doeasier
diff --git a/‎H5/src/components/HeaderBar/index.vue
Lines changed: 7 additions & 3 deletions b/‎H5/src/components/HeaderBar/index.vue
Lines changed: 7 additions & 3 deletions
diff --git a/‎H5/src/main.js
Lines changed: 5 additions & 1 deletion b/‎H5/src/main.js
Lines changed: 5 additions & 1 deletion
diff --git a/‎H5/src/plugin/base64.js
Lines changed: 107 additions & 0 deletions b/‎H5/src/plugin/base64.js
Lines changed: 107 additions & 0 deletions
diff --git a/‎H5/src/plugin/http.js
Lines changed: 3 additions & 2 deletions b/‎H5/src/plugin/http.js
Lines changed: 3 additions & 2 deletions
diff --git a/‎H5/src/plugin/oidc.js
Lines changed: 4 additions & 4 deletions b/‎H5/src/plugin/oidc.js
Lines changed: 4 additions & 4 deletions
diff --git a/‎H5/src/views/Tabs/ClientEdit.vue
Lines changed: 8 additions & 0 deletions b/‎H5/src/views/Tabs/ClientEdit.vue
Lines changed: 8 additions & 0 deletions
diff --git a/‎H5/vue.config.js
Lines changed: 10 additions & 5 deletions b/‎H5/vue.config.js
Lines changed: 10 additions & 5 deletions
diff --git a/‎QuickstartIdentityServer/Apis/ApiDTO/ValidatePermissionDTO.cs
Lines changed: 1 addition & 1 deletion b/‎QuickstartIdentityServer/Apis/ApiDTO/ValidatePermissionDTO.cs
Lines changed: 1 addition & 1 deletion
diff --git a/‎QuickstartIdentityServer/Apis/ApiResourceController.cs
Lines changed: 6 additions & 3 deletions b/‎QuickstartIdentityServer/Apis/ApiResourceController.cs
Lines changed: 6 additions & 3 deletions
diff --git a/‎QuickstartIdentityServer/Apis/AppController.cs
Lines changed: 2 additions & 1 deletion b/‎QuickstartIdentityServer/Apis/AppController.cs
Lines changed: 2 additions & 1 deletion
diff --git a/‎QuickstartIdentityServer/Apis/ClientController.cs
Lines changed: 3 additions & 2 deletions b/‎QuickstartIdentityServer/Apis/ClientController.cs
Lines changed: 3 additions & 2 deletions
diff --git a/‎QuickstartIdentityServer/Apis/RoleController.cs
Lines changed: 2 additions & 1 deletion b/‎QuickstartIdentityServer/Apis/RoleController.cs
Lines changed: 2 additions & 1 deletion
diff --git a/‎QuickstartIdentityServer/Apis/UserController.cs
Lines changed: 6 additions & 5 deletions b/‎QuickstartIdentityServer/Apis/UserController.cs
Lines changed: 6 additions & 5 deletions
@@ -33,6 +33,7 @@
 
 <script>
     import mgr from '../../plugin/oidc'
+    import base from '../../plugin/base64'
     export default {
         name: "home",
         props: {
@@ -52,9 +53,12 @@
         },
 
         mounted() {
-            this.$http.get("/base/api/User/Current").then(u=>{
-                this.username = u.name;
-            })
+           var payload = base.getpayload();
+           this.username = payload.name;
+           console.log(payload);
+            // this.$http.get("/base/api/User/Current").then(u=>{
+            //     this.username = u.name;
+            // })
         },
         methods: {
             handleCommand(item){
 
@@ -18,10 +18,14 @@ Vue.use(http);
 
 import './mixin'
 import mgr from './plugin/oidc'
+import base from './plugin/base64'
 
 var main = async ()=>{
   var user = await mgr.getUser();
-  if (user){
+  if (user&&user.expired===false){
+    console.log(user);
+    http.http.setheader(user.access_token);
+    base.user = user;
     new Vue({
       router,
       store,
 
