Exemplos de MSLibrary.SystemToken SystemLoginEndpoint em C# (CSharp)

Exemplo n.º 1

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

        /*public async Task<string> GetKeepLoginUrl(SystemLoginEndpoint endpoint, string strToken)
         * {
         *  //验证JWT是否正确
         *  var jwtResult = _securityService.ValidateJWT(endpoint.SecretKey, strToken);
         *  if (!jwtResult.ValidateResult.Result)
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.SystemLoginEndpointTokenValidateError,
         *          DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}失败，失败原因{2}",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strToken, jwtResult.ValidateResult.Description }
         *      };
         *
         *      //验证未通过，抛出异常
         *      throw new UtilityException((int)Errors.SystemLoginEndpointTokenValidateError, fragment);
         *  }
         *
         *  //从JWT字符串中获取令牌相关信息
         *  Dictionary<string, string> jwtInfo = jwtResult.Playload;
         *  //查找验证终结点名称
         *  if (!jwtInfo.TryGetValue("AuthorizationName", out string strAuthorizationName))
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName,
         *          DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中，找不到名称为{2}的信息",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strToken, "AuthorizationName" }
         *      };
         *
         *      throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment);
         *  }
         *  //查找用户信息键值对
         *  if (!jwtInfo.TryGetValue("UserInfoAttributes", out string strUserInfoAttributes))
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName,
         *          DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中，找不到名称为{2}的信息",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strToken, "UserInfoAttributes" }
         *      };
         *
         *      throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment);
         *  }
         *
         *  //查询出该登录终结点关联的验证终结点中相同名称的验证终结点
         *  //调用验证终结点的获取保持登录状态url方法
         *  var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, strAuthorizationName);
         *  if (authorizationEndpoint == null)
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName,
         *          DefaultFormatting = "名称为{0}的系统登录终结点中，找不到名称为{1}的关联认证终结点",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strAuthorizationName }
         *      };
         *
         *      throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment);
         *  }
         *
         *  return await authorizationEndpoint.GetKeepLoginUrl(strSystemToken);
         * }*/

        public async Task <string> GetLoginUrl(SystemLoginEndpoint endpoint, string authorizationName, string returnUrl)
        {
            //找到关联的验证终结点
            var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, authorizationName);

            if (authorizationEndpoint == null)
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName,
                    DefaultFormatting = "名称为{0}的系统登录终结点中，找不到名称为{1}的关联认证终结点",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, authorizationName
                    }
                };

                throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment);
            }

            //生成验证中心重定向地址
            var sysUrl = GenerateSystemLoginUrl(endpoint, authorizationEndpoint);

            return(await authorizationEndpoint.GetLoginUrl(sysUrl, returnUrl));
        }

Exemplo n.º 2

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

        private string GenerateSystemLoginUrl(SystemLoginEndpoint sysEndpoint, AuthorizationEndpoint authEndpoint)
        {
            var serviceReturnUrl = QueryHelpers.AddQueryString(sysEndpoint.BaseUrl, new Dictionary <string, string>()
            {
                { "sysname", sysEndpoint.Name }, { "authname", authEndpoint.Name }
            });

            return(serviceReturnUrl);
        }

Exemplo n.º 3

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

        public async Task <bool> ValidateClientRedirectUrl(SystemLoginEndpoint endpoint, string clientRedirectUrl)
        {
            bool result = false;

            foreach (var item in endpoint.ClientRedirectBaseUrls)
            {
                if (item.IsBaseOf(new Uri(clientRedirectUrl)))
                {
                    result = true;
                    break;
                }
            }

            return(await Task.FromResult(result));
        }

Exemplo n.º 4

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

        private async Task validateClientRedirectUrl(SystemLoginEndpoint endpoint, string clientRedirectUrl)
        {
            if (!await ValidateClientRedirectUrl(endpoint, clientRedirectUrl))
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.SystemLoginEndpointClientRedirectUrl,
                    DefaultFormatting = "名称为{0}的系统登录终结点中，客户端重定向地址{1}非法，合法地址的基地址必须为{2}",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, clientRedirectUrl, endpoint.ClientRedirectBaseUrls.ToDisplayString(async(item) => await Task.FromResult(item.ToString()), async() => await Task.FromResult(","))
                    }
                };

                throw new UtilityException((int)Errors.SystemLoginEndpointClientRedirectUrl, fragment);
            }
        }

