From b8b8431124bcbf55d0ddafab66eaf9c2b91cbdb6 Mon Sep 17 00:00:00 2001
From: maliming <malimings@gmail.com>
Date: Thu, 19 May 2022 17:52:19 +0800
Subject: [PATCH] Resolve `Conflicting method/path` problem.

---
 .../AbpFormValueRequiredAttribute.cs          | 39 -------------------
 .../AbpOpenIddictAspNetCoreModule.cs          |  4 +-
 .../AbpOpenIdDictControllerBase.cs            | 14 +++++++
 .../Controllers/AuthorizeController.cs        | 23 ++++++-----
 .../Controllers/LogoutController.cs           | 28 +++++--------
 .../OpenIddict/Controllers/TokenController.cs |  1 +
 .../Controllers/UserInfoController.cs         |  1 +
 .../Views/Authorize/Authorize.cshtml          |  6 +--
 .../Abp/OpenIddict/Views/Logout/Logout.cshtml |  4 +-
 .../Localization/OpenIddict/en.json           |  2 +
 .../Localization/OpenIddict/tr.json           |  2 +
 .../Localization/OpenIddict/zh-Hans.json      |  2 +
 .../Localization/OpenIddict/zh-Hant.json      |  2 +
 .../MyProjectNameHttpApiHostModule.cs         |  1 -
 14 files changed, 51 insertions(+), 78 deletions(-)
 delete mode 100644 modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpFormValueRequiredAttribute.cs

diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpFormValueRequiredAttribute.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpFormValueRequiredAttribute.cs
deleted file mode 100644
index 1000f6f25c..0000000000
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpFormValueRequiredAttribute.cs
+++ /dev/null
@@ -1,39 +0,0 @@
-using System;
-using Microsoft.AspNetCore.Mvc.Abstractions;
-using Microsoft.AspNetCore.Mvc.ActionConstraints;
-using Microsoft.AspNetCore.Routing;
-
-namespace Volo.Abp.OpenIddict;
-
-public class AbpFormValueRequiredAttribute : ActionMethodSelectorAttribute
-{
-    private readonly string _name;
-
-    public AbpFormValueRequiredAttribute(string name)
-    {
-        _name = name;
-    }
-
-    public override bool IsValidForRequest(RouteContext routeContext, ActionDescriptor action)
-    {
-        if (string.Equals(routeContext.HttpContext.Request.Method, "GET", StringComparison.OrdinalIgnoreCase) ||
-            string.Equals(routeContext.HttpContext.Request.Method, "HEAD", StringComparison.OrdinalIgnoreCase) ||
-            string.Equals(routeContext.HttpContext.Request.Method, "DELETE", StringComparison.OrdinalIgnoreCase) ||
-            string.Equals(routeContext.HttpContext.Request.Method, "TRACE", StringComparison.OrdinalIgnoreCase))
-        {
-            return false;
-        }
-
-        if (string.IsNullOrEmpty(routeContext.HttpContext.Request.ContentType))
-        {
-            return false;
-        }
-
-        if (!routeContext.HttpContext.Request.ContentType.StartsWith("application/x-www-form-urlencoded", StringComparison.OrdinalIgnoreCase))
-        {
-            return false;
-        }
-
-        return !string.IsNullOrEmpty(routeContext.HttpContext.Request.Form[_name]);
-    }
-}
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs
index 77971ff5f6..f3b0495c2e 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/AbpOpenIddictAspNetCoreModule.cs
@@ -53,13 +53,13 @@ public class AbpOpenIddictAspNetCoreModule : AbpModule
             .AddServer(builder =>
             {
                 builder
-                    .SetAuthorizationEndpointUris("/connect/authorize")
+                    .SetAuthorizationEndpointUris("/connect/authorize", "/connect/authorize/callback")
                     // /.well-known/oauth-authorization-server
                     // /.well-known/openid-configuration
                     //.SetConfigurationEndpointUris()
                     // /.well-known/jwks
                     //.SetCryptographyEndpointUris()
-                    .SetDeviceEndpointUris("/connect/device")
+                    .SetDeviceEndpointUris("/device")
                     .SetIntrospectionEndpointUris("/connect/introspect")
                     .SetLogoutEndpointUris("/connect/logout")
                     .SetRevocationEndpointUris("/connect/revocat")
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AbpOpenIdDictControllerBase.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AbpOpenIdDictControllerBase.cs
index 68e0418ec1..ff7edb3e52 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AbpOpenIdDictControllerBase.cs
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AbpOpenIdDictControllerBase.cs
@@ -59,4 +59,18 @@ public abstract class AbpOpenIdDictControllerBase : AbpController
     {
         await OpenIddictClaimDestinationsManager.SetAsync(principal);
     }
+
+    protected virtual async Task<bool> HasFormValueAsync(string name)
+    {
+        if (Request.HasFormContentType)
+        {
+            var form = await Request.ReadFormAsync();
+            if (!string.IsNullOrEmpty(form[name]))
+            {
+                return true;
+            }
+        }
+
+        return false;
+    }
 }
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs
index cf06c05933..ec764ab242 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/AuthorizeController.cs
@@ -7,7 +7,6 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
-using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Primitives;
 using OpenIddict.Abstractions;
 using OpenIddict.Server.AspNetCore;
@@ -16,6 +15,7 @@ using Volo.Abp.OpenIddict.ViewModels.Authorization;
 namespace Volo.Abp.OpenIddict.Controllers;
 
