TEAMModelOS/TEAMModelOS/Controllers/Third/LePei/LePeiController.cs

using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using TEAMModelOS.Models;
using TEAMModelOS.SDK.DI;
using System.Text.Json;
using TEAMModelOS.SDK.Models;
using Microsoft.AspNetCore.Http;
using TEAMModelOS.SDK.Extension;
using Azure.Cosmos;
using System.Text;
using TEAMModelOS.SDK.DI;
using Microsoft.Extensions.Options;
using Azure.Messaging.ServiceBus;
using Microsoft.Extensions.Configuration;
using HTEXLib.COMM.Helpers;
using TEAMModelOS.SDK;
using System.IdentityModel.Tokens.Jwt;
using TEAMModelOS.Services;
using TEAMModelOS.SDK.Models.Service;
using System.IO;
using System.Dynamic;
using Microsoft.AspNetCore.Authorization;
using Azure.Storage.Blobs.Models;
using static TEAMModelOS.SDK.Models.Teacher;
using System.Web;
using static TEAMModelOS.Controllers.FixDataController;
using static TEAMModelOS.SDK.SchoolService;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Azure.Cosmos.Table;
using System.Net.Http;
using TEAMModelOS.SDK.Context.Attributes.Azure;
using System.Security.Cryptography.Xml;
using DocumentFormat.OpenXml.Office2010.Excel;
using DocumentFormat.OpenXml.Wordprocessing;
using Microsoft.OData.UriParser;
using System.ComponentModel.DataAnnotations;
using System.Runtime.Intrinsics.X86;
using System.Security.Policy;
using Top.Api;
using Grpc.Core;

namespace TEAMModelOS.Controllers.Third.LePei
{
    [ApiController]
    public class LePeiController : ControllerBase
    {
        private readonly SnowflakeId _snowflakeId;
        private readonly AzureCosmosFactory _azureCosmos;
        private readonly DingDing _dingDing;
        private readonly Option _option;
        private readonly AzureStorageFactory _azureStorage;
        private readonly AzureServiceBusFactory _serviceBus;
        private readonly AzureRedisFactory _azureRedis;
        private readonly CoreAPIHttpService _coreAPIHttpService;
        public readonly string type = "scsyxpt";
        public readonly IHttpClientFactory _httpClientFactory;

        public IConfiguration _configuration { get; set; }
        public LePeiController(IWebHostEnvironment environment, AzureCosmosFactory azureCosmos, SnowflakeId snowflakeId, DingDing dingDing, IOptionsSnapshot<Option> option, AzureStorageFactory azureStorage,
          AzureRedisFactory azureRedis, AzureServiceBusFactory serviceBus, IConfiguration configuration, CoreAPIHttpService coreAPIHttpService, IHttpClientFactory httpClientFactory)
        {
            _azureCosmos = azureCosmos;
            _snowflakeId = snowflakeId;
            _dingDing = dingDing;
            _option = option?.Value;
            _azureStorage = azureStorage;
            _serviceBus = serviceBus;
            _configuration = configuration;
            _azureRedis = azureRedis;
            _coreAPIHttpService = coreAPIHttpService;
            _httpClientFactory = httpClientFactory;
        }
        [HttpPost("lepei/bind")]
        [AllowAnonymous]
        public async Task<IActionResult> Bind(LPBind bind) {
            string HostName = HttpContext.GetHostName();
            if (!string.IsNullOrWhiteSpace(_option.HostName))
            {
                HostName = _option.HostName;
            }
            if (!_option.Location.Contains("Dep"))
            {
                HostName = "www.teammodel.cn";
            }
            var rurl = new StringBuilder($"https://{HostName}/sso");
            try {
                TmdidImplicit tmdidImplicit = null;
                int status = 0;
                string msg = "账号未关联";
                LPTeacher teacherLP = null;
                var table = _azureStorage.GetCloudTableClient().GetTableReference("ScYxpt");
                LPSSOEncryptData encryptData = HttpUtility.UrlDecode(bind.param, Encoding.UTF8).ToObject<LPSSOEncryptData>();
                if (!string.IsNullOrWhiteSpace(bind.mobile))
                {
                    var coreUser = await _coreAPIHttpService.GetUserInfo(new Dictionary<string, string> { { "key", bind.mobile } }, _option.Location, _configuration);
                    if (coreUser != null)
                    {
                        var clientID = _configuration.GetValue<string>("HaBookAuth:CoreService:clientID");
                        tmdidImplicit = await _coreAPIHttpService.Implicit(new Dictionary<string, string> {   { "grant_type", "implicit" },
                                        { "client_id",clientID },
                                        { "account",coreUser.id },
                                        { "nonce",Guid.NewGuid().ToString()} }, _option.Location, _configuration);
                        if (tmdidImplicit != null && !string.IsNullOrWhiteSpace(tmdidImplicit.id_token))
                        {
                            bind.id_token = tmdidImplicit.id_token;
                        }
                        else
                        {
                            status = 7;
                        }
                    }
                    else
                    {
                        status = 7;
                        
