From d86f17c173e00049505362819648f5aacd392e27 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ahmet=20=C3=87otur?= <ahmet.cotur@hotmail.com>
Date: Wed, 18 Mar 2020 12:56:25 +0300
Subject: [PATCH] Identity Server virtualized

---
 .../IdentityServer/AbpCorsPolicyService.cs    |  2 +-
 .../AllowedCorsOriginsCacheItemInvalidator.cs |  4 +-
 .../AspNetIdentity/AbpProfileService.cs       |  8 +--
 .../AbpResourceOwnerPasswordValidator.cs      | 58 +++++++++----------
 .../Abp/IdentityServer/Clients/ClientStore.cs | 12 ++--
 .../IdentityServer/Devices/DeviceFlowCodes.cs |  2 +-
 .../IdentityServer/Devices/DeviceFlowStore.cs | 12 ++--
 .../Grants/PersistedGrantStore.cs             | 40 ++++++-------
 .../Volo/Abp/IdentityServer/ResourceStore.cs  | 32 +++++-----
 .../ApiResources/ApiResourceRepository.cs     |  2 +-
 .../Clients/ClientRepository.cs               |  4 +-
 .../Devices/DeviceFlowCodesRepository.cs      |  6 +-
 .../Grants/PersistedGrantRepository.cs        | 10 ++--
 .../IdentityResourceRepository.cs             |  4 +-
 .../MongoDB/MongoApiResourceRepository.cs     |  2 +-
 .../MongoDB/MongoClientRepository.cs          |  4 +-
 .../MongoDB/MongoDeviceFlowCodesRepository.cs |  6 +-
 .../MongoIdentityResourceRepository.cs        |  6 +-
 .../MongoDB/MongoPersistedGrantRepository.cs  | 10 ++--
 19 files changed, 112 insertions(+), 112 deletions(-)

diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpCorsPolicyService.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpCorsPolicyService.cs
index 9113051a4a..27504ab5ac 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpCorsPolicyService.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AbpCorsPolicyService.cs
@@ -26,7 +26,7 @@ namespace Volo.Abp.IdentityServer
             Logger = NullLogger<AbpCorsPolicyService>.Instance;
         }
 
-        public async Task<bool> IsOriginAllowedAsync(string origin)
+        public virtual async Task<bool> IsOriginAllowedAsync(string origin)
         {
             var cacheItem = await Cache.GetOrAddAsync(AllowedCorsOriginsCacheItem.AllOrigins, CreateCacheItemAsync);
 
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AllowedCorsOriginsCacheItemInvalidator.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AllowedCorsOriginsCacheItemInvalidator.cs
index 80bc425d5c..53bfedd128 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AllowedCorsOriginsCacheItemInvalidator.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AllowedCorsOriginsCacheItemInvalidator.cs
@@ -19,12 +19,12 @@ namespace Volo.Abp.IdentityServer
             Cache = cache;
         }
         
-        public async Task HandleEventAsync(EntityChangedEventData<Client> eventData)
+        public virtual async Task HandleEventAsync(EntityChangedEventData<Client> eventData)
         {
             await Cache.RemoveAsync(AllowedCorsOriginsCacheItem.AllOrigins);
         }
 
-        public async Task HandleEventAsync(EntityChangedEventData<ClientCorsOrigin> eventData)
+        public virtual async Task HandleEventAsync(EntityChangedEventData<ClientCorsOrigin> eventData)
         {
             await Cache.RemoveAsync(AllowedCorsOriginsCacheItem.AllOrigins);
         }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpProfileService.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpProfileService.cs
index f3bca6dba9..224abc6c10 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpProfileService.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpProfileService.cs
@@ -12,7 +12,7 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
 {
     public class AbpProfileService : ProfileService<IdentityUser>
     {
-        private readonly ICurrentTenant _currentTenant;
+        protected ICurrentTenant CurrentTenant { get; }
 
         public AbpProfileService(
             IdentityUserManager userManager,
@@ -20,13 +20,13 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
             ICurrentTenant currentTenant)
             : base(userManager, claimsFactory)
         {
-            _currentTenant = currentTenant;
+            CurrentTenant = currentTenant;
         }
 
