update

TEAMModelBI/Controllers/BINormal/CompanyController.cs

@@ -130,12 +130,10 @@ namespace TEAMModelBI.Controllers.BINormal
                 {
                     company.RowKey = Guid.NewGuid().ToString();
                     company.PartitionKey = "BusinessConfig";
-                    company.salt = salt;
-                    company.pwd = string.IsNullOrWhiteSpace(company.pwd) ? Utils.HashedPassword("123456", salt) : Utils.HashedPassword(company.pwd, salt);//Password，若梦没有则是默认密码：123456
                     company.createTime = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
-                    company.jti = Guid.NewGuid().ToString();
-                    company.token = JwtAuth.CreateBusinessJwtKeyBI(_option.Location, _option.JwtSecretKey, company.RowKey, company.jti);
-
+                    var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, company.RowKey, _option.JwtSecretKey, "business");
+                    company.jti = auth_token.jti;
+                    company.token = auth_token.jwt;
                     company = await table.SaveOrUpdate<BusinessConfig>(company);
                     companys.Add(company);
                     strMsg.Append($"{company.name}【{company.RowKey}】新增企业基础信息。");
@@ -169,12 +167,10 @@ namespace TEAMModelBI.Controllers.BINormal
                     {
                         company.RowKey = Guid.NewGuid().ToString();
                         company.PartitionKey = "BusinessConfig";
-                        company.salt = salt;
-                        company.pwd = string.IsNullOrWhiteSpace(company.pwd) ? Utils.HashedPassword("123456", salt) : Utils.HashedPassword(company.pwd, salt);//Password，若梦没有则是默认密码：123456
-                        company.createTime = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
-                        company.jti = Guid.NewGuid().ToString();
-                        company.token = JwtAuth.CreateBusinessJwtKeyBI(_option.Location, _option.JwtSecretKey, company.RowKey, company.jti);
-
+                         company.createTime = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
+                        var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, company.RowKey, _option.JwtSecretKey, "business");
+                        company.jti = auth_token.jti;
+                        company.token = auth_token.jwt;
                         company = await table.SaveOrUpdate<BusinessConfig>(company);
                         companys.Add(company);
                         strMsg.Append($"{company.name}【{company.RowKey}】新增企业基础信息:{company}。");
@@ -182,40 +178,7 @@ namespace TEAMModelBI.Controllers.BINormal
                     }
                 }
 
-                ////存储在CosmosDB表
-                ////新增企业信息
-                //if (string.IsNullOrEmpty(company.id))
-                //{
-                //    company.id = Guid.NewGuid().ToString();
-                //    company.code = "Company";
-                //    company.salt = salt;
-                //    company.password = string.IsNullOrWhiteSpace(company.password) ? Utils.HashedPassword("123456", salt) : Utils.HashedPassword(company.password, salt);//Password，若梦没有则是默认密码：123456
-                //    company.createTime = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
-                //    company.jti = Guid.NewGuid().ToString();
-                //    company.secretKey = JwtAuth.CreateBusinessJwtKeyBI(_option.Location, _option.JwtSecretKey, company.id, company.jti);
-                //    await cosmosClient.GetContainer("TEAMModelOS", "Normal").CreateItemAsync<Company>(company, new PartitionKey(company.code));
-                //    strMsg.Append($"{company.name}【{company.id}】新增企业基础信息。");
-                //    type = "business-add";
-                //}
-                ////修改企业信息
-                //else
-                //{
-                //    var respone = await cosmosClient.GetContainer("TEAMModelOS", "Normal").ReadItemStreamAsync(company.id, new PartitionKey($""));
-                //    if (respone.Status == 200)
-                //    {
-                //        company.pk = "Company";
-                //        company.code = "Company";
-                //        company.ttl = -1;
-                //        company.salt = salt;
-                //        company.password = string.IsNullOrWhiteSpace(company.password) ? Utils.HashedPassword("123456", salt) : Utils.HashedPassword(company.password, salt);//Password，若梦没有则是默认密码：123456
-
-                //        company = await cosmosClient.GetContainer("TEAMModelOS", "Normal").ReplaceItemAsync<Company>(company, company.id, new PartitionKey(company.code));
-                //        strMsg.Append($"{company.name}【{company.id}】修改企业基础信息。");
-                //        type = "business-update";
-                //    }
-                //    else return Ok(new { state = 404, msg = "未找到该id相关的企业信息" });
-                //}
-
+                
                 //保存操作记录
                 //await _azureStorage.SaveBILog(type, strMsg.ToString(), _dingDing, httpContext: HttpContext);
                 await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, type, strMsg.ToString(), _dingDing, httpContext: HttpContext);
@@ -406,14 +369,13 @@ namespace TEAMModelBI.Controllers.BINormal
                     if ($"{resetType}".Equals("pwd"))
                     {
                         string salt = Utils.CreatSaltString(8);
-                        busConfig.salt = salt;
-                        busConfig.pwd = Utils.HashedPassword("123456", salt);
                     }
 
