/// <summary>
/// 生成访问票据
/// </summary>
/// <returns></returns>
public static AccessTicket GenerateTicket()
{
AccessTicket aTicket = new AccessTicket();
aTicket.GenerateTime = SNTPClient.AdjustedTime;
return(aTicket);
}
/// <summary>
/// 生成访问票据
/// </summary>
/// <returns></returns>
public static AccessTicket GenerateTicket()
{
AccessTicket aTicket = new AccessTicket();
aTicket.GenerateTime = DateTime.Now;
return(aTicket);
}
/// <summary>
/// 生成访问票据
/// </summary>
/// <returns></returns>
public static AccessTicket GenerateTicket()
{
AccessTicket aTicket = new AccessTicket();
aTicket.GenerateTime = DateTime.Now;
return aTicket;
}
/// <summary>
/// 是否是合法的票据
/// </summary>
/// <param name="timeout">有效期</param>
/// <returns></returns>
public static bool IsValidAccessTicket(TimeSpan timeout)
{
bool result = false;
AccessTicket ticket = GetAccessTicket();
if (ticket != null)
{
result = ticket.TimeStampIsValid(timeout);
}
return(result);
}
/// <summary>
/// 如果接收到页面访问票据的请求,则生成访问票据
/// </summary>
private static void ProcessAccquireAccessTicket()
{
HttpRequest request = HttpContext.Current.Request;
AccessTicket aTicket = new AccessTicket();
aTicket.GenerateTime = DateTime.Now;
Uri targetUri = new Uri(request.QueryString[AccessTicket.AccquireAccessTicketParamName], UriKind.RelativeOrAbsolute);
aTicket.DestinationUrl = targetUri.ToString();
if (request.QueryString[AccessTicket.AutoMakeAbsoluteParamName] != null && request.QueryString[AccessTicket.AutoMakeAbsoluteParamName].ToLower() == "true")
{
aTicket.MakeDestinationUrlAbsolute(request.Url);
}
StringBuilder strB = new StringBuilder();
strB.AppendLine("<script type=\"text/javascript\">");
strB.AppendFormat("var anchor = parent.document.getElementById(\"{0}\");\n", request.QueryString["_anchorID"]);
strB.AppendFormat("anchor.href = \"{0}\";\n",
aTicket.AppendToUrl(targetUri.ToString()));
strB.AppendLine("var eventSink = anchor.getAttribute(\"OnClientAccquiredAccessTicket\");");
strB.AppendLine("if (eventSink && eventSink != \"\")");
strB.AppendLine("\teval(\"parent.\" + eventSink + \"(anchor)\");");
strB.AppendLine("</script>");
HttpResponse response = HttpContext.Current.Response;
try
{
response.Cache.SetCacheability(HttpCacheability.NoCache);
response.Write(strB.ToString());
}
catch (System.Exception ex)
{
ex.WriteToEventLog("webApplicationError");
response.Write(ex.ToString());
}
finally
{
response.End();
}
}
/// <summary>
/// 从Url中的参数中,检查访问票据
/// </summary>
/// <param name="matchedUrl">需要匹配的url,如果为null,表示不需要检查</param>
/// <param name="urlCheckParts">Url中需要检查的部分</param>
/// <param name="timeout">有效期</param>
public static AccessTicket CheckAccessTicket(Uri matchedUrl, AccessTicketUrlCheckParts urlCheckParts, TimeSpan timeout)
{
AccessTicket ticket = GetAccessTicket();
(ticket == null).TrueThrow <AccessTicketCheckException>(Translator.Translate(Define.DefaultCategory, "您没有权限访问此页面"));
(ticket.TimeStampIsValid(timeout)).FalseThrow <AccessTicketCheckException>
(Translator.Translate(Define.DefaultCategory, "访问票据已经过期,您没有权限访问此页面"));
if (matchedUrl != null)
{
ticket.UrlIsValid(matchedUrl, urlCheckParts).FalseThrow <AccessTicketCheckException>
(Translator.Translate(Define.DefaultCategory, "票据中的地址不匹配,您没有权限访问此页面"));
}
return(ticket);
}
/// <summary>
/// 从url中得到票据
/// </summary>
/// <returns></returns>
public static AccessTicket GetAccessTicket()
{
Common.CheckHttpContext();
HttpRequest request = HttpContext.Current.Request;
string aTicketString = request.QueryString[AccessTicket.AccessTicketParamName];
AccessTicket result = null;
if (aTicketString.IsNotEmpty())
{
result = AccessTicket.FromString(Common.DecryptString(aTicketString));
}
return(result);
}
/// <summary>
/// 从字符串恢复AccessTicket,如果不能解析,则返回null
/// </summary>
/// <param name="aTicketString"></param>
/// <returns></returns>
public static AccessTicket FromString(string aTicketString)
{
AccessTicket result = null;
if (aTicketString.IsNotEmpty())
{
XmlDocument xmlDoc = XmlHelper.CreateDomDocument(aTicketString);
result = new AccessTicket();
XmlElement root = xmlDoc.DocumentElement;
result.SourceUrl = XmlHelper.GetAttributeText(root, "su", string.Empty);
result.DestinationUrl = XmlHelper.GetAttributeText(root, "du", string.Empty);
result.GenerateTime = XmlHelper.GetAttributeValue(root, "gt", DateTime.MinValue);
}
return(result);
}
/// <summary>
/// 从字符串恢复AccessTicket,如果不能解析,则返回null
/// </summary>
/// <param name="aTicketString"></param>
/// <returns></returns>
public static AccessTicket FromString(string aTicketString)
{
AccessTicket result = null;
if (aTicketString.IsNotEmpty())
{
XmlDocument xmlDoc = XmlHelper.CreateDomDocument(aTicketString);
result = new AccessTicket();
XmlElement root = xmlDoc.DocumentElement;
result.SourceUrl = XmlHelper.GetAttributeText(root, "su", string.Empty);
result.DestinationUrl = XmlHelper.GetAttributeText(root, "du", string.Empty);
result.GenerateTime = XmlHelper.GetAttributeValue(root, "gt", DateTime.MinValue);
}
return result;
}
internal AccessTicketCheckEventArgs(AccessTicket ticket, bool isValid, string errorMessage)
{
this.Ticket = ticket;
this.IsValid = isValid;
this.ErrorMessage = errorMessage;
}