         [UnitOfWork]
         public override async Task GetProfileDataAsync(ProfileDataRequestContext context)
         {
-            using (_currentTenant.Change(context.Subject.FindTenantId()))
+            using (CurrentTenant.Change(context.Subject.FindTenantId()))
             {
                 await base.GetProfileDataAsync(context);
             }
@@ -35,7 +35,7 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
         [UnitOfWork]
         public override async Task IsActiveAsync(IsActiveContext context)
         {
-            using (_currentTenant.Change(context.Subject.FindTenantId()))
+            using (CurrentTenant.Change(context.Subject.FindTenantId()))
             {
                 await base.IsActiveAsync(context);
             }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs
index ce11a167e1..e45df9b3f7 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs
@@ -20,11 +20,11 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
 {
     public class AbpResourceOwnerPasswordValidator : IResourceOwnerPasswordValidator
     {
-        private readonly SignInManager<IdentityUser> _signInManager;
-        private readonly IEventService _events;
-        private readonly UserManager<IdentityUser> _userManager;
-        private readonly ILogger<ResourceOwnerPasswordValidator<IdentityUser>> _logger;
-        private readonly IStringLocalizer<AbpIdentityServerResource> _localizer;
+        protected SignInManager<IdentityUser> SignInManager { get; }
+        protected IEventService Events { get; }
+        protected UserManager<IdentityUser> UserManager { get; }
+        protected ILogger<ResourceOwnerPasswordValidator<IdentityUser>> Logger { get; }
+        protected IStringLocalizer<AbpIdentityServerResource> Localizer { get; }
 
         public AbpResourceOwnerPasswordValidator(
             UserManager<IdentityUser> userManager,
@@ -33,11 +33,11 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
             ILogger<ResourceOwnerPasswordValidator<IdentityUser>> logger, 
             IStringLocalizer<AbpIdentityServerResource> localizer)
         {
-            _userManager = userManager;
-            _signInManager = signInManager;
-            _events = events;
-            _logger = logger;
-            _localizer = localizer;
+            UserManager = userManager;
+            SignInManager = signInManager;
+            Events = events;
+            Logger = logger;
+            Localizer = localizer;
         }
 
         /// <summary>
@@ -49,17 +49,17 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
         public virtual async Task ValidateAsync(ResourceOwnerPasswordValidationContext context)
         {
             await ReplaceEmailToUsernameOfInputIfNeeds(context);
-            var user = await _userManager.FindByNameAsync(context.UserName);
+            var user = await UserManager.FindByNameAsync(context.UserName);
             string errorDescription;
             if (user != null)
             {
-                var result = await _signInManager.CheckPasswordSignInAsync(user, context.Password, true);
+                var result = await SignInManager.CheckPasswordSignInAsync(user, context.Password, true);
                 if (result.Succeeded)
                 {
-                    var sub = await _userManager.GetUserIdAsync(user);
+                    var sub = await UserManager.GetUserIdAsync(user);
 
-                    _logger.LogInformation("Credentials validated for username: {username}", context.UserName);
-                    await _events.RaiseAsync(new UserLoginSuccessEvent(context.UserName, sub, context.UserName, interactive: false));
+                    Logger.LogInformation("Credentials validated for username: {username}", context.UserName);
+                    await Events.RaiseAsync(new UserLoginSuccessEvent(context.UserName, sub, context.UserName, interactive: false));
 
                     var additionalClaims = new List<Claim>();
 
@@ -75,28 +75,28 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
                 }
                 else if (result.IsLockedOut)
                 {
-                    _logger.LogInformation("Authentication failed for username: {username}, reason: locked out", context.UserName);
-                    await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "locked out", interactive: false));
-                    errorDescription = _localizer["UserLockedOut"];
+                    Logger.LogInformation("Authentication failed for username: {username}, reason: locked out", context.UserName);
+                    await Events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "locked out", interactive: false));
+                    errorDescription = Localizer["UserLockedOut"];
                 }
                 else if (result.IsNotAllowed)
                 {
-                    _logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", context.UserName);
-                    await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "not allowed", interactive: false));
-                    errorDescription = _localizer["LoginIsNotAllowed"];
+                    Logger.LogInformation("Authentication failed for username: {username}, reason: not allowed", context.UserName);
+                    await Events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "not allowed", interactive: false));
+                    errorDescription = Localizer["LoginIsNotAllowed"];
                 }
                 else
                 {
-                    _logger.LogInformation("Authentication failed for username: {username}, reason: invalid credentials", context.UserName);
-                    await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "invalid credentials", interactive: false));
-                    errorDescription = _localizer["InvalidUserNameOrPassword"];
+                    Logger.LogInformation("Authentication failed for username: {username}, reason: invalid credentials", context.UserName);
+                    await Events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "invalid credentials", interactive: false));
+                    errorDescription = Localizer["InvalidUserNameOrPassword"];
                 }
             }
             else
             {
-                _logger.LogInformation("No user found matching username: {username}", context.UserName);
-                await _events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "invalid username", interactive: false));
-                errorDescription = _localizer["InvalidUsername"];
+                Logger.LogInformation("No user found matching username: {username}", context.UserName);
+                await Events.RaiseAsync(new UserLoginFailureEvent(context.UserName, "invalid username", interactive: false));
+                errorDescription = Localizer["InvalidUsername"];
             }
 
