public override string GetAuthorizationUrl(AuthenticationScope scope)
{
string url = string.Format("{0}/connect/qrconnect?appid={1}&redirect_uri={2}&response_type=code&scope=snsapi_login&state={3}#wechat_redirect",
this._options.AuthorizeUrl, this._options.AppId, Uri.EscapeDataString(string.Concat(_options.Host, _options.Callback)), scope.State);
return(url);
}
public override string GetAuthorizationUrl(AuthenticationScope scope)
{
string url = string.Format("{0}/oauth2/authorize?client_id={1}&redirect_uri={2}&response_type=code&state={3}",
this._options.AuthorizeUrl, this._options.AppId, Uri.EscapeDataString(string.Concat(_options.Host, _options.Callback)), scope.State);
return(url);
}
// coe
public void WithCertificate(X509Certificate2 clientCert)
{
this.Scope = AuthenticationScope.X509Certificate;
//// a 'look up'
//if(clientCert.GetCertHashString() == "48A50F571EDE0F097B4A019702F645A11B0BD27C")
//{
// var clientCert = new X509Certificate2(@"C:\IoT_Device_Certs\certificate.pfk", "changeit");
// CommonEventSource.Log.Verbose("Client connected with cert hashed " + clientCert.GetCertHashString(), Id);
// this.Certificate = clientCert;
//}
CommonEventSource.Log.Verbose("Client connected with cert hashed " + clientCert.GetCertHashString(), Id);
// we dont know the private key - and IoT Hub requires a private key
this.Certificate = clientCert; //new X509Certificate2(clientCert);
Console.WriteLine(this.Certificate.Thumbprint);
}
public override string GetAuthorizationUrl(AuthenticationScope scope)
{
string url = string.Format("https://open.weixin.qq.com/connect/qrconnect?appid={1}&redirect_uri={2}&response_type=code&scope={3}&state={4}#wechat_redirect",
this._options.AppId, Uri.EscapeDataString(string.Concat(_options.Host, _options.Callback)), scope.Scope, scope.State);
return(url);
}
public ActionResult DDLogOn()
{
AuthenticationScope scope = new AuthenticationScope()
{
State = Guid.NewGuid().ToString().Replace("-", ""),
Scope = "snsapi_login"
};
Session[RequestState] = scope.State;
string url = GetAuthHandler("DD").GetAuthorizationUrl(scope);
return(Redirect(url));
}
private static CustomerAuthenticationProfile SetUserAuth(string response, AuthenticationScope scope,int tenantId, int siteId)
{
var customerAuthenticationProfile = new CustomerAuthenticationProfile();
customerAuthenticationProfile.AuthTicket = JsonConvert.DeserializeObject<AuthTicket>(response);
customerAuthenticationProfile.AuthTicket.AuthenticationScope = scope;
customerAuthenticationProfile.AuthTicket.SiteId = siteId;
customerAuthenticationProfile.AuthTicket.TenantId = tenantId;
var userAccount = JsonConvert.DeserializeObject<CustomerAuthTicket>(response);
customerAuthenticationProfile.CustomerAccount = userAccount.CustomerAccount;
return customerAuthenticationProfile;
}
private static string GetResourceUrl(AuthenticationScope scope, int?id = null)
{
switch (scope)
{
case AuthenticationScope.Tenant:
return(TenantAdminUserAuthTicketUrl.CreateUserAuthTicketUrl(id).Url);
case AuthenticationScope.Developer:
return(DeveloperAdminUserAuthTicketUrl.CreateDeveloperUserAuthTicketUrl(id).Url);
default:
throw new NotImplementedException();
}
}
public override string GetAuthorizationUrl(AuthenticationScope scope)
{
string url = string.Empty;
if (string.IsNullOrEmpty(scope.Scope))
{
url = string.Format("{0}/oauth2.0/authorize?response_type=code&client_id={1}&redirect_uri={2}&state={3}", _options.AuthorizeUrl, _options.AppId, string.Concat(_options.Host, _options.Callback), scope.State);
}
else
{
url = string.Format("{0}/oauth2.0/authorize?response_type=code&client_id={1}&redirect_uri={2}&state={3}&scope={4}", _options.AuthorizeUrl, _options.AppId, Uri.EscapeDataString(string.Concat(_options.Host, _options.Callback)), scope.State, scope.Scope);
}
return(url);
}
