/// <summary>
/// 生成 ticket ,对应 token 缓存起来. 发布 token 以供 client 验证.
/// </summary>
public static string IssueToken(CasTicket ticket)
{
var token = "ST-" + Guid.NewGuid().ToString("N") + "-cas";
AddCache(token, ticket);
return token;
}
public static CasTicket AddCache(string token, CasTicket ticket, int exprieTimeMinutes = 1)
{
if (HttpContext.Current == null || HttpContext.Current.Cache == null)
{
return null;
}
var exprieTime = DateTime.Now.AddMinutes(exprieTimeMinutes);
HttpContext.Current.Cache.Add(token, ticket, null, exprieTime, Cache.NoSlidingExpiration,
CacheItemPriority.Normal, null);
return ticket;
}
public ActionResult Login(string returnUrl, string appKey)
{
if (Current.UserIdentity != null)
{
// 登陆状态已经认证通过
if (string.IsNullOrWhiteSpace(returnUrl))
{
return RedirectToAction("Index", "Home");
}
else
{
// 如果存在 returnUrl 进行判断
// 如果这是一个非同域, 那么需要生成token附加链接,
// 否者直接跳转进行到同域进行认证登陆.
var sameDomain = new Uri(returnUrl).Host.EndsWith(ServerConfig.CookieDomain);
if (!sameDomain)
{
// issue token
var ticket = new CasTicket()
{
AppKey = appKey,
UserAlias = Current.UserIdentity.UserAlias,
UserName = Current.UserIdentity.Name,
};
var token = CacheTickets.IssueToken(ticket);
returnUrl = GetValidateTokenUrl(returnUrl, token);
}
return Redirect(returnUrl);
}
}
// 没有身份信息,重新登陆
ViewBag.ReturnUrl = returnUrl;
ViewBag.AppKey = appKey;
return View();
}
public ActionResult Login(LoginModel model, string returnUrl, string appKey)
{
if (!ModelState.IsValid)
{
return View(model);
}
var userInfo = UserBiz.GetUserInfo(model.UserName, model.Password);
if (userInfo == null)
{
// 验证不通过
ModelState.AddModelError("", "提供的用户名或密码不正确。");
return View(model);
}
// 验证通过
var cookieInfo = new SSOCookieInfo() {Alias = userInfo.Alias, Name = userInfo.Name};
SSOAuthentication.SetAuthCookie(cookieInfo, ServerConfig.CookieName, ServerConfig.CookieDomain);
if (string.IsNullOrWhiteSpace(returnUrl))
{
return RedirectToAction("Index", "Home");
}
if (Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else
{
// 如果存在 returnUrl 进行判断
var sameDomain = true;
try
{
sameDomain = new Uri(returnUrl).Host.EndsWith(ServerConfig.CookieDomain);
}
catch
{
}
// 如果这是一个非同域, 那么需要生成token附加链接,
// 否者直接跳转进行到同域进行认证登陆.
if (!sameDomain)
{
// issue token
var ticket = new CasTicket()
{
AppKey = appKey,
UserAlias = userInfo.Alias,
UserName = userInfo.Name,
};
var token = CacheTickets.IssueToken(ticket);
returnUrl = GetValidateTokenUrl(returnUrl, token);
}
}
return Redirect(returnUrl);
}