             context.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, errorDescription);
@@ -109,13 +109,13 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
                 return;
             }
 
-            var userByUsername = await _userManager.FindByNameAsync(context.UserName);
+            var userByUsername = await UserManager.FindByNameAsync(context.UserName);
             if (userByUsername != null)
             {
                 return;
             }
 
-            var userByEmail = await _userManager.FindByEmailAsync(context.UserName);
+            var userByEmail = await UserManager.FindByEmailAsync(context.UserName);
             if (userByEmail == null)
             {
                 return;
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/ClientStore.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/ClientStore.cs
index 0e88b658cd..2486bb0413 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/ClientStore.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Clients/ClientStore.cs
@@ -6,19 +6,19 @@ namespace Volo.Abp.IdentityServer.Clients
 {
     public class ClientStore : IClientStore
     {
-        private readonly IClientRepository _clientRepository;
-        private readonly IObjectMapper<AbpIdentityServerDomainModule> _objectMapper;
+        protected IClientRepository ClientRepository { get; }
+        protected IObjectMapper<AbpIdentityServerDomainModule> ObjectMapper { get; }
 
         public ClientStore(IClientRepository clientRepository, IObjectMapper<AbpIdentityServerDomainModule> objectMapper)
         {
-            _clientRepository = clientRepository;
-            _objectMapper = objectMapper;
+            ClientRepository = clientRepository;
+            ObjectMapper = objectMapper;
         }
 
         public virtual async Task<IdentityServer4.Models.Client> FindClientByIdAsync(string clientId)
         {
-            var client = await _clientRepository.FindByCliendIdAsync(clientId);
-            return _objectMapper.Map<Client, IdentityServer4.Models.Client>(client);
+            var client = await ClientRepository.FindByCliendIdAsync(clientId);
+            return ObjectMapper.Map<Client, IdentityServer4.Models.Client>(client);
         }
     }
 }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Devices/DeviceFlowCodes.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Devices/DeviceFlowCodes.cs
index 8814519cd4..3961de57a2 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Devices/DeviceFlowCodes.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Devices/DeviceFlowCodes.cs
@@ -17,7 +17,7 @@ namespace Volo.Abp.IdentityServer.Devices
 
         public virtual string Data { get; set; }
 
-        private DeviceFlowCodes()
+        protected DeviceFlowCodes()
         {
 
         }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Devices/DeviceFlowStore.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Devices/DeviceFlowStore.cs
index 0f0021f9a4..ba0ef757fe 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Devices/DeviceFlowStore.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Devices/DeviceFlowStore.cs
@@ -26,7 +26,7 @@ namespace Volo.Abp.IdentityServer.Devices
             PersistentGrantSerializer = persistentGrantSerializer;
         }
 
-        public async Task StoreDeviceAuthorizationAsync(string deviceCode, string userCode, DeviceCode data)
+        public virtual async Task StoreDeviceAuthorizationAsync(string deviceCode, string userCode, DeviceCode data)
         {
             Check.NotNull(deviceCode, nameof(deviceCode));
             Check.NotNull(userCode, nameof(userCode));
@@ -47,7 +47,7 @@ namespace Volo.Abp.IdentityServer.Devices
                 );
         }
         
-        public async Task<DeviceCode> FindByUserCodeAsync(string userCode)
+        public virtual async Task<DeviceCode> FindByUserCodeAsync(string userCode)
         {
             Check.NotNull(userCode, nameof(userCode));
 
@@ -63,7 +63,7 @@ namespace Volo.Abp.IdentityServer.Devices
             return DeserializeToDeviceCode(deviceCodes.Data);
         }
 
-        public async Task<DeviceCode> FindByDeviceCodeAsync(string deviceCode)
+        public virtual async Task<DeviceCode> FindByDeviceCodeAsync(string deviceCode)
         {
             Check.NotNull(deviceCode, nameof(deviceCode));
 
