TEAMModelOS/TEAMModelOS/Controllers/Third/OAuth2Controller.cs

using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using TEAMModelOS.Models;
using TEAMModelOS.SDK.DI;
using System.Text.Json;
using TEAMModelOS.SDK.Models;
using Microsoft.AspNetCore.Http;
using TEAMModelOS.SDK.Extension;
using Azure.Cosmos;
using System.Text;
using TEAMModelOS.SDK.DI.AzureCosmos.Inner;
using Microsoft.Extensions.Options;
using Azure.Messaging.ServiceBus;
using Microsoft.Extensions.Configuration;
using HTEXLib.COMM.Helpers;
using TEAMModelOS.SDK;
using System.IdentityModel.Tokens.Jwt;
using TEAMModelOS.Services;
using TEAMModelOS.SDK.Models.Service;
using System.IO;
using System.Dynamic;
using Microsoft.AspNetCore.Authorization;
using Azure.Storage.Blobs.Models;
using static TEAMModelOS.SDK.Models.Teacher;
using System.Web;
using static TEAMModelOS.Controllers.FixDataController;
using static TEAMModelOS.SDK.SchoolService;
using Microsoft.AspNetCore.Hosting;
using TEAMModelOS.Filter;
using TEAMModelOS.Controllers.Third.Xkw;
using Microsoft.Extensions.Primitives;
using System.Net.Http;
using Microsoft.Azure.Cosmos.Table;

namespace TEAMModelOS.Controllers.Third
{


    // <summary>
    ///  标准OAuth2
    /// </summary>
    ///  
    [ProducesResponseType(StatusCodes.Status200OK)]
    [ProducesResponseType(StatusCodes.Status400BadRequest)]
    //
    //[Route("")]
   
    [ApiController]
    public class OAuth2Controller : ControllerBase
    {
        private readonly SnowflakeId _snowflakeId;
        private readonly AzureCosmosFactory _azureCosmos;
        private readonly DingDing _dingDing;
        private readonly Option _option;
        private readonly AzureStorageFactory _azureStorage;
        private readonly AzureServiceBusFactory _serviceBus;
        private readonly AzureRedisFactory _azureRedis;
        private readonly CoreAPIHttpService _coreAPIHttpService;
        private readonly ThirdApisService _scsApisService;
        private readonly HttpTrigger _httpTrigger;
        private readonly IWebHostEnvironment _environment;
        /// <summary>
        /// 机构安全码
        /// </summary>
        public string _sc_passKey;
        /// <summary>
        /// 机构ID
        /// </summary>
        public string _sc_trainComID;
        /// <summary>
        /// 机构 AES 密钥
        /// </summary>
        public string _sc_privateKey;
        /// <summary>
        /// 访问地址
        /// </summary>
        public string _sc_url;
        public IConfiguration _configuration { get; set; }
        public OAuth2Controller(IWebHostEnvironment environment, AzureCosmosFactory azureCosmos, SnowflakeId snowflakeId, DingDing dingDing, IOptionsSnapshot<Option> option, AzureStorageFactory azureStorage,
          AzureRedisFactory azureRedis, AzureServiceBusFactory serviceBus, IConfiguration configuration, CoreAPIHttpService coreAPIHttpService, ThirdApisService scsApisService, HttpTrigger httpTrigger)
        {
            _azureCosmos = azureCosmos;
            _snowflakeId = snowflakeId;
            _dingDing = dingDing;
            _option = option?.Value;
            _azureStorage = azureStorage;
            _serviceBus = serviceBus;
            _configuration = configuration;
            _azureRedis = azureRedis;
            _coreAPIHttpService = coreAPIHttpService;
            _scsApisService = scsApisService;
            _httpTrigger = httpTrigger;
            _environment = environment;
        }
        [HttpGet("authorized/xkw")]
        [AllowAnonymous]
        public   IActionResult AuthorizedXkw([FromQuery] OAuthCode authCode) {
            OAuthCode code = new OAuthCode();
            string QueryString = HttpContext?.Request?.QueryString.Value;
            if (!string.IsNullOrWhiteSpace(QueryString)) {
                QueryString = HttpUtility.UrlDecode(QueryString).Substring(1);
                string [] ps= QueryString.Split("&");
                foreach (var p in ps) {
                    string[] pp=p.Split("=");
                    if (pp.Length == 2) {
                        switch (true)
                        {
                            case bool when $"{pp[0]}".Equals("tmdid", StringComparison.OrdinalIgnoreCase):
                                code.tmdid = pp[1];
                                break;
                            case bool when $"{pp[0]}".Equals("code", StringComparison.OrdinalIgnoreCase):
                                code.code = pp[1];
                                break;
                            case bool when $"{pp[0]}".Equals("module", StringComparison.OrdinalIgnoreCase):
                                code.module = pp[1];
                                break;
                                default: break;
                        }
                    }
                }
            }
            var  path =$"{HttpContext?.Request?.Scheme}://{HttpContext?.Request?.Host}/xkw/authorize?code={code.code}&tmdid={code.tmdid}&module={code.module}";
            StringValues accessToken;//应该从别的地方获取 不是mvc 无法从Session 获取 
            HttpContext.Request.Headers.TryGetValue($"xkw-AccessToken", out accessToken);
            if (!_option.Location.Contains("China"))
            {
                return BadRequest();
            }
            return Redirect(path);
        }

