bairubing/VistarStarDataIntegration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
VistarStarDataIntegration/admin.net.pro/Admin.NET/Admin.NET.Core/Service/OAuth/SysOAuthService.cs
bairubing f99f612b3c 基础框架
2024-09-09 09:23:58 +08:00

117 lines
5.3 KiB
C#
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

// Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
//
// 本项目主要遵循 MIT 许可证和 Apache 许可证(版本 2.0)进行分发和使用。许可证位于源代码树根目录中的 LICENSE-MIT 和 LICENSE-APACHE 文件。
//
// 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动!任何基于本项目二次开发而产生的一切法律纠纷和责任,我们不承担任何责任!
using Microsoft.AspNetCore.Authentication;
using System.Security.Claims;
namespace Admin.NET.Core.Service;
/// <summary>
/// 系统OAuth授权服务 🧩
/// </summary>
[AllowAnonymous]
[ApiDescriptionSettings(Order = 498, Description = "OAuth授权")]
public class SysOAuthService : IDynamicApiController, ITransient
{
private readonly IHttpContextAccessor _httpContextAccessor;
private readonly SqlSugarRepository<SysOAuthUser> _sysOAuthUserRep;
public SysOAuthService(IHttpContextAccessor httpContextAccessor,
SqlSugarRepository<SysOAuthUser> sysOAuthUserRep)
{
_httpContextAccessor = httpContextAccessor;
_sysOAuthUserRep = sysOAuthUserRep;
}
/// <summary>
/// 第三方登录 🔖
/// </summary>
/// <param name="provider"></param>
/// <param name="redirectUrl"></param>
/// <returns></returns>
[ApiDescriptionSettings(Name = "SignIn"), HttpGet]
[DisplayName("第三方登录")]
public virtual async Task<IActionResult> SignIn([FromQuery] string provider, [FromQuery] string redirectUrl)
{
if (string.IsNullOrWhiteSpace(provider) || !await _httpContextAccessor.HttpContext.IsProviderSupportedAsync(provider))
throw Oops.Oh("不支持的OAuth类型");
var request = _httpContextAccessor.HttpContext.Request;
var url = $"{request.Scheme}://{request.Host}{request.PathBase}{request.Path}Callback?provider={provider}&redirectUrl={redirectUrl}";
var properties = new AuthenticationProperties { RedirectUri = url };
properties.Items["LoginProvider"] = provider;
return await Task.FromResult(new ChallengeResult(provider, properties));
}
/// <summary>
/// 授权回调 🔖
/// </summary>
/// <param name="provider"></param>
/// <param name="redirectUrl"></param>
/// <returns></returns>
[ApiDescriptionSettings(Name = "SignInCallback"), HttpGet]
[DisplayName("授权回调")]
public virtual async Task<IActionResult> SignInCallback([FromQuery] string provider = null, [FromQuery] string redirectUrl = "")
{
if (string.IsNullOrWhiteSpace(provider) || !await _httpContextAccessor.HttpContext.IsProviderSupportedAsync(provider))
throw Oops.Oh("不支持的OAuth类型");
var authenticateResult = await _httpContextAccessor.HttpContext.AuthenticateAsync(provider);
if (!authenticateResult.Succeeded)
throw Oops.Oh("授权失败");
var openIdClaim = authenticateResult.Principal.FindFirst(ClaimTypes.NameIdentifier);
if (openIdClaim == null || string.IsNullOrWhiteSpace(openIdClaim.Value))
throw Oops.Oh("授权失败");
var name = authenticateResult.Principal.FindFirst(ClaimTypes.Name)?.Value;
var email = authenticateResult.Principal.FindFirst(ClaimTypes.Email)?.Value;
var mobilePhone = authenticateResult.Principal.FindFirst(ClaimTypes.MobilePhone)?.Value;
var dateOfBirth = authenticateResult.Principal.FindFirst(ClaimTypes.DateOfBirth)?.Value;
var gender = authenticateResult.Principal.FindFirst(ClaimTypes.Gender)?.Value;
var avatarUrl = "";
var platformType = PlatformTypeEnum.;
if (provider == "Gitee")
{
platformType = PlatformTypeEnum.Gitee;
avatarUrl = authenticateResult.Principal.FindFirst(OAuthClaim.GiteeAvatarUrl)?.Value;
}
// 若账号不存在则新建
var wechatUser = await _sysOAuthUserRep.AsQueryable().Includes(u => u.SysUser).ClearFilter().FirstAsync(u => u.OpenId == openIdClaim.Value);
if (wechatUser == null)
{
var userId = await App.GetRequiredService<SysUserService>().AddUser(new AddUserInput()
{
Account = name,
RealName = name,
NickName = name,
Email = email,
Avatar = avatarUrl,
Phone = mobilePhone,
OrgId = 1300000000101, // 根组织架构
RoleIdList = new List<long> { 1300000000104 } // 仅本人数据角色
});
await _sysOAuthUserRep.InsertAsync(new SysOAuthUser()
{
UserId = userId,
OpenId = openIdClaim.Value,
Avatar = avatarUrl,
NickName = name,
PlatformType = platformType
});
wechatUser = await _sysOAuthUserRep.AsQueryable().Includes(u => u.SysUser).ClearFilter().FirstAsync(u => u.OpenId == openIdClaim.Value);
}
// 构建Token令牌默认回调登录为PC模式
var token = await App.GetRequiredService<SysAuthService>().CreateToken(wechatUser.SysUser, LoginModeEnum.PC);
return new RedirectResult($"{redirectUrl}/#/login?token={token.AccessToken}");
}
}
Reference in New Issue View Git Blame Copy Permalink