DigitalScholl/Learun.Framework.Ultimate V7/Learun.Application.WebApi/Modules/SSOApi.cs

using Learun.Application.AppMagager;
using Learun.Util;
using Nancy;
using System.Collections.Generic;
using System.Linq;
using Learun.Application.Base.SystemModule;
using Learun.Application.TwoDevelopment.LR_Desktop;
using System.Text;
using System.Data;
using Learun.Application.OA;
using System.Configuration;
using Learun.Application.TwoDevelopment.Permission;
using System;
using Learun.Cache.Factory;
using Learun.Cache.Base;
using Learun.Util.Operat;

namespace Learun.Application.WebApi.Modules
{

    public class SSOApi : BaseApi
    {
        private Perm_FunctionIBLL perm_FunctionIBLL = new Perm_FunctionBLL();
        private Perm_FunctionTypeIBLL perm_FunctionTypeIBLL = new Perm_FunctionTypeBLL();
        Perm_UserPermissionIBLL permUserPermissionIbll = new Perm_UserPermissionBLL();
        private Perm_FunctionVisitIBLL functionVisitIbll = new Perm_FunctionVisitBLL();
        private ICache cache = CacheFactory.CaChe();

        public SSOApi()
            : base("/quanjiang/sso")
        {
            Get["/list"] = GetList;
            Get["/list20"] = GetList20;
            Get["/goto"] = GoTo;
            Get["/goto20"] = GoToApplication;
            Get["first"] = First;
            Post["first"] = FirstPost;
            Get["authorize"] = Authorize;
            Get["/out"] = outApplication;
            Get["/userstat"] = userstat;
        }

        #region 统一身份认证3.0
        /// <summary>
        /// 退出
        /// </summary>
        /// <param name="_"></param>
        /// <returns></returns>
        public Response outApplication(dynamic _)
        {
            string appid = Request.Query["appid"];
            string appkey = Request.Query["appkey"];
            string m = Request.Query["m"];
            string t = Request.Query["t"];
            if (string.IsNullOrEmpty(appid))
            {
                return Fail("参数:appid不能为空");
            }
            if (string.IsNullOrEmpty(appkey))
            {
                return Fail("参数:appkey不能为空");
            }
            if (string.IsNullOrEmpty(m))
            {
                return Fail("参数:m不能为空");
            }
            if (string.IsNullOrEmpty(t))
            {
                return Fail("参数:t不能为空");
            }
            var application = perm_FunctionIBLL.GetPerm_FunctionEntity(appid);
            if (application != null)
            {
                if (Md5Helper.Encrypt(application.FSecret, 32) == appkey)
                {
                    OperatorHelper.Instance.EmptyCurrent(DESEncrypt.Decrypt(t), DESEncrypt.Decrypt(m));
                    return SuccessString("true");
                }
                else
                {
                    return Fail("appkey错误");
                }
            }
            else
                return Fail("未授权的appid");
        }
        /// <summary>
        /// 获取用户登录状态
        /// </summary>
        /// <param name="_"></param>
        /// <returns></returns>
        public Response userstat(dynamic _)
        {
            string appid = Request.Query["appid"];
            string appkey = Request.Query["appkey"];
            string m = Request.Query["m"];
            string t = Request.Query["t"];
            if (string.IsNullOrEmpty(appid))
            {
                return Fail("参数:appid不能为空");
            }
            if (string.IsNullOrEmpty(appkey))
            {
                return Fail("参数:appkey不能为空");
            }
            if (string.IsNullOrEmpty(m))
            {
                return Fail("参数:m不能为空");
            }
            if (string.IsNullOrEmpty(t))
            {
                return Fail("参数:t不能为空");
            }
            var application = perm_FunctionIBLL.GetPerm_FunctionEntity(appid);
            if (application != null)
            {
                if (Md5Helper.Encrypt(application.FSecret, 32) == appkey)
                {
                    OperatorResult res = OperatorHelper.Instance.IsOnLine(DESEncrypt.Decrypt(t), DESEncrypt.Decrypt(m));
                    if (res.stateCode == 1)
                    {
                        return SuccessString("true");
                    }
                    else
                    {
                        return Fail("登录无效");
                    }
                }
                else
                {
                    return Fail("appkey错误");
                }
            }
            else
                return Fail("未授权的appid");
        }

        #endregion

        /// <summary>
        /// 统一身份认证2.0
        /// </summary>
        /// <param name="_"></param>
        /// <returns></returns>
        public Response Authorize(dynamic _)
        {
            string appid = Request.Query["appid"];
            string secret = Request.Query["secret"];
            string appkey = Request.Query["appkey"];
            if (string.IsNullOrEmpty(appid))
            {
                return Fail("参数:appid不能为空");
            }
            if (string.IsNullOrEmpty(secret))
            {
                return Fail("参数:secret不能为空");
            }
            if (string.IsNullOrEmpty(appkey))
            {
                return Fail("参数:appkey不能为空");
            }
            var application = perm_FunctionIBLL.GetPerm_FunctionEntity(appid);
            if (application != null)
            {
                if (Util.DESEncrypt.Decrypt(application.FSecret,
                    ConfigurationManager.AppSettings["SSOPublicSecret"]).Equals(secret))
                {
                    try
                    {
                        var code = DESEncrypt.Decrypt(appkey, "bjqjsso");

