LoginController.cs 43 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710
  1. using Azure.Cosmos;
  2. using DingTalk.Api;
  3. using DingTalk.Api.Request;
  4. using DingTalk.Api.Response;
  5. using Microsoft.AspNetCore.Http;
  6. using Microsoft.AspNetCore.Mvc;
  7. using Microsoft.Extensions.Configuration;
  8. using System;
  9. using System.Collections.Generic;
  10. using System.Linq;
  11. using System.Text.Json;
  12. using System.Threading.Tasks;
  13. using TEAMModelOS.SDK.DI;
  14. using TEAMModelOS.SDK.Models;
  15. using HTEXLib.COMM.Helpers;
  16. using TEAMModelOS.Models;
  17. using Microsoft.Extensions.Options;
  18. using TEAMModelOS.SDK.Extension;
  19. using TEAMModelOS.SDK.Models.Service;
  20. using Microsoft.AspNetCore.Authorization;
  21. using Azure.Storage.Blobs.Models;
  22. using System.IdentityModel.Tokens.Jwt;
  23. using System.Net.Http;
  24. using System.Text;
  25. using System.Net;
  26. using Newtonsoft.Json;
  27. using System.Collections;
  28. using Newtonsoft.Json.Linq;
  29. using TEAMModelOS.SDK.Models.Cosmos.BI;
  30. using Azure.Storage.Sas;
  31. using System.Net.Http.Json;
  32. using TEAMModelBI.Filter;
  33. using TEAMModelBI.Models.Extension;
  34. using TEAMModelOS.SDK;
  35. using Microsoft.AspNetCore.Hosting;
  36. using TEAMModelBI.Tool;
  37. using TEAMModelOS.SDK.Context.Constant;
  38. using TEAMModelBI.Models;
  39. using TEAMModelOS.SDK.Context.BI;
  40. using TEAMModelOS.SDK.Models.Cosmos.BI.BINormal;
  41. //using static DingTalk.Api.Response.OapiV2UserGetResponse;
  42. namespace TEAMModelBI.Controllers
  43. {
  44. [ProducesResponseType(StatusCodes.Status200OK)]
  45. [ProducesResponseType(StatusCodes.Status400BadRequest)]
  46. [Route("common/login")]
  47. [ApiController]
  48. public class LoginController : ControllerBase
  49. {
  50. private readonly IConfiguration _configuration;
  51. //数据容器
  52. private readonly AzureCosmosFactory _azureCosmos;
  53. //文件容器
  54. private readonly AzureStorageFactory _azureStorage;
  55. //钉钉提示信息
  56. private readonly DingDing _dingDing;
  57. private readonly Option _option;
  58. //隐式登录
  59. private readonly CoreAPIHttpService _coreAPIHttpService;
  60. private readonly IHttpClientFactory _http;
  61. private readonly IWebHostEnvironment _environment; //读取文件
  62. public LoginController(IConfiguration configuration, AzureCosmosFactory azureCosmos, AzureStorageFactory azureStorage, DingDing dingDing, IOptionsSnapshot<Option> option, CoreAPIHttpService coreAPIHttpService, IHttpClientFactory http, IWebHostEnvironment environment)
  63. {
  64. _configuration = configuration;
  65. _azureCosmos = azureCosmos;
  66. _azureStorage = azureStorage;
  67. _dingDing = dingDing;
  68. _option = option?.Value;
  69. _coreAPIHttpService = coreAPIHttpService;
  70. _http = http;
  71. _environment = environment;
  72. }
  73. /// <summary>
  74. /// 钉钉扫码登录获取扫码信息
  75. /// </summary>
  76. /// <param name="jsonElement"></param>
  77. /// <returns></returns>
  78. [ProducesDefaultResponseType]
  79. [HttpPost("get-ddscancode")]
  80. public async Task<IActionResult> GetDingDingScanCode(JsonElement jsonElement)
  81. {
  82. try
  83. {
  84. string appKey = _configuration["DingDingAuth:appKey"];
  85. string appSecret = _configuration["DingDingAuth:appSecret"];
  86. string proDeptId = _configuration["CustomParam:proDeptId"];
  87. //string divide = _configuration["CustomParam:SiteScope"];
  88. string divide = _option.Location;
  89. var cosmosClient = _azureCosmos.GetCosmosClient();
  90. string Website = "China";
  91. if (string.IsNullOrWhiteSpace(appKey) || string.IsNullOrWhiteSpace(appSecret))
  92. {
  93. return Ok(new { state = 0, msg = "请检查配置钉钉的信息" });
  94. }
  95. //自己传的code
  96. if (!jsonElement.TryGetProperty("code", out JsonElement LoginTempCode)) return BadRequest();
  97. jsonElement.TryGetProperty("site", out JsonElement site);
  98. var tableClient = _azureStorage.GetCloudTableClient();
  99. var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
  100. if ($"{site}".Equals(BIConst.Global))
  101. {
  102. tableClient = _azureStorage.GetCloudTableClient(BIConst.Global);
