diff --git a/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IIdentitySessionStore.cs b/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IIdentitySessionStore.cs
index 01c3fdfcd..e49c0fa02 100644
--- a/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IIdentitySessionStore.cs
+++ b/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IIdentitySessionStore.cs
@@ -19,6 +19,8 @@ public interface IIdentitySessionStore
/// 用户id
/// 客户端id
/// ip地址
+ /// 登录时间
+ /// 上次访问时间
/// 租户id
///
/// 创建完成的
@@ -29,6 +31,8 @@ Task CreateAsync(
Guid userId,
string clientId,
string ipAddresses,
+ DateTime signedIn,
+ DateTime? lastAccessed = null,
Guid? tenantId = null,
CancellationToken cancellationToken = default);
///
@@ -124,7 +128,7 @@ Task RevokeAsync(
///
///
Task RevokeAllAsync(
- Guid userId,
+ Guid userId,
Guid? exceptSessionId = null,
CancellationToken cancellationToken = default);
///
@@ -136,7 +140,7 @@ Task RevokeAllAsync(
///
///
Task RevokeAllAsync(
- Guid userId,
+ Guid userId,
string device,
Guid? exceptSessionId = null,
CancellationToken cancellationToken = default);
@@ -147,7 +151,7 @@ Task RevokeAllAsync(
///
///
Task RevokeAllAsync(
- TimeSpan inactiveTimeSpan,
+ TimeSpan inactiveTimeSpan,
CancellationToken cancellationToken = default);
///
/// 撤销指定的会话
diff --git a/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IdentitySessionManager.cs b/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IdentitySessionManager.cs
index cc3ee30f0..be02117c4 100644
--- a/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IdentitySessionManager.cs
+++ b/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IdentitySessionManager.cs
@@ -7,64 +7,86 @@
using Volo.Abp.Auditing;
using Volo.Abp.Domain.Services;
using Volo.Abp.Identity;
+using Volo.Abp.Timing;
namespace LINGYUN.Abp.Identity.Session;
public class IdentitySessionManager : DomainService, IIdentitySessionManager
{
protected IDeviceInfoProvider DeviceInfoProvider { get; }
+ protected IIdentitySessionCache IdentitySessionCache { get; }
protected IIdentitySessionStore IdentitySessionStore { get; }
protected IdentityDynamicClaimsPrincipalContributorCache IdentityDynamicClaimsPrincipalContributorCache { get; }
public IdentitySessionManager(
IDeviceInfoProvider deviceInfoProvider,
+ IIdentitySessionCache identitySessionCache,
IIdentitySessionStore identitySessionStore,
IdentityDynamicClaimsPrincipalContributorCache identityDynamicClaimsPrincipalContributorCache)
{
DeviceInfoProvider = deviceInfoProvider;
+ IdentitySessionCache = identitySessionCache;
IdentitySessionStore = identitySessionStore;
IdentityDynamicClaimsPrincipalContributorCache = identityDynamicClaimsPrincipalContributorCache;
}
[DisableAuditing]
public async virtual Task SaveSessionAsync(
- ClaimsPrincipal claimsPrincipal,
+ ClaimsPrincipal claimsPrincipal,
CancellationToken cancellationToken = default)
- {
+ {
if (claimsPrincipal != null)
{
var userId = claimsPrincipal.FindUserId();
- var sessionId = claimsPrincipal.FindSessionId();
- if (!userId.HasValue || sessionId.IsNullOrWhiteSpace())
- {
- return;
- }
- if (await IdentitySessionStore.ExistAsync(sessionId, cancellationToken))
+ var tenantId = claimsPrincipal.FindTenantId();
+
+ using (CurrentTenant.Change(tenantId))
{
- return;
- }
- var deviceInfo = DeviceInfoProvider.DeviceInfo;
+ var sessionId = claimsPrincipal.FindSessionId();
+ if (!userId.HasValue || sessionId.IsNullOrWhiteSpace())
+ {
+ return;
+ }
+ if (await IdentitySessionStore.ExistAsync(sessionId, cancellationToken))
+ {
+ return;
+ }
