TEAMModelOS/TEAMModelOS/Controllers/Third/Xkw/XkwOAuth2Controller.cs

using Microsoft.AspNetCore.Mvc;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using TEAMModelOS.Models;
using TEAMModelOS.SDK.DI;
using System.Text.Json;
using TEAMModelOS.SDK.Models;
using Microsoft.AspNetCore.Http;
using TEAMModelOS.SDK.Extension;
using Azure.Cosmos;
using System.Text;
using TEAMModelOS.SDK.DI.AzureCosmos.Inner;
using Microsoft.Extensions.Options;
using Azure.Messaging.ServiceBus;
using Microsoft.Extensions.Configuration;
using HTEXLib.COMM.Helpers;
using TEAMModelOS.SDK;
using System.IdentityModel.Tokens.Jwt;
using TEAMModelOS.Services;
using TEAMModelOS.SDK.Models.Service;
using System.IO;
using System.Dynamic;
using Microsoft.AspNetCore.Authorization;
using Azure.Storage.Blobs.Models;
using static TEAMModelOS.SDK.Models.Teacher;
using System.Web;
using static TEAMModelOS.Controllers.FixDataController;
using static TEAMModelOS.SDK.SchoolService;
using Microsoft.AspNetCore.Hosting;
using TEAMModelOS.Filter;
using TEAMModelOS.Controllers.Third.Xkw;
using Microsoft.Extensions.Primitives;
using System.Net.Http;

namespace TEAMModelOS.Controllers
{
    // <summary>
    ///  标准OAuth2
    /// </summary>
    ///  
    [ProducesResponseType(StatusCodes.Status200OK)]
    [ProducesResponseType(StatusCodes.Status400BadRequest)]
    //
    //[Route("")]
    [Route("xkw")]
    [ApiController]
    public class XkwOAuth2Controller : ControllerBase
    {
        private readonly SnowflakeId _snowflakeId;
        private readonly AzureCosmosFactory _azureCosmos;
        private readonly DingDing _dingDing;
        private readonly Option _option;
        private readonly AzureStorageFactory _azureStorage;
        private readonly AzureServiceBusFactory _serviceBus;
        private readonly AzureRedisFactory _azureRedis;
        private readonly CoreAPIHttpService _coreAPIHttpService;
        private readonly ThirdApisService _scsApisService;
        private readonly HttpTrigger _httpTrigger;
        private readonly IWebHostEnvironment _environment;
        /// <summary>
        /// 机构安全码
        /// </summary>
        public string _sc_passKey;
        /// <summary>
        /// 机构ID
        /// </summary>
        public string _sc_trainComID;
        /// <summary>
        /// 机构 AES 密钥
        /// </summary>
        public string _sc_privateKey;
        /// <summary>
        /// 访问地址
        /// </summary>
        public string _sc_url;
        public IConfiguration _configuration { get; set; }
        public XkwOAuth2Controller(IWebHostEnvironment environment, AzureCosmosFactory azureCosmos, SnowflakeId snowflakeId, DingDing dingDing, IOptionsSnapshot<Option> option, AzureStorageFactory azureStorage,
          AzureRedisFactory azureRedis, AzureServiceBusFactory serviceBus, IConfiguration configuration, CoreAPIHttpService coreAPIHttpService, ThirdApisService scsApisService, HttpTrigger httpTrigger)
        {
            _azureCosmos = azureCosmos;
            _snowflakeId = snowflakeId;
            _dingDing = dingDing;
            _option = option?.Value;
            _azureStorage = azureStorage;
            _serviceBus = serviceBus;
            _configuration = configuration;
            _azureRedis = azureRedis;
            _coreAPIHttpService = coreAPIHttpService;
            _scsApisService = scsApisService;
            _httpTrigger = httpTrigger;
            _environment = environment;
        }

        /// <summary>
        ///  标准OAuth2  方式的回调地址。
        /// </summary>D:\VisualStudioProjects\TEAMModelOS\TEAMModelOS.SDK\Models\Service\Third\ScYxptModel.cs
        /// <param name="request"></param>
        /// <returns></returns>

