/*public async Task<string> GetKeepLoginUrl(SystemLoginEndpoint endpoint, string strToken) * { * //验证JWT是否正确 * var jwtResult = _securityService.ValidateJWT(endpoint.SecretKey, strToken); * if (!jwtResult.ValidateResult.Result) * { * var fragment = new TextFragment() * { * Code = TextCodes.SystemLoginEndpointTokenValidateError, * DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}失败,失败原因{2}", * ReplaceParameters = new List<object>() { endpoint.Name, strToken, jwtResult.ValidateResult.Description } * }; * * //验证未通过,抛出异常 * throw new UtilityException((int)Errors.SystemLoginEndpointTokenValidateError, fragment); * } * * //从JWT字符串中获取令牌相关信息 * Dictionary<string, string> jwtInfo = jwtResult.Playload; * //查找验证终结点名称 * if (!jwtInfo.TryGetValue("AuthorizationName", out string strAuthorizationName)) * { * var fragment = new TextFragment() * { * Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName, * DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中,找不到名称为{2}的信息", * ReplaceParameters = new List<object>() { endpoint.Name, strToken, "AuthorizationName" } * }; * * throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment); * } * //查找用户信息键值对 * if (!jwtInfo.TryGetValue("UserInfoAttributes", out string strUserInfoAttributes)) * { * var fragment = new TextFragment() * { * Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName, * DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中,找不到名称为{2}的信息", * ReplaceParameters = new List<object>() { endpoint.Name, strToken, "UserInfoAttributes" } * }; * * throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment); * } * * //查询出该登录终结点关联的验证终结点中相同名称的验证终结点 * //调用验证终结点的获取保持登录状态url方法 * var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, strAuthorizationName); * if (authorizationEndpoint == null) * { * var fragment = new TextFragment() * { * Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, * DefaultFormatting = "名称为{0}的系统登录终结点中,找不到名称为{1}的关联认证终结点", * ReplaceParameters = new List<object>() { endpoint.Name, strAuthorizationName } * }; * * throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment); * } * * return await authorizationEndpoint.GetKeepLoginUrl(strSystemToken); * }*/ public async Task <string> GetLoginUrl(SystemLoginEndpoint endpoint, string authorizationName, string returnUrl) { //找到关联的验证终结点 var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, authorizationName); if (authorizationEndpoint == null) { var fragment = new TextFragment() { Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, DefaultFormatting = "名称为{0}的系统登录终结点中,找不到名称为{1}的关联认证终结点", ReplaceParameters = new List <object>() { endpoint.Name, authorizationName } }; throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment); } //生成验证中心重定向地址 var sysUrl = GenerateSystemLoginUrl(endpoint, authorizationEndpoint); return(await authorizationEndpoint.GetLoginUrl(sysUrl, returnUrl)); }
private string GenerateSystemLoginUrl(SystemLoginEndpoint sysEndpoint, AuthorizationEndpoint authEndpoint) { var serviceReturnUrl = QueryHelpers.AddQueryString(sysEndpoint.BaseUrl, new Dictionary <string, string>() { { "sysname", sysEndpoint.Name }, { "authname", authEndpoint.Name } }); return(serviceReturnUrl); }
public async Task <bool> ValidateClientRedirectUrl(SystemLoginEndpoint endpoint, string clientRedirectUrl) { bool result = false; foreach (var item in endpoint.ClientRedirectBaseUrls) { if (item.IsBaseOf(new Uri(clientRedirectUrl))) { result = true; break; } } return(await Task.FromResult(result)); }
private async Task validateClientRedirectUrl(SystemLoginEndpoint endpoint, string clientRedirectUrl) { if (!await ValidateClientRedirectUrl(endpoint, clientRedirectUrl)) { var fragment = new TextFragment() { Code = TextCodes.SystemLoginEndpointClientRedirectUrl, DefaultFormatting = "名称为{0}的系统登录终结点中,客户端重定向地址{1}非法,合法地址的基地址必须为{2}", ReplaceParameters = new List <object>() { endpoint.Name, clientRedirectUrl, endpoint.ClientRedirectBaseUrls.ToDisplayString(async(item) => await Task.FromResult(item.ToString()), async() => await Task.FromResult(",")) } }; throw new UtilityException((int)Errors.SystemLoginEndpointClientRedirectUrl, fragment); } }
