revoke account

src/CAVerifierServer.Application.Contracts/Account/Dtos/VerifyRevokeCodeResponseDto.cs

@@ -0,0 +1,6 @@
+namespace CAVerifierServer.Account.Dtos;
+
+public class VerifyRevokeCodeResponseDto
+{
+    public bool Success { get; set; }
+}

src/CAVerifierServer.Application.Contracts/Account/IAccountAppService.cs

@@ -1,5 +1,6 @@
 using System.Collections.Generic;
 using System.Threading.Tasks;
+using CAVerifierServer.Account.Dtos;
 using CAVerifierServer.Verifier.Dtos;
 using Volo.Abp.Application.Services;
 
@@ -21,4 +22,5 @@ public interface IAccountAppService : IApplicationService
      Task<ResponseResultDto<VerifierCodeDto>> VerifyFacebookTokenAsync(VerifyTokenRequestDto tokenRequestDto);
      Task<ResponseResultDto<VerifyFacebookTokenResponseDto>> VerifyFacebookAccessTokenAsync(string accessToken);
      Task<ResponseResultDto<VerifyTwitterTokenDto>> VerifyTwitterTokenAsync(VerifyTokenRequestDto tokenRequestDto);
+     Task<VerifyRevokeCodeResponseDto> VerifyRevokeCodeAsync(VerifyRevokeCodeDto revokeCodeDto);
 }

src/CAVerifierServer.Application.Contracts/Account/VerifyRevokeCodeDto.cs

@@ -0,0 +1,19 @@
+using System;
+using System.Text.Json.Serialization;
+
+namespace CAVerifierServer.Account.Dtos;
+
+public class VerifyRevokeCodeDto
+{
+    [JsonPropertyName("guardianIdentifier")]
+    public string GuardianIdentifier { get; set; }
+
+    [JsonPropertyName("VerifierSessionId")]
+    public Guid VerifierSessionId{ get; set; }
+
+    [JsonPropertyName("VerifyCode")]
+    public string VerifyCode{ get; set; }
+
+    [JsonPropertyName("Type")]
+    public string Type{ get; set; }
+}

src/CAVerifierServer.Application.Contracts/VerifyRevokeCode/IVerifyRevokeCodeValidator.cs

@@ -0,0 +1,11 @@
+using System.Threading.Tasks;
+using CAVerifierServer.Account.Dtos;
+
+namespace CAVerifierServer.VerifyRevokeCode;
+
+public interface IVerifyRevokeCodeValidator
+{
+    string Type { get; }
+
+    Task<bool> VerifyRevokeCodeAsync(VerifyRevokeCodeDto verifyRevokeCodeDto);
+}

src/CAVerifierServer.Application/Account/AccountAppService.cs

@@ -4,14 +4,15 @@
 using System.Net;
 using System.Net.Http;
 using System.Threading.Tasks;
-using Amazon.SimpleNotificationService.Util;
+using CAVerifierServer.Account.Dtos;
 using CAVerifierServer.Verifier.Dtos;
 using CAVerifierServer.Application;
 using CAVerifierServer.Contracts;
 using CAVerifierServer.Grains.Grain;
 using CAVerifierServer.Grains.Grain.ThirdPartyVerification;
 using CAVerifierServer.Options;
 using CAVerifierServer.VerifyCodeSender;
+using CAVerifierServer.VerifyRevokeCode;
 using Microsoft.Extensions.Caching.Distributed;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
@@ -39,6 +40,7 @@ public class AccountAppService : CAVerifierServerAppService, IAccountAppService
     private readonly IContractsProvider _contractsProvider;
     private readonly FacebookOptions _facebookOptions;
     private readonly IHttpClientFactory _httpClientFactory;
+    private readonly IEnumerable<IVerifyRevokeCodeValidator> _revokeCodeValidators;
 
     private const string CaServerListKey = "CAServerListKey";
 