Exemplo n.º 5

Arquivo: AuthorizationEndpoint.cs Projeto: rhw1111/DCEM

        public async Task <string> RefreshToken(AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint, string userKey, string systemToken)
        {
            var service = await GetService(endpoint);

            var newToken = await service.RefreshToken(endpoint.ThirdPartyConfiguration, systemToken);

            if (endpoint.KeepThirdPartyToken)
            {
                var record = await _thirdPartySystemTokenRecordStore.QueryByUserKey(userKey, loginEndpoint.ID, endpoint.ID);

                if (record != null)
                {
                    await _thirdPartySystemTokenRecordStore.UpdateToken(userKey, record.ID, newToken);
                }
            }

            return(newToken);
        }

Exemplo n.º 6

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

        /*public async Task<string> GetLogoutUrl(SystemLoginEndpoint endpoint, string strToken)
         * {
         *  //验证JWT是否正确
         *  var jwtResult = _securityService.ValidateJWT(endpoint.SecretKey, strToken);
         *  if (!jwtResult.ValidateResult.Result)
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.SystemLoginEndpointTokenValidateError,
         *          DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}失败，失败原因{2}",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strToken, jwtResult.ValidateResult.Description }
         *      };
         *
         *      //验证未通过，抛出异常
         *      throw new UtilityException((int)Errors.SystemLoginEndpointTokenValidateError,fragment);
         *  }
         *
         *  //从JWT字符串中获取令牌相关信息
         *  Dictionary<string, string> jwtInfo = jwtResult.Playload;
         *  //查找验证终结点名称
         *  if (!jwtInfo.TryGetValue("AuthorizationName", out string strAuthorizationName))
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName,
         *          DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中，找不到名称为{2}的信息",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strToken, "AuthorizationName" }
         *      };
         *
         *      throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment);
         *  }
         *  //查找用户信息键值对
         *  if (!jwtInfo.TryGetValue("UserInfoAttributes", out string strUserInfoAttributes))
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName,
         *          DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中，找不到名称为{2}的信息",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strToken, "UserInfoAttributes" }
         *      };
         *
         *      throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment);
         *  }
         *
         *
         *  //查询出该登录终结点关联的验证终结点中相同名称的验证终结点
         *  //调用验证终结点的获取登出url方法
         *  var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, strAuthorizationName);
         *  if (authorizationEndpoint == null)
         *  {
         *      var fragment = new TextFragment()
         *      {
         *          Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName,
         *          DefaultFormatting = "名称为{0}的系统登录终结点中，找不到名称为{1}的关联认证终结点",
         *          ReplaceParameters = new List<object>() { endpoint.Name, strAuthorizationName }
         *      };
         *
         *      throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment);
         *  }
         *
         *  var userInfoAttributes=JsonSerializerHelper.Deserialize<Dictionary<string, string>>(strUserInfoAttributes);
         *  if (userInfoAttributes==null)
         *  {
         *      userInfoAttributes = new Dictionary<string, string>();
         *  }
         *
         *  return await authorizationEndpoint.GetLogoutUrl(userInfoAttributes);
         * }
         */
        public async Task <string> GetCommonToken(SystemLoginEndpoint endpoint, string authorizationName, string userName, string password)
        {
            //找到关联的验证终结点
            var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, authorizationName);

            if (authorizationEndpoint == null)
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName,
                    DefaultFormatting = "名称为{0}的系统登录终结点中，找不到名称为{1}的关联认证终结点",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, authorizationName
                    }
                };

                throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment);
            }

            var authResult = await authorizationEndpoint.GetSystemTokenByPassword(endpoint, userName, password);

            var commonToken = new CommonToken()
            {
                SystemName         = endpoint.Name,
                AuthorizationName  = authorizationName,
                UserInfoAttributes = authResult.Attributes
            };