        [HttpPost("oauth")]
        [Authorize(Roles = "IES")]
        [AuthToken(Roles = "teacher,admin,area,student")]
        public async Task<IActionResult> Aauth(OAuthCode authCode) {
            //https://ssoserviceurl/oauth2/authorize?client_id=APPKEY&openid=OPENID=&service=SERVICE
            var (tmdid, _, _, school) = HttpContext.GetAuthTokenInfo();

            StringValues accessToken = "";//应该从别的地方获取 不是mvc 无法从Session 获取 
            HttpContext.Request.Headers.TryGetValue($"XKW-AccessToken", out accessToken);
            if (!_option.Location.Contains("China"))
            {
                return BadRequest();
            }
            var client = await GetOpenAuthClient(tmdid, accessToken);
            if (authCode.agree == 1) {
                //获取醍摩豆id的手机号
                var keys =new List<string> { tmdid};
                var content = new StringContent(keys.ToJsonString(), Encoding.UTF8, "application/json");
                string ujson = await _coreAPIHttpService.GetUserInfos(content);
                List<CoreUser> coreUsers = new List<CoreUser>(0);
                if (!string.IsNullOrWhiteSpace(ujson))
                {
                    coreUsers = ujson.ToObject<List<CoreUser>>();
                    if (coreUsers.Any() ) {

                        client.Extra = coreUsers.Find(x=>x.searchKey.Equals(tmdid))?.mobile;
                    }
                }
            }
            string url = client.GetAuthorizationUrl();
            return Ok(new { redirect = url });
        }
        [HttpPost("authorize")]
        [Authorize(Roles = "IES")]
        [AuthToken(Roles = "teacher,admin,area,student")]
        public async Task<IActionResult> Authorize(OAuthCode authCode  )
        {
            var (tmdid, _, _, school) = HttpContext.GetAuthTokenInfo();
            StringValues accessToken ;//应该从别的地方获取 不是mvc 无法从Session 获取 
            HttpContext.Request.Headers.TryGetValue($"XKW-AccessToken", out accessToken);
            if (!_option.Location.Contains("China"))
            {
                return BadRequest();
            }
            //没有获取到codes的情况
            if (string.IsNullOrEmpty(authCode.code))
            {
                return RedirectToAction("Index");
            }
            var client =await GetOpenAuthClient(tmdid, accessToken);
            string schoolId = "tmdedu";
            if (_option.Location.Contains("Test", StringComparison.OrdinalIgnoreCase) || _option.Location.Contains("Dep", StringComparison.OrdinalIgnoreCase))
            {
                schoolId = "3082";
            }
            client.GetAccessTokenByCode(authCode.code, schoolId);
            //未登录已认证学科网用户
            if (string.IsNullOrEmpty(client.UserId) || "".Equals(client.UserId.Trim()))
            {
                return Redirect($"bind?status=0&accessToken={client.AccessToken}&openId={client.OpenId}&userId={client.UserId}&msg={HttpUtility.UrlEncode("未登录")}");
            }
            if (string.IsNullOrEmpty(client.OpenId))
            {
                string errorMsg = "学科网"+client.ErrorMessage;
                return Redirect($"bind?status=0&accessToken={client.AccessToken}&openId={client.OpenId}&userId={client.UserId}&msg={HttpUtility.UrlEncode(errorMsg)}");
            }

            if (client.IsAuthorized || !string.IsNullOrWhiteSpace(client.OpenId))
            {
                return Redirect($"bind?status=1&accessToken={client.AccessToken}&openId={client.OpenId}&userId={client.UserId}&msg={HttpUtility.UrlEncode("认证成功")}");
            }
            else
            {
                return Redirect($"bind?status=0&accessToken={client.AccessToken}&openId={client.OpenId}&userId={client.UserId}&msg={HttpUtility.UrlEncode("认证失败")}");
            }
        }
        

