/// <summary>获取详细信息</summary>
/// <param name="doc">Xml 文档对象</param>
/// <returns>返回操作结果</returns>
public string GetAccessToken(XmlDocument doc)
{
// http://local.passport.x3platform.com/api/connect.auth.token.aspx?code=28f35bf4743030ae
string code = XmlHelper.Fetch("code", doc);
ConnectAuthorizationCodeInfo authorizationCodeInfo = ConnectContext.Instance.ConnectAuthorizationCodeService[code];
if (authorizationCodeInfo == null)
{
return("{\"message\":{\"returnCode\":1,\"value\":\"authorization code not find\"}}");
}
ConnectAccessTokenInfo accessTokenInfo = ConnectContext.Instance.ConnectAccessTokenService.FindOneByAccountId(authorizationCodeInfo.AppKey, authorizationCodeInfo.AccountId);
if (accessTokenInfo == null)
{
return("{\"message\":{\"returnCode\":1,\"value\":\"access token not find\"}}");
}
StringBuilder outString = new StringBuilder();
outString.Append("{\"data\":{");
outString.Append("accessToken:\"" + accessTokenInfo.Id + "\",");
outString.Append("expiresIn:\"" + accessTokenInfo.ExpiresIn + "\",");
outString.Append("refreshToken:\"" + accessTokenInfo.RefreshToken + "\" ");
outString.Append("},\"message\":{\"returnCode\":0,\"value\":\"query success\"}}");
return(outString.ToString());
}
// -------------------------------------------------------
// 接口地址:/api/connect.oauth2.token.aspx
// -------------------------------------------------------
#region 函数:GetAccessToken(XmlDocument doc)
/// <summary>获取详细信息</summary>
/// <param name="doc">Xml 文档对象</param>
/// <returns>返回操作结果</returns>
public string GetAccessToken(XmlDocument doc)
{
// http://x10.x3platform.com/api/connect.oauth2.token.aspx?code=28f35bf4743030ae
string code = XmlHelper.Fetch("code", doc);
ConnectAuthorizationCodeInfo authorizationCodeInfo = ConnectContext.Instance.ConnectAuthorizationCodeService[code];
if (authorizationCodeInfo == null)
{
return("{error:1,descriptiopn:\"not find\"}");
}
ConnectAccessTokenInfo accessTokenInfo = ConnectContext.Instance.ConnectAccessTokenService.FindOneByAccountId(authorizationCodeInfo.AppKey, authorizationCodeInfo.AccountId);
if (accessTokenInfo == null)
{
return("{error:1,descriptiopn:\"not find\"}");
}
StringBuilder outString = new StringBuilder();
outString.Append("{");
outString.Append("\"access_token\":\"" + accessTokenInfo.Id + "\",");
outString.Append("\"token_type\":\"bearer\",");
outString.Append("\"expires_in\":\"" + accessTokenInfo.ExpiresIn + "\",");
outString.Append("\"refresh_token\":\"" + accessTokenInfo.RefreshToken + "\" ");
outString.Append("}");
return(outString.ToString());
}
// -------------------------------------------------------
// 保存 删除
// -------------------------------------------------------
#region 函数:Save(ConnectAuthorizationCodeInfo param)
/// <summary>保存记录</summary>
/// <param name="param"><see cref="ConnectAuthorizationCodeInfo" />实例详细信息</param>
/// <param name="message">数据库操作返回的相关信息</param>
/// <returns><see cref="ConnectAuthorizationCodeInfo" />实例详细信息</returns>
public ConnectAuthorizationCodeInfo Save(ConnectAuthorizationCodeInfo param)
{
if (string.IsNullOrEmpty(param.Id))
{
throw new NullReferenceException("实例标识不能为空。");
}
// 过滤 Cross Site Script
param = StringHelper.ToSafeXSS <ConnectAuthorizationCodeInfo>(param);
return(this.provider.Save(param));
}
// -------------------------------------------------------
// 保存 添加 修改 删除
// -------------------------------------------------------
#region 函数:Save(ConnectAuthorizationCodeInfo param)
/// <summary>保存记录</summary>
/// <param name="param"><see cref="ConnectAuthorizationCodeInfo" />实例详细信息</param>
/// <returns><see cref="ConnectAuthorizationCodeInfo" />实例详细信息</returns>
public ConnectAuthorizationCodeInfo Save(ConnectAuthorizationCodeInfo param)
{
if (!IsExist(param.Id))
{
Insert(param);
}
else
{
Update(param);
}
return(param);
}
// -------------------------------------------------------
// 接口地址:/api/connect.auth.authorize.aspx
// -------------------------------------------------------
#region 函数:GetAuthorizeCode(XmlDocument doc)
/// <summary>获取详细信息</summary>
