public ActionResult Callback()
{
var access_token = "";
var code = "";
try
{
code = Request.QueryString.Get("code");
if (string.IsNullOrEmpty(code))//没有code表示授权失败
{
return(Content("请从正规途径进入"));
}
var state = Request.QueryString.Get("state");
var cache_status = System.Web.HttpContext.Current.Cache.Get(state);
var redirect_url = cache_status == null ? "/" : cache_status.ToString();//没有获取到state,就跳转到首页
var scope = WeixinConfig.OauthScope;
access_token = WeixinConfig.TokenHelper.GetToken();//基础支持中的access_token
GetUserInfoResult UserInfo = OAuth2Api.GetUserId(access_token, code);
string userId = UserInfo.UserId;
string user_ticket = UserInfo.user_ticket;
GetUserDetailResult userDetail = OAuth2Api.GetUserDetail(access_token, user_ticket);
string userName = userDetail.name;
AuthorizationManager.SetTicket(false, 1, userId, userName);
Thread.Sleep(500);//暂停半秒钟,以等待IOS设置Cookies的延迟
LogWriter.Default.WriteInfo(string.Format("OAuth success: identity: {0} , name: {1} , redirect_rul:{2} ", code, userId, redirect_url));
EmployeeInfo employeeInfo = ms.EmployeeInfo.Find(userId);
if (employeeInfo == null)
{
string insStr = "INSERT INTO EmployeeInfo ([EmployeeNo],[EmployeeName],[EmployeePhone]) " +
"VALUES ('" + userId + "',N'" + userDetail.name + "','" + userDetail.mobile + "');";
BaseClass.OperateData(insStr);
}
else
{
string updStr = "UPDATE EmployeeInfo SET EmployeeName =N'" + userDetail.name +
"',EmployeePhone= '" + userDetail.mobile + "' WHERE EmployeeNo = '" + userId + "'";
BaseClass.OperateData(updStr);
}
return(new RedirectResult(redirect_url, true));
}
catch (Exception ex)
{
return(Content(ex.Message));
}
}
public ActionResult GetUser(String code)
{
if (code == null)
{
return(RedirectToAction("Anomaly"));
}
AccessTokenResult accessTokenResult = AccessTokenContainer.GetTokenResult(corpId, secret, false);
String accessToken = accessTokenResult.access_token;
//根据Code和 AccessToken 获取 user_ticket
// GetUserInfoResult userInfo = OAuth2Api.GetUserId(accessToken,code);
String user_ticket = Senparc.Weixin.Work.AdvancedAPIs.OAuth2Api.GetUserId(accessToken, code).user_ticket;
GetUserDetailResult userDetail = Senparc.Weixin.Work.AdvancedAPIs.OAuth2Api.GetUserDetail(accessToken, user_ticket);
String uName = userDetail.name;
Session["uname"] = uName;
return(RedirectToAction("Index"));
}
public ActionResult OAuth2Callback(string corpid, string accesstoken, string scope, string reurl, string code, string state)
{
//LogWriter.Info("OAuth2Callback:");
string url = reurl ?? "";
url = Base64Helper.DecodeBase64(url.Replace(" ", "+"));
if (string.IsNullOrEmpty(code))
{
LogWriter.Info(string.Format("qyid为“{0}”的OAuth2授权失败,原因:拒绝了授权", corpid));
return(Content("您拒绝了授权!"));
}
if (state != "JeffreySu" && state != "JeffreSu?10000skip=true")
{
//这里的state其实是会暴露给客户端的,验证能力很弱,这里只是演示一下
//实际上可以存任何想传递的数据,比如用户ID,并且需要结合例如下面的Session["OAuthAccessToken"]进行验证
LogWriter.Info(string.Format("qyid为“{0}”的OAuth2授权失败,原因:验证失败", corpid));
return(Content("验证失败!请从正规途径进入!"));
}
#region 校验
if (string.IsNullOrEmpty(reurl))
{
LogWriter.Info(string.Format("qyid为“{0}”的OAuth2Base获取失败,原因:reurl为空", corpid));
return(Content("非法访问"));
}
var account = GetAccount(corpid);
if (account == null)
{
LogWriter.Info(string.Format("qyid为“{0}”的OAuth2Base获取失败,原因:企业号不存在", corpid));
return(Content("非法访问"));
}
var passtoken = GetPassToken(account, accesstoken);
if (passtoken == null)
{
LogWriter.Info(string.Format("qyid为“{0}”的OAuth2Base获取失败,原因:accesstoken错误", corpid));
return(Content("非法访问"));
}
if (!ValidateOauth2Domain(passtoken, reurl))
{
LogWriter.Info(string.Format("qyid为“{0}”的OAuth2Base获取失败,原因:reurl{1}错误", corpid, reurl));
return(Content("非法访问"));
}
#endregion
//通过,用code换取access_token
GetUserInfoResult result = null;
var wxFO = Formula.FormulaHelper.CreateFO <WxFO>();
try
{
result = OAuth2Api.GetUserId(wxFO.GetAccessToken(corpid), code);
//LogWriter.Info("OAuth2Callback:GetUserId" + JsonHelper.ToJson(result));
}
catch (Exception ex)
{
LogWriter.Error(ex, string.Format("qyid为{0}的静默授权在通过code获取token时异常", corpid));
result = OAuth2Api.GetUserId(wxFO.GetAccessToken(corpid, true), code);
}
if (result.errcode != ReturnCode_QY.请求成功)
{
LogWriter.Info(string.Format("qyid为{0}的静默授权在通过code获取token时异常,原因:{1}", corpid, result.errmsg));
return(Content("错误:" + result.errmsg));
}
if (!string.IsNullOrEmpty(result.user_ticket) && !string.IsNullOrEmpty(result.UserId) && (scope == "snsapi_userinfo" || scope == "snsapi_privateinfo"))
{
GetUserDetailResult resultDetail = null;
try
{
resultDetail = CommonJsonSend.Send <GetUserDetailResult>(wxFO.GetAccessToken(corpid), "https://qyapi.weixin.qq.com/cgi-bin/user/getuserdetail?access_token={0}",
new {
user_ticket = result.user_ticket,
});
//LogWriter.Info("OAuth2Callback:Send" + JsonHelper.ToJson(resultDetail));
}
catch (Exception ex)
{
LogWriter.Error(ex, string.Format("qyid为{0}的认证授权在通过ticket获取详情时异常", corpid));
}
if (resultDetail != null && resultDetail.userid != null)
{
url = string.Format("{0}{1}userinfo={2}"
, url, url.Contains('?') ? "&" : "?", Base64Helper.EncodeBase64(JsonHelper.ToJson(new {
userid = result.UserId,
openid = result.OpenId,
name = resultDetail.name,
department = resultDetail.department,
position = resultDetail.position,
mobile = resultDetail.mobile,
gender = resultDetail.gender,
email = resultDetail.email,
avatar = resultDetail.avatar,
})));
//LogWriter.Info("OAuth2Callback:url1:" + url);
return(Redirect(url));
}
}
url = string.Format("{0}{1}userinfo={2}"
, url, url.Contains('?') ? "&" : "?", Base64Helper.EncodeBase64(JsonHelper.ToJson(new { userid = result.UserId, openid = result.OpenId })));
//LogWriter.Info("OAuth2Callback:url2:" + url);
return(Redirect(url));
}
