| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329 |
- using Microsoft.AspNetCore.Mvc;
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Threading.Tasks;
- using TEAMModelOS.Models;
- using TEAMModelOS.SDK.DI;
- using System.Text.Json;
- using TEAMModelOS.SDK.Models;
- using Microsoft.AspNetCore.Http;
- using TEAMModelOS.SDK.Extension;
- using Azure.Cosmos;
- using System.Text;
- using TEAMModelOS.SDK.DI.AzureCosmos.Inner;
- using Microsoft.Extensions.Options;
- using Azure.Messaging.ServiceBus;
- using Microsoft.Extensions.Configuration;
- using HTEXLib.COMM.Helpers;
- using TEAMModelOS.SDK;
- using System.IdentityModel.Tokens.Jwt;
- using TEAMModelOS.Services;
- using TEAMModelOS.SDK.Models.Service;
- using System.IO;
- using System.Dynamic;
- using Microsoft.AspNetCore.Authorization;
- using Azure.Storage.Blobs.Models;
- using static TEAMModelOS.SDK.Models.Teacher;
- using System.Web;
- using static TEAMModelOS.Controllers.FixDataController;
- using static TEAMModelOS.SDK.SchoolService;
- using Microsoft.AspNetCore.Hosting;
- using TEAMModelOS.Filter;
- using TEAMModelOS.Controllers.Third.Xkw;
- using Microsoft.Extensions.Primitives;
- using System.Net.Http;
- namespace TEAMModelOS.Controllers
- {
- // <summary>
- /// 标准OAuth2
- /// </summary>
- ///
- [ProducesResponseType(StatusCodes.Status200OK)]
- [ProducesResponseType(StatusCodes.Status400BadRequest)]
- //
- //[Route("")]
- [Route("xkw")]
- [ApiController]
- public class XkwOAuth2Controller : ControllerBase
- {
- private readonly SnowflakeId _snowflakeId;
- private readonly AzureCosmosFactory _azureCosmos;
- private readonly DingDing _dingDing;
- private readonly Option _option;
- private readonly AzureStorageFactory _azureStorage;
- private readonly AzureServiceBusFactory _serviceBus;
- private readonly AzureRedisFactory _azureRedis;
- private readonly CoreAPIHttpService _coreAPIHttpService;
- private readonly HttpTrigger _httpTrigger;
- private readonly IWebHostEnvironment _environment;
-
- public IConfiguration _configuration { get; set; }
- public XkwOAuth2Controller(IWebHostEnvironment environment, AzureCosmosFactory azureCosmos, SnowflakeId snowflakeId, DingDing dingDing, IOptionsSnapshot<Option> option, AzureStorageFactory azureStorage,
- AzureRedisFactory azureRedis, AzureServiceBusFactory serviceBus, IConfiguration configuration, CoreAPIHttpService coreAPIHttpService, HttpTrigger httpTrigger)
- {
- _azureCosmos = azureCosmos;
- _snowflakeId = snowflakeId;
- _dingDing = dingDing;
- _option = option?.Value;
- _azureStorage = azureStorage;
- _serviceBus = serviceBus;
- _configuration = configuration;
- _azureRedis = azureRedis;
- _coreAPIHttpService = coreAPIHttpService;
- _httpTrigger = httpTrigger;
- _environment = environment;
- }
- /// <summary>
- /// 标准OAuth2 方式的回调地址。
- /// </summary>D:\VisualStudioProjects\TEAMModelOS\TEAMModelOS.SDK\Models\Service\Third\ScYxptModel.cs
- /// <param name="request"></param>
- /// <returns></returns>
- [HttpPost("oauth")]
- [Authorize(Roles = "IES")]
- [AuthToken(Roles = "teacher,admin,area,student")]
- public async Task<IActionResult> Aauth(OAuthCode authCode) {
- string domain = HttpContext?.Request?.Host.Host;
- if (domain.Equals("teammodelos.chinacloudsites.cn"))
- {
- domain = _option.HostName;
- }
- if (_option.Location.Equals("China"))
- {
- domain = _option.HostName;
- }
- // domain = "test.teammodel.cn";
- var req = HttpContext?.Request;
- //https://ssoserviceurl/oauth2/authorize?client_id=APPKEY&openid=OPENID=&service=SERVICE
- var (tmdid, _, _, school) = HttpContext.GetAuthTokenInfo();
- StringValues accessToken = "";//应该从别的地方获取 不是mvc 无法从Session 获取
- HttpContext.Request.Headers.TryGetValue($"xkw-AccessToken", out accessToken);
- if (!_option.Location.Contains("China"))
- {
- return BadRequest();
- }