                    }
                }
                if (string.IsNullOrWhiteSpace(bind.id_token))
                {
                    status =7;
                }
                else {
                    JwtSecurityToken jwt = new JwtSecurityToken(bind.id_token);
                    var id = jwt.Payload.Sub;
                    CoreUser coreUserById = await _coreAPIHttpService.GetUserInfo(new Dictionary<string, string> { { "key", $"{id}" } }, _option.Location, _configuration);
                    if (coreUserById == null || string.IsNullOrWhiteSpace(coreUserById.mobile) || coreUserById.mobile.Length != 11)
                    {
                        status = 7;
                    }
                    jwt.Payload.TryGetValue("name", out object name);
                    jwt.Payload.TryGetValue("picture", out object picture);
                  
                    List<LPTeacher> teachers = await table.FindListByDict<LPTeacher>(new Dictionary<string, object>() { { Constant.PartitionKey, $"LPTeacher-{encryptData.schoolId}" }, { Constant.RowKey, encryptData.userId } });
                  
                    if (teachers.Any())
                    {
                        teacherLP=teachers.First();
                        teacherLP.tmdid = id;
                    }
                    else {
                        teacherLP = new LPTeacher()
                        {
                            PartitionKey = $"LPTeacher-{encryptData.schoolId}",
                            RowKey = encryptData.userId,
                            mobile = encryptData.mobile,
                            path = encryptData.path,
                            schoolId = encryptData.schoolId,
                            userId = encryptData.userId,
                        };
                    }
                    List<LPSchool> schools = await table.FindListByDict<LPSchool>(new Dictionary<string, object>() { { Constant.PartitionKey, $"LPSchool" }, { Constant.RowKey,$"{encryptData.schoolId}-{encryptData.appId}" }, { "path",encryptData. path } });
                    if (schools.IsNotEmpty()) 
                    {
                        teacherLP.schoolCode = schools[0].schoolCode;
                        //检查自动加入学校
                        Azure.Response responseSchool = await _azureCosmos.GetCosmosClient().GetContainer(Constant.TEAMModelOS, "School").ReadItemStreamAsync(teacherLP.schoolCode, new PartitionKey("Base"));
                        if (responseSchool.Status == 200)
                        {
                            School school = JsonDocument.Parse(responseSchool.Content).RootElement.ToObject<School>();
                            JoinSchool(id, name?.ToString(), picture?.ToString(), school);
                        }
                    }
                    await  table.SaveOrUpdate<LPTeacher>(teacherLP);
                    status = 200;
                }
                if (status == 200)
                {
                    var clientID = _configuration.GetValue<string>("HaBookAuth:CoreService:clientID");
                    var location = _option.Location;
                    var  implicit_token = await _coreAPIHttpService.Implicit(
                        new Dictionary<string, string>()
                        {
                                    { "grant_type", "implicit" },
                                    { "client_id",clientID },
                                    { "account",teacherLP.tmdid },
                                    { "nonce",Guid.NewGuid().ToString()}
                        }, location, _configuration);
                    if (implicit_token != null)
                    {
                        rurl.Append($"?status={status}&msg={HttpUtility.UrlEncode("登录成功", Encoding.UTF8)}&id_token={implicit_token?.id_token}&access_token={implicit_token?.access_token}&expires_in={HttpUtility.UrlEncode(implicit_token?.expires_in)}&token_type={HttpUtility.UrlEncode(implicit_token?.token_type)}").ToString();
                        return Redirect(rurl.ToString());
                    }
                    else {
                        rurl.Append($"?status={status}&msg={HttpUtility.UrlEncode("隐式登录异常", Encoding.UTF8)}");
                        return Redirect(rurl.ToString());
                    }
                    
