public IActionResult WriteSession(AuthSessionRequestModel data)
{
#region 验证 SiteToken
if (ssoConfigs.SiteToken != data.SiteToken)
{
return(Redirect(data.TargetUrl));
}
#endregion
#region 向 sso AuthUserToken 发送回调验证
var callBackRequest = new AuthUserTokenRequestModel()
{
AppKey = ssoConfigs.AppKey,
SsoUserId = data.SsoUserId,
UserToken = data.UserToken
};
var postData = JsonConvert.SerializeObject(callBackRequest);
var resrponseStr = httpPostHelper.Send(ssoConfigs.AuthUserToken, postData);
var reswponseObject = JsonConvert.DeserializeObject <AuthUserTokenResponseModel>(resrponseStr);
if (reswponseObject == null || !reswponseObject.Success)
{
//TODO
//若未登录,则跳转到登录页
//若已登录,则跳转到授权接入页
return(Redirect(data.TargetUrl));
}
#endregion
#region 验证UserMapping
UserMapping userMapping = siteContext.UserMapping.FirstOrDefault(x => x.SsoUserId == data.SsoUserId);
if (userMapping == null)
{
//TODO
//若未登录,则跳转到登录页
//若已登录,则跳转到授权接入页
return(Redirect(data.TargetUrl));
}
#endregion
User user = siteContext.User.Find(userMapping.UserId);
if (user == null)
{
//TODO
//若未登录,则跳转到登录页
//若已登录,则跳转到授权接入页
return(Redirect(data.TargetUrl));
}
//写入登录信息
loginHelper.Login(HttpContext, user, false, data.UserToken);
return(Redirect(data.TargetUrl));
}
public AuthCallbackResponseModel AuthUserToken([FromBody] AuthUserTokenRequestModel data)
{
var appKey = HttpContext.Request.Headers[HttpHeaders.AppKey];
var disgest = HttpContext.Request.Headers[HttpHeaders.Disgest];
Request.Body.Position = 0;
var reader = new StreamReader(Request.Body);
var bodyStr = reader.ReadToEnd();
#region 验证签名
byte[] body = computeHashHelper.Charset.GetBytes(bodyStr);
if (!computeHashHelper.IsComputeHash(disgest, body))
{
return(new AuthCallbackResponseModel()
{
Success = false,
Code = 1,
Message = "ComputeHash wrong."
});
}
#endregion
#region 验证 AppKey
//#TODO 后续需要将 SiteConfig 缓存起来,不要每次查询
var siteConfig = siteContext.SiteConfig.FirstOrDefault(x => x.AppKey == appKey);
if (siteConfig == null)
{
return(new AuthCallbackResponseModel()
{
Success = false,
Code = 2,
Message = "AppKey wrong."
});
}
#endregion
#region 验证来源地址
#endregion
#region 验证用户信息
//if(loginHelper.GetUserId(HttpContext)!=data.SsoUserId)
//{
// return new AuthCallbackResponseModel()
// {
// Success = false,
// Code = 6,
// Message = "User wrong."
// };
//}
var user = siteContext.User.FirstOrDefault(x => x.Id == data.SsoUserId);
if (user == null)
{
return(new AuthCallbackResponseModel()
{
Success = false,
Code = 4,
Message = "User wrong."
});
}
if (user.UserToken.ToString() != data.UserToken)
{
return(new AuthCallbackResponseModel()
{
Success = false,
Code = 5,
Message = "UserToken wrong."
});
}
#endregion
return(new AuthCallbackResponseModel()
{
Success = true
});
}