        [HttpGet("bind")]
        public async Task<IActionResult> Bind([FromQuery] XkwBindModel authCode)
        {
            if (authCode.status == 1)
            {
                var table = _azureStorage.GetCloudTableClient().GetTableReference("IESOAuth");
                OAuthUser authUser = new OAuthUser
                {
                    PartitionKey = "OAuthUser-Xkw",
                    RowKey = authCode.userId,
                    OpenId = authCode.openId,
                    Time = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds(),
                    Type = "Xkw"
                };
                await table.SaveOrUpdate<OAuthUser>(authUser);
                return Ok(new { status=authCode.status, msg = "绑定成功！" });
            }
            else {
                return Ok(new { status = authCode.status, msg = authCode.msg });
            }
           
        }
        [HttpGet("unbind")]
        public async Task<IActionResult> Unbind(String openId, String userId)
        {
            //bool ret = xkwOAuthTxtHelper.UnBindXkw(userId);
            //string msg = "无解绑关系";
            //if (ret)
            //{
            //    openId = "";
            //    msg = "解绑成功";
            //}
            //ViewBag.OpenId = openId;
            //ViewBag.UserId = userId;
            //ViewBag.Message = msg;
            return Ok();
        }


        /// <summary>
        /// 退出登录
        /// </summary>
        /// <returns></returns>
        [HttpGet("exit")]
        public ActionResult Exit()
        {
            //HttpCookie uk = new HttpCookie("userId");
            //uk.Value = "";
            //uk.Expires = DateTime.Now.AddDays(-10);
            //Response.Cookies.Set(uk);
            //return RedirectToAction("Index", "Demo");

            return Ok();
        }


        /// <summary>
        /// 封装一个方法来初始化OpenAuth客户端
        /// </summary>
        /// <returns></returns>
        private async Task<XkwOAuthClient> GetOpenAuthClient(string tmdid,string accessToken)
        {
            var table = _azureStorage.GetCloudTableClient().GetTableReference("IESOAuth");
            //var accessToken = Session["access_token"] == null ? string.Empty : (string)Session["access_token"];
            //var userId = Request.Cookies["userId"] == null ? string.Empty : Request.Cookies["userId"].Value;
            var userId = tmdid;//直接传递获取
            //var openId = xkwOAuthTxtHelper.GetOpenIdByUserId(userId);
            string openId =null;//直接从数据库获取
                                // var settings = ConfigurationManager.AppSettings;
                                // var client = new XkwOAuthClient(settings["OAuth_Xkw_AppKey"], settings["OAuth_Xkw_AppSecret"], settings["OAuth_Xkw_RedirectUrl"], settings["OAuth_Xkw_OAuthHost"], accessToken, openId, userId);

            List<OAuthUser> authUsers = await table.FindListByDict<OAuthUser>(new Dictionary<string, object>() { { "PartitionKey", "OAuthUser-Xkw" }, { "RowKey", tmdid } });
            if (authUsers.Any()) {
                openId = authUsers[0].OpenId;
            }
            string RowKey = "Xkw";
            if (_option.Location.Contains("Test", StringComparison.OrdinalIgnoreCase) || _option.Location.Contains("Dep", StringComparison.OrdinalIgnoreCase)) {
                RowKey = "Xkw-Test";
            }
            List<OAuthComConfig> configs = await table.FindListByDict<OAuthComConfig>(new Dictionary<string, object>() { { "PartitionKey", "OAuthComConfig" }, { "RowKey", RowKey } });
            if (configs.Any())
            {
                string OAuth_Xkw_AppKey = configs[0].AppKey;
                string OAuth_Xkw_AppSecret = configs[0].AppSecret;
                string OAuth_Xkw_RedirectUrl = configs[0].RedirectUrl;
                string OAuth_Xkw_OAuthHost = configs[0].OAuthHost;
                string OAuth_Xkw_ServiceUrl = configs[0].ServiceUrl;
                var client = new XkwOAuthClient(OAuth_Xkw_AppKey, OAuth_Xkw_AppSecret, OAuth_Xkw_RedirectUrl, OAuth_Xkw_OAuthHost, accessToken, openId, userId);
                client.SERVICE_URL = OAuth_Xkw_ServiceUrl;
                return client;
            }
            else { 
                return null; 
            }

        }
    }
}