/// <param name="doc">Xml 文档对象</param>
/// <returns>返回操作结果</returns>
public string GetAuthorizeCode(XmlDocument doc)
{
StringBuilder outString = new StringBuilder();
string clientId = XmlHelper.Fetch("clientId", doc);
string redirectUri = XmlHelper.Fetch("redirectUri", doc);
string responseType = XmlHelper.Fetch("responseType", doc);
string scope = XmlHelper.Fetch("scope", doc);
string style = XmlHelper.Fetch("style", doc);
string loginName = XmlHelper.Fetch("loginName", doc);
string password = XmlHelper.Fetch("password", doc);
if (string.IsNullOrEmpty(loginName) || string.IsNullOrEmpty(password))
{
HttpContentTypeHelper.SetValue("html");
return(CreateLoginPage(clientId, redirectUri, responseType, scope));
}
else
{
// 当前用户信息
IAccountInfo account = MembershipManagement.Instance.AccountService.LoginCheck(loginName, password);
if (account == null)
{
if (string.IsNullOrEmpty(responseType))
{
outString.Append("{\"message\":{\"returnCode\":1,\"value\":\"帐号或者密码错误。\"}}");
return(outString.ToString());
}
else
{
// 输出登录页面
// 设置输出的内容类型,默认为 html 格式。
HttpContentTypeHelper.SetValue("html");
return(CreateLoginPage(clientId, redirectUri, responseType, scope));
}
}
else
{
// 检验是否有授权码
if (!ConnectContext.Instance.ConnectAuthorizationCodeService.IsExist(clientId, account.Id))
{
ConnectAuthorizationCodeInfo authorizationCode = new ConnectAuthorizationCodeInfo();
authorizationCode.Id = DigitalNumberContext.Generate("Key_32DigitGuid");
authorizationCode.AppKey = clientId;
authorizationCode.AccountId = account.Id;
authorizationCode.AuthorizationScope = string.IsNullOrEmpty(scope) ? "public" : scope;
ConnectContext.Instance.ConnectAuthorizationCodeService.Save(authorizationCode);
}
// 设置访问令牌
ConnectContext.Instance.ConnectAccessTokenService.Write(clientId, account.Id);
// 设置会话信息
ConnectAccessTokenInfo token = ConnectContext.Instance.ConnectAccessTokenService.FindOneByAccountId(clientId, account.Id);
// 记录日志
string ip = IPQueryContext.GetClientIP();
MembershipManagement.Instance.AccountService.SetIPAndLoginDate(account.Id, ip, DateTime.Now);
MembershipManagement.Instance.AccountLogService.Log(account.Id, "connect.auth.authorize", string.Format("【{0}】在 {1} 登录了系统。【IP:{2}】", account.Name, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), ip));
string sessionId = token.AccountId + "-" + token.Id;
KernelContext.Current.AuthenticationManagement.AddSession(clientId, sessionId, account);
HttpAuthenticationCookieSetter.SetUserCookies(sessionId);
string code = ConnectContext.Instance.ConnectAuthorizationCodeService.GetAuthorizationCode(clientId, account);
// responseType == null 则输出令牌信息
if (string.IsNullOrEmpty(responseType))
{
outString.Append("{\"data\":" + AjaxUtil.Parse <ConnectAccessTokenInfo>(token) + ",");
outString.Append("\"message\":{\"returnCode\":0,\"value\":\"验证成功。\"}}");
string callback = XmlHelper.Fetch("callback", doc);
return(string.IsNullOrEmpty(callback)
? outString.ToString()
: callback + "(" + outString.ToString() + ")");
}
else if (responseType == "code")
{
HttpContext.Current.Response.Redirect(CombineUrlAndAuthorizationCode(redirectUri, code));
}
else if (responseType == "token")
{
HttpContext.Current.Response.Redirect(CombineUrlAndAccessToken(redirectUri, token));
}
else
{
HttpContext.Current.Response.Redirect(CombineUrlAndAuthorizationCode(redirectUri, code));
}
}
}
outString.Append("{\"message\":{\"returnCode\":0,\"value\":\"执行成功。\"}}");
return(outString.ToString());
}
/// <summary>修改记录</summary>
/// <param name="param">实例<see cref="ConnectAuthorizationCodeInfo"/>详细信息</param>
public void Update(ConnectAuthorizationCodeInfo param)
{
this.ibatisMapper.Update(StringHelper.ToProcedurePrefix(string.Format("{0}_Update", this.tableName)), param);
}
/// <summary>获取帐号的授权码</summary>
/// <param name="appKey">应用标识</param>
/// <param name="accountId">帐号标识</param>
/// <returns>授权码</returns>
public string GetAuthorizationCode(string appKey, IAccountInfo account)
{
ConnectAuthorizationCodeInfo code = this.FindOneByAccountId(appKey, account.Id);
return(code == null ? string.Empty : code.Id);
}
