public IActionResult OAuth(string code, string state)
{
var tokenResult = CommonApi.GetToken(WeixinOptions.CorpId, WeixinOptions.Secret);
var openInfo = new Senparc.Weixin.QY.AdvancedAPIs.OAuth2.GetUserInfoResult();
try
{
openInfo = OAuth2Api.GetUserId(tokenResult.access_token, code);
}
catch (ErrorJsonResultException e) when(e.JsonResult.errcode == Senparc.Weixin.ReturnCode.合法的oauth_code)
{
ViewData["Message"] = Newtonsoft.Json.JsonConvert.SerializeObject(e.JsonResult, Newtonsoft.Json.Formatting.Indented);
return(View());
}
//catch (ArgumentNullException e)
//{
// ViewData["Message"] = e.Message;
// return View();
//}
if (string.IsNullOrEmpty(openInfo.UserId))
{
ViewData["Message"] = "非企业人员,考勤功能不可用!";
}
else
{
//ViewData["Member"] = MailListApi.GetMember(tokenResult.access_token, openInfo.UserId);
ViewData["DepartmentList"] = MailListApi.GetDepartmentList(tokenResult.access_token);
}
return(View());
}
public ActionResult ShowContent(string code, string state)
{
#region 获取用户code
if (string.IsNullOrEmpty(code))
{
return(Content("您拒绝了授权!"));
}
if (state != Session["State"] as string)
{
//这里的state其实是会暴露给客户端的,验证能力很弱,这里只是演示一下
//实际上可以存任何想传递的数据,比如用户ID,并且需要结合例如下面的Session["OAuthAccessToken"]进行验证
return(Content("验证失败!请从正规途径进入!"));
}
//企业号:通过验证,获取access_token
var accessToken = Senparc.Weixin.QY.CommonAPIs.CommonApi.GetToken(CorpId, CorpSecret);
if (accessToken.errcode != ReturnCode_QY.请求成功)
{
return(Content("错误:" + accessToken.errmsg));
}
//下面2个数据也可以自己封装成一个类,储存在数据库中(建议结合缓存)
//如果可以确保安全,可以将access_token存入用户的cookie中,每一个人的access_token是不一样的
//Session["OAuthAccessTokenStartTime"] = DateTime.Now;
//Session["OAuthAccessToken"] = accessToken;
//因为这里还不确定用户是否关注本微信,所以只能试探性地获取一下
try
{
//已关注,可以得到详细信息
userInfo = Senparc.Weixin.QY.AdvancedAPIs.OAuth2Api.GetUserId(accessToken.access_token, code);
ViewData["ByBase"] = true;
ViewData["UserId"] = userInfo.UserId;
ViewData["DeviceId"] = userInfo.DeviceId;
string NickName = MailListApi.GetMember(accessToken.access_token, userInfo.UserId).name;
Session["NickName"] = NickName;
}
catch (ErrorJsonResultException ex)
{
//未关注,只能授权,无法得到详细信息
//这里的 ex.JsonResult 可能为:"{\"errcode\":40003,\"errmsg\":\"invalid openid\"}"
return(Content("用户已授权,授权Token:" + accessToken.access_token + "ex:" + ex.Message));
}
#endregion
#region
//获取时间戳
var timestamp = Senparc.Weixin.QY.Helpers.JSSDKHelper.GetTimestamp();
//获取随机码
var nonceStr = Senparc.Weixin.QY.Helpers.JSSDKHelper.GetNoncestr();
string ticket = JsApiTicketContainer.TryGetTicket(CorpId, CorpSecret, false);
//获取签名
var signature = Senparc.Weixin.QY.Helpers.JSSDKHelper.GetSignature(ticket, nonceStr, timestamp, Request.Url.AbsoluteUri);
#endregion
var jssdkUiPackage = new Senparc.Weixin.QY.Helpers.JsSdkUiPackage(CorpId, timestamp.ToString(), nonceStr, signature);
return(View(jssdkUiPackage));
}
