ies5开放平台

TEAMModelBI/Controllers/BINormal/BusinessConfigController.cs

@@ -65,7 +65,7 @@ namespace TEAMModelBI.Controllers.BINormal
                 bizConfig.code = "BizConfig";
                 bizConfig.pk = "BizConfig";
                 bizConfig.createTime = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
-                var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, bizConfig.id, _option.JwtSecretKey);
+                var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, bizConfig.id, _option.JwtSecretKey, bizConfig.isCustomize);
                 bizConfig.jti = auth_token.jti;
                 bizConfig.token = auth_token.jwt;
 
@@ -188,7 +188,7 @@ namespace TEAMModelBI.Controllers.BINormal
             {
                 using var json = await JsonDocument.ParseAsync(response.ContentStream);
                 bizConfig = json.ToObject<BizConfig>();
-                var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, bizConfig.id, _option.JwtSecretKey);
+                var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, bizConfig.id, _option.JwtSecretKey, bizConfig.isCustomize);
                 bizConfig.jti = auth_token.jti;
                 bizConfig.token = auth_token.jwt;
 

TEAMModelBI/Controllers/BINormal/BusinessUsersController.cs

@@ -55,8 +55,8 @@ namespace TEAMModelBI.Controllers.BINormal
                 sqlTxt.Append($" where c.id='{id}'");
             }
 
-            List<BusinessUsers> bizUsers = new();
-            await foreach (var items in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BusinessUsers>(queryText: sqlTxt.ToString(), requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
+            List<BizUsers> bizUsers = new();
+            await foreach (var items in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BizUsers>(queryText: sqlTxt.ToString(), requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
             {
                 bizUsers.Add(items);
             }
@@ -274,9 +274,9 @@ namespace TEAMModelBI.Controllers.BINormal
             //if ($"{site}".Equals(BIConst.Global))
             //    cosmosClient = _azureCosmos.GetCosmosClient(name: BIConst.Global);
 
-            List<BusinessUsers> businessUsers = new();
-            string sql = $"select value(c) from c join s in c.relation  where c.code='BizUsers' and s.bizId = '80e1bb6c-acba-46ab-9939-4851c4ef2158'";
-            await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BusinessUsers>(queryText: sql, requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
+            List<BizUsers> businessUsers = new();
+            string sql = $"select value(c) from c join s in c.relation  where c.code='BizUsers' and s.bizId = '{id}'";
+            await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BizUsers>(queryText: sql, requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
             {
                 businessUsers.Add(item);
             }

TEAMModelBI/Controllers/LoginController.cs

@@ -559,8 +559,8 @@ namespace TEAMModelBI.Controllers
                 loginSql = $"select value(c) from c where c.mail ={mail}";
             else return Ok(new { state = RespondCode.ParamsError, msg = "手机号/和邮箱为空" });
 
-            List<BusinessUsers> bizUsers = new();
-            await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BusinessUsers>(queryText:loginSql,requestOptions:new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
+            List<BizUsers> bizUsers = new();
+            await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BizUsers>(queryText:loginSql,requestOptions:new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
             {
                 bizUsers.Add(item);
             }
@@ -572,7 +572,16 @@ namespace TEAMModelBI.Controllers
                     var hashedPw = Utils.HashedPassword(password.ToString(), item.salt.ToString());
                     if (hashedPw.Equals(item.pwd))
                     {
-                        businessUsers = item;
+                        businessUsers = new()
+                        {
+                            id = item.id,
+                            code = item.code,
+                            name = item.name,
+                            picture = item.picture,
+                            mobile = item.mobile,
+                            mail = item.mail,
+                            relation = item.relation,
+                        };
                         //string id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, bizUser.RowKey?.ToString(), bizUser.name?.ToString(), bizUser.picture?.ToString(), _option.JwtSecretKey, scope: "company", webSite: Website, expire: 3);
                         openid_token = JwtAuthExtension.CreateBizLoginAuthToken(_option.HostName, businessUsers.id?.ToString(), businessUsers.name?.ToString(), businessUsers.picture?.ToString(), $"{_option.Location}-Open", _option.JwtSecretKey, expire: 3);
 

