public IActionResult WriteSession(AuthSessionRequestModel data) { #region 验证 SiteToken if (ssoConfigs.SiteToken != data.SiteToken) { return(Redirect(data.TargetUrl)); } #endregion #region 向 sso AuthUserToken 发送回调验证 var callBackRequest = new AuthUserTokenRequestModel() { AppKey = ssoConfigs.AppKey, SsoUserId = data.SsoUserId, UserToken = data.UserToken }; var postData = JsonConvert.SerializeObject(callBackRequest); var resrponseStr = httpPostHelper.Send(ssoConfigs.AuthUserToken, postData); var reswponseObject = JsonConvert.DeserializeObject <AuthUserTokenResponseModel>(resrponseStr); if (reswponseObject == null || !reswponseObject.Success) { //TODO //若未登录,则跳转到登录页 //若已登录,则跳转到授权接入页 return(Redirect(data.TargetUrl)); } #endregion #region 验证UserMapping UserMapping userMapping = siteContext.UserMapping.FirstOrDefault(x => x.SsoUserId == data.SsoUserId); if (userMapping == null) { //TODO //若未登录,则跳转到登录页 //若已登录,则跳转到授权接入页 return(Redirect(data.TargetUrl)); } #endregion User user = siteContext.User.Find(userMapping.UserId); if (user == null) { //TODO //若未登录,则跳转到登录页 //若已登录,则跳转到授权接入页 return(Redirect(data.TargetUrl)); } //写入登录信息 loginHelper.Login(HttpContext, user, false, data.UserToken); return(Redirect(data.TargetUrl)); }
public AuthCallbackResponseModel AuthUserToken([FromBody] AuthUserTokenRequestModel data) { var appKey = HttpContext.Request.Headers[HttpHeaders.AppKey]; var disgest = HttpContext.Request.Headers[HttpHeaders.Disgest]; Request.Body.Position = 0; var reader = new StreamReader(Request.Body); var bodyStr = reader.ReadToEnd(); #region 验证签名 byte[] body = computeHashHelper.Charset.GetBytes(bodyStr); if (!computeHashHelper.IsComputeHash(disgest, body)) { return(new AuthCallbackResponseModel() { Success = false, Code = 1, Message = "ComputeHash wrong." }); } #endregion #region 验证 AppKey //#TODO 后续需要将 SiteConfig 缓存起来,不要每次查询 var siteConfig = siteContext.SiteConfig.FirstOrDefault(x => x.AppKey == appKey); if (siteConfig == null) { return(new AuthCallbackResponseModel() { Success = false, Code = 2, Message = "AppKey wrong." }); } #endregion #region 验证来源地址 #endregion #region 验证用户信息 //if(loginHelper.GetUserId(HttpContext)!=data.SsoUserId) //{ // return new AuthCallbackResponseModel() // { // Success = false, // Code = 6, // Message = "User wrong." // }; //} var user = siteContext.User.FirstOrDefault(x => x.Id == data.SsoUserId); if (user == null) { return(new AuthCallbackResponseModel() { Success = false, Code = 4, Message = "User wrong." }); } if (user.UserToken.ToString() != data.UserToken) { return(new AuthCallbackResponseModel() { Success = false, Code = 5, Message = "UserToken wrong." }); } #endregion return(new AuthCallbackResponseModel() { Success = true }); }