  103. blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public", BIConst.Global);
  104. Website = BIConst.Global;
  105. }
  106. //获取access_token
  107. IDingTalkClient tokenClient = new DefaultDingTalkClient("https://oapi.dingtalk.com/gettoken");
  108. OapiGettokenRequest tokenRequest = new() { Appkey = appKey, Appsecret = appSecret };
  109. tokenRequest.SetHttpMethod("Get");
  110. OapiGettokenResponse tokenRespone = tokenClient.Execute(tokenRequest);
  111. if (tokenRespone.IsError) return BadRequest();
  112. string access_token = tokenRespone.AccessToken;
  113. //获取临时授权码 获取授权用户的个人信息
  114. DefaultDingTalkClient clientinfo = new("https://oapi.dingtalk.com/sns/getuserinfo_bycode");
  115. OapiSnsGetuserinfoBycodeRequest req = new() { TmpAuthCode = $"{LoginTempCode}" }; //通过扫描二维码,跳转到指定的Url后,向Url中追加Code临时授权码
  116. OapiSnsGetuserinfoBycodeResponse response = clientinfo.Execute(req, appKey, appSecret);
  117. if (response.Errcode.Equals(40078))
  118. {
  119. return Ok(new { state = 0, msg = $"state:{response.Errcode};Err{response.Errmsg}/临时授权码过期请重新扫码" });
  120. }
  121. string unionid = response.UserInfo.Unionid;
  122. IDingTalkClient client2 = new DefaultDingTalkClient("https://oapi.dingtalk.com/topapi/user/getbyunionid"); //userid地址
  123. OapiUserGetbyunionidRequest byunionidRequest = new() { Unionid = unionid };
  124. OapiUserGetbyunionidResponse byunionidResponse = client2.Execute(byunionidRequest, access_token);
  125. if (byunionidResponse.IsError || byunionidResponse.Errcode == 60121)
  126. {
  127. return Ok(new { state = 0, msg = byunionidResponse.Errmsg });
  128. }
  129. // 根据userId获取用户信息
  130. string userid = byunionidResponse.Result.Userid;
  131. IDingTalkClient client3 = new DefaultDingTalkClient("https://oapi.dingtalk.com/topapi/v2/user/get");
  132. OapiV2UserGetRequest v2GetRequest = new()
  133. {
  134. Userid = userid,
  135. Language = "zh_CN"
  136. };
  137. v2GetRequest.SetHttpMethod("POST");
  138. OapiV2UserGetResponse v2GetResponse = client3.Execute(v2GetRequest, access_token);
  139. if (v2GetResponse.IsError)
  140. {
  141. return Ok(new { state = 0, msg = "扫码登录失败" });
  142. }
  143. var table = _azureStorage.GetCloudTableClient().GetTableReference("BIDDUserInfo");
  144. var id_token = "";
  145. string osblob_uri = null, osblob_sas = null;
  146. List<string> roles = new();//角色列表
  147. List<string> permissions = new();//权限列表
  148. bool isExploit = false;
  149. List<DingDingUserInfo> ddusers = await table.FindListByDict<DingDingUserInfo>(new Dictionary<string, object>() { { "PartitionKey", $"{divide}"},{ "userId", $"{v2GetResponse.Result.Userid}" }, { "unionId", $"{v2GetResponse.Result.Unionid}" } });
  150. if (ddusers.Count > 0)
  151. {
  152. List<DingDingUserInfo> saveInfo = new();
  153. StringBuilder strMsg = new();
  154. foreach (var item in ddusers)
  155. {
  156. if (string.IsNullOrEmpty(item.tmdId))
  157. {
  158. var coreUser = await _coreAPIHttpService.GetUserInfo(new Dictionary<string, string> { { "key", $"{item.mobile}" } }, _option.Location, _configuration);
  159. if (coreUser != null && coreUser.id != null)
  160. {
  161. item.tmdId = coreUser.id;
  162. item.tmdName = coreUser.name;
  163. item.tmdMobile = coreUser.mobile;
  164. item.picture = coreUser.picture;
  165. item.mail = coreUser.mail;
  166. }
  167. else return Ok(new { state = 404, msg = "依据钉钉手机号未找到醍摩豆账号!" });
  168. //List<string> mobiles = new() { $"{ item.mobile}" };
  169. //var content = new StringContent(mobiles.ToJsonString(), Encoding.UTF8, "application/json");
  170. //string json = await _coreAPIHttpService.GetUserInfos(content);
  171. //if (!string.IsNullOrEmpty(json))
  172. //{
  173. // List<JsonElement> json_id = json.ToObject<List<JsonElement>>();
  174. // foreach (var tmd in json_id)
  175. // {
  176. // item.tmdId = tmd.GetProperty("id").ToString();
  177. // item.tmdName = tmd.GetProperty("name").ToString();
  178. // item.tmdMobile = tmd.GetProperty("mobile").ToString();
  179. // item.picture = tmd.GetProperty("picture").ToString();
  180. // item.mail = tmd.GetProperty("mail").ToString();
  181. // }
  182. //}
  183. //else return Ok(new { state = 404, msg = "依据钉钉手机号未找到醍摩豆账号!" });
