public override Task <LoginResponseDTO> LoginByAccount(LoginRequestDTO request, ServerCallContext context)
{
return(Task.Run(() =>
{
LoginResponseDTO response = new LoginResponseDTO();
Log.Info($"deviceId={request.Client.DeviceId}&clientver={request.Client.Version}&source={request.Client.Type}&userCode={request.Usercode}&password={request.Password}");
var app = OAuthAppCache.Get(request.Appid);
if (app == null)
{
response.RetCode = "0400";
response.RetMsg = "未注册的应用";
return response;
}
LoginProvider loginProvider = new LoginProvider(request.Usercode, request.Password, request.Scopes, (LoginType)request.LoginType);
if (!loginProvider.Login(request.Client.Type, request.Client.System, request.Client.DeviceId, request.Client.Ip, request.Client.SessionId, request.Client.Version, app.Id))
{
response.RetCode = xUtils.TransformFailRetCode(loginProvider.PromptInfo.ResultType);
response.RetMsg = loginProvider.PromptInfo.CustomMessage;
return response;
}
response.RetCode = "0000";
response.RetMsg = "ok";
response.Data = new LoginResponseDTO.Types.Result()
{
Token = loginProvider.Token,
Expires = loginProvider.OAuthUser.Expire_In,
Openid = loginProvider.OAuthUser.Open_Id,
RefreshExpires = loginProvider.OAuthUser.Refresh_Expire_In,
RefreshToken = loginProvider.OAuthUser.Refresh_Token,
};
return response;
}));
}
public ResponseResult <UserRegisterResponseDTO> UserRegister(UserRegisterRequestDTO request)
{
UserRegisterResponseDTO response = new UserRegisterResponseDTO();
var app = OAuthAppCache.Get(request.Appid);
if (app == null)
{
return(Fail <UserRegisterResponseDTO>("无效的应用ID", "0400"));
}
//先注册,再登录发放TOKEN
RegisterProvider provider = new RegisterProvider(request.UserCode, request.Password, request.SmsCode, request.RefereeCode);
if (!provider.Register())
{
return(Fail <UserRegisterResponseDTO>(provider.PromptInfo.CustomMessage));
}
LoginProvider loginProvider = new LoginProvider(request.UserCode, request.Password, "basic");
if (loginProvider.Login(request.Client.Type, request.Client.System, request.Client.DeviceId, request.Client.IP, request.Client.SessionId, request.Client.Version, app.Id))
{
response.RegisterResult = true;
response.Expires = loginProvider.OAuthUser.Expire_In;
response.Openid = loginProvider.OAuthUser.Open_Id;
response.RefreshExpires = loginProvider.OAuthUser.Refresh_Expire_In;
response.RefreshToken = loginProvider.OAuthUser.Refresh_Token;
response.Token = loginProvider.OAuthUser.Token;
response.UserCode = loginProvider.User.UserCode;
}
if (!response.RegisterResult)
{
Log.Info(string.Concat("注册成功,登录失败!", Environment.NewLine, loginProvider.PromptInfo.MessageStack));
}
return(Success(response));
}
public ResponseResult <TokenDecodeResponseDTO> Decode(TokenDecodeRequestDTO request)
{
TokenDecodeResponseDTO response = new TokenDecodeResponseDTO();
var app = OAuthAppCache.Get(request.Appid);
if (app == null)
{
return(Fail <TokenDecodeResponseDTO>("无效的应用id", "0400"));
}
var ut = UserTokenProvider.DecryptAccessToken(request.Token);
if (ut == null || !ut.Success)
{
return(Fail <TokenDecodeResponseDTO>("无效的token", "0400"));
}
if (ut.Content.AppId != app.Id)
{
return(Fail <TokenDecodeResponseDTO>("操作不允许", "0402"));
}
response = new TokenDecodeResponseDTO
{
Appid = ut.Content.AppId,
ExpireTime = ut.Content.Expire_Time,
Usercode = ut.Content.UserCode,
Userid = ut.Content.UserId
};
