using IdentityModel.Client;
using IRaCIS.Core.Application.Service.OAuth;
using Microsoft.AspNetCore.Builder;
using RestSharp;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Text;
using System.Text.Json;
using System.Threading.Tasks;
namespace IRaCIS.Core.Application.Service
{
public class OAuthService : ServiceBase
{
///
/// 测试客户端凭证代码
///
///
public async Task TestClientCredentialsAsync()
{
#region 使用IdentityModel.OidcClient 测试
// discover endpoints from metadata
var client = new HttpClient();
var disco = await client.GetDiscoveryDocumentAsync("https://logto.test.extimaging.com/oidc");
if (disco.IsError)
{
Console.WriteLine(disco.Error);
}
// request token
var tokenResponse = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest
{
Address = disco.TokenEndpoint,
ClientId = "v2mr2ndxwkxz0xpsuc1th",
ClientSecret = "yq9jUxl70QoOmwHxJ37h1rDoyJ5iz92Q",
Resource = new List() { "https://default.logto.app/api" },
Scope = "all"
});
if (tokenResponse.IsError)
{
Console.WriteLine(tokenResponse.Error);
Console.WriteLine(tokenResponse.ErrorDescription);
}
else
{
Console.WriteLine(tokenResponse.AccessToken);
Console.WriteLine("\n\n");
// call api
var apiClient = new HttpClient();
apiClient.SetBearerToken(tokenResponse.AccessToken);
var response = await apiClient.GetAsync("https://logto.test.extimaging.com/api/applications");
if (!response.IsSuccessStatusCode)
{
Console.WriteLine(response.StatusCode);
}
else
{
var doc = JsonDocument.Parse(await response.Content.ReadAsStringAsync()).RootElement;
Console.WriteLine(JsonSerializer.Serialize(doc, new JsonSerializerOptions { WriteIndented = true }));
}
}
#endregion
return ResponseOutput.Ok();
}
public async Task TestClientCredentialsOriginAsync()
{
#region 客户端方式获取logto 里面的信息
{
var baseUrl = "https://logto.test.extimaging.com";
var appId = "v2mr2ndxwkxz0xpsuc1th";
var appSecret = "yq9jUxl70QoOmwHxJ37h1rDoyJ5iz92Q";
var apiAddress = "https://default.logto.app/api"; //这里是个坑
var scope = "all";
var opts = new RestClientOptions(baseUrl);
using var client = new RestClient(opts);
//https://bump.sh/logto/doc/logto-management-api/authentication
var request = new RestRequest("oidc/token", Method.Post);
request
.AddHeader("Content-Type", "application/x-www-form-urlencoded")
.AddParameter("grant_type", "client_credentials")
.AddParameter("client_id", appId)
.AddParameter("client_secret", appSecret)
.AddParameter("resource", apiAddress) //注意这里默认值地址和api 地址有区别
.AddParameter("scope", scope);
var response = await client.ExecuteAsync(request);
if (response.StatusCode == HttpStatusCode.OK)
{
var tokenResponse = response.Data;
Console.WriteLine(tokenResponse.ToJsonStr());
#region 获取应用信息
var applicationRequest = new RestRequest($"/api/applications", Method.Get)
.AddHeader("Authorization", $"Bearer {tokenResponse.AccessToken}");
var applicationResponse = await client.ExecuteAsync(applicationRequest);
#endregion
#region 获取用户信息
//curl \
// -X GET https://[tenant_id].logto.app/api/users/{userId} \
// -H "Authorization: Bearer $ACCESS_TOKEN"
var userId = "4fqx4cb3438k";
var userInfoRequest = new RestRequest($"api/users/{userId}", Method.Get)
.AddHeader("Authorization", $"Bearer {tokenResponse.AccessToken}");
var userResponse = await client.ExecuteAsync(userInfoRequest);
Console.WriteLine(userResponse.Content);
#endregion
}
}
#endregion
return ResponseOutput.Ok();
}
}
}