public override void OnActionExecuting(HttpActionContext actionContext)
{
if (actionContext == null
|| actionContext.Request == null
|| actionContext.Request.RequestUri == null
) { return; }
var url = actionContext.Request.RequestUri.AbsoluteUri;
//不需要验证直接跳过
if (NotCheck) return;
var uid = Tools.GetCookie(Stands.UID);
var token = Tools.GetCookie(Stands.TOKEN);
if (string.IsNullOrEmpty(uid) || string.IsNullOrEmpty(token))
{
var response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Redirect,
"Unauthorized");
response.Headers.Add("Location", RouteUtils.GetAuthUrl(url));
actionContext.Response = response;
return;
}
WebUtils web = new WebUtils();
var cacheInfo = web.DoGet(Stands.AUTH_HOST + "/Authorize/TokenGetCredence/", new CJDictionary { { "projectCode", Stands.PROJECT_CODE }, { "token", token } });
var loginCache = Tools.JsonDeserialize<SSOData>(cacheInfo);
if (!loginCache.IsLogin)
{
//保险起见删除本地cookie
Tools.ClearCookie(Stands.UID);
Tools.ClearCookie(Stands.TOKEN);
Tools.ClearCookie(Stands.PROJECT_CODE);
//ajax 判断
var response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Redirect,
"Unauthorized");
response.Headers.Add("Location", RouteUtils.GetAuthUrl(url));
actionContext.Response = response;
return;
}
//状态被修改为限制状态后跳转到指定页面
if (loginCache.IsRedirect)
{
var response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Redirect,
"Unauthorized");
response.Headers.Add("Location", loginCache.Url);
actionContext.Response = response;
return;
}
//更新cookie
Tools.SetCookie(Stands.UID, loginCache.User.Uid);
Tools.SetCookie(Stands.TOKEN, token);
base.OnActionExecuting(actionContext);
}
public string BuildAuthUrl(string url, string openId, string secret, string callback, CJDictionary txtParams, DateTime timestamp)
{
txtParams.Add(CALL_BACK, callback);
// txtParams.Add(VERSION, "1.0");
txtParams.Add(OPEN_ID, openId);
// txtParams.Add(FORMAT, format);
// txtParams.Add(PARTNER_ID, SDK_VERSION);
txtParams.Add(TIMESTAMP, timestamp);
// txtParams.Add(TOKEN, session);
// txtParams.AddAll(this.systemParameters);
// 添加签名参数
txtParams.Add(SIGN, CJUtils.SignRequest(txtParams, secret));
var webUtils = new WebUtils();
return webUtils.BuildGetUrl(url, txtParams);
}
public ActionResult CallBack()
{
try
{
//验证回调地址
var verifyPass = Request.Url != null && CJUtils.VerifyResponse(Request.Url.AbsoluteUri, Stands.SIGN_SECRET);
if (!verifyPass) return Content("签名验证不通过,非法请求!");
_logSSO.Info(Request.Url.AbsoluteUri);
//通过令牌去拿凭证
var token = Request["token"];
var web = new WebUtils();
var cacheInfo = web.DoGet(Stands.AUTH_HOST + "/Authorize/TokenGetCredence/", new CJDictionary { { "projectCode", Stands.PROJECT_CODE }, { "token", token } });
var cacheLogin = Tools.JsonDeserialize<SSOData>(cacheInfo);
if (!cacheLogin.IsLogin)
{
return Content("您还没有登录,请重新登录!");
}
//将uid、token 写入cookie
Tools.SetCookie(Stands.UID, cacheLogin.User.Uid);
Tools.SetCookie(Stands.TOKEN, token);
//请求之前的url
var beq = Request[Stands.BEFORE_REQUEST_URL];
_logSSO.Info("decode:" + beq);
if (string.IsNullOrEmpty(beq))
{
return Content("缺少返回地址:" + Request.Url.AbsoluteUri);
}
//执行自定义回调
CallBacking(Request.Url.AbsoluteUri, cacheLogin.User);
beq = WebUtils.UrlDecode(beq);
_logSSO.Info(beq);
return Redirect(beq);
}
catch (System.Exception ex)
{
_logSSO.Error(ex.Message);
return Content("服务器繁忙...");
}
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext == null
|| filterContext.HttpContext == null
|| filterContext.HttpContext.Request == null
|| filterContext.HttpContext.Request.Url == null){return;}
var url = filterContext.HttpContext.Request.Url.AbsoluteUri;
//不需要验证直接跳过
if (NotCheck) return;
var uid = Tools.GetCookie(Stands.UID);
var token =Tools.GetCookie(Stands.TOKEN);
if (string.IsNullOrEmpty(uid)||string.IsNullOrEmpty(token))
{
//ajax 判断
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.HttpContext.Response.Write("您还没有登录,请先登录");
return;
}
filterContext.Result = new RedirectResult(RouteUtils.GetAuthUrl(url));
return;
}
WebUtils web = new WebUtils();
var cacheInfo = web.DoGet(Stands.AUTH_HOST + "/Authorize/TokenGetCredence/", new CJDictionary { { "projectCode", Stands.PROJECT_CODE }, { "token", token } });
var loginCache = Tools.JsonDeserialize<SSOData>(cacheInfo);
if (!loginCache.IsLogin)
{
//保险起见删除本地cookie
Tools.ClearCookie(Stands.UID);
Tools.ClearCookie(Stands.TOKEN);
Tools.ClearCookie(Stands.PROJECT_CODE);
//ajax 判断
if (filterContext.HttpContext.Request.IsAjaxRequest())
{
filterContext.Result = new ContentResult { Content = "无权访问" };
return;
}
filterContext.Result = new RedirectResult(RouteUtils.GetAuthUrl(url));
return;
}
//状态被修改为限制状态后跳转到指定页面
if (loginCache.IsRedirect)
{
filterContext.Result = new RedirectResult(loginCache.Url);
return;
}
//更新cookie
Tools.SetCookie(Stands.UID, loginCache.User.Uid);
Tools.SetCookie(Stands.TOKEN, token);
base.OnActionExecuting(filterContext);
}
public ActionResult LoginOutFromSSO()
{
try
{
//取出当前token 准备删掉服务器中对应的凭证
var token = Tools.GetCookie(Stands.TOKEN);
if (string.IsNullOrEmpty(token))
{
return View();
}
var web = new WebUtils();
var result = web.DoGet(Stands.AUTH_HOST + "/Authorize/ClearToken/", new CJDictionary { { "projectCode", Stands.PROJECT_CODE }, { "token", token } });
if (result != "success") return Content("注销出现错误");
Tools.ClearCookie(Stands.UID);
Tools.ClearCookie(Stands.TOKEN);
Tools.ClearCookie(Stands.CURRENT_PROJECT_CODE_KEY);
return View();
}
catch (System.Exception ex)
{
_logSSO.Error(ex);
return View();
}
}
public string BuildAuthUrl(string url, CJDictionary txtParams, DateTime timestamp)
{
var webUtils = new WebUtils();
return webUtils.BuildGetUrl(url, txtParams);
}
public string BuildUrl(string url, string secret, IDictionary<string, string> txtParams)
{
txtParams.Add(SIGN, CJUtils.SignRequest(txtParams, secret));
var webUtils = new WebUtils();
return webUtils.BuildGetUrl(url, txtParams);
}
public string BuildUrl(string url, IDictionary<string, string> txtParams)
{
var webUtils = new WebUtils();
return webUtils.BuildGetUrl(url, txtParams);
}