TEAMModelOS.SDK/Context/Attributes/Filter/ApiTokenAttribute.cs

@@ -17,6 +17,7 @@ using TEAMModelOS.SDK.Models.Cosmos.BI.BINormal;
 using System.Text.Json;
 using HTEXLib.COMM.Helpers;
 using TEAMModelOS.SDK.Models.Cosmos.OpenEntity;
+using System.Security.AccessControl;
 
 namespace TEAMModelOS.Filter
 {
@@ -129,7 +130,7 @@ namespace TEAMModelOS.Filter
                 }
                 string msg = "";
                 int code = 0;
-                if (scope.Equals("school") || scope.Equals("business"))
+                if (scope.Equals("school") || scope.Equals("business") || scope.Equals("customize"))
                 {
                     string id = string.Empty, school = string.Empty, jti = string.Empty;
 
@@ -174,8 +175,8 @@ namespace TEAMModelOS.Filter
                             {
                                 issuer = keys[3];
                             }
-                            if (iss.Equals(issuer))
-                            {
+                            //if (iss.Equals(issuer))
+                            //{
                                 //aud  受众
                                 id = jwt.Payload.Sub;//主题，又是应用APP,或者企业id 
                                 jti = jwt.Payload.Jti;//jwt唯一标识
@@ -216,7 +217,7 @@ namespace TEAMModelOS.Filter
                                     pass = true;
 #endif
                                 }
-                                else if (scope.Equals("business"))
+                                else if (scope.Equals("business") || scope.Equals("customize"))
                                 {
                                     // 同时判断 jti 是否已经轮换，或更新。如果不是则不能授权
                                     //如果是商务合作模式 则需要手动获取学校编码
@@ -302,7 +303,7 @@ namespace TEAMModelOS.Filter
                                     {
                                     }
                                 }
-                            }
+                            //}
                         }
                         else
                         {

TEAMModelOS.SDK/Extension/JwtAuthExtension.cs

@@ -56,9 +56,11 @@ namespace TEAMModelOS.SDK.Extension
         /// <param name="salt"></param>
         /// <param name="expire"></param>
         /// <returns></returns>
-        public static (string jwt , string jti) CreateBusinessApiToken(string location, string id, string salt )
+        public static (string jwt , string jti) CreateBusinessApiToken(string location, string id, string salt,int customize = 0 )
         {
             string scope = "business";
+            if (customize != 0)
+                scope = "customize";
             var keys = OpenApiJtwIssuer.OpenApiJtw签发者.GetDescriptionText().Split(',');
             string issuer = "";
             if (location.Equals("China-Dep"))

TEAMModelOS.SDK/Models/Cosmos/BI/BINormal/BizConfig.cs

@@ -14,6 +14,7 @@ namespace TEAMModelOS.SDK.Models.Cosmos.BI.BINormal
     {
         public BizConfig()
         {
+            code = "BizConfig";
             pk = "BizConfig";
         }
         /// <summary>
@@ -55,6 +56,11 @@ namespace TEAMModelOS.SDK.Models.Cosmos.BI.BINormal
 
         public string domain { get; set; }
 
+        /// <summary>
+        /// 是否定制  0 对外开放平台  1 定制开放平台
+        /// </summary>
+        
+        public int isCustomize { get; set; } = 0;
         /// <summary>
         /// webhook  支持多个地址， 逗号隔开 。
         /// </summary>
@@ -194,12 +200,12 @@ namespace TEAMModelOS.SDK.Models.Cosmos.BI.BINormal
         /// <summary>
         /// 密码生成秘钥
         /// </summary>
-        public string salt { get; set; }
+        //public string salt { get; set; }
 
         /// <summary>
         /// 密码
         /// </summary>
-        public string pwd { get; set; }
+        //public string pwd { get; set; }
         /// <summary>
         /// 企业关联信息
         /// </summary>

TEAMModelOS/Controllers/OpenApi/Business/BizCustomizeController.cs

@@ -22,7 +22,7 @@ namespace TEAMModelOS.Controllers
 {  /// <summary>
    /// 企业定制化接口
    /// </summary>
-    [Route("business")]
+    [Route("customize")]
     [ApiController]
     public class BizCustomizeController : ControllerBase
     {
@@ -49,8 +49,6 @@ namespace TEAMModelOS.Controllers
             _snowflakeId = snowflakeId;
         }
         
