public static AttachmentInfo DownloadTempMediaFile(string accessToken, string mediaId)
{
WebClient webClient = new WebClient();
webClient.Encoding = Encoding.UTF8;
webClient.Headers.Add(HttpRequestHeader.KeepAlive, "false");
YZUrlBuilder uri = new YZUrlBuilder("https://qyapi.weixin.qq.com/cgi-bin/media/get");
uri.QueryString["access_token"] = accessToken;
uri.QueryString["media_id"] = mediaId;
using (Stream stream = webClient.OpenRead(uri.ToString()))
{
StreamReader reader = new StreamReader(stream);
ContentDisposition contentDisposition = new ContentDisposition(webClient.ResponseHeaders["Content-Disposition"]);
AttachmentInfo attachment = new AttachmentInfo();
attachment.Name = "";
attachment.Ext = Path.GetExtension(contentDisposition.FileName);
attachment = AttachmentManager.SaveAsAttachment(stream, attachment);
return(attachment);
}
}
//https://open-doc.dingtalk.com/docs/doc.htm?spm=a219a.7629140.0.0.h16qh4&treeId=172&articleId=104969&docType=1
public JObject GetUserInfoFromCode(string accessToken, string code)
{
WebClient webClient = new WebClient();
webClient.Encoding = Encoding.UTF8;
webClient.Headers.Add(HttpRequestHeader.ContentType, "application/json");
webClient.Headers.Add(HttpRequestHeader.KeepAlive, "false");
YZUrlBuilder uri = new YZUrlBuilder("https://oapi.dingtalk.com/user/getuserinfo");
uri.QueryString["access_token"] = accessToken;
uri.QueryString["code"] = code;
byte[] dataResult = webClient.DownloadData(uri.ToString());
string strResult = Encoding.UTF8.GetString(dataResult);
JObject rv = JObject.Parse(strResult);
if ((int)rv["errcode"] != 0)
{
throw new Exception((string)rv["errmsg"]);
}
return(rv);
}
public static YZUrlBuilder FromPath(string path)
{
string urlBody;
string urlQuery;
int index = path.IndexOf('?');
if (index != -1)
{
urlBody = path.Substring(0, index);
urlQuery = path.Substring(index);
}
else
{
urlBody = path;
urlQuery = String.Empty;
}
YZUrlBuilder urlBuilder = new YZUrlBuilder("a.aspx" + urlQuery);
urlBuilder._pathFlag = true;
urlBuilder._pathBody = urlBody;
return(urlBuilder);
}
protected void Page_Load(object sender, EventArgs e)
{
if (!YZAuthHelper.IsAuthenticated)
{
FormsAuthentication.RedirectToLoginPage();
return;
}
int tid = Int32.Parse(this.Request["tid"]);
string formFile;
using (BPMConnection cn = new BPMConnection())
{
cn.WebOpen();
formFile = BPMProcess.GetDefaultReadForm(cn, tid);
}
if (String.IsNullOrEmpty(formFile))
{
throw new Exception(Resources.YZStrings.Aspx_Read_MissForm);
}
else
{
YZUrlBuilder urlBuilder = YZUtility.GetFormRedirectUrl(this.Page, formFile);
this.Response.Redirect(urlBuilder.ToString(), true);
}
}
//https://open-doc.dingtalk.com/docs/doc.htm?spm=a219a.7629140.0.0.pWvodE&treeId=385&articleId=104980&docType=1
public virtual string GetAccessToken(string cropId, string appSecret)
{
this.AcquireReaderLock();
try
{
AccessToken accessToken = this.accessTokens.Contains(appSecret) ? this.accessTokens[appSecret] : null;
if (accessToken == null ||
(accessToken.expireDate - DateTime.Now).TotalSeconds < 60)
{
this.UpgradeToWriterLock();
WebClient webClient = new WebClient();
webClient.Encoding = Encoding.UTF8;
webClient.Headers.Add(HttpRequestHeader.ContentType, "application/json");