@@ -79,7 +79,7 @@ namespace Volo.Abp.IdentityServer.Devices
             return DeserializeToDeviceCode(deviceCodes.Data);
         }
 
-        public async Task UpdateByUserCodeAsync(string userCode, DeviceCode data)
+        public virtual async Task UpdateByUserCodeAsync(string userCode, DeviceCode data)
         {
             Check.NotNull(userCode, nameof(userCode));
             Check.NotNull(data, nameof(data));
@@ -102,7 +102,7 @@ namespace Volo.Abp.IdentityServer.Devices
                 ;
         }
 
-        public async Task RemoveByDeviceCodeAsync(string deviceCode)
+        public virtual async Task RemoveByDeviceCodeAsync(string deviceCode)
         {
             Check.NotNull(deviceCode, nameof(deviceCode));
 
@@ -120,7 +120,7 @@ namespace Volo.Abp.IdentityServer.Devices
                 ;
         }
 
-        private string Serialize([CanBeNull] DeviceCode deviceCode)
+        protected virtual string Serialize([CanBeNull] DeviceCode deviceCode)
         {
             if (deviceCode == null)
             {
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Grants/PersistedGrantStore.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Grants/PersistedGrantStore.cs
index e58dae6daf..091989931b 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Grants/PersistedGrantStore.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/Grants/PersistedGrantStore.cs
@@ -10,65 +10,65 @@ namespace Volo.Abp.IdentityServer.Grants
 {
     public class PersistedGrantStore : IPersistedGrantStore
     {
-        private readonly IPersistentGrantRepository _persistentGrantRepository;
-        private readonly IObjectMapper<AbpIdentityServerDomainModule> _objectMapper;
-        private readonly IGuidGenerator _guidGenerator;
+        protected IPersistentGrantRepository PersistentGrantRepository { get; }
+        protected IObjectMapper<AbpIdentityServerDomainModule> ObjectMapper { get; }
+        protected IGuidGenerator GuidGenerator { get; }
 
         public PersistedGrantStore(IPersistentGrantRepository persistentGrantRepository,
             IObjectMapper<AbpIdentityServerDomainModule> objectMapper, IGuidGenerator guidGenerator)
         {
-            _persistentGrantRepository = persistentGrantRepository;
-            _objectMapper = objectMapper;
-            _guidGenerator = guidGenerator;
+            PersistentGrantRepository = persistentGrantRepository;
+            ObjectMapper = objectMapper;
+            GuidGenerator = guidGenerator;
         }
 
         public virtual async Task StoreAsync(IdentityServer4.Models.PersistedGrant grant)
         {
-            var entity = await _persistentGrantRepository.FindByKeyAsync(grant.Key);
+            var entity = await PersistentGrantRepository.FindByKeyAsync(grant.Key);
             if (entity == null)
             {
-                entity = _objectMapper.Map<IdentityServer4.Models.PersistedGrant, PersistedGrant>(grant);
-                EntityHelper.TrySetId(entity, () => _guidGenerator.Create());
-                await _persistentGrantRepository.InsertAsync(entity);
+                entity = ObjectMapper.Map<IdentityServer4.Models.PersistedGrant, PersistedGrant>(grant);
+                EntityHelper.TrySetId(entity, () => GuidGenerator.Create());
+                await PersistentGrantRepository.InsertAsync(entity);
             }
             else
             {
-                _objectMapper.Map(grant, entity);
-                await _persistentGrantRepository.UpdateAsync(entity);
+                ObjectMapper.Map(grant, entity);
+                await PersistentGrantRepository.UpdateAsync(entity);
             }
         }
 
         public virtual async Task<IdentityServer4.Models.PersistedGrant> GetAsync(string key)
         {
-            var persistedGrant = await _persistentGrantRepository.FindByKeyAsync(key);
-            return _objectMapper.Map<PersistedGrant, IdentityServer4.Models.PersistedGrant>(persistedGrant);
+            var persistedGrant = await PersistentGrantRepository.FindByKeyAsync(key);
+            return ObjectMapper.Map<PersistedGrant, IdentityServer4.Models.PersistedGrant>(persistedGrant);
         }
 
