protected void register_Click(object sender, EventArgs e) { string mobile = this.mobile.Text; string checkCode = this.checkCode.Text; string password = this.password.Text; string password2 = this.password2.Text; //判断手机验证码 if (checkCode != null && !"".Equals(checkCode)) { Result = PhoneBO.SelSendSMSMassage("", mobile, checkCode, out ErrMsg); if (Result != 0) { errorHint.InnerHtml = "手机验证码错误,请重新输入"; return; } } Result = UserRegistry.quickUserRegistryWeb(SPID, password, mobile, "2", out CustID, out ErrMsg); if (Result != 0) { CommonBizRules.ErrorHappenedRedircet(Result, ErrMsg, "用户注册", this.Context); return; } SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); string Digest = CryptographyUtil.GenerateAuthenticator(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg, key); string temp = SPID + "$" + CryptographyUtil.Encrypt(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg + "$" + Digest, key); string RegistryResponseValue = HttpUtility.UrlEncode(temp); log(String.Format("key:{0},Digest:{1},temp:{2},RegistryResponseValue:{3}", key, Digest, temp, RegistryResponseValue)); //给用户写cookie UserToken UT = new UserToken(); string key2 = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); string RealName = mobile; string UserName = mobile; string NickName = mobile; // CustID, RealName, UserName, NickName, OuterID, CustType, string LoginAuthenName, string LoginAuthenType,string key, out string ErrMsg string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, "", "42", UserName, "1", key2, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); //通知积分平台 CIP2BizRules.InsertCustInfoNotify(CustID, "2", SPID, "", "0", out ErrMsg); //记登录日志 CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, "35", "0", "", "2", Result, ErrMsg); Response.Redirect(ReturnUrl + "?RegistryResponse=" + RegistryResponseValue, true); }
/// <summary> /// 校验用户是否登录成功 /// </summary> public void Validate() { if (!PageUtility.IsCookieExist(CookieName, this.Context)) { result = ErrorDefinition.IError_Result_UserAuthorizationFail_Code; errMsg = "您尚未登录"; this.ErrorHappened(); return; } string strCIPToken = Request.Cookies.Get(CookieName).Value; if (CommonUtility.IsEmpty(strCIPToken)) { result = ErrorDefinition.IError_Result_UserAuthorizationFail_Code; errMsg = "您尚未登录."; this.ErrorHappened(); return; } SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); UserToken UT = new UserToken(); result = UT.ParseUserToken(strCIPToken, key, out custID, out realName, out userName, out nickName, out outerID, out custType, out loginAuthenName, out loginAuthenType, out errMsg); //如果验证成功则重新生成Cookie以更新超时时间 if (result == 0) { string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OuterID, CustType, loginAuthenName, loginAuthenType, key, out errMsg); PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); } }
protected void CreateSPTokenRequest() { StringBuilder sbLog = new StringBuilder(); SPInfoManager spInfo = new SPInfoManager(); try { sbLog.Append("spInfo.GetSPData\r\n"); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string ScoreSystemSecret = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); sbLog.Append("ScoreSystemSecret"); String _HeadFooter = "yes"; String TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");; UserToken UT = new UserToken(); newSPTokenRequest = UT.GenerateBestAccountMainUserToken(CustID, ReturnUrl, _HeadFooter, TimeStamp, ScoreSystemSecret, out ErrMsg); newSPTokenRequest = HttpUtility.UrlEncode(SPID + "$" + newSPTokenRequest); } catch (Exception ep) { sbLog.Append(ep.Message); } finally { log(sbLog.ToString()); } }
protected void CreateSPTokenRequest() { SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string ScoreSystemSecret = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); String TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");; UserToken UT = new UserToken(); newSPTokenRequest = UT.GenerateBestAccountMainUserTokenM(CustID, ReturnUrl, TimeStamp, ScoreSystemSecret, out ErrMsg); newSPTokenRequest = HttpUtility.UrlEncode(SPID + "$" + newSPTokenRequest); }
protected void CreateSPTokenRequest() { SPID = "35433334"; SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string ScoreSystemSecret = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); UAProvinceID = "02"; SourceType = "4"; ReturnURL = "http://114yg.cn"; // 这里问翼购要地址 wap的 TimeStamp = DateTime.Now.ToString("yyyyMMddHHmmss"); Digest = CryptographyUtil.GenerateAuthenticator(UAProvinceID + "$" + SourceType + "$" + ReturnURL + "$" + TimeStamp, ScoreSystemSecret); EncryptStr = CryptographyUtil.Encrypt(UAProvinceID + "$" + SourceType + "$" + ReturnURL + "$" + TimeStamp + "$" + Digest, ScoreSystemSecret); SPTokenRequest = HttpUtility.UrlEncode(SPID + "$" + EncryptStr); }
protected void CreateNewSPTokenRequest() { SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string ScoreSystemSecret = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); //string RequestStr = CryptographyUtil.Decrypt(EncryptSourceStr.ToString(), ScoreSystemSecret); String _HeadFooter = "yes"; String TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");; UserToken UT = new UserToken(); newSPTokenRequest = UT.GenerateBestAccountMainUserToken(CustID, ReturnUrl, _HeadFooter, TimeStamp, ScoreSystemSecret, out ErrMsg); newSPTokenRequest = HttpUtility.UrlEncode(SPID + "$" + newSPTokenRequest); }
protected void Page_Load(object sender, EventArgs e) { top_welcome.InnerHtml = welcome; string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; if (PageUtility.IsCookieExist(CookieName, this.Context)) { SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); UserToken UT = new UserToken(); string strCIPToken = Request.Cookies.Get(CookieName).Value; string custID; string realName; string userName; string nickName; string outerID; string custType; string loginAuthenName; string loginAuthenType; string errMsg; int result = UT.ParseUserToken(strCIPToken, key, out custID, out realName, out userName, out nickName, out outerID, out custType, out loginAuthenName, out loginAuthenType, out errMsg); if (result == 0) { if (realName != null && !"".Equals(realName)) { top_name.InnerHtml = "您好," + realName; } else if (nickName != null && !"".Equals(nickName)) { top_name.InnerHtml = "您好," + nickName; } else if (userName != null && !"".Equals(userName)) { top_name.InnerHtml = "您好," + userName; } } } }
public BasePage() { // // TODO: 在此处添加构造函数逻辑 // String RealName, NickName, OuterID, CustType, LoginAuthenName, LoginAuthenType; HttpCookie cookie = HttpContext.Current.Request.Cookies[CookieName]; if (cookie == null) { CommonBizRules.ErrorHappenedRedircet(result, ErrMsg, "您尚未登录,请登录", this.Context); return; } string strCIPToken = HttpContext.Current.Request.Cookies.Get(CookieName).Value; if (CommonUtility.IsEmpty(strCIPToken)) { CommonBizRules.ErrorHappenedRedircet(result, ErrMsg, "您尚未登录,请登录", this.Context); return; } SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(HttpContext.Current, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); UserToken UT = new UserToken(); result = UT.ParseUserToken(strCIPToken, key, out custID, out RealName, out userName, out NickName, out OuterID, out CustType, out LoginAuthenName, out LoginAuthenType, out ErrMsg); //如果验证成功则重新生成Cookie以更新超时时间 if (result == 0) { string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OuterID, CustType, LoginAuthenName, LoginAuthenType, key, out ErrMsg); PageUtility.SetCookie(CookieName, UserTokenValue); } //this.custID = "117663768";//117663768,26251932 }
protected void login_Click(object sender, EventArgs e) { Response.AddHeader("P3P", "CP=CAO PSA OUR"); StringBuilder strLog = new StringBuilder(); //string AuthenType = HttpUtility.HtmlDecode(Request.Form["AuthenType"].ToString().Trim().ToUpper()); //获取认证类型 string AuthenName = username.Text; string Password = password.Text; string AuthenType = "1"; // 默认是用户名 Regex regMobile = new Regex(@"^1[3458]\d{9}$"); Regex regEmail = new Regex(@"^[0-9a-zA-Z_\-\.]*[0-9a-zA-Z_\-]@[0-9a-zA-Z]+\.+[0-9a-zA-Z_\-.]+$"); Regex regCard = new Regex(@"^(\d{9}|\d{16})$"); if (regMobile.IsMatch(AuthenName)) { AuthenType = "2"; } if (regEmail.IsMatch(AuthenName)) { AuthenType = "4"; } if (regCard.IsMatch(AuthenName)) { AuthenType = "3"; } PageUtility.SetCookie("AuthenType", AuthenType, 168); //168个小时,即一个礼拜 string CustID = ""; string RealName = ""; string NickName = ""; string UserName = ""; string OutID = ""; string UserAccount = ""; string ErrMsg = ""; string CustType = ""; string ProvinceID = ""; int Result = 1; try { strLog.AppendFormat("checkCode={0}", Request.Form["checkCode"]); if (!CommonUtility.ValidateValidateCode(HttpUtility.HtmlDecode(Request.Form["checkCode"].ToString().Trim()), this.Context)) { errorHint.InnerHtml = "验证码错误,请重新输入"; return; } //日志 strLog.AppendFormat("【开始验证】:SPID:{0},ProvinceID:{1},AuthenName:{2},AuthenType:{3}", SPID, ProvinceID, AuthenName, AuthenType); Result = BTForBusinessSystemInterfaceRules.UserAuthV2(SPID, AuthenName, AuthenType, Password, Context, ProvinceID, "", "", out ErrMsg, out CustID, out UserAccount, out CustType, out OutID, out ProvinceID, out RealName, out UserName, out NickName); //验证结果日志 strLog.AppendFormat("【验证结果】:CustID:{0},UserAcount:{1},CustType:{2},OutID:{3},ProvinceID:{4},RealName:{5},UserName:{6},NickName:{7}", CustID, UserAccount, CustType, OutID, ProvinceID, RealName, UserName, NickName); CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, ProvinceID, AuthenType, AuthenName, "2", Result, ErrMsg); if (Result != 0) { if (Result == 1001 || Result == -20504 || Result == -21553) { errorHint.InnerHtml = ErrMsg; //hint_Username.InnerHtml = ""; return; } if (Result == -21501) { errorHint.InnerHtml = ErrMsg; return; } Response.Write(ErrMsg); return; } SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); //生成token并保存 UserToken UT = new UserToken(); string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(CookieName, UserTokenValue); TokenValidate.IsRedircet = false; TokenValidate.Validate(); this.ssoFunc(); } catch (System.Exception ex) { log(ex.ToString()); } finally { log(strLog.ToString()); } }
protected void btnlogin_Click(object sender, EventArgs e) { string AuthenType = ddlAuthenTypeList.SelectedValue; PageUtility.SetCookie("AuthenType", AuthenType, 168); //168个小时,即一个礼拜 string AuthenName = txtUsername.Text; string Password = txtPassword.Text; string CustID = ""; string RealName = ""; string NickName = ""; string UserName = ""; string OutID = ""; string UserAccount = ""; string ErrMsg = ""; string CustType = ""; string ProvinceID = ""; int Result = 1; if (!CommonUtility.ValidateValidateCode(HttpUtility.HtmlDecode(Request.Form["code"].ToString().Trim().ToUpper()), this.Context)) { err_code.InnerHtml = "验证码错误,请重新输入"; return; } //日志 log(String.Format("【开始验证】:SPID:{0},ProvinceID:{1},AuthenName:{2},AuthenType:{3}", SPID, ProvinceID, AuthenName, AuthenType)); Result = BTForBusinessSystemInterfaceRules.UserAuthV2(SPID, AuthenName, AuthenType, Password, Context, ProvinceID, "", "", out ErrMsg, out CustID, out UserAccount, out CustType, out OutID, out ProvinceID, out RealName, out UserName, out NickName); //验证结果日志 log(String.Format("【验证结果】:CustID:{0},UserAcount:{1},CustType:{2},OutID:{3},ProvinceID:{4},RealName:{5},UserName:{6},NickName:{7}", CustID, UserAccount, CustType, OutID, ProvinceID, RealName, UserName, NickName)); CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, ProvinceID, AuthenType, AuthenName, "2", Result, ErrMsg); if (Result != 0) { if (Result == 1001 || Result == -20504 || Result == -21553) { err_Username.InnerHtml = ErrMsg; hint_Username.InnerHtml = ""; return; } if (Result == -21501) { err_Password.InnerHtml = ErrMsg; return; } Response.Write(ErrMsg); return; } SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); //生成token并保存 UserToken UT = new UserToken(); string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); TokenValidate.IsRedircet = false; TokenValidate.Validate(); this.ssoFunc(); }
