Skip to content

Commit

Permalink
Merge pull request #877 from colinin/rel-7.3.3
Browse files Browse the repository at this point in the history
Rel 7.3.3
  • Loading branch information
colinin authored Sep 19, 2023
2 parents c775e53 + 5b9726d commit 7777414
Show file tree
Hide file tree
Showing 8 changed files with 208 additions and 26 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ name: "Tagged Release"

on:
push:
branches: [ rel-7.3.2 ]
branches: [ rel-7.3.3 ]

jobs:
tagged-release:
Expand All @@ -14,4 +14,4 @@ jobs:
with:
repo_token: "${{ secrets.GITHUB_TOKEN }}"
prerelease: false
automatic_release_tag: "7.3.2"
automatic_release_tag: "7.3.3"
4 changes: 2 additions & 2 deletions aspnet-core/Directory.Build.props
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
<Project>
<PropertyGroup>
<VoloAbpPackageVersion>7.3.2</VoloAbpPackageVersion>
<VoloAbpPackageVersion>7.3.3</VoloAbpPackageVersion>
<VoloAbpLeptonXThemePackageVersion>2.3.2</VoloAbpLeptonXThemePackageVersion>
<LINGYUNAbpPackageVersion>7.3.2</LINGYUNAbpPackageVersion>
<LINGYUNAbpPackageVersion>7.3.3</LINGYUNAbpPackageVersion>
<DaprPackageVersion>1.11.0</DaprPackageVersion>
<DistributedLockRedisPackageVersion>1.0.2</DistributedLockRedisPackageVersion>
<DotNetCoreCAPPackageVersion>7.2.0</DotNetCoreCAPPackageVersion>
Expand Down
2 changes: 1 addition & 1 deletion aspnet-core/common.props
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project>
<PropertyGroup>
<LangVersion>latest</LangVersion>
<Version>7.3.2</Version>
<Version>7.3.3</Version>
<Authors>colin</Authors>
<NoWarn>$(NoWarn);CS1591;CS0436;CS8618;NU1803</NoWarn>
<PackageProjectUrl>https://github.com/colinin/abp-next-admin</PackageProjectUrl>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
using LINGYUN.Platform.Portal;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.DependencyInjection;
Expand All @@ -24,6 +23,7 @@
using Volo.Abp.OpenIddict.ExtensionGrantTypes;
using Volo.Abp.Uow;
using Volo.Abp.Validation;
using static Volo.Abp.OpenIddict.Controllers.TokenController;
using IdentityUser = Volo.Abp.Identity.IdentityUser;
using SignInResult = Microsoft.AspNetCore.Identity.SignInResult;

Expand All @@ -34,7 +34,6 @@ public class PortalTokenExtensionGrant : ITokenExtensionGrant

protected IAbpLazyServiceProvider LazyServiceProvider { get; set; }
protected ICurrentTenant CurrentTenant => LazyServiceProvider.LazyGetRequiredService<ICurrentTenant>();
protected IUnitOfWorkManager UnitOfWorkManager => LazyServiceProvider.LazyGetRequiredService<IUnitOfWorkManager>();
protected IEnterpriseRepository EnterpriseRepository => LazyServiceProvider.LazyGetRequiredService<IEnterpriseRepository>();
protected SignInManager<IdentityUser> SignInManager => LazyServiceProvider.LazyGetRequiredService<SignInManager<IdentityUser>>();
protected IdentityUserManager UserManager => LazyServiceProvider.LazyGetRequiredService<IdentityUserManager>();
Expand All @@ -47,12 +46,12 @@ public class PortalTokenExtensionGrant : ITokenExtensionGrant
protected IOptions<IdentityOptions> IdentityOptions => LazyServiceProvider.LazyGetRequiredService<IOptions<IdentityOptions>>();
protected IOptions<AbpAspNetCoreMultiTenancyOptions> MultiTenancyOptions => LazyServiceProvider.LazyGetRequiredService<IOptions<AbpAspNetCoreMultiTenancyOptions>>();
protected IdentitySecurityLogManager IdentitySecurityLogManager => LazyServiceProvider.LazyGetRequiredService<IdentitySecurityLogManager>();

[UnitOfWork]
public async virtual Task<IActionResult> HandleAsync(ExtensionGrantContext context)
{
LazyServiceProvider = context.HttpContext.RequestServices.GetRequiredService<IAbpLazyServiceProvider>();

using var scope = ServiceScopeFactory.CreateScope();
using var unitOfWork = UnitOfWorkManager.Begin();
var enterprise = context.Request.GetParameter("EnterpriseId")?.ToString();

