public bool OAuthAccess()
{
var app = OAuthAppCache.Get(this._appid);
if (app == null)
{
Alert("无效的应用编号");
return(false);
}
//Tauth_Code daCode = new Tauth_Code();
var daCode = DaoFactory.Tauth_Code();
if (!daCode.SelectByAppId_GrantCode(app.Id, this._auth_code))
{
Alert("无效的授权码");
return(false);
}
if (daCode.Status == 1)
{
Alert("该授权码已被使用,不能重复使用");
return(false);
}
if (daCode.Expire_Time < DateTime.Now)
{
Alert("授权码已过期");
return(false);
}
daCode.Status = 1;
if (!daCode.Update())
{
Alert("授权码验证失败");
return(false);
}
var scope = ScopeCache.Get(daCode.Scope_Id);
BeginTransaction();
UserTokenProvider utp = new UserTokenProvider(app, daCode.User_Id, daCode, scope.Code);
utp.ReferenceTransactionFrom(Transaction);
if (!utp.GenerateUserToken())
{
Rollback();
Alert(utp.PromptInfo);
return(false);
}
this.OAuthUser = utp.OAuthUser;
if (!UpdateTokenRights(utp.TokenId, utp.Refresh_Timeout, daCode.Right_Json))
{
Rollback();
return(false);
}
Commit();
return(true);
}
/// <summary>
/// 检查是否已经授权了
/// </summary>
/// <param name="appid"></param>
/// <param name="userId"></param>
/// <returns></returns>
private bool CheckAlreadyAuth(int appid, int userId)
{
//Tauth_Code daCode = new Tauth_Code();
var daCode = DaoFactory.Tauth_Code();
if (!daCode.SelectByAppid_UserId(appid, userId))
{
return(false);
}
if (daCode.Expire_Time < DateTime.Now)
{
return(false);
}
if (daCode.Status == 1)
{
return(false);
}
this.Auth_Code = daCode.Grant_Code;
return(true);
}
/// <summary>
/// 生成用户授权访问令牌
/// </summary>
/// <returns></returns>
public bool GenerateUserToken()
{
try
{
if (_app == null && !_appid.HasValue)
{
Alert(Winner.Framework.Utils.ResultType.无效数据类型, "无效的应用编号");
return(false);
}
if (_app == null)
{
_app = OAuthAppCache.Get(_appid.Value);
}
this.OAuthUser.Expire_In = _app.TokenExpireIn;
this.OAuthUser.Refresh_Expire_In = 30;
var fac = UserModuleFactory.GetUserModuleInstance();
IUser user = fac?.GetUserByID(_userid);
if (user == null)
{
Alert(Winner.Framework.Utils.ResultType.数据库查不到数据, "用户不存在");
return(false);
}
if (_daCode == null)
{
//_daCode = new Tauth_Code();
_daCode = DaoFactory.Tauth_Code();
if (this._authid.HasValue)
{
if (!_daCode.SelectByPk(this._authid.Value))
{
Alert(Winner.Framework.Utils.ResultType.无效数据类型, "无效的授权码");
return(false);
}
}
else
{
_daCode.App_Id = _app.Id;
_daCode.Expire_Time = DateTime.Now.AddMinutes(5);
_daCode.Grant_Code = Guid.NewGuid().ToString("N").ToLower();
_daCode.Scope_Id = ScopeCache.Get(this._scope).Id;
_daCode.User_Id = user.UserId;
_daCode.Device_Id = _deviceid;
_daCode.Remarks = "客户端登录自动授权";
_daCode.Status = 1;
if (!_daCode.Insert())
{
Alert(Winner.Framework.Utils.ResultType.非法操作, "登录授权失败");
return(false);
}
}
}
int refresh_token_expire_in = this.OAuthUser.Refresh_Expire_In * 86400;
string userCode = user.GetUserVoucher(UserVoucherType.自定义号码);
string open_id = EncryptOpenId(_app.Id, user.UserId, userCode, _app.UidEncryptKey);