protected void register_Click(object sender, EventArgs e) { Response.AddHeader("P3P", "CP=CAO PSA OUR"); SPID = Request["SPID"] == null ? ConstHelper.DefaultInstance.BesttoneSPID : HttpUtility.HtmlDecode(Request["SPID"]); ReturnUrl = Request["ReturnUrl"] == null ? ConstHelper.DefaultInstance.BesttoneLoginPage : HttpUtility.HtmlDecode(Request["ReturnUrl"]); log(String.Format("【Web注册】:SPID:{0},ReturnUrl:{1}", SPID, ReturnUrl)); string password = Request.Form["password"].ToString().Trim(); string telephone = Request.Form["mobile"].ToString().Trim(); string phonecode = Request.Form["checkCode"].ToString().Trim(); log(String.Format("mobile:{0},password:{1},phonecode:{2}", telephone, password, phonecode)); string ErrMsg = ""; int Result; if (CommonUtility.IsEmpty(password)) { hintPassword.InnerHtml = "密码不能为空格"; // 这里如何控制样式 return; } if (ViewState["phonestate"] == null) { ViewState["phonestate"] = Request.Form["phonestate"].ToString(); string a = (string)ViewState["phonestate"]; } if (((string)ViewState["phonestate"]).Equals("0")) { //判断手机验证码 Result = PhoneBO.SelSendSMSMassage("", telephone, phonecode, out ErrMsg); if (Result != 0) { hintCode.InnerHtml = "手机验证码错误,请重新输入"; // 这里如何控制样式 return; } } TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"); Result = UserRegistry.quickUserRegistryWeb(SPID, password, telephone, (string)ViewState["phonestate"], out CustID, out ErrMsg); if (Result != 0) { CommonBizRules.ErrorHappenedRedircet(Result, ErrMsg, "用户注册", this.Context); return; } SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); string Digest = CryptographyUtil.GenerateAuthenticator(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg, key); string temp = SPID + "$" + CryptographyUtil.Encrypt(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg + "$" + Digest, key); string RegistryResponseValue = HttpUtility.UrlEncode(temp); log(String.Format("key:{0},Digest:{1},temp:{2},RegistryResponseValue:{3}", key, Digest, temp, RegistryResponseValue)); //给用户写cookie UserToken UT = new UserToken(); string key2 = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); string RealName = telephone; string UserName = telephone; string NickName = telephone; // CustID, RealName, UserName, NickName, OuterID, CustType, string LoginAuthenName, string LoginAuthenType,string key, out string ErrMsg string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, "", "42", UserName, "1", key2, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); //通知积分平台 CIP2BizRules.InsertCustInfoNotify(CustID, "2", SPID, "", "0", out ErrMsg); //记登录日志 CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, "35", "0", "", "2", Result, ErrMsg); log(String.Format("【返回之前】:SPID:{0},ReturnUrl:{1}", SPID, ReturnUrl)); string hid_openAccount = Request.Form["hid_openAccount"].ToString().Trim(); log(String.Format("开户选项:{0}", hid_openAccount)); if (ReturnUrl.IndexOf("?") > 0) { if ("1".Equals(hid_openAccount)) { // 这里要 跳回 调用方,并告知 CreateBesttoneAccount.aspx,让其重定向到该地址 //Response.Write(" <A id= 'kh ' href= 'CreateBesttoneAccount.aspx?mobile=" + telephone + "&ReturnUrl=" + ReturnUrl + "' target= '_top '> </A> <script language='javascript' type='text/javascript'> document.getElementById('kh').click(); </script> "); //return; //Response.Redirect("CreateBesttoneAccount.aspx?mobile=" + telephone + "&ReturnUrl=" + ReturnUrl); Response.Redirect(ReturnUrl + "&RegistryResponse=" + RegistryResponseValue + "®istBesttoneAccount=true", true); } else { Response.Redirect(ReturnUrl + "&RegistryResponse=" + RegistryResponseValue, true); } //Response.Redirect(ReturnUrl + "&RegistryResponse=" + RegistryResponseValue, true); //CommonBizRules.SuccessRedirect(ReturnUrl + "&RegistryResponse=" + RegistryResponseValue, "成功注册", this.Context); } else { if ("1".Equals(hid_openAccount)) { // 这里要 跳回 调用方,并告知 CreateBesttoneAccount.aspx,让其重定向到该地址 //Response.Write(" <A id= 'kh ' href= 'CreateBesttoneAccount.aspx?mobile=" + telephone + "&ReturnUrl=" + ReturnUrl + "' target= '_top '> </A> <script language='javascript' type='text/javascript'> document.getElementById('kh').click(); </script> "); //return; //Response.Redirect("CreateBesttoneAccount.aspx?mobile=" + telephone + "&ReturnUrl=" + ReturnUrl); Response.Redirect(ReturnUrl + "?RegistryResponse=" + RegistryResponseValue + "®istBesttoneAccount=true", true); } else { Response.Redirect(ReturnUrl + "?RegistryResponse=" + RegistryResponseValue, true); } //CommonBizRules.SuccessRedirect(ReturnUrl + "?RegistryResponse=" + RegistryResponseValue, "成功注册", this.Context); } }
protected void auth_Click(object sender, EventArgs e) { string AuthenType = HttpUtility.HtmlDecode(Request.Form["AuthenType"].ToString().Trim().ToUpper()); //获取认证类型 string password = Request.Form["password"].ToString().Trim(); string username = Request.Form["username"].ToString().Trim(); // 按照模式匹配出,认证模式 (手机,用户名,商旅卡,邮箱)认证 // 如果认证通过,返回custid // 绑定 custid和openid PageUtility.SetCookie("AuthenType", AuthenType, 168); //168个小时,即一个礼拜 string AuthenName = username; string Password = password; string CustID = ""; string RealName = ""; string NickName = ""; string UserName = ""; string OutID = ""; string UserAccount = ""; string CustType = ""; string ProvinceID = ""; string ErrMsg = ""; int Result; //日志 log(String.Format("【开始验证】:SPID:{0},ProvinceID:{1},AuthenName:{2},AuthenType:{3}", SPID, ProvinceID, AuthenName, AuthenType)); Result = BTForBusinessSystemInterfaceRules.UserAuthV2(SPID, AuthenName, AuthenType, Password, Context, ProvinceID, "", "", out ErrMsg, out CustID, out UserAccount, out CustType, out OutID, out ProvinceID, out RealName, out UserName, out NickName); //验证结果日志 log(String.Format("【验证结果】:CustID:{0},UserAcount:{1},CustType:{2},OutID:{3},ProvinceID:{4},RealName:{5},UserName:{6},NickName:{7}", CustID, UserAccount, CustType, OutID, ProvinceID, RealName, UserName, NickName)); CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, ProvinceID, AuthenType, AuthenName, "2", Result, ErrMsg); if (Result != 0) { if (Result == 1001 || Result == -20504 || Result == -21553) { errorHint.InnerHtml = ErrMsg; return; } if (Result == -21501) { errorHint.InnerHtml = ErrMsg; return; } Response.Write(ErrMsg); return; } // 绑定custid 和code关系 begin string _connectionString = WebConfigurationManager.ConnectionStrings["BestToneCenterConStr"].ConnectionString; int result = -1; SqlConnection con = new SqlConnection(_connectionString); SqlCommand cmd = new SqlCommand("insert into oauthaccount (openid,custid,createtime,status) values (@code,@CustID,getdate(),@oauthtype)", con); cmd.Parameters.Add("@code", SqlDbType.NVarChar, 50).Value = code; cmd.Parameters.Add("@CustID", SqlDbType.NVarChar, 16).Value = CustID; cmd.Parameters.Add("@oauthtype", SqlDbType.NVarChar, 1).Value = oauthtype; using (con) { con.Open(); result = cmd.ExecuteNonQuery(); } //end if (result != 0) { errorHint.InnerHtml = "绑定关系建立失败"; return; } SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); //生成token并保存 UserToken UT = new UserToken(); string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; //PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); PageUtility.SetCookie(CookieName, UserTokenValue); TokenValidate.IsRedircet = false; TokenValidate.Validate(); this.ssoFunc(); }
protected void ParseToken(String CookieName) { StringBuilder strLog = new StringBuilder(); SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); UserToken UT = new UserToken(); string strCIPToken = Request.Cookies.Get(CookieName).Value; string custID; string realName; string userName; string nickName; //string outerID; string custType; string loginAuthenName; string loginAuthenType; string TimeStamp = ""; string SPID = ""; string errMsg = ""; int result = 0; try { log("custinfo 解:" + String.Format("token:{0}", strCIPToken)); outerID = String.Empty; result = UT.ParseUserToken(strCIPToken, key, out custID, out realName, out userName, out nickName, out outerID, out custType, out loginAuthenName, out loginAuthenType, out errMsg); log("result=" + result + ";custID=" + custID + ";outerID=" + outerID + "\r\n"); if (result == 0) { isLogin = "******"; if (realName != null && !"".Equals(realName)) { welcomeName = realName; } else if (nickName != null && !"".Equals(nickName)) { welcomeName = nickName; } else if (userName != null && !"".Equals(userName)) { welcomeName = userName; } } if (CommonUtility.IsParameterExist("SPID", this.Page)) { TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"); SPID = Request["SPID"]; spInfo = new SPInfoManager(); SPData = spInfo.GetSPData(this.Context, "SPData"); key = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); string Digest = CryptographyUtil.GenerateAuthenticator(TimeStamp + "$" + custID + "$" + result + "$" + errMsg, key); encryptCustIDValue = SPID + "$" + CryptographyUtil.Encrypt(TimeStamp + "$" + custID + "$" + result + "$" + errMsg + "$" + Digest, key); //string RegistryResponseValue = HttpUtility.UrlEncode(temp); } } catch (System.Exception ex) { strLog.AppendFormat("异常:{0}\r\n", ex.ToString()); } finally { log(strLog.ToString()); } }
protected void Page_Load(object sender, EventArgs e) { Int32 Result = ErrorDefinition.BT_IError_Result_UnknowError_Code; String ErrMsg = ErrorDefinition.BT_IError_Result_UnknowError_Msg; StringBuilder strMsg = new StringBuilder(); SPID = Request["SPID"]; string appId = Request["appId"]; string paras = Request["paras"]; string sign = Request["sign"]; string unifyPlatform_appId = UDBConstDefinition.DefaultInstance.UnifyPlatformAppId; //System.Configuration.ConfigurationManager.AppSettings["unifyPlatform_appId"]; string unifyPlatform_appSecretKey = UDBConstDefinition.DefaultInstance.UnifyPlatformAppSecret; //System.Configuration.ConfigurationManager.AppSettings["unifyPlatform_appSecretKey"]; strMsg.AppendFormat("返回参数:appId:{0},paras:{1},sign:{2}\r\n", appId, paras, sign); string unifyPlatformResponse = CryptographyUtil.XXTeaDecrypt(paras, unifyPlatform_appSecretKey); strMsg.AppendFormat("unifyPlatformResponse:{0}\r\n", unifyPlatformResponse); string newsign = CryptographyUtil.HMAC_SHA1(unifyPlatform_appId + paras, unifyPlatform_appSecretKey); strMsg.AppendFormat("newsign:{0},sign:{1}\r\n", newsign, sign); if (!newsign.Equals(sign)) { Redirect("ErrMsg", "签名不正确"); } string result = ""; string accessToken = ""; string timeStamp = ""; string userId = ""; string productUid = ""; string loginNum = ""; string nickName = ""; string userIconUrl = ""; string userIconUrl2 = ""; string userIconUrl3 = ""; string isThirdAccount = ""; Dictionary <String, String> parames = new Dictionary <string, string>(); strMsg.Append("开始解析unifyPlatformResponse\r\n"); try { parames = splitParameters(unifyPlatformResponse); strMsg.AppendFormat("params:{0}\r\n", parames); } catch (Exception exp) { strMsg.AppendFormat(exp.ToString()); } strMsg.Append("解析unifyPlatformResponse完毕\r\n"); foreach (KeyValuePair <String, String> p in parames) { if (p.Key.Equals("result")) { result = p.Value; strMsg.AppendFormat("result:{0}\r\n", result); } if (p.Key.Equals("accessToken")) { accessToken = p.Value; strMsg.AppendFormat("accessToken:{0}\r\n", accessToken); } if (p.Key.Equals("timeStamp")) { timeStamp = p.Value; strMsg.AppendFormat("timeStamp:{0}\r\n", timeStamp); } if (p.Key.Equals("userId")) { userId = p.Value; strMsg.AppendFormat("userId:{0}\r\n", userId); } if (p.Key.Equals("productUid")) { productUid = p.Value; strMsg.AppendFormat("productUid:{0}\r\n", productUid); } if (p.Key.Equals("loginNum")) { loginNum = p.Value; strMsg.AppendFormat("loginNum:{0}\r\n", loginNum); } if (p.Key.Equals("nickName")) { nickName = p.Value; strMsg.AppendFormat("nickName:{0}\r\n", nickName); } if (p.Key.Equals("userIconUrl")) { userIconUrl = p.Value; strMsg.AppendFormat("userIconUrl:{0}\r\n", userIconUrl); } if (p.Key.Equals("userIconUrl2")) { userIconUrl2 = p.Value; strMsg.AppendFormat("userIconUrl2:{0}\r\n", userIconUrl2); } if (p.Key.Equals("userIconUrl3")) { userIconUrl3 = p.Value; strMsg.AppendFormat("userIconUrl3:{0}\r\n", userIconUrl3); } if (p.Key.Equals("isThirdAccount")) { isThirdAccount = p.Value; strMsg.AppendFormat("isThirdAccount:{0}\r\n", isThirdAccount); } } strMsg.Append("【综合平台 getUserInfo.do】:"); UnifyAccountInfo accountInfo = new UnifyAccountInfo(); String clientIp = System.Configuration.ConfigurationManager.AppSettings["CIP2_clientIp"];//? 