public static AuthenticationProfile Authenticate(UserAuthInfo authInfo, AuthenticationScope scope, int? id = null)
{
var resourceUrl = GetResourceUrl(scope, id);
var client = new HttpClient { BaseAddress = new Uri(AppAuthenticator.Instance.BaseUrl) };
var stringContent = JsonConvert.SerializeObject(authInfo);
AppAuthenticator.AddHeader(client);
var response = client.PostAsync(resourceUrl, new StringContent(stringContent, Encoding.UTF8, "application/json")).Result;
ResponseHelper.EnsureSuccess(response);
return SetUserAuth(response.Content.ReadAsStringAsync().Result, scope,null);
}
private static CustomerAuthenticationProfile SetUserAuth(string response, AuthenticationScope scope, int tenantId, int siteId)
{
var customerAuthenticationProfile = new CustomerAuthenticationProfile();
customerAuthenticationProfile.AuthTicket = JsonConvert.DeserializeObject <AuthTicket>(response);
customerAuthenticationProfile.AuthTicket.AuthenticationScope = scope;
customerAuthenticationProfile.AuthTicket.SiteId = siteId;
customerAuthenticationProfile.AuthTicket.TenantId = tenantId;
var userAccount = JsonConvert.DeserializeObject <CustomerAuthTicket>(response);
customerAuthenticationProfile.CustomerAccount = userAccount.CustomerAccount;
return(customerAuthenticationProfile);
}
public void SetCurrentUser(User user, AuthenticationScope scope)
{
if (user == null)
{
HttpContext.User = null;
if (scope != AuthenticationScope.Transaction)
{
FormsAuthentication.SignOut();
}
return;
}
HttpContext.User = new DnsPrincipal(user);
if (scope != AuthenticationScope.Transaction)
{
FormsAuthentication.SetAuthCookie(user.ID.ToString(), scope == AuthenticationScope.Permanent);
}
}
private static AuthenticationProfile SetUserAuth(string response, AuthenticationScope scope, int?siteId = null)
{
var authenticationProfile = new AuthenticationProfile();
authenticationProfile.AuthTicket = JsonConvert.DeserializeObject <AuthTicket>(response);
authenticationProfile.AuthTicket.AuthenticationScope = scope;
authenticationProfile.AuthTicket.SiteId = siteId;
switch (scope)
{
case AuthenticationScope.Tenant:
var tenantAdminUserAuthTicket = JsonConvert.DeserializeObject <TenantAdminUserAuthTicket>(response);
authenticationProfile.UserProfile = tenantAdminUserAuthTicket.User;
authenticationProfile.AuthorizedScopes = (from t in tenantAdminUserAuthTicket.AvailableTenants select new Scope {
Id = t.Id, Name = t.Name
}).ToList();
if (tenantAdminUserAuthTicket.Tenant != null)
{
authenticationProfile.ActiveScope = new Scope {
Id = tenantAdminUserAuthTicket.Tenant.Id, Name = tenantAdminUserAuthTicket.Tenant.Name
}
}
;
break;
case AuthenticationScope.Developer:
var devAccount = JsonConvert.DeserializeObject <DeveloperAdminUserAuthTicket>(response);
authenticationProfile.UserProfile = devAccount.User;
authenticationProfile.AuthorizedScopes = (from t in devAccount.AvailableAccounts select new Scope {
Id = t.Id, Name = t.Name
}).ToList();
if (devAccount.Account != null)
{
authenticationProfile.ActiveScope = new Scope {
Id = devAccount.Account.Id, Name = devAccount.Account.Name
}
}
;
break;
}
return(authenticationProfile);
}
public static AuthenticationProfile Authenticate(UserAuthInfo authInfo, AuthenticationScope scope, int?id = null)
{
var resourceUrl = GetResourceUrl(scope, id);
var client = new HttpClient {
BaseAddress = new Uri(AppAuthenticator.Instance.BaseUrl)
};
var stringContent = JsonConvert.SerializeObject(authInfo);
AppAuthenticator.AddHeader(client);
var response = client.PostAsync(resourceUrl, new StringContent(stringContent, Encoding.UTF8, "application/json")).Result;
ResponseHelper.EnsureSuccess(response);
return(SetUserAuth(response.Content.ReadAsStringAsync().Result, scope, null));
}
/// <summary>
/// 拉取用户信息,通过授权URL中的code
/// </summary>
/// <param name="code"></param>
/// <param name="scope"></param>
