Inicio Explorar Axuda
Iniciar sesión
ZZYDOP
/
AiDOPWarehouse
5
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: a0f8d374fd
Ramas Etiquetas
AiDOPWarehouse
/
Admin.NET
/
Admin.NET.Core
/
Service
/
OAuth
/
SysOAuthService.cs

SysOAuthService.cs 5.3 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117 
  1. // Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
    2. 

  2. //
    3. 

  3. // 本项目主要遵循 MIT 许可证和 Apache 许可证(版本 2.0)进行分发和使用。许可证位于源代码树根目录中的 LICENSE-MIT 和 LICENSE-APACHE 文件。
    4. 

  4. //
    5. 

  5. // 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动!任何基于本项目二次开发而产生的一切法律纠纷和责任,我们不承担任何责任!
    6. 

  6. 

  7. using Microsoft.AspNetCore.Authentication;
    8. 

  8. using System.Security.Claims;
    9. 

  9. 

  10. namespace Admin.NET.Core.Service;
    11. 

  11. 

  12. /// <summary>
    13. 

  13. /// 系统OAuth服务 🧩
    14. 

  14. /// </summary>
    15. 

  15. [AllowAnonymous]
    16. 

  16. [ApiDescriptionSettings(Order = 498)]
    17. 

  17. public class SysOAuthService : IDynamicApiController, ITransient
    18. 

  18. {
    19. 

  19.     private readonly IHttpContextAccessor _httpContextAccessor;
    20. 

  20.     private readonly SqlSugarRepository<SysWechatUser> _sysWechatUserRep;
    21. 

  21. 

  22.     public SysOAuthService(IHttpContextAccessor httpContextAccessor,
    23. 

  23.         SqlSugarRepository<SysWechatUser> sysWechatUserRep)
    24. 

  24.     {
    25. 

  25.         _httpContextAccessor = httpContextAccessor;
    26. 

  26.         _sysWechatUserRep = sysWechatUserRep;
    27. 

  27.     }
    28. 

  28. 

  29.     /// <summary>
    30. 

  30.     /// 第三方登录 🔖
    31. 

  31.     /// </summary>
    32. 

  32.     /// <param name="provider"></param>
    33. 

  33.     /// <param name="redirectUrl"></param>
    34. 

  34.     /// <returns></returns>
    35. 

  35.     [ApiDescriptionSettings(Name = "SignIn"), HttpGet]
    36. 

  36.     [DisplayName("第三方登录")]
    37. 

  37.     public virtual async Task<IActionResult> SignIn([FromQuery] string provider, [FromQuery] string redirectUrl)
    38. 

  38.     {
    39. 

  39.         if (string.IsNullOrWhiteSpace(provider) || !await _httpContextAccessor.HttpContext.IsProviderSupportedAsync(provider))
    40. 

  40.             throw Oops.Oh("不支持的OAuth类型");
    41. 

  41. 

  42.         var request = _httpContextAccessor.HttpContext.Request;
    43. 

  43.         var url = $"{request.Scheme}://{request.Host}{request.PathBase}{request.Path}Callback?provider={provider}&redirectUrl={redirectUrl}";
    44. 

  44.         var properties = new AuthenticationProperties { RedirectUri = url };
    45. 

  45.         properties.Items["LoginProvider"] = provider;
    46. 

  46.         return await Task.FromResult(new ChallengeResult(provider, properties));
    47. 

  47.     }
    48. 

  48. 

  49.     /// <summary>
    50. 

  50.     /// 授权回调 🔖
    51. 

  51.     /// </summary>
    52. 

  52.     /// <param name="provider"></param>
    53. 

  53.     /// <param name="redirectUrl"></param>
    54. 

  54.     /// <returns></returns>
    55. 

  55.     [ApiDescriptionSettings(Name = "SignInCallback"), HttpGet]
    56. 

  56.     [DisplayName("授权回调")]
    57. 

  57.     public virtual async Task<IActionResult> SignInCallback([FromQuery] string provider = null, [FromQuery] string redirectUrl = "")
    58. 

