/// <summary>
/// 针对OA系统传来的地址及参数校验登陆用户
/// </summary>
/// <param name="errorMsg"></param>
/// <param name="returnUrl"></param>
/// <returns></returns>
public bool ValidationWithOASSO(out string errorMsg, out string returnUrl)
{
returnUrl = "";
var request = HttpContext.Current.Request;
var param1 = request.QueryString["uid"];
var param2 = request.QueryString["businessid"];
var param3 = request.QueryString["signature"];
var param4 = request.QueryString["returnurl"];
if (string.IsNullOrEmpty(param1) || string.IsNullOrEmpty(param2) || string.IsNullOrEmpty(param3) || string.IsNullOrEmpty(param4))
{
errorMsg = "缺少必要参数";
return(false);
}
var refer = request.UrlReferrer.Host;
if (refer.IndexOf(ConfigurationManager.AppSettings["OA.Host"], StringComparison.CurrentCultureIgnoreCase) < 0)
{
errorMsg = "请求来源不正确";
return(false);
}
Dictionary <string, string> dict = new Dictionary <string, string>();
dict.Add("uid", param1);
dict.Add("businessid", param2);
dict.Add("returnurl", HttpUtility.UrlEncode(param4));
var sign = SSOToolkit.GetSignature(dict);
//todo 这里还要验证签名
if (!sign.Equals(param3, StringComparison.CurrentCultureIgnoreCase))
{
errorMsg = "获取到的客户端数据同实际签名不符";
return(false);
}
errorMsg = "";
returnUrl = param4;
var loginTime = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss.fff");
var expiryMinutes = (24 * 60).ToString();
var accessToken = Guid.NewGuid().ToString() + "_t";
dict = new Dictionary <string, string>();
dict.Add("accessToken", accessToken);
dict.Add("loginId", param1);
dict.Add("loginTime", loginTime);
dict.Add("expiryMinutes", expiryMinutes);
WriteCookie("accessToken", accessToken);
WriteCookie("loginId", param1);
WriteCookie("loginTime", loginTime);
WriteCookie("expiryMinutes", expiryMinutes);
WriteCookie("signature", GetSignature(dict));
return(true);
}
/// <summary>
/// 为OA待办追加签名
/// </summary>
/// <param name="url"></param>
/// <param name="receiver"></param>
/// <returns></returns>
public string GetAuthOAUrlWithSSO(string url, string receiver, string flowid)
{
string safe_url = "/Public/OABridge.aspx";
var returnurl = HttpUtility.UrlEncode(url);
safe_url += "?";
safe_url += "uid=" + receiver;
safe_url += "&businessid=" + flowid;
safe_url += "&returnurl=" + returnurl;
Dictionary <string, string> dict = new Dictionary <string, string>();
dict.Add("uid", receiver);
dict.Add("businessid", flowid);
dict.Add("returnurl", returnurl);
var sign = SSOToolkit.GetSignature(dict);
safe_url += "&signature=" + sign;
return(safe_url);
}