            //生成通用令牌的JWT字符串
            var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>()
            {
                { "SystemName", commonToken.SystemName }, { "AuthorizationName", commonToken.AuthorizationName }, { "UserInfoAttributes", JsonSerializerHelper.Serializer <Dictionary <string, string> >(commonToken.UserInfoAttributes) }
            }, endpoint.ExpireSecond);

            return(strCommonToken);
        }

Exemplo n.º 7

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

 public async Task <QueryResult <AuthorizationEndpoint> > GetAuthorizationEndpoint(SystemLoginEndpoint endpoint, string authorizationName, int page, int pageSize)
 {
     return(await _authorizationEndpointStore.QueryBySystemLoginEndpointRelationPage(endpoint.ID, authorizationName, page, pageSize));
 }

Exemplo n.º 8

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

 public async Task Delete(SystemLoginEndpoint endpoint)
 {
     await _systemLoginEndpointStore.Delete(endpoint.ID);
 }

Exemplo n.º 9

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

 public async Task AddAuthorizationEndpoint(SystemLoginEndpoint endpoint, Guid authorizationEndpointId)
 {
     await _authorizationEndpointStore.AddSystemLoginEndpointRelation(authorizationEndpointId, endpoint.ID);
 }

Exemplo n.º 10

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

 public async Task Add(SystemLoginEndpoint endpoint)
 {
     await _systemLoginEndpointStore.Add(endpoint);
 }

Exemplo n.º 11

Arquivo: AuthorizationEndpoint.cs Projeto: rhw1111/DCEM

 /// <summary>
 /// 刷新第三方令牌
 /// </summary>
 /// <param name="systemToken"></param>
 /// <returns></returns>
 public async Task <string> RefreshToken(SystemLoginEndpoint loginEndpoint, string userKey, string systemToken)
 {
     return(await _imp.RefreshToken(this, loginEndpoint, userKey, systemToken));
 }

Exemplo n.º 12

Arquivo: AuthorizationEndpoint.cs Projeto: rhw1111/DCEM

        public async Task <GetSystemTokenResult> GetSystemToken(AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint, string systemLoginRedirectUrl, string clientRedirectUrl)
        {
            GetSystemTokenResult result = new GetSystemTokenResult();
            var service = await GetService(endpoint);

            var postExecuteService = await GetPostExecuteService(endpoint);

            //获取第三方系统的令牌结果
            var getSystemTokenResult = await service.GetSystemToken(endpoint.ThirdPartyConfiguration, systemLoginRedirectUrl, clientRedirectUrl);

            result.Direct = getSystemTokenResult.Direct;


            //如果不是结果是直接，则需要进行后续处理
            if (getSystemTokenResult.Direct)
            {
                result.TokenResult = new ThirdPartySystemTokenResult()
                {
                    Attributes = getSystemTokenResult.Token.Attributes
                };

                if (postExecuteService != null)
                {
                    var postExecuteResult = await postExecuteService.Execute(getSystemTokenResult.Token.Attributes, endpoint.ThirdPartyPostConfiguration);

                    result.TokenResult.Attributes.Merge(postExecuteResult.UserInfoAttributes);
                    result.TokenResult.AdditionalRedirectUrlQueryAttributes = postExecuteResult.AdditionalRedirectUrlQueryAttributes;
                }


                await SaveTokenRecord(getSystemTokenResult.Token.Attributes, getSystemTokenResult.Token.Token, endpoint, loginEndpoint);
            }
            else
            {
                result.RedirectUrl = getSystemTokenResult.RedirectUrl;
            }


            return(result);
        }

Exemplo n.º 13

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

        public async Task <string> GetCommonToken(SystemLoginEndpoint endpoint, HttpRequest request)
        {
            //从request的query中获取authname
            if (!request.Query.TryGetValue("authname", out StringValues strAuthName))
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundAuthNameQuerystringInAuthRedirectUrl,
                    DefaultFormatting = "名称为{0}的系统登录终结点的第三方认证系统回调请求处理中，回调请求的Url中不包含authname参数，回调请求的Url为{1}",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, request.Path.Value
                    }
                };

                throw new UtilityException((int)Errors.NotFoundAuthNameQuerystringInAuthRedirectUrl, fragment);
            }