                     if ($"{resetType}".Equals("token"))
                     {
-                        busConfig.jti = Guid.NewGuid().ToString();
-                        busConfig.token = JwtAuth.CreateBusinessJwtKeyBI(_option.Location, _option.JwtSecretKey, busConfig.RowKey, busConfig.jti);
+                        var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, busConfig.RowKey, _option.JwtSecretKey, "business");
+                        busConfig.jti = auth_token.jti;
+                        busConfig.token = auth_token.jwt;
                     }
                 }
                 if ($"{resetType}".Equals("pwd") || $"{resetType}".Equals("token"))

TEAMModelBI/Controllers/OpenApi/CourseController.cs

@@ -111,7 +111,7 @@ namespace TEAMModelAPI.Controllers
         /// <returns></returns>
         [ProducesDefaultResponseType]
         [HttpPost("get-period-timetable")]
-        [ApiToken(Auth = "1303", Name = "试卷和评测的条件信息", RWN = "R", Limit = false)]
+        [ApiToken(Auth = "1303", Name = "获取指定学段作息", RWN = "R", Limit = false)]
         public async Task<IActionResult> GetPaperExamCondition(JsonElement json)
         {
             json.TryGetProperty("periodId", out JsonElement _periodId);
@@ -132,7 +132,7 @@ namespace TEAMModelAPI.Controllers
 
         [ProducesDefaultResponseType]
         [HttpPost("upsert-course-infos")]
-        [ApiToken(Auth = "1304", Name = "课程详细信息", RWN = "W", Limit = false)]
+        [ApiToken(Auth = "1304", Name = "创建或更新课程", RWN = "W", Limit = false)]
         public async Task<IActionResult> UpsertCourseInfo(CourseDtoImpt json)
         {
             var (id, school) = HttpContext.GetApiTokenInfo();

TEAMModelBI/Controllers/OpenApi/OpenApiConfigController.cs

@@ -53,15 +53,16 @@ namespace TEAMModelBI.Controllers
             {   if (!request.TryGetProperty("id", out JsonElement _id)) { return BadRequest(); }
                 var table = _azureStorage.GetCloudTableClient().GetTableReference("IESOpenApi");
                 List<BusinessConfig> configs = table.FindListByDictSync<BusinessConfig>(new Dictionary<string, object> { { "PartitionKey", $"BusinessConfig" }, { "RowKey", $"{_id}" } });
-                string jtw = "";
+                string jwt = "";
                 if (configs.Any()) {
-                    var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.HostName, configs[0].RowKey, _option.JwtSecretKey, "business");
-                    jtw = auth_token.jtw;
+                    var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, configs[0].RowKey, _option.JwtSecretKey, "business");
+                    jwt = auth_token.jwt;
                     configs[0].jti = auth_token.jti;
+                    configs[0].token = auth_token.jwt;
                     await table.SaveOrUpdate<BusinessConfig>(configs[0]);
                 }
                
-                return Ok(new {jtw  });
+                return Ok(new { jwt });
             }
             catch (Exception e)
             {

TEAMModelBI/Controllers/OpenApi/RoomController.cs

@@ -114,13 +114,13 @@ namespace TEAMModelAPI.Controllers
         }
 
         /// <summary>
-        /// 创建或更新教学班基本信息
+        /// 创建更新物理教室
         /// </summary>
         /// <param name="request"></param>
         /// <returns></returns>
         [ProducesDefaultResponseType]
         [HttpPost("upsert-room-infos")]
-        [ApiToken(Auth = "1403", Name = "创建或更新教学班", RWN = "W", Limit = false)]
+        [ApiToken(Auth = "1403", Name = "创建更新物理教室", RWN = "W", Limit = false)]
         public async Task<IActionResult> UpsertRoomInfo(RoomsDto json)
         {
             var (id, school) = HttpContext.GetApiTokenInfo();