this.OAuthUser.Open_Id = open_id;
this.OAuthUser.Token = EncryptAccessToken(user.UserId, userCode, _app.Id, this.OAuthUser.Expire_In);
this.OAuthUser.Refresh_Token = EncryptAccessToken(user.UserId, userCode, _app.Id, refresh_token_expire_in);
BeginTransaction();
//Tauth_Token daToken = new Tauth_Token();
var daToken = DaoFactory.Tauth_Token();
daToken.ReferenceTransactionFrom(Transaction);
bool exist = daToken.SelectByAppId_UserId_DeviceId(_app.Id, this._userid, this._deviceid);
daToken.App_Id = _app.Id;
daToken.Expire_Time = DateTime.Now.AddSeconds(this.OAuthUser.Expire_In);
daToken.Refresh_Timeout = DateTime.Now.AddDays(this.OAuthUser.Refresh_Expire_In);
daToken.Refresh_Token = this.OAuthUser.Refresh_Token;
daToken.Token_Code = this.OAuthUser.Token;
daToken.Scope_Id = _daCode.Scope_Id;
daToken.User_Id = _userid;
daToken.Grant_Id = _daCode.Auth_Id;
daToken.Device_Id = this._deviceid;
if (exist)
{
daToken.Last_Access_Time = DateTime.Now;
if (!daToken.Update())
{
Rollback();
Alert(Winner.Framework.Utils.ResultType.数据库更新失败, "TOKEN生成失败");
return(false);
}
}
else
{
if (!daToken.Insert())
{
Rollback();
Alert(Winner.Framework.Utils.ResultType.数据库更新失败, "TOKEN生成失败");
return(false);
}
}
this.TokenId = daToken.Token_Id;
Commit();
return(true);
}
catch (Exception ex)
{
Log.Error("生成token失败", ex);
Alert(ResultType.系统异常, "生成token失败");
return(false);
}
}
/// <summary>
/// 执行授权
/// </summary>
/// <returns></returns>
public bool Grant(bool takeAll, params CodePrivilege[] rights)
{
OAuthApp app = OAuthAppCache.Get(this._appid);
if (app == null)
{
Alert("未注册的应用");
return(false);
}
string[] scopeCodes = this._scope.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
var scope = ScopeCache.Get(scopeCodes);
if (scope == null || scope.Count <= 0)
{
Alert("未定义的授权类型");
return(false);
}
var fac = UserModuleFactory.GetUserModuleInstance();
IUser user = fac?.GetUserByID(this._userId);
if (user == null)
{
Alert("用户信息加载失败");
return(false);
}
if (CheckAlreadyAuth(app.Id, user.UserId))
{
return(true);
}
if (takeAll && (rights == null || rights.Length <= 0))
{
var temp = ScopeRightProvider.GetScopeRights(this._scope);
rights = new CodePrivilege[temp.Count];
for (int i = 0; i < rights.Length; i++)
{
rights[i] = new CodePrivilege
{
Id = temp[i].Right_Id,
Type = temp[i].Right_Type
};
}
}
this.Auth_Code = Guid.NewGuid().ToString("N");
//Tauth_Code daCode = new Tauth_Code();
var daCode = DaoFactory.Tauth_Code();
daCode.App_Id = app.Id;
daCode.Expire_Time = DateTime.Now.AddMinutes(5);
daCode.Grant_Code = this.Auth_Code;
daCode.Scope_Id = scope.FirstOrDefault().Id;
daCode.User_Id = user.UserId;
daCode.Device_Id = this._device_id;
if (rights != null && rights.Length > 0)
{
daCode.Right_Json = Javirs.Common.Json.JsonSerializer.JsonSerialize(rights);
}
if (!daCode.Insert())
{
Alert("授权失败,请重试!");
return(false);
}
return(true);
}
