feat: 新增Oauth鉴权模块，支持qq登录、gitee登录

2026-03-16 06:26:38 +08:00 · 2024-01-07 13:34:50 +08:00
parent ebad623032
commit add374f0a7
43 changed files with 1318 additions and 173 deletions
--- a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationConstants.cs
+++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationConstants.cs
@@ -0,0 +1,23 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
+
+/// <summary>
+/// Contains constants specific to the <see cref="GiteeAuthenticationHandler"/>.
+/// </summary>
+public static class GiteeAuthenticationConstants
+{
+    public static class Claims
+    {
+        public const string Url = "urn:gitee:url";
+        public const string AvatarUrl = "urn:gitee:avatarUrl";
+
+        public const string OpenId = "urn:openid";
+        public const string AccessToken = "urn:access_token";
+        public const string Name = "urn:name";
+    }
+}
--- a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationDefaults.cs
+++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationDefaults.cs
@@ -0,0 +1,53 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
+
+/// <summary>
+/// Default values used by the Gitee authentication middleware.
+/// </summary>
+public static class GiteeAuthenticationDefaults
+{
+    /// <summary>
+    /// Default value for <see cref="AuthenticationScheme.Name"/>.
+    /// </summary>
+    public const string AuthenticationScheme = "Gitee";
+
+    /// <summary>
+    /// Default value for <see cref="AuthenticationScheme.DisplayName"/>.
+    /// </summary>
+    public static readonly string DisplayName = "Gitee";
+
+    /// <summary>
+    /// Default value for <see cref="AuthenticationSchemeOptions.ClaimsIssuer"/>.
+    /// </summary>
+    public static readonly string Issuer = "Gitee";
+
+    /// <summary>
+    /// Default value for <see cref="RemoteAuthenticationOptions.CallbackPath"/>.
+    /// </summary>
+    public static readonly string CallbackPath = "/signin-gitee";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.AuthorizationEndpoint"/>.
+    /// </summary>
+    public static readonly string AuthorizationEndpoint = "https://gitee.com/oauth/authorize";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.TokenEndpoint"/>.
+    /// </summary>
+    public static readonly string TokenEndpoint = "https://gitee.com/oauth/token";
+
+    /// <summary>
+    /// Default value for <see cref="OAuthOptions.UserInformationEndpoint"/>.
+    /// </summary>
+    public static readonly string UserInformationEndpoint = "https://gitee.com/api/v5/user";
+
+    /// <summary>
+    /// Default value for <see cref="GiteeAuthenticationOptions.UserEmailsEndpoint"/>.
+    /// </summary>
+    public static readonly string UserEmailsEndpoint = "https://gitee.com/api/v5/emails";
+}
--- a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationExtensions.cs
+++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationExtensions.cs
@@ -0,0 +1,75 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using JetBrains.Annotations;
+using Microsoft.AspNetCore.Authentication;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
+
+/// <summary>
+/// Extension methods to add Gitee authentication capabilities to an HTTP application pipeline.
+/// </summary>
+public static class GiteeAuthenticationExtensions
+{
+    /// <summary>
+    /// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddGitee([NotNull] this AuthenticationBuilder builder)
+    {
+        return builder.AddGitee(GiteeAuthenticationDefaults.AuthenticationScheme, options => { });
+    }
+
+    /// <summary>
+    /// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="configuration">The delegate used to configure the OpenID 2.0 options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddGitee(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] Action<GiteeAuthenticationOptions> configuration)
+    {
+        return builder.AddGitee(GiteeAuthenticationDefaults.AuthenticationScheme, configuration);
+    }
+
+    /// <summary>
+    /// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="scheme">The authentication scheme associated with this instance.</param>
+    /// <param name="configuration">The delegate used to configure the Gitee options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddGitee(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] string scheme,
+        [NotNull] Action<GiteeAuthenticationOptions> configuration)
+    {
+        return builder.AddGitee(scheme, GiteeAuthenticationDefaults.DisplayName, configuration);
+    }
+
+    /// <summary>
+    /// Adds <see cref="GiteeAuthenticationHandler"/> to the specified
+    /// <see cref="AuthenticationBuilder"/>, which enables Gitee authentication capabilities.