  184. strMsg.Append($"{item.tmdName}【{item.tmdId}】醍摩豆账号和{item.name}【{item.userId}】钉钉账户绑定成功");
  185. //保存操作记录
  186. //await _azureStorage.SaveBILog("tabledd-update", strMsg?.ToString(), _dingDing, httpContext: HttpContext, twebsite: Website, tid: item.tmdId, tname: item.tmdName);
  187. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", strMsg?.ToString(), _dingDing, httpContext: HttpContext, twebsite: Website, tid: item.tmdId, tname: item.tmdName);
  188. saveInfo.Add(item);
  189. }
  190. List<string> schoolIds = await CommonFind.FindSchoolIds(cosmosClient, item.tmdId);
  191. if (schoolIds.Count > 0)
  192. {
  193. item.schoolIds = string.Join("|", schoolIds);
  194. await table.SaveOrUpdate<DingDingUserInfo>(item);
  195. }
  196. roles = !string.IsNullOrEmpty($"{item.roles}") ? new List<string>(item.roles.Split(",")) : new List<string>();
  197. roles = roles.Where(w => !string.IsNullOrEmpty(w)).ToList();
  198. permissions = !string.IsNullOrEmpty($"{item.permissions}") ? new List<string>(item.permissions.Split(",")) : new List<string>();
  199. if (item.depts.Contains($"{proDeptId}")) isExploit = true;
  200. if (item.deptId == long.Parse($"{proDeptId}")) isExploit = true;
  201. if (item.pid == long.Parse($"{proDeptId}")) isExploit = true;
  202. //自己写的
  203. id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, item.tmdId?.ToString(), item.tmdName?.ToString(), item.picture?.ToString(), _option.JwtSecretKey, scope: "assist", webSite: Website, isex: isExploit, item.userId?.ToString(), item.name?.ToString(), item.avatar?.ToString(), roles: roles?.ToArray(), permissions: permissions?.ToArray(), expire: 3);
  204. }
  205. if (saveInfo.Count > 0)
  206. {
  207. ddusers = await table.UpdateAll<DingDingUserInfo>(saveInfo);
  208. }
  209. }
  210. else
  211. {
  212. DingDingUserInfo ddUserInfo = new()
  213. {
  214. PartitionKey = divide,
  215. RowKey = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds().ToString(),
  216. userId = v2GetResponse.Result.Userid,
  217. unionId = v2GetResponse.Result.Unionid,
  218. name = v2GetResponse.Result.Name,
  219. title = v2GetResponse.Result.Title,
  220. mobile = v2GetResponse.Result.Mobile,
  221. jobNumber = v2GetResponse.Result.JobNumber,
  222. pid = 0,
  223. deptId = 0,
  224. deptName = null,
  225. depts = string.Join(",", v2GetResponse.Result.DeptIdList.ToArray()),
  226. avatar = v2GetResponse.Result.Avatar,
  227. isAdmin = v2GetResponse.Result.Admin,
  228. roles = "assist",
  229. permissions = "abilitystandard-read,batcharea-read,batchschool-read,orgusers-read"
  230. };
  231. if (!string.IsNullOrEmpty($"{ddUserInfo.mobile}"))
  232. {
  233. var coreUser = await _coreAPIHttpService.GetUserInfo(new Dictionary<string, string> { { "key", $"{ddUserInfo.mobile}" } }, _option.Location, _configuration);
  234. if (coreUser != null && coreUser.id != null) {
  235. ddUserInfo.tmdId = coreUser.id;
  236. ddUserInfo.tmdName = coreUser.name;
  237. ddUserInfo.tmdMobile = coreUser.mobile;
  238. ddUserInfo.picture = coreUser.mobile;
  239. ddUserInfo.mail = coreUser.mail;
  240. }
  241. else return Ok(new { state = 404, msg = "依据钉钉手机号未找到醍摩豆账号!" });
  242. //HttpClient httpClient = _http.CreateClient();
  243. //string url = _configuration.GetValue<string>("HaBookAuth:CoreId:userinfo");
  244. //List<string> mobiles = new() { $"{ ddUserInfo.mobile}" };
  245. //HttpResponseMessage responseMessage = await httpClient.PostAsJsonAsync(url, mobiles);
  246. //if (responseMessage.StatusCode == HttpStatusCode.OK)
  247. //{
  248. // string temp = responseMessage.Content.ReadAsStringAsync().Result;
  249. // List<JsonElement> json_id = temp.ToObject<List<JsonElement>>();
  250. // if (json_id.Count > 0)
  251. // {
  252. // foreach (var tmd in json_id)
  253. // {
  254. // ddUserInfo.tmdId = tmd.GetProperty("id").ToString();
  255. // ddUserInfo.tmdName = tmd.GetProperty("name").ToString();
  256. // ddUserInfo.tmdMobile = tmd.GetProperty("mobile").ToString();
  257. // ddUserInfo.picture = tmd.GetProperty("picture").ToString();
  258. // ddUserInfo.mail = tmd.GetProperty("mail").ToString();
  259. // }
  260. // }
  261. // else return Ok(new { state = 404, msg = "依据钉钉手机号未找到醍摩豆账号!" });