webClient.Headers.Add(HttpRequestHeader.KeepAlive, "false");
YZUrlBuilder uri = new YZUrlBuilder("https://oapi.dingtalk.com/gettoken");
uri.QueryString["corpid"] = cropId;
uri.QueryString["corpsecret"] = appSecret;
DateTime now = DateTime.Now;
byte[] dataResult = webClient.DownloadData(uri.ToString());
string strResult = Encoding.UTF8.GetString(dataResult);
JObject rv = JObject.Parse(strResult);
if ((int)rv["errcode"] != 0)
{
throw new Exception((string)rv["errmsg"]);
}
string strAccessToken = (string)rv["access_token"];
double expiresin = 7200;
if (accessToken == null)
{
accessToken = new AccessToken();
accessToken.appSecret = appSecret;
this.accessTokens.Add(accessToken);
}
accessToken.accessToken = strAccessToken;
accessToken.expireDate = now + TimeSpan.FromSeconds(expiresin);
}
return(accessToken.accessToken);
}
finally
{
this.ReleaseLock();
}
}
public static YZUrlBuilder GetFormRedirectUrl(string formFile)
{
try
{
if (!VirtualPathUtility.IsAbsolute(formFile))
{
formFile = VirtualPathUtility.Combine("~/YZSoft/Forms/XForm/", formFile);
}
formFile = VirtualPathUtility.ToAbsolute(formFile);
}
catch
{
}
YZUrlBuilder builder = YZUrlBuilder.FromPath(formFile);
return(builder);
}
public void logout()
{
try
{
YZAuthHelper.SignOut();
}
catch (Exception)
{
//捕获 FormsAuthentication.SignOut()中的重定向
}
finally
{
YZAuthHelper.SetLogoutFlag("logout", String.Empty);
YZUrlBuilder url = YZUrlBuilder.FromPath(FormsAuthentication.LoginUrl);
url.QueryString["ReturnUrl"] = this.ReturnUrl;
this.Response.Redirect("~/admin/login/2018/Default.aspx", true);
}
}
//https://open-doc.dingtalk.com/docs/doc.htm?spm=a219a.7629140.0.0.UGqlWf&treeId=385&articleId=104966&docType=1
public virtual string GetJSapiTicket(string accessToken)
{
this.AcquireReaderLock();
try
{
if (String.IsNullOrEmpty(this.jsapi_ticket) ||
(this.jsapi_ticket_expiredate - DateTime.Now).TotalSeconds < 60)
{
this.UpgradeToWriterLock();
WebClient webClient = new WebClient();
webClient.Encoding = Encoding.UTF8;
webClient.Headers.Add(HttpRequestHeader.ContentType, "application/json");
webClient.Headers.Add(HttpRequestHeader.KeepAlive, "false");
YZUrlBuilder uri = new YZUrlBuilder("https://oapi.dingtalk.com/get_jsapi_ticket");
uri.QueryString["access_token"] = accessToken;
DateTime now = DateTime.Now;
byte[] dataResult = webClient.DownloadData(uri.ToString());
string strResult = Encoding.UTF8.GetString(dataResult);
JObject rv = JObject.Parse(strResult);
if ((int)rv["errcode"] != 0)
{
throw new Exception((string)rv["errmsg"]);
}
string ticket = (string)rv["ticket"];
double expiresin = Convert.ToDouble(rv["expires_in"]);
this.jsapi_ticket = ticket;
this.jsapi_ticket_expiredate = now + TimeSpan.FromSeconds(expiresin);
}
return(this.jsapi_ticket);
}
finally
{
this.ReleaseLock();
}
}
public static string getVat_invoice(string basestr)
{
string access_token = getAccessToken();
WebClient webClient = new WebClient();
webClient.Encoding = Encoding.UTF8;
webClient.Headers.Add(HttpRequestHeader.ContentType, "application/x-www-form-urlencoded");
YZUrlBuilder uri = new YZUrlBuilder("https://aip.baidubce.com/rest/2.0/ocr/v1/vat_invoice");
uri.QueryString["access_token"] = access_token;
