diff --git a/docs/en/Modules/OpenIddict.md b/docs/en/Modules/OpenIddict.md index 6df46dfcd2..951a745aab 100644 --- a/docs/en/Modules/OpenIddict.md +++ b/docs/en/Modules/OpenIddict.md @@ -81,7 +81,7 @@ PreConfigure(builder => }); ``` -#### AbpOpenIddictOptions +#### AbpOpenIddictAspNetCoreOptions `UpdateAbpClaimTypes(default: true)`: Updates AbpClaimTypes to be compatible with identity server claims. `AddDevelopmentEncryptionAndSigningCertificate(default: true)`: Registers (and generates if necessary) a user-specific development encryption/development signing certificate. diff --git a/modules/openiddict/app/OpenIddict.Demo.Client.Mvc/Pages/Index.cshtml b/modules/openiddict/app/OpenIddict.Demo.Client.Mvc/Pages/Index.cshtml index 1b53e0e427..1d2feb2a8d 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Client.Mvc/Pages/Index.cshtml +++ b/modules/openiddict/app/OpenIddict.Demo.Client.Mvc/Pages/Index.cshtml @@ -1,14 +1,13 @@ @page @using Microsoft.AspNetCore.Authentication +@using System.Net.Http.Headers +@using System.Text.Json @model IndexModel @{ ViewData["Title"] = "Home page"; }
-

Welcome

-

Learn about building Web apps with ASP.NET Core.

- Login Loout @@ -25,5 +24,22 @@
@await HttpContext.GetTokenAsync("access_token")

+ + var client = new HttpClient(); + var request = new HttpRequestMessage(HttpMethod.Get, "https://localhost:44303/api/claims"); + request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", await HttpContext.GetTokenAsync("access_token")); + + var response = await client.SendAsync(request); + response.EnsureSuccessStatusCode(); + + + @{ + var apiResponse = JsonSerializer.Serialize(JsonDocument.Parse(await response.Content.ReadAsStringAsync()), new JsonSerializerOptions + { + WriteIndented = true + }); + } + @apiResponse; + }
diff --git a/modules/openiddict/app/OpenIddict.Demo.Client.Mvc/Program.cs b/modules/openiddict/app/OpenIddict.Demo.Client.Mvc/Program.cs index f5b17d5a12..6e18cde936 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Client.Mvc/Program.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Client.Mvc/Program.cs @@ -35,6 +35,8 @@ builder.Services.AddAuthentication(options => options.Scope.Add("email"); options.Scope.Add("roles"); + options.Scope.Add("phone"); + options.Scope.Add("AbpAPI"); }); var app = builder.Build(); diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddict.Demo.Server.csproj b/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddict.Demo.Server.csproj index b55295d2ec..66fddb3d09 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddict.Demo.Server.csproj +++ b/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddict.Demo.Server.csproj @@ -67,7 +67,7 @@ - + runtime; build; native; contentfiles; analyzers diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs b/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs index 903779b70f..2f62e30625 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Server/OpenIddictServerModule.cs @@ -1,9 +1,12 @@ using System.Text; using JetBrains.Annotations; +using Medallion.Threading; +using Medallion.Threading.Redis; using Microsoft.EntityFrameworkCore; using Microsoft.IdentityModel.Tokens; using OpenIddict.Demo.Server.EntityFrameworkCore; using OpenIddict.Validation.AspNetCore; +using StackExchange.Redis; using Volo.Abp; using Volo.Abp.Account; using Volo.Abp.Account.Web; @@ -109,16 +112,13 @@ public class OpenIddictServerModule : AbpModule public override void ConfigureServices(ServiceConfigurationContext context) { - // This is work for the OpenIddictServerBuilder.AddValidation() - context.Services.ConfigureApplicationCookie(options => + context.Services.AddSingleton(sp => { - options.ForwardDefaultSelector = ctx => ctx.Request.Path.StartsWithSegments("/api") - ? OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme - : null; + var connection = ConnectionMultiplexer.Connect("127.0.0.1"); + return new RedisDistributedSynchronizationProvider(connection.GetDatabase()); }); - - Configure(options => + Configure(options => { options.AddDevelopmentEncryptionAndSigningCertificate = false; }); diff --git a/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs b/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs index a03fbe6908..eb5b1673b2 100644 --- a/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs +++ b/modules/openiddict/app/OpenIddict.Demo.Server/Program.cs @@ -1,9 +1,6 @@ -using System.Text; -using