-
-
         #region  杉达公司
         /// <summary>
         /// 开课或者上传课例信息  是因支持VR/AR的公司(杉达)
@@ -66,11 +64,6 @@ namespace TEAMModelOS.Controllers
         {
             var (id, school) = HttpContext.GetApiTokenInfo();
 
-
-
-
-
-
             try
             {
                 jsonElement.TryGetProperty("baseJson", out JsonElement baseJson);    //课例基础文件信息json

TEAMModelOS/Controllers/OpenApi/Init/BizUsersController.cs

@@ -65,53 +65,73 @@ namespace TEAMModelOS.Controllers
         [HttpPost("get-loginuser")]
         public async Task<IActionResult> GetBizUserLogin(JsonElement jsonElement)
         {
-            jsonElement.TryGetProperty("mobile", out JsonElement mobile);
-            jsonElement.TryGetProperty("mail", out JsonElement mail);
-            if (!jsonElement.TryGetProperty("pwd", out JsonElement password)) return BadRequest();
+            try
+            {
+                jsonElement.TryGetProperty("mobile", out JsonElement mobile);
+                jsonElement.TryGetProperty("mail", out JsonElement mail);
+                if (!jsonElement.TryGetProperty("pwd", out JsonElement password)) return BadRequest();
 
-            var cosmosClient = _azureCosmos.GetCosmosClient();
-            var tableClient = _azureStorage.GetCloudTableClient();
-            var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
+                var cosmosClient = _azureCosmos.GetCosmosClient();
+                var tableClient = _azureStorage.GetCloudTableClient();
+                var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
 
-            string loginSql = null;
-            if (!string.IsNullOrEmpty($"{mobile}"))
-                loginSql = $"select value(c) from c where c.mobile ={mobile}";
-            else if (!string.IsNullOrEmpty($"{mail}"))
-                loginSql = $"select value(c) from c where c.mail ={mail}";
-            else return Ok(new { state = RespondCode.ParamsError, msg = "手机号/和邮箱为空" });
+                string loginSql = null;
+                if (!string.IsNullOrEmpty($"{mobile}"))
+                    loginSql = $"select value(c) from c where c.mobile ={mobile}";
+                else if (!string.IsNullOrEmpty($"{mail}"))
+                    loginSql = $"select value(c) from c where c.mail ={mail}";
+                else return Ok(new { state = RespondCode.ParamsError, msg = "手机号/和邮箱为空" });
 