/// <returns></returns>
public WeChatUserInfo GetUserInfoByCode(string code, AuthenticationScope scope)
{
string authAccessToken;
string openID;
Int32 expiresIn;
string refreshToken;
if (!GetAuthenticationAccessToken(code, out authAccessToken, out openID, out expiresIn, out refreshToken))
{
return(null);
}
if (scope == AuthenticationScope.snsapi_base)
{
return(new WeChatUserInfo()
{
openid = openID
});
}
return(GetUserInfoByAuthAccessToken(openID, authAccessToken));
}
private static AuthenticationProfile SetUserAuth(string response, AuthenticationScope scope, int? siteId = null)
{
var authenticationProfile = new AuthenticationProfile();
authenticationProfile.AuthTicket = JsonConvert.DeserializeObject<AuthTicket>(response);
authenticationProfile.AuthTicket.AuthenticationScope = scope;
authenticationProfile.AuthTicket.SiteId = siteId;
switch (scope)
{
case AuthenticationScope.Tenant:
var tenantAdminUserAuthTicket = JsonConvert.DeserializeObject<TenantAdminUserAuthTicket>(response);
authenticationProfile.UserProfile = tenantAdminUserAuthTicket.User;
authenticationProfile.AuthorizedScopes = (from t in tenantAdminUserAuthTicket.AvailableTenants select new Scope { Id = t.Id, Name = t.Name }).ToList();
if (tenantAdminUserAuthTicket.Tenant != null)
authenticationProfile.ActiveScope = new Scope { Id = tenantAdminUserAuthTicket.Tenant.Id, Name = tenantAdminUserAuthTicket.Tenant.Name };
break;
case AuthenticationScope.Developer:
var devAccount = JsonConvert.DeserializeObject<DeveloperAdminUserAuthTicket>(response);
authenticationProfile.UserProfile = devAccount.User;
authenticationProfile.AuthorizedScopes = (from t in devAccount.AvailableAccounts select new Scope { Id = t.Id, Name = t.Name }).ToList();
if (devAccount.Account != null)
authenticationProfile.ActiveScope = new Scope { Id = devAccount.Account.Id, Name = devAccount.Account.Name };
break;
}
return authenticationProfile;
}
private static string GetResourceUrl(AuthenticationScope scope, int? id = null)
{
switch (scope)
{
case AuthenticationScope.Tenant:
return TenantAdminUserAuthTicketUrl.CreateUserAuthTicketUrl(id).Url;
case AuthenticationScope.Developer:
return DeveloperAdminUserAuthTicketUrl.CreateDeveloperUserAuthTicketUrl(id).Url;
default:
throw new NotImplementedException();
}
}
public void SetAuthenticatedUser(User user, AuthenticationScope scope)
{
FormsAuthentication.SetAuthCookie(user.Id.ToString(), scope == AuthenticationScope.Persistent);
}
/// <summary>
/// 依据指定信息生成链接
/// </summary>
/// <param name="state"></param>
/// <param name="scope"></param>
/// <returns></returns>
public virtual string GetAuthorizationUrl(AuthenticationScope scope)
{
return(_options.AuthorizeUrl);
}
public void SetCurrentUser(User user, AuthenticationScope scope)
{
}
/// <summary>
/// 得到授权URL
/// 将用户导向此url,如果用户同意授权,页面将跳转至 redirect_uri/?code=CODE&state=STATE。
/// </summary>
/// <param name="redirectURL">授权后回调url</param>
/// <param name="scope">要求的授权类型</param>
/// <param name="tag">附带信息,长度不可大于128,可空</param>
/// <returns></returns>
public string GetAuthUrl(string redirectURL, AuthenticationScope scope, string tag)
{
string url = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=" + this.AppID + "&redirect_uri=" + ZTImage.Text.Coding.EncodeURI(redirectURL) + "&response_type=code&scope=" + (scope == AuthenticationScope.snsapi_base? "snsapi_base" : "snsapi_userinfo") + "&state=" + tag + "#wechat_redirect";
return(url);
}
public void WithDeviceKey(string keyValue)
{
this.Scope = AuthenticationScope.DeviceKey;
this.Secret = keyValue;
}
public void WithHubKey(string keyName, string keyValue)
{
this.Scope = AuthenticationScope.HubKey;
this.PolicyName = keyName;
this.Secret = keyValue;
}
public void WithSasToken(string token)
{
this.Scope = AuthenticationScope.SasToken;
this.Secret = token;
}