        [HttpPost("oauth/check-bind")]
        [Authorize(Roles = "IES")]
        [AuthToken(Roles = "teacher,admin,area,student")]
        public async Task<IActionResult> CheckBind(JsonElement json)
        {
            string domain = HttpContext?.Request?.Host.Host;
            var (tmdid, _, _, school, area, keyData) = HttpContext.GetAuthTokenKey();
            var table = _azureStorage.GetCloudTableClient().GetTableReference("IESOAuth");


            //List<string> Codes = new List<string>();
            //if (!string.IsNullOrWhiteSpace(tmdid))
            //{
            //    Codes.Add($" Code {QueryComparisons.Equal} '{tmdid}' ");
            //}
            //if (!string.IsNullOrWhiteSpace(school))
            //{
            //    Codes.Add($" Code {QueryComparisons.Equal} '{school}' ");
            //}
            //if (!string.IsNullOrWhiteSpace(area))
            //{
            //    Codes.Add($" Code {QueryComparisons.Equal} '{area}' ");
            //}

            //string qurey = $"PartitionKey {QueryComparisons.Equal} 'OAuthShow' and Domain {QueryComparisons.Equal} '{domain}' and ( { string.Join(" or ", Codes)} )  ";

            //var result = await table.ExecuteQuerySegmentedAsync(new TableQuery<OAuthShow>().Where(qurey), null);
            //List<OAuthShow> shows = result.Results;
            //List<OAuthShow> schoolShow = new List<OAuthShow>();
            //var schoolShows = shows?.Where(y => !y.Scope.Equals("private"));
            //if (schoolShows.Any())
            //{
            //    schoolShows.ToList().ForEach(y => { y.Scope = "school"; y.Code = school; });
            //    schoolShows.GroupBy(x => $"{x.Type}{x.Scope}").Select(s => new { key = s.Key, list = s.ToList() }).ToList().ForEach(z => {
            //        schoolShow.Add(z.list.First());
            //    });
            //}
            List<OAuthUser> authUsers = await table.FindListByDict<OAuthUser>(new Dictionary<string, object>() { { "RowKey", tmdid }, { "Domain", domain } });
            return Ok(new
            {
                auth = authUsers.Select(x => new { type = x.Type, tmdid = x.RowKey, time = x.Time }),
                //privateShows = shows?.FindAll(x => x.Scope.Equals("private")).Select(x => new { x.Type, x.Status, x.Scope, x.Code }),
                //schoolShows = schoolShow.Select(x => new { x.Type, x.Status, x.Scope, x.Code })
            });
        }
    }
}