feature(oidc):add oidc (#66)

* add IClientStore、IResourceStore

* Code optimization

* feat(oidc):oidc

* feat(oidc):oidc

* feat(oidc):oidc

* feat(oidc):oidc

* feat(oidc):oidc

* feat(oidc):oidc

* feat:update client

* feat:update cache

* feat(oidc):oidc

* feat(oidc):oidc

* feat(oidc):oidc

* refactor:formatting code

* feat(oidc):oidc

* feat(oidc):remove AddAllAsync,add ResetAsync

* feat(oidc):sln

* refactor:refactor code

* refactor(code):refactor code

* refactor:refactor code

* refactor:refactor code

* fix:ReUse change to Reuse

* refactor(code):refactor code

Co-authored-by: Mayue <mayue@lonsid.cn>

Masa.BuildingBlocks.sln

@@ -81,11 +81,17 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Masa.BuildingBlocks.Data",
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Masa.BuildingBlocks.Service.Contracts", "src\Service\Masa.BuildingBlocks.Service.Contracts\Masa.BuildingBlocks.Service.Contracts.csproj", "{775797E2-8576-4050-8649-18AAD00D0A87}"
 EndProject
-Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Identity", "Identity", "{BAABD8D1-BBB9-4F7B-9FD5-A71602BB4695}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Masa.BuildingBlocks.Data.MappingExtensions", "src\Data\Masa.BuildingBlocks.Data.MappingExtensions\Masa.BuildingBlocks.Data.MappingExtensions.csproj", "{42D62996-F3FA-406F-AECD-BEACE557E0DB}"
 EndProject
-Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Masa.BuildingBlocks.Data.MappingExtensions", "src\Data\Masa.BuildingBlocks.Data.MappingExtensions\Masa.BuildingBlocks.Data.MappingExtensions.csproj", "{2281D561-3088-4251-BA84-99D658660CBE}"
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Authentication", "Authentication", "{7078E83D-778C-4CE0-829F-7F0AD969361E}"
 EndProject
-Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Masa.BuildingBlocks.Identity.IdentityModel", "src\Identity\Masa.BuildingBlocks.Identity.IdentityModel\Masa.BuildingBlocks.Identity.IdentityModel.csproj", "{55344805-2B0A-4180-8F11-A61102E11F79}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Masa.BuildingBlocks.Authentication.Oidc.Cache", "src\Authentication\Masa.BuildingBlocks.Authentication.Oidc.Cache\Masa.BuildingBlocks.Authentication.Oidc.Cache.csproj", "{CF05242F-1DBA-40E9-BBC4-7C4D6A69BE2B}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Masa.BuildingBlocks.Authentication.Oidc.Domain", "src\Authentication\Masa.BuildingBlocks.Authentication.Oidc.Domain\Masa.BuildingBlocks.Authentication.Oidc.Domain.csproj", "{639F5AB4-3648-4AFE-95E3-5909C054E39C}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Masa.BuildingBlocks.Authentication.Oidc.Models", "src\Authentication\Masa.BuildingBlocks.Authentication.Oidc.Models\Masa.BuildingBlocks.Authentication.Oidc.Models.csproj", "{F77F36FE-82A1-4BEC-8AB2-55F298AAADCD}"
+EndProject
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Masa.BuildingBlocks.Authentication.Oidc.Storage", "src\Authentication\Masa.BuildingBlocks.Authentication.Oidc.Storage\Masa.BuildingBlocks.Authentication.Oidc.Storage.csproj", "{701DF095-CF25-4311-9129-279A1834D8A3}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -169,6 +175,26 @@ Global
 		{775797E2-8576-4050-8649-18AAD00D0A87}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{775797E2-8576-4050-8649-18AAD00D0A87}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{775797E2-8576-4050-8649-18AAD00D0A87}.Release|Any CPU.Build.0 = Release|Any CPU
+		{42D62996-F3FA-406F-AECD-BEACE557E0DB}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{42D62996-F3FA-406F-AECD-BEACE557E0DB}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{42D62996-F3FA-406F-AECD-BEACE557E0DB}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{42D62996-F3FA-406F-AECD-BEACE557E0DB}.Release|Any CPU.Build.0 = Release|Any CPU
+		{CF05242F-1DBA-40E9-BBC4-7C4D6A69BE2B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{CF05242F-1DBA-40E9-BBC4-7C4D6A69BE2B}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{CF05242F-1DBA-40E9-BBC4-7C4D6A69BE2B}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{CF05242F-1DBA-40E9-BBC4-7C4D6A69BE2B}.Release|Any CPU.Build.0 = Release|Any CPU
+		{639F5AB4-3648-4AFE-95E3-5909C054E39C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{639F5AB4-3648-4AFE-95E3-5909C054E39C}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{639F5AB4-3648-4AFE-95E3-5909C054E39C}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{639F5AB4-3648-4AFE-95E3-5909C054E39C}.Release|Any CPU.Build.0 = Release|Any CPU
+		{F77F36FE-82A1-4BEC-8AB2-55F298AAADCD}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{F77F36FE-82A1-4BEC-8AB2-55F298AAADCD}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{F77F36FE-82A1-4BEC-8AB2-55F298AAADCD}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{F77F36FE-82A1-4BEC-8AB2-55F298AAADCD}.Release|Any CPU.Build.0 = Release|Any CPU
+		{701DF095-CF25-4311-9129-279A1834D8A3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{701DF095-CF25-4311-9129-279A1834D8A3}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{701DF095-CF25-4311-9129-279A1834D8A3}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{701DF095-CF25-4311-9129-279A1834D8A3}.Release|Any CPU.Build.0 = Release|Any CPU
 		{2281D561-3088-4251-BA84-99D658660CBE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{2281D561-3088-4251-BA84-99D658660CBE}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{2281D561-3088-4251-BA84-99D658660CBE}.Release|Any CPU.ActiveCfg = Release|Any CPU
@@ -214,6 +240,12 @@ Global
 		{EA5B1CAD-2275-43F3-9A50-7CE1FD94ACDB} = {64FB8703-E922-45DE-9D01-3FE9EFE56727}
 		{4B9BF713-E0BC-4CAB-9D8D-353C18EDC855} = {64FB8703-E922-45DE-9D01-3FE9EFE56727}
 		{775797E2-8576-4050-8649-18AAD00D0A87} = {593A3114-D1E0-47ED-BC37-58E08886175B}
+		{42D62996-F3FA-406F-AECD-BEACE557E0DB} = {64FB8703-E922-45DE-9D01-3FE9EFE56727}
+		{7078E83D-778C-4CE0-829F-7F0AD969361E} = {77D17E30-CB7C-4DD7-8CF1-9D5350FF2304}
+		{CF05242F-1DBA-40E9-BBC4-7C4D6A69BE2B} = {7078E83D-778C-4CE0-829F-7F0AD969361E}
+		{639F5AB4-3648-4AFE-95E3-5909C054E39C} = {7078E83D-778C-4CE0-829F-7F0AD969361E}
+		{F77F36FE-82A1-4BEC-8AB2-55F298AAADCD} = {7078E83D-778C-4CE0-829F-7F0AD969361E}
+		{701DF095-CF25-4311-9129-279A1834D8A3} = {7078E83D-778C-4CE0-829F-7F0AD969361E}
 		{BAABD8D1-BBB9-4F7B-9FD5-A71602BB4695} = {77D17E30-CB7C-4DD7-8CF1-9D5350FF2304}
 		{2281D561-3088-4251-BA84-99D658660CBE} = {64FB8703-E922-45DE-9D01-3FE9EFE56727}
 		{55344805-2B0A-4180-8F11-A61102E11F79} = {BAABD8D1-BBB9-4F7B-9FD5-A71602BB4695}