return(Success(response));
}
public ResponseResult <LoginResponseDTO> LoginByAccount(LoginRequestDTO request)
{
Log.Info($"deviceId={request.Client.DeviceId}&clientver={request.Client.Version}&source={request.Client.Type}&userCode={request.UserCode}&password={request.Password}");
var app = OAuthAppCache.Get(request.Appid);
if (app == null)
{
return(Fail <LoginResponseDTO>("无效的应用id", "0400"));
}
LoginProvider loginProvider = new LoginProvider(request.UserCode, request.Password, request.Scopes, (LoginType)request.LoginType);
if (!loginProvider.Login(request.Client.Type, request.Client.System, request.Client.DeviceId, request.Client.IP, request.Client.SessionId, request.Client.Version, app.Id))
{
return(Fail <LoginResponseDTO>(loginProvider.PromptInfo.CustomMessage));
}
LoginResponseDTO response = new LoginResponseDTO()
{
Token = loginProvider.Token,
Expires = loginProvider.OAuthUser.Expire_In,
Openid = loginProvider.OAuthUser.Open_Id,
RefreshExpires = loginProvider.OAuthUser.Refresh_Expire_In,
RefreshToken = loginProvider.OAuthUser.Refresh_Token,
};
return(Success(response));
}
public ResponseResult <ThirdPartyLoginResult> Bind(ThirdPartyBindingModel model)
{
var app = OAuthAppCache.Get(model.Appid);
if (app == null)
{
return(Fail <ThirdPartyLoginResult>("无效的应用id", "0400"));
}
//先绑定手机号
string plainText;
if (!xUtils.RsaDecrypt(model.AuthCode, out plainText))
{
return(Fail <ThirdPartyLoginResult>("授权码解密失败"));
}
int pos = plainText.IndexOf('_');
string[] array = new string[2];
array[0] = plainText.Substring(0, pos);
array[1] = plainText.Substring(pos + 1);
long timestamp;
if (!long.TryParse(array[0], out timestamp))
{
return(Fail <ThirdPartyLoginResult>("授权码明文格式不正确"));
}
long currentTime = xUtils.GetCurrentTimeStamp();
if (currentTime - timestamp > 120)
{
return(Fail <ThirdPartyLoginResult>("请求已过期", "0400"));
}
ThirdPartyBindingProvider binding = new ThirdPartyBindingProvider(model);
if (!binding.Register())
{
return(Fail <ThirdPartyLoginResult>(binding.PromptInfo.CustomMessage));
}
//再调用登录
int clientSource = 0;
string csource = Request.Headers["clientsource"];
int.TryParse(csource, out clientSource);
string clientSystem = Request.Headers["clientsystem"];
string device_id = Request.Headers["device_id"];
string userHostAddress = Request.Headers["X-FORWARD-FOR"];
string sessionId = Request.Headers["sessionId"];
string clientVersion = Request.Headers["clientversion"];
var thirdLogin = new ThirdPartyLoginProvider(binding.User);
var result = thirdLogin.Login(clientSource, clientSystem, device_id, clientVersion, userHostAddress, sessionId, app.Id);
if (!result.Success)
{
return(Fail <ThirdPartyLoginResult>("第三方账号绑定成功,但登陆失败,请重新登录!", "0202"));
}
//return new ApiResult<ThirdPartyLoginResult> { retCode = "0000", retMsg = "ok", Data = result.Content };
return(Success(result.Content));
}
public bool OAuthAccess()
{
var app = OAuthAppCache.Get(this._appid);
if (app == null)
{
Alert("无效的应用编号");
return(false);
}
//Tauth_Code daCode = new Tauth_Code();
var daCode = DaoFactory.Tauth_Code();
if (!daCode.SelectByAppId_GrantCode(app.Id, this._auth_code))
{
Alert("无效的授权码");
return(false);
}
if (daCode.Status == 1)
{
Alert("该授权码已被使用,不能重复使用");
return(false);
}
if (daCode.Expire_Time < DateTime.Now)
{
Alert("授权码已过期");
return(false);
}
daCode.Status = 1;
if (!daCode.Update())
{
Alert("授权码验证失败");
return(false);
}
