protected void login_Click(object sender, EventArgs e)
{
Response.AddHeader("P3P", "CP=CAO PSA OUR");
StringBuilder strLog = new StringBuilder();
//string AuthenType = HttpUtility.HtmlDecode(Request.Form["AuthenType"].ToString().Trim().ToUpper()); //获取认证类型
string AuthenName = username.Text;
string Password = password.Text;
string AuthenType = "1"; // 默认是用户名
Regex regMobile = new Regex(@"^1[3458]\d{9}$");
Regex regEmail = new Regex(@"^[0-9a-zA-Z_\-\.]*[0-9a-zA-Z_\-]@[0-9a-zA-Z]+\.+[0-9a-zA-Z_\-.]+$");
Regex regCard = new Regex(@"^(\d{9}|\d{16})$");
if (regMobile.IsMatch(AuthenName))
{
AuthenType = "2";
}
if (regEmail.IsMatch(AuthenName))
{
AuthenType = "4";
}
if (regCard.IsMatch(AuthenName))
{
AuthenType = "3";
}
PageUtility.SetCookie("AuthenType", AuthenType, 168); //168个小时,即一个礼拜
string CustID = "";
string RealName = "";
string NickName = "";
string UserName = "";
string OutID = "";
string UserAccount = "";
string ErrMsg = "";
string CustType = "";
string ProvinceID = "";
int Result = 1;
try
{
strLog.AppendFormat("checkCode={0}", Request.Form["checkCode"]);
if (!CommonUtility.ValidateValidateCode(HttpUtility.HtmlDecode(Request.Form["checkCode"].ToString().Trim()), this.Context))
{
errorHint.InnerHtml = "验证码错误,请重新输入";
return;
}
//日志
strLog.AppendFormat("【开始验证】:SPID:{0},ProvinceID:{1},AuthenName:{2},AuthenType:{3}", SPID, ProvinceID, AuthenName, AuthenType);
Result = BTForBusinessSystemInterfaceRules.UserAuthV2(SPID, AuthenName, AuthenType, Password, Context, ProvinceID, "", "",
out ErrMsg, out CustID, out UserAccount, out CustType, out OutID, out ProvinceID, out RealName, out UserName, out NickName);
//验证结果日志
strLog.AppendFormat("【验证结果】:CustID:{0},UserAcount:{1},CustType:{2},OutID:{3},ProvinceID:{4},RealName:{5},UserName:{6},NickName:{7}",
CustID, UserAccount, CustType, OutID, ProvinceID, RealName, UserName, NickName);
CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, ProvinceID, AuthenType, AuthenName, "2", Result, ErrMsg);
if (Result != 0)
{
if (Result == 1001 || Result == -20504 || Result == -21553)
{
errorHint.InnerHtml = ErrMsg;
//hint_Username.InnerHtml = "";
return;
}
if (Result == -21501)
{
errorHint.InnerHtml = ErrMsg;
return;
}
Response.Write(ErrMsg);
return;
}
SPInfoManager spInfo = new SPInfoManager();
Object SPData = spInfo.GetSPData(this.Context, "SPData");
string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData);
//生成token并保存
UserToken UT = new UserToken();
string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg);
string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"];
PageUtility.SetCookie(CookieName, UserTokenValue);
TokenValidate.IsRedircet = false;
TokenValidate.Validate();
this.ssoFunc();
}
catch (System.Exception ex)
{
log(ex.ToString());
}
finally
{
log(strLog.ToString());
}
}
protected void btnlogin_Click(object sender, EventArgs e)
{
string AuthenType = ddlAuthenTypeList.SelectedValue;
PageUtility.SetCookie("AuthenType", AuthenType, 168); //168个小时,即一个礼拜
string AuthenName = txtUsername.Text;
string Password = txtPassword.Text;
string CustID = "";
string RealName = "";
string NickName = "";
string UserName = "";
string OutID = "";
string UserAccount = "";
string ErrMsg = "";
string CustType = "";