 [Route("connect/authorize")]
+[ApiExplorerSettings(IgnoreApi = true)]
 public class AuthorizeController : AbpOpenIdDictControllerBase
 {
     [HttpGet, HttpPost]
@@ -159,9 +159,17 @@ public class AuthorizeController : AbpOpenIdDictControllerBase
     }
 
     [HttpPost]
-    [Authorize, AbpFormValueRequired("submit.Accept")]
-    public virtual async Task<IActionResult> HandleAcceptConsentAsync()
+    [Authorize]
+    [Route("callback")]
+    public virtual async Task<IActionResult> HandleCallbackAsync()
     {
+        if (await HasFormValueAsync("deny"))
+        {
+            // Notify OpenIddict that the authorization grant has been denied by the resource owner
+            // to redirect the user agent to the client application using the appropriate response_mode.
+            return Forbid(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme);
+        }
+
         var request = await GetOpenIddictServerRequestAsync(HttpContext);
 
         // Retrieve the profile of the logged in user.
@@ -224,13 +232,4 @@ public class AuthorizeController : AbpOpenIdDictControllerBase
         // Returning a SignInResult will ask OpenIddict to issue the appropriate access/identity tokens.
         return SignIn(principal, OpenIddictServerAspNetCoreDefaults.AuthenticationScheme);
     }
-
-    [Authorize, AbpFormValueRequired("submit.Deny")]
-    [HttpPost]
-    public virtual Task<IActionResult> HandleDenyConsentAsync()
-    {
-        // Notify OpenIddict that the authorization grant has been denied by the resource owner
-        // to redirect the user agent to the client application using the appropriate response_mode.
-        return Task.FromResult<IActionResult>(Forbid(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme));
-    }
 }
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/LogoutController.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/LogoutController.cs
index 158fe9896d..404fd0da14 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/LogoutController.cs
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/LogoutController.cs
@@ -1,12 +1,12 @@
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using OpenIddict.Server.AspNetCore;
 
 namespace Volo.Abp.OpenIddict.Controllers;
 
 [Route("connect/logout")]
+[ApiExplorerSettings(IgnoreApi = true)]
 public class LogoutController : AbpOpenIdDictControllerBase
 {
     [HttpGet]
@@ -16,13 +16,15 @@ public class LogoutController : AbpOpenIdDictControllerBase
     }
 
