/// <summary>获取详细信息</summary> /// <param name="doc">Xml 文档对象</param> /// <returns>返回操作结果</returns> public string GetAccessToken(XmlDocument doc) { // http://local.passport.x3platform.com/api/connect.auth.token.aspx?code=28f35bf4743030ae string code = XmlHelper.Fetch("code", doc); ConnectAuthorizationCodeInfo authorizationCodeInfo = ConnectContext.Instance.ConnectAuthorizationCodeService[code]; if (authorizationCodeInfo == null) { return("{\"message\":{\"returnCode\":1,\"value\":\"authorization code not find\"}}"); } ConnectAccessTokenInfo accessTokenInfo = ConnectContext.Instance.ConnectAccessTokenService.FindOneByAccountId(authorizationCodeInfo.AppKey, authorizationCodeInfo.AccountId); if (accessTokenInfo == null) { return("{\"message\":{\"returnCode\":1,\"value\":\"access token not find\"}}"); } StringBuilder outString = new StringBuilder(); outString.Append("{\"data\":{"); outString.Append("accessToken:\"" + accessTokenInfo.Id + "\","); outString.Append("expiresIn:\"" + accessTokenInfo.ExpiresIn + "\","); outString.Append("refreshToken:\"" + accessTokenInfo.RefreshToken + "\" "); outString.Append("},\"message\":{\"returnCode\":0,\"value\":\"query success\"}}"); return(outString.ToString()); }
// ------------------------------------------------------- // 接口地址:/api/connect.oauth2.token.aspx // ------------------------------------------------------- #region 函数:GetAccessToken(XmlDocument doc) /// <summary>获取详细信息</summary> /// <param name="doc">Xml 文档对象</param> /// <returns>返回操作结果</returns> public string GetAccessToken(XmlDocument doc) { // http://x10.x3platform.com/api/connect.oauth2.token.aspx?code=28f35bf4743030ae string code = XmlHelper.Fetch("code", doc); ConnectAuthorizationCodeInfo authorizationCodeInfo = ConnectContext.Instance.ConnectAuthorizationCodeService[code]; if (authorizationCodeInfo == null) { return("{error:1,descriptiopn:\"not find\"}"); } ConnectAccessTokenInfo accessTokenInfo = ConnectContext.Instance.ConnectAccessTokenService.FindOneByAccountId(authorizationCodeInfo.AppKey, authorizationCodeInfo.AccountId); if (accessTokenInfo == null) { return("{error:1,descriptiopn:\"not find\"}"); } StringBuilder outString = new StringBuilder(); outString.Append("{"); outString.Append("\"access_token\":\"" + accessTokenInfo.Id + "\","); outString.Append("\"token_type\":\"bearer\","); outString.Append("\"expires_in\":\"" + accessTokenInfo.ExpiresIn + "\","); outString.Append("\"refresh_token\":\"" + accessTokenInfo.RefreshToken + "\" "); outString.Append("}"); return(outString.ToString()); }
// ------------------------------------------------------- // 保存 删除 // ------------------------------------------------------- #region 函数:Save(ConnectAuthorizationCodeInfo param) /// <summary>保存记录</summary> /// <param name="param"><see cref="ConnectAuthorizationCodeInfo" />实例详细信息</param> /// <param name="message">数据库操作返回的相关信息</param> /// <returns><see cref="ConnectAuthorizationCodeInfo" />实例详细信息</returns> public ConnectAuthorizationCodeInfo Save(ConnectAuthorizationCodeInfo param) { if (string.IsNullOrEmpty(param.Id)) { throw new NullReferenceException("实例标识不能为空。"); } // 过滤 Cross Site Script param = StringHelper.ToSafeXSS <ConnectAuthorizationCodeInfo>(param); return(this.provider.Save(param)); }
// ------------------------------------------------------- // 保存 添加 修改 删除 // ------------------------------------------------------- #region 函数:Save(ConnectAuthorizationCodeInfo param) /// <summary>保存记录</summary> /// <param name="param"><see cref="ConnectAuthorizationCodeInfo" />实例详细信息</param> /// <returns><see cref="ConnectAuthorizationCodeInfo" />实例详细信息</returns> public ConnectAuthorizationCodeInfo Save(ConnectAuthorizationCodeInfo param) { if (!IsExist(param.Id)) { Insert(param); } else { Update(param); } return(param); }