public async Task <string> RefreshToken(AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint, string userKey, string systemToken) { var service = await GetService(endpoint); var newToken = await service.RefreshToken(endpoint.ThirdPartyConfiguration, systemToken); if (endpoint.KeepThirdPartyToken) { var record = await _thirdPartySystemTokenRecordStore.QueryByUserKey(userKey, loginEndpoint.ID, endpoint.ID); if (record != null) { await _thirdPartySystemTokenRecordStore.UpdateToken(userKey, record.ID, newToken); } } return(newToken); }
/*public async Task<string> GetLogoutUrl(SystemLoginEndpoint endpoint, string strToken) * { * //验证JWT是否正确 * var jwtResult = _securityService.ValidateJWT(endpoint.SecretKey, strToken); * if (!jwtResult.ValidateResult.Result) * { * var fragment = new TextFragment() * { * Code = TextCodes.SystemLoginEndpointTokenValidateError, * DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}失败,失败原因{2}", * ReplaceParameters = new List<object>() { endpoint.Name, strToken, jwtResult.ValidateResult.Description } * }; * * //验证未通过,抛出异常 * throw new UtilityException((int)Errors.SystemLoginEndpointTokenValidateError,fragment); * } * * //从JWT字符串中获取令牌相关信息 * Dictionary<string, string> jwtInfo = jwtResult.Playload; * //查找验证终结点名称 * if (!jwtInfo.TryGetValue("AuthorizationName", out string strAuthorizationName)) * { * var fragment = new TextFragment() * { * Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName, * DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中,找不到名称为{2}的信息", * ReplaceParameters = new List<object>() { endpoint.Name, strToken, "AuthorizationName" } * }; * * throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment); * } * //查找用户信息键值对 * if (!jwtInfo.TryGetValue("UserInfoAttributes", out string strUserInfoAttributes)) * { * var fragment = new TextFragment() * { * Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName, * DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中,找不到名称为{2}的信息", * ReplaceParameters = new List<object>() { endpoint.Name, strToken, "UserInfoAttributes" } * }; * * throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment); * } * * * //查询出该登录终结点关联的验证终结点中相同名称的验证终结点 * //调用验证终结点的获取登出url方法 * var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, strAuthorizationName); * if (authorizationEndpoint == null) * { * var fragment = new TextFragment() * { * Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, * DefaultFormatting = "名称为{0}的系统登录终结点中,找不到名称为{1}的关联认证终结点", * ReplaceParameters = new List<object>() { endpoint.Name, strAuthorizationName } * }; * * throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment); * } * * var userInfoAttributes=JsonSerializerHelper.Deserialize<Dictionary<string, string>>(strUserInfoAttributes); * if (userInfoAttributes==null) * { * userInfoAttributes = new Dictionary<string, string>(); * } * * return await authorizationEndpoint.GetLogoutUrl(userInfoAttributes); * } */ public async Task <string> GetCommonToken(SystemLoginEndpoint endpoint, string authorizationName, string userName, string password) { //找到关联的验证终结点 var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, authorizationName); if (authorizationEndpoint == null) { var fragment = new TextFragment() { Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, DefaultFormatting = "名称为{0}的系统登录终结点中,找不到名称为{1}的关联认证终结点", ReplaceParameters = new List <object>() { endpoint.Name, authorizationName } }; throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment); } var authResult = await authorizationEndpoint.GetSystemTokenByPassword(endpoint, userName, password); var commonToken = new CommonToken() { SystemName = endpoint.Name, AuthorizationName = authorizationName, UserInfoAttributes = authResult.Attributes }; //生成通用令牌的JWT字符串 var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>() { { "SystemName", commonToken.SystemName }, { "AuthorizationName", commonToken.AuthorizationName }, { "UserInfoAttributes", JsonSerializerHelper.Serializer <Dictionary <string, string> >(commonToken.UserInfoAttributes) } }, endpoint.ExpireSecond); return(strCommonToken); }