         public virtual async Task<IEnumerable<IdentityServer4.Models.PersistedGrant>> GetAllAsync(string subjectId)
         {
-            var persistedGrants = await _persistentGrantRepository.GetListBySubjectIdAsync(subjectId);
-            return persistedGrants.Select(x => _objectMapper.Map<PersistedGrant, IdentityServer4.Models.PersistedGrant>(x));
+            var persistedGrants = await PersistentGrantRepository.GetListBySubjectIdAsync(subjectId);
+            return persistedGrants.Select(x => ObjectMapper.Map<PersistedGrant, IdentityServer4.Models.PersistedGrant>(x));
         }
 
         public virtual async Task RemoveAsync(string key)
         {
-            var persistedGrant = await _persistentGrantRepository.FindByKeyAsync(key);
+            var persistedGrant = await PersistentGrantRepository.FindByKeyAsync(key);
             if (persistedGrant == null)
             {
                 return;
             }
 
-            await _persistentGrantRepository.DeleteAsync(persistedGrant);
+            await PersistentGrantRepository.DeleteAsync(persistedGrant);
         }
 
         public virtual async Task RemoveAllAsync(string subjectId, string clientId)
         {
-            await _persistentGrantRepository.DeleteAsync(subjectId, clientId);
+            await PersistentGrantRepository.DeleteAsync(subjectId, clientId);
         }
 
         public virtual async Task RemoveAllAsync(string subjectId, string clientId, string type)
         {
-            await _persistentGrantRepository.DeleteAsync(subjectId, clientId, type);
+            await PersistentGrantRepository.DeleteAsync(subjectId, clientId, type);
         }
     }
 }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ResourceStore.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ResourceStore.cs
index 56275bb386..d01884380d 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ResourceStore.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/ResourceStore.cs
@@ -13,46 +13,46 @@ namespace Volo.Abp.IdentityServer
 {
     public class ResourceStore : IResourceStore
     {
-        private readonly IIdentityResourceRepository _identityResourceRepository;
-        private readonly IApiResourceRepository _apiResourceRepository;
-        private readonly IObjectMapper<AbpIdentityServerDomainModule> _objectMapper;
+        protected IIdentityResourceRepository IdentityResourceRepository { get; }
+        protected IApiResourceRepository ApiResourceRepository { get; }
+        protected IObjectMapper<AbpIdentityServerDomainModule> ObjectMapper { get; }
 
         public ResourceStore(
             IIdentityResourceRepository identityResourceRepository, 
             IObjectMapper<AbpIdentityServerDomainModule> objectMapper, 
             IApiResourceRepository apiResourceRepository)
         {
-            _identityResourceRepository = identityResourceRepository;
-            _objectMapper = objectMapper;
-            _apiResourceRepository = apiResourceRepository;
+            IdentityResourceRepository = identityResourceRepository;
+            ObjectMapper = objectMapper;
+            ApiResourceRepository = apiResourceRepository;
         }
 
         public virtual async Task<IEnumerable<IdentityServer4.Models.IdentityResource>> FindIdentityResourcesByScopeAsync(IEnumerable<string> scopeNames)
         {
-            var resource = await _identityResourceRepository.GetListByScopesAsync(scopeNames.ToArray(), includeDetails: true);
-            return _objectMapper.Map<List<IdentityResource>, List<IdentityServer4.Models.IdentityResource>>(resource);
+            var resource = await IdentityResourceRepository.GetListByScopesAsync(scopeNames.ToArray(), includeDetails: true);
+            return ObjectMapper.Map<List<IdentityResource>, List<IdentityServer4.Models.IdentityResource>>(resource);
         }
 
         public virtual async Task<IEnumerable<ApiResource>> FindApiResourcesByScopeAsync(IEnumerable<string> scopeNames)
         {
-            var resources = await _apiResourceRepository.GetListByScopesAsync(scopeNames.ToArray(), includeDetails: true);
-            return resources.Select(x => _objectMapper.Map<ApiResources.ApiResource, ApiResource>(x));
+            var resources = await ApiResourceRepository.GetListByScopesAsync(scopeNames.ToArray(), includeDetails: true);
+            return resources.Select(x => ObjectMapper.Map<ApiResources.ApiResource, ApiResource>(x));
         }
 
         public virtual async Task<ApiResource> FindApiResourceAsync(string name)
         {
-            var resource = await _apiResourceRepository.FindByNameAsync(name);
-            return _objectMapper.Map<ApiResources.ApiResource, ApiResource>(resource);
+            var resource = await ApiResourceRepository.FindByNameAsync(name);
+            return ObjectMapper.Map<ApiResources.ApiResource, ApiResource>(resource);
         }
 
