add Feature to support plugins

SecurityTokenService.sln

@@ -31,6 +31,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "JavaScriptClient", "src\Jav
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "MvcClient", "src\MvcClient\MvcClient.csproj", "{2775FB23-EC1E-496C-85FC-26E5820C3559}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SecurityTokenServicePluginDemo", "src\SecurityTokenServicePluginDemo\SecurityTokenServicePluginDemo.csproj", "{83F692C2-2498-497D-AD53-2CCB4B60E0DD}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -101,6 +103,18 @@ Global
 		{2775FB23-EC1E-496C-85FC-26E5820C3559}.Release|x64.Build.0 = Release|Any CPU
 		{2775FB23-EC1E-496C-85FC-26E5820C3559}.Release|x86.ActiveCfg = Release|Any CPU
 		{2775FB23-EC1E-496C-85FC-26E5820C3559}.Release|x86.Build.0 = Release|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Debug|x64.Build.0 = Debug|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Debug|x86.Build.0 = Debug|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Release|Any CPU.Build.0 = Release|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Release|x64.ActiveCfg = Release|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Release|x64.Build.0 = Release|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Release|x86.ActiveCfg = Release|Any CPU
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD}.Release|x86.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -111,6 +125,7 @@ Global
 		{0C920EC3-5FD5-4BF8-9D31-F66075143FD7} = {BD8BA25C-A91D-419D-99B6-B575ADD6D061}
 		{E4C71DA8-2051-4832-9034-01BCEEF49253} = {BD8BA25C-A91D-419D-99B6-B575ADD6D061}
 		{2775FB23-EC1E-496C-85FC-26E5820C3559} = {BD8BA25C-A91D-419D-99B6-B575ADD6D061}
+		{83F692C2-2498-497D-AD53-2CCB4B60E0DD} = {BD8BA25C-A91D-419D-99B6-B575ADD6D061}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {84D5AF06-1243-46F1-9D58-70ED572832C3}

src/SecurityTokenService/Extensions/PluginsExtensions.cs

@@ -0,0 +1,47 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Reflection;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.Hosting;
+
+namespace SecurityTokenService.Extensions;
+
+public static class PluginsExtensions
+{
+    private static readonly List<Type> _pluginTypes;
+
+    static PluginsExtensions()
+    {
+        _pluginTypes = new();
+        var pluginFiles = Directory.GetFiles("Plugins", "*.dll");
+        foreach (var pluginFile in pluginFiles)
+        {
+            var assembly = Assembly.LoadFrom(pluginFile);
+            var pluginTypes = assembly.GetTypes().Where(t => t.Name.Contains("SecurityTokenPlugin"));
+            if (pluginTypes.Any())
+            {
+                _pluginTypes.AddRange(pluginTypes);
+            }
+        }
+    }
+
+    public static void LoadPlugins(this IHostApplicationBuilder builder)
+    {
+        foreach (var pluginType in _pluginTypes)
+        {
+            var loadMethod = pluginType.GetMethod("Load");
+            loadMethod?.Invoke(null, new object[] { builder });
+        }
+    }
+
+    public static void UsePlugins(this WebApplication app)
+    {
+        foreach (var pluginType in _pluginTypes)
+        {
+            var loadMethod = pluginType.GetMethod("Use");
+            loadMethod?.Invoke(null, new object[] { app });
+        }
+    }
+}

src/SecurityTokenService/Program.cs

@@ -11,6 +11,7 @@
 using Microsoft.Extensions.Hosting;
 using Microsoft.Extensions.Logging;
 using SecurityTokenService.Data;
+using SecurityTokenService.Extensions;
 using SecurityTokenService.Identity;
 using SecurityTokenService.IdentityServer;
 using Serilog;
@@ -66,6 +67,7 @@ await File.WriteAllTextAsync(htmlFile,
         }
 
         app.MapControllers().RequireCors("cors");
+        app.UsePlugins();
         await app.RunAsync();
     }
 
@@ -111,7 +113,7 @@ internal static WebApplication CreateApp(string[] args)
                     .AllowCredentials()
             ));
         builder.Host.UseSerilog();
-
+        builder.LoadPlugins();
         var app = builder.Build();
         return app;
     }

src/SecurityTokenServicePluginDemo/Controllers/TestController.cs

@@ -0,0 +1,15 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+
+namespace SecurityTokenServicePluginDemo.Controllers;
+
+[Route("[controller]")]
+[AllowAnonymous]
+public class TestController
+{
+    [HttpGet]
+    public async Task<IActionResult> GetAsync()
+    {
+        return new ObjectResult("OK");
+    }
+}

src/SecurityTokenServicePluginDemo/DisableAnyOneSecurityTokenPlugin.cs

@@ -0,0 +1,22 @@
+using IdentityServer4.Validation;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Hosting;
+using SecurityTokenServicePluginDemo.Controllers;
+
+namespace SecurityTokenServicePluginDemo;
+
+public static class DisableAnyOneSecurityTokenPlugin
+{
+    public static void Load(IHostApplicationBuilder builder)
+    {
+        Console.WriteLine("Load DisableAnyOneSecurityTokenPlugin");
+        builder.Services.AddTransient<IExtensionGrantValidator, DisableAnyOneValidator>();
+        builder.Services.AddControllers().AddApplicationPart(typeof(TestController).Assembly);
+    }
+
+    public static void Use(WebApplication app)
+    {
+        Console.WriteLine("Use DisableAnyOneSecurityTokenPlugin");
+    }
+}

src/SecurityTokenServicePluginDemo/DisableAnyOneValidator.cs

@@ -0,0 +1,16 @@
+using IdentityServer4.Validation;
+
+namespace SecurityTokenServicePluginDemo;
+
+/// <summary>
+/// 总是允许校验不通过
+/// </summary>
+public class DisableAnyOneValidator : IExtensionGrantValidator
+{
+    public string GrantType => "disableAnyOne";
+
+    public async Task ValidateAsync(ExtensionGrantValidationContext context)
+    {
+        throw new Exception("DisableAnyOne!");
+    }
+}

src/SecurityTokenServicePluginDemo/SecurityTokenServicePluginDemo.csproj

@@ -0,0 +1,15 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+    <PropertyGroup>
+        <TargetFramework>net8.0</TargetFramework>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <Nullable>enable</Nullable>
+    </PropertyGroup>
+
+    <ItemGroup>
+      <PackageReference Include="IdentityServer4" Version="4.1.2" />
+      <PackageReference Include="IdentityServer4.AccessTokenValidation" Version="3.0.1" />
+      <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="8.0.1" />
+    </ItemGroup>
+
+</Project>