public async Task <QueryResult <AuthorizationEndpoint> > GetAuthorizationEndpoint(SystemLoginEndpoint endpoint, string authorizationName, int page, int pageSize) { return(await _authorizationEndpointStore.QueryBySystemLoginEndpointRelationPage(endpoint.ID, authorizationName, page, pageSize)); }
public async Task Delete(SystemLoginEndpoint endpoint) { await _systemLoginEndpointStore.Delete(endpoint.ID); }
public async Task AddAuthorizationEndpoint(SystemLoginEndpoint endpoint, Guid authorizationEndpointId) { await _authorizationEndpointStore.AddSystemLoginEndpointRelation(authorizationEndpointId, endpoint.ID); }
public async Task Add(SystemLoginEndpoint endpoint) { await _systemLoginEndpointStore.Add(endpoint); }
/// <summary> /// 刷新第三方令牌 /// </summary> /// <param name="systemToken"></param> /// <returns></returns> public async Task <string> RefreshToken(SystemLoginEndpoint loginEndpoint, string userKey, string systemToken) { return(await _imp.RefreshToken(this, loginEndpoint, userKey, systemToken)); }
public async Task <GetSystemTokenResult> GetSystemToken(AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint, string systemLoginRedirectUrl, string clientRedirectUrl) { GetSystemTokenResult result = new GetSystemTokenResult(); var service = await GetService(endpoint); var postExecuteService = await GetPostExecuteService(endpoint); //获取第三方系统的令牌结果 var getSystemTokenResult = await service.GetSystemToken(endpoint.ThirdPartyConfiguration, systemLoginRedirectUrl, clientRedirectUrl); result.Direct = getSystemTokenResult.Direct; //如果不是结果是直接,则需要进行后续处理 if (getSystemTokenResult.Direct) { result.TokenResult = new ThirdPartySystemTokenResult() { Attributes = getSystemTokenResult.Token.Attributes }; if (postExecuteService != null) { var postExecuteResult = await postExecuteService.Execute(getSystemTokenResult.Token.Attributes, endpoint.ThirdPartyPostConfiguration); result.TokenResult.Attributes.Merge(postExecuteResult.UserInfoAttributes); result.TokenResult.AdditionalRedirectUrlQueryAttributes = postExecuteResult.AdditionalRedirectUrlQueryAttributes; } await SaveTokenRecord(getSystemTokenResult.Token.Attributes, getSystemTokenResult.Token.Token, endpoint, loginEndpoint); } else { result.RedirectUrl = getSystemTokenResult.RedirectUrl; } return(result); }
public async Task <string> GetCommonToken(SystemLoginEndpoint endpoint, HttpRequest request) { //从request的query中获取authname if (!request.Query.TryGetValue("authname", out StringValues strAuthName)) { var fragment = new TextFragment() { Code = TextCodes.NotFoundAuthNameQuerystringInAuthRedirectUrl, DefaultFormatting = "名称为{0}的系统登录终结点的第三方认证系统回调请求处理中,回调请求的Url中不包含authname参数,回调请求的Url为{1}", ReplaceParameters = new List <object>() { endpoint.Name, request.Path.Value } }; throw new UtilityException((int)Errors.NotFoundAuthNameQuerystringInAuthRedirectUrl, fragment); } //根据authname获取登录终结点下面关联的验证终结点 AuthorizationEndpoint authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, strAuthName[0]); if (authorizationEndpoint == null) { var fragment = new TextFragment() { Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointCanExecuteCallback, DefaultFormatting = "名称为{0}的系统登录终结点中,找不到可以处理从第三方认证系统回调请求的关联认证终结点,请求url为{1}", ReplaceParameters = new List <object>() { endpoint.Name, request.Path.Value } }; throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointCanExecuteCallback, fragment); } //调用验证终结点的方法,获取实际的重定向地址 string redirectUrl = await authorizationEndpoint.GetRealRedirectUrl(request); //验证客户端重定向地址 await validateClientRedirectUrl(endpoint, redirectUrl); //调用验证终结点的方法,获取第三方登陆系统处理后产生的键值对 var authResult = await authorizationEndpoint.GetSystemAttributes(endpoint, request); //生成最终要重定向回接入方的Url var commonToken = new CommonToken() { SystemName = endpoint.Name, AuthorizationName = authorizationEndpoint.Name, UserInfoAttributes = authResult.Attributes }; //生成通用令牌的JWT字符串 var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>() { { "SystemName", commonToken.SystemName }, { "AuthorizationName", commonToken.AuthorizationName }, { "UserInfoAttributes", JsonSerializerHelper.Serializer <Dictionary <string, string> >(commonToken.UserInfoAttributes) } }, endpoint.ExpireSecond); //生成重定向回接入方系统的地址 var strReturnUrl = QueryHelpers.AddQueryString(redirectUrl, authResult.AdditionalRedirectUrlQueryAttributes); strReturnUrl = QueryHelpers.AddQueryString(strReturnUrl, "commontoken", strCommonToken); return(strReturnUrl); }