  262. //}
  263. }
  264. else return Ok(new { state = 404, msg = "钉钉手机号为空" });
  265. List<string> schoolIds = await CommonFind.FindSchoolIds(cosmosClient, ddUserInfo.tmdId);
  266. if (schoolIds.Count > 0)
  267. {
  268. ddUserInfo.schoolIds = string.Join("|", schoolIds);
  269. }
  270. ddUserInfo = await table.Save<DingDingUserInfo>(ddUserInfo);
  271. //保存操作记录
  272. //await _azureStorage.SaveBILog("tabledd-update", $"{ddUserInfo.tmdName}【{ddUserInfo.tmdId}】醍摩豆账号和{ddUserInfo.name}【{ddUserInfo.RowKey}】钉钉账户绑定成功", _dingDing, httpContext: HttpContext, tid: ddUserInfo.tmdId, tname: ddUserInfo.tmdName, twebsite: Website);
  273. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{ddUserInfo.tmdName}【{ddUserInfo.tmdId}】醍摩豆账号和{ddUserInfo.name}【{ddUserInfo.RowKey}】钉钉账户绑定成功", _dingDing, httpContext: HttpContext, tid: ddUserInfo.tmdId, tname: ddUserInfo.tmdName, twebsite: Website);
  274. roles = !string.IsNullOrEmpty($"{ddUserInfo.roles}") ? new List<string>(ddUserInfo.roles.Split(",")) : new List<string>();
  275. roles = roles.Where(w => !string.IsNullOrEmpty(w)).ToList();
  276. permissions = !string.IsNullOrEmpty($"{ddUserInfo.permissions}") ? new List<string>(ddUserInfo.permissions.Split(",")) : new List<string>();
  277. if (ddUserInfo.depts.Contains($"{proDeptId}")) isExploit = true;
  278. if (ddUserInfo.deptId == long.Parse($"{proDeptId}")) isExploit = true;
  279. if (ddUserInfo.pid == long.Parse($"{proDeptId}")) isExploit = true;
  280. //自己写的
  281. id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, ddUserInfo.tmdId?.ToString(), ddUserInfo.tmdName?.ToString(), ddUserInfo.picture?.ToString(), _option.JwtSecretKey, scope: "assist", webSite: Website, isex: isExploit, ddUserInfo.userId?.ToString(), ddUserInfo.name?.ToString(), ddUserInfo.avatar?.ToString(), roles: roles?.ToArray(), permissions: permissions?.ToArray(), expire: 3);
  282. }
  283. if (Website.Equals(BIConst.Global))
  284. {
  285. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete, BIConst.Global);
  286. }
  287. else
  288. {
  289. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete);
  290. }
  291. //(osblob_uri, osblob_sas) = roles.Contains("assist") ? _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete) : _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List, BIConst.Global);
  292. return Ok(new { state = 200, ddUserInfos = ddusers, id_token, roles, permissions, osblob_uri, osblob_sas });
  293. }
  294. catch (Exception ex)
  295. {
  296. await _dingDing.SendBotMsg($"BI, {_option.Location} /common/login/get-ddscancode \n {ex.Message}\n{ex.StackTrace}", GroupNames.成都开发測試群組);
  297. return BadRequest();
  298. }
  299. }
  300. /// <summary>
  301. /// 钉钉绑定醍摩豆
  302. /// </summary>
  303. /// <returns></returns>
  304. [ProducesDefaultResponseType]
  305. [HttpPost("set-bind")]
  306. public async Task<IActionResult> BindUser(JsonElement jsonElement)
  307. {
  308. try
  309. {
  310. if (!jsonElement.TryGetProperty("partitionKey", out JsonElement partitionKey)) return BadRequest();
  311. if (!jsonElement.TryGetProperty("rowKey", out JsonElement userId)) return BadRequest();
  312. jsonElement.TryGetProperty("id_token", out JsonElement idtoken);
  313. jsonElement.TryGetProperty("mobile", out JsonElement mobile);
  314. jsonElement.TryGetProperty("site", out JsonElement site);
  315. string Website = "China";
  316. var tableClient = _azureStorage.GetCloudTableClient();
  317. var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
  318. if ($"{site}".Equals(BIConst.Global))
  319. {
  320. tableClient = _azureStorage.GetCloudTableClient(BIConst.Global);
  321. blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public", BIConst.Global);
  322. Website = BIConst.Global;
  323. }
  324. HttpClient httpClient = _http.CreateClient();
  325. var table = _azureStorage.GetCloudTableClient().GetTableReference("BIDDUserInfo");
  326. var tempUser = await table.FindListByDict<DingDingUserInfo>(new Dictionary<string, object> { { "PartitionKey", $"{partitionKey}" }, { "userId", $"{userId}" } });
  327. var id_token = "";
  328. var auth_token = "";
  329. List<DingDingUserInfo> ddUserInfos = new();
