// ------------------------------------------------------- // 接口地址:/api/connect.auth.authorize.aspx // ------------------------------------------------------- #region 函数:GetAuthorizeCode(XmlDocument doc) /// <summary>获取详细信息</summary> /// <param name="doc">Xml 文档对象</param> /// <returns>返回操作结果</returns> public string GetAuthorizeCode(XmlDocument doc) { StringBuilder outString = new StringBuilder(); string clientId = XmlHelper.Fetch("clientId", doc); string redirectUri = XmlHelper.Fetch("redirectUri", doc); string responseType = XmlHelper.Fetch("responseType", doc); string scope = XmlHelper.Fetch("scope", doc); string style = XmlHelper.Fetch("style", doc); string loginName = XmlHelper.Fetch("loginName", doc); string password = XmlHelper.Fetch("password", doc); if (string.IsNullOrEmpty(loginName) || string.IsNullOrEmpty(password)) { HttpContentTypeHelper.SetValue("html"); return(CreateLoginPage(clientId, redirectUri, responseType, scope)); } else { // 当前用户信息 IAccountInfo account = MembershipManagement.Instance.AccountService.LoginCheck(loginName, password); if (account == null) { if (string.IsNullOrEmpty(responseType)) { outString.Append("{\"message\":{\"returnCode\":1,\"value\":\"帐号或者密码错误。\"}}"); return(outString.ToString()); } else { // 输出登录页面 // 设置输出的内容类型,默认为 html 格式。 HttpContentTypeHelper.SetValue("html"); return(CreateLoginPage(clientId, redirectUri, responseType, scope)); } } else { // 检验是否有授权码 if (!ConnectContext.Instance.ConnectAuthorizationCodeService.IsExist(clientId, account.Id)) { ConnectAuthorizationCodeInfo authorizationCode = new ConnectAuthorizationCodeInfo(); authorizationCode.Id = DigitalNumberContext.Generate("Key_32DigitGuid"); authorizationCode.AppKey = clientId; authorizationCode.AccountId = account.Id; authorizationCode.AuthorizationScope = string.IsNullOrEmpty(scope) ? "public" : scope; ConnectContext.Instance.ConnectAuthorizationCodeService.Save(authorizationCode); } // 设置访问令牌 ConnectContext.Instance.ConnectAccessTokenService.Write(clientId, account.Id); // 设置会话信息 ConnectAccessTokenInfo token = ConnectContext.Instance.ConnectAccessTokenService.FindOneByAccountId(clientId, account.Id); // 记录日志 string ip = IPQueryContext.GetClientIP(); MembershipManagement.Instance.AccountService.SetIPAndLoginDate(account.Id, ip, DateTime.Now); MembershipManagement.Instance.AccountLogService.Log(account.Id, "connect.auth.authorize", string.Format("【{0}】在 {1} 登录了系统。【IP:{2}】", account.Name, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), ip)); string sessionId = token.AccountId + "-" + token.Id; KernelContext.Current.AuthenticationManagement.AddSession(clientId, sessionId, account); HttpAuthenticationCookieSetter.SetUserCookies(sessionId); string code = ConnectContext.Instance.ConnectAuthorizationCodeService.GetAuthorizationCode(clientId, account); // responseType == null 则输出令牌信息 if (string.IsNullOrEmpty(responseType)) { outString.Append("{\"data\":" + AjaxUtil.Parse <ConnectAccessTokenInfo>(token) + ","); outString.Append("\"message\":{\"returnCode\":0,\"value\":\"验证成功。\"}}"); string callback = XmlHelper.Fetch("callback", doc); return(string.IsNullOrEmpty(callback) ? outString.ToString() : callback + "(" + outString.ToString() + ")"); } else if (responseType == "code") { HttpContext.Current.Response.Redirect(CombineUrlAndAuthorizationCode(redirectUri, code)); } else if (responseType == "token") { HttpContext.Current.Response.Redirect(CombineUrlAndAccessToken(redirectUri, token)); } else { HttpContext.Current.Response.Redirect(CombineUrlAndAuthorizationCode(redirectUri, code)); } } } outString.Append("{\"message\":{\"returnCode\":0,\"value\":\"执行成功。\"}}"); return(outString.ToString()); }
/// <summary></summary> public override void ProcessRequest(HttpContext context) { string responseText = string.Empty; // 示例: /api/application.method.hi.aspx // 获取客户端签名 clientId 和 clientSecret 或 clientId, clientSignature, timestamp, nonce string clientId = this.TryFetchRequstValue(context, "clientId", "client_id"); string clientSecret = this.TryFetchRequstValue(context, "clientSecret", "client_secret"); string clientSignature = this.TryFetchRequstValue(context, "clientSignature", "client_signature"); string timestamp = context.Request["timestamp"] == null ? string.Empty : context.Request["timestamp"]; string nonce = context.Request["nonce"] == null ? string.Empty : context.Request["nonce"]; string accessToken = this.TryFetchRequstValue(context, "accessToken", "access_token"); string name = context.Request.QueryString["name"]; // 验证权限 bool allowAccess = false; if (!string.IsNullOrEmpty(accessToken) && ConnectContext.Instance.ConnectAccessTokenService.IsExist(accessToken)) { // 验证会话 allowAccess = true; } else if (!string.IsNullOrEmpty(clientId)) { // 2.