-            List<BusinessUsers> bizUsers = new();
-            await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BusinessUsers>(queryText: loginSql, requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
-            {
-                bizUsers.Add(item);
-            }
-            BusinessUsers businessUsers = new(); string openid_token = null;
-            if (bizUsers.Count > 0)
-            {
-                foreach (var item in bizUsers)
+                List<BizUsers> bizUsers = new();
+                await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BizUsers>(queryText: loginSql, requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
+                {
+                    bizUsers.Add(item);
+                }
+                BusinessUsers businessUsers = new(); string openid_token = null;
+                if (bizUsers.Count > 0)
                 {
-                    var hashedPw = Utils.HashedPassword(password.ToString(), item.salt.ToString());
-                    if (hashedPw.Equals(item.pwd))
+                    foreach (var item in bizUsers)
                     {
-                        businessUsers = item;
-                        //string id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, bizUser.RowKey?.ToString(), bizUser.name?.ToString(), bizUser.picture?.ToString(), _option.JwtSecretKey, scope: "company", webSite: Website, expire: 3);
-                        openid_token = JwtAuthExtension.CreateBizLoginAuthToken(_option.HostName, businessUsers.id?.ToString(), businessUsers.name?.ToString(), businessUsers.picture?.ToString(), $"{_option.Location}-Open", _option.JwtSecretKey, expire: 3);
-
-                        await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{businessUsers.name}【{businessUsers.id}】登录开放平台", _dingDing, tid: businessUsers.id, tname: businessUsers.name, twebsite: "Open", httpContext: HttpContext);
-                    };
+                        var hashedPw = Utils.HashedPassword(password.ToString(), item.salt.ToString());
+                        if (hashedPw.Equals(item.pwd))
+                        {
+                            //businessUsers = item;
+                            businessUsers = new()
+                            {
+                                id = item.id,
+                                code = item.code,
+                                name = item.name,
+                                picture = item.picture,
+                                mobile = item.mobile,
+                                mail = item.mail,
+                                relation = item.relation,
+                            };
+
+                            //string id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, bizUser.RowKey?.ToString(), bizUser.name?.ToString(), bizUser.picture?.ToString(), _option.JwtSecretKey, scope: "company", webSite: Website, expire: 3);
+                            openid_token = JwtAuthExtension.CreateBizLoginAuthToken(_option.HostName, businessUsers.id?.ToString(), businessUsers.name?.ToString(), businessUsers.picture?.ToString(), $"{_option.Location}-Open", _option.JwtSecretKey, expire: 3);
+
+                            await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{businessUsers.name}【{businessUsers.id}】登录开放平台", _dingDing, tid: businessUsers.id, tname: businessUsers.name, twebsite: "Open", httpContext: HttpContext);
+                        };
+                    }
+                }
+                else return Ok(new { state = RespondCode.NotFound, msg = "未找到该用户！" });
+                if (businessUsers.id != null)
+                {
+                    var auth_token = JwtAuthExtension.CreateAuthToken(_option.HostName, businessUsers.id, businessUsers.name, businessUsers.picture, _option.JwtSecretKey, scope: "business", Website: "IES", roles: new[] { "business" }, expire: 1);
+                    var clientID = _configuration.GetValue<string>("HaBookAuth:CoreService:clientID");
+                    var clientSecret = _configuration.GetValue<string>("HaBookAuth:CoreService:clientSecret");
+                    var token = await CoreTokenExtensions.CreateAccessToken(clientID, clientSecret, _option.Location.Replace("-Dep", "").Replace("-Test", ""));
+                    return Ok(new { state = RespondCode.Ok, openid_token, auth_token, token = new { access_token = token.AccessToken, expires_in = token.ExpiresOn, id_token = auth_token, token_type = token.TokenType }, businessUsers });
+                    //return Ok(new { state = RespondCode.Ok, openid_token, auth_token, token, businessUsers });
                 }
+                else
+                { return Ok(new { state = RespondCode.ForbiddenPwd, msg = "密码错误" }); }
+
             }
-            else return Ok(new { state = RespondCode.NotFound, msg = "未找到该用户！" });
-            if (businessUsers.id != null)
+            catch (Exception ex)
             {
-                var auth_token = JwtAuthExtension.CreateAuthToken(_option.HostName, businessUsers.id, businessUsers. name, businessUsers. picture, _option.JwtSecretKey, scope: Constant.ScopeStudent, Website: "IES",    roles: new[] { "business" }, expire: 1);
-                var clientID = _configuration.GetValue<string>("HaBookAuth:CoreService:clientID");
-                var clientSecret = _configuration.GetValue<string>("HaBookAuth:CoreService:clientSecret");
-                var token = await CoreTokenExtensions.CreateAccessToken(clientID, clientSecret, _option.Location.Replace("-Dep", "").Replace("-Test", ""));
-                return Ok(new { state = RespondCode.Ok, openid_token, auth_token, token, businessUsers=new { businessUsers .name, businessUsers .id, businessUsers .picture, businessUsers .mobile, businessUsers .mail, businessUsers .relation} });
+                return Ok(new { state = RespondCode.ForbiddenPwd, msg = $"服务器错误{ex.Message}\n{ex.StackTrace}" });
             }
-            else
-            { return Ok(new { state = RespondCode.ForbiddenPwd, msg = "密码错误" }); }
         }
 