                }
                else if (status == 7)
                {
                    msg = $"教师账号：{encryptData.userId},{encryptData.mobile}失败";
                    rurl.Append($"?status={status}&msg={HttpUtility.UrlEncode(msg, Encoding.UTF8)}&param={HttpUtility.UrlEncode(encryptData.ToJsonString(), Encoding.UTF8)}");
                    return Redirect(rurl.ToString());
                }
                else
                {
                    rurl.Append($"?status={7}&msg={HttpUtility.UrlEncode("账号未关联成功", Encoding.UTF8)}");
                    return Redirect(rurl.ToString());
                }

            } catch (Exception ex) {
                await _dingDing.SendBotMsg($"乐培项目绑定账号异常，{ex.Message},{ex.StackTrace},\n{bind.ToJsonString()}", GroupNames.成都开发測試群組);
            
            }
            rurl.Append($"?status={7}&msg={HttpUtility.UrlEncode("账号未关联成功", Encoding.UTF8)}");
            return Redirect(rurl.ToString());
        }
        [HttpPost("{path}/lepei-sso")]
        [AllowAnonymous]
        public async Task<IActionResult> Sso(LPSSO sso, string path) {
            string HostName = HttpContext.GetHostName();
            if (!string.IsNullOrWhiteSpace(_option.HostName))
            {
                HostName = _option.HostName;
            }
            if (path.Equals("xinjin"))
            {
                if (!_option.Location.Contains("Dep"))
                {
                    HostName = "www.teammodel.cn";
                }
            }
            var rurl = new StringBuilder($"https://{HostName}/lepei-sso");
            var table = _azureStorage.GetCloudTableClient().GetTableReference("ScYxpt");
            List<LPSchool> configs = await table.FindListByDict<LPSchool>(new Dictionary<string, object>() { { Constant.PartitionKey, "LPSchool" }, { Constant.RowKey,$"{sso.schoolId}-{sso.appId}"}, { "path",path } });
            LPTeacher teacher = null;
            int status = 4;//1项目未配置,2 账号未未关联,3账号已关联
            string msg = "账号未关联";
            TmdidImplicit implicit_token = null;
            LPSSOEncryptData encryptData = null;
            if (configs.Any())
            {

