Exemplo n.º 1
0
        /// <summary>
        /// 设置 cookie
        /// </summary>
        /// <param name="cookieInfo"></param>
        /// <param name="cookieName"></param>
        /// <param name="cookieDomain">默认是本域名</param>
        /// <param name="cookieTimeoutMinutes"></param>
        public static void SetAuthCookie(SSOCookieInfo cookieInfo, string cookieName, string cookieDomain = null,
                                         int cookieTimeoutMinutes = 20)
        {
            var cookieValue = EncryptSSOCookieValue(cookieInfo);

            var cookie = new HttpCookie(cookieName, cookieValue)
                         {
                             HttpOnly = true,
                             Expires = DateTime.Now.AddMinutes(cookieTimeoutMinutes),
                             Domain = cookieDomain
                         };

            if (CurrentResponse != null)
            {
                CurrentResponse.SetCookie(cookie);
            }
        }
Exemplo n.º 2
0
        public static ClaimsPrincipal GenerateClaimsPrincipal(SSOCookieInfo cookieInfo)
        {
            if (cookieInfo == null)
            {
                return null;
            }

            // 有身份信息,构建基础身份信息
            var claims = new List<Claim>()
            {
                new Claim(ClaimTypes.Name, cookieInfo.Name),
                new Claim(ClaimTypes.NameIdentifier, cookieInfo.Alias),
            };
            var identity = new ClaimsIdentity(claims, "uoko-sso-internal");
            var principal = new ClaimsPrincipal(identity);
            return principal;
        }
Exemplo n.º 3
0
        public ActionResult Login(LoginModel model, string returnUrl, string appKey)
        {
            if (!ModelState.IsValid)
            {
                return View(model);
            }

            var userInfo = UserBiz.GetUserInfo(model.UserName, model.Password);
            if (userInfo == null)
            {
                // 验证不通过
                ModelState.AddModelError("", "提供的用户名或密码不正确。");
                return View(model);
            }

            // 验证通过
            var cookieInfo = new SSOCookieInfo() {Alias = userInfo.Alias, Name = userInfo.Name};
            SSOAuthentication.SetAuthCookie(cookieInfo, ServerConfig.CookieName, ServerConfig.CookieDomain);

            if (string.IsNullOrWhiteSpace(returnUrl))
            {
                return RedirectToAction("Index", "Home");
            }

            if (Url.IsLocalUrl(returnUrl))
            {
                return Redirect(returnUrl);
            }
            else
            {
                // 如果存在 returnUrl 进行判断

                var sameDomain = true;
                try
                {
                    sameDomain = new Uri(returnUrl).Host.EndsWith(ServerConfig.CookieDomain);
                }
                catch
                {
                }

                // 如果这是一个非同域, 那么需要生成token附加链接,
                // 否者直接跳转进行到同域进行认证登陆.
                if (!sameDomain)
                {
                    // issue token
                    var ticket = new CasTicket()
                                 {
                                     AppKey = appKey,
                                     UserAlias = userInfo.Alias,
                                     UserName = userInfo.Name,
                                 };
                    var token = CacheTickets.IssueToken(ticket);
                    returnUrl = GetValidateTokenUrl(returnUrl, token);
                }

            }

            return Redirect(returnUrl);
        }
Exemplo n.º 4
0
        private static void SetLocalCookie(HttpContextBase ctx, SSOCookieInfo cookieInfo)
        {
            if (ctx == null)
            {
                return;
            }

            SSOAuthentication.SetAuthCookie(cookieInfo, ClientInfo.LocalCookieName);
        }
Exemplo n.º 5
0
        private static IPrincipal GetPrincipalInfoFromServer(HttpContextBase ctx, string token)
        {
            var requestUrl = ClientInfo.ServerUrl + "/Account/ValidateToken";
            var client = new HttpClient();
            var dic = new Dictionary<string, string>()
                      {
                          {"token", token},
                          {"appKey", ClientInfo.AppKey}
                      };
            var sendInfo = new FormUrlEncodedContent(dic);

            CasTicket ticket = null;
            try
            {
                ticket = client.PostAsync(new Uri(requestUrl), sendInfo)
                               .Result.Content.ReadAsAsync<CasTicket>()
                               .Result;
            }
            catch (Exception ex)
            {
                // todo : log exception   
            }

            if (ticket == null)
            {
                return null;
            }

            var cookieInfo = new SSOCookieInfo()
                             {
                                 Alias = ticket.UserAlias,
                                 Name = ticket.UserName,
                             };


            IPrincipal userInfo = null;
            if (!string.IsNullOrWhiteSpace(cookieInfo.Alias))
            {
                userInfo = SSOAuthentication.GenerateClaimsPrincipal(cookieInfo);
                if (SetLocalCookieFunc != null)
                {

                    SetLocalCookieFunc(ctx, cookieInfo);
                }
                else
                {
                    SetLocalCookie(ctx, cookieInfo);
                }
            }

            return userInfo;
        }
Exemplo n.º 6
0
        private static string EncryptSSOCookieValue(SSOCookieInfo cookieInfo)
        {
            var cookieValue = JsonConvert.SerializeObject(cookieInfo);


            using (var des = new TripleDESCryptoServiceProvider() { Key = AesKey, IV = AesIV })
            {
                var cookieValueBytes = Encoding.UTF8.GetBytes(cookieValue);
                using (var ms = new MemoryStream())
                {
                    using (var cs = new CryptoStream(ms, des.CreateEncryptor(),
                                                     CryptoStreamMode.Write))
                    {
                        cs.Write(cookieValueBytes, 0, cookieValueBytes.Length);
                        cs.FlushFinalBlock();
                    }

                    return Convert.ToBase64String(ms.ToArray());
                }
            }
        }