Microsoft.IdentityModel.Tokens; using OpenIddict.Demo.Server; using Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared; using Volo.Abp.Localization; -using Volo.Abp.OpenIddict.Jwt; var builder = WebApplication.CreateBuilder(args); builder.Services.AddCors(options => @@ -44,6 +41,13 @@ builder.Services.Configure(options => // options.TokenValidationParameters.TokenDecryptionKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("Abp_OpenIddict_Demo_87E33FC57D80")); // }); +// builder.Services.ConfigureApplicationCookie(options => +// { +// options.ForwardDefaultSelector = ctx => ctx.Request.Path.StartsWithSegments("/api") +// ? OtherScheme +// : null; +// }); + await builder.AddApplicationAsync(); var app = builder.Build(); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs index cf68c2c24b..9a2a289d08 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs @@ -1,8 +1,12 @@ using Microsoft.AspNetCore.Mvc.Razor; using Microsoft.Extensions.DependencyInjection; +using OpenIddict.Abstractions; +using OpenIddict.Server; using Volo.Abp.AspNetCore.MultiTenancy; using Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared; using Volo.Abp.Modularity; +using Volo.Abp.OpenIddict.WildcardDomains; +using Volo.Abp.Security.Claims; namespace Volo.Abp.OpenIddict; @@ -13,22 +17,10 @@ namespace Volo.Abp.OpenIddict; )] public class AbpOpenIddictAspNetCoreModule : AbpModule { - public override void PreConfigureServices(ServiceConfigurationContext context) - { - PreConfigure(builder => - { - builder.UseAspNetCore() - .EnableAuthorizationEndpointPassthrough() - .EnableTokenEndpointPassthrough() - .EnableUserinfoEndpointPassthrough() - .EnableLogoutEndpointPassthrough() - .EnableVerificationEndpointPassthrough() - .EnableStatusCodePagesIntegration(); - }); - } - public override void ConfigureServices(ServiceConfigurationContext context) { + AddOpenIddictServer(context.Services); + Configure(options => { options.ClaimDestinationsProvider.Add(); @@ -39,4 +31,104 @@ public class AbpOpenIddictAspNetCoreModule : AbpModule options.ViewLocationFormats.Add("/Volo/Abp/OpenIddict/Views/{1}/{0}.cshtml"); }); } + + private void AddOpenIddictServer(IServiceCollection services) + { + var builderOptions = services.ExecutePreConfiguredActions(); + + if (builderOptions.UpdateAbpClaimTypes) + { + AbpClaimTypes.UserId = OpenIddictConstants.Claims.Subject; + AbpClaimTypes.Role = OpenIddictConstants.Claims.Role; + AbpClaimTypes.UserName = OpenIddictConstants.Claims.Name; + AbpClaimTypes.Name = OpenIddictConstants.Claims.GivenName; + AbpClaimTypes.SurName = OpenIddictConstants.Claims.FamilyName; + AbpClaimTypes.PhoneNumber = OpenIddictConstants.Claims.PhoneNumber; + AbpClaimTypes.PhoneNumberVerified = OpenIddictConstants.Claims.PhoneNumberVerified; + AbpClaimTypes.Email = OpenIddictConstants.Claims.Email; + AbpClaimTypes.EmailVerified = OpenIddictConstants.Claims.EmailVerified; + } + + var openIddictBuilder = services.AddOpenIddict() + .AddServer(builder => + { + builder + .SetAuthorizationEndpointUris("/connect/authorize") + // /.well-known/oauth-authorization-server + // /.well-known/openid-configuration + //.SetConfigurationEndpointUris() + // /.well-known/jwks + //.SetCryptographyEndpointUris() + .SetDeviceEndpointUris("/connect/device") + .SetIntrospectionEndpointUris("/connect/introspect") + .SetLogoutEndpointUris("/connect/logout") + .SetRevocationEndpointUris("/connect/revocat") + .SetTokenEndpointUris("/connect/token") + .SetUserinfoEndpointUris("/connect/userinfo") + .SetVerificationEndpointUris("/connect/verify"); + + builder + .AllowAuthorizationCodeFlow() + .AllowHybridFlow() + .AllowImplicitFlow() + .AllowPasswordFlow() + .AllowClientCredentialsFlow() + .AllowRefreshTokenFlow() + .AllowDeviceCodeFlow() + .AllowNoneFlow(); + + builder.RegisterScopes(new[] + { + OpenIddictConstants.Scopes.OpenId, + OpenIddictConstants.Scopes.Email, + OpenIddictConstants.Scopes.Profile, + OpenIddictConstants.Scopes.Phone, + OpenIddictConstants.Scopes.Roles, + OpenIddictConstants.Scopes.Address, + OpenIddictConstants.Scopes.OfflineAccess + }); + + builder.UseAspNetCore() + .EnableAuthorizationEndpointPassthrough() + .EnableTokenEndpointPassthrough() + .EnableUserinfoEndpointPassthrough() + .EnableLogoutEndpointPassthrough() + .EnableVerificationEndpointPassthrough() + .EnableStatusCodePagesIntegration(); + + if (builderOptions.AddDevelopmentEncryptionAndSigningCertificate) + { + builder + .AddDevelopmentEncryptionCertificate() + .AddDevelopmentSigningCertificate(); + } + + var wildcardDomainsOptions = services.ExecutePreConfiguredActions(); + if (wildcardDomainsOptions.EnableWildcardDomainSupport) + { + var preActions = services.GetPreConfigureActions(); + + Configure(options => + { + preActions.Configure(options); + }); + + builder.RemoveEventHandler(OpenIddictServerHandlers.Authentication.ValidateClientRedirectUri.Descriptor); + builder.AddEventHandler(AbpValidateClientRedirectUri.Descriptor); + + builder.RemoveEventHandler(OpenIddictServerHandlers.Authentication.ValidateRedirectUriParameter.Descriptor); + builder.AddEventHandler(AbpValidateRedirectUriParameter.Descriptor); + + builder.RemoveEventHandler(OpenIddictServerHandlers.Session.ValidateClientPostLogoutRedirectUri.Descriptor); + builder.AddEventHandler(AbpValidateClientPostLogoutRedirectUri.Descriptor); + + builder.RemoveEventHandler(OpenIddictServerHandlers.Session.ValidatePostLogoutRedirectUriParameter.Descriptor); + builder.AddEventHandler(AbpValidatePostLogoutRedirectUriParameter.Descriptor); + } + + services.ExecutePreConfiguredActions(builder); + }); + + services.ExecutePreConfiguredActions(openIddictBuilder); + } } diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/AbpOpenIddictOptions.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictOptions.cs similarity index 92% rename from modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/AbpOpenIddictOptions.cs rename to modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictOptions.cs index 55121ba566..475c13e447 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/AbpOpenIddictOptions.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictOptions.cs @@ -2,7 +2,7 @@ namespace Volo.Abp.OpenIddict; -public class AbpOpenIddictOptions +public class AbpOpenIddictAspNetCoreOptions { /// /// Updates to be compatible with OpenIddict claims. diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpOpenIddictWildcardDomainBase.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpOpenIddictWildcardDomainBase.cs similarity index 100% rename from modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpOpenIddictWildcardDomainBase.cs rename to modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpOpenIddictWildcardDomainBase.cs diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpOpenIddictWildcardDomainOptions.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpOpenIddictWildcardDomainOptions.cs similarity index 100% rename from modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpOpenIddictWildcardDomainOptions.cs rename to modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpOpenIddictWildcardDomainOptions.cs diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateClientPostLogoutRedirectUri.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateClientPostLogoutRedirectUri.cs similarity index 100% rename from modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateClientPostLogoutRedirectUri.cs rename to modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateClientPostLogoutRedirectUri.cs diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateClientRedirectUri.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateClientRedirectUri.cs similarity index 100% rename from modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateClientRedirectUri.cs rename to modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateClientRedirectUri.cs diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpValidatePostLogoutRedirectUriParameter.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidatePostLogoutRedirectUriParameter.cs similarity index 100% rename from modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpValidatePostLogoutRedirectUriParameter.cs rename to modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidatePostLogoutRedirectUriParameter.cs diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateRedirectUriParameter.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateRedirectUriParameter.cs similarity index 100% rename from modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateRedirectUriParameter.cs rename to modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/WildcardDomains/AbpValidateRedirectUriParameter.cs diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo.Abp.OpenIddict.Domain.Shared.csproj b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo.Abp.OpenIddict.Domain.Shared.csproj index 1c1e681763..25b4fb8571 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo.Abp.OpenIddict.Domain.Shared.csproj +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo.Abp.OpenIddict.Domain.Shared.csproj @@ -11,10 +11,10 @@ - + diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/AbpOpenIddictDomainSharedModule.