ABP Vnext 学习03-授权中心微信小程序登录

news2025/10/31 17:41:31

前言

小程序开发的前置条件 1 需要服务端是https 和域名 Ip 是不可以的
2 需要申请appid
小程序的官方流程图
在这里插入图片描述

个人理解

对于上面的流程图步骤一客户端小程序调用wx.login 方法获取用户的code 这个code 是限时的五分钟就会过期拿到code 就可以向服务端发起登录请求了步骤二服务端：服务端验证完一些信息后 1 appId, 2 appsecret 3 code 三个参数向微信Api 接口发起请求会返回 session_key 和 openid openid 是唯一标识然后生成token 返回给前端前端就可以通过token 请求服务端资源服务器

ABP Vnext 授权中心新增小程序登录

1 首先在Domain 中 找到 IdentityServer 文件夹 新增一下
 await CreateClientAsync(
              name: "wechat",
              scopes: new[] {
                         "IdentityService", "InternalGateway", "WebAppGateway", "BusinessService","WeChat"
              },
              secret: (configurationSection["ShCloudMgt_App:ClientSecret"] ?? "1q2w3e*").Sha256(),
              grantTypes: new[] { "WeChat" },
              //redirectUri: $"http://localhost:44307/authentication/login-callback",
              requireClientSecret: false
 );
 2 找到 WebHost 或者是 分离出来的 IdentityServerHost
  创建一个类 继承IExtensionGrantValidator
  WeChatGrantValidator : IExtensionGrantValidator

public class WeChatGrantValidator : IExtensionGrantValidator
{
    public string GrantType => ExtensionGrantTypes.WeChatQrCodeGrantType;
    private readonly DateTime DateTime1970 = new DateTime(1970, 1, 1).ToLocalTime();
    private readonly UserManager<Volo.Abp.Identity.IdentityUser> _userManager;
    private readonly IJsonSerializer _jsonSerializer;

    public WeChatGrantValidator (
UserManager<Volo.Abp.Identity.IdentityUser> userLoginManager,
IJsonSerializer jsonSerializer)
    {
        _userManager = userLoginManager;
        _jsonSerializer = jsonSerializer;
    }

    public async Task ValidateAsync(ExtensionGrantValidationContext context)
    {
        string code = context.Request.Raw.Get("Code");
        if (string.IsNullOrEmpty(code))
        {
            context.Result = new GrantValidationResult(IdentityServer4.Models.TokenRequestErrors.InvalidGrant);
        }
        // 后面就是自己的逻辑 openiD 
        context.Result=ServerValidate(openId)
        
    }

    /// <summary>
    /// 服务器端验证并输出用户信息，后续自动生成token
    /// </summary>
    /// <param name="loginProvider"></param>
    /// <param name="providerKey"></param>
    /// <returns></returns>
    private async Task<GrantValidationResult> ServerValidate(string openId)
    {
        Stopwatch sw = new Stopwatch();
        sw.Start();
        var user = await _userManager.FindByIdAsync(openId); //业务库用户
     
        if (user == null)
            return new GrantValidationResult(IdentityServer4.Models.TokenRequestErrors.InvalidGrant);
        var principal = new ClaimsPrincipal();
        List<ClaimsIdentity> claimsIdentity = new List<ClaimsIdentity>();
        ClaimsIdentity identity = new ClaimsIdentity();
        identity.AddClaim(new Claim("sub", user.Id.ToString()));
        identity.AddClaim(new Claim("tenantid", user.TenantId.ToString())); //租户Id
        identity.AddClaim(new Claim("idp", "local"));
        identity.AddClaim(new Claim("amr", loginProvider));
        long authTime = (long)(DateTime.Now.ToLocalTime() - DateTime1970).TotalSeconds;
        identity.AddClaim(new Claim("auth_time", authTime.ToString()));
        claimsIdentity.Add(identity);
        principal.AddIdentities(claimsIdentity);
        sw.Stop();
        Console.WriteLine($"程序耗时：{sw.ElapsedMilliseconds}ms.");
        return new GrantValidationResult(principal);
    }
}