public override void OnActionExecuting(HttpActionContext actionContext)
        {
            if (actionContext == null
                || actionContext.Request == null
                || actionContext.Request.RequestUri == null
            ) { return; }
            var url = actionContext.Request.RequestUri.AbsoluteUri;
            //不需要验证直接跳过
            if (NotCheck) return;

            var uid = Tools.GetCookie(Stands.UID);
            var token = Tools.GetCookie(Stands.TOKEN);

            if (string.IsNullOrEmpty(uid) || string.IsNullOrEmpty(token))
            {
                var response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Redirect,
                    "Unauthorized");
                response.Headers.Add("Location", RouteUtils.GetAuthUrl(url));
                actionContext.Response = response;

                return;
            }

            WebUtils web = new WebUtils();
            var cacheInfo = web.DoGet(Stands.AUTH_HOST + "/Authorize/TokenGetCredence/", new CJDictionary { { "projectCode", Stands.PROJECT_CODE }, { "token", token } });
            var loginCache = Tools.JsonDeserialize<SSOData>(cacheInfo);

            if (!loginCache.IsLogin)
            {
                //保险起见删除本地cookie
                Tools.ClearCookie(Stands.UID);
                Tools.ClearCookie(Stands.TOKEN);
                Tools.ClearCookie(Stands.PROJECT_CODE);
                //ajax 判断
                var response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Redirect,
                     "Unauthorized");
                response.Headers.Add("Location", RouteUtils.GetAuthUrl(url));
                actionContext.Response = response;
                return;
            }

            //状态被修改为限制状态后跳转到指定页面
            if (loginCache.IsRedirect)
            {
                var response = actionContext.Request.CreateResponse(System.Net.HttpStatusCode.Redirect,
                  "Unauthorized");
                response.Headers.Add("Location", loginCache.Url);
                actionContext.Response = response;
                return;
            }
            //更新cookie
            Tools.SetCookie(Stands.UID, loginCache.User.Uid);
            Tools.SetCookie(Stands.TOKEN, token);
            base.OnActionExecuting(actionContext);
        }
예제 #2
0
        public string BuildAuthUrl(string url, string openId, string secret, string callback, CJDictionary txtParams, DateTime timestamp)
        {
            txtParams.Add(CALL_BACK, callback);
            //   txtParams.Add(VERSION, "1.0");
            txtParams.Add(OPEN_ID, openId);
            // txtParams.Add(FORMAT, format);
            //  txtParams.Add(PARTNER_ID, SDK_VERSION);
            txtParams.Add(TIMESTAMP, timestamp);
            // txtParams.Add(TOKEN, session);
            // txtParams.AddAll(this.systemParameters);

            // 添加签名参数
            txtParams.Add(SIGN, CJUtils.SignRequest(txtParams, secret));
            var webUtils = new WebUtils();
            return webUtils.BuildGetUrl(url, txtParams);
        }
        public ActionResult CallBack()
        {
            try
            {
                //验证回调地址
                var verifyPass = Request.Url != null && CJUtils.VerifyResponse(Request.Url.AbsoluteUri, Stands.SIGN_SECRET);
                if (!verifyPass) return Content("签名验证不通过,非法请求!");

                _logSSO.Info(Request.Url.AbsoluteUri);
                //通过令牌去拿凭证
                var token = Request["token"];
                var web = new WebUtils();
                var cacheInfo = web.DoGet(Stands.AUTH_HOST + "/Authorize/TokenGetCredence/", new CJDictionary { { "projectCode", Stands.PROJECT_CODE }, { "token", token } });
                var cacheLogin = Tools.JsonDeserialize<SSOData>(cacheInfo);
                if (!cacheLogin.IsLogin)
                {
                    return Content("您还没有登录,请重新登录!");
                }
                //将uid、token 写入cookie
                Tools.SetCookie(Stands.UID, cacheLogin.User.Uid);
                Tools.SetCookie(Stands.TOKEN, token);