@@ -0,0 +1,107 @@
+export default  {
+    _keyStr : "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",
+    // private property
+    // public method for encoding
+     encode(input) {
+        var output = "";
+        var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
+        var i = 0;
+        input = this._utf8_encode(input);
+        while (i < input.length) {
+            chr1 = input.charCodeAt(i++);
+            chr2 = input.charCodeAt(i++);
+            chr3 = input.charCodeAt(i++);
+            enc1 = chr1 >> 2;
+            enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
+            enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
+            enc4 = chr3 & 63;
+            if (isNaN(chr2)) {
+                enc3 = enc4 = 64;
+            } else if (isNaN(chr3)) {
+                enc4 = 64;
+            }
+            output = output +
+                this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
+                this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);
+        }
+        return output;
+    },
+    // public method for decoding
+     decode(input) {
+        var output = "";
+        var chr1, chr2, chr3;
+        var enc1, enc2, enc3, enc4;
+        var i = 0;
+        input = input.replace('-', '+'); // 62nd char of encoding
+        input = input.replace('_', '/'); // 63rd char of encoding
+        input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
+        while (i < input.length) {
+            enc1 = this._keyStr.indexOf(input.charAt(i++));
+            enc2 = this._keyStr.indexOf(input.charAt(i++));
+            enc3 = this._keyStr.indexOf(input.charAt(i++));
+            enc4 = this._keyStr.indexOf(input.charAt(i++));
+            chr1 = (enc1 << 2) | (enc2 >> 4);
+            chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
+            chr3 = ((enc3 & 3) << 6) | enc4;
+            output = output + String.fromCharCode(chr1);
+            if (enc3 != 64&&chr2) {
+                output = output + String.fromCharCode(chr2);
+            }
+            if (enc4 != 64&&chr3) {
+                output = output + String.fromCharCode(chr3);
+            }
+        }
+        output = this._utf8_decode(output);
+        var result = output;
+        return result;
+    },
+    // private method for UTF-8 encoding
+     _utf8_encode(string) {
+        string = string.replace(/\r\n/g, "\n");
+        var utftext = "";
+        for (var n = 0; n < string.length; n++) {
+            var c = string.charCodeAt(n);
+            if (c < 128) {
+                utftext += String.fromCharCode(c);
+            } else if ((c > 127) && (c < 2048)) {
+                utftext += String.fromCharCode((c >> 6) | 192);
+                utftext += String.fromCharCode((c & 63) | 128);
+            } else {
+                utftext += String.fromCharCode((c >> 12) | 224);
+                utftext += String.fromCharCode(((c >> 6) & 63) | 128);
+                utftext += String.fromCharCode((c & 63) | 128);
+            }
+
+        }
+        return utftext;
+    },
+    // private method for UTF-8 decoding
+     _utf8_decode(utftext) {
+        var string = "";
+        var i = 0;
+        var c = 0, c1 = 0, c2 = 0, c3 = 0;
+        while (i < utftext.length) {
+            c = utftext.charCodeAt(i);
+            if (c < 128) {
+                string += String.fromCharCode(c);
+                i++;
+            } else if ((c > 191) && (c < 224)) {
+                c2 = utftext.charCodeAt(i + 1);
+                string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
+                i += 2;
+            } else {
+                c2 = utftext.charCodeAt(i + 1);
+                c3 = utftext.charCodeAt(i + 2);
+                string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
+                i += 3;
+            }
+        }
+        return string;
+    },
+    getpayload(){
+        const cargs = this.user.access_token.split('.');
+        if (cargs.length != 3) throw '非法token';
+        return JSON.parse(this.decode(cargs[1])) ;
+    },
+    user:null
+}
@@ -149,9 +149,10 @@ var http = {
        if(token) this.header.Authorization = "Bearer " + token;
        else this.header.Authorization = null;
     },
-    async get(url) {
+    async get(url,config) {
+        if (!config) config = { headers: this.header };
         this.block();
-        const res = await axios.get(url).catch(res => res);
+        const res = await axios.get(url,config).catch(res => res);
         this.unblock();
         return handleResult(res);
 