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Cache/Caches/IApiResourceCache.cs

@@ -0,0 +1,19 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Cache.Caches;
+
+public interface IApiResourceCache
+{
+    Task<List<ApiResourceModel>> GetListAsync(IEnumerable<string> names);
+
+    Task<List<ApiResourceModel>> GetListAsync();
+
+    Task SetAsync(ApiResource apiResource);
+
+    Task SetRangeAsync(IEnumerable<ApiResource> apiResources);
+
+    Task RemoveAsync(ApiResource apiResource);
+
+    Task ResetAsync(IEnumerable<ApiResource> identityResources);
+}

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Cache/Caches/IApiScopeCache.cs

@@ -0,0 +1,19 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Cache.Caches;
+
+public interface IApiScopeCache
+{
+    Task<List<ApiScopeModel>> GetListAsync(IEnumerable<string> names);
+
+    Task<List<ApiScopeModel>> GetListAsync();
+
+    Task SetAsync(ApiScope apiScope);
+
+    Task SetRangeAsync(IEnumerable<ApiScope> apiScopes);
+
+    Task RemoveAsync(ApiScope apiScope);
+
+    Task ResetAsync(IEnumerable<ApiScope> identityResources);
+}

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Cache/Caches/IClientCache.cs

@@ -0,0 +1,15 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Cache.Caches;
+
+public interface IClientCache
+{
+    Task<ClientModel?> GetAsync(string clientId);
+
+    Task SetAsync(Client client);
+
+    Task SetRangeAsync(IEnumerable<Client> clients);
+
+    Task RemoveAsync(Client client);
+}

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Cache/Caches/IIdentityResourceCache.cs