string param = "image=" + basestr;
byte[] bytes = Encoding.UTF8.GetBytes(param);
byte[] dataResult = webClient.UploadData(uri.ToString(), "POST", bytes);
string strResult = Encoding.UTF8.GetString(dataResult);
return(strResult);
}
public static String getAccessToken()
{
WebClient webClient = new WebClient();
webClient.Encoding = Encoding.UTF8;
webClient.Headers.Add(HttpRequestHeader.ContentType, "application/json");
webClient.Headers.Add(HttpRequestHeader.KeepAlive, "false");
YZUrlBuilder uri = new YZUrlBuilder("https://aip.baidubce.com/oauth/2.0/token");
uri.QueryString["grant_type"] = "client_credentials";
uri.QueryString["client_id"] = clientId;
uri.QueryString["client_secret"] = clientSecret;
DateTime now = DateTime.Now;
byte[] dataResult = webClient.DownloadData(uri.ToString());
string strResult = Encoding.UTF8.GetString(dataResult);
string access_token = Convert.ToString(JObject.Parse(strResult)["access_token"]);
return(access_token);
}
public static YZUrlBuilder GetFormRedirectUrl(Page page, string formFile)
{
try
{
if (!VirtualPathUtility.IsAbsolute(formFile))
{
formFile = VirtualPathUtility.Combine("~/YZSoft/Forms/XForm/", formFile);
}
}
catch
{
}
YZUrlBuilder builder = YZUrlBuilder.FromPath(page.ResolveClientUrl(formFile));
foreach (string key in page.Request.QueryString.Keys)
{
builder.QueryString[key] = page.Request.QueryString[key];
}
return(builder);
}
protected void Page_Load(object sender, EventArgs e)
{
if (!YZAuthHelper.IsAuthenticated)
{
FormsAuthentication.RedirectToLoginPage();
}
string appName = this.Request.QueryString["app"];
FormApplication formApplication = null;
using (BPMConnection cn = new BPMConnection())
{
cn.WebOpen();
formApplication = FormApplication.Load(cn, appName);
}
string formFile = formApplication.Form;
YZUrlBuilder urlBuilder = YZUtility.GetFormRedirectUrl(this.Page, formFile);
urlBuilder.QueryString["md"] = "App";
this.Response.Redirect(urlBuilder.ToString(), true);
}
protected virtual void ParseMobileForm(string mobileForm, out string xclass, out JObject config)
{
if (String.IsNullOrEmpty(mobileForm))
{
xclass = "";
config = new JObject();
return;
}
int index = mobileForm.IndexOf('?');
if (index == -1)
{
xclass = mobileForm;
config = new JObject();
return;
}
xclass = mobileForm.Substring(0, index);
YZUrlBuilder builder = new YZUrlBuilder(xclass);
config = JObject.FromObject(builder.QueryString);
}
protected void Page_Load(object sender, EventArgs e)
{
string code = this.Request.Params["code"];
string app = this.Request.Params["app"];
string linsql = "";
using (IYZAppAdminProvider applogin = IYZAppAdminProviderManager.DefaultProvider)
{
YZAppAdmin.LoginModule lm = applogin.LoadLogin();
if (lm.WxLogin != "1")
{
this.Response.Clear();
this.Response.Write("<script>alert('未开启微信登陆')</script>");
return;
}
wechat.corpId = lm.WxId;
wechat.agentId = lm.WxAgentId;
wechat.secret = lm.WxSecret;
linsql = lm.WxLinkSql;
}
if (String.IsNullOrEmpty(app))
{
app = "main";
}
if (String.IsNullOrEmpty(code))
{
YZUrlBuilder uri = new YZUrlBuilder("https://open.weixin.qq.com/connect/oauth2/authorize");
uri.QueryString["appid"] = wechat.corpId;
uri.QueryString["response_type"] = "code";