                        if (!string.IsNullOrEmpty(cache.Read<string>(code)))
                        {
                            return Success(new { useraccount = cache.Read<string>(code) });
                        }
                        else
                        {
                            return Fail("appkey已过期");
                        }
                    }
                    catch (Exception e)
                    {
                        return Fail("appkey错误");
                    }
                }
                else
                {
                    return Fail("secret错误");
                }
            }
            else
                return Fail("未授权的appid");
        }

        private Response FirstPost(dynamic _)
        {
            string publickey = ConfigurationManager.AppSettings["SSOPublicSecret"];
            var ssoparam = this.GetReqData<SSOParam>();
            if (!string.IsNullOrEmpty(ssoparam.UPId))
            {
                Perm_FunctionEntity up = new Perm_FunctionEntity();
                up.UPUserName = ssoparam.UPUserName;
                up.UPPass = ssoparam.UPPass;
                up.FId = ssoparam.FId;
                up.UserId = ssoparam.UserId;
                perm_FunctionIBLL.SaveEntityByUPId(ssoparam.UPId, up);
                return Success(new { FInterfaceUrl = "/SSO/GoTo?sysid=" + DESEncrypt.Encrypt(up.FId, publickey) + "&openid=" + DESEncrypt.Encrypt(up.UserId, publickey) });
            }
            else
            {
                return Fail("参数错误");
            }
        }

        private Response First(dynamic _)
        {
            string publickey = ConfigurationManager.AppSettings["SSOPublicSecret"];
            var ssoparam = this.GetReqData<SSOParam>();
            string sysid = ssoparam.sysid;
            string strsysid = DESEncrypt.Decrypt(sysid, publickey);
            string openid = ssoparam.openid;
            string userid = DESEncrypt.Decrypt(openid, publickey);
            var uplist = permUserPermissionIbll.GetPerm_UserPermissionEntityByFIdAndUid(strsysid, userid);
            if (uplist == null)
            {
                return Fail("用户未授权。");
            }
            var perfun = perm_FunctionIBLL.GetPerm_FunctionEntityByUPId(uplist.UPId);
            return Success(perfun);
        }

        public class SSOParam
        {
            public string sysid { get; set; }
            public string openid { get; set; }
            public string UPId { get; set; }
            public string FId { get; set; }
            public string UserId { get; set; }
            public string UPUserName { get; set; }
            public string UPPass { get; set; }
            public string appid { get; set; }
        }

        public Response GoToApplication(dynamic _)
        {
            var userinfo = userInfo;
            var ssoparam = this.GetReqData<SSOParam>();
            if (userinfo != null)
            {
                var type = 0;//1学生 0教师
                if (userinfo.Description == "学生")
                {
                    type = 1;
                }
                var perm_application = perm_FunctionIBLL.GetPerm_FunctionEntity(ssoparam.appid);
                if (perm_application != null)
                {
                    //写入当前请求所登录的用户
                    var code = Util.CommonHelper.RndNum(9);
                    cache.Write(code, userinfo.account, TimeSpan.FromMinutes(10));
                    var url = perm_application.FUrl;
                    if (url.Contains("?"))
                    {
                        url += "&appkey=" + Md5Helper.Encrypt(Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), 32) + "&name=" + DESEncrypt.Encrypt(userinfo.realName, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&no=" + DESEncrypt.Encrypt(userinfo.IdentityCardNo, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&acc=" + DESEncrypt.Encrypt(userinfo.enCode, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
                    }
                    else
                    {
                        url += "?appkey=" + Md5Helper.Encrypt(Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), 32) + "&name=" + DESEncrypt.Encrypt(userinfo.realName, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&no=" + DESEncrypt.Encrypt(userinfo.IdentityCardNo, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&acc=" + DESEncrypt.Encrypt(userinfo.enCode, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);
                    }
                    return Success(new { FInterfaceUrl = url });
                }
                else
                    return Fail("appid解析失败，请确认。");
            }
            else
            {
                return Fail("用户信息解析失败，请确认。");
            }
        }

        public Response GoTo(dynamic _)
        {
            try
            {
                var ssoparam = this.GetReqData<SSOParam>();
                string publickey = ConfigurationManager.AppSettings["SSOPublicSecret"];
                string sysid = ssoparam.sysid;
                string strsysid = DESEncrypt.Decrypt(sysid, publickey);
                string openid = ssoparam.openid;
                string userid = DESEncrypt.Decrypt(openid, publickey);
                var uplist = permUserPermissionIbll.GetPerm_UserPermissionEntityByFIdAndUid(strsysid, userid);
                Perm_FunctionVisitEntity functionVisitEntity = new Perm_FunctionVisitEntity();
                functionVisitEntity.Create();
                functionVisitEntity.Fid = strsysid;
                functionVisitEntity.PDate = DateTime.Now;
                functionVisitEntity.PUId = userid;
                var userinfo = userInfo;
                functionVisitEntity.PUName = userinfo.realName;
                if (uplist == null)
                {
                    functionVisitEntity.PIsLoginSuccess = false;
                    functionVisitEntity.PContent = "用户未授权";
                    functionVisitIbll.SaveEntity(null, functionVisitEntity);
                    return Fail("用户未授权。");
                }