  330. List<string> roles = new();//角色列表
  331. List<string> permissions = new();//权限列表
  332. foreach (var itemUser in tempUser)
  333. {
  334. if (!string.IsNullOrEmpty($"{idtoken}"))
  335. {
  336. JwtSecurityToken jwt = new JwtSecurityToken($"{idtoken}");
  337. var tmdId = jwt.Payload.Sub;
  338. jwt.Payload.TryGetValue("name", out object tmdName);
  339. jwt.Payload.TryGetValue("picture", out object picture);
  340. itemUser.tmdId = tmdId;
  341. itemUser.tmdName = $"{tmdName}";
  342. itemUser.tmdMobile = itemUser.mobile;
  343. itemUser.picture = $"{picture}";
  344. }
  345. if (!string.IsNullOrEmpty($"{mobile}"))
  346. {
  347. var coreUser = await _coreAPIHttpService.GetUserInfo(new Dictionary<string, string> { { "key", $"{mobile}" } }, _option.Location, _configuration);
  348. if (coreUser != null && coreUser.id != null)
  349. {
  350. itemUser.tmdId = coreUser.id;
  351. itemUser.tmdName = coreUser.name;
  352. itemUser.tmdMobile = coreUser.mobile;
  353. itemUser.picture = coreUser.mobile;
  354. itemUser.mail = coreUser.mail;
  355. }
  356. else return Ok(new { state = 404, msg = "手机号未找到醍摩豆账户" });
  357. //string url = _configuration.GetValue<string>("HaBookAuth:CoreId:userinfo");
  358. //List<string> mobiles = new() { $"{mobile}" };
  359. //HttpResponseMessage responseMessage = await httpClient.PostAsJsonAsync(url, mobiles);
  360. //if (responseMessage.StatusCode == HttpStatusCode.OK)
  361. //{
  362. // var temp = await responseMessage.Content.ReadAsStringAsync();
  363. // if (temp.Length > 0)
  364. // {
  365. // List<JsonElement> itemjson = temp.ToObject<List<JsonElement>>();
  366. // foreach (var item in itemjson)
  367. // {
  368. // itemUser.tmdId = item.GetProperty("id").ToString();
  369. // itemUser.tmdName = item.GetProperty("name").ToString();
  370. // itemUser.tmdMobile = item.GetProperty("mobile").ToString();
  371. // itemUser.picture = item.GetProperty("picture").ToString();
  372. // itemUser.mail = item.GetProperty("mail").ToString();
  373. // }
  374. // }
  375. //}
  376. //else return Ok(new { state = 404, msg = "手机号未找到醍摩豆账户" });
  377. }
  378. if (string.IsNullOrEmpty($"{mobile}") && string.IsNullOrEmpty($"{idtoken}"))
  379. return Ok(new { state = 400, msg = "mobile、idtoken参数错误" });
  380. else
  381. {
  382. ddUserInfos.Add(itemUser);
  383. roles = !string.IsNullOrEmpty($"{itemUser.roles}") ? new List<string>(itemUser.roles.Split(",")) : new List<string>();
  384. roles = roles.Where(w => !string.IsNullOrEmpty(w)).ToList();
  385. //保存操作记录
  386. //await _azureStorage.SaveBILog("tabledd-update", $"{itemUser.tmdName}【{itemUser.tmdId}】醍摩豆账号和{itemUser.name}【{itemUser.userId}】钉钉账户绑定成功", _dingDing, tid: itemUser.tmdId, tname: itemUser.name, twebsite: Website, httpContext: HttpContext);
  387. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{itemUser.tmdName}【{itemUser.tmdId}】醍摩豆账号和{itemUser.name}【{itemUser.userId}】钉钉账户绑定成功", _dingDing, tid: itemUser.tmdId, tname: itemUser.name, twebsite: Website, httpContext: HttpContext);
  388. id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, itemUser.tmdId?.ToString(), itemUser.tmdName?.ToString(), itemUser.picture?.ToString(), _option.JwtSecretKey, scope: "assist", webSite: Website, isex: false, itemUser.userId?.ToString(), itemUser.name?.ToString(), itemUser.avatar?.ToString(), roles: roles?.ToArray(), permissions: permissions?.ToArray(), expire: 3);
  389. }
  390. }
  391. ddUserInfos = await table.UpdateAll(ddUserInfos);
  392. string osblob_uri = null, osblob_sas = null;
  393. if (Website.Equals(BIConst.Global))
  394. {
  395. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete, BIConst.Global);
  396. }
  397. else
  398. {
  399. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete);
  400. }
  401. //blob 访问权限
  402. //var (osblob_uri, osblob_sas) = roles.Contains("assist") ? _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete) : _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List);
  403. return Ok(new { state = 200, ddUserInfos, id_token, roles, osblob_uri, osblob_sas });
  404. }
  405. catch (Exception ex)
  406. {
  407. await _dingDing.SendBotMsg($"BI, {_option.Location} /common/login/set-bind \n {ex.Message}\n{ex.StackTrace}", GroupNames.成都开发測試群組);
