4 changed files with 89 additions and 37 deletions
Split View
Diff Options
-
+21 -16Learun.Framework.Ultimate V7/Doc文档/数字化智慧校园统一身份认证oauth2.0对接说明V1.0.docx
-
+24 -3Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/HomeController.cs
-
+15 -2Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/LoginController.cs
-
+29 -16Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/SSOSystemController.cs
+ 21
- 16
Learun.Framework.Ultimate V7/Doc文档/数字化智慧校园统一身份认证oauth2.0对接说明V1.0.docx
View File
| @@ -45,9 +45,11 @@ http://demo.bjquanjiang.com:8081/ 测试用户名:thirdtest密码:123456 | |||
| 至此,统一应用端配置完毕。 | |||
| 第二步 获取授权码(authorization code) | |||
| 采用标准Http Get请求方式,code有效期为10分钟 | |||
| 请求地址:http://demo.bjquanjiang.com:8081/SSOSystem/authorize?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code | |||
| 第二步 获取授权用户信息 | |||
| 接上一步,点击统一认证平台中的【进入系统】后,系统会根据各系统在【应用配置】功能中填写的【登录接口地址】重定向到【登录接口地址】并携带参数appkey,对接方需要获取appkey,并发送请求到授权接口换取当前登录用户信息。 | |||
| 授权接口采用标准Http Get请求方式,appkey有效期为10分钟 | |||
| 请求地址:http://demo.bjquanjiang.com:8081/SSOSystem/authorize?appid=APPID&secret=SECRET&appkey=APPKEY | |||
| 参数说明 | |||
| 参数 | |||
| 是否必须 | |||
| @@ -55,18 +57,21 @@ http://demo.bjquanjiang.com:8081/ 测试用户名:thirdtest密码:123456 | |||
| appid | |||
| 是 | |||
| 应用唯一标识 | |||
| redirect_uri | |||
| secret | |||
| 是 | |||
| 获取授权码成功后重定向到的地址 | |||
| 请使用urlEncode对链接进行处理 | |||
| response_type | |||
| 密钥 | |||
| appkey | |||
| 是 | |||
| 填code | |||
| 获取到code后,授权系统会重定向到redirect_uri地址并携带code参数,例如: | |||
| http://demo.bjquanjiang.com:8081/Login/CheckLoginForSSO20?code=CODE | |||
| 第三步:通过code获取access_token | |||
| 通过code获取access_token | |||
| 示例代码仅供参考: | |||
| C# | |||
| 统一认证平台重定向携带的appkey参数值 | |||
| 返回成功结果示例: | |||
| { | |||
| "code": 200, | |||
| "info": "响应成功", | |||
| "data": { | |||
| "useraccount": "user01" | |||
| } | |||
| } | |||
| 第三步:获取useraccount并实现系统登录逻辑 | |||
| 当获取到useraccount数据时,说明用户 | |||
+ 24
- 3
Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/HomeController.cs
View File
| @@ -56,6 +56,7 @@ namespace Learun.Application.Web.Controllers | |||
| private Sys_UpdateRecordIBLL sys_UpdateRecordIBLL = new Sys_UpdateRecordBLL(); | |||
| private Perm_FunctionIBLL perm_FunctionIBLL = new Perm_FunctionBLL(); | |||
| private ICache redisCache = CacheFactory.CaChe(); | |||
| #region 视图功能 | |||
| public ActionResult ChangePwd() | |||
| @@ -79,13 +80,33 @@ namespace Learun.Application.Web.Controllers | |||
| string redi = Request.QueryString["redi"]; | |||
| if (!string.IsNullOrEmpty(redi)) | |||
| { | |||
| var perm_application = perm_FunctionIBLL.GetPerm_FunctionEntity(Request.QueryString["appid"]); | |||
| if (perm_application != null) | |||
| var userinfo = LoginUserInfo.Get(); | |||
| if (userinfo != null) | |||
| { | |||
| return Redirect(perm_application.FInterfaceUrl); | |||
| var perm_application = perm_FunctionIBLL.GetPerm_FunctionEntity(Request.QueryString["appid"]); | |||
| if (perm_application != null) | |||
| { | |||
| //写入当前请求所登录的用户 | |||
| var code = Util.CommonHelper.RndNum(9); | |||
| redisCache.Write(code, userinfo.account, TimeSpan.FromMinutes(10)); | |||
| var url = perm_application.FInterfaceUrl; | |||
| if (url.Contains("?")) | |||
| { | |||
| url += "&appkey=" + DESEncrypt.Encrypt(code, "bjqjsso"); | |||
| } | |||
| else | |||
| { | |||
| url += "?appkey=" + DESEncrypt.Encrypt(code, "bjqjsso"); | |||
| } | |||
| return Redirect(url); | |||
| } | |||
| else | |||
| return RedirectToAction("Index"); | |||
| } | |||
| else | |||
| { | |||
| return RedirectToAction("Index"); | |||
| } | |||
| } | |||
| return View(); | |||
| } | |||
+ 15
- 2
Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/LoginController.cs
View File
| @@ -802,11 +802,11 @@ namespace Learun.Application.Web.Controllers | |||
| string WeixinOpenId = Request["WeixinOpenId"]; | |||
| ViewBag.WeixinOpenId = WeixinOpenId; | |||
| ViewBag.QQOpenId = QQOpenId; | |||