+    /// </summary>
+    /// <param name="builder">The authentication builder.</param>
+    /// <param name="scheme">The authentication scheme associated with this instance.</param>
+    /// <param name="caption">The optional display name associated with this instance.</param>
+    /// <param name="configuration">The delegate used to configure the Gitee options.</param>
+    /// <returns>The <see cref="AuthenticationBuilder"/>.</returns>
+    public static AuthenticationBuilder AddGitee(
+        [NotNull] this AuthenticationBuilder builder,
+        [NotNull] string scheme,
+        [CanBeNull] string caption,
+        [NotNull] Action<GiteeAuthenticationOptions> configuration)
+    {
+        return builder.AddScheme<GiteeAuthenticationOptions, GiteeAuthenticationHandler>(scheme, caption, configuration);
+    }
+}
--- a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationHandler.cs
+++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationHandler.cs
@@ -0,0 +1,55 @@
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using Yi.Framework.AspNetCore.Authentication.OAuth.QQ;
+using static Yi.Framework.AspNetCore.Authentication.OAuth.Gitee.GiteeAuthenticationConstants;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee
+{
+    public class GiteeAuthenticationHandler : OauthAuthenticationHandler<GiteeAuthenticationOptions>
+    {
+        public GiteeAuthenticationHandler(IOptionsMonitor<GiteeAuthenticationOptions> options, ILoggerFactory logger, UrlEncoder encoder, IHttpClientFactory httpClientFactory) : base(options, logger, encoder, httpClientFactory)
+        {
+        }
+
+        public override string AuthenticationSchemeNmae => GiteeAuthenticationDefaults.AuthenticationScheme;
+
+        protected override async Task<List<Claim>> GetAuthTicketAsync(string code)
+        {
+            //获取 accessToken
+            var tokenQueryKv = new List<KeyValuePair<string, string?>>()
+            {
+                new KeyValuePair<string, string?>("grant_type","authorization_code"),
+                new KeyValuePair<string, string?>("client_id",Options.ClientId),
+                new KeyValuePair<string, string?>("client_secret",Options.ClientSecret),
+                new KeyValuePair<string, string?>("redirect_uri",Options.RedirectUri),
+                new KeyValuePair<string, string?>("code",code)
+            };
+            var tokenModel = await SendHttpRequestAsync<GiteeAuthticationcationTokenResponse>(GiteeAuthenticationDefaults.TokenEndpoint, tokenQueryKv,HttpMethod.Post);
+
+            //获取 userInfo
+            var userInfoQueryKv = new List<KeyValuePair<string, string?>>()
+            {
+                new KeyValuePair<string, string?>("access_token",tokenModel.access_token),
+            };
+            var userInfoMdoel = await SendHttpRequestAsync<GiteeAuthticationcationUserInfoResponse>(GiteeAuthenticationDefaults.UserInformationEndpoint, userInfoQueryKv);
+
+            List<Claim> claims = new List<Claim>()
+            {
+                new Claim(Claims.AvatarUrl, userInfoMdoel.avatar_url),
+                new Claim(Claims.Url, userInfoMdoel.url),
+
+                new Claim(Claims.OpenId,userInfoMdoel.id.ToString()),
+                new Claim(Claims.Name, userInfoMdoel.name),
+                new Claim(Claims.AccessToken, tokenModel.access_token)
+            };
+            return claims;
+        }
+
+        protected override void VerifyErrResponse(string content)
+        {
+            GiteeAuthticationErrCodeModel.VerifyErrResponse(content);
+        }
+    }
+}
--- a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationOptions.cs
+++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthenticationOptions.cs
@@ -0,0 +1,47 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers
+ * for more information concerning the license and the contributors participating to this project.
+ */
+
+using System.Security.Claims;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.OAuth;
+using static Yi.Framework.AspNetCore.Authentication.OAuth.Gitee.GiteeAuthenticationConstants;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee;
+
+/// <summary>
+/// Defines a set of options used by <see cref="GiteeAuthenticationHandler"/>.
