using Microsoft.VisualBasic;
using System.Security.Claims;
namespace Admin.NET.Core.Service;
///
/// 开放接口身份服务
///
[ApiDescriptionSettings(Order = 244)]
public class SysOpenAccessService : IDynamicApiController, ITransient
{
private readonly SqlSugarRepository _sysOpenAccessRep;
private readonly SqlSugarRepository _sysUserRep;
private readonly SysCacheService _sysCacheService;
///
/// 开放接口身份服务构造函数
///
public SysOpenAccessService(SqlSugarRepository sysOpenAccessRep,
SqlSugarRepository sysUserRep,
SysCacheService sysCacheService)
{
_sysOpenAccessRep = sysOpenAccessRep;
_sysUserRep = sysUserRep;
_sysCacheService = sysCacheService;
}
///
/// 获取开放接口身份分页列表
///
///
///
[DisplayName("获取开放接口身份分页列表")]
public async Task> Page(OpenAccessInput input)
{
return await _sysOpenAccessRep.AsQueryable()
.LeftJoin((o, u) => o.BindUserId == u.Id)
.LeftJoin((o, u, t) => o.BindTenantId == t.Id)
.LeftJoin((o, u, t, oo) => t.OrgId == oo.Id)
.WhereIF(!string.IsNullOrWhiteSpace(input.AccessKey?.Trim()), (o, u, t, oo) => o.AccessKey.Contains(input.AccessKey))
.Select((o, u, t, oo) =>
new OpenAccessOutput
{
BindUserAccount = u.Account,
BindTenantName = oo.Name,
}, true)
.ToPagedListAsync(input.Page, input.PageSize);
}
///
/// 增加开放接口身份
///
///
///
[ApiDescriptionSettings(Name = "Add"), HttpPost]
[DisplayName("增加开放接口身份")]
public async Task AddOpenAccess(AddOpenAccessInput input)
{
if (await _sysOpenAccessRep.AsQueryable().AnyAsync(u => u.AccessKey == input.AccessKey && u.Id != input.Id))
throw Oops.Oh(ErrorCodeEnum.O1000);
var openAccess = input.Adapt();
await _sysOpenAccessRep.InsertAsync(openAccess);
}
///
/// 更新开放接口身份
///
///
///
[ApiDescriptionSettings(Name = "Update"), HttpPost]
[DisplayName("更新开放接口身份")]
public async Task UpdateOpenAccess(UpdateOpenAccessInput input)
{
if (await _sysOpenAccessRep.AsQueryable().AnyAsync(u => u.AccessKey == input.AccessKey && u.Id != input.Id))
throw Oops.Oh(ErrorCodeEnum.O1000);
var openAccess = input.Adapt();
_sysCacheService.Remove(CacheConst.KeyOpenAccess + openAccess.AccessKey);
await _sysOpenAccessRep.UpdateAsync(openAccess);
}
///
/// 删除开放接口身份
///
///
///
[ApiDescriptionSettings(Name = "Delete"), HttpPost]
[DisplayName("删除开放接口身份")]
public async Task DeleteOpenAccess(DeleteOpenAccessInput input)
{
var openAccess = await _sysOpenAccessRep.GetFirstAsync(u => u.Id == input.Id);
if (openAccess != null)
_sysCacheService.Remove(CacheConst.KeyOpenAccess + openAccess.AccessKey);
await _sysOpenAccessRep.DeleteAsync(u => u.Id == input.Id);
}
///
/// 创建密钥
///
///
[DisplayName("创建密钥")]
public Task CreateSecret()
{
return Task.FromResult(Convert.ToBase64String(Guid.NewGuid().ToByteArray())[..^2]);
}
///
/// 根据 Key 获取对象
///
///
///
[NonAction]
public Task GetByKey([FromQuery] string accessKey)
{
return Task.FromResult(
_sysCacheService.GetOrAdd(CacheConst.KeyOpenAccess + accessKey, _ =>
{
return _sysOpenAccessRep.AsQueryable()
.Includes(u => u.BindUser)
.Includes(u => u.BindUser, p => p.SysOrg)
.First(u => u.AccessKey == accessKey);
})
);
}
///
/// Signature 身份验证事件默认实现
///
[NonAction]
public static SignatureAuthenticationEvent GetSignatureAuthenticationEventImpl()
{
return new SignatureAuthenticationEvent
{
OnGetAccessSecret = context =>
{
var logger = context.HttpContext.RequestServices.GetService>();
try
{
var openAccessService = context.HttpContext.RequestServices.GetService();
var openAccess = openAccessService.GetByKey(context.AccessKey).GetAwaiter().GetResult();
return Task.FromResult(openAccess == null ? "" : openAccess.AccessSecret);
}
catch (Exception ex)
{
logger.LogError(ex, ex.Message);
return Task.FromResult("");
}
},
OnValidated = context =>
{
var openAccessService = context.HttpContext.RequestServices.GetService();
var openAccess = openAccessService.GetByKey(context.AccessKey).GetAwaiter().GetResult();
var identity = ((ClaimsIdentity)context.Principal!.Identity!);
identity.AddClaims(new[]
{
new Claim(ClaimConst.UserId, openAccess.BindUserId + ""),
new Claim(ClaimConst.TenantId, openAccess.BindTenantId + ""),
new Claim(ClaimConst.Account, openAccess.BindUser.Account + ""),
new Claim(ClaimConst.RealName, openAccess.BindUser.RealName),
new Claim(ClaimConst.AccountType, ((int) openAccess.BindUser.AccountType).ToString()),
new Claim(ClaimConst.OrgId, openAccess.BindUser.OrgId + ""),
new Claim(ClaimConst.OrgName, openAccess.BindUser.SysOrg?.Name + ""),
new Claim(ClaimConst.OrgType, openAccess.BindUser.SysOrg?.Type + ""),
});
return Task.CompletedTask;
}
};
}
}