通过f5出去的,这样获得地址不对 if (String.IsNullOrEmpty(clientIp)) { clientIp = Request.UserHostAddress; } try { String clientAgent = Request.UserAgent; if ("0".Equals(result) && !String.IsNullOrEmpty(accessToken)) // result = 0 说明已经处于登录状态 result = 1 说明处于未登录状态 { string p_version = UDBConstDefinition.DefaultInstance.UnifyPlatformVersion; //System.Configuration.ConfigurationManager.AppSettings["unifyPlatform_version"]; string p_clientType = UDBConstDefinition.DefaultInstance.UnifyPlatformClientType; Result = _UDBMBoss.UnifyPlatformGetUserInfo(unifyPlatform_appId, unifyPlatform_appSecretKey, p_version, p_clientType, accessToken, clientIp, clientAgent, out accountInfo, out ErrMsg); if (Result == 0) // 综合平台查询客户信息成功 { String CustID, OuterID, Status, CustType, CustLevel, RealName, UserName, NickName, CertificateCode, CertificateType, Sex, Email, EnterpriseID, ProvinceID, AreaID, RegistrationSource; //检测对应用户是否在号百系统,不在,则注册进来 strMsg.Append("【开始注册到号百】:"); CustID = String.Empty; System.Text.RegularExpressions.Regex regMobile = new System.Text.RegularExpressions.Regex(@"^1[345678]\d{9}$"); System.Text.RegularExpressions.Regex regEmail = new System.Text.RegularExpressions.Regex(@"^[0-9a-zA-Z_\-\.]*[0-9a-zA-Z_\-]@[0-9a-zA-Z]+\.+[0-9a-zA-Z_\-.]+$"); System.Text.RegularExpressions.Regex regCard = new System.Text.RegularExpressions.Regex(@"^(\d{9}|\d{16})$"); string AuthenType = "1"; strMsg.AppendFormat("accountInfo.username:{0}\r\n", accountInfo.userName); strMsg.AppendFormat("acountInfo.userId:{0},accountInfo.pUserId:{1}\r\n", accountInfo.userId, accountInfo.pUserId); if (regMobile.IsMatch(accountInfo.userName)) { AuthenType = "2"; } if (regEmail.IsMatch(accountInfo.userName)) { AuthenType = "4"; } if (regCard.IsMatch(accountInfo.userName)) { AuthenType = "3"; } if ("2".Equals(AuthenType)) { //Result = UserRegistry.getUserRegistryUnifyPlatform(accountInfo, out CustID, out ErrMsg); String OperType = "3"; // 注册 String Password = ""; // 从综合平台注册过来,密码是不知道的 RealName = ""; Result = CIP2BizRules.BindCustInfoUnifyPlatform("02", "021", accountInfo.mobileName, accountInfo.emailName, RealName, Password, accountInfo.userId, SPID, OperType, out CustID, out ErrMsg); } else { Result = -7766; } //Result = UserRegistry.getUserRegistryUnifyPlatform(accountInfo, out CustID, out ErrMsg); strMsg.AppendFormat("Result:{0},CustID:{1}\r\n", Result, CustID); strMsg.AppendFormat("ReturnUrl: {0}\r\n", ReturnUrl); //注册成功 if (Result == 0) { Result = CustBasicInfo.getCustInfo(SPID, CustID, out ErrMsg, out OuterID, out Status, out CustType, out CustLevel, out RealName, out UserName, out NickName, out CertificateCode, out CertificateType, out Sex, out Email, out EnterpriseID, out ProvinceID, out AreaID, out RegistrationSource); strMsg.AppendFormat("ReturnUrl: {0}\r\n", ReturnUrl); if (Result != 0) { strMsg.Append(",ErrMsg:客户不存在" + CustID); //客户不存在 Redirect("ErrMsg", "客户不存在"); } //埋综合平台token //String UnifyPlatformCookieName = ConfigurationManager.AppSettings["UnifyPlatformCookieName"]; //PageUtility.SetCookie(accessToken, UnifyPlatformCookieName, this.Page); strMsg.AppendFormat("ReturnUrl: {0}\r\n", ReturnUrl + "?UnifyAccountCheckResult=0&SPID=35000000"); //埋号百token string AuthenName = UserName; AuthenType = "2"; SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); UserToken UT = new UserToken(); string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OuterID, CustType, AuthenName, AuthenType, key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); //ReturnUrl = Request["ReturnUrl"] ; strMsg.AppendFormat("ReturnUrl: {0}\r\n", ReturnUrl + "?UnifyAccountCheckResult=0&SPID=35000000"); strMsg.AppendFormat("Response.Redirect to {0}\r\n", ReturnUrl + "?UnifyAccountCheckResult=0&SPID=35000000"); Response.Redirect(ReturnUrl + "?UnifyAccountCheckResult=0&SPID=35000000", false); } else { string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.ExpireCookie(CookieName, this.Page); Response.Redirect(ReturnUrl + "?UnifyAccountCheckResult=0&SPID=35000000", false); } } } else // 未登录 { //清楚cookie (登录状态) string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.ExpireCookie(CookieName, this.Page); //PageUtility.ExpireCookie(UnifyPlatformCookieName, this.Page); Response.Redirect(ReturnUrl + "?UnifyAccountCheckResult=1&SPID=35000000", false); } //if ("0".Equals(result) && Result == 0) // 认证成功 并且根据accesstoken查客户信息成功 //{ // String CustID, OuterID, Status, CustType, CustLevel, RealName, UserName, NickName, CertificateCode, CertificateType, Sex, Email, EnterpriseID, ProvinceID, AreaID, RegistrationSource; // //检测对应用户是否在号百系统,不在,则注册进来 // strMsg.Append("【开始注册到号百】:"); // Result = UserRegistry.getUserRegistryUnifyPlatform(accountInfo, out CustID, out ErrMsg); // strMsg.AppendFormat("Result:{0},CustID:{1}\r\n", Result, CustID); // strMsg.AppendFormat("ReturnUrl: {0}\r\n", ReturnUrl); // //注册成功 // if (Result == 0) // { // Result = CustBasicInfo.getCustInfo(SPID, CustID, out ErrMsg, out OuterID, out Status, out CustType, out CustLevel, out RealName, // out UserName, out NickName, out CertificateCode, out CertificateType, out Sex, out Email, out EnterpriseID, out ProvinceID, // out AreaID, out RegistrationSource); // strMsg.AppendFormat("ReturnUrl: {0}\r\n", ReturnUrl); // if (Result != 0) // { // strMsg.Append(",ErrMsg:客户不存在" + CustID); // //客户不存在 // Redirect("ErrMsg", "客户不存在"); // } // //埋综合平台token // //String UnifyPlatformCookieName = ConfigurationManager.AppSettings["UnifyPlatformCookieName"]; // //PageUtility.SetCookie(accessToken, UnifyPlatformCookieName, this.Page); // strMsg.AppendFormat("ReturnUrl: {0}\r\n", ReturnUrl); // //埋号百token // string AuthenName = UserName; // string AuthenType = "2"; // SPInfoManager spInfo = new SPInfoManager(); // Object SPData = spInfo.GetSPData(this.Context, "SPData"); // string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); // UserToken UT = new UserToken(); // string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OuterID, CustType, AuthenName, AuthenType, key, out ErrMsg); // string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; // PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); // //ReturnUrl = Request["ReturnUrl"] ; // strMsg.AppendFormat("ReturnUrl: {0}\r\n", ReturnUrl); // strMsg.AppendFormat("Response.Redirect to {0}\r\n", ReturnUrl); // Response.Redirect(ReturnUrl, false); // } // else // { // strMsg.Append(",ErrMsg:用户注册到号百失败"); // } //} } catch (Exception excp) { strMsg.AppendFormat("异常:{0}\r\n", excp.ToString()); } finally { WriteLog(strMsg.ToString()); } //WriteLog(strMsg.ToString()); }
protected void Page_Load(object sender, EventArgs e) { string SPID = "35000000"; string AuthenType = ""; string AuthenName = ""; string Password = ""; string CustID = ""; string RealName = ""; string NickName = ""; string UserName = ""; string OutID = ""; string UserAccount = ""; string CustType = ""; string ProvinceID = ""; string Ticket = ""; string ReturnUrl = ""; int Result = ErrorDefinition.BT_IError_Result_UnknowError_Code; string ErrMsg = ErrorDefinition.BT_IError_Result_UnknowError_Msg; try { if (CommonUtility.IsParameterExist("LoginTicket", this.Page)) { Ticket = Request["LoginTicket"]; Result = CIPTicketManager.checkYgTicket(SPID, Ticket, "", out CustID, out RealName, out UserName, out NickName, out OutID, "", out AuthenName, out AuthenType, out ErrMsg); Log(String.Format("SPID:{0},Ticket:{1},CustID:{2},RealName:{3},UserName:{4},NickName:{5},OutID:{6},AuthenName:{7},AuthenType:{8},Result:{9},ErrMsg:{10}——【DateTime:{11}】", SPID, Ticket, CustID, RealName, UserName, NickName, OutID, AuthenName, AuthenType, Result, ErrMsg, DateTime.Now.ToString("yyyy-MM-dd HH:mm"))); if (Result == 0) { SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); UserToken UT = new UserToken(); string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); if (CommonUtility.IsParameterExist("ReturnUrl", this.Page)) { ReturnUrl = Request["ReturnUrl"]; String url = ""; if (ReturnUrl.IndexOf("?") > 0) { url = ReturnUrl + "&Ticket=" + Ticket; } else { url = ReturnUrl + "?Ticket=" + Ticket; } Response.Redirect(url); } Response.Redirect("http://www.118114.cn?Ticket=" + Ticket); } else { Response.Redirect("../ErrorInfo.aspx?ErrorInfo=" + ErrMsg); } } else { Response.Redirect("http://www.118114.cn"); } } catch (Exception ex) { ErrMsg += ex.Message; } finally { Log(String.Format("LoginTicket:{0},ErrMsg:{1}——【DateTime:{2}】", Ticket, ErrMsg, DateTime.Now.ToString("yyyy-MM-dd HH:mm"))); } }
public String ReturnUrl = String.Empty; // 业平台返回地址 protected void Page_Load(object sender, EventArgs e) { Response.AddHeader("P3P", "CP=CAO PSA OUR"); //ParseSPTokenRequest(); StringBuilder strLog = new StringBuilder(); #region SPTokenRequest = Request["SPTokenRequest"]; strLog.AppendFormat("-----------解析SPTokenRequest开始:-----------\r\n"); strLog.AppendFormat("Params: SPTokenRequest:{0}\r\n", SPTokenRequest); string TimeStamp = ""; string Digest = ""; try { string[] alSourceStr = SPTokenRequest.Split('$'); SPID = alSourceStr[0].ToString(); strLog.AppendFormat("SPID:{0}\r\n", SPID); SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string ScoreSystemSecret = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); strLog.AppendFormat("获取密钥:{0}\r\n", ScoreSystemSecret); string EncryptSourceStr = alSourceStr[1].ToString(); strLog.AppendFormat("密文:{0}\r\n", EncryptSourceStr); string RequestStr = CryptographyUtil.Decrypt(EncryptSourceStr.ToString(), ScoreSystemSecret); strLog.AppendFormat("解密.....\r\n"); strLog.AppendFormat("明文:{0}\r\n", RequestStr); string[] alRequest = RequestStr.Split('$'); //加密顺序:URLEncoding(SPID + "$" + Base64(Encrypt(CustId + "$" + ReturnURL + "$" + HeadFooter + "$" + TimeStamp + "$" + From+ "$" + Digest))) //Digest = Base64(Encrypt(Hash(CustId + "$"+ReturnURL +"$"+ HeadFooter "$"+TimeStamp+"$"+From))) CustID = alRequest[0].ToString(); strLog.AppendFormat("CustID:{0}\r\n", CustID); ReturnUrl = alRequest[1].ToString(); strLog.AppendFormat("ReturnURL:{0}\r\n", ReturnUrl); TimeStamp = alRequest[3].ToString(); strLog.AppendFormat("TimeStamp:{0}\r\n", TimeStamp); Digest = alRequest[5].ToString(); strLog.AppendFormat("Digest:{0}\r\n", Digest); //校验摘要 Digest 信息 string NewDigest = CryptographyUtil.GenerateAuthenticator(CustID + "$" + ReturnUrl + "$" + TimeStamp, ScoreSystemSecret); strLog.AppendFormat("NewDigest:{0}\r\n", NewDigest); if (Digest != NewDigest) { Result = ErrorDefinition.IError_Result_InValidAuthenticator_Code; ErrMsg = "无效的Digest"; strLog.AppendFormat("签名:result:{0},msg:{1}\r\n", Result, ErrMsg); } } catch (Exception ex) { Result = ErrorDefinition.IError_Result_System_UnknowError_Code; ErrMsg = ex.Message; strLog.AppendFormat("解析SPTokenRequest异常:{0},msg:{1}\r\n", Result, ErrMsg); } finally { strLog.AppendFormat("-----------解析SPTokenRequest结束:-----------\r\n"); log(strLog.ToString()); } #endregion string unifyPlatformWapRegisterUrl = UDBConstDefinition.DefaultInstance.UnifyPlatformWapRegisterUrl; //System.Configuration.ConfigurationManager.AppSettings["unifyPlatform_LogonUrl"]; // 综合平台回调客户信息平台地址 string appId = UDBConstDefinition.DefaultInstance.UnifyPlatformAppId; //System.Configuration.ConfigurationManager.AppSettings["unifyPlatform_appId"]; string returnURL = UDBConstDefinition.DefaultInstance.UnifyPlatformWapRegisterCallBackUrl; //System.Configuration.ConfigurationManager.AppSettings["unifyPlatformCallBackUrl"]; returnURL = HttpUtility.UrlEncode(returnURL + "?SPID=" + SPID + "&ReturnUrl=" + HttpUtility.UrlEncode(ReturnUrl)); unifyPlatformWapRegisterUrl = unifyPlatformWapRegisterUrl + "?appKey=" + appId + "&returnUrl=" + returnURL + "&needToken=true"; strLog.Append("pageLoad()\r\n"); strLog.AppendFormat("产品returnurl:{0}\r\n", ReturnUrl); strLog.AppendFormat("unifyPlatformWebRegisterUrl:{0}\r\n", unifyPlatformWapRegisterUrl); log(strLog.ToString()); if (Result == 0) { Response.Redirect(unifyPlatformWapRegisterUrl, false); } else { strLog.AppendFormat("解析token异常,终止操作:{0},msg:{1}\r\n", Result, ErrMsg); log(strLog.ToString()); } }