Guid? tenantId = null;
Expand Down Expand Up @@ -91,8 +90,9 @@ public async virtual Task<IActionResult> HandleAsync(ExtensionGrantContext conte
}
}

protected virtual async Task<IActionResult> HandlePasswordAsync(ExtensionGrantContext context)
protected async virtual Task<IActionResult> HandlePasswordAsync(ExtensionGrantContext context)
{
using var scope = ServiceScopeFactory.CreateScope();
await ReplaceEmailToUsernameOfInputIfNeeds(context.Request);

IdentityUser user = null;
Expand All @@ -101,7 +101,7 @@ protected virtual async Task<IActionResult> HandlePasswordAsync(ExtensionGrantCo
{
foreach (var externalLoginProviderInfo in AbpIdentityOptions.Value.ExternalLoginProviders.Values)
{
var externalLoginProvider = (IExternalLoginProvider)context.HttpContext.RequestServices
var externalLoginProvider = (IExternalLoginProvider)scope.ServiceProvider
.GetRequiredService(externalLoginProviderInfo.Type);

if (await externalLoginProvider.TryAuthenticateAsync(context.Request.Username, context.Request.Password))
Expand Down Expand Up @@ -148,6 +148,14 @@ await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
var result = await SignInManager.CheckPasswordSignInAsync(user, context.Request.Password, true);
if (!result.Succeeded)
{
await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
{
Identity = OpenIddictSecurityLogIdentityConsts.OpenIddict,
Action = result.ToIdentitySecurityLogAction(),
UserName = context.Request.Username,
ClientId = context.Request.ClientId
});

string errorDescription;
if (result.IsLockedOut)
{
Expand All @@ -157,6 +165,17 @@ await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
else if (result.IsNotAllowed)
{
Logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", context.Request.Username);

if (user.ShouldChangePasswordOnNextLogin)
{
return await HandleShouldChangePasswordOnNextLoginAsync(context, user, context.Request.Password);
}

if (await UserManager.ShouldPeriodicallyChangePasswordAsync(user))
{
return await HandlePeriodicallyChangePasswordAsync(context, user, context.Request.Password);
}

errorDescription = "You are not allowed to login! Your account is inactive or needs to confirm your email/phone number.";
}
else
Expand All @@ -179,14 +198,6 @@ await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
return await HandleTwoFactorLoginAsync(context, user);
}

await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
{
Identity = OpenIddictSecurityLogIdentityConsts.OpenIddict,
Action = result.ToIdentitySecurityLogAction(),
UserName = context.Request.Username,
ClientId = context.Request.ClientId
});

return await SetSuccessResultAsync(context, user);
}

Expand Down Expand Up @@ -264,6 +275,96 @@ await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
}
}

protected virtual async Task<IActionResult> HandleShouldChangePasswordOnNextLoginAsync(ExtensionGrantContext context, IdentityUser user, string currentPassword)
{
return await HandleChangePasswordAsync(context, user, currentPassword, ChangePasswordType.ShouldChangePasswordOnNextLogin);
}

protected virtual async Task<IActionResult> HandlePeriodicallyChangePasswordAsync(ExtensionGrantContext context, IdentityUser user, string currentPassword)
{
return await HandleChangePasswordAsync(context, user, currentPassword, ChangePasswordType.PeriodicallyChangePassword);
}

protected virtual async Task<IActionResult> HandleChangePasswordAsync(ExtensionGrantContext context, IdentityUser user, string currentPassword, ChangePasswordType changePasswordType)
{
var changePasswordToken = context.Request.GetParameter("ChangePasswordToken")?.ToString();
var newPassword = context.Request.GetParameter("NewPassword")?.ToString();
if (!changePasswordToken.IsNullOrWhiteSpace() && !currentPassword.IsNullOrWhiteSpace() && !newPassword.IsNullOrWhiteSpace())
{
if (await UserManager.VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, changePasswordType.ToString(), changePasswordToken))
{
var changePasswordResult = await UserManager.ChangePasswordAsync(user, currentPassword, newPassword);
if (changePasswordResult.Succeeded)
{
await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
{
Identity = OpenIddictSecurityLogIdentityConsts.OpenIddict,
Action = IdentitySecurityLogActionConsts.ChangePassword,
UserName = context.Request.Username,
ClientId = context.Request.ClientId
});

if (changePasswordType == ChangePasswordType.ShouldChangePasswordOnNextLogin)
{
user.SetShouldChangePasswordOnNextLogin(false);
}