+ var deviceInfo = DeviceInfoProvider.DeviceInfo;
- var device = deviceInfo.Device ?? IdentitySessionDevices.OAuth;
- var deviceDesc = deviceInfo.Description;
- var clientIpAddress = deviceInfo.ClientIpAddress;
+ var device = deviceInfo.Device ?? IdentitySessionDevices.OAuth;
+ var deviceDesc = deviceInfo.Description;
+ var clientIpAddress = deviceInfo.ClientIpAddress;
- var tenantId = claimsPrincipal.FindTenantId();
- var clientId = claimsPrincipal.FindClientId();
+ var clientId = claimsPrincipal.FindClientId();
+
+ Logger.LogDebug($"Save user session for user: {userId}, session: {sessionId}");
- Logger.LogDebug($"Save user session for user: {userId}, session: {sessionId}");
+ await IdentitySessionStore.CreateAsync(
+ sessionId,
+ device,
+ deviceDesc,
+ userId.Value,
+ clientId,
+ clientIpAddress,
+ Clock.Now,
+ Clock.Now,
+ tenantId,
+ cancellationToken);
- await IdentitySessionStore.CreateAsync(
- sessionId,
- device,
- deviceDesc,
- userId.Value,
- clientId,
- clientIpAddress,
- tenantId,
- cancellationToken);
+ Logger.LogDebug($"Remove dynamic claims cache for user: {userId}");
- Logger.LogDebug($"Remove dynamic claims cache for user: {userId}");
- await IdentityDynamicClaimsPrincipalContributorCache.ClearAsync(userId.Value, tenantId);
+ await IdentityDynamicClaimsPrincipalContributorCache.ClearAsync(userId.Value, tenantId);
+
+ await IdentitySessionCache.RefreshAsync(sessionId,
+ new IdentitySessionCacheItem(
+ device,
+ deviceDesc,
+ userId.Value,
+ sessionId,
+ clientId,
+ clientIpAddress,
+ Clock.Now,
+ Clock.Now));
+ }
}
}
diff --git a/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IdentitySessionStore.cs b/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IdentitySessionStore.cs
index d4090952f..626a86d0d 100644
--- a/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IdentitySessionStore.cs
+++ b/aspnet-core/modules/identity/LINGYUN.Abp.Identity.Domain/LINGYUN/Abp/Identity/Session/IdentitySessionStore.cs
@@ -7,24 +7,20 @@
using Volo.Abp.DependencyInjection;
using Volo.Abp.Guids;
using Volo.Abp.Identity;
-using Volo.Abp.Timing;
using Volo.Abp.Users;
namespace LINGYUN.Abp.Identity.Session;
public class IdentitySessionStore : IIdentitySessionStore, ITransientDependency
{
- protected IClock Clock { get; }
protected ICurrentUser CurrentUser { get; }
protected IGuidGenerator GuidGenerator { get; }
protected IIdentitySessionRepository IdentitySessionRepository { get; }
public IdentitySessionStore(
- IClock clock,
ICurrentUser currentUser,
IGuidGenerator guidGenerator,
IIdentitySessionRepository identitySessionRepository)
{
- Clock = clock;
CurrentUser = currentUser;
GuidGenerator = guidGenerator;
IdentitySessionRepository = identitySessionRepository;
@@ -37,6 +33,8 @@ public async virtual Task CreateAsync(
Guid userId,
string clientId,
string ipAddresses,
+ DateTime signedIn,
+ DateTime? lastAccessed = null,
Guid? tenantId = null,
CancellationToken cancellationToken = default)
{
@@ -52,8 +50,8 @@ public async virtual Task CreateAsync(
tenantId,
clientId,
ipAddresses,
- Clock.Now,
- Clock.Now
+ signedIn,
+ lastAccessed
);
identitySession = await IdentitySessionRepository.InsertAsync(identitySession, cancellationToken: cancellationToken);
@@ -90,14 +88,14 @@ public async virtual Task GetAsync(
}
public async virtual Task FindAsync(
- string sessionId,
+ string sessionId,
CancellationToken cancellationToken = default)
{
return await IdentitySessionRepository.FindAsync(sessionId, cancellationToken: cancellationToken);
}
public async virtual Task FindLastAsync(