var scope = ScopeCache.Get(daCode.Scope_Id);
BeginTransaction();
UserTokenProvider utp = new UserTokenProvider(app, daCode.User_Id, daCode, scope.Code);
utp.ReferenceTransactionFrom(Transaction);
if (!utp.GenerateUserToken())
{
Rollback();
Alert(utp.PromptInfo);
return(false);
}
this.OAuthUser = utp.OAuthUser;
if (!UpdateTokenRights(utp.TokenId, utp.Refresh_Timeout, daCode.Right_Json))
{
Rollback();
return(false);
}
Commit();
return(true);
}
public ResponseResult <ThirdPartyLoginResult> Login(ThirdpartyLoginRequestDTO model)
{
var app = OAuthAppCache.Get(model.Appid);
if (app == null)
{
return(Fail <ThirdPartyLoginResult>("无效的应用id", "0400"));
}
string plainText;
if (!xUtils.RsaDecrypt(model.AuthCode, out plainText))
{
return(Fail <ThirdPartyLoginResult>("授权码解密失败"));
}
int pos = plainText.IndexOf('_');
string[] array = new string[2];
array[0] = plainText.Substring(0, pos);
array[1] = plainText.Substring(pos + 1);
long timestamp;
if (!long.TryParse(array[0], out timestamp))
{
return(Fail <ThirdPartyLoginResult>("授权码明文格式不正确", "0400"));
}
long currentTime = xUtils.GetCurrentTimeStamp();
if (currentTime - timestamp > 120)
{
return(Fail <ThirdPartyLoginResult>("请求已过期", "0403"));
}
string trueOpenID = array[1];
var fac = UserModuleFactory.GetUserModuleInstance();
IUser user = fac?.GetUserByVoucher(trueOpenID, (UserVoucherType)model.PlatformID);
var thirdLogin = new ThirdPartyLoginProvider(user);
string csource = Request.Headers["clientsource"];
int.TryParse(csource, out int clientSource);
string clientSystem = Request.Headers["clientsystem"];
string device_id = Request.Headers["device_id"];
string userHostAddress = Request.Headers["X-FORWARD-FOR"];
string sessionId = Request.Headers["sessionId"];
string clientVersion = Request.Headers["clientversion"];
//若登录失败,客户端需调用绑定手机号
var result = thirdLogin.Login(clientSource, clientSystem, device_id, clientVersion, userHostAddress, sessionId, app.Id);
if (!result.Success)
{
return(Fail <ThirdPartyLoginResult>("首次使用第三方登录,请先绑定账号!", "0202"));
}
return(Success(result.Content));
}
/// <summary>
/// 生成加密的openid
/// </summary>
/// <returns></returns>
public string ToCipherString()
{
var app = OAuthAppCache.Get(this.AppId);
if (app == null)
{
throw new ApplicationException("openid生成失败,无效的应用ID[APPID]");
}
string cipherText = EncodeDecodeOpenID.EncryptOpenId(AppId, UserId, UserCode, app.UidEncryptKey);
return(cipherText);
}
public override Task <GrantResponseDTO> GrantByToken(GrantByTokenRequestDTO request, ServerCallContext context)
{
return(Task.Run(() =>
{
GrantResponseDTO response = new GrantResponseDTO();
UserToken token = UserToken.FromCipherToken(request.Token);
if (token == null)
{
response.RetCode = "0400";
response.RetMsg = "无效的token";
return response;
}
OAuthApp app = OAuthAppCache.Get(request.Appid);
if (app == null)
{
response.RetCode = "0400";
response.RetMsg = "无效的应用id";
return response;
}
if (app.Id != token.AppId)
{
response.RetCode = "0403";
response.RetMsg = "无效的token";
return response;
}
CodePrivilege[] privileges = null;
if (request.Grants != null && request.Grants.Count > 0)
{
privileges = new CodePrivilege[request.Grants.Count];
for (int i = 0; i < request.Grants.Count; i++)
{
privileges[i] = new CodePrivilege {
Id = request.Grants[i].Id, Type = request.Grants[i].Type
};
}
}
GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, token.UserId, request.Scopes, request.Client.DeviceId);
