Esempio n. 1
0
        /*public async Task<string> GetLogoutUrl(SystemLoginEndpoint endpoint, string strToken)
         * {
         *  //验证JWT是否正确
         *  var jwtResult = _securityService.ValidateJWT(endpoint.SecretKey, strToken);
         *  if (!jwtResult.ValidateResult.Result)
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.SystemLoginEndpointTokenValidateError,
         *          DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}失败,失败原因{2}",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strToken, jwtResult.ValidateResult.Description }
         *      };
         *
         *      //验证未通过,抛出异常
         *      throw new UtilityException((int)Errors.SystemLoginEndpointTokenValidateError,fragment);
         *  }
         *
         *  //从JWT字符串中获取令牌相关信息
         *  Dictionary<string, string> jwtInfo = jwtResult.Playload;
         *  //查找验证终结点名称
         *  if (!jwtInfo.TryGetValue("AuthorizationName", out string strAuthorizationName))
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName,
         *          DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中,找不到名称为{2}的信息",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strToken, "AuthorizationName" }
         *      };
         *
         *      throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment);
         *  }
         *  //查找用户信息键值对
         *  if (!jwtInfo.TryGetValue("UserInfoAttributes", out string strUserInfoAttributes))
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName,
         *          DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中,找不到名称为{2}的信息",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strToken, "UserInfoAttributes" }
         *      };
         *
         *      throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment);
         *  }
         *
         *
         *  //查询出该登录终结点关联的验证终结点中相同名称的验证终结点
         *  //调用验证终结点的获取登出url方法
         *  var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, strAuthorizationName);
         *  if (authorizationEndpoint == null)
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName,
         *          DefaultFormatting = "名称为{0}的系统登录终结点中,找不到名称为{1}的关联认证终结点",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strAuthorizationName }
         *      };
         *
         *      throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment);
         *  }
         *
         *  var userInfoAttributes=JsonSerializerHelper.Deserialize<Dictionary<string, string>>(strUserInfoAttributes);
         *  if (userInfoAttributes==null)
         *  {
         *      userInfoAttributes = new Dictionary<string, string>();
         *  }
         *
         *  return await authorizationEndpoint.GetLogoutUrl(userInfoAttributes);
         * }
         */
        public async Task <string> GetCommonToken(SystemLoginEndpoint endpoint, string authorizationName, string userName, string password)
        {
            //找到关联的验证终结点
            var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, authorizationName);

            if (authorizationEndpoint == null)
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName,
                    DefaultFormatting = "名称为{0}的系统登录终结点中,找不到名称为{1}的关联认证终结点",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, authorizationName
                    }
                };

                throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment);
            }

            var authResult = await authorizationEndpoint.GetSystemTokenByPassword(endpoint, userName, password);

            var commonToken = new CommonToken()
            {
                SystemName         = endpoint.Name,
                AuthorizationName  = authorizationName,
                UserInfoAttributes = authResult.Attributes
            };


            //生成通用令牌的JWT字符串
            var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>()
            {
                { "SystemName", commonToken.SystemName }, { "AuthorizationName", commonToken.AuthorizationName }, { "UserInfoAttributes", JsonSerializerHelper.Serializer <Dictionary <string, string> >(commonToken.UserInfoAttributes) }
            }, endpoint.ExpireSecond);

            return(strCommonToken);
        }
Esempio n. 2
0
        public async Task <string> GetCommonToken(SystemLoginEndpoint endpoint, HttpRequest request)
        {
            //从request的query中获取authname
            if (!request.Query.TryGetValue("authname", out StringValues strAuthName))
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundAuthNameQuerystringInAuthRedirectUrl,
                    DefaultFormatting = "名称为{0}的系统登录终结点的第三方认证系统回调请求处理中,回调请求的Url中不包含authname参数,回调请求的Url为{1}",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, request.Path.Value
                    }
                };

                throw new UtilityException((int)Errors.NotFoundAuthNameQuerystringInAuthRedirectUrl, fragment);
            }

            //根据authname获取登录终结点下面关联的验证终结点
            AuthorizationEndpoint authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, strAuthName[0]);

            if (authorizationEndpoint == null)
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointCanExecuteCallback,
                    DefaultFormatting = "名称为{0}的系统登录终结点中,找不到可以处理从第三方认证系统回调请求的关联认证终结点,请求url为{1}",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, request.Path.Value
                    }
                };

                throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointCanExecuteCallback, fragment);
            }

