// -------------------------------------------------------
// 接口地址:/api/connect.auth.authorize.aspx
// -------------------------------------------------------
#region 函数:GetAuthorizeCode(XmlDocument doc)
/// <summary>获取详细信息</summary>
/// <param name="doc">Xml 文档对象</param>
/// <returns>返回操作结果</returns>
public string GetAuthorizeCode(XmlDocument doc)
{
StringBuilder outString = new StringBuilder();
string clientId = XmlHelper.Fetch("clientId", doc);
string redirectUri = XmlHelper.Fetch("redirectUri", doc);
string responseType = XmlHelper.Fetch("responseType", doc);
string scope = XmlHelper.Fetch("scope", doc);
string style = XmlHelper.Fetch("style", doc);
string loginName = XmlHelper.Fetch("loginName", doc);
string password = XmlHelper.Fetch("password", doc);
if (string.IsNullOrEmpty(loginName) || string.IsNullOrEmpty(password))
{
HttpContentTypeHelper.SetValue("html");
return(CreateLoginPage(clientId, redirectUri, responseType, scope));
}
else
{
// 当前用户信息
IAccountInfo account = MembershipManagement.Instance.AccountService.LoginCheck(loginName, password);
if (account == null)
{
if (string.IsNullOrEmpty(responseType))
{
outString.Append("{\"message\":{\"returnCode\":1,\"value\":\"帐号或者密码错误。\"}}");
return(outString.ToString());
}
else
{
// 输出登录页面
// 设置输出的内容类型,默认为 html 格式。
HttpContentTypeHelper.SetValue("html");
return(CreateLoginPage(clientId, redirectUri, responseType, scope));
}
}
else
{
// 检验是否有授权码
if (!ConnectContext.Instance.ConnectAuthorizationCodeService.IsExist(clientId, account.Id))
{
ConnectAuthorizationCodeInfo authorizationCode = new ConnectAuthorizationCodeInfo();
authorizationCode.Id = DigitalNumberContext.Generate("Key_32DigitGuid");
authorizationCode.AppKey = clientId;
authorizationCode.AccountId = account.Id;
authorizationCode.AuthorizationScope = string.IsNullOrEmpty(scope) ? "public" : scope;
ConnectContext.Instance.ConnectAuthorizationCodeService.Save(authorizationCode);
}
// 设置访问令牌
ConnectContext.Instance.ConnectAccessTokenService.Write(clientId, account.Id);
// 设置会话信息
ConnectAccessTokenInfo token = ConnectContext.Instance.ConnectAccessTokenService.FindOneByAccountId(clientId, account.Id);
// 记录日志
string ip = IPQueryContext.GetClientIP();
MembershipManagement.Instance.AccountService.SetIPAndLoginDate(account.Id, ip, DateTime.Now);
MembershipManagement.Instance.AccountLogService.Log(account.Id, "connect.auth.authorize", string.Format("【{0}】在 {1} 登录了系统。【IP:{2}】", account.Name, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), ip));
string sessionId = token.AccountId + "-" + token.Id;
KernelContext.Current.AuthenticationManagement.AddSession(clientId, sessionId, account);
HttpAuthenticationCookieSetter.SetUserCookies(sessionId);
string code = ConnectContext.Instance.ConnectAuthorizationCodeService.GetAuthorizationCode(clientId, account);
// responseType == null 则输出令牌信息
if (string.IsNullOrEmpty(responseType))
{
outString.Append("{\"data\":" + AjaxUtil.Parse <ConnectAccessTokenInfo>(token) + ",");
outString.Append("\"message\":{\"returnCode\":0,\"value\":\"验证成功。\"}}");
string callback = XmlHelper.Fetch("callback", doc);
return(string.IsNullOrEmpty(callback)
? outString.ToString()
: callback + "(" + outString.ToString() + ")");
}
else if (responseType == "code")
{
HttpContext.Current.Response.Redirect(CombineUrlAndAuthorizationCode(redirectUri, code));
}
else if (responseType == "token")
{
HttpContext.Current.Response.Redirect(CombineUrlAndAccessToken(redirectUri, token));
}
else
{
HttpContext.Current.Response.Redirect(CombineUrlAndAuthorizationCode(redirectUri, code));
}
}
}
outString.Append("{\"message\":{\"returnCode\":0,\"value\":\"执行成功。\"}}");
return(outString.ToString());
}
/// <summary></summary>
public override void ProcessRequest(HttpContext context)
{
string responseText = string.Empty;
// 示例: /api/application.method.hi.aspx
// 获取客户端签名 clientId 和 clientSecret 或 clientId, clientSignature, timestamp, nonce
string clientId = this.TryFetchRequstValue(context, "clientId", "client_id");
string clientSecret = this.TryFetchRequstValue(context, "clientSecret", "client_secret");
string clientSignature = this.TryFetchRequstValue(context, "clientSignature", "client_signature");
string timestamp = context.Request["timestamp"] == null ? string.Empty : context.Request["timestamp"];
string nonce = context.Request["nonce"] == null ? string.Empty : context.Request["nonce"];
string accessToken = this.TryFetchRequstValue(context, "accessToken", "access_token");
string name = context.Request.QueryString["name"];