- Guid userId,
+ Guid userId,
string device,
CancellationToken cancellationToken = default)
{
@@ -105,7 +103,7 @@ public async virtual Task FindLastAsync(
}
public async virtual Task ExistAsync(
- string sessionId,
+ string sessionId,
CancellationToken cancellationToken = default)
{
return await IdentitySessionRepository.ExistAsync(sessionId, cancellationToken: cancellationToken);
@@ -126,7 +124,7 @@ public async virtual Task RevokeAsync(
}
public async virtual Task RevokeAllAsync(
- Guid userId,
+ Guid userId,
Guid? exceptSessionId = null,
CancellationToken cancellationToken = default)
{
@@ -134,8 +132,8 @@ public async virtual Task RevokeAllAsync(
}
public async virtual Task RevokeAllAsync(
- Guid userId,
- string device,
+ Guid userId,
+ string device,
Guid? exceptSessionId = null,
CancellationToken cancellationToken = default)
{
@@ -150,8 +148,8 @@ public async virtual Task RevokeAllAsync(
}
public async virtual Task RevokeWithAsync(
- Guid userId,
- string device = null,
+ Guid userId,
+ string device = null,
Guid? exceptSessionId = null,
int maxCount = 0,
CancellationToken cancellationToken = default)
diff --git a/aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Portal/LINGYUN/Abp/IdentityServer/Portal/PortalGrantValidator.cs b/aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Portal/LINGYUN/Abp/IdentityServer/Portal/PortalGrantValidator.cs
index 9df9c0e19..e5275048a 100644
--- a/aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Portal/LINGYUN/Abp/IdentityServer/Portal/PortalGrantValidator.cs
+++ b/aspnet-core/modules/identityServer/LINGYUN.Abp.IdentityServer.Portal/LINGYUN/Abp/IdentityServer/Portal/PortalGrantValidator.cs
@@ -46,13 +46,13 @@ public class PortalGrantValidator : IExtensionGrantValidator
private readonly IHttpContextAccessor _httpContextAccessor;
public PortalGrantValidator(
- ILogger logger,
- IOptions options,
- IEventService events,
- IResourceOwnerPasswordValidator resourceOwnerValidator,
- IdentitySecurityLogManager identitySecurityLogManager,
- UserManager userManager,
- ICurrentTenant currentTenant,
+ ILogger logger,
+ IOptions options,
+ IEventService events,
+ IResourceOwnerPasswordValidator resourceOwnerValidator,
+ IdentitySecurityLogManager identitySecurityLogManager,
+ UserManager userManager,
+ ICurrentTenant currentTenant,
IEnterpriseRepository enterpriseRepository,
IOptions multiTenancyOptions,
IHttpContextAccessor httpContextAccessor)
@@ -89,7 +89,7 @@ public async virtual Task ValidateAsync(ExtensionGrantValidationContext context)
Guid? tenantId = null;
using (_currentTenant.Change(null))
{
- var enterprise = parameters.Get("EnterpriseId");
+ var enterprise = parameters.Get("enterpriseId") ?? parameters.Get("EnterpriseId");
if (enterprise.IsNullOrWhiteSpace() || !Guid.TryParse(enterprise, out var enterpriseId))
{
// TODO: configurabled
diff --git a/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/AbpOpenIddictAspNetCoreSessionModule.cs b/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/AbpOpenIddictAspNetCoreSessionModule.cs
index 331cfbb7f..bd864582f 100644
--- a/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/AbpOpenIddictAspNetCoreSessionModule.cs
+++ b/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/AbpOpenIddictAspNetCoreSessionModule.cs
@@ -4,6 +4,7 @@
using Microsoft.Extensions.DependencyInjection;
using Volo.Abp.Modularity;
using Volo.Abp.OpenIddict;
+using static OpenIddict.Abstractions.OpenIddictConstants;
namespace LINGYUN.Abp.OpenIddict.AspNetCore.Session;