@@ -0,0 +1,19 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Cache.Caches;
+
+public interface IIdentityResourceCache
+{
+    Task<List<IdentityResourceModel>> GetListAsync(IEnumerable<string> names);
+
+    Task<List<IdentityResourceModel>> GetListAsync();
+
+    Task SetAsync(IdentityResource identityResource);
+
+    Task SetRangeAsync(IEnumerable<IdentityResource> identityResources);
+
+    Task RemoveAsync(IdentityResource identityResource);
+
+    Task ResetAsync(IEnumerable<IdentityResource> identityResources);
+}

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Cache/Masa.BuildingBlocks.Authentication.Oidc.Cache.csproj

@@ -0,0 +1,14 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net6.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\Masa.BuildingBlocks.Authentication.Oidc.Domain\Masa.BuildingBlocks.Authentication.Oidc.Domain.csproj" />
+    <ProjectReference Include="..\Masa.BuildingBlocks.Authentication.Oidc.Models\Masa.BuildingBlocks.Authentication.Oidc.Models.csproj" />
+  </ItemGroup>
+
+</Project>

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Cache/_Imports.cs

@@ -0,0 +1,5 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+global using Masa.BuildingBlocks.Authentication.Oidc.Domain.Entities;
+global using Masa.BuildingBlocks.Authentication.Oidc.Models.Models;

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Domain/Constants/GrantTypeConsts.cs

@@ -0,0 +1,37 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Domain.Constants;
+
+public class GrantTypeConsts
+{
+    public static ICollection<string> Implicit =>
+            new[] { GrantTypes.IMPLICIT };
+
+    public static ICollection<string> ImplicitAndClientCredentials =>
+        new[] { GrantTypes.IMPLICIT, GrantTypes.CLIENT_CREDENTIALS };
+
+    public static ICollection<string> Code =>
+        new[] { GrantTypes.AUTHORIZATION_CODE };
+
+    public static ICollection<string> CodeAndClientCredentials =>
+        new[] { GrantTypes.AUTHORIZATION_CODE, GrantTypes.CLIENT_CREDENTIALS };
+
+    public static ICollection<string> Hybrid =>
+        new[] { GrantTypes.HYBRID };
+
+    public static ICollection<string> HybridAndClientCredentials =>
+        new[] { GrantTypes.HYBRID, GrantTypes.CLIENT_CREDENTIALS };
+
+    public static ICollection<string> ClientCredentials =>
+        new[] { GrantTypes.CLIENT_CREDENTIALS };
+
+    public static ICollection<string> ResourceOwnerPassword =>
+        new[] { GrantTypes.RESOURCE_OWNER_PASSWORD };
+
+    public static ICollection<string> ResourceOwnerPasswordAndClientCredentials =>
+        new[] { GrantTypes.RESOURCE_OWNER_PASSWORD, GrantTypes.CLIENT_CREDENTIALS };
+
+    public static ICollection<string> DeviceFlow =>
+        new[] { GrantTypes.DEVICE_FLOW };
+}

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Domain/Constants/GrantTypes.cs

@@ -0,0 +1,19 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Domain.Constants;
+
+public static class GrantTypes
+{
+    public const string IMPLICIT = "implicit";
+
+    public const string HYBRID = "hybrid";
+
+    public const string AUTHORIZATION_CODE = "authorization_code";
+
+    public const string CLIENT_CREDENTIALS = "client_credentials";
+
+    public const string RESOURCE_OWNER_PASSWORD = "password";
+
+    public const string DEVICE_FLOW = "urn:ietf:params:oauth:grant-type:device_code";
+}

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Domain/Entities/Abstract/Property.cs

@@ -0,0 +1,11 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Domain.Entities.Abstract;
+
+public abstract class Property : Entity<Guid>
+{
+    public string Key { get; protected set; } = "";
+
+    public string Value { get; protected set; } = "";
+}

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Domain/Entities/Abstract/Secret.cs

@@ -0,0 +1,15 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Domain.Entities.Abstract;
+
+public abstract class Secret : FullEntity<int, Guid>
+{
+    public string Description { get; protected set; } = string.Empty;
+
+    public string Value { get; protected set; } = string.Empty;
+
+    public DateTime? Expiration { get; protected set; }
+
+    public string Type { get; protected set; } = "SharedSecret";
+}

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Domain/Entities/ApiResource.cs