if (!grant.Grant(request.GrantAll, privileges))
{
response.RetCode = "0500";
response.RetMsg = "授权失败,请重试";
return response;
}
response.RetCode = "0000";
response.RetMsg = "ok";
response.Data = new GrantResponseDTO.Types.Result
{
Code = grant.Auth_Code
};
return response;
}));
}
public override Task <GrantResponseDTO> GrantByAccount(GrantByAccountRequestDTO request, ServerCallContext context)
{
return(Task.Run(() =>
{
var response = new GrantResponseDTO();
OAuthApp app = OAuthAppCache.Get(request.Appid);
List <Scope> scope = ScopeCache.Get(request.Scopes.Split(','));
if (app == null)
{
response.RetCode = "0400";
response.RetMsg = "无效的应用id";
return response;
}
string ip = context.GetHttpContext().Request.Headers["X-FORWARD-IP"];
LoginProvider login = new LoginProvider(request.Account, request.Password, request.Scopes, LoginType.LOGIN_BY_PASSWORD);
if (!login.Login(request.Client.Type, request.Client.System, request.Client.DeviceId, ip, request.Client.SessionId, request.Client.Version, app.Id))
{
response.RetCode = "0500";
response.RetMsg = login.PromptInfo.CustomMessage;
return response;
}
CodePrivilege[] privileges = null;
if (request.Grants != null && request.Grants.Count > 0)
{
privileges = new CodePrivilege[request.Grants.Count];
for (int i = 0; i < request.Grants.Count; i++)
{
privileges[i] = new CodePrivilege {
Id = request.Grants[i].Id, Type = request.Grants[i].Type
};
}
}
GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, login.User.UserId, request.Scopes, request.Client.DeviceId);
if (!grant.Grant(request.GrantAll, privileges))
{
response.RetCode = "0500";
response.RetMsg = "授权失败,请重试";
return response;
}
response.RetCode = "0000";
response.RetMsg = "ok";
response.Data = new GrantResponseDTO.Types.Result
{
Code = grant.Auth_Code
};
return response;
}));
}
/// <summary>
/// 解密OpenID
/// </summary>
/// <param name="open_id"></param>
/// <param name="userId"></param>
/// <param name="userCode"></param>
/// <param name="appid"></param>
/// <returns></returns>
public static bool DecryptOpenId(string open_id, out int userId, out string userCode, out int appid)
{
string tokenSecret = UserToken.SECRET;
string enc_uuid;
DesDecrypt(open_id, tokenSecret, out enc_uuid);
var array = enc_uuid.Split('_');
int lambdaAppid = appid = Convert.ToInt32(array[0]);
var app = OAuthAppCache.Get(lambdaAppid);
string plain_uid;
DesDecrypt(array[1], app.UidEncryptKey, out plain_uid);
string[] sArray = plain_uid.Split('|');
userId = Convert.ToInt32(sArray[0]);
userCode = sArray[1];
return(true);
}
public override Task <UserRegisterResponseDTO> UserRegister(UserRegisterRequestDTO request, ServerCallContext context)
{
return(Task.Run(() =>
{
UserRegisterResponseDTO response = new UserRegisterResponseDTO();
var app = OAuthAppCache.Get(request.Appid);
if (app == null)
{
response.RetCode = "0400";
response.RetMsg = "无效的应用ID";
return response;
}
//先注册,再登录发放TOKEN
RegisterProvider provider = new RegisterProvider(request.UserCode, request.Password, request.SmsCode, request.RefereeCode);
if (!provider.Register())
{
response.RetCode = xUtils.TransformFailRetCode(provider.PromptInfo.ResultType);
response.RetMsg = provider.PromptInfo.CustomMessage;
return response;
}
LoginProvider loginProvider = new LoginProvider(request.UserCode, request.Password, "basic");
