderBy((await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))), x => x.Id) + return await (await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))) + .OrderBy(x => x.Id) .SkipIf>(offset.HasValue, offset) .TakeIf>(count.HasValue, count) .As>() diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Tokens/MongoOpenIddictTokenRepository.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Tokens/MongoOpenIddictTokenRepository.cs index 548a1c6638..175b137515 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Tokens/MongoOpenIddictTokenRepository.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.MongoDB/Volo/Abp/OpenIddict/Tokens/MongoOpenIddictTokenRepository.cs @@ -47,37 +47,29 @@ public class MongoOpenIddictTokenRepository : MongoDbRepository> FindAsync(string subject, Guid client, CancellationToken cancellationToken = default) + public virtual async Task> FindAsync(string subject, Guid? client, string status, string type, CancellationToken cancellationToken = default) { - return await Queryable.Where((await GetMongoQueryableAsync(cancellationToken)), x => x.Subject == subject && x.ApplicationId == client) - .As>() - .ToListAsync(GetCancellationToken(cancellationToken)); - } - - public virtual async Task> FindAsync(string subject, Guid client, string status, CancellationToken cancellationToken = default) - { - return await Queryable.Where((await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))), x => x.Subject == subject && x.ApplicationId == client && x.Status == status) - .As>() - .ToListAsync(GetCancellationToken(cancellationToken)); - } - - public virtual async Task> FindAsync(string subject, Guid client, string status, string type, CancellationToken cancellationToken = default) - { - return await Queryable.Where((await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))), x => x.Subject == subject && x.ApplicationId == client && x.Status == status && x.Type == type) + return await (await GetMongoQueryableAsync(cancellationToken)) + .WhereIf(!subject.IsNullOrWhiteSpace(), x => x.Subject == subject) + .WhereIf(client.HasValue, x => x.ApplicationId == client) + .WhereIf(!status.IsNullOrWhiteSpace(), x => x.Status == status) + .WhereIf(!type.IsNullOrWhiteSpace(), x => x.Type == type) .As>() .ToListAsync(GetCancellationToken(cancellationToken)); } public virtual async Task> FindByApplicationIdAsync(Guid applicationId, CancellationToken cancellationToken = default) { - return await Queryable.Where((await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))), x => x.ApplicationId == applicationId) + return await (await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))) + .Where(x => x.ApplicationId == applicationId) .As>() .ToListAsync(GetCancellationToken(cancellationToken)); } public virtual async Task> FindByAuthorizationIdAsync(Guid authorizationId, CancellationToken cancellationToken = default) { - return await Queryable.Where((await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))), x => x.AuthorizationId == authorizationId) + return await (await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))) + .Where(x => x.AuthorizationId == authorizationId) .As>() .ToListAsync(GetCancellationToken(cancellationToken)); } @@ -94,14 +86,16 @@ public class MongoOpenIddictTokenRepository : MongoDbRepository> FindBySubjectAsync(string subject, CancellationToken cancellationToken = default) { - return await Queryable.Where((await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))), x => x.Subject == subject) + return await (await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))) + .Where(x => x.Subject == subject) .As>() .ToListAsync(GetCancellationToken(cancellationToken)); } public virtual async Task> ListAsync(int? count, int? offset, CancellationToken cancellationToken = default) { - return await Queryable.OrderBy((await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))), x => x.Id) + return await (await GetMongoQueryableAsync(GetCancellationToken(cancellationToken))) + .OrderBy(x => x.Id) .SkipIf>(offset.HasValue, offset) .TakeIf>(count.HasValue, count) .As>() @@ -129,6 +123,37 @@ public