public async Task RemoveAuthorizationEndpoint(SystemLoginEndpoint endpoint, Guid authorizationEndpointId) { await _authorizationEndpointStore.DeleteSystemLoginEndpointRelation(authorizationEndpointId, endpoint.ID); }
public async Task <string> RefreshToken(SystemLoginEndpoint endpoint, string strToken) { //验证JWT是否正确 var jwtResult = _securityService.ValidateJWT(endpoint.SecretKey, strToken); if (!jwtResult.ValidateResult.Result) { var fragment = new TextFragment() { Code = TextCodes.SystemLoginEndpointTokenValidateError, DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}失败,失败原因{2}", ReplaceParameters = new List <object>() { endpoint.Name, strToken, jwtResult.ValidateResult.Description } }; //验证未通过,抛出异常 throw new UtilityException((int)Errors.SystemLoginEndpointTokenValidateError, fragment); } //从JWT字符串中获取令牌相关信息,这里需要补全代码 Dictionary <string, string> jwtInfo = jwtResult.Playload; //查找验证终结点名称 if (!jwtInfo.TryGetValue("AuthorizationName", out string strAuthorizationName)) { var fragment = new TextFragment() { Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName, DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中,找不到名称为{2}的信息", ReplaceParameters = new List <object>() { endpoint.Name, strToken, "AuthorizationName" } }; throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment); } //查找用户信息键值对 if (!jwtInfo.TryGetValue("UserInfoAttributes", out string strUserInfoAttributes)) { var fragment = new TextFragment() { Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName, DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中,找不到名称为{2}的信息", ReplaceParameters = new List <object>() { endpoint.Name, strToken, "UserInfoAttributes" } }; throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment); } //查询出该登录终结点关联的验证终结点中相同名称的验证终结点 //调用验证终结点的刷新方法 /* var authorizationEndpoint= await GetAuthorizationEndpoint(endpoint, strAuthorizationName); * if (authorizationEndpoint==null) * { * var fragment = new TextFragment() * { * Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, * DefaultFormatting = "名称为{0}的系统登录终结点中,找不到名称为{1}的关联认证终结点", * ReplaceParameters = new List<object>() { endpoint.Name, strAuthorizationName } * }; * * throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment); * }*/ //重新生成通用令牌的JWT字符串 var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>() { { "SystemName", endpoint.Name }, { "AuthorizationName", strAuthorizationName }, { "UserInfoAttributes", strUserInfoAttributes } }, endpoint.ExpireSecond); return(await Task.FromResult(strCommonToken)); }
private async Task <string> GetUserKey(Dictionary <string, string> attributes, AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint) { if (!attributes.TryGetValue(loginEndpoint.UserInfoKey, out string userKey)) { var fragment = new TextFragment() { Code = TextCodes.NotFoundUserInfoKeyInThirdPartyTokenAttributes, DefaultFormatting = "在登录终结点{0}、验证终结点{1}的第三方及后续处理中获取的令牌键值对中,找不到键为{2}的值", ReplaceParameters = new List <object>() { loginEndpoint.Name, endpoint.Name, loginEndpoint.UserInfoKey } }; throw new UtilityException((int)Errors.NotFoundUserInfoKeyInThirdPartyTokenAttributes, fragment); } return(await Task.FromResult(userKey)); }
