WEP
/
WEP_V2.1.3


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154
							using System;
using System.Security.Claims;
using System.Threading.Tasks;
using Abp.Dependency;
using Abp.Localization;
using Abp.Localization.Sources;
using IwbZero;
using IwbZero.Authorization.Base;
using IwbZero.ToolCommon.StringModel;
using Microsoft.Owin.Security;
using Microsoft.Owin.Security.OAuth;

namespace WeEngine.Api.Providers
{
    public class IwbAuthorizationServerProvider : OAuthAuthorizationServerProvider, ITransientDependency
    {
        //private LogInManager LogInManager { get; }
        private ILocalizationManager LocalizationManager { get; }

        public IwbAuthorizationServerProvider()
        {
            //LogInManager = logInManager;
            LocalizationManager = NullLocalizationManager.Instance;
        }

        public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        {
            if (!context.TryGetBasicCredentials(out var clientId, out var clientSecret))
            {
                context.TryGetFormCredentials(out clientId, out clientSecret);
            }
            var isValidClient = string.CompareOrdinal(clientId, "app") == 0 &&
                                string.CompareOrdinal(clientSecret, "app") == 0;
            if (isValidClient)
            {
                context.OwinContext.Set("as:client_id", clientId);
                context.Validated(clientId);
            }
            else
            {
                context.SetError("invalid client");
            }

            return Task.FromResult<object>(null);
        }

        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            //var tenantId = context.Request.Query["tenantId"];
            //var result = await GetLoginResultAsync(context, context.UserName, context.Password, tenantId);
            //if (result.Result == IwbLoginResultType.Success)var result = await GetLoginResultAsync(context, context.UserName, context.Password, tenantId);
            var result = await Login(context.UserName, context.Password);
            if (result)
            {
                var claimsIdentity = new ClaimsIdentity();                
                //var claimsIdentity = new  ClaimsIdentity(result.Identity);
                claimsIdentity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
                var ticket = new AuthenticationTicket(claimsIdentity, new AuthenticationProperties());
                context.Validated(ticket);
            }
        }


        public override Task GrantRefreshToken(OAuthGrantRefreshTokenContext context)
        {
            var originalClient = context.OwinContext.Get<string>("as:client_id");
            var currentClient = context.ClientId;

            // enforce client binding of refresh token
            if (originalClient != currentClient)
            {
                context.Rejected();
                return Task.FromResult<object>(null);
            }

            // chance to change authentication ticket for refresh token requests
            var newId = new ClaimsIdentity(context.Ticket.Identity);
            newId.AddClaim(new Claim("newClaim", "refreshToken"));

            var newTicket = new AuthenticationTicket(newId, context.Ticket.Properties);
            context.Validated(newTicket);

            return Task.FromResult<object>(null);
        }

        public  Task<bool> Login(string userName,string password)
        {
            var flag= false;
            if (userName.IsEmpty())
            {
                return Task.FromResult(false);
            }
            flag = "Y".ValB();

            return  Task.FromResult(flag);
        }

        //private async Task<IwbLoginResult<Tenant, User>> GetLoginResultAsync(OAuthGrantResourceOwnerCredentialsContext context,
        //    string usernameOrEmailAddress, string password, string tenancyName)
        //{
        //    var loginResult = await LogInManager.LoginAsync(usernameOrEmailAddress, password, tenancyName);

        //    switch (loginResult.Result)
        //    {
        //        case IwbLoginResultType.Success:
        //            return loginResult;
        //        default:
        //            CreateExceptionForFailedLoginAttempt(context, loginResult.Result, usernameOrEmailAddress, tenancyName);
        //            //throw CreateExceptionForFailedLoginAttempt(context,loginResult.Result, usernameOrEmailAddress, tenancyName);
        //            return loginResult;
        //    }
        //}

        private void CreateExceptionForFailedLoginAttempt(OAuthGrantResourceOwnerCredentialsContext context,
            IwbLoginResultType result, string usernameOrEmailAddress, string tenancyName)
        {
            switch (result)
            {
                case IwbLoginResultType.Success:
                    throw new ApplicationException("Don't call this method with a success result!");
                case IwbLoginResultType.InvalidUserNameOrEmailAddress:
                case IwbLoginResultType.InvalidPassword:
                    context.SetError(L("LoginFailed"), L("InvalidUserNameOrPassword"));
                    break;
                //    return new UserFriendlyException(("LoginFailed"), ("InvalidUserNameOrPassword"));
                case IwbLoginResultType.InvalidTenancyName:
                    context.SetError(L("LoginFailed"), L("ThereIsNoTenantDefinedWithName", tenancyName));
                    break;
                //    return new UserFriendlyException(("LoginFailed"), string.Format("ThereIsNoTenantDefinedWithName{0}", tenancyName));
                case IwbLoginResultType.TenantIsNotActive:
                    context.SetError(L("LoginFailed"), L("TenantIsNotActive", tenancyName));
                    break;
                //    return new UserFriendlyException(("LoginFailed"), string.Format("TenantIsNotActive {0}", tenancyName));
                case IwbLoginResultType.UserIsNotActive:
                    context.SetError(L("LoginFailed"), L("UserIsNotActiveAndCanNotLogin", usernameOrEmailAddress));
                    break;
                //    return new UserFriendlyException(("LoginFailed"), string.Format("UserIsNotActiveAndCanNotLogin {0}", usernameOrEmailAddress));
                case IwbLoginResultType.UserEmailIsNotConfirmed:
                    context.SetError(L("LoginFailed"), L("UserEmailIsNotConfirmedAndCanNotLogin"));
                    break;
                    //    return new UserFriendlyException(("LoginFailed"), ("UserEmailIsNotConfirmedAndCanNotLogin"));
                    //default: //Can not fall to default actually. But other result types can be added in the future and we may forget to handle it
                    //    //Logger.Warn("Unhandled login fail reason: " + result);
                    //    return new UserFriendlyException(("LoginFailed"));
            }
        }

        private string L(string name, params object[] args)
        {
            //return new LocalizedString(name);
            return LocalizationManager.GetSource(IwbZeroConsts.LocalizationSourceName).GetString(name, args);
        }
    }
}