/// <summary> /// 开始UDBSSO功能 /// </summary> protected void BeginUDBSSO() { StringBuilder strMsg = new StringBuilder(); Int32 Result = ErrorDefinition.BT_IError_Result_UnknowError_Code; String ErrMsg = ErrorDefinition.BT_IError_Result_UnknowError_Msg; try { #region 获取参数并验证 SPID = Request["SPID"]; String temp_ReturnUrl = Request["ReturnUrl"] == null ? String.Empty : Request["ReturnUrl"]; PassportLoginResponseValue = Request["PassportLoginResponse"]; strMsg.AppendFormat("【验证参数,DateTime:{0}】:SPID:{1},PassportLoginResponse:{2},temp_ReturnUrl:{3}", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), SPID, PassportLoginResponseValue, temp_ReturnUrl); //根据SPID查询应用系统对应的UDBSPID信息 UDBSPInfoBO _udbspinfo_bo = new UDBSPInfoBO(); UDBSPInfo _udbspinfo_entity = _udbspinfo_bo.GetBySPID(SPID); if (_udbspinfo_entity != null) { UDBSPID = _udbspinfo_entity.UDBSPID; UDBKey = _udbspinfo_entity.UDBKey; ReturnUrl = _udbspinfo_entity.RedirectUrl; } else { UDBSPID = UDBConstDefinition.DefaultInstance.BesttoneUDBSPID; UDBKey = UDBConstDefinition.DefaultInstance.BesttoneUDBKey; ReturnUrl = UDBConstDefinition.DefaultInstance.UDBLoginSuccessRedirectUrl; } if (String.IsNullOrEmpty(ReturnUrl)) { //其他业务系统的Ticket解析页面是不固定的,通过参数ReturnUrl传递 ReturnUrl = temp_ReturnUrl; } else { //针对精品商城,精品商城的Ticket解析页面是固定的,是配在数据库中,而此时参数ReturnUrl及为最终认证成功的跳转页面 if (!String.IsNullOrEmpty(temp_ReturnUrl)) { if (ReturnUrl.IndexOf('?') >= 0) { ReturnUrl += "&ReturnUrl=" + HttpUtility.UrlEncode(temp_ReturnUrl); } else { ReturnUrl += "?ReturnUrl=" + HttpUtility.UrlEncode(temp_ReturnUrl); } } } strMsg.AppendFormat(",ReturnUrl:{0}", ReturnUrl); //根据客户信息平台的SPID,获取在客户信息平台的key SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); key = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); //解析PassportLoginResponseValue String[] tempArray = PassportLoginResponseValue.Split('$'); DesSsDeviceNo = tempArray[0]; String tempStr = CryptographyUtil.Decrypt(tempArray[1], UDBKey); String[] digestArray = tempStr.Split('$'); Result = Convert.ToInt32(digestArray[0]); UDBTicket = digestArray[1]; String timeStamp = digestArray[2]; String digest = digestArray[3]; String newDigest = CryptographyUtil.ToBase64String(CryptographyUtil.Hash(Result + DesSsDeviceNo + UDBTicket + timeStamp)); strMsg.AppendFormat(",DesSsDeviceNo:{0},Result:{1},UDBTicket{2},timeStamp:{3},digest:{4},newDigest:{5}\r\n", DesSsDeviceNo, Result, UDBTicket, timeStamp, digest, newDigest); if (!digest.Equals(newDigest)) { //digest不吻合,失败 strMsg.AppendFormat(",ErrMsg:{0}", "digest有误不匹配"); Redirect("ErrMsg", "digest有误不匹配"); } if (Result != 0) { //失败,则返回 strMsg.AppendFormat(",ErrMsg:{0}", "返回Ticket失败"); Redirect("ErrMsg", "返回Ticket失败"); } #endregion #region 根据UDBTkcket到UDB查询用户信息 strMsg.Append("【开始查询信息】:"); UDBAccountInfo accountInfo = new UDBAccountInfo(); //根据UDBTicket到UDB查询用户信息 Result = _UDBMBoss.AccountInfoQuery(UDBSPID, UDBSPID, UDBTicket, UDBKey, out accountInfo, out ErrMsg); accountInfo.SourceSPID = UDBConstDefinition.DefaultInstance.UDBSPID; strMsg.AppendFormat(",Result:{0},UserID:{1},UserIDType:{2},UserType:{3},PUserID:{4},Alias:{5},UserIDStatus:{6},UserIDSsStatus:{7},Description:{8},ProvinceID:{9},NumFlag:{10}\r\n", Result, accountInfo.UserID, accountInfo.UserIDType, accountInfo.UserType, accountInfo.PUserID, accountInfo.Alias, accountInfo.UserIDStatus, accountInfo.UserIDSsStatus, accountInfo.Description, accountInfo.ProvinceID, accountInfo.NumFlag); if (Result == 0) { String CustID, OuterID, Status, CustType, CustLevel, RealName, UserName, NickName, CertificateCode, CertificateType, Sex, Email, EnterpriseID, ProvinceID, AreaID, RegistrationSource; //检测对应用户是否在号百系统,不在,则注册进来 strMsg.Append("【开始注册到号百】:"); Result = UserRegistry.getUserRegistryUDB(accountInfo, out CustID, out ErrMsg); strMsg.AppendFormat("Result:{0},CustID:{1}\r\n", Result, CustID); //注册成功 if (Result == 0) { Result = CustBasicInfo.getCustInfo(SPID, CustID, out ErrMsg, out OuterID, out Status, out CustType, out CustLevel, out RealName, out UserName, out NickName, out CertificateCode, out CertificateType, out Sex, out Email, out EnterpriseID, out ProvinceID, out AreaID, out RegistrationSource); if (Result != 0) { strMsg.Append(",ErrMsg:客户不存在" + CustID); //客户不存在 Redirect("ErrMsg", "客户不存在"); } //生成token UserToken UT = new UserToken(); String userTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OuterID, CustType, accountInfo.UserID, UDBBusiness.ConvertAuthenType(accountInfo.NumFlag), key, out ErrMsg); String CookieName = ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(CookieName, userTokenValue, this.Page); //生成Ticket String ticket = CommonBizRules.CreateTicket(); Result = CIPTicketManager.insertCIPTicket(ticket, SPID, CustID, RealName, UserName, NickName, OuterID, "UDBTicket", accountInfo.UserID, UDBBusiness.ConvertAuthenType(accountInfo.NumFlag), out ErrMsg); strMsg.AppendFormat("【生成ticket】:Result:{0},Ticket:{1}", Result, ticket); if (Result != 0) { strMsg.Append(",ErrMsg:Ticket生成失败" + ticket); Redirect("ErrMsg", "Ticket生成失败"); } strMsg.Append(",Message:生成ticket成功,返回业务系统"); Redirect("Ticket", ticket); } else { strMsg.Append(",ErrMsg:用户注册到号百失败"); Redirect("ErrMsg", "用户注册到号百失败" + ErrMsg); } } else if (Result == 5) { strMsg.Append(",ErrMsg:用户已删除"); Redirect("ErrMsg", "用户已删除"); } else { strMsg.Append(",ErrMsg:查询用户信息失败"); Redirect("ErrMsg", "查询用户信息失败"); } #endregion } catch (Exception ex) { strMsg.AppendFormat(",ErrMsg:{0}", ex.Message); } finally { WriteLog(strMsg.ToString()); } }
protected void btn_OK_Click(object sender, EventArgs e) { if (CertificateType.Value != "") { certno.Style.Value = "display:block"; certnoL.Style.Value = "display:block"; } else { certno.Style.Value = "display:none"; certnoL.Style.Value = "display:none"; } this.areaInfoList.Value = resulttxt.Value.ToString(); SPID = Request["SPID"] == null ? ConstHelper.DefaultInstance.BesttoneSPID : HttpUtility.HtmlDecode(Request["SPID"]); ReturnUrl = Request["ReturnUrl"] == null ? ConstHelper.DefaultInstance.BesttoneLoginPage : HttpUtility.HtmlDecode(Request["ReturnUrl"]); string username = Request.Form["username"].ToString().Trim(); string fullname = Request.Form["fullname"].ToString().Trim(); string password = Request.Form["password"].ToString().Trim(); if (CommonUtility.IsEmpty(password)) { err_password.InnerHtml = "密码不能为空格"; return; } string telephone = Request.Form["telephone"].ToString().Trim(); string phonecode = Request.Form["phone_code"].ToString().Trim(); if (ViewState["phonestate"] == null) { ViewState["phonestate"] = Request.Form["phonestate"].ToString(); string a = (string)ViewState["phonestate"]; } string email = Request.Form["email"].ToString().Trim(); string NickName = Request.Form["NickName"].ToString(); string CertificateType1 = Request.Form["CertificateType"].ToString(); string certnoS = Request.Form["certno"].ToString().Trim(); string sex = Request.Form["sex"].ToString(); string birthday = Request.Form["birthday"].ToString().Trim(); string EduLevel = Request.Form["EduLevel"].ToString().Trim(); string IncomeLevel = Request.Form["IncomeLevel"].ToString(); string Province = stext.Value.ToString(); string Area = resulttxt.Value.ToString(); string ErrMsg = ""; int Result; //判断用户名是否存在 if (CustBasicInfo.IsExistUser(username) != 0) { err_username.InnerHtml = "该用户名已经存在"; return; } if (((string)ViewState["phonestate"]).Equals("0")) { //判断手机验证码 Result = PhoneBO.SelSendSMSMassage("", telephone, phonecode, out ErrMsg); if (Result != 0) { err_phone_code.InnerHtml = "手机验证码错误,请重新输入"; return; } //判断页面验证码 if (!CommonUtility.ValidateValidateCode(HttpUtility.HtmlDecode(Request.Form["page_code"].ToString().Trim().ToUpper()), this.Context)) { err_page_code.InnerHtml = "页面验证码错误,请重新输入"; return; } } //当为认证邮箱时,判断是否已经被绑定 if (Chk_Mail.Checked && !CommonUtility.IsEmpty(email)) { Result = SetMail.EmailSel("", email, SPID, out ErrMsg); if (Result != 0) { err_email.InnerHtml = "该邮箱已经被其他用户绑定"; return; } emailstate = "0"; } TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"); Result = UserRegistry.getUserRegistryWeb(SPID, username, fullname, password, telephone, (string)ViewState["phonestate"], email, emailstate, NickName, CertificateType1, certnoS, sex, birthday, EduLevel, IncomeLevel, Province, Area, out CustID, out ErrMsg); if (Result != 0) { //跳转至错误页面 if (Result == -30002) { Err_certno.InnerHtml = ErrMsg; } else { CommonBizRules.ErrorHappenedRedircet(Result, ErrMsg, "用户注册", this.Context); } return; } SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); string Digest = CryptographyUtil.GenerateAuthenticator(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg, key); string temp = SPID + "$" + CryptographyUtil.Encrypt(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg + "$" + Digest, key); string RegistryResponseValue = HttpUtility.UrlEncode(temp); //给用户写cookie UserToken UT = new UserToken(); string key2 = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); string UserTokenValue = UT.GenerateUserToken(CustID, fullname, username, NickName, "", "42", username, "1", key2, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); //给客户认证邮箱发EMAIL string m = CommonBizRules.EncryptEmailURl(CustID, email, this.Context); string url = "点击完成认证:<a href='" + m + "'>" + m + "</a>"; if (Chk_Mail.Checked && !CommonUtility.IsEmpty(email)) { DateTime datetime = DateTime.Now; SetMail.InsertEmailSendMassage(CustID, "1", url, "", 1, email, datetime, "", "中国电信号码百事通:激活邮箱", 0, out ErrMsg); } //通知积分平台 CIP2BizRules.InsertCustInfoNotify(CustID, "2", SPID, "", "0", out ErrMsg); //记登录日志 CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, "35", "0", "", "2", Result, ErrMsg); //跳转至成功页面 if (ReturnUrl.IndexOf("?") > 0) { CommonBizRules.SuccessRedirect(ReturnUrl + "&RegistryResponse=" + RegistryResponseValue, "成功注册", this.Context); } else { CommonBizRules.SuccessRedirect(ReturnUrl + "?RegistryResponse=" + RegistryResponseValue, "成功注册", this.Context); } }
protected void Submit1_Click(object sender, EventArgs e) { Response.AddHeader("P3P", "CP=CAO PSA OUR"); string AuthenType = HttpUtility.HtmlDecode(Request.Form["AuthenType"].ToString().Trim().ToUpper()); strLog.AppendFormat("AuthenType:{0}\r\n", AuthenType); PageUtility.SetCookie("AuthenType", AuthenType, 168); //168个小时,即一个礼拜 string AuthenName = Request.Form["username"]; string Password = Request.Form["password"]; string CustID = ""; string RealName = ""; string NickName = ""; string UserName = ""; string OutID = ""; string UserAccount = ""; string CustType = ""; string ProvinceID = UAProvinceID; try { strLog.AppendFormat("checkCode={0}", Request.Form["checkCode"]); if (!CommonUtility.ValidateValidateCode(HttpUtility.HtmlDecode(Request.Form["checkCode"].ToString().Trim()), this.Context)) { errorHint.InnerHtml = "验证码错误,请重新输入"; return; } strLog.Append("验证码校验通过\r\n"); strLog.AppendFormat("【开始验证】:SPID:{0},ProvinceID:{1},AuthenName:{2},AuthenType:{3}\r\n", SPID, ProvinceID, AuthenName, AuthenType); Result = UserAuthV2(SPID, AuthenName, AuthenType, Password, Context, ProvinceID, "", "", out ErrMsg, out CustID, out UserAccount, out CustType, out OutID, out ProvinceID, out RealName, out UserName, out NickName); //验证结果日志 strLog.AppendFormat("【验证结果】:CustID:{0},UserAcount:{1},CustType:{2},OutID:{3},ProvinceID:{4},RealName:{5},UserName:{6},NickName:{7},Result:{8},ErrMsg:{9}\r\n", CustID, UserAccount, CustType, OutID, ProvinceID, RealName, UserName, NickName, Result, ErrMsg); CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, ProvinceID, AuthenType, AuthenName, "2", Result, ErrMsg); if (Result != 0) { if (Result == 1001 || Result == -20504 || Result == -21553) { errorHint.InnerHtml = ErrMsg; //hint_Username.InnerHtml = ""; return; } if (Result == -21501) { errorHint.InnerHtml = ErrMsg; return; } Response.Write(ErrMsg); return; } SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); //生成token并保存 UserToken UT = new UserToken(); string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; //PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); PageUtility.SetCookie(CookieName, UserTokenValue); TokenValidate.IsRedircet = false; TokenValidate.Validate(); this.ssoFunc(); } catch (System.Exception ex) { strLog.AppendFormat(ex.ToString() + "\r\n"); }finally{ log(strLog.ToString()); } }