            //根据authname获取登录终结点下面关联的验证终结点
            AuthorizationEndpoint authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, strAuthName[0]);

            if (authorizationEndpoint == null)
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointCanExecuteCallback,
                    DefaultFormatting = "名称为{0}的系统登录终结点中，找不到可以处理从第三方认证系统回调请求的关联认证终结点，请求url为{1}",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, request.Path.Value
                    }
                };

                throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointCanExecuteCallback, fragment);
            }

            //调用验证终结点的方法，获取实际的重定向地址
            string redirectUrl = await authorizationEndpoint.GetRealRedirectUrl(request);

            //验证客户端重定向地址
            await validateClientRedirectUrl(endpoint, redirectUrl);

            //调用验证终结点的方法，获取第三方登陆系统处理后产生的键值对
            var authResult = await authorizationEndpoint.GetSystemAttributes(endpoint, request);


            //生成最终要重定向回接入方的Url
            var commonToken = new CommonToken()
            {
                SystemName         = endpoint.Name,
                AuthorizationName  = authorizationEndpoint.Name,
                UserInfoAttributes = authResult.Attributes
            };



            //生成通用令牌的JWT字符串
            var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>()
            {
                { "SystemName", commonToken.SystemName }, { "AuthorizationName", commonToken.AuthorizationName }, { "UserInfoAttributes", JsonSerializerHelper.Serializer <Dictionary <string, string> >(commonToken.UserInfoAttributes) }
            }, endpoint.ExpireSecond);
            //生成重定向回接入方系统的地址
            var strReturnUrl = QueryHelpers.AddQueryString(redirectUrl, authResult.AdditionalRedirectUrlQueryAttributes);

            strReturnUrl = QueryHelpers.AddQueryString(strReturnUrl, "commontoken", strCommonToken);

            return(strReturnUrl);
        }

Exemplo n.º 14

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

 public async Task RemoveAuthorizationEndpoint(SystemLoginEndpoint endpoint, Guid authorizationEndpointId)
 {
     await _authorizationEndpointStore.DeleteSystemLoginEndpointRelation(authorizationEndpointId, endpoint.ID);
 }

Exemplo n.º 15

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

        public async Task <string> RefreshToken(SystemLoginEndpoint endpoint, string strToken)
        {
            //验证JWT是否正确
            var jwtResult = _securityService.ValidateJWT(endpoint.SecretKey, strToken);

            if (!jwtResult.ValidateResult.Result)
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.SystemLoginEndpointTokenValidateError,
                    DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}失败，失败原因{2}",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, strToken, jwtResult.ValidateResult.Description
                    }
                };

                //验证未通过，抛出异常
                throw new UtilityException((int)Errors.SystemLoginEndpointTokenValidateError, fragment);
            }

            //从JWT字符串中获取令牌相关信息,这里需要补全代码
            Dictionary <string, string> jwtInfo = jwtResult.Playload;

            //查找验证终结点名称
            if (!jwtInfo.TryGetValue("AuthorizationName", out string strAuthorizationName))
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName,
                    DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中，找不到名称为{2}的信息",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, strToken, "AuthorizationName"
                    }
                };

                throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment);
            }
            //查找用户信息键值对
            if (!jwtInfo.TryGetValue("UserInfoAttributes", out string strUserInfoAttributes))
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName,
                    DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中，找不到名称为{2}的信息",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, strToken, "UserInfoAttributes"
                    }
                };

                throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment);
            }


            //查询出该登录终结点关联的验证终结点中相同名称的验证终结点
            //调用验证终结点的刷新方法

            /* var authorizationEndpoint= await GetAuthorizationEndpoint(endpoint, strAuthorizationName);
             * if (authorizationEndpoint==null)
             * {
             *   var fragment = new TextFragment()
             *   {
             *       Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName,
             *       DefaultFormatting = "名称为{0}的系统登录终结点中，找不到名称为{1}的关联认证终结点",
             *       ReplaceParameters = new List<object>() { endpoint.Name, strAuthorizationName }
             *   };
             *
             *   throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment);
             * }*/