@@ -48,7 +50,7 @@ public AccountAppService(IClusterClient clusterClient,
         IEnumerable<IVerifyCodeSender> verifyCodeSenders, IObjectMapper objectMapper,
         IOptions<WhiteListExpireTimeOptions> whiteListExpireTimeOption, ILogger<AccountAppService> logger,
         IContractsProvider contractsProvider, IOptionsSnapshot<FacebookOptions> facebookOptions,
-        IHttpClientFactory httpClientFactory)
+        IHttpClientFactory httpClientFactory, IEnumerable<IVerifyRevokeCodeValidator> revokeCodeValidators)
     {
         _clusterClient = clusterClient;
         _distributedCache = distributedCache;
@@ -57,6 +59,7 @@ public AccountAppService(IClusterClient clusterClient,
         _logger = logger;
         _contractsProvider = contractsProvider;
         _httpClientFactory = httpClientFactory;
+        _revokeCodeValidators = revokeCodeValidators;
         _facebookOptions = facebookOptions.Value;
         _whiteListExpireTimeOptions = whiteListExpireTimeOption.Value;
         _chainOptions = chainOptions.Value;
@@ -442,6 +445,34 @@ await grain.VerifyTwitterTokenAsync(
         }
     }
 
+    public async Task<VerifyRevokeCodeResponseDto> VerifyRevokeCodeAsync(
+        VerifyRevokeCodeDto revokeCodeDto)
+    {
+        var revokeValidator = _revokeCodeValidators.FirstOrDefault(t => t.Type == revokeCodeDto.Type);
+        if (null == revokeValidator)
+        {
+            return new VerifyRevokeCodeResponseDto
+            {
+                Success = false
+            };
+        }
+
+        var result = await revokeValidator.VerifyRevokeCodeAsync(revokeCodeDto);
+
+        if (result)
+        {
+            return new VerifyRevokeCodeResponseDto
+            {
+                Success = true
+            };
+        }
+
+        return new VerifyRevokeCodeResponseDto
+        {
+            Success = false
+        };
+    }
+
 
     private async Task<DidServerList> GetDidServerListAsync()
     {

src/CAVerifierServer.Application/CAVerifierServerApplicationModule.cs

@@ -3,6 +3,7 @@
 using CAVerifierServer.Options;
 using CAVerifierServer.Phone;
 using CAVerifierServer.VerifyCodeSender;
+using CAVerifierServer.VerifyRevokeCode;
 using Microsoft.Extensions.DependencyInjection;
 using Volo.Abp.AutoMapper;
 using Volo.Abp.Emailing;
@@ -43,6 +44,14 @@ public override void ConfigureServices(ServiceConfigurationContext context)
         context.Services.AddSingleton<ISMSServiceSender, TwilioSmsMessageSender>();
         context.Services.AddSingleton<IVerifyCodeSender, EmailVerifyCodeSender>();
         context.Services.AddSingleton<IVerifyCodeSender, PhoneVerifyCodeSender>();
+
+        context.Services.AddSingleton<IVerifyRevokeCodeValidator, EmailRevokeCodeValidator>();
+        context.Services.AddSingleton<IVerifyRevokeCodeValidator, FaceBookRevokeCodeValidator>();
+        context.Services.AddSingleton<IVerifyRevokeCodeValidator, TwitterRevokeCodeValidator>();
+        context.Services.AddSingleton<IVerifyRevokeCodeValidator, TelegramRevokeCodeValidator>();
+        context.Services.AddSingleton<IVerifyRevokeCodeValidator, AppleRevokeCodeValidator>();
+        context.Services.AddSingleton<IVerifyRevokeCodeValidator, GoogleRevokeCodeValidator>();
+
         context.Services.AddHttpClient();
     }
 }