private async Task SaveTokenRecord(Dictionary <string, string> attributes, string token, AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint) { if (!endpoint.KeepThirdPartyToken) { return; } var userKey = await GetUserKey(attributes, endpoint, loginEndpoint); var service = await GetService(endpoint); var record = await _thirdPartySystemTokenRecordStore.QueryByUserKey(userKey, loginEndpoint.ID, endpoint.ID); bool needUpdate = false; if (record == null) { record = new ThirdPartySystemTokenRecord() { ID = Guid.NewGuid(), AuthorizationEndpointID = endpoint.ID, SystemLoginEndpointID = loginEndpoint.ID, LastRefeshTime = DateTime.UtcNow, Timeout = await service.GetTimeout(endpoint.ThirdPartyConfiguration), Token = token, UserKey = userKey }; try { await _thirdPartySystemTokenRecordStore.Add(record); } catch (UtilityException ex) { if (ex.Code == (int)Errors.ExistSameThirdPartySystemTokenRecord) { record = await _thirdPartySystemTokenRecordStore.QueryByUserKey(userKey, loginEndpoint.ID, endpoint.ID); needUpdate = true; } else { throw ex; } } } else { needUpdate = true; } if (needUpdate) { record.Timeout = await service.GetTimeout(endpoint.ThirdPartyConfiguration); record.LastRefeshTime = DateTime.UtcNow; record.Token = token; await _thirdPartySystemTokenRecordStore.Update(record); } }
public async Task <ThirdPartySystemTokenResult> GetSystemTokenByPassword(AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint, string userName, string password) { ThirdPartySystemTokenResult result = new ThirdPartySystemTokenResult(); var service = await GetService(endpoint); var postExecuteService = await GetPostExecuteService(endpoint); var thirdPartyResult = await service.GetSystemTokenByPassword(endpoint.ThirdPartyConfiguration, userName, password); result.Attributes = thirdPartyResult.Attributes; if (postExecuteService != null) { var postExecuteResult = await postExecuteService.Execute(thirdPartyResult.Attributes, endpoint.ThirdPartyPostConfiguration); result.Attributes.Merge(postExecuteResult.UserInfoAttributes); result.AdditionalRedirectUrlQueryAttributes = postExecuteResult.AdditionalRedirectUrlQueryAttributes; } await SaveTokenRecord(thirdPartyResult.Attributes, thirdPartyResult.Token, endpoint, loginEndpoint); return(result); }
public async Task <AuthorizationEndpoint> GetAuthorizationEndpoint(SystemLoginEndpoint endpoint, Guid authorizationEndpointId) { return(await _authorizationEndpointStore.QueryBySystemLoginEndpointRelation(endpoint.ID, authorizationEndpointId)); }
/// <summary> /// 获取通用令牌 /// 返回结果有两种情况 /// 1,直接获取通用令牌,返回重定向回接入方系统的地址,该地址包含通用令牌的字符串信息 /// 2,需要重定向到第三方认证系统,返回第三方认证系统的地址 /// </summary> /// <param name="endpoint"></param> /// <param name="authorizationName">验证终结点名称</param> /// <param name="returnUrl">接入方系统的重定向地址</param> /// <returns>获取通用令牌动作的结果</returns> public async Task <GetCommonTokenResult> GetCommonToken(SystemLoginEndpoint endpoint, string authorizationName, string returnUrl) { //验证客户端重定向地址 await validateClientRedirectUrl(endpoint, returnUrl); //找到关联的验证终结点 var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, authorizationName); if (authorizationEndpoint == null) { var fragment = new TextFragment() { Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, DefaultFormatting = "名称为{0}的系统登录终结点中,找不到名称为{1}的关联认证终结点", ReplaceParameters = new List <object>() { endpoint.Name, authorizationName } }; throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment); } //生成验证中心重定向地址 var sysUrl = GenerateSystemLoginUrl(endpoint, authorizationEndpoint); //var serviceReturnUrl = $"{endpoint.BaseUrl}?returnurl={WebUtility.UrlEncode(returnUrl)}"; //调用认证终结点的获取系统令牌的方法 var authResult = await authorizationEndpoint.GetSystemToken(endpoint, sysUrl, returnUrl); //从接入方系统的returnUrl上面获取Querystring的键值对 //从请求中获取querystring,将它转成键值对 Dictionary <string, string> returnUrlKV = new Dictionary <string, string>(); Uri returnUrlUri = new Uri(returnUrl); var dictKV = QueryHelpers.ParseQuery(returnUrlUri.Query); foreach (var item in dictKV) { returnUrlKV.Add(item.Key, item.Value[0]); } GetCommonTokenResult result = new GetCommonTokenResult(); if (authResult.Direct) { //组装结果 result.Direct = true; var commonToken = new CommonToken() { SystemName = endpoint.Name, AuthorizationName = authorizationName, UserInfoAttributes = authResult.TokenResult.Attributes }; //生成通用令牌的JWT字符串 var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>() { { "SystemName", commonToken.SystemName }, { "AuthorizationName", commonToken.AuthorizationName }, { "UserInfoAttributes", JsonSerializerHelper.Serializer <Dictionary <string, string> >(commonToken.UserInfoAttributes) } }, endpoint.ExpireSecond); //生成重定向回接入方系统的地址 var strReturnUrl = QueryHelpers.AddQueryString(returnUrl, authResult.TokenResult.AdditionalRedirectUrlQueryAttributes); strReturnUrl = QueryHelpers.AddQueryString(strReturnUrl, "commontoken", strCommonToken); result.CommonTokenRedirectUrl = strReturnUrl; } else { result.Direct = false; result.RedirectUrl = authResult.RedirectUrl; } return(result); }