            //调用验证终结点的方法,获取实际的重定向地址
            string redirectUrl = await authorizationEndpoint.GetRealRedirectUrl(request);

            //验证客户端重定向地址
            await validateClientRedirectUrl(endpoint, redirectUrl);

            //调用验证终结点的方法,获取第三方登陆系统处理后产生的键值对
            var authResult = await authorizationEndpoint.GetSystemAttributes(endpoint, request);


            //生成最终要重定向回接入方的Url
            var commonToken = new CommonToken()
            {
                SystemName         = endpoint.Name,
                AuthorizationName  = authorizationEndpoint.Name,
                UserInfoAttributes = authResult.Attributes
            };



            //生成通用令牌的JWT字符串
            var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>()
            {
                { "SystemName", commonToken.SystemName }, { "AuthorizationName", commonToken.AuthorizationName }, { "UserInfoAttributes", JsonSerializerHelper.Serializer <Dictionary <string, string> >(commonToken.UserInfoAttributes) }
            }, endpoint.ExpireSecond);
            //生成重定向回接入方系统的地址
            var strReturnUrl = QueryHelpers.AddQueryString(redirectUrl, authResult.AdditionalRedirectUrlQueryAttributes);

            strReturnUrl = QueryHelpers.AddQueryString(strReturnUrl, "commontoken", strCommonToken);

            return(strReturnUrl);
        }
Esempio n. 3
0
        /// <summary>
        /// 获取通用令牌
        /// 返回结果有两种情况
        /// 1,直接获取通用令牌,返回重定向回接入方系统的地址,该地址包含通用令牌的字符串信息
        /// 2,需要重定向到第三方认证系统,返回第三方认证系统的地址
        /// </summary>
        /// <param name="endpoint"></param>
        /// <param name="authorizationName">验证终结点名称</param>
        /// <param name="returnUrl">接入方系统的重定向地址</param>
        /// <returns>获取通用令牌动作的结果</returns>
        public async Task <GetCommonTokenResult> GetCommonToken(SystemLoginEndpoint endpoint, string authorizationName, string returnUrl)
        {
            //验证客户端重定向地址
            await validateClientRedirectUrl(endpoint, returnUrl);

            //找到关联的验证终结点
            var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, authorizationName);

            if (authorizationEndpoint == null)
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName,
                    DefaultFormatting = "名称为{0}的系统登录终结点中,找不到名称为{1}的关联认证终结点",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, authorizationName
                    }
                };

                throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment);
            }
            //生成验证中心重定向地址
            var sysUrl = GenerateSystemLoginUrl(endpoint, authorizationEndpoint);

            //var serviceReturnUrl = $"{endpoint.BaseUrl}?returnurl={WebUtility.UrlEncode(returnUrl)}";
            //调用认证终结点的获取系统令牌的方法
            var authResult = await authorizationEndpoint.GetSystemToken(endpoint, sysUrl, returnUrl);

            //从接入方系统的returnUrl上面获取Querystring的键值对

            //从请求中获取querystring,将它转成键值对
            Dictionary <string, string> returnUrlKV = new Dictionary <string, string>();
            Uri returnUrlUri = new Uri(returnUrl);
            var dictKV       = QueryHelpers.ParseQuery(returnUrlUri.Query);

            foreach (var item in dictKV)
            {
                returnUrlKV.Add(item.Key, item.Value[0]);
            }


            GetCommonTokenResult result = new GetCommonTokenResult();

            if (authResult.Direct)
            {
                //组装结果
                result.Direct = true;
                var commonToken = new CommonToken()
                {
                    SystemName         = endpoint.Name,
                    AuthorizationName  = authorizationName,
                    UserInfoAttributes = authResult.TokenResult.Attributes
                };

                //生成通用令牌的JWT字符串
                var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>()
                {
                    { "SystemName", commonToken.SystemName }, { "AuthorizationName", commonToken.AuthorizationName }, { "UserInfoAttributes", JsonSerializerHelper.Serializer <Dictionary <string, string> >(commonToken.UserInfoAttributes) }
                }, endpoint.ExpireSecond);
                //生成重定向回接入方系统的地址
                var strReturnUrl = QueryHelpers.AddQueryString(returnUrl, authResult.TokenResult.AdditionalRedirectUrlQueryAttributes);
                strReturnUrl = QueryHelpers.AddQueryString(strReturnUrl, "commontoken", strCommonToken);

                result.CommonTokenRedirectUrl = strReturnUrl;
            }
            else
            {
                result.Direct      = false;
                result.RedirectUrl = authResult.RedirectUrl;
            }

            return(result);
        }