TEAMModelBI/Controllers/OpenApi/TeacherController.cs

@@ -166,7 +166,7 @@ namespace TEAMModelAPI.Controllers
         /// <returns></returns>
         [ProducesDefaultResponseType]
         [HttpPost("import-school-teacher")]
-        [ApiToken(Auth = "1503", Name = "学校教师信息", RWN = "R", Limit = false)]
+        [ApiToken(Auth = "1503", Name = "批量导入教师", RWN = "R", Limit = false)]
         public async Task<IActionResult> ImportSchoolTeacher(ImportTechDto json)
         {
             //如果需要同时导入学科，则需要填写学段

TEAMModelBI/Tool/Extension/JwtAuth.cs

@@ -59,39 +59,7 @@ namespace TEAMModelBI.Models.Extension
             var serializeToken = tokenHandler.WriteToken(secToken);
             return serializeToken;
         }
-
-        /// <summary>
-        /// 企业应用Key
-        /// </summary>
-        /// <param name="issuser"></param>
-        /// <param name="salt"></param>
-        /// <param name="commpanyId"></param>
-        /// <returns></returns>
-        public static string CreateBusinessJwtKeyBI(string issuser, string salt,string commpanyId,string jti)
-        {
-            var payload = new JwtPayload
-            {
-                { JwtRegisteredClaimNames.Iss,issuser}, //发布站点
-                { JwtRegisteredClaimNames.Sub,commpanyId},      //企业ID
-                { JwtRegisteredClaimNames.Iat,DateTimeOffset.UtcNow.ToUnixTimeMilliseconds().ToString()},    //秘钥发布时间
-                { JwtRegisteredClaimNames.Jti,jti},  // 唯一标识符
-            };
-
-            // 建立加密的秘钥
-            var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(salt));
-            // HmacSha256 有要求必须要大于 128 bits，所以 salt 不能太短，至少要 16 字元以上
-            // https://stackoverflow.com/questions/47279947/idx10603-the-algorithm-hs256-requires-the-securitykey-keysize-to-be-greater
-            var signingCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
-            var header = new JwtHeader(signingCredentials);
-            var secToken = new JwtSecurityToken(header, payload);
-            // 产出所需要的 JWT securityToken 物件，并取得序列化后的 Token 结果(字串格式)
-            var tokenHandler = new JwtSecurityTokenHandler();
-            //var securityToken = tokenHandler.CreateToken(tokenDescriptor);
-            var serializeToken = tokenHandler.WriteToken(secToken);
-
-            return serializeToken;
-        }
-
+        
         /// <summary>
         /// 应用审核后生成的JwtKey秘钥
         /// </summary>

TEAMModelOS.SDK/Context/Attributes/Filter/ApiTokenAttribute.cs

@@ -125,7 +125,34 @@ namespace TEAMModelOS.Filter
                         string iss = jwt.Payload.Iss; //iss 检查jwt是否是测试站，正式站的授权key 
                         string tokenScope= jwt.Claims.FirstOrDefault(claim => claim.Type.Equals("scope"))?.Value;
                         if (tokenScope.Equals(scope)) {
-                            if (iss.Equals(_option.HostName))
+
+                            var keys = OpenApiJtwIssuer.OpenApiJtw签发者.GetDescriptionText().Split(',');
+                            string issuer = "";
+                            if (_option.Location.Equals("China-Dep"))
+                            {
+                                issuer = keys[0];
+                            }
+                            else if (_option.Location.Equals("China-Test"))
+                            {
+                                issuer = keys[0];
+                            }
+                            else if (_option.Location.Equals("China"))
+                            {
+                                issuer = keys[1];
+                            }
+                            else if (_option.Location.Equals("Global-Dep"))
+                            {
+                                issuer = keys[2];
+                            }
+                            else if (_option.Location.Equals("Global-Test"))
+                            {
+                                issuer = keys[2];
+                            }
+                            else if (_option.Location.Equals("Global"))
+                            {
+                                issuer = keys[3];
+                            }
+                            if (iss.Equals(issuer))
                             {
                                 //aud  受众
                                 id = jwt.Payload.Sub;//主题，又是应用APP,或者企业id 
@@ -199,11 +226,18 @@ namespace TEAMModelOS.Filter
                     }
                     else
                     {
-                        context.Result = new UnauthorizedResult();
+                        JsonResult jsonResult = new JsonResult(new { });
+                        jsonResult.StatusCode = 401;
+                        context.Result = jsonResult;
+                      
+
+                       
                     }
                 }
                 else {
-                    context.Result = new UnauthorizedResult();
+                    JsonResult jsonResult = new JsonResult(new { });
+                    jsonResult.StatusCode = 401;
+                    context.Result = jsonResult;
                 }
             }
 