  408. return BadRequest();
  409. }
  410. }
  411. /// <summary>
  412. /// 获取钉钉信息详情绑定醍摩豆和钉钉信息 二合一
  413. /// </summary>
  414. /// <param name="jsonElement"></param>
  415. /// <returns></returns>
  416. [ProducesDefaultResponseType]
  417. [HttpPost("get-ddinfo")]
  418. public async Task<IActionResult> GetDingDingInfo(JsonElement jsonElement)
  419. {
  420. try
  421. {
  422. if (!jsonElement.TryGetProperty("mobile", out JsonElement moile)) return BadRequest();
  423. if (!jsonElement.TryGetProperty("partitionKey", out JsonElement partitionKey)) return BadRequest();
  424. if (!jsonElement.TryGetProperty("rowKey", out JsonElement userId)) return BadRequest();
  425. jsonElement.TryGetProperty("site", out JsonElement site);
  426. string Website = "China";
  427. var tableClient = _azureStorage.GetCloudTableClient();
  428. var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
  429. if ($"{site}".Equals(BIConst.Global))
  430. {
  431. tableClient = _azureStorage.GetCloudTableClient(BIConst.Global);
  432. blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public", BIConst.Global);
  433. Website = BIConst.Global;
  434. }
  435. var table = tableClient.GetTableReference("BIDDUserInfo");
  436. var tempUser = await table.FindListByDict<DingDingUserInfo>(new Dictionary<string, object> { { "PartitionKey", $"{partitionKey}" }, { "userId", $"{userId}" } });
  437. List<string> roles = new();//角色列表
  438. List<string> permissions = new();//权限列表
  439. List<DingDingUserInfo> ddUserInfos = new();
  440. var id_token = "";
  441. foreach (var itemUser in tempUser)
  442. {
  443. if (!string.IsNullOrEmpty($"{itemUser.tmdId}") && !string.IsNullOrEmpty($"{itemUser.tmdName}"))
  444. {
  445. //roles = new List<string>(itemUser.roles.Split(new string[] { "," }, StringSplitOptions.RemoveEmptyEntries));
  446. roles = !string.IsNullOrEmpty($"{itemUser.roles}") ? new List<string>(itemUser.roles.Split(",")) : new List<string>();
  447. permissions = !string.IsNullOrEmpty($"{itemUser.permissions}") ? new List<string>(itemUser.permissions.Split(",")) : new List<string>();
  448. ddUserInfos.Add(itemUser);
  449. }
  450. else
  451. {
  452. var coreUser = await _coreAPIHttpService.GetUserInfo(new Dictionary<string, string> { { "key", $"{moile}" } }, _option.Location, _configuration);
  453. if (coreUser != null && coreUser.id != null)
  454. {
  455. itemUser.tmdId = coreUser.id;
  456. itemUser.tmdName = coreUser.name;
  457. itemUser.tmdMobile = coreUser.mobile;
  458. itemUser.picture = coreUser.mobile;
  459. itemUser.mail = coreUser.mail;
  460. roles = !string.IsNullOrEmpty($"{itemUser.roles}") ? new List<string>(itemUser.roles.Split(",")) : new List<string>();
  461. permissions = !string.IsNullOrEmpty($"{itemUser.permissions}") ? new List<string>(itemUser.permissions.Split(",")) : new List<string>();
  462. ddUserInfos.Add(itemUser);
  463. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{coreUser.name}【{coreUser.id}】醍摩豆账号和{itemUser.name}【{itemUser.userId}】钉钉账户绑定成功", _dingDing, tid: itemUser.tmdId, tname: itemUser.name, twebsite: Website, httpContext: HttpContext);
  464. }
  465. else return Ok(new { state = 400, message = "该手机没有注册醍摩豆账号信息" });
  466. //HttpClient httpClient = _http.CreateClient();
  467. //string url = _configuration.GetValue<string>("HaBookAuth:CoreId:userinfo");
  468. //HttpResponseMessage responseMessage = await httpClient.PostAsJsonAsync(url, moile);
  469. //if (responseMessage.StatusCode == HttpStatusCode.OK)
  470. //{
  471. // var temp = await responseMessage.Content.ReadAsStringAsync();
  472. // if (temp.Length > 0)
  473. // {
  474. // List<JsonElement> itemjson = temp.ToObject<List<JsonElement>>();
  475. // string tmdId = null;
  476. // string tmdName = null;
  477. // foreach (var item in itemjson)
  478. // {
  479. // tmdId = item.GetProperty("id").ToString();
  480. // tmdName = item.GetProperty("name").ToString();
  481. // itemUser.tmdId = tmdId?.ToString();
  482. // itemUser.tmdName = tmdName?.ToString();
  483. // itemUser.tmdMobile = item.GetProperty("mobile").ToString();
  484. // itemUser.picture = item.GetProperty("picture").ToString();