class MongoOpenIddictTokenRepository : MongoDbRepository RevokeAsync(string subject, Guid? applicationId, string status, string type, CancellationToken cancellationToken = default) + { + var filter = Builders.Filter.Empty; + + if (!string.IsNullOrEmpty(subject)) + { + filter &= Builders.Filter.Where(authorization => authorization.Subject == subject); + } + + if (applicationId.HasValue) + { + filter &= Builders.Filter.Where(authorization => authorization.ApplicationId == applicationId); + } + + if (!string.IsNullOrEmpty(status)) + { + filter &= Builders.Filter.Where(authorization => authorization.Status == status); + } + + if (!string.IsNullOrEmpty(type)) + { + filter &= Builders.Filter.Where(authorization => authorization.Type == type); + } + + return (await (await GetCollectionAsync(cancellationToken)).UpdateManyAsync( + filter : filter, + update : Builders.Update.Set(authorization => authorization.Status, OpenIddictConstants.Statuses.Revoked), + options : null, + cancellationToken: cancellationToken)).MatchedCount; + } + public virtual async ValueTask RevokeByAuthorizationIdAsync(Guid id, CancellationToken cancellationToken) { return (await (await GetCollectionAsync(GetCancellationToken(cancellationToken))).UpdateManyAsync( diff --git a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictAuthorizationRepository_Tests.cs b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictAuthorizationRepository_Tests.cs index e545854a06..144505f686 100644 --- a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictAuthorizationRepository_Tests.cs +++ b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictAuthorizationRepository_Tests.cs @@ -24,10 +24,10 @@ public abstract class OpenIddictAuthorizationRepository_Tests : [Fact] public async Task FindAsync() { - (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: new Guid())).Count.ShouldBe(0); - (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id)).Count.ShouldBe(1); - (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id, status: "NonExistsStatus")).Count.ShouldBe(0); - (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id, status: OpenIddictConstants.Statuses.Valid)).Count.ShouldBe(1); + (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: new Guid(), status: null, type: null)).Count.ShouldBe(0); + (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id, status: null, type: null)).Count.ShouldBe(1); + (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id, status: "NonExistsStatus", type: null)).Count.ShouldBe(0); + (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id, status: OpenIddictConstants.Statuses.Valid, type: null)).Count.ShouldBe(1); (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id, status: OpenIddictConstants.Statuses.Valid ,type: "NonExistsType")).Count.ShouldBe(0); (await _authorizationRepository.FindAsync(subject: _testData.Subject1, client: _testData.App1Id, status: OpenIddictConstants.Statuses.Valid ,type: OpenIddictConstants.AuthorizationTypes.Permanent)).Count.ShouldBe(1); } @@ -71,6 +71,35 @@ public abstract class OpenIddictAuthorizationRepository_Tests : (await _authorizationRepository.ListAsync(int.MaxValue, 0)).Count.ShouldBe(1); } + [Fact] + public async Task RevokeAsync() + { + var authorizations = await _authorizationRepository.FindByApplicationIdAsync(_testData.App1Id); + authorizations.Count.ShouldBe(1); + authorizations.First().ApplicationId.ShouldBe(_testData.App1Id); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Valid); + + (await _authorizationRepository.RevokeAsync(null, _testData.App1Id, null, null)).ShouldBe(1); + + authorizations = await _authorizationRepository.FindByApplicationIdAsync(_testData.App1Id); + authorizations.Count.ShouldBe(1); + authorizations.First().ApplicationId.ShouldBe(_testData.App1Id); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Revoked); + + + authorizations = await _authorizationRepository.FindBySubjectAsync(_testData.Subject2); + authorizations.Count.ShouldBe(1); + authorizations.First().Subject.ShouldBe(_testData.Subject2); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Inactive); + + (await _authorizationRepository.RevokeAsync(_testData.Subject2, null, null, null)).ShouldBe(1); + + authorizations = await _authorizationRepository.FindBySubjectAsync(_testData.Subject2); + authorizations.Count.ShouldBe(1); + authorizations.First().Subject.ShouldBe(_testData.Subject2); + authorizations.First().Status.ShouldBe(OpenIddictConstants.Statuses.Revoked); + } + [Fact] public async Task RevokeByApplicationIdAsync() { diff --git a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictTokenRepository_Tests.cs b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictTokenRepository_Tests.cs index 5525f082eb..d6af3bd3c6 100644 --- a/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictTokenRepository_Tests.cs +++ b/modules/openiddict/test/Volo.Abp.OpenIddict.TestBase/Volo/Abp/OpenIddict/OpenIddictTokenRepository_Tests.cs @@ -62,10 +62,10 @@ public abstract class OpenIddictTokenRepository_Tests : OpenIddi [Fact] public async Task FindAsync() { - (await _tokenRepository.FindAsync( _testData.Subject1, new Guid())).Count.ShouldBe(0); - (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id)).Count.ShouldBe(1); - (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id, "NonExistsStatus")).Count.ShouldBe(0); - (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id, OpenIddictConstants.Statuses.Redeemed)).Count.ShouldBe(1); + (await _tokenRepository.FindAsync( _testData.Subject1, new Guid(), null, null)).Count.ShouldBe(0); + (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id, null, null)).Count.ShouldBe(1); + (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id, "NonExistsStatus", null)).Count.ShouldBe(0); + (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id, OpenIddictConstants.Statuses.Redeemed, null)).Count.ShouldBe(1); (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id, OpenIddictConstants.Statuses.Redeemed, "NonExistsType")).Count.ShouldBe(0); (await _tokenRepository.FindAsync( _testData.Subject1, _testData.App1Id, OpenIddictConstants.Statuses.Redeemed, "TestType1")).Count.ShouldBe(1); } From 7550b3b4388f7b0f019d13b92ff63d998d04d6f2 Mon Sep 17 00:00:00 2001 From: maliming Date: Thu, 14 Nov 2024 13:31:02 +0800 Subject: [PATCH 06/16] Update `OpenIddict` to `6.0.0-preview3.24551.41`. --- Directory.Packages.props | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Directory.Packages.props b/Directory.Packages.props index c6cffa7ab8..bf4eb56ff6 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -120,11 +120,11 @@ - - - - - + + + + + From d841bb85de00a3bd8eeffe1b60e6e39ac1c2307a Mon Sep 17 00:00:00 2001 From: maliming Date: Mon, 9 Dec 2024 08:55:51 +0800 Subject: [PATCH 07/16] Upgrade OpenIddict to `6.0.0-rc1`. --- Directory.Packages.props | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Directory.Packages.props b/Directory.Packages.props index b4ae1fc2f8..b54617f64f 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -120,11 +120,11 @@ - - - - - + + + + + From 8018fb2fd262093739a3352d91ef706a591e26b5 Mon Sep 17 00:00:00 2001 From: maliming Date: Mon, 9 Dec 2024 13:46:35 +0800 Subject: [PATCH 08/16] Create openiddict5-to-6.md --- .../migration-guides/openiddict5-to-6.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 docs/en/release-info/migration-guides/openiddict5-to-6.md diff --git a/docs/en/release-info/migration-guides/openiddict5-to-6.md b/docs/en/release-info/migration-guides/openiddict5-to-6.md new file mode 100644 index 0000000000..29c71e4f51 --- /dev/null +++ b/docs/en/release-info/migration-guides/openiddict5-to-6.md @@ -0,0 +1,18 @@ +# OpenIddict 5.x to 6.x Migration Guide + +The 6.0 release of OpenIddict is a major release that introduces breaking changes. + +Check this blog [OpenIddict 6.0 general availability](https://kevinchalet.com/2023/12/18/openiddict-5-0-general-availability/) for the new features introduced in OpenIddict 6.0. and the [Migrate to OpenIddict 6.0](https://documentation.openiddict.com/guides/migration/50-to-60) for more information about the changes. + +In this guide, we will explain the changes you need to make to your ABP application. + +## Constant changes + +The following constants have been renamed: + +| Old Constant Name | New Constant Name | +|---------------------------------------------------------------|-----------------------------------------------------------------| +| `OpenIddictConstants.Permissions.Endpoints.LogoutPmar` | `OpenIddictConstants.Permissions.Endpoints.EndSession` | +| `OpenIddictConstants.Permissions.Endpoints.Device` | `OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization` | + +That's all, It's a simple migration. If you have advanced usage of OpenIddict, Please check the [official migration guide](https://documentation.openiddict.com/guides/migration/50-to-60) for more information. From 3471cb2930c2f4d1457227ecdb43ba9798400ec8 Mon Sep 17 00:00:00 2001 From: maliming Date: Wed, 18 Dec 2024 08:47:45 +0800 Subject: [PATCH 09/16] Update `OpenIddict` to `6.0.0` official. --- Directory.Packages.props | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Directory.Packages.props b/Directory.Packages.props index 88fc93584d..e54dc408dc 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -120,11 +120,11 @@ - - - - - + + + + + From 26762e6a2a644204f27180aea5081133a8e79b48 Mon Sep 17 00:00:00 2001 From: maliming Date: Wed, 18 Dec 2024 08:49:44 +0800 Subject: [PATCH 10/16] Update openiddict5-to-6.md --- docs/en/release-info/migration-guides/openiddict5-to-6.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/en/release-info/migration-guides/openiddict5-to-6.md b/docs/en/release-info/migration-guides/openiddict5-to-6.md index 29c71e4f51..7633f9ea35 100644 --- a/docs/en/release-info/migration-guides/openiddict5-to-6.md +++ b/docs/en/release-info/migration-guides/openiddict5-to-6.md @@ -2,7 +2,7 @@ The 6.0 release of OpenIddict is a major release that introduces breaking changes. -Check this blog [OpenIddict 6.0 general availability](https://kevinchalet.com/2023/12/18/openiddict-5-0-general-availability/) for the new features introduced in OpenIddict 6.0. and the [Migrate to OpenIddict 6.0](https://documentation.openiddict.com/guides/migration/50-to-60) for more information about the changes. +Check this blog [OpenIddict 6.0 general availability](https://kevinchalet.com/2024/12/17/openiddict-6-0-general-availability/) for the new features introduced in OpenIddict 6.0. and the [Migrate to OpenIddict 6.0](https://documentation.openiddict.com/guides/migration/50-to-60) for more information about the changes. In this guide, we will explain the changes you need to make to your ABP application. From e1e6615888c4c6158b001b4cc1a2be935442d113 Mon Sep 17 00:00:00 2001 From: maliming Date: Wed, 18 Dec 2024 10:40:14 +0800 Subject: [PATCH 11/16] Added oauth authencation to swagger page. --- .../app/OpenIddict.Demo.API/Program.cs | 45 ++++++++++++++++++- .../ServerDataSeedContributor.cs | 32 +++++++++++++ .../app/OpenIddict.Demo.Server/Program.cs | 2 +- 3 files changed, 76 insertions(+), 3 deletions(-) diff --git a/modules/openiddict/app/OpenIddict.Demo.API/Program.cs b/modules/openiddict/app/OpenIddict.Demo.API/Program.cs index 4d56464b50..0938f87e6c 100644 --- a/modules/openiddict/app/OpenIddict.Demo.API/Program.cs +++ b/modules/openiddict/app/OpenIddict.Demo.API/Program.cs @@ -1,5 +1,8 @@ using Microsoft.AspNetCore.Authentication.JwtBearer; using OpenIddict.Demo.API; +using Microsoft.OpenApi.Models; +using Swashbuckle.AspNetCore.SwaggerGen; +using Swashbuckle.AspNetCore.SwaggerUI; var builder = WebApplication.CreateBuilder(args); builder.Logging.ClearProviders(); @@ -20,7 +23,40 @@ builder.Services.AddCors(options => builder.Services.AddControllers(); // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle builder.Services.AddEndpointsApiExplorer(); -builder.Services.AddSwaggerGen(); +builder.Services.AddSwaggerGen(options => +{ + options.AddSecurityDefinition("oauth2", new OpenApiSecurityScheme + { + Type = SecuritySchemeType.OAuth2, + Flows = new OpenApiOAuthFlows + { + AuthorizationCode = new OpenApiOAuthFlow + { + AuthorizationUrl = new Uri("https://localhost:44301/connect/authorize"), + TokenUrl = new Uri("https://localhost:44301/connect/token"), + Scopes = new