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/AbpOpenIddictDomainSharedModule.cs index 23d6705318..c1b1f01023 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/AbpOpenIddictDomainSharedModule.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/AbpOpenIddictDomainSharedModule.cs @@ -1,5 +1,4 @@ -using Localization.Resources.AbpUi; -using Volo.Abp.Modularity; +using Volo.Abp.Modularity; using Volo.Abp.Localization; using Volo.Abp.OpenIddict.Localization; using Volo.Abp.Localization.ExceptionHandling; @@ -25,7 +24,7 @@ public class AbpOpenIddictDomainSharedModule : AbpModule { options.Resources .Add("en") - .AddBaseTypes(typeof(AbpValidationResource), typeof(AbpUiResource)) + .AddBaseTypes(typeof(AbpValidationResource)) .AddVirtualJson("Volo/Abp/OpenIddict/Localization/OpenIddict"); }); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo.Abp.OpenIddict.Domain.csproj b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo.Abp.OpenIddict.Domain.csproj index 2d82074b73..4228162e67 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo.Abp.OpenIddict.Domain.csproj +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo.Abp.OpenIddict.Domain.csproj @@ -11,13 +11,13 @@ + - diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/AbpOpenIddictDomainModule.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/AbpOpenIddictDomainModule.cs index 9b84731432..c7397186c5 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/AbpOpenIddictDomainModule.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/AbpOpenIddictDomainModule.cs @@ -1,12 +1,9 @@ -using System.Linq; -using System.Threading.Tasks; +using System.Threading.Tasks; using Microsoft.Extensions.DependencyInjection; -using Microsoft.Extensions.DependencyInjection.Extensions; using Microsoft.Extensions.Options; -using OpenIddict.Abstractions; -using OpenIddict.Server; using Volo.Abp.BackgroundWorkers; using Volo.Abp.Caching; +using Volo.Abp.DistributedLocking; using Volo.Abp.Domain; using Volo.Abp.Guids; using Volo.Abp.Identity; @@ -17,8 +14,6 @@ using Volo.Abp.OpenIddict.Applications; using Volo.Abp.OpenIddict.Authorizations; using Volo.Abp.OpenIddict.Scopes; using Volo.Abp.OpenIddict.Tokens; -using Volo.Abp.OpenIddict.WildcardDomains; -using Volo.Abp.Security.Claims; using Volo.Abp.Threading; namespace Volo.Abp.OpenIddict; @@ -27,16 +22,17 @@ namespace Volo.Abp.OpenIddict; typeof(AbpDddDomainModule), typeof(AbpIdentityDomainModule), typeof(AbpOpenIddictDomainSharedModule), + typeof(AbpDistributedLockingModule), typeof(AbpCachingModule), typeof(AbpGuidsModule) )] public class AbpOpenIddictDomainModule : AbpModule { - private static readonly OneTimeRunner OneTimeRunner = new OneTimeRunner(); + private readonly static OneTimeRunner OneTimeRunner = new OneTimeRunner(); public override void ConfigureServices(ServiceConfigurationContext context) { - AddOpenIddict(context.Services); + AddOpenIddictCore(context.Services); } public override void OnApplicationInitialization(ApplicationInitializationContext context) @@ -55,23 +51,8 @@ public class AbpOpenIddictDomainModule : AbpModule } } - private void AddOpenIddict(IServiceCollection services) + private void AddOpenIddictCore(IServiceCollection services) { - var builderOptions = services.ExecutePreConfiguredActions(); - - if (builderOptions.UpdateAbpClaimTypes) - { - AbpClaimTypes.UserId = OpenIddictConstants.Claims.Subject; - AbpClaimTypes.Role = OpenIddictConstants.Claims.Role; - AbpClaimTypes.UserName = OpenIddictConstants.Claims.Name; - AbpClaimTypes.Name = OpenIddictConstants.Claims.GivenName; - AbpClaimTypes.SurName = OpenIddictConstants.Claims.FamilyName; - AbpClaimTypes.PhoneNumber = OpenIddictConstants.Claims.PhoneNumber; - AbpClaimTypes.PhoneNumberVerified = OpenIddictConstants.Claims.PhoneNumberVerified; - AbpClaimTypes.Email = OpenIddictConstants.Claims.Email; - AbpClaimTypes.EmailVerified = OpenIddictConstants.Claims.EmailVerified; - } - var openIddictBuilder = services.AddOpenIddict() .AddCore(builder => { @@ -87,76 +68,6 @@ public class AbpOpenIddictDomainModule : AbpModule .AddScopeStore() .AddTokenStore(); - services.ExecutePreConfiguredActions(builder); - }) - .AddServer(builder => - { - builder - .SetAuthorizationEndpointUris("/connect/authorize") - // /.well-known/oauth-authorization-server - // /.well-known/openid-configuration - //.SetConfigurationEndpointUris() - // /.well-known/jwks - //.SetCryptographyEndpointUris() - .SetDeviceEndpointUris("/connect/device") - .SetIntrospectionEndpointUris("/connect/introspect") - .SetLogoutEndpointUris("/connect/logout") - .SetRevocationEndpointUris("/connect/revocat") - .SetTokenEndpointUris("/connect/token") - .SetUserinfoEndpointUris("/connect/userinfo") - .SetVerificationEndpointUris("/connect/verify"); - - builder - .AllowAuthorizationCodeFlow() - .AllowHybridFlow() - .AllowImplicitFlow() - .AllowPasswordFlow() - .AllowClientCredentialsFlow() - .AllowRefreshTokenFlow() - .AllowDeviceCodeFlow() - .AllowNoneFlow(); - - builder.RegisterScopes(new[] - { - OpenIddictConstants.Scopes.OpenId, - OpenIddictConstants.Scopes.Email, - OpenIddictConstants.Scopes.Profile, - OpenIddictConstants.Scopes.Phone, - OpenIddictConstants.Scopes.Roles, - OpenIddictConstants.Scopes.Address, - OpenIddictConstants.Scopes.OfflineAccess - }); - - if (builderOptions.AddDevelopmentEncryptionAndSigningCertificate) - { - builder - .AddDevelopmentEncryptionCertificate() - .AddDevelopmentSigningCertificate(); - } - - var wildcardDomainsOptions = services.ExecutePreConfiguredActions(); - if (wildcardDomainsOptions.EnableWildcardDomainSupport) - { - var preActions = services.GetPreConfigureActions(); - - Configure(options => - { - preActions.Configure(options); - }); - - builder.RemoveEventHandler(OpenIddictServerHandlers.Authentication.ValidateClientRedirectUri.Descriptor); - builder.AddEventHandler(AbpValidateClientRedirectUri.Descriptor); - - builder.RemoveEventHandler(OpenIddictServerHandlers.Authentication.ValidateRedirectUriParameter.Descriptor); - builder.AddEventHandler(AbpValidateRedirectUriParameter.Descriptor); - - builder.RemoveEventHandler(OpenIddictServerHandlers.Session.ValidateClientPostLogoutRedirectUri.Descriptor); - builder.AddEventHandler(AbpValidateClientPostLogoutRedirectUri.Descriptor); - - builder.RemoveEventHandler(OpenIddictServerHandlers.Session.ValidatePostLogoutRedirectUriParameter.Descriptor); - builder.AddEventHandler(AbpValidatePostLogoutRedirectUriParameter.Descriptor); - } - services.ExecutePreConfiguredActions(builder); }); diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/TokenCleanupBackgroundWorker.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/TokenCleanupBackgroundWorker.cs index c89ac256d0..d34b2c5ae2 100644 --- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/TokenCleanupBackgroundWorker.cs +++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain/Volo/Abp/OpenIddict/Tokens/TokenCleanupBackgroundWorker.cs @@ -1,27 +1,46 @@ using System.Threading.Tasks; using Microsoft.Extensions.DependencyInjection; +using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using Volo.Abp.BackgroundWorkers; +using Volo.Abp.DistributedLocking; using Volo.Abp.Threading; namespace Volo.Abp.OpenIddict.Tokens; public class TokenCleanupBackgroundWorker : AsyncPeriodicBackgroundWorkerBase { + protected IAbpDistributedLock DistributedLock { get; } + public TokenCleanupBackgroundWorker( AbpAsyncTimer timer, IServiceScopeFactory serviceScopeFactory, - IOptionsMonitor cleanupOptions) + IOptionsMonitor cleanupOptions, + IAbpDistributedLock distributedLock) : base(timer, serviceScopeFactory) { + DistributedLock = distributedLock; timer.Period = cleanupOptions.CurrentValue.CleanupPeriod; } protected async override Task DoWorkAsync(PeriodicBackgroundWorkerContext workerContext) { - await workerContext - .ServiceProvider - .GetRequiredService() - .CleanAsync(); + await using (var handle = await DistributedLock.TryAcquireAsync(nameof(TokenCleanupBackgroundWorker))) + { + Logger.LogInformation($"Lock is acquired for {nameof(TokenCleanupBackgroundWorker)}"); + + if (handle != null) + { + await workerContext + .ServiceProvider + .GetRequiredService() + .CleanAsync(); + + Logger.LogInformation($"Lock is released for {nameof(TokenCleanupBackgroundWorker)}"); + return; + } + + Logger.LogInformation($"Handle is null because of the locking for : {nameof(TokenCleanupBackgroundWorker)}"); + } } }