         public virtual async Task<Resources> GetAllResourcesAsync()
         {
-            var identityResources = await _identityResourceRepository.GetListAsync(includeDetails: true);
-            var apiResources = await _apiResourceRepository.GetListAsync(includeDetails: true);
+            var identityResources = await IdentityResourceRepository.GetListAsync(includeDetails: true);
+            var apiResources = await ApiResourceRepository.GetListAsync(includeDetails: true);
 
             return new Resources(
-                _objectMapper.Map<List<IdentityResource>, IdentityServer4.Models.IdentityResource[]>(identityResources),
-                _objectMapper.Map<List<ApiResources.ApiResource>, ApiResource[]>(apiResources)
+                ObjectMapper.Map<List<IdentityResource>, IdentityServer4.Models.IdentityResource[]>(identityResources),
+                ObjectMapper.Map<List<ApiResources.ApiResource>, ApiResource[]>(apiResources)
             );
         }
     }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/ApiResources/ApiResourceRepository.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/ApiResources/ApiResourceRepository.cs
index 5f7d6369af..384db34364 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/ApiResources/ApiResourceRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/ApiResources/ApiResourceRepository.cs
@@ -61,7 +61,7 @@ namespace Volo.Abp.IdentityServer.ApiResources
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
+        public virtual async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
         {
             return await DbSet.AnyAsync(ar => ar.Id != expectedId && ar.Name == name, cancellationToken: cancellationToken);
         }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Clients/ClientRepository.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Clients/ClientRepository.cs
index 44218470fd..de2ff83bc0 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Clients/ClientRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Clients/ClientRepository.cs
@@ -37,7 +37,7 @@ namespace Volo.Abp.IdentityServer.Clients
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task<List<string>> GetAllDistinctAllowedCorsOriginsAsync(CancellationToken cancellationToken = default)
+        public virtual async Task<List<string>> GetAllDistinctAllowedCorsOriginsAsync(CancellationToken cancellationToken = default)
         {
             return await DbContext.ClientCorsOrigins
                 .Select(x => x.Origin)
@@ -45,7 +45,7 @@ namespace Volo.Abp.IdentityServer.Clients
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task<bool> CheckClientIdExistAsync(string clientId, Guid? expectedId = null, CancellationToken cancellationToken = default)
+        public virtual async Task<bool> CheckClientIdExistAsync(string clientId, Guid? expectedId = null, CancellationToken cancellationToken = default)
         {
             return await DbSet.AnyAsync(c => c.Id != expectedId && c.ClientId == clientId, cancellationToken: cancellationToken);
         }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Devices/DeviceFlowCodesRepository.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Devices/DeviceFlowCodesRepository.cs
index 3a10d21046..f688300a55 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Devices/DeviceFlowCodesRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Devices/DeviceFlowCodesRepository.cs
@@ -19,7 +19,7 @@ namespace Volo.Abp.IdentityServer.Devices
 
         }
 
-        public async Task<DeviceFlowCodes> FindByUserCodeAsync(
+        public virtual async Task<DeviceFlowCodes> FindByUserCodeAsync(
             string userCode,
             CancellationToken cancellationToken = default)
         {
@@ -28,7 +28,7 @@ namespace Volo.Abp.IdentityServer.Devices
                 ;
         }
 
-        public async Task<DeviceFlowCodes> FindByDeviceCodeAsync(
+        public virtual async Task<DeviceFlowCodes> FindByDeviceCodeAsync(
             string deviceCode, 
             CancellationToken cancellationToken = default)
         {
@@ -36,7 +36,7 @@ namespace Volo.Abp.IdentityServer.Devices
                 .FirstOrDefaultAsync(d => d.DeviceCode == deviceCode, GetCancellationToken(cancellationToken));
         }
 
-        public async Task<List<DeviceFlowCodes>> GetListByExpirationAsync(DateTime maxExpirationDate, int maxResultCount,
+        public virtual async Task<List<DeviceFlowCodes>> GetListByExpirationAsync(DateTime maxExpirationDate, int maxResultCount,
             CancellationToken cancellationToken = default)
         {
             return await DbSet
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Grants/PersistedGrantRepository.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Grants/PersistedGrantRepository.cs
index 76c02d1122..03b752d61b 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Grants/PersistedGrantRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/Grants/PersistedGrantRepository.cs
@@ -18,7 +18,7 @@ namespace Volo.Abp.IdentityServer.Grants
 