void DoCallback() { StringBuilder strLog = new StringBuilder(); if (CommonUtility.IsParameterExist("ReturnUrl", this.Page)) { ReturnUrl = Request["ReturnUrl"]; } else { //Logs.logSave("没有ReturnUrl返回"); strLog.AppendFormat("没有ReturnUrl返回\r\n"); } if (CommonUtility.IsParameterExist("code", this.Page)) { code = Request["code"]; } else { //Logs.logSave("没有code返回"); strLog.AppendFormat("没有code返回\r\n"); } if (CommonUtility.IsParameterExist("openid", this.Page)) { openid = Request["openid"]; } else { //Logs.logSave("没有openid返回"); strLog.AppendFormat("没有openid返回\r\n"); } if (CommonUtility.IsParameterExist("openkey", this.Page)) { openkey = Request["openkey"]; } else { //Logs.logSave("没有openkey返回"); strLog.AppendFormat("没有openkey返回\r\n"); } //写日志 //Logs.logSave("返回CODE结果:" + code+",返回的openid:"+openid+",返回的openkey:"+openkey); strLog.AppendFormat("返回CODE结果:" + code + ",返回的openid:" + openid + ",返回的openkey:" + openkey + "\r\n"); //==============通过Authorization Code和基本资料获取Access Token================= send_url = "https://open.t.qq.com/cgi-bin/oauth2/access_token?grant_type=authorization_code&client_id=" + client_id + "&client_secret=" + client_secret + "&code=" + code + "&state=" + state + "&redirect_uri=" + Utils.UrlEncode(redirect_uri); //https://open.t.qq.com/cgi-bin/oauth2/access_token?client_id=APP_KEY&client_secret=APP_SECRET&redirect_uri=http://www.myurl.com/example&grant_type=authorization_code&code=CODE send_url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&client_id=" + client_id + "&client_secret=" + client_secret + "&code=" + code + "&state=" + state + "&redirect_uri=" + Utils.UrlEncode(redirect_uri); //写日志 //Logs.logSave("第二步,通过Authorization Code获取Access Token,发送URL:" + send_url); strLog.AppendFormat("第二步,通过Authorization Code获取Access Token,发送URL:" + send_url + "\r\n"); //发送并接受返回值 rezult = HttpMethods.HttpGet(send_url); // 返回内容:access_token=7a0fae7d2183c0c54ef18589fffe6475&expires_in=604800&refresh_token=15a0d166120bda818cd0782c0b7a8c1a&name=huoxintang //写日志 //Logs.logSave("取得返回结果:" + rezult); strLog.AppendFormat("取得返回结果:" + rezult + "\r\n"); //如果失败 if (rezult.Contains("error")) { //出错了 //写日志 //Logs.logSave("出错了:" + rezult); strLog.AppendFormat("出错了:" + rezult + "\r\n"); HttpContext.Current.Response.End(); } else { //======================通过Access Token来获取用户的OpenID 这一步不需要 =======graph需要======= string[] parm = rezult.Split('&'); //取得 access_token access_token = parm[0].Split('=')[1]; //取得 过期时间 expires_in = parm[1].Split('=')[1]; //refresh_token = parm[2].Split('=')[1]; 用graph 可能没有refresh_token //拼接url send_url = "https://graph.qq.com/oauth2.0/me?access_token=" + access_token; //发送并接受返回值 rezult = HttpMethods.HttpGet(send_url); //写日志 //Logs.logSave("第三步,发送 access_token:" + send_url); strLog.AppendFormat("第三步,发送 access_token:" + send_url + "\r\n"); //如果失败 if (rezult.Contains("error")) { //出错了 //写日志 //Logs.logSave("出错了:" + rezult); strLog.AppendFormat("出错了:" + rezult + "\r\n"); HttpContext.Current.Response.End(); } //写日志 //Logs.logSave("得到返回结果:" + rezult); strLog.AppendFormat("得到返回结果:" + rezult + "\r\n"); //取得文字出现 int str_start = rezult.IndexOf('(') + 1; int str_last = rezult.LastIndexOf(')') - 1; //取得JSON字符串 rezult = rezult.Substring(str_start, (str_last - str_start)); //反序列化JSON Dictionary <string, string> _dic = JsonConvert.DeserializeObject <Dictionary <string, string> >(rezult); //取值 _dic.TryGetValue("client_id", out new_client_id); _dic.TryGetValue("openid", out openid); //储存获取数据用到的信息 HttpContext.Current.Session["access_token"] = access_token; HttpContext.Current.Session["client_id"] = client_id; HttpContext.Current.Session["openid"] = openid; HttpContext.Current.Session["openkey"] = openkey; // 这里张剑锋还拿到了 Level,NickName,Gender //========继续您的业务逻辑编程========================================== //取到 openId //openId与您系统的user数据进行关联 //一个openid对应一个QQ,一个openid也要对应到您系统的一个账号:QQ--OpenId--User; //这个时候有两种情况: //【1】您让用户绑定系统已有的用户,那么让用户输入用户名密码,找到该用户,然后绑定OpenId //【2】为用户生成一个系统用户,直接绑定OpenId //上面完成之后,设置用户的登录状态,完整绑定和登录 //=============通过Access Token和OpenID来获取用户资料 ==== send_url = "https://open.t.qq.com/api/user/info?access_token=" + access_token + "&oauth_consumer_key=" + client_id + "&openid=" + openid + "&openkey=" + openkey + "&oauth_version=2.a"; //https://open.t.qq.com/api/user/info?access_token=7a0fae7d2183c0c54ef18589fffe6475&oauth_consumer_key=801210600&openid=65FCC7BC2B69619BC13BCF6C16FB06C3&oauth_version=2.a&openkey=05FB5E1C75119B141BAD0444C6EA41CE send_url = "https://graph.qq.com/user/get_user_info?access_token=" + access_token + "&oauth_consumer_key=" + client_id + "&openid=" + openid + "&openkey=" + openkey + "&oauth_version=2.a"; //发送并接受返回值 //Logs.logSave("发送send_url:" + send_url); strLog.AppendFormat("发送send_url:" + send_url + "\r\n"); rezult = HttpMethods.HttpGet(send_url); //写日志 //Logs.logSave("第四步,通过get_user_info方法获取数据:" + send_url); //Logs.logSave("rezult:" + rezult); strLog.AppendFormat("第四步,通过get_user_info方法获取数据:" + send_url + "\r\n"); strLog.AppendFormat("rezult:" + rezult + "\r\n"); //反序列化JSON /** * Dictionary<string, object> _data = JsonConvert.DeserializeObject<Dictionary<string, object>>(rezult); * object jsondata = null; * _data.TryGetValue("data", out jsondata); * string js_data = jsondata.ToString(); * Dictionary<string, object> useinfo_data = JsonConvert.DeserializeObject<Dictionary<string, object>>(js_data); * object nick = null; * object j_openid = null; * object sex = null; * object province_code = null; * object head = null; * object j_name = null; * useinfo_data.TryGetValue("nick", out nick); * useinfo_data.TryGetValue("openid", out j_openid); * useinfo_data.TryGetValue("sex", out sex); * useinfo_data.TryGetValue("province_code", out province_code); * useinfo_data.TryGetValue("head", out head); * useinfo_data.TryGetValue("name", out j_name); * Logs.logSave("====================="); * Logs.logSave("nickname:" + nick.ToString()); * Logs.logSave("openid:"+j_openid.ToString()); * Logs.logSave("sex:"+sex.ToString()); * Logs.logSave("Province_code:" + province_code.ToString()); * Logs.logSave("head:" + head.ToString()); * Logs.logSave("name:" + j_name.ToString()); * //Logs.logSave("jsondata:" + jsondata); * **/ Dictionary <string, string> _dic2 = JsonConvert.DeserializeObject <Dictionary <string, string> >(rezult); string ret = "", msg = "", nickname = "", face = "", sex = "", ret_openid = "", ret_name = ""; //取值 _dic2.TryGetValue("ret", out ret); _dic2.TryGetValue("msg", out msg); //如果失败 if (ret != "0") { //出错了 //写日志 //Logs.logSave("出错了:" + rezult); strLog.AppendFormat("出错了:" + rezult + "\r\n"); //HttpContext.Current.Response.Write(rezult); HttpContext.Current.Response.End(); } _dic2.TryGetValue("nickname", out nickname); _dic2.TryGetValue("head", out face); _dic2.TryGetValue("gender", out sex); _dic2.TryGetValue("openid", out ret_openid); _dic2.TryGetValue("name", out ret_name); //写日志 ///Logs.logSave("得到返回结果:" + rezult); strLog.AppendFormat("得到返回结果:" + rezult + "\r\n"); //string newline = "<br>"; //string str = ""; //str += "openid:" + openid + newline; //str += "昵称:" + nickname + newline; //str += "名称:" + ret_name + newline; //str += "性别:" + sex + newline; //str += "默认头像:" + face + newline; //页面输出结果: //HttpContext.Current.Response.Write("返回结果如下:" + rezult + newline + newline); //HttpContext.Current.Response.Write("经过处理后:" + newline + str); /** * string newline = "<br>"; * string str = ""; * str += "openid:" + j_openid.ToString() + newline; * str += "昵称:" + nick.ToString() + newline; * str += "名称:" + j_name.ToString() + newline; * str += "性别:" + sex.ToString() + newline; * str += "默认头像:" + head.ToString() + newline; * str += "省份:" + province_code.ToString() + newline; **/ //页面输出结果: //HttpContext.Current.Response.Write("返回结果如下:" + rezult + newline + newline); //HttpContext.Current.Response.Write("经过处理后:" + newline + str); string CustID = QueryByOpenID(openid); if (String.IsNullOrEmpty(CustID)) // 已有绑定关系 { //直接单点登录 string AuthenName = ""; string AuthenType = ""; string RealName = ""; string NickName = ""; string UserName = ""; string OutID = ""; string UserAccount = ""; string CustType = ""; string ProvinceID = ""; string _connectionString = WebConfigurationManager.ConnectionStrings["BestToneCenterConStr"].ConnectionString; SqlConnection con = new SqlConnection(_connectionString); SqlCommand cmd = new SqlCommand("select RealName,UserName,NickName,OuterID,CustType,SourceSPID from custinfo where custid=@CustID", con); cmd.Parameters.Add("@CustID", SqlDbType.NVarChar, 16).Value = CustID; using (con) { con.Open(); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { RealName = (string)reader["RealName"]; UserName = (string)reader["UserName"]; NickName = (string)reader["NickName"]; OutID = (string)reader["OuterID"]; CustType = (string)reader["CustType"]; SPID = (string)reader["SourceSPID"]; } } SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); string ErrMsg = ""; //生成token并保存 UserToken UT = new UserToken(); string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(CookieName, UserTokenValue); TokenValidate.IsRedircet = false; TokenValidate.Validate(); //begin this.ssoFunc(); //Response.Redirect(ReturnUrl, true); //end } else // 未有绑定关系 (可能有号百账号-则去绑定,可能没有号百账号,则注册) { string SelectOauthAssertion = System.Configuration.ConfigurationManager.AppSettings["SelectOauthAssertion"]; SelectOauthAssertion = SelectOauthAssertion + "?code=" + openid + "&returnUrl=" + ReturnUrl + "&oauthtype=0"; // 0 代表qq 1代表sina Response.Redirect(SelectOauthAssertion, true); //SelectOauthAssertion 指向地址: http://sso.besttone.cn/SSO/boundingV2.action?code=***&returnUrl=*** //boundingV2.action 会forward到 他自己的一个auth.jsp ,这个jsp会嵌入两个iframe,其中一个iframe的src,指向客户信息平台的AuthBindLogin.aspx,另个iframe指向 客户信息平台的AuthRegister.aspx //同时分别带上SPTokenRequest和code参数,这个SPTokenRequest参数中的ReturnUrl } } log(strLog.ToString()); }
protected void BtnSubmit_Click(object sender, EventArgs e) { UserName = Request.Form["UserName"].ToString().Trim(); Password = Request.Form["Password"].ToString().Trim(); Password2 = Request.Form["Password2"].ToString().Trim(); try { Result = CustBasicInfo.IsExistUser(UserName); if (Result != 0) { errorHint.InnerHtml = "<script type='text/javascript'>showError('用户名已存在!')</script>"; return; } Result = UserRegistry.UserRegisterWebLowStint(SPID, UserName, Password, out CustID, out ErrMsg); if (Result == 0) { // 重定向到欢迎页面 String IPAddress = Request.UserHostAddress.ToString(); CommonBizRules.WriteTraceIpLog(CustID, UserName, SPID, IPAddress, "client_wap"); String youhuiquan_url = "http://www.114yg.cn/facadeHome.do?actions=facadeHome&method=sendCouponToRegist&wt=json&from=" + Device + "&custId=" + CustID; String jsonmsg = HttpMethods.HttpGet(youhuiquan_url); System.Collections.Generic.Dictionary <string, string> resuzt = Newtonsoft.Json.JsonConvert.DeserializeObject <System.Collections.Generic.Dictionary <string, string> >(jsonmsg); //{"returnCode":"00000"} string youhuiquan = ""; resuzt.TryGetValue("returnCode", out youhuiquan); String TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"); SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); String key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); String Digest = CryptographyUtil.GenerateAuthenticator(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg, key); String temp = SPID + "$" + CryptographyUtil.Encrypt(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg + "$" + Digest, key); String RegistryResponseValue = HttpUtility.UrlEncode(temp); //给用户写cookie UserToken UT = new UserToken(); String RealName = UserName; String NickName = UserName; string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, "", "42", UserName, "1", key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); CreateSPTokenRequest(); StringBuilder URL = new StringBuilder(); URL.Append("LowSintRegisterMSuccess.aspx?SPID="); Response.Redirect(URL.ToString() + SPID + "&SPTokenRequest=" + newSPTokenRequest, true); } else { errorHint.InnerHtml = "<script type='text/javascript'>showError('注册失败:" + ErrMsg + "')</script>"; return; } } catch (Exception exp) { errorHint.InnerHtml = "<script type='text/javascript'>showError('" + exp.ToString() + "!')</script>"; return; } }