                LPSchool config = configs[0];
                string data = AESHelper.Decryptor(sso.encryptData, config.secretKey, config.secretKey.Substring(0, 16));
                encryptData = data.ToObject<LPSSOEncryptData>();
                encryptData.path = path;
                List<LPTeacher> teachers = await table.FindListByDict<LPTeacher>(new Dictionary<string, object>() { { Constant.PartitionKey, $"LPTeacher-{encryptData.schoolId}" }, { Constant.RowKey, encryptData.userId } });
                if (teachers.Any())
                {
                    teacher = teachers[0];
                    if (!string.IsNullOrWhiteSpace(teacher.tmdid))
                    {
                        status = 3;//已关联
                        msg = "账号已关联";
                    }
                    else
                    {
                        //未绑定，尝试用手机号进行关联
                        var coreUser = await _coreAPIHttpService.GetUserInfo(new Dictionary<string, string> { { "key", encryptData.mobile } }, _option.Location, _configuration);
                        if (coreUser != null)
                        {
                            teacher.tmdid = coreUser.id;
                            status = 3;//已关联
                            msg = "账号已关联";
                        }
                        else
                        {
                            status = 4;
                        }
                        teacher.mobile = encryptData.mobile;
                        await table.SaveOrUpdate<LPTeacher>(teacher);
                    }
                }
                else
                {
                    if (!string.IsNullOrWhiteSpace(encryptData.mobile))
                    {
                        List<LPSchool> schools = await table.FindListByDict<LPSchool>(new Dictionary<string, object>() { { Constant.PartitionKey, $"LPSchool" }, { Constant.RowKey, $"{sso.schoolId}-{sso.appId}" }, { "path", path } });
                        if (schools.IsNotEmpty())
                        {
                            teacher = new LPTeacher()
                            {
                                PartitionKey = $"LPTeacher-{encryptData.schoolId}",
                                RowKey = encryptData.userId,
                                mobile = encryptData.mobile,
                                path = path,
                                schoolId = encryptData.schoolId,
                                schoolCode = schools[0].schoolCode,
                                userId = encryptData.userId,
                            };
                            //未绑定，尝试用手机号进行关联
                            var coreUser = await _coreAPIHttpService.GetUserInfo(new Dictionary<string, string> { { "key", encryptData.mobile } }, _option.Location, _configuration);
                            if (coreUser != null)
                            {
                                teacher.tmdid = coreUser.id;
                                status = 3;//已关联
                                msg = "账号已关联";
                            }
                            else
                            {
                                status = 4;
                            }
                            await table.SaveOrUpdate<LPTeacher>(teacher);
                        }
                        else
                        {
                            status = 5;
                            msg = "学校信息未同步";
                        }
                    }
                    else
                    {
                        status = 2;
                        msg = "乐培教师信息没有手机号";
                    }
                }
              
                if (status == 3)
                {
                    var clientID = _configuration.GetValue<string>("HaBookAuth:CoreService:clientID");
                    var location = _option.Location;
                    implicit_token = await _coreAPIHttpService.Implicit(
                        new Dictionary<string, string>()
                        {
                                    { "grant_type", "implicit" },
                                    { "client_id",clientID },
                                    { "account",teacher.tmdid },
                                    { "nonce",Guid.NewGuid().ToString()}
                        }, location, _configuration);
                    if (implicit_token != null)
                    {
                        if (string.IsNullOrWhiteSpace(implicit_token.id_token))
                        {
                            await _dingDing.SendBotMsg($"OS,隐式登录获得信息为空：{_option.Location}-\n{sso.ToJsonString()} \npath:{path}\n{implicit_token.ToJsonString()}", GroupNames.醍摩豆服務運維群組);
                            status = 6;
                            msg = "隐式登录异常";
                        }
                        else
                        {
                            status = 200;
                            msg = "登录成功";
                            if (!string.IsNullOrWhiteSpace(teacher.schoolCode)) {
                                //检查自动加入学校
                                Azure.Response responseSchool = await _azureCosmos.GetCosmosClient().GetContainer(Constant.TEAMModelOS, "School").ReadItemStreamAsync(teacher.schoolCode, new PartitionKey("Base"));
                                if (responseSchool.Status == 200) 
                                { 
                                    School school= JsonDocument.Parse(responseSchool.Content).RootElement.ToObject<School>();
                                    JwtSecurityToken jwt = new JwtSecurityToken(implicit_token.id_token);
                                    var id = jwt.Payload.Sub;
                                    jwt.Payload.TryGetValue("name", out object name);
                                    jwt.Payload.TryGetValue("picture", out object picture);
                                    JoinSchool(id, name?.ToString(), picture?.ToString(), school);
                                }
                            }
                        }
                    }
                    else
                    {
                        status = 6;
                        msg = "隐式登录异常";
                    }
                }
            }
            else {
                status = 1;
                msg = $"未配置{path}项目";
            }
            if (status == 200)
            {
                rurl.Append($"?status={status}&msg={HttpUtility.UrlEncode(msg, Encoding.UTF8)}&id_token={implicit_token?.id_token}&access_token={implicit_token?.access_token}&expires_in={HttpUtility.UrlEncode(implicit_token?.expires_in)}&token_type={HttpUtility.UrlEncode(implicit_token?.token_type)}").ToString();
#if !DEBUG
                return Redirect(rurl.ToString());
#else
                return Ok(new { code = 200, message = msg, data = rurl.ToString() });
#endif
            }
            else if (status == 4) {
                msg = $"教师账号：{encryptData.userId},{encryptData.mobile}未关联";
                rurl.Append($"?status={status}&msg={HttpUtility.UrlEncode(msg, Encoding.UTF8)}&mobile={encryptData.mobile}&param={HttpUtility.UrlEncode(encryptData.ToJsonString(), Encoding.UTF8)}");
#if !DEBUG
                return Redirect(rurl.ToString());
#else
                return Ok(new { code = 200, message = msg, data = rurl.ToString() });
#endif
            }
            else
            {
                rurl.Append($"?status={status}&msg={HttpUtility.UrlEncode(msg, Encoding.UTF8)}");
#if !DEBUG
                return  Redirect(rurl.ToString());
#else
                return Ok(new { code = 400, message = msg, data =rurl.ToString() });
#endif