Dictionary + { + { "AbpAPI", "AbpAPI"} + } + } + } + }); + + options.AddSecurityRequirement(new OpenApiSecurityRequirement + { + { + new OpenApiSecurityScheme + { + Reference = new OpenApiReference + { + Type = ReferenceType.SecurityScheme, + Id = "oauth2" + } + }, + Array.Empty() + } + }); +}); builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddAbpJwtBearer(options => @@ -37,7 +73,12 @@ await app.InitializeApplicationAsync(); if (app.Environment.IsDevelopment()) { app.UseSwagger(); - app.UseSwaggerUI(); + app.UseSwaggerUI(options => + { + options.SwaggerEndpoint("/swagger/v1/swagger.json", "OpenIddict.Demo.API"); + options.OAuthClientId("Swagger"); + options.OAuthScopes("AbpAPI"); + }); } app.UseHttpsRedirection(); diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/EntityFrameworkCore/ServerDataSeedContributor.cs b/modules/openiddict/app/OpenIddict.Demo.Server/EntityFrameworkCore/ServerDataSeedContributor.cs index 9d4aee74e7..148685c1bd 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/EntityFrameworkCore/ServerDataSeedContributor.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Server/EntityFrameworkCore/ServerDataSeedContributor.cs @@ -156,5 +156,37 @@ public class ServerDataSeedContributor : IDataSeedContributor, ITransientDepende } }); } + + if (await _applicationManager.FindByClientIdAsync("Swagger") == null) + { + await _applicationManager.CreateAsync(new OpenIddictApplicationDescriptor + { + ApplicationType = OpenIddictConstants.ApplicationTypes.Web, + ClientId = "Swagger", + ClientType = OpenIddictConstants.ClientTypes.Public, + ConsentType = OpenIddictConstants.ConsentTypes.Explicit, + DisplayName = "Abp Swagger Application", + RedirectUris = + { + new Uri("https://localhost:44303/swagger/oauth2-redirect.html") + }, + Permissions = + { + OpenIddictConstants.Permissions.Endpoints.Authorization, + OpenIddictConstants.Permissions.Endpoints.Token, + + OpenIddictConstants.Permissions.GrantTypes.AuthorizationCode, + + OpenIddictConstants.Permissions.ResponseTypes.Code, + + OpenIddictConstants.Permissions.Prefixes.Scope + "AbpAPI" + }, + Settings = + { + // Use a shorter access token lifetime for tokens issued to the Postman application. + [OpenIddictConstants.Settings.TokenLifetimes.AccessToken] = TimeSpan.FromMinutes(5).ToString("c", CultureInfo.InvariantCulture) + } + }); + } } } diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs b/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs index 9b3126f594..83c641e569 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs @@ -8,7 +8,7 @@ builder.Services.AddCors(options => options.AddDefaultPolicy( builder => { - builder.WithOrigins("http://localhost:4200", "https://localhost:44304") + builder.WithOrigins("http://localhost:4200", "https://localhost:44303", "https://localhost:44304") .SetIsOriginAllowedToAllowWildcardSubdomains() .AllowAnyHeader() .AllowAnyMethod() From b18062f554fc9a07a19e77905e6889d33aab74e6 Mon Sep 17 00:00:00 2001 From: maliming Date: Wed, 18 Dec 2024 10:42:59 +0800 Subject: [PATCH 12/16] Update openiddict5-to-6.md --- docs/en/release-info/migration-guides/openiddict5-to-6.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/en/release-info/migration-guides/openiddict5-to-6.md b/docs/en/release-info/migration-guides/openiddict5-to-6.md index 7633f9ea35..2162909901 100644 --- a/docs/en/release-info/migration-guides/openiddict5-to-6.md +++ b/docs/en/release-info/migration-guides/openiddict5-to-6.md @@ -12,7 +12,7 @@ The following constants have been renamed: | Old Constant Name | New Constant Name | |---------------------------------------------------------------|-----------------------------------------------------------------| -| `OpenIddictConstants.Permissions.Endpoints.LogoutPmar` | `OpenIddictConstants.Permissions.Endpoints.EndSession` | +| `OpenIddictConstants.Permissions.Endpoints.Logout` | `OpenIddictConstants.Permissions.Endpoints.EndSession` | | `OpenIddictConstants.Permissions.Endpoints.Device` | `OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization` | That's all, It's a simple migration. If you have advanced usage of