// 验证权限
bool allowAccess = false;
if (!string.IsNullOrEmpty(accessToken) && ConnectContext.Instance.ConnectAccessTokenService.IsExist(accessToken))
{
// 验证会话
allowAccess = true;
}
else if (!string.IsNullOrEmpty(clientId))
{
// 2.第三方应用连接
ConnectInfo connect = ConnectContext.Instance.ConnectService[clientId];
if (connect == null)
{
allowAccess = false;
}
else
{
if (!string.IsNullOrEmpty(clientSignature) && !string.IsNullOrEmpty(timestamp) && !string.IsNullOrEmpty(nonce))
{
// 加密方式签名
var signature = Encrypter.EncryptSHA1(Encrypter.SortAndConcat(connect.AppSecret, timestamp, nonce));
if (clientSignature == signature)
{
allowAccess = true;
}
}
else if (!string.IsNullOrEmpty(clientSecret) && connect.AppSecret == clientSecret)
{
// 明文客户端密钥
allowAccess = true;
}
else if (name == "connect.auth.authorize" || name == "connect.auth.token" || name == "connect.auth.callback" || name == "connect.oauth2.authorize" || name == "connect.oauth2.token" || name == "connect.oauth2.callback" || name == "session.me")
{
// 3.如果以上场景都不是,确认是否是用户登录验证的方法
allowAccess = true;
}
else
{
allowAccess = false;
}
}
}
else if (name == "membership.member.login" || name == "session.me")
{
// 3.如果以上场景都不是,确认是否是用户登录验证的方法
allowAccess = true;
}
if (!allowAccess)
{
ApplicationError.Write(401);
}
string xml = (context.Request.Form["xhr-xml"] == null) ? string.Empty : context.Request.Form["xhr-xml"];
if (!string.IsNullOrEmpty(name) && (!string.IsNullOrEmpty(xml) || context.Request.QueryString.Count > 1))
{
XmlDocument doc = new XmlDocument();
if (string.IsNullOrEmpty(xml))
{
doc.LoadXml("<?xml version=\"1.0\" encoding=\"utf-8\" ?>\r\n<root></root>");
}
else
{
doc.LoadXml(xml);
}
// 将 QueryString 中,除 xhr-name 外的所有参数转为统一的Xml文档的数据
if (context.Request.QueryString.Count > 1)
{
for (int i = 0; i < context.Request.QueryString.Count; i++)
{
if (context.Request.QueryString.Keys[i] == null)
{
continue;
}
if (context.Request.QueryString.Keys[i] != "xhr-name")
{
XmlElement element = CreateXmlElement(doc, context.Request.QueryString.Keys[i]);
element.InnerText = context.Request.QueryString[i];
doc.DocumentElement.AppendChild(element);
}
}
}
// 将表单中,除 xhr-name 和 xhr-xml 外的所有参数转为统一的Xml文档的数据
if (context.Request.HttpMethod == "POST" && context.Request.Form.Count > 1)
{
for (int i = 0; i < context.Request.Form.Count; i++)
{
if (context.Request.Form.Keys[i] == null)
{
continue;
}
if (context.Request.Form.Keys[i] != "xhr-name" && context.Request.Form.Keys[i] != "xhr-xml")
{
XmlElement element = CreateXmlElement(doc, context.Request.Form.Keys[i]);
element.InnerText = context.Request.Form[i];
doc.DocumentElement.AppendChild(element);
}
}
}
string clientTargetObject = XmlHelper.Fetch("clientTargetObject", doc);
string resultType = (context.Request.Form["resultType"] == null) ? "json" : context.Request.Form["resultType"];
// 设置输出的内容类型,默认为 json 格式。
HttpContentTypeHelper.SetValue(resultType);
try
{
// 记录
if (ConnectConfigurationView.Instance.EnableCallLog == "ON")
{
ConnectCallInfo call = new ConnectCallInfo(clientId, context.Request.RawUrl, doc.InnerXml);
try
{
call.Start();
responseText = X3Platform.Web.APIs.Methods.MethodInvoker.Invoke(name, doc, logger);
call.ReturnCode = 0;
}
catch
{
call.ReturnCode = 1;
throw;
}
finally
{
call.Finish();
call.IP = IPQueryContext.GetClientIP();
ConnectContext.Instance.ConnectCallService.Save(call);
}
}
else
{
responseText = X3Platform.Web.APIs.Methods.MethodInvoker.Invoke(name, doc, logger);
}
if (resultType == "json" &&
responseText.IndexOf("\"message\":") > -1 &&
!string.IsNullOrEmpty(clientTargetObject))
{
responseText = responseText.Insert(responseText.IndexOf("\"message\":"), "\"clientTargetObject\":\"" + clientTargetObject + "\",");
}
}
catch (ThreadAbortException threadAbortException)
{
responseText = "{\"message\":{"
+ "\"returnCode\":\"2\","
+ "\"category\":\"exception\","
+ "\"value\":\"" + StringHelper.ToSafeJson(threadAbortException.Message) + "\","
+ "\"description\":\"" + StringHelper.ToSafeJson(threadAbortException.ToString()) + "\""
+ "}}";
}
catch (Exception generalException)
{
responseText = "{\"message\":{"
+ "\"returnCode\":\"1\","
+ "\"category\":\"exception\","
+ "\"value\":\"" + StringHelper.ToSafeJson(generalException.Message) + "\","
+ "\"description\":\"" + StringHelper.ToSafeJson(generalException.ToString()) + "\""
+ "}}";
}
HttpContext.Current.Response.ContentType = HttpContentTypeHelper.GetValue(true);
HttpContext.Current.Response.Write(responseText);
HttpContext.Current.Response.End();
}
}