if (loginProvider.Login(request.Client.Type, request.Client.System, request.Client.DeviceId, request.Client.Ip, request.Client.SessionId, request.Client.Version, app.Id))
{
response.Data = new UserRegisterResponseDTO.Types.Result
{
Expires = loginProvider.OAuthUser.Expire_In,
Openid = loginProvider.OAuthUser.Open_Id,
RefreshExpires = loginProvider.OAuthUser.Refresh_Expire_In,
RefreshToken = loginProvider.OAuthUser.Refresh_Token,
Token = loginProvider.OAuthUser.Token,
UserCode = loginProvider.User.UserCode
};
}
if (response.Data == null)
{
Log.Info(string.Concat("注册成功,登录失败!", Environment.NewLine, loginProvider.PromptInfo.MessageStack));
}
response.RetCode = "0000";
response.RetMsg = "ok";
return response;
}));
}
[HttpPost] // api/authorize
public ResponseResult <GrantResponseDTO> GrantByAccount(GrantByAccountRequestDTO data)
{
OAuthApp app = OAuthAppCache.Get(data.Appid);
List <Scope> scope = ScopeCache.Get(data.Scopes.Split(','));
if (app == null)
{
return(Fail <GrantResponseDTO>("无效的应用id", "0400"));
}
string ip = Request.Headers["X-FORWARD-IP"];
LoginProvider login = new LoginProvider(data.Account, data.Password, data.Scopes, LoginType.LOGIN_BY_PASSWORD);
if (!login.Login(data.Client.Type, data.Client.System, data.Client.DeviceId, ip, data.Client.SessionId, data.Client.Version, app.Id))
{
return(Fail <GrantResponseDTO>(login.PromptInfo.CustomMessage, "0500"));
}
CodePrivilege[] privileges = null;
if (data.Privileges != null && data.Privileges.Count > 0)
{
privileges = new CodePrivilege[data.Privileges.Count];
for (int i = 0; i < data.Privileges.Count; i++)
{
privileges[i] = new CodePrivilege {
Id = data.Privileges[i].Id, Type = data.Privileges[i].Type
};
}
}
GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, login.User.UserId, data.Scopes, data.Client.DeviceId);
if (!grant.Grant(data.GrantAll, privileges))
{
return(Fail <GrantResponseDTO>("授权失败,请重试", "0500"));
}
var response = new GrantResponseDTO
{
Code = grant.Auth_Code
};
return(Success(response));
}
[HttpPost("client")] // api/authorize/client
public ResponseResult <GrantResponseDTO> GrantByToken(GrantByTokenRequestDTO data)
{
GrantResponseDTO response = new GrantResponseDTO();
UserToken token = UserToken.FromCipherToken(data.Token);
if (token == null)
{
return(Fail <GrantResponseDTO>("无效的token", "0400"));
}
OAuthApp app = OAuthAppCache.Get(data.Appid);
if (app == null)
{
return(Fail <GrantResponseDTO>("无效的应用id", "0400"));
}
if (app.Id != token.AppId)
{
return(Fail <GrantResponseDTO>("无效的token", "0500"));
}
CodePrivilege[] privileges = null;
if (data.Privileges != null && data.Privileges.Count > 0)
{
privileges = new CodePrivilege[data.Privileges.Count];
for (int i = 0; i < data.Privileges.Count; i++)
{
privileges[i] = new CodePrivilege {
Id = data.Privileges[i].Id, Type = data.Privileges[i].Type
};
}
}
GrantTokenPrivilegeProvider grant = new GrantTokenPrivilegeProvider(app.Appid, token.UserId, data.Scopes, data.Client.DeviceId);
if (!grant.Grant(data.GrantAll, privileges))
{
return(Fail <GrantResponseDTO>("授权失败,请重试"));
}
response.Code = grant.Auth_Code;
return(Success(response));
}
public override Task <TokenDecodeResponseDTO> Decode(TokenDecodeRequestDTO request, ServerCallContext context)
{
return(Task.Run(() =>
{
TokenDecodeResponseDTO response = new TokenDecodeResponseDTO();
var app = OAuthAppCache.Get(request.Appid);
if (app == null)
{
