public string DingLogin(string code, string state)
{
//state 是前端传入的,钉钉并不会修改,比如有多种登录方式的时候,一个登录方法判断登录方式可以进行不同的处理。
OapiSnsGetuserinfoBycodeResponse response = new OapiSnsGetuserinfoBycodeResponse();
try
{
string qrAppId = AppConfigurtaionHelper.Configuration["DingDing:QrAppId"];
string qrAppSecret = AppConfigurtaionHelper.Configuration["DingDing:QrAppSecret"];
if (string.IsNullOrWhiteSpace(qrAppId) || string.IsNullOrWhiteSpace(qrAppSecret))
{
throw new Exception("请先配置钉钉扫码登录信息!");
}
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/sns/getuserinfo_bycode");
OapiSnsGetuserinfoBycodeRequest req = new OapiSnsGetuserinfoBycodeRequest();
req.TmpAuthCode = code;
response = client.Execute(req, qrAppId, qrAppSecret);
//获取到response后就可以进行自己的登录业务处理了
//xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
//此处省略一万行代码
}
catch (Exception e)
{
response.Errmsg = e.Message;
}
return(response.Body);
}
protected override AuthUser GetUserInfo(AuthToken authToken)
{
var client = new DefaultDingTalkClient(source.UserInfo());
OapiSnsGetuserinfoBycodeRequest req = new OapiSnsGetuserinfoBycodeRequest();
req.TmpAuthCode = authToken.AccessCode;
OapiSnsGetuserinfoBycodeResponse response = client.Execute(req, config.ClientId, config.ClientSecret);
if (response.IsError)
{
throw new Exception(response.Errmsg);
}
var userObj = response.UserInfo;
authToken.OpenId = userObj.Openid;
authToken.UnionId = userObj.Unionid;
var authUser = new AuthUser();
authUser.Uuid = userObj.Unionid;
authUser.Username = userObj.Nick;
authUser.Nickname = userObj.Nick;
authUser.Gender = AuthUserGender.Unknown;
authUser.Token = authToken;
authUser.Source = source.GetName();
authUser.OriginalUser = response;
authUser.OriginalUserStr = JsonConvert.SerializeObject(response);
return(authUser);
}
/// <summary>
/// 根据授权Code及appId获取用户信息
/// </summary>
/// <param name="accessToken"></param>
/// <param name="userId"></param>
/// <returns></returns>
public static UserDetailInfo GetUserDetail(string code, string appId, string appSecret)
{
try
{
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/sns/getuserinfo_bycode");
OapiSnsGetuserinfoBycodeRequest req = new OapiSnsGetuserinfoBycodeRequest();
req.TmpAuthCode = code;
OapiSnsGetuserinfoBycodeResponse response = client.Execute(req, appId, appSecret);
if (response != null)
{
UserDetailInfo userinfo = new UserDetailInfo();
if (response.Errcode == 0)
{
userinfo = new UserDetailInfo();
userinfo.UserId = response.UserInfo.Nick;
userinfo.OpenId = response.UserInfo.Openid;
userinfo.Unionid = response.UserInfo.Unionid;
return(userinfo);
}
else
{
throw new Exception(response.Errmsg);
}
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
return(null);
}
/// <summary>
/// 根据code获取客户信息
/// </summary>
/// <returns></returns>
public static OapiSnsGetuserinfoBycodeResponse GetDingUserInfoByCode()
{
string accessToken = GetDingToken();
IDingTalkClient client = new DefaultDingTalkClient(dingUrl + "/sns/getuserinfo_bycode");
OapiSnsGetuserinfoBycodeRequest req = new OapiSnsGetuserinfoBycodeRequest();
OapiSnsGetuserinfoBycodeResponse rsp = client.Execute(req, accessToken);
return(rsp);
}
/// <summary>
/// 服务端通过临时授权码获取授权用户的个人信息
/// </summary>
/// <param name="tmpAuthCode">用户授权的临时授权码code,只能使用一次;在前面步骤中跳转到redirect_uri时会追加code参数</param>
/// <param name="appId"></param>
/// <param name="secret"></param>
/// <returns></returns>
public OapiSnsGetuserinfoBycodeResponse GetUserInfoByCode(string tmpAuthCode, string appId, string secret)
{
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/sns/getuserinfo_bycode");
OapiSnsGetuserinfoBycodeRequest req = new OapiSnsGetuserinfoBycodeRequest();
req.TmpAuthCode = tmpAuthCode;
OapiSnsGetuserinfoBycodeResponse response = client.Execute(req, appId, secret);
return(response);
}
public string DingLogin(string code, string state)
{
//state 是前端传入的,钉钉并不会修改,比如有多种登录方式的时候,一个登录方法判断登录方式可以进行不同的处理。
OapiSnsGetuserinfoBycodeResponse response = new OapiSnsGetuserinfoBycodeResponse();
try
{
string qrAppId = AppConfigurtaionHelper.Configuration["DingDing:QrAppId"];
string qrAppSecret = AppConfigurtaionHelper.Configuration["DingDing:QrAppSecret"];
if (string.IsNullOrWhiteSpace(qrAppId) || string.IsNullOrWhiteSpace(qrAppSecret))
{
throw new Exception("请先配置钉钉扫码登录信息!");
}
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/sns/getuserinfo_bycode");