src/CAVerifierServer.Application/VerifyRevokeCode/AppleRevokeCodeValidator.cs

@@ -0,0 +1,38 @@
+using System;
+using System.Threading.Tasks;
+using Castle.Core.Logging;
+using CAVerifierServer.Account.Dtos;
+using CAVerifierServer.Grains.Grain.ThirdPartyVerification;
+using Microsoft.Extensions.Logging;
+using Orleans;
+
+namespace CAVerifierServer.VerifyRevokeCode;
+
+public class AppleRevokeCodeValidator : IVerifyRevokeCodeValidator
+{
+    private readonly IClusterClient _clusterClient;
+    private readonly ILogger<AppleRevokeCodeValidator> _logger;
+
+    public AppleRevokeCodeValidator(IClusterClient clusterClient, ILogger<AppleRevokeCodeValidator> logger)
+    {
+        _clusterClient = clusterClient;
+        _logger = logger;
+    }
+
+    public string Type  =>  "Apple";
+
+    public async Task<bool> VerifyRevokeCodeAsync(VerifyRevokeCodeDto revokeCodeDto)
+    {
+        var grain = _clusterClient.GetGrain<IThirdPartyVerificationGrain>(revokeCodeDto.VerifyCode);
+        try
+        {
+            await grain.ValidateTokenAsync(revokeCodeDto.VerifyCode);
+            return true;
+        }
+        catch (Exception e)
+        {
+            _logger.LogError(e,"validate apple token failed :{message}", e.Message);
+            return false;
+        }
+    }
+}

src/CAVerifierServer.Application/VerifyRevokeCode/EmailRevokeCodeValidator.cs

@@ -0,0 +1,32 @@
+using System.Threading.Tasks;
+using CAVerifierServer.Account.Dtos;
+using CAVerifierServer.Grains.Grain;
+using Microsoft.Extensions.Logging;
+using Orleans;
+
+namespace CAVerifierServer.VerifyRevokeCode;
+
+public class EmailRevokeCodeValidator : IVerifyRevokeCodeValidator
+{
+    private readonly IClusterClient _clusterClient;
+    private readonly ILogger<EmailRevokeCodeValidator> _logger;
+
+    public EmailRevokeCodeValidator(IClusterClient clusterClient, ILogger<EmailRevokeCodeValidator> logger)
+    {
+        _clusterClient = clusterClient;
+        _logger = logger;
+    }
+
+    public string Type => "Email";
+    public async Task<bool> VerifyRevokeCodeAsync(VerifyRevokeCodeDto revokeCodeDto)
+    {
+        var grain = _clusterClient.GetGrain<IGuardianIdentifierVerificationGrain>(revokeCodeDto.GuardianIdentifier);
+        var resultDto = await grain.VerifyRevokeCodeAsync(revokeCodeDto);
+        if (resultDto.Success)
+        {
+            return true;
+        }
+        _logger.LogError("validate Email verifyCode failed:{reason}",resultDto.Message);
+        return false;
+    }
+}