response.RetCode = "0400";
response.RetMsg = "无效的应用id";
return response;
}
var ut = UserTokenProvider.DecryptAccessToken(request.Token);
if (ut == null || !ut.Success)
{
response.RetCode = "0400";
response.RetMsg = "无效的token";
return response;
}
if (ut.Content.AppId != app.Id)
{
response.RetCode = "0402";
response.RetMsg = "操作不允许";
return response;
}
response.RetCode = "0000";
response.RetMsg = "ok";
response.Data = new TokenDecodeResponseDTO.Types.Result
{
Appid = ut.Content.AppId,
ExpireTime = ut.Content.Expire_Time.ToString(),
Usercode = ut.Content.UserCode,
Userid = ut.Content.UserId
};
return response;
}));
}
/// <summary>
/// 执行授权
/// </summary>
/// <returns></returns>
public bool Grant(bool takeAll, params CodePrivilege[] rights)
{
OAuthApp app = OAuthAppCache.Get(this._appid);
if (app == null)
{
Alert("未注册的应用");
return(false);
}
string[] scopeCodes = this._scope.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
var scope = ScopeCache.Get(scopeCodes);
if (scope == null || scope.Count <= 0)
{
Alert("未定义的授权类型");
return(false);
}
var fac = UserModuleFactory.GetUserModuleInstance();
IUser user = fac?.GetUserByID(this._userId);
if (user == null)
{
Alert("用户信息加载失败");
return(false);
}
if (CheckAlreadyAuth(app.Id, user.UserId))
{
return(true);
}
if (takeAll && (rights == null || rights.Length <= 0))
{
var temp = ScopeRightProvider.GetScopeRights(this._scope);
rights = new CodePrivilege[temp.Count];
for (int i = 0; i < rights.Length; i++)
{
rights[i] = new CodePrivilege
{
Id = temp[i].Right_Id,
Type = temp[i].Right_Type
};
}
}
this.Auth_Code = Guid.NewGuid().ToString("N");
//Tauth_Code daCode = new Tauth_Code();
var daCode = DaoFactory.Tauth_Code();
daCode.App_Id = app.Id;
daCode.Expire_Time = DateTime.Now.AddMinutes(5);
daCode.Grant_Code = this.Auth_Code;
daCode.Scope_Id = scope.FirstOrDefault().Id;
daCode.User_Id = user.UserId;
daCode.Device_Id = this._device_id;
if (rights != null && rights.Length > 0)
{
daCode.Right_Json = Javirs.Common.Json.JsonSerializer.JsonSerialize(rights);
}
if (!daCode.Insert())
{
Alert("授权失败,请重试!");
return(false);
}
return(true);
}
public bool Refresh()
{
var app = OAuthAppCache.Get(this._appid);
if (app == null)
{
Alert(ResultType.非法操作, "未知的应用ID");
return(false);
}
var DecryptRes = UserTokenProvider.DecryptAccessToken(this._refresh_token);
if (!DecryptRes.Success)
{
Alert(ResultType.非法操作, DecryptRes.Message);
return(false);
}
UserToken token = DecryptRes.Content;
if (token.Expire_Time < DateTime.Now)
{
Alert(ResultType.需要登陆, "令牌已过期,请重新发起用户授权");
return(false);
}
//Tauth_Token daToken = new Tauth_Token();
var daTokenCollection = DaoFactory.Tauth_TokenCollection();
if (!daTokenCollection.ListByUserId_AppId(token.UserId, app.Id))
{
Alert(ResultType.无权限, "未找到授权记录,无效的刷新令牌");
return(false);
}
ITauth_Token daToken = null;
foreach (ITauth_Token item in daTokenCollection)
{
if (item.Refresh_Token.Equals(this._refresh_token))
{
daToken = item;
}
}
if (daToken == null)
{
Alert(ResultType.非法操作, "无效的刷新令牌");
return(false);
}
if (daToken.Refresh_Timeout < DateTime.Now)
{
Alert(ResultType.无权限, "令牌已过期,请重新发起用户授权");
return(false);
}
var fac = UserModuleFactory.GetUserModuleInstance();
IUser user = fac?.GetUserByID(daToken.User_Id);
if (user == null)
{
Alert("用户不存在");
return(false);
}
string userCode = user.GetUserVoucher(UserVoucherType.自定义号码);