            //重新生成通用令牌的JWT字符串
            var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>()
            {
                { "SystemName", endpoint.Name }, { "AuthorizationName", strAuthorizationName }, { "UserInfoAttributes", strUserInfoAttributes }
            }, endpoint.ExpireSecond);

            return(await Task.FromResult(strCommonToken));
        }

Exemplo n.º 16

Arquivo: AuthorizationEndpoint.cs Projeto: rhw1111/DCEM

        private async Task <string> GetUserKey(Dictionary <string, string> attributes, AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint)
        {
            if (!attributes.TryGetValue(loginEndpoint.UserInfoKey, out string userKey))
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundUserInfoKeyInThirdPartyTokenAttributes,
                    DefaultFormatting = "在登录终结点{0}、验证终结点{1}的第三方及后续处理中获取的令牌键值对中，找不到键为{2}的值",
                    ReplaceParameters = new List <object>()
                    {
                        loginEndpoint.Name, endpoint.Name, loginEndpoint.UserInfoKey
                    }
                };

                throw new UtilityException((int)Errors.NotFoundUserInfoKeyInThirdPartyTokenAttributes, fragment);
            }

            return(await Task.FromResult(userKey));
        }

Exemplo n.º 17

Arquivo: AuthorizationEndpoint.cs Projeto: rhw1111/DCEM

        private async Task SaveTokenRecord(Dictionary <string, string> attributes, string token, AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint)
        {
            if (!endpoint.KeepThirdPartyToken)
            {
                return;
            }
            var userKey = await GetUserKey(attributes, endpoint, loginEndpoint);

            var service = await GetService(endpoint);

            var record = await _thirdPartySystemTokenRecordStore.QueryByUserKey(userKey, loginEndpoint.ID, endpoint.ID);

            bool needUpdate = false;

            if (record == null)
            {
                record = new ThirdPartySystemTokenRecord()
                {
                    ID = Guid.NewGuid(),
                    AuthorizationEndpointID = endpoint.ID,
                    SystemLoginEndpointID   = loginEndpoint.ID,
                    LastRefeshTime          = DateTime.UtcNow,
                    Timeout = await service.GetTimeout(endpoint.ThirdPartyConfiguration),
                    Token   = token,
                    UserKey = userKey
                };

                try
                {
                    await _thirdPartySystemTokenRecordStore.Add(record);
                }
                catch (UtilityException ex)
                {
                    if (ex.Code == (int)Errors.ExistSameThirdPartySystemTokenRecord)
                    {
                        record = await _thirdPartySystemTokenRecordStore.QueryByUserKey(userKey, loginEndpoint.ID, endpoint.ID);

                        needUpdate = true;
                    }
                    else
                    {
                        throw ex;
                    }
                }
            }
            else
            {
                needUpdate = true;
            }

            if (needUpdate)
            {
                record.Timeout = await service.GetTimeout(endpoint.ThirdPartyConfiguration);

                record.LastRefeshTime = DateTime.UtcNow;
                record.Token          = token;

                await _thirdPartySystemTokenRecordStore.Update(record);
            }
        }

Exemplo n.º 18

Arquivo: AuthorizationEndpoint.cs Projeto: rhw1111/DCEM

        public async Task <ThirdPartySystemTokenResult> GetSystemTokenByPassword(AuthorizationEndpoint endpoint, SystemLoginEndpoint loginEndpoint, string userName, string password)
        {
            ThirdPartySystemTokenResult result = new ThirdPartySystemTokenResult();
            var service = await GetService(endpoint);

            var postExecuteService = await GetPostExecuteService(endpoint);

            var thirdPartyResult = await service.GetSystemTokenByPassword(endpoint.ThirdPartyConfiguration, userName, password);

            result.Attributes = thirdPartyResult.Attributes;

            if (postExecuteService != null)
            {
                var postExecuteResult = await postExecuteService.Execute(thirdPartyResult.Attributes, endpoint.ThirdPartyPostConfiguration);

                result.Attributes.Merge(postExecuteResult.UserInfoAttributes);
                result.AdditionalRedirectUrlQueryAttributes = postExecuteResult.AdditionalRedirectUrlQueryAttributes;
            }

            await SaveTokenRecord(thirdPartyResult.Attributes, thirdPartyResult.Token, endpoint, loginEndpoint);

            return(result);
        }

Exemplo n.º 19

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

 public async Task <AuthorizationEndpoint> GetAuthorizationEndpoint(SystemLoginEndpoint endpoint, Guid authorizationEndpointId)
 {
     return(await _authorizationEndpointStore.QueryBySystemLoginEndpointRelation(endpoint.ID, authorizationEndpointId));
 }