src/CAVerifierServer.Application/VerifyRevokeCode/FaceBookRevokeCodeValidator.cs

@@ -0,0 +1,100 @@
+using System;
+using System.Net;
+using System.Net.Http;
+using System.Threading.Tasks;
+using CAVerifierServer.Account;
+using CAVerifierServer.Account.Dtos;
+using CAVerifierServer.Options;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+using Newtonsoft.Json;
+
+namespace CAVerifierServer.VerifyRevokeCode;
+
+public class FaceBookRevokeCodeValidator : IVerifyRevokeCodeValidator
+{
+    private readonly ILogger<FaceBookRevokeCodeValidator> _logger;
+    private readonly FacebookOptions _facebookOptions;
+    private readonly IHttpClientFactory _httpClientFactory;
+
+    public FaceBookRevokeCodeValidator(ILogger<FaceBookRevokeCodeValidator> logger,
+        IOptionsSnapshot<FacebookOptions> facebookOptions, IHttpClientFactory httpClientFactory)
+    {
+        _logger = logger;
+        _facebookOptions = facebookOptions.Value;
+        _httpClientFactory = httpClientFactory;
+    }
+
+    public string Type => "Facebook";
+
+    public async Task<bool> VerifyRevokeCodeAsync(VerifyRevokeCodeDto revokeCodeDto)
+    {
+        try
+        {
+            var result = await VerifyFacebookAccessTokenAsync(revokeCodeDto.VerifyCode);
+            if (result)
+            {
+                return true;
+            }
+
+            _logger.LogError("validate Facebook token failed");
+            return false;
+        }
+        catch (Exception e)
+        {
+            _logger.LogError(e, "validate Facebook token failed:{reason}", e.Message);
+            return false;
+        }
+    }
+
+    private async Task<bool> VerifyFacebookAccessTokenAsync(
+        string accessToken)
+    {
+        var appToken = _facebookOptions.AppId + "%7C" + _facebookOptions.AppSecret;
+        var requestUrl =
+            "https://graph.facebook.com/debug_token?access_token=" + appToken + "&input_token=" + accessToken;
+        try
+        {
+            var client = _httpClientFactory.CreateClient();
+            var response = await client.SendAsync(new HttpRequestMessage(HttpMethod.Get, requestUrl));
+
+            var result = await response.Content.ReadAsStringAsync();
+            if (response.StatusCode == HttpStatusCode.Unauthorized)
+            {
+                _logger.LogError("{Message}", response.ToString());
+                return false;
+            }
+
+            if (response.IsSuccessStatusCode)
+            {
+                var verifyUserInfo = JsonConvert.DeserializeObject<VerifyFacebookResultResponse>(result);
+                if (verifyUserInfo == null)
+                {
+                    _logger.LogError("Verify Facebook userInfo fail.");
+                    return false;
+                }
+
+                if (!verifyUserInfo.Data.IsValid)
+                {
+                    _logger.LogError("Verify accessToken from Facebook fail.");
+                    return false;
+                }
+
+                if (verifyUserInfo.Data.ExpiresAt >= DateTimeOffset.UtcNow.ToUnixTimeSeconds())
+                {
+                    return true;
+                }
+
+                _logger.LogError("Token Expired");
+                return false;
+            }
+        }
+        catch (Exception e)
+        {
+            _logger.LogError(e, "Verify AccessToken failed,AccessToken is {accessToken}", accessToken);
+            return false;
+        }
+
+        return false;
+    }
+}

src/CAVerifierServer.Application/VerifyRevokeCode/GoogleRevokeCodeValidator.cs

@@ -0,0 +1,39 @@
+using System;
+using System.Threading.Tasks;
+using CAVerifierServer.Account.Dtos;
+using CAVerifierServer.Grains.Grain.ThirdPartyVerification;
+using Microsoft.Extensions.Logging;
+using Orleans;
+
+namespace CAVerifierServer.VerifyRevokeCode;
+
+public class GoogleRevokeCodeValidator : IVerifyRevokeCodeValidator
+{
+
+    private readonly IClusterClient _clusterClient;
+    private readonly ILogger<GoogleRevokeCodeValidator> _logger;
+
+    public GoogleRevokeCodeValidator(IClusterClient clusterClient, ILogger<GoogleRevokeCodeValidator> logger)
+    {
+        _clusterClient = clusterClient;
+        _logger = logger;
+    }
+
+    public string Type => "Google";
+    public async Task<bool> VerifyRevokeCodeAsync(VerifyRevokeCodeDto revokeCodeDto)
+    {
+        var grain = _clusterClient.GetGrain<IThirdPartyVerificationGrain>(revokeCodeDto.VerifyCode);
+
+        try
+        {
+            await grain.GetUserInfoFromGoogleAsync(revokeCodeDto.VerifyCode);
+            return true;
+        }
+        catch (Exception e)
+        {
+           _logger.LogError(e,"validate google Token error,{error}",e.Message);
+           return false;
+        }
+
+    }
+}