await UserManager.UpdateAsync(user);
return await SetSuccessResultAsync(context, user);
}
else
{
Logger.LogInformation("ChangePassword failed for username: {username}, reason: {changePasswordResult}", context.Request.Username, changePasswordResult.Errors.Select(x => x.Description).JoinAsString(", "));

var properties = new AuthenticationProperties(new Dictionary<string, string>
{
[OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidGrant,
[OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = changePasswordResult.Errors.Select(x => x.Description).JoinAsString(", ")
});
return Forbid(properties, OpenIddictServerAspNetCoreDefaults.AuthenticationScheme);
}
}
else
{
Logger.LogInformation("Authentication failed for username: {username}, reason: InvalidAuthenticatorCode", context.Request.Username);

var properties = new AuthenticationProperties(new Dictionary<string, string>
{
[OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidGrant,
[OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = "Invalid authenticator code!"
});

return Forbid(properties, OpenIddictServerAspNetCoreDefaults.AuthenticationScheme);
}
}
else
{
Logger.LogInformation($"Authentication failed for username: {{{context.Request.Username}}}, reason: {{{changePasswordType.ToString()}}}");

await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
{
Identity = OpenIddictSecurityLogIdentityConsts.OpenIddict,
Action = OpenIddictSecurityLogActionConsts.LoginNotAllowed,
UserName = context.Request.Username,
ClientId = context.Request.ClientId
});

var properties = new AuthenticationProperties(
items: new Dictionary<string, string>
{
[OpenIddictServerAspNetCoreConstants.Properties.Error] = OpenIddictConstants.Errors.InvalidGrant,
[OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = changePasswordType.ToString()
},
parameters: new Dictionary<string, object>
{
["userId"] = user.Id.ToString("N"),
["changePasswordToken"] = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, changePasswordType.ToString())
});

return Forbid(properties, OpenIddictServerAspNetCoreDefaults.AuthenticationScheme);
}
}

protected virtual async Task<IActionResult> SetSuccessResultAsync(ExtensionGrantContext context, IdentityUser user)
{
// Create a new ClaimsPrincipal containing the claims that
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -314,6 +314,18 @@ await SettingManager.GetOrNullAsync(IdentitySettingNames.Password.RequireUpperca
await SettingManager.GetOrNullAsync(IdentitySettingNames.Password.RequireNonAlphanumeric, providerName, providerKey),
ValueType.Boolean,
providerName);
passwordSetting.AddDetail(
SettingDefinitionManager.Get(IdentitySettingNames.Password.ForceUsersToPeriodicallyChangePassword),
StringLocalizerFactory,
await SettingManager.GetOrNullAsync(IdentitySettingNames.Password.ForceUsersToPeriodicallyChangePassword, providerName, providerKey),
ValueType.Boolean,
providerName);
passwordSetting.AddDetail(
SettingDefinitionManager.Get(IdentitySettingNames.Password.PasswordChangePeriodDays),
StringLocalizerFactory,
await SettingManager.GetOrNullAsync(IdentitySettingNames.Password.PasswordChangePeriodDays, providerName, providerKey),
ValueType.Number,
providerName);

#endregion

Expand Down
4 changes: 2 additions & 2 deletions gateways/Directory.Build.props
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project>
<PropertyGroup>
<VoloAbpPackageVersion>7.3.2</VoloAbpPackageVersion>
<LINGYUNAbpPackageVersion>7.3.2</LINGYUNAbpPackageVersion>
<VoloAbpPackageVersion>7.3.3</VoloAbpPackageVersion>
<LINGYUNAbpPackageVersion>7.3.3</LINGYUNAbpPackageVersion>
<DaprPackageVersion>1.11.0</DaprPackageVersion>
<DotNetCoreCAPPackageVersion>7.2.0</DotNetCoreCAPPackageVersion>
<AliyunSDKPackageVersion>1.5.10</AliyunSDKPackageVersion>
Expand Down
6 changes: 1 addition & 5 deletions gateways/common.props
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<Project>
<PropertyGroup>
<LangVersion>latest</LangVersion>
<Version>7.3.2</Version>
<Version>7.3.3</Version>
<Authors>colin</Authors>
<NoWarn>$(NoWarn);CS1591;CS0436;CS8618;NU1803</NoWarn>
<PackageProjectUrl>https://github.com/colinin/abp-next-admin</PackageProjectUrl>
Expand All @@ -23,8 +23,4 @@
<None Remove="Modules\**" />
</ItemGroup>

<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">
<OutputPath>$(SolutionDir)LocalNuget</OutputPath>
</PropertyGroup>

</Project>
Loading

0 comments on commit 7777414

Please sign in to comment.