string ProvinceID = "";
int Result = 1;
if (!CommonUtility.ValidateValidateCode(HttpUtility.HtmlDecode(Request.Form["code"].ToString().Trim().ToUpper()), this.Context))
{
err_code.InnerHtml = "验证码错误,请重新输入";
return;
}
//日志
log(String.Format("【开始验证】:SPID:{0},ProvinceID:{1},AuthenName:{2},AuthenType:{3}", SPID, ProvinceID, AuthenName, AuthenType));
Result = BTForBusinessSystemInterfaceRules.UserAuthV2(SPID, AuthenName, AuthenType, Password, Context, ProvinceID, "", "",
out ErrMsg, out CustID, out UserAccount, out CustType, out OutID, out ProvinceID, out RealName, out UserName, out NickName);
//验证结果日志
log(String.Format("【验证结果】:CustID:{0},UserAcount:{1},CustType:{2},OutID:{3},ProvinceID:{4},RealName:{5},UserName:{6},NickName:{7}",
CustID, UserAccount, CustType, OutID, ProvinceID, RealName, UserName, NickName));
CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, ProvinceID, AuthenType, AuthenName, "2", Result, ErrMsg);
if (Result != 0)
{
if (Result == 1001 || Result == -20504 || Result == -21553)
{
err_Username.InnerHtml = ErrMsg;
hint_Username.InnerHtml = "";
return;
}
if (Result == -21501)
{
err_Password.InnerHtml = ErrMsg;
return;
}
Response.Write(ErrMsg);
return;
}
SPInfoManager spInfo = new SPInfoManager();
Object SPData = spInfo.GetSPData(this.Context, "SPData");
string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData);
//生成token并保存
UserToken UT = new UserToken();
string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg);
string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"];
PageUtility.SetCookie(UserTokenValue, CookieName, this.Page);
TokenValidate.IsRedircet = false;
TokenValidate.Validate();
this.ssoFunc();
}
protected void auth_Click(object sender, EventArgs e)
{
string AuthenType = HttpUtility.HtmlDecode(Request.Form["AuthenType"].ToString().Trim().ToUpper()); //获取认证类型
string password = Request.Form["password"].ToString().Trim();
string username = Request.Form["username"].ToString().Trim();
// 按照模式匹配出,认证模式 (手机,用户名,商旅卡,邮箱)认证
// 如果认证通过,返回custid
// 绑定 custid和openid
PageUtility.SetCookie("AuthenType", AuthenType, 168); //168个小时,即一个礼拜
string AuthenName = username;
string Password = password;
string CustID = "";
string RealName = "";
string NickName = "";
string UserName = "";
string OutID = "";
string UserAccount = "";
string CustType = "";
string ProvinceID = "";
string ErrMsg = "";
int Result;
//日志
log(String.Format("【开始验证】:SPID:{0},ProvinceID:{1},AuthenName:{2},AuthenType:{3}", SPID, ProvinceID, AuthenName, AuthenType));
Result = BTForBusinessSystemInterfaceRules.UserAuthV2(SPID, AuthenName, AuthenType, Password, Context, ProvinceID, "", "",
out ErrMsg, out CustID, out UserAccount, out CustType, out OutID, out ProvinceID, out RealName, out UserName, out NickName);
//验证结果日志
log(String.Format("【验证结果】:CustID:{0},UserAcount:{1},CustType:{2},OutID:{3},ProvinceID:{4},RealName:{5},UserName:{6},NickName:{7}",
CustID, UserAccount, CustType, OutID, ProvinceID, RealName, UserName, NickName));
CommonBizRules.WriteDataCustAuthenLog(SPID, CustID, ProvinceID, AuthenType, AuthenName, "2", Result, ErrMsg);
if (Result != 0)
{
if (Result == 1001 || Result == -20504 || Result == -21553)
{
errorHint.InnerHtml = ErrMsg;
return;
}
