diff --git a/IRaCIS.Core.API/Controllers/ExtraController.cs b/IRaCIS.Core.API/Controllers/ExtraController.cs index a6a000249..67f8b5a7c 100644 --- a/IRaCIS.Core.API/Controllers/ExtraController.cs +++ b/IRaCIS.Core.API/Controllers/ExtraController.cs @@ -16,6 +16,7 @@ using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using System; +using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; @@ -412,12 +413,22 @@ namespace IRaCIS.Api.Controllers [HttpGet("User/OAuthCallBack")] public async Task OAuthCallBack(string type, string code) { + #region 获取AccessToken + var headerDic = new Dictionary(); + headerDic.Add("code", code); + headerDic.Add("grant_type", "authorization_code"); + headerDic.Add("redirect_uri", "http://localhost:6100"); + headerDic.Add("scope", "all"); + + #endregion return ResponseOutput.Ok(); } + + #endregion #region 测试获取用户 ip diff --git a/IRaCIS.Core.API/IRaCIS.Core.API.xml b/IRaCIS.Core.API/IRaCIS.Core.API.xml index 222dde557..d2bfbef62 100644 --- a/IRaCIS.Core.API/IRaCIS.Core.API.xml +++ b/IRaCIS.Core.API/IRaCIS.Core.API.xml @@ -346,6 +346,147 @@ + + + The token names used by Cookie and OpenID Connect middleware to store and retrieve tokens from + Logto OpenID Connect provider. +
+ See tokens that are stored by OpenID Connect middleware for more details. + + + + + The scope names used by Logto OpenID Connect provider to request for user information. + + + + + The scope name for requesting user's email. + Logto will issue two claims to the ID token: email and email_verified. + + + + + The scope name for requesting user's phone number. + Logto will issue two claims to the ID token: phone and phone_verified. + + + + + The scope name for requesting user's custom data. + Logto will issue a claim to the response of the userinfo endpoint: custom_data. +
+ Note that when requesting this scope, you must set to true. + + + + + The scope name for requesting user's identities. + Logto will issue a claim to the response of the userinfo endpoint: identities. +
+ Note that when requesting this scope, you must set to true. + + + + + The claim names used by Logto OpenID Connect provider for ID token and userinfo endpoint. + + + + + The claim name for the issuer identifier for whom issued the token. + + + + + The claim name for the subject identifier for whom the token is intended (user ID). + + + + + The claim name for the audience that the token is intended for, which is the client ID. + + + + + The claim name for the expiration time of the token (in seconds). + + + + + The claim name for the time at which the token was issued (in seconds). + + + + + The claim name for the user's full name. + + + + + The claim name for user's username. + + + + + The claim name for user's profile picture URL. + + + + + The claim name for user's email. + + + + + The claim name for user's email verification status. + + + + + The claim name for user's phone number. + + + + + The claim name for user's phone number verification status. + + + + + The claim name for user's custom data. + + + + + The claim name for user's identities. + + + + + The access token issued by the Logto authorization server. + + + + + The type of the token issued by the Logto authorization server. + + + + + The lifetime in seconds of the access token. + + + + + The refresh token, which can be used to obtain new access tokens using the same authorization grant. + + + + + The ID token, which can be used to verify the identity of the user. + + IPLimit限流 启动服务 diff --git a/IRaCIS.Core.API/OAuth/LogotoParams.cs b/IRaCIS.Core.API/OAuth/LogotoParams.cs new file mode 100644 index 000000000..0cfb61299 --- /dev/null +++ b/IRaCIS.Core.API/OAuth/LogotoParams.cs @@ -0,0 +1,121 @@ +using Microsoft.IdentityModel.Protocols.OpenIdConnect; +using System.Text.Json.Serialization; + +namespace IRaCIS.Core.API.OAuth; + + + +public static class LogtoParameters +{ + /// + /// The token names used by Cookie and OpenID Connect middleware to store and retrieve tokens from + /// Logto OpenID Connect provider. + ///
+ /// See tokens that are stored by OpenID Connect middleware for more details. + /// + public static class Tokens + { + public const string AccessToken = OpenIdConnectParameterNames.AccessToken; + public const string ExpiresAt = "expires_at"; + public const string AccessTokenForResource = $"{AccessToken}.resource"; + public const string ExpiresAtForResource = $"{ExpiresAt}.resource"; + public const string RefreshToken = OpenIdConnectParameterNames.RefreshToken; + public const string IdToken = OpenIdConnectParameterNames.IdToken; + public const string TokenType = OpenIdConnectParameterNames.TokenType; + + } + + /// + /// The scope names used by Logto OpenID Connect provider to request for user information. + /// + public static class Scopes + { + /// + /// The scope name for requesting user's email. + /// Logto will issue two claims to the ID token: email and email_verified. + /// + public const string Email = "email"; + /// + /// The scope name for requesting user's phone number. + /// Logto will issue two claims to the ID token: phone and phone_verified. + /// + public const string Phone = "phone"; + /// + /// The scope name for requesting user's custom data. + /// Logto will issue a claim to the response of the userinfo endpoint: custom_data. + ///