         }
 
-        public async Task<PersistedGrant> FindByKeyAsync(
+        public virtual async Task<PersistedGrant> FindByKeyAsync(
             string key,
             CancellationToken cancellationToken = default)
         {
@@ -27,7 +27,7 @@ namespace Volo.Abp.IdentityServer.Grants
                 ;
         }
 
-        public async Task<List<PersistedGrant>> GetListBySubjectIdAsync(
+        public virtual async Task<List<PersistedGrant>> GetListBySubjectIdAsync(
             string subjectId,
             CancellationToken cancellationToken = default)
         {
@@ -36,7 +36,7 @@ namespace Volo.Abp.IdentityServer.Grants
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task<List<PersistedGrant>> GetListByExpirationAsync(
+        public virtual async Task<List<PersistedGrant>> GetListByExpirationAsync(
             DateTime maxExpirationDate, 
             int maxResultCount,
             CancellationToken cancellationToken = default)
@@ -48,7 +48,7 @@ namespace Volo.Abp.IdentityServer.Grants
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task DeleteAsync(
+        public virtual async Task DeleteAsync(
             string subjectId, 
             string clientId,
             CancellationToken cancellationToken = default)
@@ -59,7 +59,7 @@ namespace Volo.Abp.IdentityServer.Grants
             );
         }
 
-        public async Task DeleteAsync(
+        public virtual async Task DeleteAsync(
             string subjectId, 
             string clientId, 
             string type,
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/IdentityResources/IdentityResourceRepository.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/IdentityResources/IdentityResourceRepository.cs
index 20789ecca8..49ca386502 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/IdentityResources/IdentityResourceRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.EntityFrameworkCore/Volo/Abp/IdentityServer/IdentityResources/IdentityResourceRepository.cs
@@ -46,7 +46,7 @@ namespace Volo.Abp.IdentityServer.IdentityResources
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task<IdentityResource> FindByNameAsync(
+        public virtual async Task<IdentityResource> FindByNameAsync(
             string name, 
             bool includeDetails = true, 
             CancellationToken cancellationToken = default)
@@ -57,7 +57,7 @@ namespace Volo.Abp.IdentityServer.IdentityResources
                 .FirstOrDefaultAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
+        public virtual async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
         {
             return await DbSet.AnyAsync(ir => ir.Id != expectedId && ir.Name == name, cancellationToken: cancellationToken);
         }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoApiResourceRepository.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoApiResourceRepository.cs
index 45b69c82f7..760e150853 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoApiResourceRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoApiResourceRepository.cs
@@ -48,7 +48,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
             return await GetCountAsync();
         }
 
-        public async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
+        public virtual async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
         {
             return await GetMongoQueryable().AnyAsync(ar => ar.Id != expectedId && ar.Name == name, cancellationToken: cancellationToken);
         }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoClientRepository.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoClientRepository.cs
index 61488edc3d..ae71273f56 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoClientRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoClientRepository.cs
@@ -43,7 +43,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task<List<string>> GetAllDistinctAllowedCorsOriginsAsync(
+        public virtual async Task<List<string>> GetAllDistinctAllowedCorsOriginsAsync(
             CancellationToken cancellationToken = default)
         {
             return await GetMongoQueryable()
@@ -53,7 +53,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task<bool> CheckClientIdExistAsync(string clientId, Guid? expectedId = null, CancellationToken cancellationToken = default)
+        public virtual async Task<bool> CheckClientIdExistAsync(string clientId, Guid? expectedId = null, CancellationToken cancellationToken = default)
         {
             return await GetMongoQueryable().AnyAsync(c => c.Id != expectedId && c.ClientId == clientId, cancellationToken: cancellationToken);
         }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoDeviceFlowCodesRepository.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoDeviceFlowCodesRepository.cs
index 44cb86a744..be0d964287 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoDeviceFlowCodesRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoDeviceFlowCodesRepository.cs
@@ -19,7 +19,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
 
         }
 
-        public async Task<DeviceFlowCodes> FindByUserCodeAsync(
+        public virtual async Task<DeviceFlowCodes> FindByUserCodeAsync(
             string userCode,
             CancellationToken cancellationToken = default)
         {
@@ -28,13 +28,13 @@ namespace Volo.Abp.IdentityServer.MongoDB
                 ;
         }
 
