From 8ceafc1b8c143fe07aa50ee44d7a1ababe48bc2d Mon Sep 17 00:00:00 2001 From: liangshiwei Date: Wed, 13 Jan 2021 11:11:33 +0800 Subject: [PATCH] Refactor --- .../Abp/MultiTenancy/TenantConfiguration.cs | 2 +- .../Volo/Abp/Security/AbpSecurityModule.cs | 25 +++++++++++++++++++ .../Abp/Security/Claims/AbpClaimOptions.cs | 14 +++++++++++ .../Security/Claims/ClaimsIdentityContext.cs | 14 +++++++++++ .../Claims}/ClaimsIdentityExtensions.cs | 2 +- .../Claims/IClaimsIdentityContributor.cs | 9 +++++++ .../Identity/AbpUserClaimsPrincipalFactory.cs | 22 ++++++++++------ .../Abp/IdentityServer/AbpClaimsService.cs | 10 ++------ .../AspNetIdentity/AbpUserClaimsFactory.cs | 2 +- 9 files changed, 81 insertions(+), 19 deletions(-) create mode 100644 framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/AbpClaimOptions.cs create mode 100644 framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/ClaimsIdentityContext.cs rename {modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity => framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims}/ClaimsIdentityExtensions.cs (94%) create mode 100644 framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/IClaimsIdentityContributor.cs diff --git a/framework/src/Volo.Abp.MultiTenancy/Volo/Abp/MultiTenancy/TenantConfiguration.cs b/framework/src/Volo.Abp.MultiTenancy/Volo/Abp/MultiTenancy/TenantConfiguration.cs index 04e980de69..42c029a4d4 100644 --- a/framework/src/Volo.Abp.MultiTenancy/Volo/Abp/MultiTenancy/TenantConfiguration.cs +++ b/framework/src/Volo.Abp.MultiTenancy/Volo/Abp/MultiTenancy/TenantConfiguration.cs @@ -6,7 +6,7 @@ using Volo.Abp.ObjectExtending; namespace Volo.Abp.MultiTenancy { [Serializable] - public class TenantConfiguration : ExtensibleObject + public class TenantConfiguration { public Guid Id { get; set; } diff --git a/framework/src/Volo.Abp.Security/Volo/Abp/Security/AbpSecurityModule.cs b/framework/src/Volo.Abp.Security/Volo/Abp/Security/AbpSecurityModule.cs index b1cdcb1097..5d60b6fe86 100644 --- a/framework/src/Volo.Abp.Security/Volo/Abp/Security/AbpSecurityModule.cs +++ b/framework/src/Volo.Abp.Security/Volo/Abp/Security/AbpSecurityModule.cs @@ -1,13 +1,20 @@ using System; +using System.Collections.Generic; using System.Text; using Microsoft.Extensions.DependencyInjection; using Volo.Abp.Modularity; +using Volo.Abp.Security.Claims; using Volo.Abp.Security.Encryption; namespace Volo.Abp.Security { public class AbpSecurityModule : AbpModule { + public override void PostConfigureServices(ServiceConfigurationContext context) + { + AutoAddClaimsPrincipalContributors(context.Services); + } + public override void ConfigureServices(ServiceConfigurationContext context) { var configuration = context.Services.GetConfiguration(); @@ -41,5 +48,23 @@ namespace Volo.Abp.Security } }); } + + private static void AutoAddClaimsPrincipalContributors(IServiceCollection services) + { + var contributorTypes = new List(); + + services.OnRegistred(context => + { + if (typeof(IClaimsIdentityContributor).IsAssignableFrom(context.ImplementationType)) + { + contributorTypes.Add(context.ImplementationType); + } + }); + + services.Configure(options => + { + options.ClaimsIdentityContributors.AddIfNotContains(contributorTypes); + }); + } } } diff --git a/framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/AbpClaimOptions.cs b/framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/AbpClaimOptions.cs new file mode 100644 index 0000000000..95fd123e0c --- /dev/null +++ b/framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/AbpClaimOptions.cs @@ -0,0 +1,14 @@ +using Volo.Abp.Collections; + +namespace Volo.Abp.Security.Claims +{ + public class AbpClaimOptions + { + public ITypeList ClaimsIdentityContributors { get; set; } + + public AbpClaimOptions() + { + ClaimsIdentityContributors = new TypeList(); + } + } +} diff --git a/framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/ClaimsIdentityContext.cs b/framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/ClaimsIdentityContext.cs new file mode 100644 index 0000000000..c552379599 --- /dev/null +++ b/framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/ClaimsIdentityContext.cs @@ -0,0 +1,14 @@ +using System.Security.Claims; + +namespace Volo.Abp.Security.Claims +{ + public class ClaimsIdentityContext + { + public ClaimsIdentity ClaimsIdentity { get; } + + public ClaimsIdentityContext(ClaimsIdentity claimsIdentity) + { + ClaimsIdentity = claimsIdentity; + } + } +} diff --git a/modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/ClaimsIdentityExtensions.cs b/framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/ClaimsIdentityExtensions.cs similarity index 94% rename from modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/ClaimsIdentityExtensions.cs