+ /// Note that when requesting this scope, you must set to true. + /// + public const string CustomData = "custom_data"; + /// + /// The scope name for requesting user's identities. + /// Logto will issue a claim to the response of the userinfo endpoint: identities. + ///
+ /// Note that when requesting this scope, you must set to true. + /// + public const string Identities = "identities"; + } + + /// + /// The claim names used by Logto OpenID Connect provider for ID token and userinfo endpoint. + /// + public static class Claims + { + /// + /// The claim name for the issuer identifier for whom issued the token. + /// + public const string Issuer = "iss"; + /// + /// The claim name for the subject identifier for whom the token is intended (user ID). + /// + public const string Subject = "sub"; + /// + /// The claim name for the audience that the token is intended for, which is the client ID. + /// + public const string Audience = "aud"; + /// + /// The claim name for the expiration time of the token (in seconds). + /// + public const string Expiration = "exp"; + /// + /// The claim name for the time at which the token was issued (in seconds). + /// + public const string IssuedAt = "iat"; + /// + /// The claim name for the user's full name. + /// + public const string Name = "name"; + /// + /// The claim name for user's username. + /// + public const string Username = "username"; + /// + /// The claim name for user's profile picture URL. + /// + public const string Picture = "picture"; + /// + /// The claim name for user's email. + /// + public const string Email = "email"; + /// + /// The claim name for user's email verification status. + /// + public const string EmailVerified = "email_verified"; + /// + /// The claim name for user's phone number. + /// + public const string PhoneNumber = "phone_number"; + /// + /// The claim name for user's phone number verification status. + /// + public const string PhoneNumberVerified = "phone_number_verified"; + /// + /// The claim name for user's custom data. + /// + public const string CustomData = "custom_data"; + /// + /// The claim name for user's identities. + /// + public const string Identities = "identities"; + } +} \ No newline at end of file diff --git a/IRaCIS.Core.API/OAuth/LogtoTokenResponse.cs b/IRaCIS.Core.API/OAuth/LogtoTokenResponse.cs new file mode 100644 index 000000000..d0982161b --- /dev/null +++ b/IRaCIS.Core.API/OAuth/LogtoTokenResponse.cs @@ -0,0 +1,36 @@ +using System.Text.Json.Serialization; + +namespace IRaCIS.Core.API.OAuth; + +public class LogtoTokenResponse +{ + /// + /// The access token issued by the Logto authorization server. + /// + [JsonPropertyName("access_token")] + public string AccessToken { get; set; } = null!; + + /// + /// The type of the token issued by the Logto authorization server. + /// + [JsonPropertyName("token_type")] + public string TokenType { get; set; } = null!; + + /// + /// The lifetime in seconds of the access token. + /// + [JsonPropertyName("expires_in")] + public int ExpiresIn { get; set; } + + /// + /// The refresh token, which can be used to obtain new access tokens using the same authorization grant. + /// + [JsonPropertyName("refresh_token")] + public string? RefreshToken { get; set; } = null!; + + /// + /// The ID token, which can be used to verify the identity of the user. + /// + [JsonPropertyName("id_token")] + public string? IdToken { get; set; } = null; +} diff --git a/IRaCIS.Core.Application/Service/Common/ExcelExportService.cs b/IRaCIS.Core.Application/Service/Common/ExcelExportService.cs index 5092e31e8..2b8188b01 100644 --- a/IRaCIS.Core.Application/Service/Common/ExcelExportService.cs +++ b/IRaCIS.Core.Application/Service/Common/ExcelExportService.cs @@ -2345,7 +2345,7 @@ namespace IRaCIS.Core.Application.Service.Common var doctor2List = _visitTaskRepository.Where(comonTaskFilter).Where(t => t.ReadingTaskState == ReadingTaskState.HaveSigned) .GroupBy(t => new { t.DoctorUserId, t.DoctorUser.UserName, t.DoctorUser.FullName }) - //有全局裁判 + //有全局裁判 //.Where(g => g.Any(t => t.ReadingCategory == ReadingCategory.Global && t.JudgeVisitTaskId != null)) .Select(g => new DoctorJudgeRatio() { @@ -2354,7 +2354,7 @@ namespace IRaCIS.Core.Application.Service.Common FullName = g.Key.FullName, //触发裁判的阅片期的数量 - TotalJudgeCount = g.Where(t => t.ReadingCategory == ReadingCategory.Global && t.SouceReadModuleId != null && t.JudgeVisitTaskId != null).Select(t => t.SouceReadModuleId).Distinct().Count(), + TotalJudgeCount = g.Where(t => t.ReadingCategory == ReadingCategory.Global && t.SouceReadModuleId != null && t.JudgeVisitTaskId != null && t.JudgeVisitTask.ReadingTaskState==ReadingTaskState.HaveSigned).Select(t => t.SouceReadModuleId).Distinct().Count(), JudgeAgreeCount = g.Where(t => t.ReadingCategory == ReadingCategory.Global && t.JudgeVisitTaskId != null && t.JudgeVisitTask.JudgeResultTaskId == t.Id) .Select(t => t.SouceReadModuleId).Distinct().Count(),