| //获取高职版跳转地址 | |||
| ViewBag.DigitalschoolMisLoginurl = ConfigurationManager.AppSettings["DigitalschoolMisLoginurl"]; | |||
| ViewBag.Returnurl = "http://" + Request.Url.Host + ":" + Request.Url.Port; | |||
| //获取在线用户人数 | |||
| ViewBag.OnlineUserNum = 0; | |||
| var onlineUserResult = sys_UpdateRecordIBLL.GetOnlineUserNum(); | |||
| @@ -891,6 +891,19 @@ namespace Learun.Application.Web.Controllers | |||
| #endregion | |||
| #region 统一身份认证2.0 | |||
| public ActionResult CheckLoginForSSO20() | |||
| { | |||
| string appid = "76d40062-349f-486d-b871-35bed08d2f59"; | |||
| string secret = "cgpi"; | |||
| string appkey =Request.QueryString["appkey"]; | |||
| string response = Util.HttpMethods.HttpGet("http://localhost:20472/SSOSystem/authorize?appid=" + appid + "&secret=" + secret + "&appkey="+ appkey); | |||
| return Content(response); | |||
| } | |||
| #endregion | |||
| /// <summary> | |||
| /// 获取IP | |||
| /// </summary> | |||
+ 29
- 16
Learun.Framework.Ultimate V7/Learun.Application.Web/Controllers/SSOSystemController.cs
View File
| @@ -13,6 +13,8 @@ using System.Configuration; | |||
| using System.Linq; | |||
| using System.Web; | |||
| using System.Web.Mvc; | |||
| using Learun.Cache.Base; | |||
| using Learun.Cache.Factory; | |||
| using Newtonsoft.Json; | |||
| namespace Learun.Application.Web.Controllers | |||
| @@ -34,50 +36,61 @@ namespace Learun.Application.Web.Controllers | |||
| AnnexesFileIBLL annexesFileIBLL = new AnnexesFileBLL(); | |||
| private Sys_ReceiveFileIBLL sys_ReceiveFileIBLL = new Sys_ReceiveFileBLL(); | |||
| private Perm_FunctionVisitIBLL functionVisitIbll = new Perm_FunctionVisitBLL(); | |||
| private ICache redisCache = CacheFactory.CaChe(); | |||
| #region 统一身份认证2.0 | |||
| /// <summary> | |||
| /// 请求code | |||
| /// 获取统一认证用户信息 | |||
| /// </summary> | |||
| /// <returns></returns> | |||
| public ActionResult authorize() | |||
| { | |||
| string appid = Request.QueryString["appid"]; | |||
| string redirect_uri = Request.QueryString["redirect_uri"]; | |||
| string response_type = Request.QueryString["response_type"]; | |||
| string secret = Request.QueryString["secret"]; | |||
| string appkey = Request.QueryString["appkey"]; | |||
| if (string.IsNullOrEmpty(appid)) | |||
| { | |||
| return Fail("参数:appid不能为空"); | |||
| } | |||
| if (string.IsNullOrEmpty(redirect_uri)) | |||
| if (string.IsNullOrEmpty(secret)) | |||
| { | |||
| return Fail("参数:redirect_uri不能为空"); | |||
| return Fail("参数:secret不能为空"); | |||
| } | |||
| if (string.IsNullOrEmpty(response_type)) | |||
| if (string.IsNullOrEmpty(appkey)) | |||
| { | |||
| return Fail("参数:response_type不能为空"); | |||
| } | |||
| if (response_type!="code") | |||
| { | |||
| return Fail("参数:response_type必须为code"); | |||
| return Fail("参数:appkey不能为空"); | |||
| } | |||
| var application = perm_FunctionIBLL.GetPerm_FunctionEntity(appid); | |||
| if (application != null) | |||
| { | |||
| if (application.FInterfaceUrl.Equals(redirect_uri)) | |||
| if (Util.DESEncrypt.Decrypt(application.FSecret, | |||
| ConfigurationManager.AppSettings["SSOPublicSecret"]).Equals(secret)) | |||
| { | |||
| var code = appid + Util.CommonHelper.RndNum(9); | |||
| return Success(""); | |||
| try | |||
| { | |||
| var code = DESEncrypt.Decrypt(appkey, "bjqjsso"); | |||
| if (!string.IsNullOrEmpty(redisCache.Read<string>(code))) | |||
| { | |||
| return Success(new { useraccount = redisCache.Read<string>(code) }); | |||
| } | |||
| else | |||
| { | |||
| return Fail("appkey已过期"); | |||
| } | |||
| } | |||
| catch (Exception e) | |||
| { | |||
| return Fail("appkey错误"); | |||
| } | |||
| } | |||
| else | |||
| { | |||
| return Fail("未授权的redirect_uri"); | |||
| return Fail("secret错误"); | |||
| } | |||
| } | |||
| else | |||
| return Fail("未授权的appid"); | |||
| } | |||
| #endregion | |||
| public ActionResult Index() | |||
| { | |||