+/// </summary>
+public class GiteeAuthenticationOptions : OAuthOptions
+{
+    public GiteeAuthenticationOptions()
+    {
+        ClaimsIssuer = GiteeAuthenticationDefaults.Issuer;
+
+        CallbackPath = GiteeAuthenticationDefaults.CallbackPath;
+
+        AuthorizationEndpoint = GiteeAuthenticationDefaults.AuthorizationEndpoint;
+        TokenEndpoint = GiteeAuthenticationDefaults.TokenEndpoint;
+        UserInformationEndpoint = GiteeAuthenticationDefaults.UserInformationEndpoint;
+        UserEmailsEndpoint = GiteeAuthenticationDefaults.UserEmailsEndpoint;
+
+        Scope.Add("user_info");
+        Scope.Add("emails");
+
+        ClaimActions.MapJsonKey(ClaimTypes.NameIdentifier, "id");
+        ClaimActions.MapJsonKey(ClaimTypes.Name, "login");
+        ClaimActions.MapJsonKey(ClaimTypes.Email, "email");
+        ClaimActions.MapJsonKey(Claims.Name, "name");
+        ClaimActions.MapJsonKey(Claims.Url, "url");
+    }
+
+    /// <summary>
+    /// Gets or sets the address of the endpoint exposing
+    /// the email addresses associated with the logged in user.
+    /// </summary>
+    public string UserEmailsEndpoint { get; set; }
+
+    public string RedirectUri { get; set; }
+}
--- a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationErrCodeModel.cs
+++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationErrCodeModel.cs
@@ -0,0 +1,30 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Text.Json;
+using System.Threading.Tasks;
+
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee
+{
+    public class GiteeAuthticationErrCodeModel
+    {
+        public string error { get; set; }
+
+        public string error_description { get; set; }
+
+        public static void VerifyErrResponse(string content)
+        {
+
+                var model =Newtonsoft.Json.JsonConvert.DeserializeObject <GiteeAuthticationErrCodeModel>(content);
+                if (model.error != null)
+                {
+
+                    throw new Exception($"第三方授权返回错误，错误码：【{model.error}】，错误详情：【{model.error_description}】");
+                }
+        }
+
+    }
+
+}
--- a/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationcationHttpModel.cs
+++ b/Yi.Abp.Net8/framework/Yi.Framework.AspNetCore.Authentication.OAuth/Gitee/GiteeAuthticationcationHttpModel.cs
@@ -0,0 +1,63 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Yi.Framework.AspNetCore.Authentication.OAuth.Gitee
+{
+    public class GiteeAuthticationcationTokenResponse
+    {
+        public string access_token { get; set; }
+        public string token_type { get; set; }
+        public int expires_in { get; set; }
+        public string refresh_token { get; set; }
+        public string scope { get; set; }
+        public long created_at { get; set; }
+    }
+
+
+    public class GiteeAuthticationcationOpenIdResponse
+    {
+        public string client_id { get; set; }
+
+        public string openid { get; set; }
+
+    }
+
+    public class GiteeAuthticationcationUserInfoResponse
+    {
+        /// <summary>
+        /// 也可以等于openId
+        /// </summary>
+        public int id { get; set; }
+        public string login { get; set; }
+        public string name { get; set; }
+        public string avatar_url { get; set; }
+        public string url { get; set; }
+        public string html_url { get; set; }
+        public string remark { get; set; }
+        public string followers_url { get; set; }
+        public string following_url { get; set; }
+        public string gists_url { get; set; }
+        public string starred_url { get; set; }
+        public string subscriptions_url { get; set; }
+        public string organizations_url { get; set; }
+        public string repos_url { get; set; }
+        public string events_url { get; set; }
+        public string received_events_url { get; set; }
+        public string type { get; set; }
+        public string blog { get; set; }
+        public string weibo { get; set; }
+        public string bio { get; set; }
+        public int public_repos { get; set; }
+        public int public_gists { get; set; }
+        public int followers { get; set; }
+        public int following { get; set; }
+        public int stared { get; set; }
+        public int watched { get; set; }
+        public DateTime created_at { get; set; }
+        public DateTime updated_at { get; set; }
+        public string email { get; set; }
+    }
+}