uri.QueryString["redirect_uri"] = this.Request.Url.ToString();
uri.QueryString["scope"] = "SCOPE";
uri.QueryString["state"] = "STATE#wechat_redirect";
this.Response.Redirect(uri.ToString());
}
else
{
try
{
JObject jApp = jApps[app] as JObject;
string accesstoken = WeChatManager.Instance.GetAccessToken(wechat.corpId, wechat.secret);
string userid = WeChatManager.Instance.TryGetUserIdFromCode(accesstoken, code);
string ticket = WeChatManager.Instance.GetJSapiTicket(accesstoken);
string timeStamp = WeChatManager.Instance.GetTimeStamp();
string nonceStr = YZSecurityHelper.SecurityKey;
string url = this.Request.Url.ToString();
string signature = WeChatManager.Instance.GenSigurate(nonceStr, timeStamp, ticket, url);
if (String.IsNullOrEmpty(userid))
{
throw new Exception("非企业号用户!");
}
if (!string.IsNullOrEmpty(linsql))
{
string sql = string.Format(linsql, userid);
userid = Convert.ToString(DBUtil_APP.GetSingle(sql));
}
using (BPMConnection cn = new BPMConnection())
{
cn.WebOpenAnonymous();
string regularAccount = null;
if (!BPM.Client.User.IsAccountExist(cn, userid, ref regularAccount))
{
throw new Exception(String.Format("当前企业号登录用户{0},不是有效的BPM账号!", userid));
}
YZAuthHelper.SetAuthCookie(regularAccount);
this.Title = (string)jApp["title"];
JObject jAppResult = new JObject();
jAppResult["app"] = app;
jAppResult["agentId"] = wechat.agentId;
jAppResult["secret"] = wechat.secret;
jAppResult["title"] = jApp["title"];
jAppResult["corpId"] = corpId;
jAppResult["timeStamp"] = timeStamp;
jAppResult["nonceStr"] = nonceStr;
jAppResult["signature"] = signature;
jAppResult["jsApiList"] = jApp["jsApiList"];
jAppResult["xclass"] = jApp["xclass"];
JObject jConfig = jApp["config"] == null ? new JObject() : JObject.FromObject(jApp["config"]);
jAppResult["config"] = jConfig;
foreach (string key in this.Request.QueryString.Keys)
{
jConfig[key] = this.Request.QueryString[key];
}
this._litApp.Text = jAppResult.ToString(Formatting.Indented, YZJsonHelper.Converters);
}
}
catch (Exception exp)
{
if (exp.Message.Contains("query?e=40029"))
{
YZUrlBuilder uri = new YZUrlBuilder("https://open.weixin.qq.com/connect/oauth2/authorize");
uri.QueryString["appid"] = wechat.corpId;
uri.QueryString["response_type"] = "code";
string url = this.Request.Url.ToString();
int code2 = url.IndexOf("code");
url = url.Substring(0, code2 - 1);
uri.QueryString["redirect_uri"] = url;
uri.QueryString["scope"] = "SCOPE";
uri.QueryString["state"] = "STATE#wechat_redirect";
this.Response.Redirect(uri.ToString());
}
else
{
this.Response.Redirect("~/YZSoft/assist/AspxError/default.aspx?err=" + HttpUtility.UrlEncode(exp.Message));
}
}
}
}
public void Default()
{
bool webLogin = String.Compare(WebConfigurationManager.AppSettings["WebLoginEnable"], "false", true) == 0 ? false : true;
bool ntLogin = String.Compare(WebConfigurationManager.AppSettings["NTLoginEnable"], "false", true) == 0 ? false : true;
this._btnLogin.InnerHtml = Resources.YZStrings.Aspx_Login_BtnLogin;
this._btnLoginNT.InnerHtml = Resources.YZStrings.Aspx_Login_BtnNTLogin;
//调转到单点登录
string ssoUrl = this.ssoUrl;
string ssoReturnUrlParamName = this.ssoReturnUrlParamName;
if (!String.IsNullOrEmpty(ssoUrl))
{
YZUrlBuilder url = YZUrlBuilder.FromPath(ssoUrl);