  485. // itemUser.mail = item.GetProperty("mail").ToString();
  486. // roles = !string.IsNullOrEmpty($"{itemUser.roles}") ? new List<string>(itemUser.roles.Split(",")) : new List<string>();
  487. // permissions = !string.IsNullOrEmpty($"{itemUser.permissions}") ? new List<string>(itemUser.permissions.Split(",")) : new List<string>();
  488. // ddUserInfos.Add(itemUser);
  489. // }
  490. // ddUserInfos = await table.UpdateAll<DingDingUserInfo>(ddUserInfos);
  491. // //保存操作记录
  492. // //await _azureStorage.SaveBILog("tabledd-update", $"{tmdName}【{tmdId}】醍摩豆账号和{itemUser.name}【{itemUser.userId}】钉钉账户绑定成功", _dingDing, tid: itemUser.tmdId, tname: itemUser.name, twebsite: Website, httpContext: HttpContext);
  493. // await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{tmdName}【{tmdId}】醍摩豆账号和{itemUser.name}【{itemUser.userId}】钉钉账户绑定成功", _dingDing, tid: itemUser.tmdId, tname: itemUser.name, twebsite: Website, httpContext: HttpContext);
  494. // }
  495. // else return Ok(new { state = 400, message = "该手机没有注册醍摩豆账号信息" });
  496. //}
  497. //else return Ok(new { state = responseMessage.StatusCode });
  498. }
  499. //自己写的
  500. id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, itemUser.tmdId?.ToString(), itemUser.tmdName?.ToString(), itemUser.picture?.ToString(), _option.JwtSecretKey, scope: "assist", webSite: Website, isex: false, itemUser.userId?.ToString(), itemUser.name?.ToString(), itemUser.avatar?.ToString(), roles: roles?.ToArray(), permissions: permissions?.ToArray(), expire: 3);
  501. }
  502. await table.SaveOrUpdateAll<DingDingUserInfo>(ddUserInfos);
  503. string osblob_uri = null, osblob_sas = null;
  504. if (Website.Equals(BIConst.Global))
  505. {
  506. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete, BIConst.Global);
  507. }
  508. else
  509. {
  510. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete);
  511. }
  512. //var (osblob_uri, osblob_sas) = roles.Contains("assist") ? _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete) : _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List);
  513. return Ok(new { state = 200, ddUserInfos, id_token, roles, permissions, osblob_uri, osblob_sas });
  514. }
  515. catch (Exception ex)
  516. {
  517. await _dingDing.SendBotMsg($"BI,{_option.Location} /common/login/get-ddinfo \n {ex.Message}\n{ex.StackTrace}", GroupNames.成都开发測試群組);
  518. return BadRequest();
  519. }
  520. }
  521. /// <summary>
  522. /// 登录 第三方用户数据在CosmosDB
  523. /// </summary>
  524. /// <param name="jsonElement"></param>
  525. /// <returns></returns>
  526. [ProducesDefaultResponseType]
  527. [HttpPost("get-bizuser")]
  528. public async Task<IActionResult> GetBizUserLogin(JsonElement jsonElement)
  529. {
  530. jsonElement.TryGetProperty("mobile", out JsonElement mobile);
  531. jsonElement.TryGetProperty("mail", out JsonElement mail);
  532. if (!jsonElement.TryGetProperty("pwd", out JsonElement password)) return BadRequest();
  533. jsonElement.TryGetProperty("site", out JsonElement site);
  534. var cosmosClient = _azureCosmos.GetCosmosClient();
  535. var tableClient = _azureStorage.GetCloudTableClient();
  536. var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
  537. if ($"{site}".Equals(BIConst.Global))
  538. {
  539. cosmosClient = _azureCosmos.GetCosmosClient(name: BIConst.Global);
  540. tableClient = _azureStorage.GetCloudTableClient(BIConst.Global);
  541. blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public", BIConst.Global);
  542. }
  543. string loginSql = null;
  544. if (!string.IsNullOrEmpty($"{mobile}"))
  545. loginSql = $"select value(c) from c where c.mobile ={mobile}";
  546. else if (!string.IsNullOrEmpty($"{mail}"))
  547. loginSql = $"select value(c) from c where c.mail ={mail}";
  548. else return Ok(new { state = RespondCode.ParamsError, msg = "手机号/和邮箱为空" });
  549. List<BusinessUsers> bizUsers = new();
  550. await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BusinessUsers>(queryText:loginSql,requestOptions:new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
  551. {
  552. bizUsers.Add(item);
  553. }
  554. BusinessUsers businessUsers = new(); string openid_token = null;