         /// <summary>
@@ -180,6 +200,8 @@ namespace TEAMModelOS.Controllers
         /// <returns></returns>
         [ProducesDefaultResponseType]
         [HttpPost("get-info")]
+        [Authorize(Roles = "IES")]
+        [AuthToken(Roles = "business")]
         public async Task<IActionResult> GetInfo(JsonElement jsonElenent)
         {
             try
@@ -208,7 +230,7 @@ namespace TEAMModelOS.Controllers
             }
             catch (Exception e)
             {
-                await _dingDing.SendBotMsg($"OS,{_option.Location} , /biz/get-info   \n {e.Message}\n{e.StackTrace} \n ", GroupNames.成都开发測試群組);
+                await _dingDing.SendBotMsg($"openApi,{_option.Location} , /biz/GetInfo()   \n {e.Message}\n{e.StackTrace} \n ", GroupNames.成都开发測試群組);
                 return BadRequest();
             }
         }
@@ -220,6 +242,8 @@ namespace TEAMModelOS.Controllers
         /// <returns></returns>
         [ProducesDefaultResponseType]
         [HttpPost("reset-secretkey")]
+        [Authorize(Roles = "IES")]
+        [AuthToken(Roles = "business")]
         public async Task<IActionResult> ResetSecretKey(JsonElement jsonElement)
         {
             try
@@ -236,7 +260,7 @@ namespace TEAMModelOS.Controllers
                 {
                     using var json = await JsonDocument.ParseAsync(response.ContentStream);
                     bizConfig = json.ToObject<BizConfig>();
-                    var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, bizConfig.id, _option.JwtSecretKey );
+                    var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, bizConfig.id, _option.JwtSecretKey, bizConfig.isCustomize);
                     bizConfig.jti = auth_token.jti;
                     bizConfig.token = auth_token.jwt;
 
@@ -247,7 +271,7 @@ namespace TEAMModelOS.Controllers
             }
             catch (Exception e)
             {
-                await _dingDing.SendBotMsg($"OS,{_option.Location} , /biz/reset-secretkey   \n {e.Message}\n{e.StackTrace} \n ", GroupNames.成都开发測試群組);
+                await _dingDing.SendBotMsg($"openApi,{_option.Location} , /biz/ResetSecretKey()   \n {e.Message}\n{e.StackTrace} \n ", GroupNames.成都开发測試群組);
                 return BadRequest();
             }
         }
@@ -260,6 +284,8 @@ namespace TEAMModelOS.Controllers
         /// <returns></returns>
         [ProducesDefaultResponseType]
         [HttpPost("get-bizid")]
+        [Authorize(Roles = "IES")]
+        [AuthToken(Roles = "business")]
         public async Task<IActionResult> GetBizIdUsers(JsonElement jsonElement)
         {
             try
@@ -268,7 +294,7 @@ namespace TEAMModelOS.Controllers
                 var cosmosClient = _azureCosmos.GetCosmosClient();
 
                 List<BusinessUsers> businessUsers = new();
-                string sql = $"select value(c) from c join s in c.relation  where c.code='BizUsers' and s.bizId = '80e1bb6c-acba-46ab-9939-4851c4ef2158'";
+                string sql = $"select value(c) from c join s in c.relation  where c.code='BizUsers' and s.bizId = '{id}'";
                 await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BusinessUsers>(queryText: sql, requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
                 {
                     businessUsers.Add(item);
@@ -278,7 +304,7 @@ namespace TEAMModelOS.Controllers
             }
             catch (Exception e)
             {
-                await _dingDing.SendBotMsg($"OS,{_option.Location} , /biz/get-bizid   \n {e.Message}\n{e.StackTrace} \n ", GroupNames.成都开发測試群組);
+                await _dingDing.SendBotMsg($"openApi,{_option.Location} , /biz/GetBizIdUsers()   \n {e.Message}\n{e.StackTrace} \n ", GroupNames.成都开发測試群組);
                 return BadRequest();
             }
         }
@@ -290,6 +316,8 @@ namespace TEAMModelOS.Controllers
         /// <returns></returns>
         [ProducesDefaultResponseType]
         [HttpPost("get-openapi")]
+        [Authorize(Roles = "IES")]
+        [AuthToken(Roles = "business")]
         public async Task<IActionResult> GetOpenApi(JsonElement jsonElement)
         {
             var table = _azureStorage.GetCloudTableClient().GetTableReference("IESOpenApi");
@@ -304,83 +332,93 @@ namespace TEAMModelOS.Controllers
         /// <returns></returns>
         [ProducesDefaultResponseType]
         [HttpPost("set-info")]
+        [Authorize(Roles = "IES")]
+        [AuthToken(Roles = "business")]
         public async Task<IActionResult> SetInfo(BizConfig bizConfig)
         {
-            StringBuilder strMsg = new();
-            var cosmosClient = _azureCosmos.GetCosmosClient();
-            var tableClient = _azureStorage.GetCloudTableClient();
-            var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
-            string salt = Utils.CreatSaltString(8);
-            List<BizUsers> bizUsers = new();
-            string type = "";
-
-            //新增企业信息
-            if (string.IsNullOrEmpty(bizConfig.id))
+            try
             {
-                bizConfig.id = Guid.NewGuid().ToString();
-                bizConfig.code = "BizConfig";
-                bizConfig.pk = "BizConfig";
-                bizConfig.createTime = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
-                var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, bizConfig.id, _option.JwtSecretKey);
-                bizConfig.jti = auth_token.jti;
-                bizConfig.token = auth_token.jwt;
-
-                await cosmosClient.GetContainer("TEAMModelOS", "Normal").CreateItemAsync<BizConfig>(bizConfig, new PartitionKey("BizConfig"));
+                StringBuilder strMsg = new();
+                var cosmosClient = _azureCosmos.GetCosmosClient();
+                var tableClient = _azureStorage.GetCloudTableClient();
+                var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
+                string salt = Utils.CreatSaltString(8);
+                List<BizUsers> bizUsers = new();
+                string type = "";
 