 
@@ -1,12 +1,12 @@
 import Oidc from 'oidc-client'
 
 var config = {
-  authority: "http://localhost:5000",
-  client_id: "js",
-  redirect_uri: "http://localhost:8080/callback.html",
+  authority: "https://localhost:44320",
+  client_id: "base",
+  redirect_uri: window.location.origin+"/callback.html",
   response_type: "id_token token",
   scope:"openid profile base",
-  post_logout_redirect_uri : "http://localhost:8080"
+  post_logout_redirect_uri : window.location.origin
 };
 
 // var config = {
 
@@ -19,6 +19,12 @@
                 <el-form-item label="访问token">
                     <el-switch v-model="data.allowAccessTokensViaBrowser"></el-switch>
                 </el-form-item>
+                <el-form-item label="授权提醒">
+                    <el-switch v-model="data.RequireConsent"></el-switch>
+                </el-form-item>
+                <el-form-item label="允许本地登入">
+                    <el-switch v-model="data.EnableLocalLogin"></el-switch>
+                </el-form-item>
                 <el-form-item label="登入跳转" prop='redirectUris'>
                     <el-input size='mini' v-model="data.redirectUris[0]"></el-input>
                 </el-form-item>
@@ -62,6 +68,8 @@
                     allowedGrantTypes:[],
                     allowedScopes:[],
                     allowAccessTokensViaBrowser:false,
+                    requireConsent:false,
+                    enableLocalLogin:true,
                     redirectUris:[""],
                     postLogoutRedirectUris:[""],
                     allowedCorsOrigins:[""]
 
@@ -9,13 +9,18 @@ module.exports = {
     //     target: 'http://192.168.103.251:6006'
     //   }
     // }
+     https: true,
+    // host: 'localhost', // can be overwritten by process.env.HOST
+    port: 8080, // can be overwritten by process.env.PORT, if port is in use, a free one will be determined
     proxy: {
-      '/connect': {
-        target: 'http://localhost:5000'
-      },
       '/base': {
-        target: 'http://localhost:5000'
+        target: 'https://localhost:44320'
       }
-    }
+    },
+    // setup: (app) => {    //解决post没响应的问题
+    //   app.post('/public/**', function(req, res) {
+    //    res.redirect(req.originalUrl); //重定向到对应路径
+    //   });
+    // }
   }
 }
@@ -10,7 +10,7 @@ public class ValidatePermissionDTO
         /// <summary>
         /// 用户id
         /// </summary>
-        public int UserId { get; set; }
+        public string Account { get; set; }
         /// <summary>
         /// 系统code
         /// </summary>
 
@@ -10,16 +10,18 @@
 using Microsoft.EntityFrameworkCore;
 using QuickstartIdentityServer.Apis.ApiDTO;
 using QuickstartIdentityServer.CommonDTO;
+using QuickstartIdentityServer.Filters;
 using QuickstartIdentityServer.IdsAuthorization;
 
 // For more information on enabling Web API for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860
 
 namespace QuickstartIdentityServer.Apis
 {
-    [Authorize]
+    [Authorize(Roles ="admin")]
     [Route("base/api/[controller]/[action]")]
     [ApiController]
-    public class ApiResourceController : Controller
+    [WebApiExceptionFilter]
+    public class ApiResourceController : ControllerBase
     {
         ConfigurationDbContext context;
         /// <summary>
@@ -82,7 +84,8 @@ public async Task Update([FromBody]ApiResourceDTO input)
             var apiresource = await context.ApiResources.FirstOrDefaultAsync(x => x.Name == input.Name);
             if (apiresource == null) throw new Exception("不存在该资源");
             context.Entry(apiresource).State = EntityState.Deleted;
-            var add = (new ApiResource(input.Name,input.DisplayName)).ToEntity();
+            var ar = new ApiResource(input.Name, input.DisplayName);
+            var add = ar.ToEntity();
             context.ApiResources.Add(add);
             await context.SaveChangesAsync();
         }
 
@@ -13,9 +13,10 @@
 
 namespace QuickstartIdentityServer.Apis
 {
-    [Authorize]
+    [Authorize(Roles = "admin")]
     [Route("base/api/[controller]/[action]")]
     [ApiController]
+    [WebApiExceptionFilter]
     public class AppController : ControllerBase
     {
         PermissionConext pcontext;
 