            }
        }
        private async void JoinSchool(string tmdid,string name ,string picture, School  school  )
        {
            Teacher teacher = null;
            Azure .Response responseTeacher = await _azureCosmos.GetCosmosClient().GetContainer(Constant.TEAMModelOS, "Teacher").ReadItemStreamAsync(tmdid, new PartitionKey("Base"));
            Azure.Response responseSchoolTeacher = await _azureCosmos.GetCosmosClient().GetContainer(Constant.TEAMModelOS,Constant.School).ReadItemStreamAsync(tmdid, new PartitionKey($"Teacher-{school.id}"));
            if (responseSchoolTeacher.Status != 200)
            {
                SchoolTeacher schoolTeacher = new SchoolTeacher
                {
                    id = teacher.id,
                    code = $"Teacher-{school.id}",
                    roles = new List<string> { "teacher" },
                    permissions = new List<string>(),
                    pk = "Teacher",
                    name = teacher.name,
                    picture = teacher.picture,
                    status = "join",
                    createTime = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(),
                    ttl = -1
                };
                await _azureCosmos.GetCosmosClient().GetContainer(Constant.TEAMModelOS, "School").UpsertItemAsync(schoolTeacher, new PartitionKey(schoolTeacher.code));
            }
            else { 
                SchoolTeacher schoolTeacher= JsonDocument.Parse(responseSchoolTeacher.Content).RootElement.ToObject<SchoolTeacher>();
                if (schoolTeacher != null)
                {
                    if (!schoolTeacher.roles.IsEmpty())
                    {
                        if (!schoolTeacher.roles.Contains("teacher"))
                        {
                            schoolTeacher.roles.Add("teacher");
                        }
                    }
                    else
                    {
                        schoolTeacher.roles = new List<string> { "teacher" };
                    }
                    schoolTeacher.status = "join";
                    schoolTeacher.pk = "Teacher";
                    schoolTeacher.name = teacher.name;
                    schoolTeacher.picture = teacher.picture;
                    schoolTeacher.createTime = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
                    schoolTeacher.ttl = -1;
                    schoolTeacher.permissions = schoolTeacher.permissions.IsNotEmpty() ? schoolTeacher.permissions : new List<string>();
                    await _azureCosmos.GetCosmosClient().GetContainer(Constant.TEAMModelOS, "School").UpsertItemAsync(schoolTeacher, new PartitionKey(schoolTeacher.code));
                } 
            }
            if (responseTeacher.Status == 200)
            {
                teacher = JsonDocument.Parse(responseTeacher.Content).RootElement.ToObject<Teacher>();
                var sc=teacher.schools.Find(z => z.schoolId.Equals(school.id));
                if (sc == null) {
                    teacher.schools.Add(new TeacherSchool
                    {
                        schoolId = school.id,
                        name = school.name,
                        picture = school.picture,
                        status = "join",
                        time = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(),
                        areaId = school.areaId
                    });
                    teacher.defaultSchool = school.id;
                }
            }
            else {
                teacher = new Teacher
                {
                    createTime = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(),
                    id = tmdid,
                    pk = "Teacher",
                    code = "Base",
                    name = name,
                    picture = picture?.ToString(),
                    //创建账号并第一次登录IES5则默认赠送1G
                    size = 1,
                    defaultSchool = school.id,
                    schools = new List<Teacher.TeacherSchool>() { new TeacherSchool 
                    {
                        schoolId=school.id,
                        name=school.name,picture=school.picture,status="join",time=DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(),areaId=school.areaId
                    } },
                };
            }
        }
    }
    public class LPBind 
    {
        [Required(ErrorMessage = "{0} 必须填写")]
        public string param { get; set; }
        public string id_token { get; set; }
        public string mobile { get; set; }
    }