     [HttpPost]
-    [AbpFormValueRequired("submit.Accept")]
-    public virtual async Task<IActionResult> HandleAcceptAsync()
+    public virtual async Task<IActionResult> PostAsync()
     {
-        // Ask ASP.NET Core Identity to delete the local and external cookies created
-        // when the user agent is redirected from the external identity provider
-        // after a successful authentication flow (e.g Google or Facebook).
-        await SignInManager.SignOutAsync();
+        if (await HasFormValueAsync("accept"))
+        {
+            // Ask ASP.NET Core Identity to delete the local and external cookies created
+            // when the user agent is redirected from the external identity provider
+            // after a successful authentication flow (e.g Google or Facebook).
+            await SignInManager.SignOutAsync();
+        }
 
         // Returning a SignOutResult will ask OpenIddict to redirect the user agent
         // to the post_logout_redirect_uri specified by the client application or to
@@ -31,16 +33,4 @@ public class LogoutController : AbpOpenIdDictControllerBase
             authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
             properties: new AuthenticationProperties {RedirectUri = "/"});
     }
-
-    [HttpPost]
-    [AbpFormValueRequired("submit.Deny")]
-    public virtual Task<IActionResult> HandleDenyConsentAsync()
-    {
-        // Returning a SignOutResult will ask OpenIddict to redirect the user agent
-        // to the post_logout_redirect_uri specified by the client application or to
-        // the RedirectUri specified in the authentication properties if none was set.
-        return Task.FromResult<IActionResult>(SignOut(
-            authenticationSchemes: OpenIddictServerAspNetCoreDefaults.AuthenticationScheme,
-            properties: new AuthenticationProperties {RedirectUri = "/"}));
-    }
 }
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.cs
index 4ed6927fd4..8c5ab98872 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.cs
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.cs
@@ -9,6 +9,7 @@ using Volo.Abp.OpenIddict.ExtensionGrantTypes;
 namespace Volo.Abp.OpenIddict.Controllers;
 
 [Route("connect/token")]
+[ApiExplorerSettings(IgnoreApi = true)]
 public partial class TokenController : AbpOpenIdDictControllerBase
 {
     [HttpGet, HttpPost, Produces("application/json")]
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/UserInfoController.cs b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/UserInfoController.cs
index 8d1c48760b..62103c1b2b 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/UserInfoController.cs
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/UserInfoController.cs
@@ -12,6 +12,7 @@ namespace Volo.Abp.OpenIddict.Controllers;
 
 [Route("connect/userinfo")]
 [Authorize(AuthenticationSchemes = OpenIddictServerAspNetCoreDefaults.AuthenticationScheme)]
+[ApiExplorerSettings(IgnoreApi = true)]
 public class UserInfoController : AbpOpenIdDictControllerBase
 {
     [HttpGet]
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Views/Authorize/Authorize.cshtml b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Views/Authorize/Authorize.cshtml
index 91aecd60a2..421f92858b 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Views/Authorize/Authorize.cshtml
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Views/Authorize/Authorize.cshtml
@@ -9,7 +9,7 @@
     <p class="lead text-left"><strong>@string.Format(L["DoYouWantToGrantAccessToYourData"].Value, Model.ApplicationName)</strong></p>
     <p class="fw-light">@L["ScopesRequested"]: @Model.Scope</p>
 
-    <form method="post" action="~/connect/authorize" >
+    <form method="post" action="~/connect/authorize/callback" >
         @Html.AntiForgeryToken()
         @* Flow the request parameters so they can be received by the Accept/Reject actions: *@
         @foreach (var parameter in Context.Request.HasFormContentType ? (IEnumerable<KeyValuePair<string, StringValues>>) Context.Request.Form : Context.Request.Query)
@@ -17,7 +17,7 @@
             <input type="hidden" name="@parameter.Key" value="@parameter.Value"/>
         }
 
-        <input class="btn btn-primary" name="submit.Accept" type="submit" value="@L["Yes"]"/>
-        <input class="btn btn-danger ms-1" name="submit.Deny" type="submit" value="@L["No"]"/>
+        <input class="btn btn-primary" name="accept" type="submit" value="@L["Accept"]"/>
+        <input class="btn btn-danger ms-1" name="deny" type="submit" value="@L["Deny"]"/>
     </form>
 </div>
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Views/Logout/Logout.cshtml b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Views/Logout/Logout.cshtml
index 8ab7af1a57..6838e92ad5 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Views/Logout/Logout.cshtml
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Views/Logout/Logout.cshtml
@@ -16,7 +16,7 @@
             <input type="hidden" name="@parameter.Key" value="@parameter.Value"/>
         }
 
