wenkai.chen/tnb.server
Template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dev
tnb.server/common/Tnb.CollectiveOAuth/Utils/AuthChecker.cs
pofi 1d73df3235 添加项目文件。
2023-03-13 15:00:34 +08:00

107 lines
4.0 KiB
C#
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
using JNPF.Extras.CollectiveOAuth.Cache;
using JNPF.Extras.CollectiveOAuth.Config;
using JNPF.Extras.CollectiveOAuth.Enums;
using JNPF.Extras.CollectiveOAuth.Models;
namespace JNPF.Extras.CollectiveOAuth.Utils;
public class AuthChecker
{
/**
* 是否支持第三方登录
*
* @param config config
* @param source source
* @return true or false
* @since 1.6.1-beta
*/
public static bool isSupportedAuth(ClientConfig config, IAuthSource source)
{
bool isSupported = !string.IsNullOrWhiteSpace(config.clientId) && !string.IsNullOrWhiteSpace(config.clientSecret) && !string.IsNullOrWhiteSpace(config.redirectUri);
/*if (isSupported && DefaultAuthSource.ALIPAY == source)
{
isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey());
}
if (isSupported && AuthDefaultSource.STACK_OVERFLOW == source)
{
isSupported = StringUtils.isNotEmpty(config.getStackOverflowKey());
}
if (isSupported && AuthDefaultSource.WECHAT_ENTERPRISE == source)
{
isSupported = StringUtils.isNotEmpty(config.getAgentId());
}*/
return isSupported;
}
/**
* 检查配置合法性。针对部分平台, 对redirect uri有特定要求。一般来说redirect uri都是http://而对于facebook平台 redirect uri 必须是https的链接
*
* @param config config
* @param source source
* @since 1.6.1-beta
*/
public static void checkConfig(ClientConfig config, IAuthSource source)
{
string redirectUri = config.redirectUri;
if (!GlobalAuthUtil.isHttpProtocol(redirectUri) && !GlobalAuthUtil.isHttpsProtocol(redirectUri))
{
throw new Exception(AuthResponseStatus.ILLEGAL_REDIRECT_URI.GetDesc());
}
// facebook的回调地址必须为https的链接
if ("FACEBOOK".Equals(source.getName().ToUpper()) && !GlobalAuthUtil.isHttpsProtocol(redirectUri))
{
// Facebook's redirect uri must use the HTTPS protocol
throw new Exception(AuthResponseStatus.ILLEGAL_REDIRECT_URI.GetDesc());
}
// 支付宝在创建回调地址时不允许使用localhost或者127.0.0.1
if ("ALIPAY".Equals(source.getName().ToUpper()) && GlobalAuthUtil.isLocalHost(redirectUri))
{
// The redirect uri of alipay is forbidden to use localhost or 127.0.0.1
throw new Exception(AuthResponseStatus.ILLEGAL_REDIRECT_URI.GetDesc());
}
}
/**
* 校验回调传回的code
* <p>
* {@code v1.10.0}版本中改为传入{@code source}和{@code callback}对于不同平台使用不同参数接受code的情况统一做处理
*
* @param source 当前授权平台
* @param callback 从第三方授权回调回来时传入的参数集合
* @since 1.8.0.
*/
public static void checkCode(IAuthSource source, AuthCallback callback)
{
string code = callback.code;
if (source.getName().ToUpper().Equals(DefaultAuthSourceEnum.ALIPAY_MP.ToString()))
{
code = callback.auth_code;
}
else if ("HUAWEI".Equals(source.getName().ToUpper()))
{
code = callback.authorization_code;
}
if (string.IsNullOrWhiteSpace(code))
{
throw new Exception(AuthResponseStatus.ILLEGAL_CODE.GetDesc());
}
}
/// <summary>
/// 校验回调传回的{@code state},为空或者不存在.
/// </summary>
/// <param name="state">{@code state}一定不为空.</param>
/// <param name="source">当前授权平台.</param>
/// <param name="authStateCache">{@code authStateCache} state缓存实现.</param>
public static void checkState(string state, IAuthSource source, IAuthStateCache authStateCache)
{
if (string.IsNullOrWhiteSpace(state) || !authStateCache.containsKey(state))
{
//throw new Exception(AuthResponseStatus.ILLEGAL_STATUS.GetDesc());
}
}
}
Reference in New Issue View Git Blame Copy Permalink