- var client = await GetOpenAuthClient(tmdid,authCode.module, accessToken, domain);
- if (authCode.agree == 1) {
- //获取醍摩豆id的手机号
- var keys =new List<string> { tmdid};
- var content = new StringContent(keys.ToJsonString(), Encoding.UTF8, "application/json");
- string ujson = await _coreAPIHttpService.GetUserInfos(content);
- List<CoreUser> coreUsers = new List<CoreUser>(0);
- if (!string.IsNullOrWhiteSpace(ujson))
- {
- coreUsers = ujson.ToObject<List<CoreUser>>();
- if (coreUsers.Any() ) {
- var coreus = coreUsers.Find(x => x.searchKey.Equals(tmdid));
- if (coreus != null && !string.IsNullOrWhiteSpace(coreus.mobile)) {
- client.Extra = coreUsers.Find(x => x.searchKey.Equals(tmdid))?.mobile;
- }
- }
- }
- }
- string url = client.GetAuthorizationUrl();
- return Ok(new { redirect = url });
- }
-
- [HttpGet("authorize")]
- //[Authorize(Roles = "IES")]
- //[AuthToken(Roles = "teacher,admin,area,student")]
- public async Task<IActionResult> Authorize([FromQuery] OAuthCode authCode )
- {
- //var (tmdid, _, _, school) = HttpContext.GetAuthTokenInfo();
- StringValues accessToken ;//应该从别的地方获取 不是mvc 无法从Session 获取
- HttpContext.Request.Headers.TryGetValue($"xkw-AccessToken", out accessToken);
- if (!_option.Location.Contains("China"))
- {
- return BadRequest();
- }
- //没有获取到codes的情况
- if (string.IsNullOrEmpty(authCode.code))
- {
- return RedirectToAction("Index");
- }
- string domain = HttpContext?.Request?.Host.Host;
- if (domain.Equals("teammodelos.chinacloudsites.cn"))
- {
- domain = _option.HostName;
- }
- if (_option.Location.Equals("China")) {
- domain = _option.HostName;
- }
-
- var client =await GetOpenAuthClient(authCode.tmdid, authCode.module, accessToken, domain);
- string schoolId = "teammodel.cn";
- //学科网测试
- //if (schoolId.Equals("kong.sso.com"))
- //{
- // schoolId = "3082";
- //}
- client.GetAccessTokenByCode(authCode.code, schoolId);
- //未登录已认证学科网用户
- if (string.IsNullOrEmpty(client.UserId) || "".Equals(client.UserId.Trim()))
- {
- return Ok(new { status = 0, msg = "未登录" });
- // return Redirect($"bind?status=0&accessToken={client.AccessToken}&openId={client.OpenId}&userId={client.UserId}&domain={domain}&msg={HttpUtility.UrlEncode("未登录")}");
- }
- if (string.IsNullOrEmpty(client.OpenId))
- {
- string errorMsg = "学科网"+client.ErrorMessage;
- return Ok(new { status = 0, msg = errorMsg });
- // return Redirect($"bind?status=0&accessToken={client.AccessToken}&openId={client.OpenId}&userId={client.UserId}&domain={domain}&msg={HttpUtility.UrlEncode(errorMsg)}");
- }
- if (client.IsAuthorized || !string.IsNullOrWhiteSpace(client.OpenId))
- {
- var table = _azureStorage.GetCloudTableClient().GetTableReference("IESOAuth");
- OAuthUser authUser = new OAuthUser
- {
- PartitionKey = $"OAuthUser-xkw-{domain}",
- RowKey = client.UserId,
- OpenId = client.OpenId,
- Domain = domain,
- Time = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(),
- Type = "xkw"
- };
- await table.SaveOrUpdate<OAuthUser>(authUser);
- //return Ok(new { status = 1, url=client.SERVICE_URL});
- return Redirect(client.SERVICE_URL);
- }
- else
- {
- return Ok(new { status = 0, msg = "认证失败" });
- // return Redirect($"bind?status=0&accessToken={client.AccessToken}&openId={client.OpenId}&userId={client.UserId}&domain={domain}&msg={HttpUtility.UrlEncode("认证失败")}");
- }
- }
-
- [HttpGet("bind")]
- public async Task<IActionResult> Bind([FromQuery] XkwBindModel authCode)
- {
- if (authCode.status == 1)
- {
- var table = _azureStorage.GetCloudTableClient().GetTableReference("IESOAuth");
- OAuthUser authUser = new OAuthUser
- {
- PartitionKey = $"OAuthUser-xkw-{authCode.domain}",
- RowKey = authCode.userId,
- OpenId = authCode.openId,
- Domain = authCode.domain,
- Time = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(),
- Type = "xkw"
- };
- await table.SaveOrUpdate<OAuthUser>(authUser);
- return Ok(new { status=authCode.status, msg = "绑定成功!" });