if (Result == -21501)
{
errorHint.InnerHtml = ErrMsg;
return;
}
Response.Write(ErrMsg);
return;
}
// 绑定custid 和code关系 begin
string _connectionString = WebConfigurationManager.ConnectionStrings["BestToneCenterConStr"].ConnectionString;
int result = -1;
SqlConnection con = new SqlConnection(_connectionString);
SqlCommand cmd = new SqlCommand("insert into oauthaccount (openid,custid,createtime,status) values (@code,@CustID,getdate(),@oauthtype)", con);
cmd.Parameters.Add("@code", SqlDbType.NVarChar, 50).Value = code;
cmd.Parameters.Add("@CustID", SqlDbType.NVarChar, 16).Value = CustID;
cmd.Parameters.Add("@oauthtype", SqlDbType.NVarChar, 1).Value = oauthtype;
using (con)
{
con.Open();
result = cmd.ExecuteNonQuery();
}
//end
if (result != 0)
{
errorHint.InnerHtml = "绑定关系建立失败";
return;
}
SPInfoManager spInfo = new SPInfoManager();
Object SPData = spInfo.GetSPData(this.Context, "SPData");
string key = spInfo.GetPropertyBySPID("35000000", "SecretKey", SPData);
//生成token并保存
UserToken UT = new UserToken();
string UserTokenValue = UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg);
string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"];
//PageUtility.SetCookie(UserTokenValue, CookieName, this.Page);
PageUtility.SetCookie(CookieName, UserTokenValue);
TokenValidate.IsRedircet = false;
TokenValidate.Validate();
this.ssoFunc();
}
public void aaa()
{
string AuthenName = HttpUtility.HtmlDecode(Request.QueryString["name"].ToString());
string QuestionID = HttpUtility.HtmlDecode(Request.QueryString["questionID"].ToString());
string Answer = HttpUtility.HtmlDecode(Request.QueryString["answer"].ToString());
///调用你的方法
if (!ValidateValidateCode())
{
Response.Write("1");
return;
}
string CustID = "";
string outerid = "";
string UserAccount = "";
string ProvinceID = "";
string CustType = "";
string RealName = "";
string UserName = "";
string NickName = "";
int Result1 = 0;
int Result2 = 0;
string ErrorDescription;
string str;
try
{
#region 数据校验
if (CommonUtility.IsEmpty(AuthenName))
{
Result1 = ErrorDefinition.BT_IError_Result_InValidRealName_Code;
ErrorDescription = ErrorDefinition.BT_IError_Result_InValidRealName_Msg + ",不能为空";
//return Result;
}
#endregion
Result1 = BTForBusinessSystemInterfaceRules.UserAuthV2("35000000", AuthenName, "1", "",
this.Context, ProvinceID, "", "",
out ErrorDescription, out CustID, out UserAccount, out CustType, out outerid, out ProvinceID, out RealName, out UserName, out NickName);
//Result1 = BTForBusinessSystemInterfaceRules.UserAuthV2("35000000", AuthenName, "1", "",
// this.Context,ProvinceID,
// out ErrorDescription
}
catch (Exception e)
{
Result1 = ErrorDefinition.IError_Result_System_UnknowError_Code;
ErrorDescription = ErrorDefinition.IError_Result_System_UnknowError_Msg + e.Message;
}
if (Result1 != -21501)
{
str = "CustID:\"" + CustID + "\"," + "CustType:\"" + CustType + "\"," + "Result1:\"" + Result1 + "\"," + "Result2:\"" + Result2 + "\"";
Response.Write(str);
return;
}
try
{
if (CommonUtility.IsEmpty(CustID))
{
Result2 = ErrorDefinition.BT_IError_Result_InValidCustID_Code;
ErrorDescription = ErrorDefinition.BT_IError_Result_InValidCustID_Msg + ",不能为空";
}
if (CommonUtility.IsEmpty(QuestionID))
{