string newToken = UserTokenProvider.EncryptAccessToken(token.UserId, userCode, app.Id);
daToken.Token_Code = newToken;
daToken.Expire_Time = DateTime.Now.AddSeconds(this.OAuthUser.Expire_In);
if (!daToken.Update())
{
Alert(ResultType.系统异常, "Token刷新失败,请重试");
return(false);
}
this.OAuthUser.Open_Id = UserTokenProvider.EncryptOpenId(app.Id, token.UserId, userCode, app.UidEncryptKey);
this.OAuthUser.Token = newToken;
this.OAuthUser.Refresh_Token = this._refresh_token;
this.OAuthUser.Refresh_Expire_In = (int)(daToken.Refresh_Timeout - DateTime.Now).TotalDays;
return(true);
}
/// <summary>
/// 生成用户授权访问令牌
/// </summary>
/// <returns></returns>
public bool GenerateUserToken()
{
try
{
if (_app == null && !_appid.HasValue)
{
Alert(Winner.Framework.Utils.ResultType.无效数据类型, "无效的应用编号");
return(false);
}
if (_app == null)
{
_app = OAuthAppCache.Get(_appid.Value);
}
this.OAuthUser.Expire_In = _app.TokenExpireIn;
this.OAuthUser.Refresh_Expire_In = 30;
var fac = UserModuleFactory.GetUserModuleInstance();
IUser user = fac?.GetUserByID(_userid);
if (user == null)
{
Alert(Winner.Framework.Utils.ResultType.数据库查不到数据, "用户不存在");
return(false);
}
if (_daCode == null)
{
//_daCode = new Tauth_Code();
_daCode = DaoFactory.Tauth_Code();
if (this._authid.HasValue)
{
if (!_daCode.SelectByPk(this._authid.Value))
{
Alert(Winner.Framework.Utils.ResultType.无效数据类型, "无效的授权码");
return(false);
}
}
else
{
_daCode.App_Id = _app.Id;
_daCode.Expire_Time = DateTime.Now.AddMinutes(5);
_daCode.Grant_Code = Guid.NewGuid().ToString("N").ToLower();
_daCode.Scope_Id = ScopeCache.Get(this._scope).Id;
_daCode.User_Id = user.UserId;
_daCode.Device_Id = _deviceid;
_daCode.Remarks = "客户端登录自动授权";
_daCode.Status = 1;
if (!_daCode.Insert())
{
Alert(Winner.Framework.Utils.ResultType.非法操作, "登录授权失败");
return(false);
}
}
}
int refresh_token_expire_in = this.OAuthUser.Refresh_Expire_In * 86400;
string userCode = user.GetUserVoucher(UserVoucherType.自定义号码);
string open_id = EncryptOpenId(_app.Id, user.UserId, userCode, _app.UidEncryptKey);
this.OAuthUser.Open_Id = open_id;
this.OAuthUser.Token = EncryptAccessToken(user.UserId, userCode, _app.Id, this.OAuthUser.Expire_In);
this.OAuthUser.Refresh_Token = EncryptAccessToken(user.UserId, userCode, _app.Id, refresh_token_expire_in);
BeginTransaction();
//Tauth_Token daToken = new Tauth_Token();
var daToken = DaoFactory.Tauth_Token();
daToken.ReferenceTransactionFrom(Transaction);
bool exist = daToken.SelectByAppId_UserId_DeviceId(_app.Id, this._userid, this._deviceid);
daToken.App_Id = _app.Id;
daToken.Expire_Time = DateTime.Now.AddSeconds(this.OAuthUser.Expire_In);
daToken.Refresh_Timeout = DateTime.Now.AddDays(this.OAuthUser.Refresh_Expire_In);
daToken.Refresh_Token = this.OAuthUser.Refresh_Token;
daToken.Token_Code = this.OAuthUser.Token;
daToken.Scope_Id = _daCode.Scope_Id;
daToken.User_Id = _userid;
daToken.Grant_Id = _daCode.Auth_Id;
daToken.Device_Id = this._deviceid;
if (exist)
{
daToken.Last_Access_Time = DateTime.Now;
if (!daToken.Update())
{
Rollback();
Alert(Winner.Framework.Utils.ResultType.数据库更新失败, "TOKEN生成失败");
return(false);
}
}
else
{
if (!daToken.Insert())
{
Rollback();
Alert(Winner.Framework.Utils.ResultType.数据库更新失败, "TOKEN生成失败");
return(false);
}
}
this.TokenId = daToken.Token_Id;
Commit();
return(true);
}
catch (Exception ex)
{
Log.Error("生成token失败", ex);
Alert(ResultType.系统异常, "生成token失败");
return(false);
}
}