    public class LPSSO { 
        public string appId { get; set; }
        public string schoolId { get; set; }
        public string encryptData { get; set; }
    }
    public class LPSSOEncryptData
    {
        public string appId { get; set; }
        public string schoolId { get; set; }
        public string userId { get; set; }
        public string mobile { get; set; }
        public string path { get; set; }
    }
    [TableName(Name = "ScYxpt")]
    public class LPTeacher :TableEntity
    {
        /// <summary>
        /// PartitionKey = "LPTeacher-{schoolId}"
        /// RowKey = $"{userId}"
        /// </summary>
        public string userId { get; set; }
        /// <summary>
        /// 乐陪对应的学校id
        /// </summary>
        public string schoolId { get; set; }
        /// <summary>
        /// 醍摩豆对应的学校编码
        /// </summary>
        public string schoolCode { get; set; }
        public string mobile { get; set; }
        public string tmdid { get; set; }
        /// <summary>
        /// {path}/lepei-sso 中的path
        /// </summary>
        public string path { get; set; }
    }
    [TableName(Name = "ScYxpt")]
    public class LPSchool : TableEntity
    {
        public LPSchool()
        {
            PartitionKey = "LPSchool";
        }
        /// <summary>
        /// PartitionKey = "LPSchool"
        /// RowKey = $"{schoolId学校id}"
        /// </summary>
        public string schoolId { get; set; }
        public string schoolName { get; set; }
        /// <summary>
        /// 醍摩豆对应的学校编码
        /// </summary>
        public string schoolCode { get; set; }

        /// <summary>
        /// {path}/lepei-sso 中的path
        /// </summary>
        public string path { get; set; }
        public string appId { get; set; }
        public string secretKey { get; set; }
    }
    [TableName(Name = "ScYxpt")]
    public class LPConfig : TableEntity
    {
        public LPConfig (){
            PartitionKey = "LPConfig-{appId}";
        }
        /// <summary>
        /// pk="LPConfig"
        /// rk=$"{path}"
        /// </summary>
        public string path { get; set; }
        public  string appId { get; set;}
        public string secretKey { get; set; }
    }
    /*
     * https://easydoc.net/doc/61463617/Ufnsdona/k3Zb68pX
     	新津区外国语实验学校
乐陪学校ID：115
乐陪appId：1602542204202872832
乐陪密钥：Pk5Bmb4dl8aFYR5ezbgGpjdpXS4aFp4l

	新津区五津初级中学  
乐陪学校ID：116
乐陪appId：1602542306216734720
乐陪密钥：R7mCHT2QlidOxF8MasKjSKeWmaKXGOvG
     */
}