//protected void ParseSPTokenRequest() //{ // if (CommonUtility.IsParameterExist("SPTokenRequest", this.Page)) // { // SPTokenRequest = Request["SPTokenRequest"]; // //解析请求参数 // Result = BeginParseSPToken(SPTokenRequest, this.Context, out SPID, out CustID, out ReturnUrl, out ErrMsg); // } //} //protected int BeginParseSPToken(string SourceStr, HttpContext context, out string SPID, out string CustID, // out string ReturnURL, out string ErrMsg) //{ // StringBuilder strLog = new StringBuilder(); // strLog.AppendFormat("-----------解析SPTokenRequest开始:-----------\r\n"); // strLog.AppendFormat("Params: SPTokenRequest:{0}\r\n", SourceStr); // int Result = ErrorDefinition.IError_Result_UnknowError_Code; // ErrMsg = ""; // SPID = ""; // CustID = ""; // ReturnURL = ""; // string TimeStamp = ""; // string Digest = ""; // try // { // string[] alSourceStr = SourceStr.Split('$'); // SPID = alSourceStr[0].ToString(); // strLog.AppendFormat("SPID:{0}\r\n", SPID); // SPInfoManager spInfo = new SPInfoManager(); // Object SPData = spInfo.GetSPData(context, "SPData"); // string ScoreSystemSecret = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); // strLog.AppendFormat("获取密钥:{0}\r\n", ScoreSystemSecret); // string EncryptSourceStr = alSourceStr[1].ToString(); // strLog.AppendFormat("密文:{0}\r\n", EncryptSourceStr); // string RequestStr = CryptographyUtil.Decrypt(EncryptSourceStr.ToString(), ScoreSystemSecret); // strLog.AppendFormat("解密.....\r\n"); // strLog.AppendFormat("明文:{0}\r\n", RequestStr); // string[] alRequest = RequestStr.Split('$'); // //加密顺序:URLEncoding(SPID + "$" + Base64(Encrypt(CustId + "$" + ReturnURL + "$" + HeadFooter + "$" + TimeStamp + "$" + From+ "$" + Digest))) // //Digest = Base64(Encrypt(Hash(CustId + "$"+ReturnURL +"$"+ HeadFooter "$"+TimeStamp+"$"+From))) // CustID = alRequest[0].ToString(); // strLog.AppendFormat("CustID:{0}\r\n", CustID); // ReturnURL = alRequest[1].ToString(); // strLog.AppendFormat("ReturnURL:{0}\r\n", ReturnURL); // TimeStamp = alRequest[3].ToString(); // strLog.AppendFormat("TimeStamp:{0}\r\n", TimeStamp); // Digest = alRequest[5].ToString(); // strLog.AppendFormat("Digest:{0}\r\n", Digest); // //校验摘要 Digest 信息 // string NewDigest = CryptographyUtil.GenerateAuthenticator(CustID + "$" + ReturnURL + "$" + TimeStamp, ScoreSystemSecret); // strLog.AppendFormat("NewDigest:{0}\r\n", NewDigest); // if (Digest != NewDigest) // { // Result = ErrorDefinition.IError_Result_InValidAuthenticator_Code; // ErrMsg = "无效的Digest"; // return Result; // } // Result = 0; // } // catch (Exception e) // { // Result = ErrorDefinition.IError_Result_System_UnknowError_Code; // ErrMsg = e.Message; // } // finally // { // strLog.AppendFormat("-----------解析SPTokenRequest结束:-----------\r\n"); // log(strLog.ToString()); // } // return Result; //} protected int BeginParseSPToken(string SourceStr, HttpContext context, out string SPID, out string CustID, out string HeadFooter, out string ReturnURL, out string From, out string ErrMsg) { StringBuilder strLog = new StringBuilder(); strLog.AppendFormat("-----------解析SPTokenRequest开始:-----------\r\n"); strLog.AppendFormat("Params: SPTokenRequest:{0}\r\n", SourceStr); int Result = ErrorDefinition.IError_Result_UnknowError_Code; ErrMsg = ""; SPID = ""; CustID = ""; HeadFooter = ""; ReturnURL = ""; From = ""; string TimeStamp = ""; string Digest = ""; try { string[] alSourceStr = SourceStr.Split('$'); SPID = alSourceStr[0].ToString(); strLog.AppendFormat("SPID:{0}\r\n", SPID); SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(context, "SPData"); string ScoreSystemSecret = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); strLog.AppendFormat("获取密钥:{0}\r\n", ScoreSystemSecret); string EncryptSourceStr = alSourceStr[1].ToString(); strLog.AppendFormat("密文:{0}\r\n", EncryptSourceStr); string RequestStr = CryptographyUtil.Decrypt(EncryptSourceStr.ToString(), ScoreSystemSecret); strLog.AppendFormat("解密.....\r\n"); strLog.AppendFormat("明文:{0}\r\n", RequestStr); string[] alRequest = RequestStr.Split('$'); //加密顺序:URLEncoding(SPID + "$" + Base64(Encrypt(CustId + "$" + ReturnURL + "$" + HeadFooter + "$" + TimeStamp + "$" + From+ "$" + Digest))) //Digest = Base64(Encrypt(Hash(CustId + "$"+ReturnURL +"$"+ HeadFooter "$"+TimeStamp+"$"+From))) CustID = alRequest[0].ToString(); strLog.AppendFormat("CustID:{0}\r\n", CustID); ReturnURL = alRequest[1].ToString(); strLog.AppendFormat("ReturnURL:{0}\r\n", ReturnURL); HeadFooter = alRequest[2].ToString(); strLog.AppendFormat("HeadFooter:{0}\r\n", HeadFooter); TimeStamp = alRequest[3].ToString(); strLog.AppendFormat("TimeStamp:{0}\r\n", TimeStamp); From = alRequest[4].ToString(); strLog.AppendFormat("From:{0}\r\n", From); Digest = alRequest[5].ToString(); strLog.AppendFormat("Digest:{0}\r\n", Digest); //校验摘要 Digest 信息 string NewDigest = CryptographyUtil.GenerateAuthenticator(CustID + "$" + ReturnURL + "$" + HeadFooter + "$" + TimeStamp + "$" + From, ScoreSystemSecret); strLog.AppendFormat("NewDigest:{0}\r\n", NewDigest); if (Digest != NewDigest) { Result = ErrorDefinition.IError_Result_InValidAuthenticator_Code; ErrMsg = "无效的Digest"; return(Result); } Result = 0; } catch (Exception e) { Result = ErrorDefinition.IError_Result_System_UnknowError_Code; ErrMsg = e.Message; } finally { strLog.AppendFormat("-----------解析SPTokenRequest结束:-----------\r\n"); log(strLog.ToString()); } return(Result); }
//6.1 //protected void Page_Load(object sender, EventArgs e) //{ // CheckToken(); //} protected void Page_Load(object sender, EventArgs e) { StringBuilder strLog = new StringBuilder(); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; isLogin = "******"; welcomeName = "0"; encryptCustIDValue = "0"; if (PageUtility.IsCookieExist(CookieName, this.Context)) { SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); UserToken UT = new UserToken(); string strCIPToken = Request.Cookies.Get(CookieName).Value; string custID; string realName; string userName; string nickName; //string outerID; string custType; string loginAuthenName; string loginAuthenType; string TimeStamp = ""; string SPID = ""; string errMsg = ""; int result = 0; try { log("custinfo 解:" + String.Format("token:{0}", strCIPToken)); result = UT.ParseUserToken(strCIPToken, key, out custID, out realName, out userName, out nickName, out outerID, out custType, out loginAuthenName, out loginAuthenType, out errMsg); log("result=" + result + ";custID=" + custID + ";outerID=" + outerID + "\r\n"); if (result == 0) { isLogin = "******"; if (realName != null && !"".Equals(realName)) { welcomeName = realName; } else if (nickName != null && !"".Equals(nickName)) { welcomeName = nickName; } else if (userName != null && !"".Equals(userName)) { welcomeName = userName; } else if (!String.IsNullOrEmpty(loginAuthenName)) { welcomeName = loginAuthenName; } } try { if (!String.IsNullOrEmpty(custID)) { int _result = 0; string _errMsg = ""; PhoneRecord[] prs = this.getPhoneRecord(custID, out _result, out _errMsg); if (prs != null) { if (prs.Length > 0) { Phone = prs[0].Phone; } } } } catch (Exception pe) { log(pe.Message); } log("SPID 解:" + Request["SPID"]); if (CommonUtility.IsParameterExist("SPID", this.Page)) { TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"); SPID = Request["SPID"]; spInfo = new SPInfoManager(); SPData = spInfo.GetSPData(this.Context, "SPData"); key = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); string Digest = CryptographyUtil.GenerateAuthenticator(TimeStamp + "$" + custID + "$" + result + "$" + errMsg, key); encryptCustIDValue = SPID + "$" + CryptographyUtil.Encrypt(TimeStamp + "$" + custID + "$" + result + "$" + errMsg + "$" + Digest, key); //string RegistryResponseValue = HttpUtility.UrlEncode(temp); } } catch (System.Exception ex) { log(ex.ToString()); } } else { // 不是从登陆入口进入,而是从别的平台(比如189.cn)单点登录过来的 //综合平台渠道udb渠道控制 String UDBorUnifyPlatform = String.Empty; try { SqlConnection conn = new SqlConnection(DBUtility.BestToneCenterConStr); StringBuilder sql = new StringBuilder(); sql.Append("select platform_name from udb_authen_platform where flag=1 "); // 1生效 0 失效 SqlCommand cmd = new SqlCommand(sql.ToString(), conn); using (conn) { conn.Open(); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { UDBorUnifyPlatform = (String)reader["platform_name"]; } } } catch (Exception ex) { UDBorUnifyPlatform = System.Configuration.ConfigurationManager.AppSettings["UDBorUnifyPlatform"]; strLog.AppendFormat("UDBorUnifyPlatform异常:{0}\r\n", ex.ToString()); } strLog.AppendFormat("UDBorUnifyPlatform:{0}\r\n", UDBorUnifyPlatform); //单双向sso控制 String ssoway = String.Empty; try { SqlConnection conn = new SqlConnection(DBUtility.BestToneCenterConStr); StringBuilder sql = new StringBuilder(); sql.Append("select ssoway from unifyAuthen "); // 1生效 0 失效 SqlCommand cmd = new SqlCommand(sql.ToString(), conn); using (conn) { conn.Open(); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { ssoway = (String)reader["ssoway"]; } } } catch (Exception ex) { strLog.AppendFormat("ssoway异常:{0}\r\n", ex.ToString()); ssoway = "1"; } strLog.AppendFormat("ssoway:{0}\r\n", ssoway); log(strLog.ToString()); if (!String.IsNullOrEmpty(UDBorUnifyPlatform)) { if (UDBorUnifyPlatform.ToLower().Equals("unifyplatform") && ssoway.Equals("2")) //双向sso { //检查登录状态 if (!CommonUtility.IsParameterExist("UnifyAccountCheckResult", this.Page)) { string TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"); string appId = UDBConstDefinition.DefaultInstance.UnifyPlatformAppId; //System.Configuration.ConfigurationManager.AppSettings["unifyPlatform_appId"]; string appSecret = UDBConstDefinition.DefaultInstance.UnifyPlatformAppSecret; //System.Configuration.ConfigurationManager.AppSettings["unifyPlatform_appSecretKey"]; string version = UDBConstDefinition.DefaultInstance.UnifyPlatformVersion; //System.Configuration.ConfigurationManager.AppSettings["unifyPlatform_version"]; string clientType = UDBConstDefinition.DefaultInstance.UnifyPlatformClientType; //System.Configuration.ConfigurationManager.AppSettings["unifyPlatform_clientType"]; string accountType = UDBConstDefinition.DefaultInstance.UnifyPlatformAccountType; string format = "redirect"; String returnURL = HttpUtility.UrlEncode(UDBConstDefinition.DefaultInstance.UnifyAccountCheckCallBackUrl + "?SPID=35000000"); string parameters = "&timeStamp=" + TimeStamp + "&accoutType=" + accountType + "&returnURL=" + returnURL; strLog.AppendFormat("参数:{0}\r\n", parameters); string paras = CryptographyUtil.XXTeaEncrypt(parameters, appSecret); strLog.AppendFormat("参数:{0},paras:{1}\r\n", parameters, paras); string sign = CryptographyUtil.HMAC_SHA1(appId + clientType + format + version + paras, appSecret); strLog.AppendFormat("sign:{0}\r\n", sign); String UnifyAccountCheckUrl = UDBConstDefinition.DefaultInstance.UnifyAccountCheckUrl; UnifyAccountCheckUrl = UnifyAccountCheckUrl + "?appId=" + appId + "&version=" + version + "&clientType=" + clientType + "¶s=" + paras + "&sign=" + sign + "&format=redirect"; strLog.AppendFormat(" Redirect to UnifyAccountCheckUrl:{0}\r\n", UnifyAccountCheckUrl); log(strLog.ToString()); Response.Redirect(UnifyAccountCheckUrl, false); } } } else { } } }