@@ -31,5 +32,10 @@ public override void ConfigureServices(ServiceConfigurationContext context)
options.SignInSessionEnabled = true;
options.SignOutSessionEnabled = true;
});
+
+ Configure(options =>
+ {
+ options.PersistentSessionGrantTypes.Add(GrantTypes.Password);
+ });
}
}
diff --git a/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/AbpOpenIddictAspNetCoreSessionOptions.cs b/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/AbpOpenIddictAspNetCoreSessionOptions.cs
new file mode 100644
index 000000000..c2796845d
--- /dev/null
+++ b/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/AbpOpenIddictAspNetCoreSessionOptions.cs
@@ -0,0 +1,11 @@
+using System.Collections.Generic;
+
+namespace LINGYUN.Abp.OpenIddict.AspNetCore.Session;
+public class AbpOpenIddictAspNetCoreSessionOptions
+{
+ public List PersistentSessionGrantTypes { get; set; }
+ public AbpOpenIddictAspNetCoreSessionOptions()
+ {
+ PersistentSessionGrantTypes = new List();
+ }
+}
diff --git a/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/ProcessSignInIdentitySession.cs b/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/ProcessSignInIdentitySession.cs
index 1f1ccce98..bbb55f773 100644
--- a/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/ProcessSignInIdentitySession.cs
+++ b/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/ProcessSignInIdentitySession.cs
@@ -1,5 +1,5 @@
using LINGYUN.Abp.Identity.Session;
-using OpenIddict.Abstractions;
+using Microsoft.Extensions.Options;
using OpenIddict.Server;
using System.Threading.Tasks;
@@ -10,6 +10,7 @@ namespace LINGYUN.Abp.OpenIddict.AspNetCore.Session;
public class ProcessSignInIdentitySession : IOpenIddictServerHandler
{
protected IIdentitySessionManager IdentitySessionManager { get; }
+ protected AbpOpenIddictAspNetCoreSessionOptions AbpOpenIddictAspNetCoreSessionOptions { get; }
public static OpenIddictServerHandlerDescriptor Descriptor { get; }
= OpenIddictServerHandlerDescriptor.CreateBuilder()
@@ -19,14 +20,18 @@ public class ProcessSignInIdentitySession : IOpenIddictServerHandler abpOpenIddictAspNetCoreSessionOptions)
{
IdentitySessionManager = identitySessionManager;
+ AbpOpenIddictAspNetCoreSessionOptions = abpOpenIddictAspNetCoreSessionOptions.Value;
}
public async virtual ValueTask HandleAsync(OpenIddictServerEvents.ProcessSignInContext context)
{
- if (context.Request.IsPasswordGrantType() && context.Principal != null)
+ if (AbpOpenIddictAspNetCoreSessionOptions.PersistentSessionGrantTypes.Contains(context.Request.GrantType) &&
+ context.Principal != null)
{
await IdentitySessionManager.SaveSessionAsync(context.Principal, context.CancellationToken);
}
diff --git a/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/RevocationIdentitySession.cs b/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/RevocationIdentitySession.cs
index 7e1109b23..41cbb9c89 100644
--- a/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/RevocationIdentitySession.cs
+++ b/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspNetCore.Session/LINGYUN/Abp/OpenIddict/AspNetCore/Session/RevocationIdentitySession.cs
@@ -3,6 +3,7 @@
using System;
using System.Security.Principal;
using System.Threading.Tasks;
+using Volo.Abp.MultiTenancy;
namespace LINGYUN.Abp.OpenIddict.AspNetCore.Session;
///
@@ -10,6 +11,7 @@ namespace LINGYUN.Abp.OpenIddict.AspNetCore.Session;
///
public class RevocationIdentitySession : IOpenIddictServerHandler
{
+ protected ICurrentTenant CurrentTenant { get; }
protected IIdentitySessionManager IdentitySessionManager { get; }