  58.     {
    59. 

  59.         if (string.IsNullOrWhiteSpace(provider) || !await _httpContextAccessor.HttpContext.IsProviderSupportedAsync(provider))
    60. 

  60.             throw Oops.Oh("不支持的OAuth类型");
    61. 

  61. 

  62.         var authenticateResult = await _httpContextAccessor.HttpContext.AuthenticateAsync(provider);
    63. 

  63.         if (!authenticateResult.Succeeded)
    64. 

  64.             throw Oops.Oh("授权失败");
    65. 

  65. 

  66.         var openIdClaim = authenticateResult.Principal.FindFirst(ClaimTypes.NameIdentifier);
    67. 

  67.         if (openIdClaim == null || string.IsNullOrWhiteSpace(openIdClaim.Value))
    68. 

  68.             throw Oops.Oh("授权失败");
    69. 

  69. 

  70.         var name = authenticateResult.Principal.FindFirst(ClaimTypes.Name)?.Value;
    71. 

  71.         var email = authenticateResult.Principal.FindFirst(ClaimTypes.Email)?.Value;
    72. 

  72.         var mobilePhone = authenticateResult.Principal.FindFirst(ClaimTypes.MobilePhone)?.Value;
    73. 

  73.         var dateOfBirth = authenticateResult.Principal.FindFirst(ClaimTypes.DateOfBirth)?.Value;
    74. 

  74.         var gender = authenticateResult.Principal.FindFirst(ClaimTypes.Gender)?.Value;
    75. 

  75.         var avatarUrl = "";
    76. 

  76. 

  77.         var platformType = PlatformTypeEnum.微信公众号;
    78. 

  78.         if (provider == "Gitee")
    79. 

  79.         {
    80. 

  80.             platformType = PlatformTypeEnum.Gitee;
    81. 

  81.             avatarUrl = authenticateResult.Principal.FindFirst(OAuthClaim.GiteeAvatarUrl)?.Value;
    82. 

  82.         }
    83. 

  83. 

  84.         // 若账号不存在则新建
    85. 

  85.         var wechatUser = await _sysWechatUserRep.AsQueryable().Includes(u => u.SysUser).ClearFilter().FirstAsync(u => u.OpenId == openIdClaim.Value);
    86. 

  86.         if (wechatUser == null)
    87. 

  87.         {
    88. 

  88.             var userId = await App.GetRequiredService<SysUserService>().AddUser(new AddUserInput()
    89. 

  89.             {
    90. 

  90.                 Account = name,
    91. 

  91.                 RealName = name,
    92. 

  92.                 NickName = name,
    93. 

  93.                 Email = email,
    94. 

  94.                 Avatar = avatarUrl,
    95. 

  95.                 Phone = mobilePhone,
    96. 

  96.                 OrgId = 1300000000101, // 根组织架构
    97. 

  97.                 RoleIdList = new List<long> { 1300000000104 } // 仅本人数据角色
    98. 

  98.             });
    99. 

  99. 

  100.             await _sysWechatUserRep.InsertAsync(new SysWechatUser()
    101. 

  101.             {
    102. 

  102.                 UserId = userId,
    103. 

  103.                 OpenId = openIdClaim.Value,
    104. 

  104.                 Avatar = avatarUrl,
    105. 

  105.                 NickName = name,
    106. 

  106.                 PlatformType = platformType
    107. 

  107.             });
    108. 

  108. 

  109.             wechatUser = await _sysWechatUserRep.AsQueryable().Includes(u => u.SysUser).ClearFilter().FirstAsync(u => u.OpenId == openIdClaim.Value);
    110. 

  110.         }
    111. 

  111. 

  112.         // 构建Token令牌
    113. 

  113.         var token = await App.GetRequiredService<SysAuthService>().CreateToken(wechatUser.SysUser);
    114. 

  114. 

  115.         return new RedirectResult($"{redirectUrl}/#/login?token={token.AccessToken}");
    116. 

  116.     }
    117. 

  117. }
    118.