/// <summary> /// 生成Ticket的字符串 /// </summary> /// <param name="signInInfo">登录信息</param> /// <param name="strIP">客户端ip</param> /// <returns>Ticket的字符串</returns> public static string GenerateTicketString(ISignInInfo signInInfo, string strIP) { HttpContext context = HttpContext.Current; HttpRequest request = context.Request; XmlDocument xmlDoc = XmlHelper.CreateDomDocument("<Ticket/>"); XmlDocument xmlSignInInfo = signInInfo.SaveToXml(); XmlNode SignInNode = XmlHelper.AppendNode(xmlDoc.DocumentElement, "SignInInfo"); SignInNode.InnerXml = xmlSignInInfo.DocumentElement.InnerXml; string strTimeout = request.QueryString["to"]; int nTimeout = -1; if (strTimeout != null) { try { nTimeout = int.Parse(strTimeout); } catch (System.Exception) { } } else { nTimeout = (int)(PassportSignInSettings.GetConfig().DefaultTimeout.TotalSeconds); } string strAppID = request.QueryString["aid"]; XmlHelper.AppendNode(xmlDoc.DocumentElement, "AppSSID", Guid.NewGuid().ToString()); XmlHelper.AppendNode(xmlDoc.DocumentElement, "AppID", strAppID); XmlHelper.AppendNode(xmlDoc.DocumentElement, "AppSTime", DateTimeStandardFormat(SNTPClient.AdjustedTime)); XmlHelper.AppendNode(xmlDoc.DocumentElement, "IP", strIP); DateTime dtExpireTime = DateTime.MaxValue; if (nTimeout >= 0) { dtExpireTime = SNTPClient.AdjustedTime.AddSeconds(nTimeout); } else if (nTimeout < -1) { dtExpireTime = DateTime.MinValue; } else if (nTimeout == -1) { dtExpireTime = DateTime.MaxValue; } XmlHelper.AppendNode(xmlDoc.DocumentElement, "AppSTimeout", DateTimeStandardFormat(dtExpireTime)); return(xmlDoc.OuterXml); }
/// <summary> /// 读取单点登录服务配置 /// </summary> /// <returns>认证服务器配置信息</returns> /// <remarks> /// <code source="..\Framework\TestProjects\DeluxeWorks.Library.Passport.Test\ConfigurationTest.cs" region="SignInConfigTest" lang="cs" title="获取认证服务端配置信息" /> /// </remarks> public static PassportSignInSettings GetConfig() { PassportSignInSettings result = (PassportSignInSettings)ConfigurationBroker.GetSection("passportSignInSettings"); ConfigurationExceptionHelper.CheckSectionNotNull(result, "passportSignInSettings"); return(result); }
private string GetSavingCookieKey() { string result = PassportSignInSettings.GetConfig().SignInCookieKey; //暂时不按照租户分Cookie //if (TenantContext.Current.Enabled) // result += "-" + HttpUtility.UrlEncode(this.TenantCode); return(result); }
/// <summary> /// 加密Ticket /// </summary> /// <param name="ticket">ticket</param> /// <returns>加密后的Ticket并且使用Base64编码</returns> public static string EncryptTicket(ITicket ticket) { ITicketEncryption et = PassportEncryptionSettings.GetConfig().TicketEncryption; //byte[] data = et.EncryptTicket(ticket, PassportClientSettings.GetConfig().RsaKeyValue); /del by yuanyong 20090416 //原来是PassportClientSettings,不正确的。加密ticket是PassportService的事情。虽然Client和Service都配置了密钥,但是应该使用Service方的 byte[] data = et.EncryptTicket(ticket, PassportSignInSettings.GetConfig().RsaKeyValue); return(Convert.ToBase64String(data)); }
/// <summary> /// 负责认证的服务,带上Ticket重定向到应用的url /// </summary> /// <param name="ticket"></param> public static void SignInServiceRedirectToApp(ITicket ticket) { HttpRequest request = HttpContext.Current.Request; HttpResponse response = HttpContext.Current.Response; string strReturnUrl = HttpUtility.UrlDecode(request.QueryString["ru"]); string strLogOffUrl = request.QueryString["lou"]; string strAppID = request.QueryString["aid"]; if (strAppID == null) { strAppID = PassportClientSettings.GetConfig().AppID; } System.Uri uri = request.Url; if (strReturnUrl != null) { uri = new Uri(strReturnUrl, UriKind.RelativeOrAbsolute); } NameValueCollection uriParams = uri.GetUriParamsCollection(); uriParams[TenantExtensions.TenantCodeParamName] = TenantContext.Current.TenantCode; uri = new Uri(UriHelper.CombineUrlParams(uri.ToString(), true, uriParams), UriKind.RelativeOrAbsolute); if (strLogOffUrl == null) { strLogOffUrl = "#"; } Uri logOffUri = new Uri(UriHelper.CombineUrlParams(strLogOffUrl, true, uriParams), UriKind.RelativeOrAbsolute); PassportSignInSettings.GetConfig().PersistSignInInfo.SaveTicket( ticket, uri, logOffUri); string ticketString = Common.EncryptTicket(ticket); TicketTransferMethod method = request.QueryString.GetValue("m", TicketTransferMethod.HttpGet); if (method == TicketTransferMethod.HttpGet) { RedirectTicketToApp(uri, ticketString); } else { SubmitTicketToApp(uri, ticketString); } }
