public bool OAuthAccess() { var app = OAuthAppCache.Get(this._appid); if (app == null) { Alert("无效的应用编号"); return(false); } //Tauth_Code daCode = new Tauth_Code(); var daCode = DaoFactory.Tauth_Code(); if (!daCode.SelectByAppId_GrantCode(app.Id, this._auth_code)) { Alert("无效的授权码"); return(false); } if (daCode.Status == 1) { Alert("该授权码已被使用,不能重复使用"); return(false); } if (daCode.Expire_Time < DateTime.Now) { Alert("授权码已过期"); return(false); } daCode.Status = 1; if (!daCode.Update()) { Alert("授权码验证失败"); return(false); } var scope = ScopeCache.Get(daCode.Scope_Id); BeginTransaction(); UserTokenProvider utp = new UserTokenProvider(app, daCode.User_Id, daCode, scope.Code); utp.ReferenceTransactionFrom(Transaction); if (!utp.GenerateUserToken()) { Rollback(); Alert(utp.PromptInfo); return(false); } this.OAuthUser = utp.OAuthUser; if (!UpdateTokenRights(utp.TokenId, utp.Refresh_Timeout, daCode.Right_Json)) { Rollback(); return(false); } Commit(); return(true); }
/// <summary> /// 检查是否已经授权了 /// </summary> /// <param name="appid"></param> /// <param name="userId"></param> /// <returns></returns> private bool CheckAlreadyAuth(int appid, int userId) { //Tauth_Code daCode = new Tauth_Code(); var daCode = DaoFactory.Tauth_Code(); if (!daCode.SelectByAppid_UserId(appid, userId)) { return(false); } if (daCode.Expire_Time < DateTime.Now) { return(false); } if (daCode.Status == 1) { return(false); } this.Auth_Code = daCode.Grant_Code; return(true); }
/// <summary> /// 生成用户授权访问令牌 /// </summary> /// <returns></returns> public bool GenerateUserToken() { try { if (_app == null && !_appid.HasValue) { Alert(Winner.Framework.Utils.ResultType.无效数据类型, "无效的应用编号"); return(false); } if (_app == null) { _app = OAuthAppCache.Get(_appid.Value); } this.OAuthUser.Expire_In = _app.TokenExpireIn; this.OAuthUser.Refresh_Expire_In = 30; var fac = UserModuleFactory.GetUserModuleInstance(); IUser user = fac?.GetUserByID(_userid); if (user == null) { Alert(Winner.Framework.Utils.ResultType.数据库查不到数据, "用户不存在"); return(false); } if (_daCode == null) { //_daCode = new Tauth_Code(); _daCode = DaoFactory.Tauth_Code(); if (this._authid.HasValue) { if (!_daCode.SelectByPk(this._authid.Value)) { Alert(Winner.Framework.Utils.ResultType.无效数据类型, "无效的授权码"); return(false); } } else { _daCode.App_Id = _app.Id; _daCode.Expire_Time = DateTime.Now.AddMinutes(5); _daCode.Grant_Code = Guid.NewGuid().ToString("N").ToLower(); _daCode.Scope_Id = ScopeCache.Get(this._scope).Id; _daCode.User_Id = user.UserId; _daCode.Device_Id = _deviceid; _daCode.Remarks = "客户端登录自动授权"; _daCode.Status = 1; if (!_daCode.Insert()) { Alert(Winner.Framework.Utils.ResultType.非法操作, "登录授权失败"); return(false); } } } int refresh_token_expire_in = this.OAuthUser.Refresh_Expire_In * 86400; string userCode = user.GetUserVoucher(UserVoucherType.自定义号码); string open_id = EncryptOpenId(_app.Id, user.UserId, userCode, _app.UidEncryptKey); this.OAuthUser.Open_Id = open_id; this.OAuthUser.Token = EncryptAccessToken(user.UserId, userCode, _app.Id, this.OAuthUser.Expire_In); this.OAuthUser.Refresh_Token = EncryptAccessToken(user.UserId, userCode, _app.Id, refresh_token_expire_in); BeginTransaction(); //Tauth_Token daToken = new Tauth_Token(); var daToken = DaoFactory.Tauth_Token(); daToken.ReferenceTransactionFrom(Transaction); bool exist = daToken.SelectByAppId_UserId_DeviceId(_app.Id, this._userid, this._deviceid); daToken.App_Id = _app.Id; daToken.Expire_Time = DateTime.Now.AddSeconds(this.OAuthUser.Expire_In); daToken.Refresh_Timeout = DateTime.Now.AddDays(this.OAuthUser.Refresh_Expire_In); daToken.Refresh_Token = this.OAuthUser.Refresh_Token; daToken.Token_Code = this.OAuthUser.Token; daToken.Scope_Id = _daCode.Scope_Id; daToken.User_Id = _userid; daToken.Grant_Id = _daCode.Auth_Id; daToken.Device_Id = this._deviceid; if (exist) { daToken.Last_Access_Time = DateTime.Now; if (!daToken.Update()) { Rollback(); Alert(Winner.Framework.Utils.ResultType.数据库更新失败, "TOKEN生成失败"); return(false); } } else { if (!daToken.Insert()) { Rollback(); Alert(Winner.Framework.Utils.ResultType.数据库更新失败, "TOKEN生成失败"); return(false); } } this.TokenId = daToken.Token_Id; Commit(); return(true); } catch (Exception ex) { Log.Error("生成token失败", ex); Alert(ResultType.系统异常, "生成token失败"); return(false); } }
/// <summary> /// 执行授权 /// </summary> /// <returns></returns> public bool Grant(bool takeAll, params CodePrivilege[] rights) { OAuthApp app = OAuthAppCache.Get(this._appid); if (app == null) { Alert("未注册的应用"); return(false); } string[] scopeCodes = this._scope.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries); var scope = ScopeCache.Get(scopeCodes); if (scope == null || scope.Count <= 0) { Alert("未定义的授权类型"); return(false); } var fac = UserModuleFactory.GetUserModuleInstance(); IUser user = fac?.GetUserByID(this._userId); if (user == null) { Alert("用户信息加载失败"); return(false); } if (CheckAlreadyAuth(app.Id, user.UserId)) { return(true); } if (takeAll && (rights == null || rights.Length <= 0)) { var temp = ScopeRightProvider.GetScopeRights(this._scope); rights = new CodePrivilege[temp.Count]; for (int i = 0; i < rights.Length; i++) { rights[i] = new CodePrivilege { Id = temp[i].Right_Id, Type = temp[i].Right_Type }; } } this.Auth_Code = Guid.NewGuid().ToString("N"); //Tauth_Code daCode = new Tauth_Code(); var daCode = DaoFactory.Tauth_Code(); daCode.App_Id = app.Id; daCode.Expire_Time = DateTime.Now.AddMinutes(5); daCode.Grant_Code = this.Auth_Code; daCode.Scope_Id = scope.FirstOrDefault().Id; daCode.User_Id = user.UserId; daCode.Device_Id = this._device_id; if (rights != null && rights.Length > 0) { daCode.Right_Json = Javirs.Common.Json.JsonSerializer.JsonSerialize(rights); } if (!daCode.Insert()) { Alert("授权失败,请重试!"); return(false); } return(true); }