OpenIddict, Please check the [official migration guide](https://documentation.openiddict.com/guides/migration/50-to-60) for more information. From d9ec8e3d90315a10649257d70c7f5ee48d4fb755 Mon Sep 17 00:00:00 2001 From: maliming Date: Wed, 18 Dec 2024 10:47:45 +0800 Subject: [PATCH 13/16] Remove unnecessary`space`. --- .../Server.Mongo/Data/OpenIddictDataSeedContributor.cs | 2 +- .../Server/Data/OpenIddictDataSeedContributor.cs | 2 +- .../Data/OpenIddictDataSeedContributor.cs | 2 +- .../Data/OpenIddictDataSeedContributor.cs | 2 +- .../OpenIddict/OpenIddictDataSeedContributor.cs | 2 +- .../OpenIddict/OpenIddictDataSeedContributor.cs | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server.Mongo/Data/OpenIddictDataSeedContributor.cs b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server.Mongo/Data/OpenIddictDataSeedContributor.cs index 8bbf2284f6..1355d481a0 100644 --- a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server.Mongo/Data/OpenIddictDataSeedContributor.cs +++ b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server.Mongo/Data/OpenIddictDataSeedContributor.cs @@ -235,7 +235,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) diff --git a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server/Data/OpenIddictDataSeedContributor.cs b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server/Data/OpenIddictDataSeedContributor.cs index 8bbf2284f6..1355d481a0 100644 --- a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server/Data/OpenIddictDataSeedContributor.cs +++ b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Blazor.WebAssembly/Server/Data/OpenIddictDataSeedContributor.cs @@ -235,7 +235,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) diff --git a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host.Mongo/Data/OpenIddictDataSeedContributor.cs b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host.Mongo/Data/OpenIddictDataSeedContributor.cs index 39b651f211..4fbcd1f1af 100644 --- a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host.Mongo/Data/OpenIddictDataSeedContributor.cs +++ b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host.Mongo/Data/OpenIddictDataSeedContributor.cs @@ -234,7 +234,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) diff --git a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host/Data/OpenIddictDataSeedContributor.cs b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host/Data/OpenIddictDataSeedContributor.cs index 39b651f211..4fbcd1f1af 100644 --- a/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host/Data/OpenIddictDataSeedContributor.cs +++ b/templates/app-nolayers/aspnet-core/MyCompanyName.MyProjectName.Host/Data/OpenIddictDataSeedContributor.cs @@ -234,7 +234,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) diff --git a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/OpenIddict/OpenIddictDataSeedContributor.cs b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/OpenIddict/OpenIddictDataSeedContributor.cs index b65e024047..738f28af80 100644 --- a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/OpenIddict/OpenIddictDataSeedContributor.cs +++ b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Domain/OpenIddict/OpenIddictDataSeedContributor.cs @@ -334,7 +334,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) diff --git a/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.AuthServer/OpenIddict/OpenIddictDataSeedContributor.cs b/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.AuthServer/OpenIddict/OpenIddictDataSeedContributor.cs index 5c4219e7ba..790abae592 100644 --- a/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.AuthServer/OpenIddict/OpenIddictDataSeedContributor.cs +++ b/templates/module/aspnet-core/host/MyCompanyName.MyProjectName.AuthServer/OpenIddict/OpenIddictDataSeedContributor.cs @@ -286,7 +286,7 @@ public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDep if (grantType == OpenIddictConstants.GrantTypes.DeviceCode) { application.Permissions.Add(OpenIddictConstants.Permissions.GrantTypes.DeviceCode); - application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints. DeviceAuthorization); + application.Permissions.Add(OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization); } if (grantType == OpenIddictConstants.GrantTypes.Implicit) From 8765eb09e96a8d574534a7d550c216608f6a64d8 Mon Sep 17 00:00:00 2001 From: maliming <6908465+maliming@users.noreply.github.com> Date: Wed, 18 Dec 2024 12:07:03 +0800 Subject: [PATCH 14/16] Update `IdentityModel` packages to `8.3.0`. --- Directory.Packages.props | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Directory.Packages.props b/Directory.Packages.props index e54dc408dc..078f8054c2 100644 --- a/Directory.Packages.props +++ b/Directory.Packages.props @@ -106,9 +106,10 @@ - - - + + + + @@ -167,7 +168,6 @@ - From 40fc03a98278e305f95f9f359b6ce99719b73c77 Mon Sep 17 00:00:00 2001 From: maliming Date: Wed, 18 Dec 2024 12:42:26 +0800 Subject: [PATCH 15/16] Update openiddict5-to-6.md --- .../release-info/migration-guides/openiddict5-to-6.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/docs/en/release-info/migration-guides/openiddict5-to-6.md b/docs/en/release-info/migration-guides/openiddict5-to-6.md index 2162909901..e235a6876e 100644 --- a/docs/en/release-info/migration-guides/openiddict5-to-6.md +++ b/docs/en/release-info/migration-guides/openiddict5-to-6.md @@ -15,4 +15,14 @@ The following constants have been renamed: | `OpenIddictConstants.Permissions.Endpoints.Logout` | `OpenIddictConstants.Permissions.Endpoints.EndSession` | | `OpenIddictConstants.Permissions.Endpoints.Device` | `OpenIddictConstants.Permissions.Endpoints.DeviceAuthorization` | + +## IdentityModel packages + +If you have reference `IdentityModel` directly, Please upgrade them to the latest(8.3.0) + +* [System.IdentityModel.Tokens.Jwt](https://www.nuget.org/packages/System.IdentityModel.Tokens.Jwt/) +* [Microsoft.IdentityModel.Protocols.OpenIdConnect](https://www.nuget.org/packages/Microsoft.IdentityModel.Protocols.OpenIdConnect/) +* [Microsoft.IdentityModel.Tokens](https://www.nuget.org/packages/Microsoft.IdentityModel.Tokens/) +* [Microsoft.IdentityModel.JsonWebTokens](https://www.nuget.org/packages/Microsoft.IdentityModel.JsonWebTokens/) + That's all, It's a simple migration. If you have advanced usage of OpenIddict, Please check the [official migration guide](https://documentation.openiddict.com/guides/migration/50-to-60) for more information. From c4ce62f03a91e0a21114710298e24423f28fd6da Mon Sep 17 00:00:00 2001 From: Engincan VESKE Date: Thu, 19 Dec 2024 11:56:18 +0300 Subject: [PATCH 16/16] Update openiddict5-to-6.md --- docs/en/release-info/migration-guides/openiddict5-to-6.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/en/release-info/migration-guides/openiddict5-to-6.md b/docs/en/release-info/migration-guides/openiddict5-to-6.md index e235a6876e..f876f86265 100644 --- a/docs/en/release-info/migration-guides/openiddict5-to-6.md +++ b/docs/en/release-info/migration-guides/openiddict5-to-6.md @@ -18,11 +18,11 @@ The following constants have been renamed: ## IdentityModel packages -If you have reference `IdentityModel` directly, Please upgrade them to the latest(8.3.0) +If you have a reference to `IdentityModel` directly, please upgrade the necessary package versions to the latest stable version, which is currently 8.3.0: * [System.IdentityModel.Tokens.Jwt](https://www.nuget.org/packages/System.IdentityModel.Tokens.Jwt/) * [Microsoft.IdentityModel.Protocols.OpenIdConnect](https://www.nuget.org/packages/Microsoft.IdentityModel.Protocols.OpenIdConnect/) * [Microsoft.IdentityModel.Tokens](https://www.nuget.org/packages/Microsoft.IdentityModel.Tokens/) * [Microsoft.IdentityModel.JsonWebTokens](https://www.nuget.org/packages/Microsoft.IdentityModel.JsonWebTokens/) -That's all, It's a simple migration. If you have advanced usage of OpenIddict, Please check the [official migration guide](https://documentation.openiddict.com/guides/migration/50-to-60) for more information. +That's all, it's a simple migration! If you have advanced usage of OpenIddict, please check the [official migration guide](https://documentation.openiddict.com/guides/migration/50-to-60) for more information.