第三方应用连接 ConnectInfo connect = ConnectContext.Instance.ConnectService[clientId]; if (connect == null) { allowAccess = false; } else { if (!string.IsNullOrEmpty(clientSignature) && !string.IsNullOrEmpty(timestamp) && !string.IsNullOrEmpty(nonce)) { // 加密方式签名 var signature = Encrypter.EncryptSHA1(Encrypter.SortAndConcat(connect.AppSecret, timestamp, nonce)); if (clientSignature == signature) { allowAccess = true; } } else if (!string.IsNullOrEmpty(clientSecret) && connect.AppSecret == clientSecret) { // 明文客户端密钥 allowAccess = true; } else if (name == "connect.auth.authorize" || name == "connect.auth.token" || name == "connect.auth.callback" || name == "connect.oauth2.authorize" || name == "connect.oauth2.token" || name == "connect.oauth2.callback" || name == "session.me") { // 3.如果以上场景都不是,确认是否是用户登录验证的方法 allowAccess = true; } else { allowAccess = false; } } } else if (name == "membership.member.login" || name == "session.me") { // 3.如果以上场景都不是,确认是否是用户登录验证的方法 allowAccess = true; } if (!allowAccess) { ApplicationError.Write(401); } string xml = (context.Request.Form["xhr-xml"] == null) ? string.Empty : context.Request.Form["xhr-xml"]; if (!string.IsNullOrEmpty(name) && (!string.IsNullOrEmpty(xml) || context.Request.QueryString.Count > 1)) { XmlDocument doc = new XmlDocument(); if (string.IsNullOrEmpty(xml)) { doc.LoadXml("<?xml version=\"1.0\" encoding=\"utf-8\" ?>\r\n<root></root>"); } else { doc.LoadXml(xml); } // 将 QueryString 中,除 xhr-name 外的所有参数转为统一的Xml文档的数据 if (context.Request.QueryString.Count > 1) { for (int i = 0; i < context.Request.QueryString.Count; i++) { if (context.Request.QueryString.Keys[i] == null) { continue; } if (context.Request.QueryString.Keys[i] != "xhr-name") { XmlElement element = CreateXmlElement(doc, context.Request.QueryString.Keys[i]); element.InnerText = context.Request.QueryString[i]; doc.DocumentElement.AppendChild(element); } } } // 将表单中,除 xhr-name 和 xhr-xml 外的所有参数转为统一的Xml文档的数据 if (context.Request.HttpMethod == "POST" && context.Request.Form.Count > 1) { for (int i = 0; i < context.Request.Form.Count; i++) { if (context.Request.Form.Keys[i] == null) { continue; } if (context.Request.Form.Keys[i] != "xhr-name" && context.Request.Form.Keys[i] != "xhr-xml") { XmlElement element = CreateXmlElement(doc, context.Request.Form.Keys[i]); element.InnerText = context.Request.Form[i]; doc.DocumentElement.AppendChild(element); } } } string clientTargetObject = XmlHelper.Fetch("clientTargetObject", doc); string resultType = (context.Request.Form["resultType"] == null) ? "json" : context.Request.Form["resultType"]; // 设置输出的内容类型,默认为 json 格式。 HttpContentTypeHelper.SetValue(resultType); try { // 记录 if (ConnectConfigurationView.Instance.EnableCallLog == "ON") { ConnectCallInfo call = new ConnectCallInfo(clientId, context.Request.RawUrl, doc.InnerXml); try { call.Start(); responseText = X3Platform.Web.APIs.Methods.MethodInvoker.Invoke(name, doc, logger); call.ReturnCode = 0; } catch { call.ReturnCode = 1; throw; } finally { call.Finish(); call.IP = IPQueryContext.GetClientIP(); ConnectContext.Instance.ConnectCallService.Save(call); } } else { responseText = X3Platform.Web.APIs.Methods.MethodInvoker.Invoke(name, doc, logger); } if (resultType == "json" && responseText.IndexOf("\"message\":") > -1 && !string.IsNullOrEmpty(clientTargetObject)) { responseText = responseText.Insert(responseText.IndexOf("\"message\":"), "\"clientTargetObject\":\"" + clientTargetObject + "\","); } } catch (ThreadAbortException threadAbortException) { responseText = "{\"message\":{" + "\"returnCode\":\"2\"," + "\"category\":\"exception\"," + "\"value\":\"" + StringHelper.ToSafeJson(threadAbortException.Message) + "\"," + "\"description\":\"" + StringHelper.ToSafeJson(threadAbortException.ToString()) + "\"" + "}}"; } catch (Exception generalException) { responseText = "{\"message\":{" + "\"returnCode\":\"1\"," + "\"category\":\"exception\"," + "\"value\":\"" + StringHelper.ToSafeJson(generalException.Message) + "\"," + "\"description\":\"" + StringHelper.ToSafeJson(generalException.ToString()) + "\"" + "}}"; } HttpContext.Current.Response.ContentType = HttpContentTypeHelper.GetValue(true); HttpContext.Current.Response.Write(responseText); HttpContext.Current.Response.End(); } }