protected void Page_Load(object sender, EventArgs e) { String urlParam = Request["UrlParam"] == null ? String.Empty : HttpUtility.UrlDecode(Request["UrlParam"]); if (String.IsNullOrEmpty(urlParam)) { this.ResetPanel.Visible = false; this.MsgPanel.Visible = true; } else { this.ResetPanel.Visible = true; this.MsgPanel.Visible = false; try { //解析并获取参数 String DecryptParam = CryptographyUtil.Decrypt(Encoding.UTF8.GetString(CryptographyUtil.FromBase64String(urlParam))); String[] paramArray = DecryptParam.Split('$'); String spid = paramArray[0]; String custid = paramArray[1]; String email = paramArray[2]; String returnUrl = String.IsNullOrEmpty(paramArray[3]) ? ConstHelper.DefaultInstance.BesttoneLoginPage : paramArray[3]; String authenCode = paramArray[4]; String timeTamp = paramArray[5]; String digest = paramArray[6]; this.hdCustID.Value = custid; this.hdEmail.Value = email; this.hdAuthenCode.Value = authenCode; //对参数进行验证 SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); String key = spInfo.GetPropertyBySPID(spid, "SecretKey", SPData); String NewDigest = CryptographyUtil.GenerateAuthenticator(spid + "$" + custid + "$" + email + "$" + returnUrl + "$" + authenCode + "$" + timeTamp, key); //看是否过期 DateTime sendMailTime = Convert.ToDateTime(timeTamp); Int32 expiredHour = ConstHelper.DefaultInstance.ResetPwdExpiredHour; //签名不正确 if (String.Equals(digest, NewDigest) == false || (sendMailTime.AddHours(expiredHour) < DateTime.Now)) { this.ResetPanel.Visible = false; this.MsgPanel.Visible = true; } else { String ErrMsg = String.Empty; Int32 result = SetMail.CheckEmaklSend(custid, email, authenCode, out ErrMsg); if (result == 0) { this.hdCustID.Value = custid; this.hdReturnUrl.Value = returnUrl; } else { this.ResetPanel.Visible = false; this.MsgPanel.Visible = true; } } } catch (Exception ex) { this.ResetPanel.Visible = false; this.MsgPanel.Visible = true; } } }
protected void register_Click(object sender, EventArgs e) { StringBuilder strLog = new StringBuilder(); try { logger.Info("RegisterAllInOne-注册来源:" + HttpContext.Current.Request.RawUrl); Response.AddHeader("P3P", "CP=CAO PSA OUR"); strLog.AppendFormat("----------------------注册事件开始:------------------\r\n"); strLog.AppendFormat("SPID:{0}\r\n", SPID); strLog.AppendFormat("ReturnUrl:{0}\r\n", ReturnUrl); PassWord = Request.Form["password"].ToString().Trim(); strLog.AppendFormat("PassWord:{0}\r\n", PassWord); Mobile = Request.Form["mobile"].ToString().Trim(); strLog.AppendFormat("mobile:{0}\r\n", Mobile); CheckPhoneCode = Request.Form["checkCode"].ToString().Trim(); strLog.AppendFormat("checkCode:{0}\r\n", CheckPhoneCode); Email = Request.Form["email"].ToString().Trim(); UserName = Request.Form["userName"].ToString().Trim(); strLog.AppendFormat("ViewState[phonestate]:{0}\r\n", ViewState["phonestate"]); strLog.AppendFormat("Request.Form[phonestate]:{0}\r\n", Request.Form["phonestate"]); if (ViewState["phonestate"] == null) { ViewState["phonestate"] = Request.Form["phonestate"].ToString(); string a = (string)ViewState["phonestate"]; } if (((string)ViewState["phonestate"]).Equals("0")) { strLog.AppendFormat("phonestate==0\r\n"); //判断手机验证码 string needCheckCode = "0"; //ConfigurationManager.AppSettings["needCheckCode"]; strLog.AppendFormat("判断手机验证码\r\n"); //strLog.AppendFormat("needCheckCode:{0}\r\n}", needCheckCode); if ("0".Equals(needCheckCode)) { //strLog.AppendFormat("needCheckCode==0"); Result = PhoneBO.SelSendSMSMassage("", Mobile, CheckPhoneCode, out ErrMsg); if (Result != 0) { strLog.AppendFormat("手机验证码验证错误\r\n"); hintCode.InnerHtml = "手机验证码错误,请重新输入"; // 这里如何控制样式 return; } strLog.AppendFormat("手机验证码验证无误\r\n"); } //strLog.AppendFormat("does not needCheckCode:{0}\r\n}", needCheckCode); } //strLog.AppendFormat("phonestate!=0 \r\n"); strLog.AppendFormat("-----------------quickUserRegistryWeb begin------------------\r\n"); Result = UserRegistry.quickUserRegistryWebV3(SPID, PassWord, Mobile, (string)ViewState["phonestate"], UserName, Email, out CustID, out ErrMsg); if (Result != 0) { strLog.AppendFormat("注册失败!\r\n"); CommonBizRules.ErrorHappenedRedircet(Result, ErrMsg, "用户注册", this.Context); return; } strLog.AppendFormat("注册成功!\r\n"); //短信通知 // string VoicePwdSPID = System.Configuration.ConfigurationManager.AppSettings["VoicePwd_SPID"]; // int SIP1 = VoicePwdSPID.IndexOf(SPID); String SMS_Message = String.Empty; // if (SIP1 >= 0) // { SMS_Message = "恭喜您成为号码百事通会员!请妥善保管您的密码;如需帮助请联系:4008-118114。"; //通知短信网关 //CommonBizRules.SendMessageV3(Mobile, SMS_Message, SPID); //2013-11-19 注释掉 // } strLog.AppendFormat("检查邮箱是否需要发送\r\n"); if (!String.IsNullOrEmpty(Email)) { SendEmail(CustID, Email); } strLog.AppendFormat("写Cookie\r\n"); String TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:ta:ss"); SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); String key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); String Digest = CryptographyUtil.GenerateAuthenticator(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg, key); String temp = SPID + "$" + CryptographyUtil.Encrypt(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg + "$" + Digest, key); String RegistryResponseValue = HttpUtility.UrlEncode(temp); //给用户写cookie UserToken UT = new UserToken(); String RealName = Mobile; String NickName = Mobile; string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, "", "42", UserName, "1", key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); //通知积分平台 //strLog.AppendFormat("通知积分平台,CustID:{0}\r\n", CustID); CIP2BizRules.InsertCustInfoNotify(CustID, "2", SPID, "", "0", out ErrMsg); strLog.AppendFormat("写入数据库日志\r\n"); //记登录日志 CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, "35", "0", "", "2", Result, ErrMsg); strLog.AppendFormat("-----------------quickUserRegistryWeb end------------------\r\n"); strLog.AppendFormat("是否开户\r\n"); strLog.AppendFormat("--------------------openBestToneAccount begin------------------------\r\n"); String hid_openAccount = Request.Form["hid_openAccount"].ToString().Trim(); //strLog.AppendFormat("hid_openAccount:{0}\r\n", hid_openAccount); if ("1".Equals(hid_openAccount)) { strLog.AppendFormat("hid_openAccount==1 需要开户\r\n"); // 开户要做的事情 需要前面注册获得的custID string BindedBestpayAccount = ""; string CreateTime = ""; strLog.AppendFormat("先查看该CustID:{0}头上是否有账户\r\n", CustID); int IsBesttoneAccountBindV5Result = CIP2BizRules.IsBesttoneAccountBindV5(CustID, out BindedBestpayAccount, out CreateTime, out ErrMsg); //strLog.AppendFormat("查看结果:IsBesttoneAccountBindV5Result:{0},BindedBestpayAccount:{1},CreateTime:{2},ErrMsg:{3}\r\n", IsBesttoneAccountBindV5Result, BindedBestpayAccount, CreateTime, ErrMsg); if (IsBesttoneAccountBindV5Result == 0) { //strLog.AppendFormat("IsBesttoneAccountBindV5Result==0,该CustID:{0}头上有账户BindedBestpayAccount:{1}\r\n", CustID, BindedBestpayAccount); Response.Redirect("ErrorInfo.aspx?ErrorInfo=该账户绑定关系未解除,请联系管理人员!"); } strLog.AppendFormat("该CustID:{0}头上无绑定账户\r\n", CustID); String TransactionID = BesttoneAccountHelper.CreateTransactionID(); AccountItem ai = new AccountItem(); string ResponseCode = ""; BestToneAccount = Request.Form["mobile"].ToString().Trim(); //strLog.AppendFormat("开户账号:{0}\r\n", BestToneAccount); realName = Request.Form["realName"].ToString().Trim(); //strLog.AppendFormat("realName:{0}\r\n", realName); certnum = Request.Form["certnum"].ToString().Trim(); //strLog.AppendFormat("certnum:{0}\r\n", certnum); strLog.AppendFormat("去翼支付查看该账号是否已经存在\r\n"); int QueryBesttoneAccountResult = BesttoneAccountHelper.BesttoneAccountInfoQuery(BestToneAccount, out ai, out ResponseCode, out ErrMsg); //strLog.AppendFormat("查看结果 QueryBesttoneAccountResult:{0},ResponseCode:{1},ErrMsg:{2}\r\n", QueryBesttoneAccountResult, ResponseCode, ErrMsg); if (QueryBesttoneAccountResult == 0) { if ("200010".Equals(ResponseCode)) // 未开户 { strLog.AppendFormat("200010-未开户\r\n"); strLog.AppendFormat("准备开户\r\n"); //strLog.AppendFormat("开户前日志参数:SPID:{0},TransactionID:{1},CustID:{2},BestToneAccount:{3}\r\n", SPID, TransactionID, BestToneAccount); UserRegistry.BeforeCreateBesttoneAccount(SPID, TransactionID, CustID, BestToneAccount, out ErrMsg); //strLog.AppendFormat("日志结果 ErrMsg:{0} \r\n", ErrMsg); strLog.AppendFormat("开户...\r\n"); Result = BesttoneAccountHelper.RegisterBesttoneAccount(BestToneAccount, realName, BestToneAccount, "", sex, "1", certnum, TransactionID, out ErrMsg); //strLog.AppendFormat("开户结果:Result:{0},ErrMsg:{1},TransactionID:{2}\r\n", Result, ErrMsg, TransactionID); if (Result == 0) { //strLog.AppendFormat("开户成功\r\n,准备去将账户{0}绑定到{1}上\r\n", BestToneAccount, CustID); int BindResult = UserRegistry.CreateBesttoneAccount(SPID, CustID, BestToneAccount, out ErrMsg); //strLog.AppendFormat("绑定结果:BindResult:{0},ErrMsg:{1}上\r\n", BindResult, ErrMsg); if (BindResult == 0) { strLog.AppendFormat("开户后日志\r\n"); UserRegistry.AfterCreateBesttoneAccount(SPID, TransactionID, CustID, BestToneAccount, out ErrMsg); int retWriteBack = UserRegistry.WriteBackBestToneAccountToCustInfo(SPID, CustID, realName, certnum, out ErrMsg); //strLog.AppendFormat("开户后日志结果:ErrMsg:{0}\r\n", ErrMsg); Response.Redirect("NewOpenAccountResult.aspx?SPTokenRequest=" + HttpUtility.UrlEncode(SPTokenRequest) + "&CreateBesttoneAccountResult=0&RegistryResponse=" + HttpUtility.UrlEncode(RegistryResponseValue), true); } else { Response.Redirect("ErrorInfo.aspx?ErrorInfo=" + ErrMsg); } } else { Response.Redirect("ErrorInfo.aspx?ErrorInfo=" + ErrMsg); } } else { // 账户已存在 strLog.AppendFormat("账户已经存在\r\n"); strLog.AppendFormat("仅仅做绑定\r\n"); UserRegistry.OnlyBindingBesttoneAccount(SPID, TransactionID, CustID, BestToneAccount, out ErrMsg); int BindResult = UserRegistry.CreateBesttoneAccount(SPID, CustID, BestToneAccount, out ErrMsg); //strLog.AppendFormat("绑定结果:ErrMsg:{0}\r\n", ErrMsg); if (BindResult == 0) { UserRegistry.AfterCreateBesttoneAccount(SPID, TransactionID, CustID, BestToneAccount, out ErrMsg); int retWriteBack = UserRegistry.WriteBackBestToneAccountToCustInfo(SPID, CustID, realName, certnum, out ErrMsg); Response.Redirect("NewOpenAccountResult.aspx?SPTokenRequest=" + HttpUtility.UrlEncode(SPTokenRequest) + "&CreateBesttoneAccountResult=0&RegistryResponse=" + HttpUtility.UrlEncode(RegistryResponseValue), true); } else { Response.Redirect("ErrorInfo.aspx?ErrorInfo=" + ErrMsg); } } } else { Response.Redirect("ErrorInfo.aspx?ErrorInfo=" + ErrMsg); } } //不需要开户 //这里应该先到一个结果页面,并将ReturnUrl传给结果页面,结果页面倒计时3秒后自动跳转到ReturnUrl,根据注册和开户跳转到不同的结果页面 if (ReturnUrl.IndexOf("?") > 0) { Response.Redirect(ReturnUrl + "&RegistryResponse=" + RegistryResponseValue, false); } else { Response.Redirect(ReturnUrl + "?RegistryResponse=" + RegistryResponseValue, false); } } catch (Exception ex) { strLog.AppendFormat(ex.ToString()); Response.Redirect("ErrorInfo.aspx?ErrorInfo=" + ex.ToString()); } finally { log(strLog.ToString()); } }