Exemplo n.º 20

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

        /// <summary>
        /// 获取通用令牌
        /// 返回结果有两种情况
        /// 1，直接获取通用令牌，返回重定向回接入方系统的地址，该地址包含通用令牌的字符串信息
        /// 2，需要重定向到第三方认证系统，返回第三方认证系统的地址
        /// </summary>
        /// <param name="endpoint"></param>
        /// <param name="authorizationName">验证终结点名称</param>
        /// <param name="returnUrl">接入方系统的重定向地址</param>
        /// <returns>获取通用令牌动作的结果</returns>
        public async Task <GetCommonTokenResult> GetCommonToken(SystemLoginEndpoint endpoint, string authorizationName, string returnUrl)
        {
            //验证客户端重定向地址
            await validateClientRedirectUrl(endpoint, returnUrl);

            //找到关联的验证终结点
            var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, authorizationName);

            if (authorizationEndpoint == null)
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName,
                    DefaultFormatting = "名称为{0}的系统登录终结点中，找不到名称为{1}的关联认证终结点",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, authorizationName
                    }
                };

                throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment);
            }
            //生成验证中心重定向地址
            var sysUrl = GenerateSystemLoginUrl(endpoint, authorizationEndpoint);

            //var serviceReturnUrl = $"{endpoint.BaseUrl}?returnurl={WebUtility.UrlEncode(returnUrl)}";
            //调用认证终结点的获取系统令牌的方法
            var authResult = await authorizationEndpoint.GetSystemToken(endpoint, sysUrl, returnUrl);

            //从接入方系统的returnUrl上面获取Querystring的键值对

            //从请求中获取querystring,将它转成键值对
            Dictionary <string, string> returnUrlKV = new Dictionary <string, string>();
            Uri returnUrlUri = new Uri(returnUrl);
            var dictKV       = QueryHelpers.ParseQuery(returnUrlUri.Query);

            foreach (var item in dictKV)
            {
                returnUrlKV.Add(item.Key, item.Value[0]);
            }


            GetCommonTokenResult result = new GetCommonTokenResult();

            if (authResult.Direct)
            {
                //组装结果
                result.Direct = true;
                var commonToken = new CommonToken()
                {
                    SystemName         = endpoint.Name,
                    AuthorizationName  = authorizationName,
                    UserInfoAttributes = authResult.TokenResult.Attributes
                };

                //生成通用令牌的JWT字符串
                var strCommonToken = _securityService.GenerateJWT(endpoint.SecretKey, new Dictionary <string, string>()
                {
                    { "SystemName", commonToken.SystemName }, { "AuthorizationName", commonToken.AuthorizationName }, { "UserInfoAttributes", JsonSerializerHelper.Serializer <Dictionary <string, string> >(commonToken.UserInfoAttributes) }
                }, endpoint.ExpireSecond);
                //生成重定向回接入方系统的地址
                var strReturnUrl = QueryHelpers.AddQueryString(returnUrl, authResult.TokenResult.AdditionalRedirectUrlQueryAttributes);
                strReturnUrl = QueryHelpers.AddQueryString(strReturnUrl, "commontoken", strCommonToken);

                result.CommonTokenRedirectUrl = strReturnUrl;
            }
            else
            {
                result.Direct      = false;
                result.RedirectUrl = authResult.RedirectUrl;
            }

            return(result);
        }

Exemplo n.º 21

Arquivo: AuthorizationEndpoint.cs Projeto: rhw1111/DCEM

 /// <summary>
 /// 获取针对第三方登陆系统回调的处理后获得的令牌结果
 /// </summary>
 /// <param name="request">回调请求</param>
 /// <returns></returns>
 public async Task <ThirdPartySystemTokenResult> GetSystemAttributes(SystemLoginEndpoint loginEndpoint, HttpRequest request)
 {
     return(await _imp.GetSystemAttributes(this, loginEndpoint, request));
 }

