public ActionResult Authorize(string appid, string scope, string state, string redirect_uri, string user_code, string login_pwd, GrantCodeRight[] grants, int takeAll)
{
string device_id = Request.Headers["device-id"];
OAuthApp app = OAuthAppCache.Instance.Find(it => it.APP_CODE.Equals(appid));
GrantScope scopeModel = ScopeCache.Instance.Find(it => it.SCOPE_CODE.Equals(scope));
if (app == null)
{
return(View("fatal", FuncResult.FailResult("未注册的应用")));
}
if (scopeModel == null)
{
return(View("fatal", FuncResult.FailResult("无效的授权范围")));
}
if (!this.OAuthContext.IsLogined)
{
if (string.IsNullOrEmpty(user_code))
{
return(View("fatal", FuncResult.FailResult("必须输入账号")));
}
if (string.IsNullOrEmpty(login_pwd))
{
return(View("fatal", FuncResult.FailResult("必须输入密码")));
}
string message;
if (!this.UserLogin(user_code, login_pwd, app.APP_ID, out message))
{
return(View("fatal", FuncResult.FailResult(message)));
}
}
user_code = this.OAuthContext.UserInfo.UserCode;
GrantProvider grant = new GrantProvider(appid, user_code, scope, device_id ?? this.OAuthContext.Device_Id);
if (!grant.Grant(takeAll == 1, grants))
{
return(View("fatal", FuncResult.FailResult("授权失败,请重试")));
}
string return_url = xUtils.CombinaRedirectUri(redirect_uri, state, grant.Auth_Code);
return(Redirect(return_url));
}
public ActionResult Authorize(string appid, string scope, string state, string redirect_uri)
{
string authHeader = Request.Headers["auth"];
string device_id = Request.Headers["device-id"];
string appVersion = Request.Headers["app-version"];
Log.Info("HTTP HEADER: auth={0}&device_id={1}&app-version={2}", authHeader, device_id, appVersion);
if (!string.IsNullOrEmpty(authHeader))
{
scope = string.IsNullOrEmpty(scope) ? "basic_api" : scope;
string message;
try
{
if (!this.LoginByToken(authHeader, device_id, appVersion, out message))
{
return(View("fatal", message));
}
}
catch (Exception ex)
{
message = ex.Message;
Log.Info("APP登录失败", ex);
return(View("fatal", new { Message = message }));
}
}
OAuthApp app = OAuthAppCache.Instance.Find(it => it.APP_CODE.Equals(appid));
//var scopeModel = ScopeCache.Instance.Find(it => it.SCOPE_CODE.Equals(scope));
GrantScope[] scopeModel = ScopeCache.Instance.FindAll(scope);
if (scopeModel == null || scopeModel.Length <= 0)
{
return(View("fatal", FuncResult.FailResult("无效的授权范围")));
}
var scopeids = scopeModel.Select(it => it.SCOPE_ID);
var scopeRights = ScopeRightProvider.GetScopeRights(scopeids.ToArray());
ViewBag.ScopeRights = scopeRights;
if (app == null)
{
return(View("fatal", FuncResult.FailResult("未注册的应用")));
}
this.OAuthContext.CurrentApp = app;
if (string.IsNullOrEmpty(redirect_uri))
{
return(View("fatal", FuncResult.FailResult("redirect_uri不能为空")));
}
if (this.OAuthContext.IsLogined) //已登录
{
bool isAlreadyAuthorized = xUtils.IsAlreayAuthorized(app.APP_ID, this.OAuthContext.UserInfo.UserId, scope); //是否已授权
if (app.IS_INTERNAL || !scopeModel.HasExpllicit() || isAlreadyAuthorized) //内部应用、隐式授权作用域以及已经授权过
{
GrantProvider provider = new GrantProvider(appid, this.OAuthContext.UserInfo.UserCode, scope, device_id ?? this.OAuthContext.Device_Id);
if (!provider.Grant(!isAlreadyAuthorized, null))//获取授权作用范围内所有权限
{
return(View("fatal", FuncResult.FailResult("授权失败")));
}
string auth_code = provider.Auth_Code;
string return_url = xUtils.CombinaRedirectUri(redirect_uri, state, auth_code);
return(Redirect(return_url));
}
else
{
//显式授权
return(View());
}
}
else//未登录
{
if (app.IS_INTERNAL)
{
return(View("Internal_Login"));
}
//登录后授权
return(View());
}
}
public OAuthProvider([NotNull] ApiConfiguration configuration) : base(configuration)
{
OAuthAuthorizationServerProvider = new GrantProvider(Configuration);
RefreshTokenProvider = new RefreshTokenProvider(Configuration);
}