OapiSnsGetuserinfoBycodeRequest req = new OapiSnsGetuserinfoBycodeRequest();
req.TmpAuthCode = code;
response = client.Execute(req, qrAppId, qrAppSecret);
string name = response.UserInfo.Nick;
string openId = response.UserInfo.Openid;
string unionid = response.UserInfo.Unionid;
//获取到response后就可以进行自己的登录业务处理了
//xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
//此处省略一万行代码
//TODO: 此处处理登录逻辑,先判断openid,和姓名在数据库中的匹配,成功后等同于用户名密码登录成功;同时要记录登录成功的ip地址
if (saveInfo(name, openId, unionid))
{
return("信息注册成功!");
}
else
{
return("信息注册失败!");
}
}
catch (Exception e)
{
response.Errmsg = e.Message;
}
return(response.Body);
}
/// <summary>
/// 处理Dingtalk授权结果(接收Dingtalk授权的回调)
/// </summary>
/// <returns></returns>
protected override async Task <HandleRequestResult> HandleRemoteAuthenticateAsync()
{
//第一步,处理工作
AuthenticationProperties properties = null;
var query = Request.Query;
//Dingtalk只会发送code和state两个参数,不会返回错误消息
//若用户禁止授权,则重定向后不会带上code参数,仅会带上state参数
var code = query["code"];
var state = query["state"];
properties = Options.StateDataFormat.Unprotect(state);
if (properties == null)
{
return(HandleRequestResult.Fail("The oauth state was missing or invalid."));
}
// OAuth2 10.12 CSRF
if (!ValidateCorrelationId(properties))
{
return(HandleRequestResult.Fail("Correlation failed."));
}
if (StringValues.IsNullOrEmpty(code))
{
return(HandleRequestResult.Fail("Code was not found."));
}
OAuthCodeExchangeContext ctx = new OAuthCodeExchangeContext(null, code, BuildRedirectUri(Options.CallbackPath));
//第二步,通过Code获取Access Token
var tokens = await ExchangeCodeAsync(ctx);
// var tokens = await ExchangeCodeAsync(code, BuildRedirectUri(Options.CallbackPath));
if (tokens.Error != null)
{
return(HandleRequestResult.Fail(tokens.Error));
}
var resStr = tokens.Response.RootElement.GetRawText();
if (string.IsNullOrEmpty(resStr))
{
return(HandleRequestResult.Fail("Failed to retrieve access token."));
}
var identity = new ClaimsIdentity(ClaimsIssuer);
if (Options.SaveTokens)
{
var authTokens = new List <AuthenticationToken>();
authTokens.Add(new AuthenticationToken {
Name = "access_token", Value = tokens.AccessToken
});
if (!string.IsNullOrEmpty(tokens.RefreshToken))
{
authTokens.Add(new AuthenticationToken {
Name = "refresh_token", Value = tokens.RefreshToken
});
}
if (!string.IsNullOrEmpty(tokens.TokenType)) //Dingtalk就没有这个
{
authTokens.Add(new AuthenticationToken {
Name = "token_type", Value = tokens.TokenType
});
}
if (!string.IsNullOrEmpty(tokens.ExpiresIn))
{
int value;
if (int.TryParse(tokens.ExpiresIn, NumberStyles.Integer, CultureInfo.InvariantCulture, out value))
{
// https://www.w3.org/TR/xmlschema-2/#dateTime
// https://msdn.microsoft.com/en-us/library/az4se3k1(v=vs.110).aspx
var expiresAt = Clock.UtcNow + TimeSpan.FromSeconds(value);
authTokens.Add(new AuthenticationToken
{
Name = "expires_at",
Value = expiresAt.ToString("o", CultureInfo.InvariantCulture)
});
}
}
properties.StoreTokens(authTokens);
}
DefaultDingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/sns/getuserinfo_bycode");
OapiSnsGetuserinfoBycodeRequest req = new OapiSnsGetuserinfoBycodeRequest();
req.TmpAuthCode = code;
var response = client.Execute(req, Options.AppId, Options.AppSecret);
//获取OpenId
if (response.IsError)
{
return(HandleRequestResult.Fail(response.Errmsg));
}
identity.AddClaim(new Claim("sub", response.UserInfo.Openid, ClaimValueTypes.String, ClaimsIssuer));
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, response.UserInfo.Openid, ClaimValueTypes.String, ClaimsIssuer));
identity.AddClaim(new Claim(ClaimTypes.Name, response.UserInfo.Nick, ClaimValueTypes.String, ClaimsIssuer));
identity.AddClaim(new Claim("urn:dingtalk:openid", response.UserInfo.Openid, ClaimValueTypes.String, ClaimsIssuer));
identity.AddClaim(new Claim("urn:dingtalk:unionid", response.UserInfo.Unionid, ClaimValueTypes.String, ClaimsIssuer));
var jsonString = JsonSerializer.Serialize(response.UserInfo);
var payload = JsonDocument.Parse(jsonString);
tokens = OAuthTokenResponse.Success(payload);
var ticket = await CreateTicketAsync(identity, properties, tokens);
if (ticket != null)
{
return(HandleRequestResult.Success(ticket));
}
else
{
return(HandleRequestResult.Fail("Failed to retrieve user information from remote server."));
}
}