TEAMModelOS.SDK/DI/HttpTrigger/WebHookHttpTrigger.cs

@@ -189,10 +189,10 @@ namespace TEAMModelOS.SDK.DI
             }
             if (json.TryGetProperty("data", out JsonElement _data)  && businessConfigs.IsNotEmpty())
             {
-                var webhookdomain =  businessConfigs.Where(z => !string.IsNullOrWhiteSpace(z.webhookdomain)).ToList();
+                var webhookdomain =  businessConfigs.Where(z => !string.IsNullOrWhiteSpace(z.webhook)).ToList();
                 List<string> webhookdomains = new List<string>();
                 webhookdomain.ForEach(x => {
-                    webhookdomains.AddRange(x.webhookdomain.Split(",").Select(y =>x.https==1? $"https://{y}":$"http://{y}"));
+                    webhookdomains.AddRange(x.webhook.Split(",").Select(y =>x.https==1? $"https://{y}":$"http://{y}"));
                 });
                 return ( businessConfigs, webhookdomains, _data.ToObject<T>());
             }

TEAMModelOS.SDK/Extension/JwtAuthExtension.cs

@@ -9,6 +9,7 @@ using System.Security.Claims;
 using System.IdentityModel.Tokens.Jwt;
 using System.Collections.Generic;
 using System.Text;
+using System.ComponentModel;
 
 namespace TEAMModelOS.SDK.Extension
 {
@@ -55,8 +56,35 @@ namespace TEAMModelOS.SDK.Extension
         /// <param name="salt"></param>
         /// <param name="expire"></param>
         /// <returns></returns>
-        public static (string jtw , string jti) CreateBusinessApiToken(string issuer, string id, string salt  ,string scope)
+        public static (string jwt , string jti) CreateBusinessApiToken(string location, string id, string salt  ,string scope)
         {
+
+            var keys = OpenApiJtwIssuer.OpenApiJtw签发者.GetDescriptionText().Split(',');
+            string issuer = "";
+            if (location.Equals("China-Dep"))
+            {
+                issuer = keys[0];
+            }
+            else if (location.Equals("China-Test"))
+            {
+                issuer = keys[0];
+            }
+            else if (location.Equals("China"))
+            {
+                issuer = keys[1];
+            }
+            else if (location.Equals("Global-Dep"))
+            {
+                issuer = keys[2];
+            }
+            else if (location.Equals("Global-Test"))
+            {
+                issuer = keys[2];
+            }
+            else if (location.Equals("Global"))
+            {
+                issuer = keys[3];
+            }
             string jti = Guid.NewGuid().ToString();
             // 設定要加入到 JWT Token 中的聲明資訊(Claims)  
             var payload = new JwtPayload {
@@ -161,4 +189,10 @@ namespace TEAMModelOS.SDK.Extension
             }
         }
     }
+    public enum OpenApiJtwIssuer
+    {
+        [Description("open-test.teammodel.cn,open.teammodel.cn,open-test.teammodel.net,open.teammodel.net")]
+        OpenApiJtw签发者,
+
+    }
 }

TEAMModelOS.SDK/Models/Table/BusinessConfig.cs

@@ -53,16 +53,6 @@ namespace TEAMModelOS.SDK.Models.Table
         /// </summary>
         public string picture { get; set; }
 
-        /// <summary>
-        /// 密码生成秘钥
-        /// </summary>
-        public string salt { get; set; }
-
-        /// <summary>
-        /// 密码
-        /// </summary>
-        public string pwd { get; set; }
-
         /// <summary>
         /// 联系人手机号
         /// </summary>
@@ -84,7 +74,7 @@ namespace TEAMModelOS.SDK.Models.Table
         /// webhook  支持多个域名， 逗号隔开 。
         /// </summary>
 
-        public string webhookdomain { get; set; }
+        public string webhook { get; set; }
 
         /// <summary>
         /// 是否https 0 否，1 是