- }
- else {
- return Ok(new { status = authCode.status, msg = authCode.msg });
- }
- }
-
- [HttpGet("unbind")]
- public async Task<IActionResult> Unbind(String openId, String userId)
- {
- //bool ret = xkwOAuthTxtHelper.UnBindXkw(userId);
- //string msg = "无解绑关系";
- //if (ret)
- //{
- // openId = "";
- // msg = "解绑成功";
- //}
- //ViewBag.OpenId = openId;
- //ViewBag.UserId = userId;
- //ViewBag.Message = msg;
- return Ok();
- }
- /// <summary>
- /// 退出登录
- /// </summary>
- /// <returns></returns>
- [HttpGet("exit")]
- public ActionResult Exit()
- {
- //HttpCookie uk = new HttpCookie("userId");
- //uk.Value = "";
- //uk.Expires = DateTime.Now.AddDays(-10);
- //Response.Cookies.Set(uk);
- //return RedirectToAction("Index", "Demo");
- return Ok();
- }
- /// <summary>
- /// 封装一个方法来初始化OpenAuth客户端
- /// </summary>
- /// <returns></returns>
- private async Task<XkwOAuthClient> GetOpenAuthClient(string tmdid,string module , string accessToken,string domain)
- {
- var table = _azureStorage.GetCloudTableClient().GetTableReference("IESOAuth");
- //var accessToken = Session["access_token"] == null ? string.Empty : (string)Session["access_token"];
- //var userId = Request.Cookies["userId"] == null ? string.Empty : Request.Cookies["userId"].Value;
- var userId = tmdid;//直接传递获取
- //var openId = xkwOAuthTxtHelper.GetOpenIdByUserId(userId);
- string openId ="";//直接从数据库获取
- // var settings = ConfigurationManager.AppSettings;
- // var client = new XkwOAuthClient(settings["OAuth_Xkw_AppKey"], settings["OAuth_Xkw_AppSecret"], settings["OAuth_Xkw_RedirectUrl"], settings["OAuth_Xkw_OAuthHost"], accessToken, openId, userId);
- List<OAuthUser> authUsers = await table.FindListByDict<OAuthUser>(new Dictionary<string, object>() { { "PartitionKey", $"OAuthUser-xkw-{domain}" }, { "RowKey", tmdid } });
- if (authUsers.Any()) {
- openId = authUsers[0].OpenId;
- }
- string RowKey = $"xkw-{domain}";
- List<OAuthComConfig> configs = await table.FindListByDict<OAuthComConfig>(new Dictionary<string, object>() { { "PartitionKey", "OAuthComConfig" }, { "RowKey", RowKey } });
- if (configs.Any())
- {
- string OAuth_Xkw_AppKey = configs[0].AppKey;
- string OAuth_Xkw_AppSecret = configs[0].AppSecret;
- string OAuth_Xkw_RedirectUrl = configs[0].RedirectUrl;
- string OAuth_Xkw_OAuthHost = configs[0].OAuthHost;
- string OAuth_Xkw_ServiceUrl = configs[0].ServiceUrl;
- try {
- List<ServiceModule> services= configs[0].ServiceUrl.ToObject<List<ServiceModule>>();
- ServiceModule serviceModule= services.Find(x => x.module.Equals(module));
- if (serviceModule != null)
- {
- OAuth_Xkw_ServiceUrl = serviceModule.url;
- if (serviceModule.module.Equals("ezj")) {
- string domain_port =domain;
- if (domain.Equals("kong.sso.com"))
- {
- domain_port = "kong.sso.com:5001";
- }
- OAuth_Xkw_ServiceUrl = OAuth_Xkw_ServiceUrl.Replace("{{iframe}}", HttpUtility.UrlEncode($"https://{domain_port}/home/newSchoolPaper"))
- .Replace("{{notice}}", HttpUtility.UrlEncode($"https://{domain_port}/home/newSchoolPaper"))
- //.Replace("{{notice}}", HttpUtility.UrlEncode($"https://{domain_port}/xkw/paper-notice"))
- .Replace("{{openid}}", openId).Replace("{{target}}", "");
- }
- }
- else {
- OAuth_Xkw_ServiceUrl = "http://www.zxxk.com/";
- }
- } catch (Exception ex) {
- if (!OAuth_Xkw_ServiceUrl.StartsWith("http://www.zxxk.com"))
- {
- OAuth_Xkw_ServiceUrl = "http://www.zxxk.com/";
- }
- }
- string OAuth_Xkw_Domain= configs[0].Domain;
- string OAuth_Xkw_Param =$"tmdid={tmdid}&module={module}&state={Guid.NewGuid().ToString()}";
- var client = new XkwOAuthClient(OAuth_Xkw_AppKey, OAuth_Xkw_AppSecret, OAuth_Xkw_RedirectUrl, OAuth_Xkw_OAuthHost, OAuth_Xkw_Domain, accessToken, openId, userId, OAuth_Xkw_Param);
- client.SERVICE_URL = OAuth_Xkw_ServiceUrl;
- return client;
- }
- else {
- return null;
- }
- }
-
- }
- }
|
