ShWasher/src_0nline/ShwasherSys/ShwasherSys.WebApi/OpenAuthorizationServerProvider.cs

using Microsoft.Owin.Security.OAuth;
using ShwasherSys.Authorization;
using System;
using System.Collections.Generic;
using System.Globalization;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;
using Abp.Domain.Repositories;
using IwbZero.Authorization;
using IwbZero.Session;
using ShwasherSys.Authorization.Users;
using ShwasherSys.CompanyInfo;

namespace ShwasherSys
{
    public class OpenAuthorizationServerProvider: OAuthAuthorizationServerProvider
    {
        public LogInManager LogInManager { get; set; }

        //public IRepository<WxUser> WxUserRepository { get; set; }

        public OpenAuthorizationServerProvider(LogInManager logInManager)//, IRepository<WxUser> wxUserRepository
        {
            LogInManager = logInManager;
            //WxUserRepository = wxUserRepository;
        }


        /// <summary>
        /// 验证 client 信息
        /// </summary>
        public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        {
            // if (context.ClientId == null)
            // {
            //     context.Validated();
            // }
            context.Validated();
            return Task.CompletedTask;
        }

        /// <summary>
        /// 生成 access_token（resource owner password credentials 授权方式）
        /// </summary>
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });

            // var user = context.OwinContext.Authentication.User;
            // var identity = new ClaimsIdentity(context.Options.AuthenticationType);
            // identity.AddClaim(new Claim(ClaimTypes.Name, user.Identity.Name));
            //获取用户传入的用户名和密码
            string username = context.UserName;
            string password = context.Password;

            var loginResult = await LogInManager.LoginAsync(username, password);
            if (loginResult.Result != AbpLoginResultType.Success)
            {
                context.SetError("invalid_grant", "用户名或密码不正确");
                return;
            }

            var identity = loginResult.Identity;
            identity.AddClaim(new Claim(IwbClaimTypes.RememberMe, "true"));
            identity.AddClaim(new Claim(ShwasherConsts.UserDepartmentIdClaimType, loginResult.User.DepartmentID ?? ""));

            var expiresUtc = DateTimeOffset.UtcNow.AddMinutes(int.Parse(
                System.Configuration.ConfigurationManager.AppSettings[
                    "AuthSession.ExpireTimeInMinutes"] ?? "90"));
            identity.AddClaim(new Claim(IwbClaimTypes.ExpireTime, expiresUtc.ToString(CultureInfo.InvariantCulture)));
            // var wxUser = await WxUserRepository.FirstOrDefaultAsync(i=>i.UserName==loginResult.User.UserName);
            // if (wxUser != null)
            // {
            //     //identity.AddClaim(new Claim(IwbClaimTypes.WxOpenId, wxUser.OpenId));
            // }
            context.Validated(loginResult.Identity);
        }
    }
}