/// <summary>
        /// 针对OA系统传来的地址及参数校验登陆用户
        /// </summary>
        /// <param name="errorMsg"></param>
        /// <param name="returnUrl"></param>
        /// <returns></returns>
        public bool ValidationWithOASSO(out string errorMsg, out string returnUrl)
        {
            returnUrl = "";
            var request = HttpContext.Current.Request;
            var param1  = request.QueryString["uid"];
            var param2  = request.QueryString["businessid"];
            var param3  = request.QueryString["signature"];
            var param4  = request.QueryString["returnurl"];

            if (string.IsNullOrEmpty(param1) || string.IsNullOrEmpty(param2) || string.IsNullOrEmpty(param3) || string.IsNullOrEmpty(param4))
            {
                errorMsg = "缺少必要参数";
                return(false);
            }
            var refer = request.UrlReferrer.Host;

            if (refer.IndexOf(ConfigurationManager.AppSettings["OA.Host"], StringComparison.CurrentCultureIgnoreCase) < 0)
            {
                errorMsg = "请求来源不正确";
                return(false);
            }
            Dictionary <string, string> dict = new Dictionary <string, string>();

            dict.Add("uid", param1);
            dict.Add("businessid", param2);
            dict.Add("returnurl", HttpUtility.UrlEncode(param4));
            var sign = SSOToolkit.GetSignature(dict);

            //todo 这里还要验证签名
            if (!sign.Equals(param3, StringComparison.CurrentCultureIgnoreCase))
            {
                errorMsg = "获取到的客户端数据同实际签名不符";
                return(false);
            }
            errorMsg  = "";
            returnUrl = param4;

            var loginTime     = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss.fff");
            var expiryMinutes = (24 * 60).ToString();

            var accessToken = Guid.NewGuid().ToString() + "_t";

            dict = new Dictionary <string, string>();
            dict.Add("accessToken", accessToken);
            dict.Add("loginId", param1);
            dict.Add("loginTime", loginTime);
            dict.Add("expiryMinutes", expiryMinutes);

            WriteCookie("accessToken", accessToken);
            WriteCookie("loginId", param1);
            WriteCookie("loginTime", loginTime);
            WriteCookie("expiryMinutes", expiryMinutes);
            WriteCookie("signature", GetSignature(dict));
            return(true);
        }
        /// <summary>
        /// 为OA待办追加签名
        /// </summary>
        /// <param name="url"></param>
        /// <param name="receiver"></param>
        /// <returns></returns>
        public string GetAuthOAUrlWithSSO(string url, string receiver, string flowid)
        {
            string safe_url  = "/Public/OABridge.aspx";
            var    returnurl = HttpUtility.UrlEncode(url);

            safe_url += "?";
            safe_url += "uid=" + receiver;
            safe_url += "&businessid=" + flowid;
            safe_url += "&returnurl=" + returnurl;
            Dictionary <string, string> dict = new Dictionary <string, string>();

            dict.Add("uid", receiver);
            dict.Add("businessid", flowid);
            dict.Add("returnurl", returnurl);
            var sign = SSOToolkit.GetSignature(dict);

            safe_url += "&signature=" + sign;

            return(safe_url);
        }