public static OpenIddictServerHandlerDescriptor Descriptor { get; }
@@ -20,17 +22,24 @@ public class RevocationIdentitySession : IOpenIddictServerHandler
public class UserinfoIdentitySession : IOpenIddictServerHandler
{
+ protected ICurrentTenant CurrentTenant { get; }
protected IIdentitySessionChecker IdentitySessionChecker { get; }
public static OpenIddictServerHandlerDescriptor Descriptor { get; }
= OpenIddictServerHandlerDescriptor.CreateBuilder()
.AddFilter()
.UseScopedHandler()
- .SetOrder(ValidateAccessTokenParameter.Descriptor.Order + 2_000)
+ .SetOrder(ValidateUserinfoRequest.Descriptor.Order + 2_000)
.SetType(OpenIddictServerHandlerType.Custom)
.Build();
- public UserinfoIdentitySession(IIdentitySessionChecker identitySessionChecker)
+ public UserinfoIdentitySession(
+ ICurrentTenant currentTenant,
+ IIdentitySessionChecker identitySessionChecker)
{
+ CurrentTenant = currentTenant;
IdentitySessionChecker = identitySessionChecker;
}
public async virtual ValueTask HandleAsync(OpenIddictServerEvents.HandleUserinfoRequestContext context)
{
+ var tenantId = context.Principal.FindTenantId();
var sessionId = context.Principal.FindSessionId();
- if (sessionId.IsNullOrWhiteSpace() ||
- !await IdentitySessionChecker.ValidateSessionAsync(sessionId))
+ using (CurrentTenant.Change(tenantId))
{
- // Errors.InvalidToken ---> 401
- // Errors.ExpiredToken ---> 400
- context.Reject(Errors.InvalidToken, "The user session has expired.");
+ if (sessionId.IsNullOrWhiteSpace() ||
+ !await IdentitySessionChecker.ValidateSessionAsync(sessionId))
+ {
+ // Errors.InvalidToken ---> 401
+ // Errors.ExpiredToken ---> 400
+ context.Reject(Errors.InvalidToken, "The user session has expired.");
+ }
}
}
}
diff --git a/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.Portal/LINGYUN/Abp/OpenIddict/Portal/PortalTokenExtensionGrant.cs b/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.Portal/LINGYUN/Abp/OpenIddict/Portal/PortalTokenExtensionGrant.cs
index 244bc5d99..bf231d4f9 100644
--- a/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.Portal/LINGYUN/Abp/OpenIddict/Portal/PortalTokenExtensionGrant.cs
+++ b/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.Portal/LINGYUN/Abp/OpenIddict/Portal/PortalTokenExtensionGrant.cs
@@ -52,7 +52,7 @@ public async virtual Task HandleAsync(ExtensionGrantContext conte
{
LazyServiceProvider = context.HttpContext.RequestServices.GetRequiredService();
- var enterprise = context.Request.GetParameter("EnterpriseId")?.ToString();
+ var enterprise = context.Request.GetParameter("enterpriseId")?.ToString() ?? context.Request.GetParameter("EnterpriseId")?.ToString();
Guid? tenantId = null;
using (CurrentTenant.Change(null))
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs b/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs
index ca7c31f5e..6678173d0 100644
--- a/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.Applications.Single/MicroServiceApplicationsSingleModule.Configure.cs
@@ -9,7 +9,12 @@
using LINGYUN.Abp.IdentityServer.IdentityResources;
using LINGYUN.Abp.Localization.CultureMap;
using LINGYUN.Abp.Notifications;
+using LINGYUN.Abp.OpenIddict.AspNetCore.Session;
+using LINGYUN.Abp.OpenIddict.LinkUser;
using LINGYUN.Abp.OpenIddict.Permissions;
+using LINGYUN.Abp.OpenIddict.Portal;
+using LINGYUN.Abp.OpenIddict.Sms;
+using LINGYUN.Abp.OpenIddict.WeChat;
using LINGYUN.Abp.Saas;
using LINGYUN.Abp.Serilog.Enrichers.Application;
using LINGYUN.Abp.Serilog.Enrichers.UniqueId;
@@ -18,6 +23,7 @@
using LINGYUN.Abp.WebhooksManagement;
using LINGYUN.Abp.WeChat.Common.Messages.Handlers;