// ------------------------------------------------------- // 接口地址:/api/connect.auth.authorize.aspx // ------------------------------------------------------- #region 函数:GetAuthorizeCode(XmlDocument doc) /// <summary>获取详细信息</summary> /// <param name="doc">Xml 文档对象</param> /// <returns>返回操作结果</returns> public string GetAuthorizeCode(XmlDocument doc) { StringBuilder outString = new StringBuilder(); string clientId = XmlHelper.Fetch("clientId", doc); string redirectUri = XmlHelper.Fetch("redirectUri", doc); string responseType = XmlHelper.Fetch("responseType", doc); string scope = XmlHelper.Fetch("scope", doc); string style = XmlHelper.Fetch("style", doc); string loginName = XmlHelper.Fetch("loginName", doc); string password = XmlHelper.Fetch("password", doc); if (string.IsNullOrEmpty(loginName) || string.IsNullOrEmpty(password)) { HttpContentTypeHelper.SetValue("html"); return(CreateLoginPage(clientId, redirectUri, responseType, scope)); } else { // 当前用户信息 IAccountInfo account = MembershipManagement.Instance.AccountService.LoginCheck(loginName, password); if (account == null) { if (string.IsNullOrEmpty(responseType)) { outString.Append("{\"message\":{\"returnCode\":1,\"value\":\"帐号或者密码错误。\"}}"); return(outString.ToString()); } else { // 输出登录页面 // 设置输出的内容类型,默认为 html 格式。 HttpContentTypeHelper.SetValue("html"); return(CreateLoginPage(clientId, redirectUri, responseType, scope)); } } else { // 检验是否有授权码 if (!ConnectContext.Instance.ConnectAuthorizationCodeService.IsExist(clientId, account.Id)) { ConnectAuthorizationCodeInfo authorizationCode = new ConnectAuthorizationCodeInfo(); authorizationCode.Id = DigitalNumberContext.Generate("Key_32DigitGuid"); authorizationCode.AppKey = clientId; authorizationCode.AccountId = account.Id; authorizationCode.AuthorizationScope = string.IsNullOrEmpty(scope) ? "public" : scope; ConnectContext.Instance.ConnectAuthorizationCodeService.Save(authorizationCode); } // 设置访问令牌 ConnectContext.Instance.ConnectAccessTokenService.Write(clientId, account.Id); // 设置会话信息 ConnectAccessTokenInfo token = ConnectContext.Instance.ConnectAccessTokenService.FindOneByAccountId(clientId, account.Id); // 记录日志 string ip = IPQueryContext.GetClientIP(); MembershipManagement.Instance.AccountService.SetIPAndLoginDate(account.Id, ip, DateTime.Now); MembershipManagement.Instance.AccountLogService.Log(account.Id, "connect.auth.authorize", string.Format("【{0}】在 {1} 登录了系统。【IP:{2}】", account.Name, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), ip)); string sessionId = token.AccountId + "-" + token.Id; KernelContext.Current.AuthenticationManagement.AddSession(clientId, sessionId, account); HttpAuthenticationCookieSetter.SetUserCookies(sessionId); string code = ConnectContext.Instance.ConnectAuthorizationCodeService.GetAuthorizationCode(clientId, account); // responseType == null 则输出令牌信息 if (string.IsNullOrEmpty(responseType)) { outString.Append("{\"data\":" + AjaxUtil.Parse <ConnectAccessTokenInfo>(token) + ","); outString.Append("\"message\":{\"returnCode\":0,\"value\":\"验证成功。\"}}"); string callback = XmlHelper.Fetch("callback", doc); return(string.IsNullOrEmpty(callback) ? outString.ToString() : callback + "(" + outString.ToString() + ")"); } else if (responseType == "code") { HttpContext.Current.Response.Redirect(CombineUrlAndAuthorizationCode(redirectUri, code)); } else if (responseType == "token") { HttpContext.Current.Response.Redirect(CombineUrlAndAccessToken(redirectUri, token)); } else { HttpContext.Current.Response.Redirect(CombineUrlAndAuthorizationCode(redirectUri, code)); } } } outString.Append("{\"message\":{\"returnCode\":0,\"value\":\"执行成功。\"}}"); return(outString.ToString()); }
/// <summary>修改记录</summary> /// <param name="param">实例<see cref="ConnectAuthorizationCodeInfo"/>详细信息</param> public void Update(ConnectAuthorizationCodeInfo param) { this.ibatisMapper.Update(StringHelper.ToProcedurePrefix(string.Format("{0}_Update", this.tableName)), param); }
/// <summary>获取帐号的授权码</summary> /// <param name="appKey">应用标识</param> /// <param name="accountId">帐号标识</param> /// <returns>授权码</returns> public string GetAuthorizationCode(string appKey, IAccountInfo account) { ConnectAuthorizationCodeInfo code = this.FindOneByAccountId(appKey, account.Id); return(code == null ? string.Empty : code.Id); }