-        <input class="btn btn-primary" name="submit.Accept" type="submit" value="@L["Yes"]"/>
-        <input class="btn btn-danger ms-1" name="submit.Deny" type="submit" value="@L["No"]"/>
+        <input class="btn btn-primary" name="accept" type="submit" value="@L["Accept"]"/>
+        <input class="btn btn-danger ms-1" name="deny" type="submit" value="@L["Deny"]"/>
     </form>
 </div>
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/en.json b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/en.json
index 69dfa3ed71..8bd3a92007 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/en.json
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/en.json
@@ -9,6 +9,8 @@
     "Authorization": "Authorization",
     "DoYouWantToGrantAccessToYourData": "Do you want to grant {0} access to your data?",
     "ScopesRequested": "Scopes requested",
+    "Accept": "Accept",
+    "Deny": "Deny",
     "LogOut": "Log out",
     "AreYouSureYouWantToSignOut": "Are you sure you want to sign out?"
   }
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/tr.json b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/tr.json
index d327c04cd1..39e525e27e 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/tr.json
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/tr.json
@@ -9,6 +9,8 @@
     "Authorization": "Yetki",
     "DoYouWantToGrantAccessToYourData": "Do you want to grant {0} access to your data?",
     "ScopesRequested": "İstenen kapsamlar",
+    "Accept": "Kabul etmek",
+    "Deny": "Reddetmek",
     "LogOut": "Çıkış Yap",
     "AreYouSureYouWantToSignOut": "Çıkış yapmak istediğinden emin misin?"
   }
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/zh-Hans.json b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/zh-Hans.json
index 662702c68d..3c6fd502b3 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/zh-Hans.json
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/zh-Hans.json
@@ -9,6 +9,8 @@
     "Authorization": "授权",
     "DoYouWantToGrantAccessToYourData": "是否要授予 {0} 访问你的数据的权限?",
     "ScopesRequested": "要求的Scope",
+    "Accept": "同意",
+    "Deny": "拒绝",
     "LogOut": "注销",
     "AreYouSureYouWantToSignOut": "你确定要退出吗?"
   }
diff --git a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/zh-Hant.json b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/zh-Hant.json
index e907355048..5d22654a76 100644
--- a/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/zh-Hant.json
+++ b/modules/openiddict/src/Volo.Abp.OpenIddict.Domain.Shared/Volo/Abp/OpenIddict/Localization/OpenIddict/zh-Hant.json
@@ -10,6 +10,8 @@
     "Authorization": "授權",
     "DoYouWantToGrantAccessToYourData": "是否要授予 {0} 訪問你的數據的權限?",
     "ScopesRequested": "要求的Scope",
+    "Accept": "接受",
+    "Deny": "拒絕",
     "LogOut": "註銷",
     "AreYouSureYouWantToSignOut": "你確定要退出嗎?"
   }
diff --git a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.HttpApi.HostWithIds/MyProjectNameHttpApiHostModule.cs b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.HttpApi.HostWithIds/MyProjectNameHttpApiHostModule.cs
index e994c60a67..fc8211ee43 100644
--- a/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.HttpApi.HostWithIds/MyProjectNameHttpApiHostModule.cs
+++ b/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.HttpApi.HostWithIds/MyProjectNameHttpApiHostModule.cs
@@ -168,7 +168,6 @@ public class MyProjectNameHttpApiHostModule : AbpModule
                 options.SwaggerDoc("v1", new OpenApiInfo { Title = "MyProjectName API", Version = "v1" });
                 options.DocInclusionPredicate((docName, description) => true);
                 options.CustomSchemaIds(type => type.FullName);
-                options.ResolveConflictingActions(x => x.First());
             });
     }