-        public async Task<DeviceFlowCodes> FindByDeviceCodeAsync(string deviceCode, CancellationToken cancellationToken = default)
+        public virtual async Task<DeviceFlowCodes> FindByDeviceCodeAsync(string deviceCode, CancellationToken cancellationToken = default)
         {
             return await GetMongoQueryable()
                 .FirstOrDefaultAsync(d => d.DeviceCode == deviceCode, GetCancellationToken(cancellationToken));
         }
 
-        public async Task<List<DeviceFlowCodes>> GetListByExpirationAsync(
+        public virtual async Task<List<DeviceFlowCodes>> GetListByExpirationAsync(
             DateTime maxExpirationDate, 
             int maxResultCount,
             CancellationToken cancellationToken = default)
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoIdentityResourceRepository.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoIdentityResourceRepository.cs
index d25faa9622..519db606ee 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoIdentityResourceRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoIdentityResourceRepository.cs
@@ -27,7 +27,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task<IdentityResource> FindByNameAsync(
+        public virtual async Task<IdentityResource> FindByNameAsync(
             string name,
             bool includeDetails = true,
             CancellationToken cancellationToken = default)
@@ -37,7 +37,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
                 .FirstOrDefaultAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task<List<IdentityResource>> GetListByScopesAsync(string[] scopeNames, bool includeDetails = false,
+        public virtual async Task<List<IdentityResource>> GetListByScopesAsync(string[] scopeNames, bool includeDetails = false,
             CancellationToken cancellationToken = default)
         {
             return await GetMongoQueryable()
@@ -50,7 +50,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
             return await GetCountAsync();
         }
 
-        public async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
+        public virtual async Task<bool> CheckNameExistAsync(string name, Guid? expectedId = null, CancellationToken cancellationToken = default)
         {
             return await GetMongoQueryable().AnyAsync(ir => ir.Id != expectedId && ir.Name == name, cancellationToken: cancellationToken);
         }
diff --git a/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoPersistedGrantRepository.cs b/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoPersistedGrantRepository.cs
index e63bc27805..e9b677453b 100644
--- a/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoPersistedGrantRepository.cs
+++ b/modules/identityserver/src/Volo.Abp.IdentityServer.MongoDB/Volo/Abp/IdentityServer/MongoDB/MongoPersistedGrantRepository.cs
@@ -16,14 +16,14 @@ namespace Volo.Abp.IdentityServer.MongoDB
         {
         }
 
-        public async Task<PersistedGrant> FindByKeyAsync(string key, CancellationToken cancellationToken = default)
+        public virtual async Task<PersistedGrant> FindByKeyAsync(string key, CancellationToken cancellationToken = default)
         {
 
             return await GetMongoQueryable()
                 .FirstOrDefaultAsync(x => x.Key == key, GetCancellationToken(cancellationToken));
         }
 
-        public async Task<List<PersistedGrant>> GetListBySubjectIdAsync(string subjectId, CancellationToken cancellationToken = default)
+        public virtual async Task<List<PersistedGrant>> GetListBySubjectIdAsync(string subjectId, CancellationToken cancellationToken = default)
         {
             return await GetMongoQueryable()
                 .Where(x => x.SubjectId == subjectId)
@@ -31,7 +31,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
                 ;
         }
 
-        public async Task<List<PersistedGrant>> GetListByExpirationAsync(DateTime maxExpirationDate, int maxResultCount,
+        public virtual async Task<List<PersistedGrant>> GetListByExpirationAsync(DateTime maxExpirationDate, int maxResultCount,
             CancellationToken cancellationToken = default)
         {
             return await GetMongoQueryable()
@@ -41,7 +41,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
                 .ToListAsync(GetCancellationToken(cancellationToken));
         }
 
-        public async Task DeleteAsync(string subjectId, string clientId, CancellationToken cancellationToken = default)
+        public virtual async Task DeleteAsync(string subjectId, string clientId, CancellationToken cancellationToken = default)
         {
             await DeleteAsync(
                 x => x.SubjectId == subjectId && x.ClientId == clientId,
@@ -49,7 +49,7 @@ namespace Volo.Abp.IdentityServer.MongoDB
             );
         }
 
-        public async Task DeleteAsync(string subjectId, string clientId, string type, CancellationToken cancellationToken = default)
+        public virtual async Task DeleteAsync(string subjectId, string clientId, string type, CancellationToken cancellationToken = default)
         {
             await DeleteAsync(
                 x => x.SubjectId == subjectId && x.ClientId == clientId && x.Type == type,