url.QueryString[ssoReturnUrlParamName] = this.ReturnUrl;
Response.Redirect(url.ToString(), true);
}
//页标题
this.Page.Title = System.Web.Configuration.WebConfigurationManager.AppSettings["CompanyInfoLoginPageTitle"];
if (String.IsNullOrEmpty(this.Page.Title))
{
this.Page.Title = Resources.YZStrings.Aspx_Login_Title;
}
//根据启动程序应用Css
string startApp = System.Web.Configuration.WebConfigurationManager.AppSettings["StartApp"];
if (String.IsNullOrEmpty(startApp))
{
startApp = "BPM2018/BPM/Portal";
}
string[] paths = startApp.Split(new char[] { '/', '\\' });
string cssfile = String.Format("../../../{0}/login.css", paths[0]);
if (paths.Length >= 1 && System.IO.File.Exists(Server.MapPath(cssfile)))
{
this._litLoginCss.Text = String.Format("<link href=\"{0}\" rel=\"stylesheet\" type=\"text/css\" />", cssfile);
}
//初始化画面
List <string> pnlCls = new List <string>();
pnlCls.Add("login-panel");
this._txtUid.Attributes["placeholder"] = Resources.YZStrings.Aspx_Login_Placeholder_Account;
this._txtPwd.Attributes["placeholder"] = Resources.YZStrings.Aspx_Login_Placeholder_Password;
if (!webLogin)
{
this._txtUid.Disabled = true;
this._txtPwd.Disabled = true;
this._btnLogin.Disabled = true;
pnlCls.Add("web-login-denied");
}
if (!ntLogin)
{
this._btnLoginNT.Disabled = true;
pnlCls.Add("nt-login-denied");
}
this._pnlLogin.Attributes["class"] = String.Join(" ", pnlCls.ToArray());
}
protected void Page_Load(object sender, EventArgs e)
{
if (!YZAuthHelper.IsAuthenticated)
{
string token = this.Request.QueryString["Token"];
if (!String.IsNullOrEmpty(token))
{
using (SqlConnection cn = new SqlConnection())
{
cn.ConnectionString = System.Web.Configuration.WebConfigurationManager.ConnectionStrings["BPMDB"].ConnectionString;
cn.Open();
using (SqlCommand cmd = new SqlCommand())
{
cmd.Connection = cn;
cmd.CommandText = "SELECT StepID,Account,hash FROM BPMInstProcessToken WHERE Token=@Token";
cmd.Parameters.Add("@Token", SqlDbType.NVarChar).Value = token;
using (DBReader reader = new DBReader(cmd.ExecuteReader()))
{
if (reader.Read())
{
int stepid = Int32.Parse(this.Request.QueryString["pid"]);
int stepidSaved = reader.ReadInt32(0);
string account = reader.ReadString(1);
string hash = reader.ReadString(2);
if (stepid == stepidSaved)
{
List <string> values = new List <string>();
values.Add(token);
values.Add(stepid.ToString());
values.Add(account);
if (YZSecurityHelper.CheckHash(values, hash, YZSecurityHelper.SecurityKey))
{
YZAuthHelper.SetAuthCookie(account);
}
}
}
}
}
}
}
}
if (!YZAuthHelper.IsAuthenticated)
{
FormsAuthentication.RedirectToLoginPage();
return;
}
int pid = Int32.Parse(this.Request["pid"]);
BPM.Client.ProcessInfo processInfo;
using (BPMConnection cn = new BPMConnection())
{
cn.WebOpen();
//如果是共享任务,表单打开时直接获取共享任务
//BPMProcStep step = BPMProcStep.Load(cn,pid);
//if (step.Share)
// BPMProcStep.PickupShareStep(cn, pid);
processInfo = BPMProcess.GetProcessInfo(cn, pid);
}
if (String.IsNullOrEmpty(processInfo.FormFile))
{
throw new Exception(Resources.YZStrings.Aspx_Process_MissForm);
}
else
{
YZUrlBuilder urlBuilder = YZUtility.GetFormRedirectUrl(this.Page, processInfo.FormFile);
this.Response.Redirect(urlBuilder.ToString(), true);
}
}