rename to framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/ClaimsIdentityExtensions.cs index 156f092f9e..bf8bb26784 100644 --- a/modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/ClaimsIdentityExtensions.cs +++ b/framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/ClaimsIdentityExtensions.cs @@ -2,7 +2,7 @@ using System.Linq; using System.Security.Claims; -namespace Volo.Abp.Identity +namespace Volo.Abp.Security.Claims { public static class ClaimsIdentityExtensions { diff --git a/framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/IClaimsIdentityContributor.cs b/framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/IClaimsIdentityContributor.cs new file mode 100644 index 0000000000..1fa13ad8a2 --- /dev/null +++ b/framework/src/Volo.Abp.Security/Volo/Abp/Security/Claims/IClaimsIdentityContributor.cs @@ -0,0 +1,9 @@ +using System.Threading.Tasks; + +namespace Volo.Abp.Security.Claims +{ + public interface IClaimsIdentityContributor + { + Task AddClaimsAsync(ClaimsIdentityContext context); + } +} diff --git a/modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/AbpUserClaimsPrincipalFactory.cs b/modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/AbpUserClaimsPrincipalFactory.cs index 78ccad7441..bcf06644b2 100644 --- a/modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/AbpUserClaimsPrincipalFactory.cs +++ b/modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/AbpUserClaimsPrincipalFactory.cs @@ -1,8 +1,10 @@ using System; +using System.Collections.Generic; using System.Linq; using System.Security.Claims; using System.Threading.Tasks; using Microsoft.AspNetCore.Identity; +using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Options; using Volo.Abp.Data; using Volo.Abp.DependencyInjection; @@ -15,19 +17,22 @@ namespace Volo.Abp.Identity public class AbpUserClaimsPrincipalFactory : UserClaimsPrincipalFactory, ITransientDependency { - protected ITenantStore TenantStore { get; } + protected AbpClaimOptions ClaimOptions { get; } + protected IServiceScopeFactory ServiceScopeFactory { get; } public AbpUserClaimsPrincipalFactory( UserManager userManager, RoleManager roleManager, IOptions options, - ITenantStore tenantStore) + IOptions claimOptions, + IServiceScopeFactory serviceScopeFactory) : base( userManager, roleManager, options) { - TenantStore = tenantStore; + ServiceScopeFactory = serviceScopeFactory; + ClaimOptions = claimOptions.Value; } [UnitOfWork] @@ -66,13 +71,14 @@ namespace Volo.Abp.Identity identity.AddIfNotContains(new Claim(AbpClaimTypes.EmailVerified, user.EmailConfirmed.ToString())); - if (user.TenantId.HasValue) + var context = new ClaimsIdentityContext(identity); + + using (var scope = ServiceScopeFactory.CreateScope()) { - var tenant = await TenantStore.FindAsync(user.TenantId.Value); - var editionId = tenant?.GetProperty(AbpClaimTypes.EditionId); - if (editionId != null && editionId != default(Guid)) + foreach (var contributorType in ClaimOptions.ClaimsIdentityContributors) { - identity.AddIfNotContains(new Claim(AbpClaimTypes.EditionId, editionId.ToString())); + var contributor = (IClaimsIdentityContributor) scope.ServiceProvider.GetRequiredService(contributorType); + await contributor.AddClaimsAsync(context); } } diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpClaimsService.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpClaimsService.cs index c60c241209..bfdc8c3957 100644 --- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpClaimsService.cs +++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpClaimsService.cs @@ -14,15 +14,9 @@ namespace Volo.Abp.IdentityServer { } - protected override IEnumerable GetOptionalClaims(ClaimsPrincipal subject) + protected override IEnumerable FilterRequestedClaimTypes(IEnumerable claimTypes) { - var tenantClaim = subject.FindFirst(AbpClaimTypes.TenantId); - if (tenantClaim == null) - { - return base.GetOptionalClaims(subject); - } - - return base.GetOptionalClaims(subject).Union(new[] { tenantClaim }); + return base.FilterRequestedClaimTypes(claimTypes).Union(new []{AbpClaimTypes.TenantId, AbpClaimTypes.EditionId}); } } } diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpUserClaimsFactory.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpUserClaimsFactory.cs index e18e6a219b..982e52cfab 100644 --- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpUserClaimsFactory.cs +++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpUserClaimsFactory.cs @@ -5,7 +5,7 @@ using System.Threading.Tasks; using IdentityModel; using Microsoft.AspNetCore.Identity; using Volo.Abp.DependencyInjection; -using Volo.Abp.Identity; +using Volo.Abp.Security.Claims; using IdentityUser = Volo.Abp.Identity.IdentityUser; namespace Volo.Abp.IdentityServer.AspNetIdentity