Result2 = ErrorDefinition.IError_Result_UnknowError_Code;
ErrorDescription = ErrorDefinition.IError_Result_UnknowError_Msg + ",QuestionID不能为空";
}
if (CommonUtility.IsEmpty(Answer))
{
Result2 = ErrorDefinition.IError_Result_UnknowError_Code;
ErrorDescription = ErrorDefinition.IError_Result_UnknowError_Msg + ",Answer不能为空";
}
Result2 = BTForBusinessSystemInterfaceRules.PwdQuestionAuth(CustID, int.Parse(QuestionID), Answer, out ErrorDescription);
}
catch (Exception err)
{
Result2 = ErrorDefinition.IError_Result_UnknowError_Code;
ErrorDescription = err.Message.ToString();;
}
str = "CustID:\"" + CustID + "\"," + "CustType:\"" + CustType + "\"," + "Result1:\"" + Result1 + "\"," + "Result2:\"" + Result2 + "\"";
Response.Write(str);
}
protected void Page_Load(object sender, EventArgs e)
{
log("step1");
int Result = ErrorDefinition.IError_Result_UnknowError_Code;
log("step2");
if (CommonUtility.IsParameterExist("SSORequestXML", this.Page)) // 带着token过来的是网厅的认证请求
{
#region 隐藏
MBOSSClass mboss = new MBOSSClass();
SPInfoManager spInfo = new SPInfoManager();
string SPID = "35999991";
string UAProvinceID = "35";
string SourceType = "";
string uaURL = "";
string privateKeyPassword = "";
string UserName = "";
string ErrMsg = "";
string CAP01002_XML = Request["SSORequestXML"];
string DigitalSign = MBOSSClass.GetNewXML(CAP01002_XML, "DigitalSign");
string DigitalSignValue = MBOSSClass.GetValueFromXML(CAP01002_XML, "DigitalSign");
//从中取出RedirectURL
string RedirectURL = MBOSSClass.GetValueFromXML(CAP01002_XML, "RedirectURL");
//验证 CAP01002_XM 合法性
byte[] PublicKeyFile = new byte[0];
try
{
Object SPData = spInfo.GetSPData(this.Context, ""); //SPDataCacheName 这里要去问tongbo
PublicKeyFile = spInfo.GetCAInfo(SPID, 0, SPData, out UserName, out privateKeyPassword);
}
catch (Exception err)
{
//验证签名未通过
ErrMsg = err.Message;
Result = -20001;
Response.Redirect(RedirectURL, true);
return;
}
Result = mboss.VerifySignByPublicKey(DigitalSign, PublicKeyFile, DigitalSignValue, out ErrMsg);
//<CAPRoot><SessionHeader><ServiceCode>CAP01003</ServiceCode><Version>mbossUacVersion1</Version><ActionCode>0</ActionCode><TransactionID>35000201109254969771818</TransactionID><SrcSysID>35000</SrcSysID><DigitalSign>302C02141DB53BC5D52562D69EFD959B32F6E10D4BF6421E02145983D67CC81B0F376CA688B39F6AD1896EA0E082</DigitalSign><DstSysID>18</DstSysID><ReqTime>20110925000030</ReqTime><Request><ReqType/><ReqCode/><ReqDesc/></Request></SessionHeader><SessionBody><SPSSOAuthReq><RedirectURL>http://Customer.besttone.com.cn/UserPortal/SSO/SelectAssertion.aspx</RedirectURL><AcceptAccountTypeList><AcceptAccountType>0000000</AcceptAccountType></AcceptAccountTypeList></SPSSOAuthReq></SessionBody></CAPRoot>
log("从网厅来:" + CAP01002_XML);
if (Result != 0)
{
// 签名校验未通过,直接将请求原路打回
Response.Redirect(RedirectURL, true);
return;
}
string sessionid = this.Page.Session.SessionID;
string globaltoken = Request.Cookies[sessionid].Value.ToString();
uaURL = RedirectURL;
if (globaltoken != null && !"".Equals(globaltoken))
{
this.sendTicket2UA(uaURL);
}
else
{
this.Response.Redirect(uaURL);
}
#endregion
}
else
{
//不带token的是积分商城过来的认证请求
string direction = Request["Direction"];
string CookieName = System.Configuration.ConfigurationManager.AppSettings["CookieName"];
