/// <summary>获取登录回跳地址</summary> /// <param name="logId"></param> /// <returns></returns> public virtual String GetLoginUrl(String logId) { var url = LoginUrl; var log = AppLog.FindByID(logId.ToLong()); if (log != null) { url += url.Contains("?") ? "&" : "?"; url += $"ssoAppId={log.AppId}"; } return(url.AppendReturn("/Sso/Auth2?id=" + logId)); }
/// <summary>根据Code获取令牌</summary> /// <param name="client_id"></param> /// <param name="client_secret"></param> /// <param name="code"></param> /// <returns></returns> public virtual String[] GetTokens(String client_id, String client_secret, String code) { var log = AppLog.FindByID(code.ToLong()); if (log == null) { throw new ArgumentOutOfRangeException(nameof(code), "Code已过期!"); } if (Log != null) { WriteLog("Token appid={0} code={1} token={2} {3}", log.AppName, code, log.AccessToken, log.CreateUser); } log.Action = nameof(GetTokens); log.Update(); return(new[] { log.AccessToken, log.RefreshToken }); }
/// <summary>根据验证结果获取跳转回子系统的Url</summary> /// <param name="key"></param> /// <param name="user"></param> /// <returns></returns> public virtual String GetResult(String key, IManageUser user) { var log = AppLog.FindByID(key.ToLong()); if (log == null) { throw new ArgumentOutOfRangeException(nameof(key), "操作超时,请重试!"); } var prv = GetProvider(); var code = log.ID + ""; // 建立令牌 log.AccessToken = prv.Encode(user.Name, DateTime.Now.AddSeconds(Expire)); log.RefreshToken = code + "." + Rand.NextString(16); log.CreateUser = user + ""; if (Log != null) { WriteLog("Authorize appid={0} code={2} redirect_uri={1} {3}", log.AppName, log.RedirectUri, code, user); } log.Action = nameof(GetResult); log.Update(); var url = log.RedirectUri; if (url.Contains("?")) { url += "&"; } else { url += "?"; } url += "code=" + code; if (!log.State.IsNullOrEmpty()) { url += "&state=" + log.State; } return(url); }
/// <summary>根据Code获取令牌</summary> /// <param name="code"></param> /// <returns></returns> public virtual TokenInfo GetToken(String code) { var log = AppLog.FindByID(code.ToLong()); if (log == null || log.CreateTime.AddMinutes(5) < DateTime.Now) { throw new ArgumentOutOfRangeException(nameof(code), "Code已过期!"); } if (Log != null) { WriteLog("Token appid={0} code={1} token={2} {3}", log.AppName, code, log.AccessToken, log.CreateUser); } log.Action = nameof(GetToken); log.Update(); var expire = 0; if (log.App != null) { expire = log.App.TokenExpire; } var set = NewLife.Cube.Setting.Current; if (expire <= 0) { expire = set.TokenExpire; } return(new TokenInfo { AccessToken = log.AccessToken, RefreshToken = log.RefreshToken, Expire = expire }); }
/// <summary>根据验证结果获取跳转回子系统的Url</summary> /// <param name="key"></param> /// <param name="user"></param> /// <returns></returns> public virtual String GetResult(String key, IManageUser user) { var log = AppLog.FindByID(key.ToLong()); if (log == null) { throw new ArgumentOutOfRangeException(nameof(key), "操作超时,请重试!"); } var prv = GetProvider(); var code = log.ID + ""; var token = CreateToken(log.App, user.Name, null, $"{log.App?.Name}#{user.Name}"); // 建立令牌 log.AccessToken = token.AccessToken; log.RefreshToken = token.RefreshToken; log.CreateUser = user + ""; log.Action = nameof(GetResult); if (Log != null) { WriteLog("Authorize appid={0} code={2} redirect_uri={1} {3}", log.AppName, log.RedirectUri, code, user); } // 校验角色 var ids = log.App?.RoleIds?.SplitAsInt(); if (ids != null && ids.Length > 0 && user is XCode.Membership.User user2) { if (!user2.Roles.Any(r => ids.Contains(r.ID))) { log.Success = false; log.Remark = $"该应用[{log.AppName}]不支持用户所属角色登录!"; log.Update(); throw new InvalidOperationException(log.Remark); } } log.Update(); var url = log.RedirectUri; switch ((log.ResponseType + "").ToLower()) { case "token": if (url.Contains("?")) { url += "&"; } else { url += "?"; } if (!log.State.IsNullOrEmpty()) { url += "state=" + HttpUtility.UrlEncode(log.State); } url += "#token=" + HttpUtility.UrlEncode(log.AccessToken); break; case "code": default: if (url.Contains("?")) { url += "&"; } else { url += "?"; } url += "code=" + code; if (!log.State.IsNullOrEmpty()) { url += "&state=" + HttpUtility.UrlEncode(log.State); } break; } return(url); }
/// <summary>根据验证结果获取跳转回子系统的Url</summary> /// <param name="key"></param> /// <param name="user"></param> /// <returns></returns> public virtual String GetResult(String key, IManageUser user) { var log = AppLog.FindByID(key.ToLong()); if (log == null) { throw new ArgumentOutOfRangeException(nameof(key), "操作超时,请重试!"); } var prv = GetProvider(); var code = log.ID + ""; var token = CreateToken(log.App, user.Name, code); // 建立令牌 log.AccessToken = token.AccessToken; log.RefreshToken = token.RefreshToken; log.CreateUser = user + ""; if (Log != null) { WriteLog("Authorize appid={0} code={2} redirect_uri={1} {3}", log.AppName, log.RedirectUri, code, user); } log.Action = nameof(GetResult); log.Update(); var url = log.RedirectUri; switch ((log.ResponseType + "").ToLower()) { case "token": if (url.Contains("?")) { url += "&"; } else { url += "?"; } if (!log.State.IsNullOrEmpty()) { url += "state=" + log.State; } url += "#token=" + log.AccessToken; break; case "code": default: if (url.Contains("?")) { url += "&"; } else { url += "?"; } url += "code=" + code; if (!log.State.IsNullOrEmpty()) { url += "&state=" + log.State; } break; } return(url); }