public static void RequireAuthorization()
{
if (HttpContext.Current == null)
{
return;
}
var request = HttpContext.Current.Request;
var uri = request.Url;
if (!IsAuthenticated)
{
AutoSignOn(
() =>
{
var sessionCookie = HttpContext.Current.Request.Cookies["sid"];
return(sessionCookie == null ? null : sessionCookie.Value);
},
() =>
{
TransferSignOnInfo tso = null;
var fromUri = request.UrlReferrer;
if (fromUri != null && fromUri.BaseUrl() != uri.BaseUrl())
{
tso = new TransferSignOnInfo()
{
ClientId = AuthHelper.CurrentClient.ClientId,
DeviceId = request.UserHostAddress,
DeviceInfo = request.UserAgent,
SessionId = HttpContext.Current.Session.SessionID,
FromClientId = request.QueryString["fcid"],
FromSessionId = request.QueryString["sid"]
};
}
return(tso);
});
}
if (IsAuthenticated)
{
// 用户已经登录,判断权限
if (AuthHelper.CurrentSession.CanAccess(AuthHelper.CurrentClient.ClientId, uri.LocalPath, PermissionType.Operation))
{
return;
}
}
HttpContext.Current.Response.Redirect("~/Account/SignOn?redirect=" + HttpUtility.UrlEncode(request.RawUrl));
}
public IServerResponse TransferSignOn(TransferSignOnInfo transferSignOnInfo)
{
Assert.IsNotNull(transferSignOnInfo);
Assert.IsStringNotNullOrEmpty(transferSignOnInfo.ClientId);
Assert.IsStringNotNullOrEmpty(transferSignOnInfo.SessionId);
Assert.IsStringNotNullOrEmpty(transferSignOnInfo.FromClientId);
Assert.IsStringNotNullOrEmpty(transferSignOnInfo.FromSessionId);
IServerResponse <Session> response = serverProvider.TransferSignOn(transferSignOnInfo);
if (response.Status == ResponseStatus.Success && response.Data != null)
{
SaveSession(response.Data);
}
return(response);
}
public IServerResponse TransferSignOn(TransferSignOnInfo transferSignOnInfo)
{
Assert.IsNotNull(transferSignOnInfo);
Assert.IsStringNotNullOrEmpty(transferSignOnInfo.ClientId);
Assert.IsStringNotNullOrEmpty(transferSignOnInfo.SessionId);
Assert.IsStringNotNullOrEmpty(transferSignOnInfo.FromClientId);
Assert.IsStringNotNullOrEmpty(transferSignOnInfo.FromSessionId);
IServerResponse <Session> response = null;
var chanel = CreateChannel();
chanel.Call(p =>
{
response = p.TransferSignOn(transferSignOnInfo);
if (response.Status == ResponseStatus.Success && response.Data != null)
{
SaveSession(response.Data);
}
});
return(response);
}
public override void OnAuthorization(HttpActionContext actionContext)
{
if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any() ||
actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any())
{
return;
}
var uri = actionContext.Request.RequestUri;
if (!AuthHelper.IsAuthenticated)
{
AuthHelper.AutoSignOn(
() =>
{
string authInfo = null;
if (actionContext.Request.Headers.Authorization != null)
{
authInfo = actionContext.Request.Headers.Authorization.Parameter;
}
if (string.IsNullOrEmpty(authInfo))
{
var sessionCookie = actionContext.Request.Headers.GetCookies().FirstOrDefault().Cookies.FirstOrDefault(o => o.Name == "sid");
if (sessionCookie != null)
{
authInfo = sessionCookie.Value.Replace(" ", "+");
}
}
return(authInfo);
},
() =>
{
TransferSignOnInfo tso = null;
var fromUri = actionContext.Request.Headers.Referrer;
if (fromUri != null && fromUri.BaseUrl() != uri.BaseUrl())
{
var cookies = actionContext.Request.Headers.GetCookies();
var queryString = actionContext.Request.GetQueryNameValuePairs();
var fc = queryString.FirstOrDefault(o => o.Key == "fcid");
var sid = queryString.FirstOrDefault(o => o.Key == "sid");
tso = new TransferSignOnInfo()
{
ClientId = AuthHelper.CurrentClient.ClientId,
DeviceId = actionContext.Request.Headers.Host,
DeviceInfo = actionContext.Request.Headers.UserAgent.First().Product.Name,
SessionId = Thread.CurrentThread.ManagedThreadId.ToString(),
FromClientId = fc.Value,
FromSessionId = sid.Value
};
}
return(tso);
});
}
if (AuthHelper.IsAuthenticated)
{
// 用户已经登录,判断权限
if (AuthHelper.CurrentSession.CanAccess(AuthHelper.CurrentClient.ClientId, uri.AbsoluteUri, PermissionType.Operation))
{
return;
}
actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "");
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Redirect);
actionContext.Response.Headers.Location = new Uri("/Account/SignOn", UriKind.Relative);
}
}
public IServerResponse <Session> TransferSignOn(TransferSignOnInfo transferSignOnInfo)
{
ServerResponse <Session> response = new ServerResponse <Session>();
var fromSession = repoServerSession.Query(o => o.CientId == transferSignOnInfo.FromClientId && o.SessionId == transferSignOnInfo.FromSessionId).FirstOrDefault();
if (fromSession == null)
{
response.Status = ResponseStatus.Failed;
response.Message = DAF.SSO.Resources.Locale(o => o.UserSessionNotFound);
}
else
{
if (fromSession.AccessTokenExpiryTime <= DateTime.Now)
{
response.Status = ResponseStatus.Failed;
response.Message = DAF.SSO.Resources.Locale(o => o.UserSessionExpired);
}
else
{
try
{
trans.BeginTransaction();
var serverSession = repoServerSession.Query(o => o.SessionId == transferSignOnInfo.SessionId && o.CientId == transferSignOnInfo.ClientId && o.DeviceId == transferSignOnInfo.DeviceId).FirstOrDefault();
if (serverSession == null)
{
serverSession = new ServerSession()
{
CientId = transferSignOnInfo.ClientId,
SessionId = transferSignOnInfo.SessionId,
FromCientId = transferSignOnInfo.FromClientId,
DeviceId = transferSignOnInfo.DeviceId,
DeviceInfo = transferSignOnInfo.DeviceInfo,
UserId = fromSession.UserId,
AccessToken = randomGenerator.Generate(config.TokenAllowedChars, config.TokenLength),
LastAccessTime = DateTime.Now,
AccessTokenExpiryTime = DateTime.Now.AddMinutes(config.SessionExpiredTimeOutMunites)
};
repoServerSession.Insert(serverSession);
}
else
{
if (serverSession.AccessTokenExpiryTime < DateTime.Now)
{
serverSession.AccessToken = randomGenerator.Generate(config.TokenAllowedChars, config.TokenLength);
}
serverSession.LastAccessTime = DateTime.Now;
serverSession.AccessTokenExpiryTime = DateTime.Now.AddMinutes(config.SessionExpiredTimeOutMunites);
repoServerSession.Update(serverSession);
}
trans.Commit();
var client = GetClient(transferSignOnInfo.ClientId);
var obj = repoUser.Query(o => o.UserId == serverSession.UserId).FirstOrDefault();
response.Data = GetClientSession(client, obj, serverSession);
}
catch (Exception ex)
{
trans.Rollback();
response.Status = ResponseStatus.Failed;
response.Message = ex.Message;
}
}
}
return(response);
}
public IServerResponse <Session> TransferSignOn(TransferSignOnInfo transferSignOnInfo)
{
return(serverProvider.TransferSignOn(transferSignOnInfo));
}