-                await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BizUsers>(queryText: $"select value(c) from c where c.mobile ={bizConfig.mobile}", requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
+                //新增企业信息
+                if (string.IsNullOrEmpty(bizConfig.id))
                 {
-                    bizUsers.Add(item);
-                }
+                    bizConfig.id = Guid.NewGuid().ToString();
+                    bizConfig.code = "BizConfig";
+                    bizConfig.pk = "BizConfig";
+                    bizConfig.createTime = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
+                    var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, bizConfig.id, _option.JwtSecretKey, bizConfig.isCustomize);
+                    bizConfig.jti = auth_token.jti;
+                    bizConfig.token = auth_token.jwt;
 
-                BizRel bizRel = new() { bizId = bizConfig.id, role = new List<string>() { "admin" } };
-                if (bizUsers.Count > 0)
-                {
-                    foreach (var item in bizUsers)
+                    await cosmosClient.GetContainer("TEAMModelOS", "Normal").CreateItemAsync<BizConfig>(bizConfig, new PartitionKey("BizConfig"));
+
+                    await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BizUsers>(queryText: $"select value(c) from c where c.mobile ={bizConfig.mobile}", requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
                     {
-                        BizRel temp = item.relation.Find(f => f.bizId.Equals(bizConfig.id));
-                        if (temp == null)
+                        bizUsers.Add(item);
+                    }
+
+                    BizRel bizRel = new() { bizId = bizConfig.id, role = new List<string>() { "admin" } };
+                    if (bizUsers.Count > 0)
+                    {
+                        foreach (var item in bizUsers)
                         {
-                            item.relation.Add(bizRel);
-                            await cosmosClient.GetContainer("TEAMModelOS", "Normal").ReplaceItemAsync<BizUsers>(item, item.id, new PartitionKey("BizUsers"));
+                            BizRel temp = item.relation.Find(f => f.bizId.Equals(bizConfig.id));
+                            if (temp == null)
+                            {
+                                item.relation.Add(bizRel);
+                                await cosmosClient.GetContainer("TEAMModelOS", "Normal").ReplaceItemAsync<BizUsers>(item, item.id, new PartitionKey("BizUsers"));
+                            }
                         }
                     }
+                    else
+                    {
+                        BizUsers tBizUsers = new() { id = Guid.NewGuid().ToString(), code = "BizUsers", name = bizConfig.mobile.ToString(), mobile = bizConfig.mobile, salt = salt, pwd = Utils.HashedPassword($"{bizConfig.mobile}", salt), relation = new List<BizRel>() { { bizRel } } };
+
+                        await cosmosClient.GetContainer("TEAMModelOS", "Normal").CreateItemAsync<BizUsers>(tBizUsers, new PartitionKey("BizUsers"));
+                    }
+
+                    strMsg.Append($"{bizConfig.name}【{bizConfig.id}】新增企业基础信息。");
+                    type = "bizconfig-add";
                 }
+                //修改企业信息
                 else
                 {
-                    BizUsers tBizUsers = new() { id = Guid.NewGuid().ToString(), code = "BizUsers", name = bizConfig.mobile.ToString(), mobile = bizConfig.mobile, salt = salt, pwd = Utils.HashedPassword($"{bizConfig.mobile}", salt), relation = new List<BizRel>() { { bizRel } } };
+                    var response = await cosmosClient.GetContainer("TEAMModelOS", "Normal").ReadItemStreamAsync(bizConfig.id, new PartitionKey("BizConfig"));
+                    if (response.Status == 200)
+                    {
+                        using var json = await JsonDocument.ParseAsync(response.ContentStream);
+                        BizConfig tempBizConfig = json.ToObject<BizConfig>();
 
