refactor: Unified processing of third-party user claims (#1274)

* feat: Supports PasswordType * refactor: Unified processing of third-party user claims
masastack · Apr 9, 2024 · 6519c5b · 6519c5b
1 parent ac6cd92
commit 6519c5b
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 41 deletions.
diff --git a/src/Web/Masa.Auth.Web.Sso/Infrastructure/Services/UserProfileService.cs b/src/Web/Masa.Auth.Web.Sso/Infrastructure/Services/UserProfileService.cs
@@ -6,22 +6,47 @@ namespace Masa.Auth.Web.Sso.Infrastructure.Services;
 public class UserProfileService : IProfileService
 {
     readonly IAuthClient _authClient;
+    readonly IHttpContextAccessor _httpContextAccessor;
 
-    public UserProfileService(IAuthClient authClient)
+    public UserProfileService(IAuthClient authClient, IHttpContextAccessor httpContextAccessor)
     {
         _authClient = authClient;
+        _httpContextAccessor = httpContextAccessor;
     }
 
     public async Task GetProfileDataAsync(ProfileDataRequestContext context)
     {
         var claims = context.Subject.Claims.ToList();
         context.IssuedClaims.AddRange(claims);
+
         //ClaimsProviderAccessToken
         //if (context.Caller == "ClaimsProviderIdentityToken" || context.Caller == "UserInfoEndpoint")
         {
             var subjectId = context.Subject.Claims.FirstOrDefault(c => c.Type == "sub");
             if (subjectId != null && Guid.TryParse(subjectId.Value, out var userId))
             {
+                var request = _httpContextAccessor.HttpContext?.Request;
+                if (request != null)
+                {
+                    var scheme = request.Form["scheme"];
+                    if (!string.IsNullOrEmpty(scheme))
+                    {
+                        var authUser = await _authClient.UserService.GetThirdPartyUserByUserIdAsync(new GetThirdPartyUserByUserIdModel
+                        {
+                            Scheme = scheme,
+                            UserId = userId
+                        });
+
+                        if (authUser != null)
+                        {
+                            foreach (var item in authUser.ClaimData)
+                            {
+                                context.IssuedClaims.TryAdd(new Claim(item.Key, item.Value));
+                            }
+                        }
+                    }
+                }
+
                 var claimValues = await _authClient.UserService.GetClaimValuesAsync(userId);
                 foreach (var claimValue in claimValues)
                 {

diff --git a/src/Web/Masa.Auth.Web.Sso/Infrastructure/Validations/ImpersonationGrantValidator.cs b/src/Web/Masa.Auth.Web.Sso/Infrastructure/Validations/ImpersonationGrantValidator.cs
@@ -18,7 +18,6 @@ public ImpersonationGrantValidator(IAuthClient authClient)
     public async Task ValidateAsync(ExtensionGrantValidationContext context)
     {
         var impersonationToken = context.Request.Raw["impersonationToken"];
-        var scheme = context.Request.Raw["scheme"] ?? string.Empty;
         var environment = context.Request.Raw["environment"] ?? string.Empty;
         if (string.IsNullOrEmpty(impersonationToken))
         {
@@ -56,23 +55,6 @@ public async Task ValidateAsync(ExtensionGrantValidationContext context)
             claims.Add(new Claim(IMPERSONATOR_USER_ID, cacheItem.ImpersonatorUserId.ToString()));
         }
 
-        if (!string.IsNullOrEmpty(scheme))
-        {
-            var authUser = await _authClient.UserService.GetThirdPartyUserByUserIdAsync(new GetThirdPartyUserByUserIdModel
-            {
-                Scheme = scheme,
-                UserId = cacheItem.TargetUserId
-            });
-
-            if (authUser != null)
-            {
-                foreach (var item in authUser.ClaimData)
-                {
-                    claims.Add(new Claim(item.Key, item.Value));
-                }
-            }
-        }
-
-        context.Result = new GrantValidationResult(cacheItem.TargetUserId.ToString(), "impersonation", claims);
+        context.Result = new GrantValidationResult(cacheItem.TargetUserId.ToString(), "impersonation");
     }
 }
diff --git a/src/Web/Masa.Auth.Web.Sso/Infrastructure/Validations/PhoneCodeGrantValidator.cs b/src/Web/Masa.Auth.Web.Sso/Infrastructure/Validations/PhoneCodeGrantValidator.cs
@@ -18,7 +18,6 @@ public async Task ValidateAsync(ExtensionGrantValidationContext context)
     {
         var phoneNumber = context.Request.Raw["PhoneNumber"];
         var code = context.Request.Raw["Code"];
-        var scheme = context.Request.Raw["scheme"];
         if (string.IsNullOrEmpty(phoneNumber) || string.IsNullOrEmpty(code))
             throw new UserFriendlyException("must provider phone number and msg code");
 
@@ -29,26 +28,7 @@ public async Task ValidateAsync(ExtensionGrantValidationContext context)
         });
         if (user != null)
         {
-            var claims = new List<Claim>();
-
-            if (!string.IsNullOrEmpty(scheme))
-            {
-                var authUser = await _authClient.UserService.GetThirdPartyUserByUserIdAsync(new GetThirdPartyUserByUserIdModel
-                {
-                    Scheme = scheme,
-                    UserId = user.Id
-                });
-
-                if (authUser != null)
-                {
-                    foreach (var item in authUser.ClaimData)
-                    {
-                        claims.Add(new Claim(item.Key, item.Value));
-                    }
-                }
-            }
-
-            context.Result = new GrantValidationResult(user.Id.ToString(), "sms", claims);
+            context.Result = new GrantValidationResult(user.Id.ToString(), "sms");
         }
         else
         {