private DateTime GetConfigExpireDate() { DateTime dt = DateTime.MaxValue; PassportSignInSettings settings = PassportSignInSettings.GetConfig(); if (settings.DefaultTimeout >= TimeSpan.Zero) { dt = SignInTime.Add(settings.DefaultTimeout); } return(dt); }
private bool IsSlidingExpired() { bool bExpired = false; PassportSignInSettings settings = PassportSignInSettings.GetConfig(); if (settings.HasSlidingExpiration) { DateTime dtTO = this.SignInTime.Add(settings.SlidingExpiration); bExpired = (DateTime.Now >= dtTO); //相对时间过期 } #if DELUXEWORKSTEST Debug.WriteLineIf(bExpired, "Sliding Expired", "SignInPage Check"); #endif return(bExpired); }
/// <summary> /// 得到每一个应用注销所使用的回调Url /// </summary> /// <returns></returns> public List <AppLogOffCallBackUrl> GetAllRelativeAppsLogOffCallBackUrl() { ExceptionHelper.CheckStringIsNullOrEmpty(this.SessionID, "SessionID"); ExceptionHelper.CheckStringIsNullOrEmpty(this.ApplicationID, "ApplicationID"); ExceptionHelper.CheckStringIsNullOrEmpty(this.CallbackUrl, "CallbackUrl"); List <AppLogOffCallBackUrl> urls = PassportSignInSettings.GetConfig().PersistSignInInfo.GetAllRelativeAppsLogOffCallBackUrl(this.SessionID); if (AppLogOffCallBackUrlExist(urls, this.ApplicationID, this.CallbackUrl) == false) { AppLogOffCallBackUrl au = new AppLogOffCallBackUrl(); au.AppID = this.ApplicationID; au.LogOffCallBackUrl = this.CallbackUrl; urls.Add(au); } return(urls); }
/// <summary> /// 生成SignInInfo的Xml格式数据 /// </summary> /// <param name="userInfo">用户登录信息</param> /// <param name="bDontSaveUserID">是否保存用户名</param> /// <param name="bAutoSignIn">是否自动登录</param> /// <returns>SignInfo的xml格式数据</returns> public static XmlDocument GenerateSignInInfo(ISignInUserInfo userInfo, bool bDontSaveUserID, bool bAutoSignIn) { string userID = ImpersonateSettings.GetConfig().Impersonation[userInfo.UserID]; HttpContext context = HttpContext.Current; HttpRequest request = context.Request; XmlDocument xmlDoc = XmlHelper.CreateDomDocument("<SignInInfo/>"); XmlHelper.AppendNode(xmlDoc.DocumentElement, "SSID", Guid.NewGuid().ToString()); XmlHelper.AppendNode(xmlDoc.DocumentElement, "UID", userID); XmlHelper.AppendNode(xmlDoc.DocumentElement, "OUID", userInfo.OriginalUserID); XmlHelper.AppendNode(xmlDoc.DocumentElement, "DO", userInfo.Domain); object windowsIntegrated; if (true == userInfo.Properties.TryGetValue("WindowsIntegrated", out windowsIntegrated)) { XmlHelper.AppendNode(xmlDoc.DocumentElement, "WI", true); } XmlHelper.AppendNode(xmlDoc.DocumentElement, "DSUID", bDontSaveUserID); XmlHelper.AppendNode(xmlDoc.DocumentElement, "ASI", bAutoSignIn); XmlHelper.AppendNode(xmlDoc.DocumentElement, "STime", DateTimeStandardFormat(SNTPClient.AdjustedTime)); XmlHelper.AppendNode(xmlDoc.DocumentElement, "AS", request.Url.Host + ":" + request.Url.Port); if (userInfo.Properties.Count > 0) { XmlNode nodeProps = XmlHelper.AppendNode(xmlDoc.DocumentElement, Resource.SignInInfoExtraProperties); foreach (KeyValuePair <string, object> kp in userInfo.Properties) { XmlNode nodeProp = XmlHelper.AppendNode(nodeProps, "add"); XmlHelper.AppendAttr(nodeProp, "key", kp.Key); XmlHelper.AppendAttr(nodeProp, "value", kp.Value.ToString()); } } DateTime dtExpireTime = DateTime.MaxValue; PassportSignInSettings settings = PassportSignInSettings.GetConfig(); if (settings.DefaultTimeout >= TimeSpan.Zero) { dtExpireTime = DateTime.Now.Add(settings.DefaultTimeout); } else if (settings.DefaultTimeout < TimeSpan.FromSeconds(-1)) { dtExpireTime = DateTime.MinValue; } else if (settings.DefaultTimeout == TimeSpan.FromSeconds(-1)) { dtExpireTime = DateTime.MaxValue; } XmlHelper.AppendNode(xmlDoc.DocumentElement, "STimeout", DateTimeStandardFormat(dtExpireTime)); return(xmlDoc); }