Exemplo n.º 22

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

 public async Task Update(SystemLoginEndpoint endpoint)
 {
     await _systemLoginEndpointStore.Update(endpoint);
 }

Exemplo n.º 23

Arquivo: AuthorizationEndpoint.cs Projeto: rhw1111/DCEM

 /// <summary>
 /// 根据用户名密码获取第三方令牌键值对
 /// </summary>
 /// <param name="userName"></param>
 /// <param name="password"></param>
 /// <returns></returns>
 public async Task <ThirdPartySystemTokenResult> GetSystemTokenByPassword(SystemLoginEndpoint loginEndpoint, string userName, string password)
 {
     return(await _imp.GetSystemTokenByPassword(this, loginEndpoint, userName, password));
 }

Exemplo n.º 24

Arquivo: SystemLoginEndpoint.cs Projeto: rhw1111/DCEM

        public async Task LogoutToken(SystemLoginEndpoint endpoint, string strToken)
        {
            //验证JWT是否正确
            var jwtResult = _securityService.ValidateJWT(endpoint.SecretKey, strToken);

            if (!jwtResult.ValidateResult.Result)
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.SystemLoginEndpointTokenValidateError,
                    DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}失败，失败原因{2}",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, strToken, jwtResult.ValidateResult.Description
                    }
                };

                //验证未通过，抛出异常
                throw new UtilityException((int)Errors.SystemLoginEndpointTokenValidateError, fragment);
            }

            //从JWT字符串中获取令牌相关信息,这里需要补全代码
            Dictionary <string, string> jwtInfo = jwtResult.Playload;

            //查找验证终结点名称
            if (!jwtInfo.TryGetValue("AuthorizationName", out string strAuthorizationName))
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName,
                    DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中，找不到名称为{2}的信息",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, strToken, "AuthorizationName"
                    }
                };

                throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment);
            }
            //查找用户信息键值对
            if (!jwtInfo.TryGetValue("UserInfoAttributes", out string strUserInfoAttributes))
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName,
                    DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中，找不到名称为{2}的信息",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, strToken, "UserInfoAttributes"
                    }
                };

                throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment);
            }
            //查找第三方验证系统的系统令牌
            if (!jwtInfo.TryGetValue("SystemToken", out string strSystemToken))
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundInfoInSystemLoginEndpointTokenByName,
                    DefaultFormatting = "名称为{0}的系统登录终结点验证令牌字符串{1}中，找不到名称为{2}的信息",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, strToken, "SystemToken"
                    }
                };

                throw new UtilityException((int)Errors.NotFoundInfoInSystemLoginEndpointTokenByName, fragment);
            }

            //查询出该登录终结点关联的验证终结点中相同名称的验证终结点
            //调用验证终结点的登出方法
            var authorizationEndpoint = await GetAuthorizationEndpoint(endpoint, strAuthorizationName);

            if (authorizationEndpoint == null)
            {
                var fragment = new TextFragment()
                {
                    Code = TextCodes.NotFoundAuthorizationEndpointInSystemLoginEndpointByName,
                    DefaultFormatting = "名称为{0}的系统登录终结点中，找不到名称为{1}的关联认证终结点",
                    ReplaceParameters = new List <object>()
                    {
                        endpoint.Name, strAuthorizationName
                    }
                };
                throw new UtilityException((int)Errors.NotFoundAuthorizationEndpointInSystemLoginEndpointByName, fragment);
            }

            await authorizationEndpoint.Logout(strSystemToken);
        }

Exemplo n.º 25

Arquivo: AuthorizationEndpoint.cs Projeto: rhw1111/DCEM

 /// <summary>
 /// 获取第三方令牌键值对
 /// </summary>
 /// <param name="systemLoginRedirectUrl">验证中心的重定向地址</param>
 /// <param name="clientRedirectUrl">客户端重定向地址</param>
 /// <returns>获取系统令牌动作的结果</returns>
 public async Task <GetSystemTokenResult> GetSystemToken(SystemLoginEndpoint loginEndpoint, string systemLoginRedirectUrl, string clientRedirectUrl)
 {
     return(await _imp.GetSystemToken(this, loginEndpoint, systemLoginRedirectUrl, clientRedirectUrl));
 }