public ActionResult GetUserInfo(string appId, string secret, string ticket)
{
// TODO 验证用户信息
// 从cookie中获取ticket,查看是否是当前登陆的用户
LoginUserPrincipalSerializedModel model = new LoginUserPrincipalSerializedModel();
model.ID = Guid.Empty.ToString();
model.UserName = "******";
model.Password = "******";
return(Json(model, JsonRequestBehavior.AllowGet));
}
public ActionResult LoginSuccess(string ticket, string returnUrl)
{
// TODO 通过ticket从单点登陆中获取用户信息
// TODO 也可以改成web service接口
string url = string.Format("http://localhost:65114/UserInfo/GetUserInfo?appId={0}&secret={1}&ticket={2}",
SSO.Authorize.Helper.GetSSOAppID(),
SSO.Authorize.Helper.GetSSOSecret(),
ticket);
WebRequest request = WebRequest.Create(url);
request.Method = "GET";
HttpWebResponse response = request.GetResponse() as HttpWebResponse;
StreamReader streamReader = new StreamReader(response.GetResponseStream());
string responseContent = streamReader.ReadToEnd();
LoginUserPrincipalSerializedModel json = JsonConvert.DeserializeObject <LoginUserPrincipalSerializedModel>(responseContent);
// TODO 票据写入到cookie中作为登陆信息
SSO.Authorize.Helper.SetAuthCookie(this.Response, Guid.Parse(json.ID), json.UserName, json.Password);
return(Redirect(returnUrl));
}
/// <summary>
/// 用户登陆信息写道客户端cookies
/// </summary>
/// <param name="userName"></param>
private void CreateAuthenticationTicket(Guid Id, string userName, string password)
{
LoginUserPrincipalSerializedModel serializeModel = new LoginUserPrincipalSerializedModel();
serializeModel.ID = Id.ToString("N");
serializeModel.UserName = userName;
serializeModel.Password = password;
JavaScriptSerializer serializer = new JavaScriptSerializer();
string userData = serializer.Serialize(serializeModel);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1,
userName,
DateTime.Now,
DateTime.Now.AddHours(8),
false,
userData);
string encTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
Response.Cookies.Add(faCookie);
}
/// <summary>
/// 从cookie中读取登陆信息
/// </summary>
public static IPrincipal GetAuthCookie(HttpContext httpContext)
{
// 从cookie中获取登陆用户信息
HttpCookie authCookie = httpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
JavaScriptSerializer serializer = new JavaScriptSerializer();
if (authTicket.UserData == "OAuth")
{
return(null);
}
// 获取用户信息
LoginUserPrincipalSerializedModel serializeModel = serializer.Deserialize <LoginUserPrincipalSerializedModel>(authTicket.UserData);
// TODO 验证用户信息
LoginUserPrincipal newUser = new LoginUserPrincipal(Guid.Parse(serializeModel.ID), serializeModel.UserName, serializeModel.Password);
httpContext.User = newUser;
return(newUser);
}
return(null);
}
/// <summary>
///
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
// 从cookie中获取登陆用户信息
HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
JavaScriptSerializer serializer = new JavaScriptSerializer();
if (authTicket.UserData == "OAuth")
{
return;
}
// 获取用户信息
LoginUserPrincipalSerializedModel serializeModel = serializer.Deserialize <LoginUserPrincipalSerializedModel>(authTicket.UserData);
// TODO 验证用户信息
LoginUserPrincipal newUser = new LoginUserPrincipal(Guid.Parse(serializeModel.ID), serializeModel.UserName, serializeModel.Password);
HttpContext.Current.User = newUser;
}
// 使用单点登陆的验证
SSO.Authorize.Helper.GetAuthCookie(HttpContext.Current);
}