string key0 = System.Configuration.ConfigurationManager.AppSettings["ScoreSystemSecret"];
if (CommonUtility.IsParameterExist("Direction", this.Page))
{
#region 反向登录到集团网厅方向
string ProvinceID = Request["ProvinceID"];
if ("uam".Equals(direction))
{
//获取本地的token,如果没有token则返回到积分商城登录
//string token = Request.Cookies[CookieName].Value;
String token = PageUtility.GetCookie(CookieName);
if (String.IsNullOrEmpty(token))
{
Response.Redirect("http://www.ct10000.com");
}
string ProvinceID0 = ""; // 2013.01.23 添加
string CustID0 = "";
string RealName0 = "";
string UserName0 = "";
string NickName0 = "";
string OuterID0 = "";
string CustType0 = "";
string AuthenName0 = "";
string AuthenType0 = "";
string ErrMsg0 = "";
//解析token
UserToken UT0 = new UserToken();
// 2013.01.23 修改
//int Result0 = UT0.ParseUserToken(token, key0, out CustID0, out RealName0, out UserName0, out NickName0, out OuterID0, out CustType0, out AuthenName0, out AuthenType0, out ErrMsg0);
int Result0 = UT0.ParseScoreUserToken(token, key0, out ProvinceID0, out CustID0, out RealName0, out UserName0, out NickName0, out OuterID0, out CustType0, out AuthenName0, out AuthenType0, out ErrMsg0);
//日志
log(String.Format("【token解析结果:】Result:{0},ErrMsg:{1},AuthenName:{2},AuthenType:{3},CustID:{4},OuterID:{5},CustType:{6}", Result0, ErrMsg0, AuthenName0, AuthenType0, CustID0, OuterID0, CustType0));
if (Result0 == 0)
{
//生成ticket,反向单点登录要求ticket前面加上省id
//string sDate = DateTime.Now.ToString("yyyyMMddHHmmssfff");
//Random r = new Random();
//string ticket = ProvinceID + sDate + r.Next(10000, 99999).ToString();
string ticket = ProvinceID + CommonBizRules.CreateTicket();
//积分商城
SPID = "35000010";
//将ticket插入数据库
Result = CIPTicketManager.insertCIPTicket(ticket, SPID, CustID0, RealName0, NickName0, UserName0, OuterID0, "", AuthenName0, AuthenType0, out ErrMsg0);
log(String.Format("【ticket生成结果:{0}】Result:{1},ErrMsg:{2},ticket:{3}", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), Result, ErrMsg0, ticket));
if (Result != 0)
{
this.Response.Redirect("http://www.ct10000.com");
}
string uamURL = System.Configuration.ConfigurationManager.AppSettings["UAMUrl"] + "?AccountIndex=" + ticket;
log(String.Format("【登录网厅:{0}】uamURL:{1}", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), uamURL));
this.Response.Redirect(uamURL);
}
else
{
this.Response.Redirect("http://www.ct10000.com");
}
}
else
{
this.Response.Redirect("http://www.ct10000.com");
}
#endregion
}
else
{
if (!this.IsPostBack)
{
#region 积分商城直接登录
string SPTokenRequest = Request["SPTokenRequest"];
log(String.Format("【SPTokenRequest参数为:{1}】SPTokenRequest:{0}", SPTokenRequest, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")));
string key = System.Configuration.ConfigurationManager.AppSettings["ScoreSystemSecret"];
string JFLoginUrl = System.Configuration.ConfigurationManager.AppSettings["JFLoginUrl"];
//生成全局token写入cookie,该全局token为了将来网厅请求时候,查询该客户登陆状态用
UserToken UT = new UserToken();
ProvinceID = Request["ProvinceID"];
AuthenType = Request["AuthenType"];
AuthenName = Request["AuthenName"];
Password = Request["Password"];
ReturnURL = Request["ReturnURL"]; // 这个ReturnUrl 用来还给积分商城ticket用
AccountType = Request["AccountType"];
string RealName = "";