  555. if (bizUsers.Count > 0)
  556. {
  557. foreach (var item in bizUsers)
  558. {
  559. var hashedPw = Utils.HashedPassword(password.ToString(), item.salt.ToString());
  560. if (hashedPw.Equals(item.pwd))
  561. {
  562. businessUsers = item;
  563. //string id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, bizUser.RowKey?.ToString(), bizUser.name?.ToString(), bizUser.picture?.ToString(), _option.JwtSecretKey, scope: "company", webSite: Website, expire: 3);
  564. openid_token = JwtAuthExtension.CreateBizLoginAuthToken(_option.HostName, businessUsers.id?.ToString(), businessUsers.name?.ToString(), businessUsers.picture?.ToString(), $"{_option.Location}-Open", _option.JwtSecretKey, expire: 3);
  565. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{businessUsers.name}【{businessUsers.id}】登录开放平台", _dingDing, tid: businessUsers.id, tname: businessUsers.name, twebsite: "Open", httpContext: HttpContext);
  566. }
  567. }
  568. }
  569. else return Ok(new { state = RespondCode.NotFound, msg = "未找到该用户!" });
  570. if (businessUsers.id != null)
  571. return Ok(new { state = RespondCode.Ok, openid_token, businessUsers });
  572. else
  573. return Ok(new { state = RespondCode.ForbiddenPwd, msg = "密码错误" });
  574. }
  575. /// <summary>
  576. /// 注册 第三方用户数据在CosmosDB
  577. /// </summary>
  578. /// <param name="jsonElement"></param>
  579. /// <returns></returns>
  580. [HttpPost("set-bizuser")]
  581. public async Task<IActionResult> SetBizUserLogin(JsonElement jsonElement)
  582. {
  583. jsonElement.TryGetProperty("name", out JsonElement name);
  584. if (!jsonElement.TryGetProperty("mobile", out JsonElement mobile)) return BadRequest();
  585. jsonElement.TryGetProperty("mail", out JsonElement mail);
  586. jsonElement.TryGetProperty("pwd", out JsonElement pwd);
  587. jsonElement.TryGetProperty("site", out JsonElement site);
  588. var cosmosClient = _azureCosmos.GetCosmosClient();
  589. var tableClient = _azureStorage.GetCloudTableClient();
  590. var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
  591. if ($"{site}".Equals(BIConst.Global))
  592. {
  593. cosmosClient = _azureCosmos.GetCosmosClient(name: BIConst.Global);
  594. tableClient = _azureStorage.GetCloudTableClient(BIConst.Global);
  595. blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public", BIConst.Global);
  596. }
  597. string loginSql = null;
  598. if (!string.IsNullOrEmpty($"{mobile}"))
  599. loginSql = $"select value(c) from c where c.mobile ={mobile}";
  600. else if (!string.IsNullOrEmpty($"{mail}"))
  601. loginSql = $"select value(c) from c where c.mail ={mail}";
  602. else return Ok(new { state = RespondCode.ParamsError, msg = "手机号/和邮箱为空" });
  603. List<BizUsers> tempBizUsers = new();
  604. await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<BizUsers>(queryText: loginSql, requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("BizUsers") }))
  605. {
  606. tempBizUsers.Add(item);
  607. }
  608. if (tempBizUsers.Count > 0)
  609. return Ok(new { state = RespondCode.Conflict, msg = "已存在" });
  610. else
  611. {
  612. string salt = Utils.CreatSaltString(8);
  613. BizUsers bizUsers = new()
  614. {
  615. id = Guid.NewGuid().ToString(),
  616. code = "BizUsers",
  617. name = string.IsNullOrEmpty($"{name}") ? $"{mobile}" : $"{name}",
  618. mobile = mobile.GetInt64(),
  619. salt = salt,
  620. pwd = string.IsNullOrEmpty($"{pwd}") ? Utils.HashedPassword($"{mobile}", salt) : Utils.HashedPassword($"{pwd}", salt),
  621. };
  622. bizUsers = await cosmosClient.GetContainer("TEAMModelOS", "Normal").CreateItemAsync<BizUsers>(bizUsers, new PartitionKey("BizUsers"));
  623. string log = $"{bizUsers.name}【{bizUsers.id}】注册第三方用户信息基础信息。";
  624. //保存操作记录
  625. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "login-login", log, _dingDing, httpContext: HttpContext);
  626. var openid_token = JwtAuthExtension.CreateBizLoginAuthToken(_option.HostName, bizUsers.id?.ToString(), bizUsers.name?.ToString(), bizUsers.picture?.ToString(), $"{_option.Location}-Open", _option.JwtSecretKey, expire: 3);
  627. return Ok(new { state = RespondCode.Ok, openid_token, bizUsers });
  628. }
  629. }
  630. }
  631. }