统一认证秘钥解密在加密

Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/HomeController.cs

@@ -96,16 +96,22 @@ namespace Learun.Application.Web.Controllers
                     if (perm_application != null)
                     {
                         //写入当前请求所登录的用户
-                        var code = Util.CommonHelper.RndNum(9);
-                        redisCache.Write(code, userinfo.account, TimeSpan.FromMinutes(10));
+                        //var code = Util.CommonHelper.RndNum(9);
+                        //redisCache.Write(code, userinfo.account, TimeSpan.FromMinutes(10));
                         var url = perm_application.FUrl;
                         if (url.Contains("?"))
                         {
-                            url += "&appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32) + "&name=" + DESEncrypt.Encrypt(userinfo.realName, perm_application.FSecret, false) + "&no=" + DESEncrypt.Encrypt(userinfo.enCode, perm_application.FSecret, false) + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
+                            url += "&appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32)
+                            + "&name=" + DESEncrypt.Encrypt(userinfo.realName, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&no=" + DESEncrypt.Encrypt(userinfo.enCode, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
                         }
                         else
                         {
-                            url += "?appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32) + "&name=" + DESEncrypt.Encrypt(userinfo.realName, perm_application.FSecret, false) + "&no=" + DESEncrypt.Encrypt(userinfo.enCode, perm_application.FSecret, false) + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
+                            url += "?appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32)
+                            + "&name=" + DESEncrypt.Encrypt(userinfo.realName, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&no=" + DESEncrypt.Encrypt(userinfo.enCode, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
                         }
                         return Redirect(url);
                     }

Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/LoginController.cs

@@ -681,11 +681,17 @@ namespace Learun.Application.Web.Controllers
                         var url = perm_application.FUrl;
                         if (url.Contains("?"))
                         {
-                            url += "&appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32) + "&name=" + DESEncrypt.Encrypt(userEntity.F_RealName, perm_application.FSecret, false) + "&no=" + DESEncrypt.Encrypt(userEntity.F_EnCode, perm_application.FSecret, false) + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(token);
+                            url += "&appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32)
+                            + "&name=" + DESEncrypt.Encrypt(userinfo.realName, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&no=" + DESEncrypt.Encrypt(userinfo.enCode, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
                         }
                         else
                         {
-                            url += "?appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32) + "&name=" + DESEncrypt.Encrypt(userEntity.F_RealName, perm_application.FSecret, false) + "&no=" + DESEncrypt.Encrypt(userEntity.F_EnCode, perm_application.FSecret, false) + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(token);
+                            url += "?appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32)
+                            + "&name=" + DESEncrypt.Encrypt(userinfo.realName, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&no=" + DESEncrypt.Encrypt(userinfo.enCode, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
                         }
                         Returnurl = url;
                     }

Learun.Framework.Ultimate V7/Learun.Application.WebApi/Modules/SSOApi.cs

@@ -258,15 +258,20 @@ namespace Learun.Application.WebApi.Modules
                     //写入当前请求所登录的用户
                     var code = Util.CommonHelper.RndNum(9);
                     cache.Write(code, userinfo.account, TimeSpan.FromMinutes(10));
-
                     var url = perm_application.FUrl;
                     if (url.Contains("?"))
                     {
-                        url += "&appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32) + "&name=" + DESEncrypt.Encrypt(userinfo.realName, perm_application.FSecret, false) + "&no=" + DESEncrypt.Encrypt(userinfo.enCode, perm_application.FSecret, false) + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
+                        url += "&appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32)
+                            + "&name=" + DESEncrypt.Encrypt(userinfo.realName, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&no=" + DESEncrypt.Encrypt(userinfo.enCode, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
                     }
                     else
                     {
-                        url += "?appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32) + "&name=" + DESEncrypt.Encrypt(userinfo.realName, perm_application.FSecret, false) + "&no=" + DESEncrypt.Encrypt(userinfo.enCode, perm_application.FSecret, false) + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
+                        url += "?appkey=" + Md5Helper.Encrypt(perm_application.FSecret, 32)
+                            + "&name=" + DESEncrypt.Encrypt(userinfo.realName, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&no=" + DESEncrypt.Encrypt(userinfo.enCode, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false)
+                            + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
                     }
                     return Success(new { FInterfaceUrl = url });
                 }