/// <summary> /// 获取针对第三方登陆系统回调的处理后获得的令牌结果 /// </summary> /// <param name="request">回调请求</param> /// <returns></returns> public async Task <ThirdPartySystemTokenResult> GetSystemAttributes(SystemLoginEndpoint loginEndpoint, HttpRequest request) { return(await _imp.GetSystemAttributes(this, loginEndpoint, request)); }
public async Task Update(SystemLoginEndpoint endpoint) { await _systemLoginEndpointStore.Update(endpoint); }
/// <summary> /// 根据用户名密码获取第三方令牌键值对 /// </summary> /// <param name="userName"></param> /// <param name="password"></param> /// <returns></returns> public async Task <ThirdPartySystemTokenResult> GetSystemTokenByPassword(SystemLoginEndpoint loginEndpoint, string userName, string password) { return(await _imp.GetSystemTokenByPassword(this, loginEndpoint, userName, password)); }
public async Task LogoutToken(SystemLoginEndpoint endpoint, string strToken) { //验证JWT是否正确 var jwtResult = _securityService.ValidateJWT(endpoint.SecretKey, strToken); if (!jwtResult.ValidateResult.Result) { var fragment = new TextFragment() { Code = TextCodes.SystemLoginEndpointTokenValidateError, DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}失败,失败原因{2}", ReplaceParameters = new List <object>() { endpoint.Name, strToken, jwtResult.ValidateResult.Description } }; //验证未通过,抛出异常 throw new UtilityException((int)Errors.SystemLoginEndpointTokenValidateError, fragment); } //从JWT字符串中获取令牌相关信息,这里需要补全代码 Dictionary <string, string> jwtInfo = jwtResult.Playload; //查找验证终结点名称 if (!jwtInfo.TryGetValue("AuthorizationName", out string strAuthorizationName)) { var fragment = new TextFragment() { Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName, DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中,找不到名称为{2}的信息", ReplaceParameters = new List <object>() { endpoint.Name, strToken, "AuthorizationName" } }; throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment); } //查找用户信息键值对 if (!jwtInfo.TryGetValue("UserInfoAttributes", out string strUserInfoAttributes)) { var fragment = new TextFragment() { Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName, DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中,找不到名称为{2}的信息", ReplaceParameters = new List <object>() { endpoint.Name, strToken, "UserInfoAttributes" } }; throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment); } //查找第三方验证系统的系统令牌 if (!jwtInfo.TryGetValue("SystemToken", out string strSystemToken)) { var fragment = new TextFragment() { Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName, DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中,找不到名称为{2}的信息", ReplaceParameters = new List <object>() { endpoint.Name, strToken, "SystemToken" } }; throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment); } //查询出该登录终结点关联的验证终结点中相同名称的验证终结点 //调用验证终结点的登出方法 var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, strAuthorizationName); if (authorizationEndpoint == null) { var fragment = new TextFragment() { Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, DefaultFormatting = "名称为{0}的系统登录终结点中,找不到名称为{1}的关联认证终结点", ReplaceParameters = new List <object>() { endpoint.Name, strAuthorizationName } }; throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment); } await authorizationEndpoint.Logout(strSystemToken); }
/// <summary> /// 获取第三方令牌键值对 /// </summary> /// <param name="systemLoginRedirectUrl">验证中心的重定向地址</param> /// <param name="clientRedirectUrl">客户端重定向地址</param> /// <returns>获取系统令牌动作的结果</returns> public async Task <GetSystemTokenResult> GetSystemToken(SystemLoginEndpoint loginEndpoint, string systemLoginRedirectUrl, string clientRedirectUrl) { return(await _imp.GetSystemToken(this, loginEndpoint, systemLoginRedirectUrl, clientRedirectUrl)); }