string UserName = "";
string NickName = "";
string CustType = "";
string CustID = "";
string ErrMsg = "";
string OutID = "";
string UserAccount = "";
string SPID = "";
//解析SPTokenRequest参数
int Resultjf = SSOClass.ParseJFLoginRequest(SPTokenRequest, this.Context, out SPID, out ProvinceID, out AuthenType, out AuthenName, out Password, out ReturnURL, out ErrMsg);
if (Resultjf != 0)
{
//日志
log(String.Format("【解析SPTokenRequest参数失败:{0}】Result:{1},ErrMsg:{2}", DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), Result, ErrMsg));
string err = System.Web.HttpUtility.UrlEncode("积分商城请求的token解密失败!ErrMsg=" + ErrMsg, Encoding.UTF8);
Response.Redirect(JFLoginUrl + "?Result=" + Resultjf + "&ErrMsg=" + err, true);
return;
}
//日志
log(String.Format("【解析SPTokenRequest参数成功:{0}】SPID:{1},ProvinceID:{2},AuthenType:{3},AuthenName:{4},ReturnURL:{5}",
DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), SPID, ProvinceID, AuthenType, AuthenName, ReturnURL));
string o_ProvinceID = "";
Result = BTForBusinessSystemInterfaceRules.UserAuthV2(SPID, AuthenName, AuthenType, Password, this.Context, ProvinceID, "", "",
out ErrMsg, out CustID, out UserAccount, out CustType, out OutID, out o_ProvinceID, out RealName, out UserName, out NickName);
//日志
log(String.Format("【Crm认证结果:{0}】Result:{1},ErrMsg:{2},CustID:{3},UserAccount:{4},CustType:{5},OutID:{6},ProvinceID:{7}",
DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"), Result, ErrMsg, CustID, UserAccount, CustType, OutID, o_ProvinceID));
if (Result != 0)
{
string err = System.Web.HttpUtility.UrlEncode(ErrMsg, Encoding.UTF8);
string jf_loginUrl = "";
if (ReturnURL.IndexOf("?") > 0)
{
jf_loginUrl = ReturnURL + "&Result=" + Result + "&ErrMsg=" + err;
}
else
{
jf_loginUrl = ReturnURL + "?Result=" + Result + "&ErrMsg=" + err;
}
//直接将请求原路打回 --假设请求中有ReturnURL
Response.Redirect(jf_loginUrl + "", true);
return;
}
//生成token 修改 2013.01.23
string UserTokenValue = UT.GenerateJFUserToken(ProvinceID, CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg);
//UT.GenerateUserToken(CustID, RealName, UserName, NickName, OutID, CustType, AuthenName, AuthenType, key, out ErrMsg);
log("token-Result:" + Result);
string CookieName0 = System.Configuration.ConfigurationManager.AppSettings["CookieName"]; //CookieName = CIPUT
PageUtility.SetCookie(UserTokenValue, CookieName0, this.Page);
//生成流水号
//string TransactionId = "";
//string sDate = DateTime.Now.ToString("yyyyMMddHHmmssfff");
//Random r = new Random(Guid.NewGuid().GetHashCode());
//TransactionId = "35999999" + sDate + r.Next(10000, 99999).ToString();
String TransactionId = "35999999" + CommonBizRules.CreateTransactionID();
//生成ticket
//sDate = DateTime.Now.ToString("yyyyMMddHHmmssfff");
//r = new Random();
//string Ticket = sDate + r.Next(10000, 99999).ToString();
String Ticket = CommonBizRules.CreateTicket();
StringBuilder msg0 = new StringBuilder();
msg0.Append("++++++++++++++++++++++++++++++++++++++token===++++++++++++++++++++" + UserTokenValue + "++++++++++++++++++++++++++\r\n");
BTUCenterInterfaceLog.CenterForBizTourLog("REVERSE-SSO", msg0);
this.sendTicket2JF(Ticket, CustID, RealName, UserAccount, OutID, UserName, AuthenName, AuthenType, NickName);
#endregion
}
}
}
}