-                    await cosmosClient.GetContainer("TEAMModelOS", "Normal").CreateItemAsync<BizUsers>(tBizUsers, new PartitionKey("BizUsers"));
+                        bizConfig.pk = "BizConfig";
+                        bizConfig.code = "BizConfig";
+                        bizConfig.ttl = -1;
+
+                        bizConfig.createTime = tempBizConfig.createTime;
+                        bizConfig.jti = tempBizConfig.jti;
+                        bizConfig.token = tempBizConfig.token;
+
+                        bizConfig = await cosmosClient.GetContainer("TEAMModelOS", "Normal").ReplaceItemAsync<BizConfig>(bizConfig, bizConfig.id, new PartitionKey("BizConfig"));
+                        strMsg.Append($"{bizConfig.name}【{bizConfig.id}】修改企业基础信息。");
+                        type = "bizconfig-update";
+                    }
                 }
 
-                strMsg.Append($"{bizConfig.name}【{bizConfig.id}】新增企业基础信息。");
-                type = "bizconfig-add";
+                //保存操作记录
+                await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, type, strMsg.ToString(), _dingDing, httpContext: HttpContext);
+                return Ok(new { state = RespondCode.Ok, bizConfig });
             }
-            //修改企业信息
-            else
+            catch (Exception e)
             {
-                var response = await cosmosClient.GetContainer("TEAMModelOS", "Normal").ReadItemStreamAsync(bizConfig.id, new PartitionKey("BizConfig"));
-                if (response.Status == 200)
-                {
-                    using var json = await JsonDocument.ParseAsync(response.ContentStream);
-                    BizConfig tempBizConfig = json.ToObject<BizConfig>();
-
-                    bizConfig.pk = "BizConfig";
-                    bizConfig.code = "BizConfig";
-                    bizConfig.ttl = -1;
-
-                    bizConfig.createTime = tempBizConfig.createTime;
-                    bizConfig.jti = tempBizConfig.jti;
-                    bizConfig.token = tempBizConfig.token;
-
-                    bizConfig = await cosmosClient.GetContainer("TEAMModelOS", "Normal").ReplaceItemAsync<BizConfig>(bizConfig, bizConfig.id, new PartitionKey("BizConfig"));
-                    strMsg.Append($"{bizConfig.name}【{bizConfig.id}】修改企业基础信息。");
-                    type = "bizconfig-update";
-                }
+                await _dingDing.SendBotMsg($"openApi,{_option.Location} , /biz/SetInfo()   \n {e.Message}\n{e.StackTrace} \n ", GroupNames.成都开发測試群組);
+                return BadRequest();
             }
-
-            //保存操作记录
-            await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, type, strMsg.ToString(), _dingDing, httpContext: HttpContext);
-            return Ok(new { state = RespondCode.Ok, bizConfig });
         }
 
 

TEAMModelOS/Controllers/OpenApi/Init/OpenApiConfigController.cs

@@ -56,7 +56,7 @@ namespace TEAMModelOS.Controllers
                
                 BizConfig bizConfig = await _azureCosmos.GetCosmosClient().GetContainer("TEAMModelOS", "Normal").ReadItemAsync<BizConfig>($"{_id}", new PartitionKey("BizConfig"));
                 string jwt = "";
-                var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, bizConfig.id, _option.JwtSecretKey);
+                var auth_token = JwtAuthExtension.CreateBusinessApiToken(_option.Location, bizConfig.id, _option.JwtSecretKey, bizConfig.isCustomize);
                 jwt = auth_token.jwt;
                 bizConfig.jti = auth_token.jti;
                 bizConfig.token = auth_token.jwt;