using LINGYUN.Abp.WeChat.Localization;
+using LINGYUN.Abp.WeChat.Work;
using LINGYUN.Abp.Wrapper;
using LINGYUN.Platform.Localization;
using LY.MicroService.Applications.Single.Authentication;
@@ -311,6 +317,15 @@ private void ConfigureAuthServer(IConfiguration configuration)
options.RefreshTokenReuseLeeway = lifetime.GetValue("RefreshTokenReuseLeeway", options.RefreshTokenReuseLeeway);
options.UserCodeLifetime = lifetime.GetValue("UserCode", options.UserCodeLifetime);
});
+ Configure(options =>
+ {
+ options.PersistentSessionGrantTypes.Add(SmsTokenExtensionGrantConsts.GrantType);
+ options.PersistentSessionGrantTypes.Add(PortalTokenExtensionGrantConsts.GrantType);
+ options.PersistentSessionGrantTypes.Add(LinkUserTokenExtensionGrantConsts.GrantType);
+ options.PersistentSessionGrantTypes.Add(WeChatTokenExtensionGrantConsts.OfficialGrantType);
+ options.PersistentSessionGrantTypes.Add(WeChatTokenExtensionGrantConsts.MiniProgramGrantType);
+ options.PersistentSessionGrantTypes.Add(AbpWeChatWorkGlobalConsts.GrantType);
+ });
}
private void ConfigureEndpoints(IServiceCollection services)
@@ -454,8 +469,8 @@ private void ConfigurePermissionManagement(IConfiguration configuration)
{
// Rename IdentityServer.Client.ManagePermissions
// See https://github.com/abpframework/abp/blob/dev/modules/identityserver/src/Volo.Abp.PermissionManagement.Domain.IdentityServer/Volo/Abp/PermissionManagement/IdentityServer/AbpPermissionManagementDomainIdentityServerModule.cs
- options.ProviderPolicies[ClientPermissionValueProvider.ProviderName] = AbpOpenIddictPermissions.Applications.ManagePermissions;
-
+ options.ProviderPolicies[ClientPermissionValueProvider.ProviderName] = AbpOpenIddictPermissions.Applications.ManagePermissions;
+
//if (configuration.GetValue("AuthServer:UseOpenIddict"))
//{
// options.ProviderPolicies[ClientPermissionValueProvider.ProviderName] = AbpOpenIddictPermissions.Applications.ManagePermissions;
diff --git a/aspnet-core/services/LY.MicroService.Applications.Single/Program.cs b/aspnet-core/services/LY.MicroService.Applications.Single/Program.cs
index bb6316cd8..1f3acce59 100644
--- a/aspnet-core/services/LY.MicroService.Applications.Single/Program.cs
+++ b/aspnet-core/services/LY.MicroService.Applications.Single/Program.cs
@@ -65,10 +65,11 @@ await builder.AddApplicationAsync(options
app.UseRouting();
app.UseCors();
app.UseAuthentication();
+app.UseMultiTenancy();
+app.UseUnitOfWork();
app.UseAbpOpenIddictValidation();
app.UseAbpSession();
app.UseDynamicClaims();
-app.UseMultiTenancy();
app.UseAuthorization();
app.UseSwagger();
app.UseSwaggerUI(options =>
diff --git a/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs b/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs
index 71ab8a4e3..adaed895d 100644
--- a/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs
+++ b/aspnet-core/services/LY.MicroService.AuthServer/AuthServerModule.Configure.cs
@@ -1,7 +1,13 @@
using DotNetCore.CAP;
using LINGYUN.Abp.Localization.CultureMap;
+using LINGYUN.Abp.OpenIddict.AspNetCore.Session;
+using LINGYUN.Abp.OpenIddict.LinkUser;
+using LINGYUN.Abp.OpenIddict.Portal;
+using LINGYUN.Abp.OpenIddict.Sms;
+using LINGYUN.Abp.OpenIddict.WeChat;
using LINGYUN.Abp.Serilog.Enrichers.Application;
using LINGYUN.Abp.Serilog.Enrichers.UniqueId;
+using LINGYUN.Abp.WeChat.Work;
using LY.MicroService.AuthServer.Authentication;
using Medallion.Threading;
using Medallion.Threading.Redis;
@@ -10,7 +16,6 @@
using Microsoft.AspNetCore.Cors;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.AspNetCore.Hosting;