@@ -0,0 +1,78 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Domain.Entities;
+
+public class ApiResource : FullAggregateRoot<int, Guid>
+{
+    private List<ApiResourceSecret> _secrets = new();
+    private List<ApiResourceScope> _apiScopes = new();
+    private List<ApiResourceClaim> _userClaims = new();
+    private List<ApiResourceProperty> _properties = new();
+
+    public bool Enabled { get; private set; }
+
+    public string Name { get; private set; } = "";
+
+    public string DisplayName { get; private set; } = "";
+
+    public string Description { get; private set; } = "";
+
+    public string AllowedAccessTokenSigningAlgorithms { get; private set; } = "";
+
+    public bool ShowInDiscoveryDocument { get; private set; } = true;
+
+    public DateTime? LastAccessed { get; private set; }
+
+    public bool NonEditable { get; private set; }
+
+    public IReadOnlyCollection<ApiResourceSecret> Secrets => _secrets;
+
+    public IReadOnlyCollection<ApiResourceScope> ApiScopes => _apiScopes;
+
+    public IReadOnlyCollection<ApiResourceClaim> UserClaims => _userClaims;
+
+    public IReadOnlyCollection<ApiResourceProperty> Properties => _properties;
+
+    public ApiResource(string name, string displayName, string description, string allowedAccessTokenSigningAlgorithms, bool showInDiscoveryDocument, DateTime? lastAccessed, bool nonEditable, bool enabled)
+    {
+        Enabled = enabled;
+        Name = name;
+        DisplayName = displayName;
+        Description = description;
+        AllowedAccessTokenSigningAlgorithms = allowedAccessTokenSigningAlgorithms;
+        ShowInDiscoveryDocument = showInDiscoveryDocument;
+        LastAccessed = lastAccessed;
+        NonEditable = nonEditable;
+    }
+
+    public void Update(string displayName, string description, string allowedAccessTokenSigningAlgorithms, bool showInDiscoveryDocument, DateTime? lastAccessed, bool nonEditable, bool enabled)
+    {
+        Enabled = enabled;
+        DisplayName = displayName;
+        Description = description;
+        AllowedAccessTokenSigningAlgorithms = allowedAccessTokenSigningAlgorithms;
+        ShowInDiscoveryDocument = showInDiscoveryDocument;
+        LastAccessed = lastAccessed;
+        NonEditable = nonEditable;
+    }
+
+    public void BindUserClaims(List<int> userClaims)
+    {
+        _userClaims.Clear();
+        _userClaims.AddRange(userClaims.Select(id => new ApiResourceClaim(id)));
+    }
+
+    public void BindProperties(Dictionary<string, string> properties)
+    {
+        _properties.Clear();
+        _properties.AddRange(properties.Select(property => new ApiResourceProperty(property.Key, property.Value)));
+    }
+
+    public void BindApiScopes(List<int> apiScopes)
+    {
+        _apiScopes.Clear();
+        _apiScopes.AddRange(apiScopes.Select(id => new ApiResourceScope(id)));
+    }
+}
+

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Domain/Entities/ApiResourceClaim.cs

@@ -0,0 +1,21 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Domain.Entities;
+
+public class ApiResourceClaim : Entity<int>
+{
+    public int UserClaimId { get; private set; }
+
+    public UserClaim UserClaim { get; private set; } = null!;
+
+    public int ApiResourceId { get; private set; }
+
+    public ApiResource ApiResource { get; private set; } = null!;
+
+    public ApiResourceClaim(int userClaimId)
+    {
+        UserClaimId = userClaimId;
+    }
+}
+

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Domain/Entities/ApiResourceProperty.cs

@@ -0,0 +1,18 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Domain.Entities;
+
+public class ApiResourceProperty : Property
+{
+    public int ApiResourceId { get; private set; }
+
+    public ApiResource ApiResource { get; private set; } = null!;
+
+    public ApiResourceProperty(string key, string value)
+    {
+        Key = key;
+        Value = value;
+    }
+}
+

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Domain/Entities/ApiResourceScope.cs

@@ -0,0 +1,21 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Domain.Entities;
+
+public class ApiResourceScope : Entity<int>
+{
+    public int ApiScopeId { get; private set; }
+
+    public ApiScope ApiScope { get; private set; } = null!;
+
+    public int ApiResourceId { get; private set; }
+
+    public ApiResource ApiResource { get; private set; } = null!;
+
+    public ApiResourceScope(int apiScopeId)
+    {
+        ApiScopeId = apiScopeId;
+    }
+}
+

src/Authentication/Masa.BuildingBlocks.Authentication.Oidc.Domain/Entities/ApiResourceSecret.cs

@@ -0,0 +1,12 @@
+// Copyright (c) MASA Stack All rights reserved.
+// Licensed under the MIT License. See LICENSE.txt in the project root for license information.
+
+namespace Masa.BuildingBlocks.Authentication.Oidc.Domain.Entities;
+
+public class ApiResourceSecret : Secret
+{
+    public int ApiResourceId { get; private set; }
+
+    public ApiResource ApiResource { get; private set; } = null!;
+}
+