protected void register_Click(object sender, EventArgs e) { Response.AddHeader("P3P", "CP=CAO PSA OUR"); UserName = Request.Form["userName"].ToString().Trim(); PassWord = Request.Form["password"].ToString().Trim(); PassWord2 = Request.Form["password2"].ToString().Trim(); checkCode = Request.Form["checkCode"].ToString().Trim(); String IPAddress = Request.UserHostAddress.ToString(); System.Net.HttpWebRequest request = (System.Net.HttpWebRequest)System.Net.WebRequest.Create(Request.Url.AbsoluteUri); StringBuilder sbLog = new StringBuilder(); sbLog.AppendFormat("userName:{0}\r\n", UserName); sbLog.AppendFormat("password:{0}\r\n", PassWord); sbLog.AppendFormat("password2:{0}\r\n", PassWord2); sbLog.AppendFormat("checkCode:{0}\r\n", checkCode); try { if (!CommonUtility.ValidateValidateCode(HttpUtility.HtmlDecode(checkCode), this.Context)) { //hintError提示错误验证码校验未通过 errorHint.InnerHtml = "验证码校验未通过!"; sbLog.AppendFormat("验证码校验未通过!"); return; } if (!PassWord2.Equals(PassWord)) { errorHint.InnerHtml = "密码不一致!"; return; } Result = CustBasicInfo.IsExistUser(UserName); if (Result != 0) { errorHint.InnerHtml = "用户名已经存在!"; return; } Result = UserRegistry.UserRegisterWebLowStint(SPID, UserName, PassWord, out CustID, out ErrMsg); if (Result == 0) { //记录注册来源ip地址 CommonBizRules.WriteTraceIpLog(CustID, UserName, SPID, IPAddress, "web_zc"); if ("35433334".Equals(SPID)) { String youhuiquan_url = "http://www.114yg.cn/facadeHome.do?actions=facadeHome&method=sendCouponToRegist&wt=json&from=web&custId=" + CustID; String jsonmsg = HttpMethods.HttpGet(youhuiquan_url); System.Collections.Generic.Dictionary <string, string> resuzt = Newtonsoft.Json.JsonConvert.DeserializeObject <System.Collections.Generic.Dictionary <string, string> >(jsonmsg); //{"returnCode":"00000"} string youhuiquan = ""; resuzt.TryGetValue("returnCode", out youhuiquan); } // 重定向到欢迎页面 sbLog.AppendFormat("注册成功:{0}\r\n", Result); String TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"); SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); String key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); String Digest = CryptographyUtil.GenerateAuthenticator(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg, key); String temp = SPID + "$" + CryptographyUtil.Encrypt(TimeStamp + "$" + CustID + "$" + Result + "$" + ErrMsg + "$" + Digest, key); String RegistryResponseValue = HttpUtility.UrlEncode(temp); sbLog.Append("给用户写Cookie\r\n"); //给用户写cookie UserToken UT = new UserToken(); String RealName = UserName; String NickName = UserName; string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, "", "42", UserName, "1", key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); sbLog.Append("创建新的SPTokenRequest\r\n"); CreateSPTokenRequest(); StringBuilder URL = new StringBuilder(); String RegisterInLowstintSuccessURL = ConfigurationManager.AppSettings["RegisterInLowstintSuccessURL"].ToString(); //// 邮箱指向authenv2.aspx if (String.IsNullOrEmpty(RegisterInLowstintSuccessURL)) { RegisterInLowstintSuccessURL = "RegisterSuccessV2.aspx?SPID="; } URL.Append(RegisterInLowstintSuccessURL); //Response.Redirect(URL.ToString() + SPID + "&ReturnUrl=" + ReturnUrl + "&SPTokenRequest=" + newSPTokenRequest, false); //用Redirect 无法从request 的refer 中获得从哪个页面来的 // Server.Transfer //Server.Transfer方法把执行流程从当前的ASPX文件转到同一服务器上的另一个ASPX页面。调用Server.Transfer时,当前的ASPX页面终止执行,执行流程转入另一个ASPX页面,但新的ASPX页面仍使用前一ASPX页面创建的应答流。 //如果用Server.Transfer方法实现页面之间的导航,浏览器中的URL不会改变,因为重定向完全在服务器端进行,浏览器根本不知道服务器已经执行了一次页面变换。 //默认情况下,Server.Transfer方法不会把表单数据或查询字符串从一个页面传递到另一个页面,但只要把该方法的第二个参数设置成True,就可以保留第一个页面的表单数据和查询字符串。 //同时,使用Server.Transfer时应注意一点:目标页面将使用原始页面创建的应答流,这导致ASP.NET的机器验证检查(Machine Authentication Check,MAC)认为新页面的ViewState已被篡改。因此,如果要保留原始页面的表单数据和查询字符串集合,必须把目标页面Page指令的EnableViewStateMac属性设置成False。 sbLog.Append("重定向:"); //Response.Redirect(URL.ToString() + SPID + "&ReturnUrl=" + ReturnUrl + "&SPTokenRequest=" + newSPTokenRequest, true); Server.Transfer(URL.ToString() + SPID + "&ReturnUrl=" + ReturnUrl + "&SPTokenRequest=" + newSPTokenRequest, true); } else { sbLog.AppendFormat("注册失败:{0}\r\n", ErrMsg); errorHint.InnerHtml = "注册失败:" + ErrMsg; return; } } catch (Exception ex) { sbLog.Append(ex.Message); errorHint.InnerHtml = ex.ToString(); return; //重定向到错误页面 } finally { log(sbLog.ToString()); } }
protected void Page_Load(object sender, EventArgs e) { if (CommonUtility.IsParameterExist("ReturnUrl", this.Page)) { ReturnUrl = Request["ReturnUrl"]; } else { Logs.logSave("没有ReturnUrl返回"); } if (string.IsNullOrEmpty(cookie["AccessToken"])) { Response.Redirect("SinaLogin.aspx"); } else { Sina = new Client(new OAuth(ConfigurationManager.AppSettings["AppKey"], ConfigurationManager.AppSettings["AppSecret"], cookie["AccessToken"], null)); //用cookie里的accesstoken来实例化OAuth,这样OAuth就有操作权限了 } UserID = Sina.API.Account.GetUID(); string CustID = QueryByOpenID(UserID); if (String.IsNullOrEmpty(CustID)) // 已有绑定关系 { //直接单点登录 string AuthenName = ""; string AuthenType = ""; string RealName = ""; string NickName = ""; string UserName = ""; string OutID = ""; string UserAccount = ""; string CustType = ""; string ProvinceID = ""; string _connectionString = WebConfigurationManager.ConnectionStrings["BestToneCenterConStr"].ConnectionString; SqlConnection con = new SqlConnection(_connectionString); SqlCommand cmd = new SqlCommand("select RealName,UserName,NickName,OuterID,CustType from custinfo where custid=@CustID", con); cmd.Parameters.Add("@CustID", SqlDbType.NVarChar, 16).Value = CustID; using (con) { con.Open(); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { RealName = (string)reader["RealName"]; UserName = (string)reader["UserName"]; NickName = (string)reader["NickName"]; OutID = (string)reader["OuterID"]; CustType = (string)reader["CustType"]; } } SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData); string ErrMsg = ""; //生成token并保存 UserToken UT = new UserToken(); string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(CookieName, UserTokenValue); //begin Response.Redirect(ReturnUrl, true); //end } else { // 未有绑定关系 (可能有号百账号-则去绑定,可能没有号百账号,则注册) string SelectOauthAssertion = System.Configuration.ConfigurationManager.AppSettings["SelectOauthAssertion"]; SelectOauthAssertion = SelectOauthAssertion + "?code=" + UserID + "&returnUrl=" + ReturnUrl + "&oauthtype=1"; // 0 代表qq 1代表sina Response.Redirect(SelectOauthAssertion, true); //SelectOauthAssertion 指向地址: http://sso.besttone.cn/SSO/boundingV2.action?code=***&returnUrl=*** //boundingV2.action 会forward到 他自己的一个auth.jsp ,这个jsp会嵌入两个iframe,其中一个iframe的src,指向客户信息平台的AuthBindLogin.aspx,另个iframe指向 客户信息平台的AuthRegister.aspx //同时分别带上SPTokenRequest和code参数,这个SPTokenRequest参数中的ReturnUrl } }
protected void ssoFunc() { string QH = System.Configuration.ConfigurationManager.AppSettings["HQList"]; //上海,广州处理 string UAOUTID = System.Configuration.ConfigurationManager.AppSettings["UAOUTIDLIst"]; string UAProvinceID = Request.Cookies["UAProvinceID"].Value.ToString(); //是否是SSO的省 if (QH.IndexOf(UAProvinceID) < 0 && UAOUTID.IndexOf(UAProvinceID) < 0) { Response.Redirect("../ErrorInfo.aspx?Result=-19999&ErrorInfo=未开通单点登录&FunctionName=请从 http://jf.ct10000.com 直接登入集团积分商城", true); return; } MBOSSClass mboss = new MBOSSClass(); string AssertionAddress = Request.Cookies["AssertionAddress"].Value.ToString(); //获取断言查询地址 string TransactionID = Request.Cookies["TransactionID"].Value.ToString(); //获取流水号 string xml = ""; int result = -19999; string ErrMsg = ""; string SPID = UAProvinceID + "999991"; string CustID = "", RealName = "", NickName = "", UserName = "", OutID = "", UserAccount = "", CustType = "", ProvinceID = "", AuthenName = "", AuthenType = ""; try { SPInfoManager spInfo = new SPInfoManager(); Object SPData = spInfo.GetSPData(this.Context, "SPData"); //密钥 string key = spInfo.GetPropertyBySPID(SPID, "SecretKey", SPData); //断言 MBOSSClass.BilByCompilingResult bil = new MBOSSClass.BilByCompilingResult(); //查询断言并解析 result = mboss.SendUATicket(UAProvinceID, SPID, UATicket, AssertionAddress, this.Context, "SPCAData", TransactionID, out bil, out xml, out ErrMsg); AuthenType = bil.AccountType; AuthenName = bil.AccountID; if (result != 0) { Response.Redirect("../ErrorInfo.aspx?Result=-19999&ErrorInfo=请从网厅登陆1&FunctionName=请从网厅登陆1", true); return; } //用户入库是否存在 int type = 0; string p = bil.AccountID; string dealType = ""; string areaid = ""; string jtUAProvinceID = ""; log("UAProvinceID:集团ua:" + UAProvinceID); if ("35".Equals(UAProvinceID)) { if (!"".Equals(bil.ProvinceID)) { jtUAProvinceID = bil.ProvinceID; } else { jtUAProvinceID = UAProvinceID; } result = 0; type = 1; } else { result = BTForBusinessSystemInterfaceRules.MUserAuthV2(SPID, UAProvinceID, bil.AccountID, bil.AccountType, bil.AccountInfos, Context, out ErrMsg, out CustID, out UserAccount, out CustType, out OutID, out ProvinceID, out RealName, out UserName, out NickName, out dealType, out type, out areaid); log(bil.ProvinceID + "-!35-BTForBusinessSystemInterfaceRules.MUserAuthV2:" + result + "-bil.ProvinceID=" + bil.ProvinceID + "-UAProvinceID=" + UAProvinceID + "-areaid=" + areaid + "-custid=" + CustID + "-OutID=" + OutID + "-ErrMsg=" + ErrMsg); } string CustID1 = CustID; string RealName1 = ""; string UserName1 = ""; string NickName1 = ""; string CustType1 = ""; log("MUserAuthV2:" + result + ";CustID=" + CustID + " @----@" + ErrMsg + "==" + type); if (result != 0) { Response.Redirect("../ErrorInfo.aspx?Result=-19999&ErrorInfo=" + ErrMsg + "&FunctionName=请从网厅登陆2", true); return; } //模式3情况下,获取证件号和类型 string TestStr = ""; if (type == 1) { string OutID1 = ""; if (QH.IndexOf(UAProvinceID) >= 0) { if (bil.AccountType == "9" || bil.AccountType == "10" || bil.AccountType == "11") { if (areaid != "") { bil.AccountID = areaid + "-" + bil.AccountID; } } } else if (UAOUTID.IndexOf(UAProvinceID) >= 0) { bil.AccountID = OutID; bil.AccountType = "99"; RealName = bil.AccountID; } else { if (bil.AccountType == "9" || bil.AccountType == "10" || bil.AccountType == "11") { string phone = ""; areaid = BTForBusinessSystemInterfaceRules.PhoneToArea(UAProvinceID, bil.AccountID, out phone); if (areaid != "") { bil.AccountID = areaid + "-" + phone; } } } int result1 = -1234; if ("35".Equals(UAProvinceID)) { log("CrmSSO.UserAuthCrm1:provinceid=" + bil.ProvinceID + ";areacode:" + bil.AccountInfos[0].areaid + ";accountid:" + bil.AudienceID + "|TestStr=" + TestStr); result1 = CrmSSO.UserAuthCrm1(bil.ProvinceID, bil.AccountInfos[0].areaid, bil.AccountType, bil.AccountID, p, "", "0", UAProvinceID + "999991", this.Context, out RealName1, out UserName1, out NickName1, out OutID1, out CustType1, out CustID1, out ErrMsg, out TestStr); } else { result1 = CrmSSO.UserAuthCrm(UAProvinceID, bil.AccountType, bil.AccountID, p, "", "0", UAProvinceID + "999991", this.Context, out RealName1, out UserName1, out NickName1, out OutID1, out CustType1, out CustID1, out ErrMsg, out TestStr); } if (result1 == 0) { OutID = OutID1; CustID = CustID1; CustType = CustType1; } else { Response.Redirect("../ErrorInfo.aspx?Result=" + result1 + "&ErrorInfo=" + ErrMsg + "&FunctionName=请从网厅登陆5", true); return; } UserName = RealName1; NickName = RealName1; log(result1 + "==" + UAProvinceID + "=UAProvinceID;" + bil.AccountType + " =bil.AccountType;" + bil.AccountID + "=bil.AccountID;" + "" + "" + RealName + "=RealName;" + UserName + "=UserName;" + NickName + "=NickName;" + OutID + "=OutID;" + CustType + "=CustType;" + CustID + "=CustID1;" + ErrMsg + "=ErrMsg"); } if (dealType == "0") //通知积分系统 { CIP2BizRules.InsertCustInfoNotify(CustID, "2", System.Configuration.ConfigurationManager.AppSettings["ScoreBesttoneSPID"], "", "0", out ErrMsg); } //生成cookie UserToken UT = new UserToken(); string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg); string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; PageUtility.SetCookie(UserTokenValue, CookieName, this.Page); //生成ticket result = CIPTicketManager.insertCIPTicket(TransactionID, SPID, CustID, RealName, NickName, UserName, OutID, "", AuthenName, AuthenType, out ErrMsg); log("insertCIPTicket:" + ErrMsg + result); if (result != 0) { Response.Redirect("../ErrorInfo.aspx?Result=-19999&ErrorInfo=请从网厅登陆3&FunctionName=请从网厅登陆3", true); return; } string Url = Request.Cookies["ReturnURL"].Value.ToString(); // System.Configuration.ConfigurationManager.AppSettings["SSOReturnURL"]; ; PageUtility.ExpireCookie("ReturnURL", this.Page); PageUtility.ExpireCookie("SPID", this.Page); PageUtility.ExpireCookie("UAProvinceID", this.Page); PageUtility.ExpireCookie("TransactionID", this.Page); Response.Redirect(Url + "?Ticket=" + TransactionID); } catch (System.Exception ex) { ErrMsg = ex.Message; } finally { try { CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, ProvinceID, AuthenType, AuthenName, "2", result, ErrMsg); } catch { } } }