-using Microsoft.AspNetCore.HttpOverrides;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Routing;
using Microsoft.Extensions.Caching.StackExchangeRedis;
@@ -19,7 +24,6 @@
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Hosting;
using Microsoft.IdentityModel.Logging;
-using OpenIddict.Validation.AspNetCore;
using OpenTelemetry.Metrics;
using OpenTelemetry.Resources;
using OpenTelemetry.Trace;
@@ -334,6 +338,16 @@ private void ConfigureIdentity(IConfiguration configuration)
options.IsDynamicClaimsEnabled = true;
options.IsRemoteRefreshEnabled = false;
});
+
+ Configure(options =>
+ {
+ options.PersistentSessionGrantTypes.Add(SmsTokenExtensionGrantConsts.GrantType);
+ options.PersistentSessionGrantTypes.Add(PortalTokenExtensionGrantConsts.GrantType);
+ options.PersistentSessionGrantTypes.Add(LinkUserTokenExtensionGrantConsts.GrantType);
+ options.PersistentSessionGrantTypes.Add(WeChatTokenExtensionGrantConsts.OfficialGrantType);
+ options.PersistentSessionGrantTypes.Add(WeChatTokenExtensionGrantConsts.MiniProgramGrantType);
+ options.PersistentSessionGrantTypes.Add(AbpWeChatWorkGlobalConsts.GrantType);
+ });
}
private void ConfigureVirtualFileSystem()
{
diff --git a/aspnet-core/templates/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/PackageName.CompanyName.ProjectName.HttpApi.Host.csproj b/aspnet-core/templates/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/PackageName.CompanyName.ProjectName.HttpApi.Host.csproj
index 77c5ff95f..92df8c8a2 100644
--- a/aspnet-core/templates/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/PackageName.CompanyName.ProjectName.HttpApi.Host.csproj
+++ b/aspnet-core/templates/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/PackageName.CompanyName.ProjectName.HttpApi.Host.csproj
@@ -56,8 +56,7 @@
-
-
+
diff --git a/aspnet-core/templates/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs b/aspnet-core/templates/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs
index fcaad0e2a..0419712fb 100644
--- a/aspnet-core/templates/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs
+++ b/aspnet-core/templates/content/host/PackageName.CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs
@@ -14,11 +14,7 @@
using PackageName.CompanyName.ProjectName.EntityFrameworkCore;
using PackageName.CompanyName.ProjectName.SettingManagement;
using Volo.Abp;
-#if OpenIddict
-using Volo.Abp.OpenIddict;
-#elif IdentityServer4
using Volo.Abp.AspNetCore.Authentication.JwtBearer;
-#endif
using Volo.Abp.AspNetCore.MultiTenancy;
using Volo.Abp.AspNetCore.Serilog;
using Volo.Abp.Autofac;
@@ -54,11 +50,7 @@ namespace PackageName.CompanyName.ProjectName;
typeof(AbpSettingManagementEntityFrameworkCoreModule),
typeof(AbpLocalizationManagementEntityFrameworkCoreModule),
typeof(AbpTextTemplatingEntityFrameworkCoreModule),
-#if OpenIddict
- typeof(AbpOpenIddictAspNetCoreModule),
-#elif IdentityServer4
typeof(AbpAspNetCoreAuthenticationJwtBearerModule),
-#endif
typeof(AbpCachingStackExchangeRedisModule),
typeof(AbpDistributedLockingModule),
typeof(AbpAspNetCoreMvcWrapperModule),
@@ -113,14 +105,10 @@ public override void OnApplicationInitialization(ApplicationInitializationContex
app.UseRouting();
app.UseCors();
app.UseAuthentication();
-#if OpenIddict
- app.UseAbpOpenIddictValidation();
-#elif IdentityServer4
app.UseJwtTokenMiddleware();
-#endif
+ app.UseMultiTenancy();
app.UseAbpSession();
app.UseDynamicClaims();
- app.UseMultiTenancy();
app.UseAuthorization();
app.UseSwagger();
app.UseAbpSwaggerUI(options =>