@@ -5,23 +5,24 @@
 using IdentityServer4.EntityFramework.DbContexts;
 using IdentityServer4.EntityFramework.Mappers;
 using IdentityServer4.Models;
-using Microsoft.AspNetCore.Authentication.JwtBearer;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
 using QuickstartIdentityServer.Apis.ApiDTO;
 using QuickstartIdentityServer.CommonDTO;
+using QuickstartIdentityServer.Filters;
 using QuickstartIdentityServer.IdsAuthorization;
 
 namespace QuickstartIdentityServer.Apis
 {
     /// <summary>
     /// Clients controller.
     /// </summary>
-    [Authorize]
+    [Authorize(Roles = "admin")]
     [Route("base/api/[controller]/[action]")]
     [ApiController]
+    [WebApiExceptionFilter]
     public class ClientController : ControllerBase
     {
         ConfigurationDbContext context;
 
@@ -13,9 +13,10 @@
 
 namespace QuickstartIdentityServer.Apis
 {
-    [Authorize]
+    [Authorize(Roles = "admin")]
     [Route("base/api/[controller]/[action]")]
     [ApiController]
+    [WebApiExceptionFilter]
     public class RoleController : ControllerBase
     {
         PermissionConext pcontext;
 
@@ -4,6 +4,7 @@
 using System.Linq;
 using System.Security.Claims;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
@@ -15,9 +16,10 @@
 
 namespace QuickstartIdentityServer.Apis
 {
-    [Authorize]
+    [Authorize(Roles = "admin")]
     [Route("base/api/[controller]/[action]")]
     [ApiController]
+    [WebApiExceptionFilter]
     public class UserController : ControllerBase
     {
         PermissionConext pcontext;
@@ -33,8 +35,7 @@ public UserController(PermissionConext pcontext)
         public async Task<UserNameDTO> Current()
         {
            var subid =  User.Claims.FirstOrDefault(c => c.Type == JwtRegisteredClaimNames.Sub).Value;
-           int.TryParse(subid, out int userid);
-           var user = await pcontext.User.Where(u => u.Id == userid).Select(u=>new UserNameDTO {
+           var user = await pcontext.User.Where(u => u.Account == subid).Select(u=>new UserNameDTO {
                Name = u.Name
            }).FirstOrDefaultAsync();
             return user;
@@ -156,11 +157,11 @@ public async Task SetRole([FromQuery]int userid, [FromBody] int[] roleids)
         [AllowAnonymous]
         public async Task<bool> Validate([FromBody]ValidatePermissionDTO input)
         {
-            bool isappadmin = await (from u in pcontext.User.Where(u => u.Id == input.UserId)
+            bool isappadmin = await (from u in pcontext.User.Where(u => u.Account == input.Account)
                             join urm in pcontext.UserRoleMap on u.Id equals urm.UserId
                             join ra in pcontext.RoleAppAdmin.Where(m => m.Code == input.Code) on urm.RoleId equals ra.RoleId select 1).AnyAsync();
             if (isappadmin) return true;
-            bool haspermission = await (from u in pcontext.User.Where(u => u.Id == input.UserId)
+            bool haspermission = await (from u in pcontext.User.Where(u => u.Account == input.Account)
                                   join urm in pcontext.UserRoleMap on u.Id equals urm.UserId
                                   join rmp in pcontext.RolePermissionMap.Where(m => m.Code == input.Code) on urm.RoleId equals rmp.RoleId
                                   join p in pcontext.Permission.Where(per=>per.ControllerName==input.Controller&&per.ActionName==input.Action) on rmp.PermissionId equals p.Id
Original file line number	Diff line number	Diff line change
`@@ -13,9 +13,10 @@`
`13`	`13`
`14`	`14`	`namespace QuickstartIdentityServer.Apis`
`15`	`15`	`{`
`16`		`- [Authorize]`
	`16`	`+ [Authorize(Roles = "admin")]`
`17`	`17`	`[Route("base/api/[controller]/[action]")]`
`18`	`18`	`[ApiController]`
	`19`	`+ [WebApiExceptionFilter]`
`19`	`20`	`public class AppController : ControllerBase`
`20`	`21`	`{`
`21`	`22`	`PermissionConext pcontext;`