                //请求之前的url
                var beq = Request[Stands.BEFORE_REQUEST_URL];
                _logSSO.Info("decode:" + beq);
                if (string.IsNullOrEmpty(beq))
                {
                    return Content("缺少返回地址:" + Request.Url.AbsoluteUri);
                }
                //执行自定义回调
                CallBacking(Request.Url.AbsoluteUri, cacheLogin.User);
                beq = WebUtils.UrlDecode(beq);
                _logSSO.Info(beq);
                return Redirect(beq);
            }
            catch (System.Exception ex)
            {
                _logSSO.Error(ex.Message);
                 return Content("服务器繁忙...");

            }
        }
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            if (filterContext == null
                || filterContext.HttpContext == null
                || filterContext.HttpContext.Request == null
                || filterContext.HttpContext.Request.Url == null){return;}
            var url = filterContext.HttpContext.Request.Url.AbsoluteUri;
            //不需要验证直接跳过
            if (NotCheck) return;

            var uid = Tools.GetCookie(Stands.UID);
            var token =Tools.GetCookie(Stands.TOKEN);

            if (string.IsNullOrEmpty(uid)||string.IsNullOrEmpty(token))
            {
                //ajax 判断
                if (filterContext.HttpContext.Request.IsAjaxRequest())
                {
                    filterContext.HttpContext.Response.Write("您还没有登录,请先登录");
                    return;
                }

                filterContext.Result = new RedirectResult(RouteUtils.GetAuthUrl(url));
                return;
            }

            WebUtils web = new WebUtils();
            var cacheInfo = web.DoGet(Stands.AUTH_HOST + "/Authorize/TokenGetCredence/", new CJDictionary { { "projectCode", Stands.PROJECT_CODE }, { "token", token } });
            var loginCache = Tools.JsonDeserialize<SSOData>(cacheInfo);

            if (!loginCache.IsLogin)
            {
                //保险起见删除本地cookie
                Tools.ClearCookie(Stands.UID);
                Tools.ClearCookie(Stands.TOKEN);
                Tools.ClearCookie(Stands.PROJECT_CODE);
                //ajax 判断
                if (filterContext.HttpContext.Request.IsAjaxRequest())
                {
                    filterContext.Result = new ContentResult { Content = "无权访问" };
                    return;
                }
                filterContext.Result = new RedirectResult(RouteUtils.GetAuthUrl(url));
                return;
            }

            //状态被修改为限制状态后跳转到指定页面
            if (loginCache.IsRedirect)
            {
                filterContext.Result = new RedirectResult(loginCache.Url);
                return;
            }
            //更新cookie
            Tools.SetCookie(Stands.UID, loginCache.User.Uid);
            Tools.SetCookie(Stands.TOKEN, token);

            base.OnActionExecuting(filterContext);
        }
 public ActionResult LoginOutFromSSO()
 {
     try
     {
         //取出当前token 准备删掉服务器中对应的凭证
         var token = Tools.GetCookie(Stands.TOKEN);
         if (string.IsNullOrEmpty(token))
         {
             return View();
         }
         var web = new WebUtils();
         var result = web.DoGet(Stands.AUTH_HOST + "/Authorize/ClearToken/", new CJDictionary { { "projectCode", Stands.PROJECT_CODE }, { "token", token } });
         if (result != "success") return Content("注销出现错误");
         Tools.ClearCookie(Stands.UID);
         Tools.ClearCookie(Stands.TOKEN);
         Tools.ClearCookie(Stands.CURRENT_PROJECT_CODE_KEY);
         return View();
     }
     catch (System.Exception ex)
     {
         _logSSO.Error(ex);
        return View();
     }
 }
예제 #6
0
 public string BuildAuthUrl(string url, CJDictionary txtParams, DateTime timestamp)
 {
     var webUtils = new WebUtils();
     return webUtils.BuildGetUrl(url, txtParams);
 }
예제 #7
0
 public string BuildUrl(string url, string secret, IDictionary<string, string> txtParams)
 {
     txtParams.Add(SIGN, CJUtils.SignRequest(txtParams, secret));
     var webUtils = new WebUtils();
     return webUtils.BuildGetUrl(url, txtParams);
 }
예제 #8
0
 public string BuildUrl(string url, IDictionary<string, string> txtParams)
 {
     var webUtils = new WebUtils();
     return webUtils.BuildGetUrl(url, txtParams);
 }