/// <summary> /// 获取Web授权地址 /// </summary> /// <returns></returns> public static string GetAuthUrl(string callback) { string url = Stands.AUTH_HOST + "/Authorize/Index"; //回调地址 string callBackUrl = WebUtils.CurrentHost() + "/" + Stands.CallBackController + "/CallBack/?" + Stands.BEFORE_REQUEST_URL + "=" + HttpUtility.UrlEncode(callback); CJClient client = new CJClient(); CJDictionary dic = new CJDictionary { { "projectCode", Stands.PROJECT_CODE }, { "auth_type", (int)Stands.AuthType } }; DateTime timestamp = DateTime.Now; return client.BuildAuthUrl(url, "", Stands.SIGN_SECRET, callBackUrl, dic, timestamp); }
public string BuildAuthUrl(string url, string openId, string secret, string callback, CJDictionary txtParams, DateTime timestamp) { txtParams.Add(CALL_BACK, callback); // txtParams.Add(VERSION, "1.0"); txtParams.Add(OPEN_ID, openId); // txtParams.Add(FORMAT, format); // txtParams.Add(PARTNER_ID, SDK_VERSION); txtParams.Add(TIMESTAMP, timestamp); // txtParams.Add(TOKEN, session); // txtParams.AddAll(this.systemParameters); // 添加签名参数 txtParams.Add(SIGN, CJUtils.SignRequest(txtParams, secret)); var webUtils = new WebUtils(); return webUtils.BuildGetUrl(url, txtParams); }
/// <summary> /// url 权限路由 /// </summary> /// <param name="callBack"></param> /// <param name="_biz">数据请求对象</param> /// <param name="_client">url编辑对象</param> /// <param name="userInfo">用户信息</param> /// <param name="dic">其他信息</param> /// <returns></returns> public static AuthMessage RouteUrl(string callBack, CJClient _client, SSOUser userInfo, CJDictionary dic) { try { userInfo.Password = null; dic = dic ?? new CJDictionary(); //尝试从cookie中拿openid var openId = Tools.GetCookie(Stands.OpenIdCookie); //生成主站令牌 ps:如果有openid 使用openid作为令牌,如果没有openid 使用id var token = string.IsNullOrEmpty(openId) ? Guid.NewGuid().ToString().ToUpper() : openId; dic[CJClient.TOKEN] = token; var list = CacheHelper.Item_Get<List<Filters>>(Stands.FILTERS); //存储用户信息 SaveLoginInfo(userInfo, token); try { string configMsg; if (list != null && list.Any(x => x.FlagValue == userInfo.FlagValue)) { var redirect = list.First(x => x.FlagValue == userInfo.FlagValue); callBack = redirect.Url; configMsg = redirect.Message; } else { callBack = _client.BuildReturnUrl(callBack, dic); configMsg = "登录成功!"; } return new AuthMessage { Message = configMsg, Url = callBack, Status = userInfo.FlagValue }; } catch (Exception ex) { _log.Error(ex.Message); throw new Exception("请检查xml文件:" + ex.Message); } } catch (Exception ex) { _log.Error(ex.Message); return new AuthMessage { IsError = true, Message = ex.Message }; } }
/// <summary> /// url 权限路由 /// </summary> /// <param name="callBack"></param> /// <param name="userInfo">用户信息</param> /// <param name="dic">其他信息 该信息会通过Url返回到分站的callback</param> /// <returns></returns> public static AuthMessage RouteUrl(string callBack, SSOUser userInfo, CJDictionary dic) { CJClient _client = new CJClient(); return RouteUrl(callBack, _client, userInfo, dic); }
public ActionResult Index() { try { #region 检查参数有效性 if (!CJUtils.VerifyResponse(Request.Url.AbsoluteUri, Stands.SIGN_SECRET)) { return Json("非法访问,错误的签名。", JsonRequestBehavior.AllowGet); } var projectCode = Request[CJClient.PROJECT_CODE]; //授权类型 如果是其他则自动识别当前环境 var strAuthType = Request[CJClient.AUTH_TYPE]; int authType = int.Parse(strAuthType); if (authType == 999) { if (Request.UserAgent != null && Request.UserAgent.IndexOf("MicroMessenger", StringComparison.Ordinal) > 0) { authType = 1; } } var callBack = Request[CJClient.CALL_BACK]; if (string.IsNullOrEmpty(projectCode) || string.IsNullOrEmpty(callBack)) { return Content("非法访问,错误的参数。"); } #endregion var token = Tools.GetCookie(Stands.TOKEN); //检查是否登录 (token 是否为空) #region 如果已经登录 if (!string.IsNullOrEmpty(token)) { var key = projectCode + "_" + token; var model = CacheHelper.Item_Get<SSOUser>(key); if (model != null) { var url = RouteUtils.RouteUrl(callBack, _client, model, null).Url; //没有回调地址则删除redis信息重新登录 if (url == null) { _log.Warn("Url is null model:" + model); //删除redis中的信息 CacheHelper.Item_Remove(key); return Content("服务器繁忙请重试!"); } return Redirect(url); } } #endregion //微信授权访问 #region 微信授权访问 var openId = Request[CJClient.OPEN_ID]; //openId 为了减少请求微信api次数 第一次获取后就存放到用户cookie中 存放时间为 1 年 if (string.IsNullOrEmpty(openId)) { openId = Tools.GetCookie(Stands.OpenIdCookie); } //需要微信授权登录(1,登录方式auth_type=1 2,openid 为空) if (authType == 1 && string.IsNullOrEmpty(openId)) { Tools.SetCookie(Stands.CURRENT_PROJECT_CODE_KEY, projectCode); Tools.SetCookie(projectCode + "_CallBack", callBack); //微信授权 return Redirect(_client.GetWeixinAuthUrl(_appId, "cj_jason_sso")); } if (!string.IsNullOrEmpty(openId)) { var key = projectCode + "_" + openId.ToUpper(); var model = CacheHelper.Item_Get<SSOUser>(key); if (model == null) { var dics = new CJDictionary { { CJClient.PROJECT_CODE, projectCode }, { CJClient.OPEN_ID,openId.ToUpper()}, { CJClient.CALL_BACK, callBack}}; return Redirect(_client.BuildUrl(Stands.AUTH_HOST + loginPage, Stands.SIGN_SECRET, dics)); } var authMessage = RouteUtils.RouteUrl(callBack, _client, model, null); return Redirect(authMessage.Url); } #endregion //拿到传递的参数转向到登录页面,此处没有对参数进行再次签名 var dic = _client.GetParamter(Request.Url.AbsoluteUri); return Redirect(_client.BuildUrl(Stands.AUTH_HOST + loginPage, dic)); } catch (Exception ex) { _log.Error(ex); return Content("服务器繁忙..."); } }
public ActionResult UserInfoCallback(string code, string state) { try { if (string.IsNullOrEmpty(code)) { return Content("您拒绝了授权!"); } if (state == null || state != "cj_jason_sso") { return Content("验证失败!请从正规途径进入!"); } OAuthAccessTokenResult result = null; //通过,用code换取access_token try { result = OAuthApi.GetAccessToken(_appId, _secret, code); Tools.SetCookie(Stands.OpenIdCookie, result.openid, DateTime.Now.AddYears(1)); Tools.SetCookie(Stands.AccessToken, result.access_token, DateTime.Now.AddYears(1)); } catch (Exception ex) { _log.Error(ex); return Content("服务器繁忙"); } if (result.errcode != ReturnCode.请求成功) { _log.Error(result.errmsg); return Content("错误:" + result.errmsg); } try { //callback&projectcode ////因为第一步选择的是OAuthScope.snsapi_userinfo,这里可以进一步获取用户详细信息 OAuthUserInfo userInfo = OAuthApi.GetUserInfo(result.access_token, result.openid); SSOUser info = new SSOUser { Avatar = userInfo.headimgurl }; var projectCode = Tools.GetCookie(Stands.CURRENT_PROJECT_CODE_KEY); var key = projectCode + "_" + userInfo.openid.ToUpper(); var model = CacheHelper.Item_Get<SSOUser>(key); // Tools.Log(String.Format(" GET {0} {1} AuthorizeController>UserInfoCallback", key, model)); if (model == null) { var dic = new CJDictionary { { CJClient.PROJECT_CODE, projectCode }, { CJClient.AUTH_TYPE, (int)AuthType.Weixin }, { CJClient.AVATAR, info.Avatar }, { CJClient.OPEN_ID,userInfo.openid}}; //把参数存到session return Redirect(_client.BuildUrl(Stands.AUTH_HOST + loginPage, Stands.SIGN_SECRET, dic)); } var callBack = Tools.GetCookie(projectCode + "_CallBack"); var authMessage = RouteUtils.RouteUrl(callBack, _client, model, null); return Redirect(authMessage.Url); } catch (ErrorJsonResultException ex) { _log.Error(ex); return Content(ex.Message); } } catch (Exception ex) { _log.Error(ex); return Content("服务器繁忙。。。"); } }
public string BuildAuthUrl(string url, CJDictionary txtParams, DateTime timestamp) { var webUtils = new WebUtils(); return webUtils.BuildGetUrl(url, txtParams); }
/// <summary> /// 生成返回地址 /// </summary> /// <param name="callBack"></param> /// <param name="token"></param> /// <param name="sign"></param> /// <param name="dic"></param> /// <returns></returns> public string BuildReturnUrl(string callBack, CJDictionary dic) { dic = dic ?? new CJDictionary(); callBack = RefactorUrl(callBack, dic); return BuildUrl(HttpUtility.UrlDecode(callBack), Stands.SIGN_SECRET, dic); }
//解析并分离回调地址中的参数 ps:签名时会根据所有参数进行编码 public string RefactorUrl(string callBack, CJDictionary dic) { if (string.IsNullOrEmpty(callBack)) return string.Empty; Uri uri = new Uri(WebUtils.UrlDecode(callBack)); string query = uri.Query; if (!string.IsNullOrEmpty(query)) // 没有回调参数 { query = query.Trim(new char[] { '?', ' ' }); if (query.Length > 0) // 没有回调参数 { callBack = uri.AbsoluteUri.Replace(uri.Query, ""); dic.AddAll(SplitUrlQuery(query)); } } return callBack; }