                var perfun = perm_FunctionIBLL.GetPerm_FunctionEntityByUPId(uplist.UPId);
                string secretkey = DESEncrypt.Decrypt(perfun.FSecret, publickey);
                if (perfun.FIsManagePage == true)
                {
                    if (!string.IsNullOrEmpty(perfun.FInterfaceUrl))
                    {
                        if (!string.IsNullOrEmpty(perfun.UPUserName) && !string.IsNullOrEmpty(perfun.UPPass))
                        {
                            functionVisitEntity.PIsLoginSuccess = true;
                            functionVisitEntity.PContent = "成功转到统一认证网站:" + perfun.FUrl;
                            functionVisitIbll.SaveEntity(null, functionVisitEntity);
                            var user = LoginUserInfo.Get();
                            return Success(new
                            {
                                FInterfaceUrl = perfun.FInterfaceUrl + "?u=" +
                                            DESEncrypt.Encrypt(DESEncrypt.Encrypt(perfun.UPUserName, secretkey),
                                                publickey) + "&p=" +
                                            DESEncrypt.Encrypt(DESEncrypt.Encrypt(perfun.UPPass, secretkey),
                                                publickey) + "&t=" +
                                            DESEncrypt.Encrypt(
                                                DESEncrypt.Encrypt(DateTime.Now.ToString("yyyyMMddHHmmss"), secretkey),
                                                publickey) + "&ip=" +
                                            DESEncrypt.Encrypt(DESEncrypt.Encrypt(GetIP(), secretkey), publickey)
                                             + "&m=" + DESEncrypt.Encrypt(user.loginMark) + "&t=" + DESEncrypt.Encrypt(user.token)
                            });
                        }
                        else
                        {
                            functionVisitEntity.PIsLoginSuccess = false;
                            functionVisitEntity.PContent = "用户未配置转到用户名密码配置页面";
                            functionVisitIbll.SaveEntity(null, functionVisitEntity);
                            //用户未配置转到用户名密码配置页面
                            return Success(new { FInterfaceUrl = "/SSO/FirstLogin?sysid=" + sysid + "&openid=" + openid });
                        }
                    }
                    else
                    {
                        functionVisitEntity.PIsLoginSuccess = false;
                        functionVisitEntity.PContent = "未配置登录接口地址";
                        functionVisitIbll.SaveEntity(null, functionVisitEntity);
                        return Fail("未配置登录接口地址。");
                    }
                }
                else
                {
                    if (!string.IsNullOrEmpty(perfun.FUrl))
                    {
                        functionVisitEntity.PIsLoginSuccess = true;
                        functionVisitEntity.PContent = "成功转到统一认证网站:" + perfun.FUrl;
                        functionVisitIbll.SaveEntity(null, functionVisitEntity);
                        return Success(new { FInterfaceUrl = perfun.FUrl });
                    }
                    else
                    {
                        functionVisitEntity.PIsLoginSuccess = false;
                        functionVisitEntity.PContent = "未配置地址";
                        functionVisitIbll.SaveEntity(null, functionVisitEntity);
                        return Fail("未配置地址。");
                    }
                }
            }
            catch (Exception e)
            {
                return Fail("参数错误。");
            }
        }

        public Response GetList20(dynamic _)
        {
            var userinfo = userInfo;
            var functionlist = perm_FunctionIBLL.GetListByUserId(userinfo.userId).Where(m => m.FIsH5 == true).Select(m =>
                new
                {
                    m.FName,
                    m.FId,
                });
            return Success(functionlist);
        }


        /// <summary> 
        /// 获取页面显示列表数据 
        /// <summary> 
        /// <param name="_"></param> 
        /// <returns></returns> 
        public Response GetList(dynamic _)
        {
            string publickey = ConfigurationManager.AppSettings["SSOPublicSecret"];
            var logininfo = userInfo;
            var datatype = perm_FunctionTypeIBLL.GetListByUserId(userInfo.userId);
            foreach (var typeEntity in datatype)
            {
                var datafunction = perm_FunctionIBLL.GetListByFTId(typeEntity.FTId, userInfo.userId).Where(m => m.FIsH5 == true);
                foreach (var item in datafunction)
                {
                    if (item.FIsManagePage == true)
                    {
                        item.FInterfaceUrl = "/SSO/GoTo?sysid=" + DESEncrypt.Encrypt(item.FId, publickey) + "&openid=" + DESEncrypt.Encrypt(logininfo.userId, publickey);
                    }
                    else
                    {
                        item.FInterfaceUrl = item.FUrl;
                    }
                    item.FUrl = null;
                }
                typeEntity.PermFunction = datafunction.ToList();
            }
            return Success(datatype);
        }
        /// <summary>
        /// 获取IP
        /// </summary>
        /// <returns></returns>
        private string GetIP()
        {
            string ip = string.Empty;
            if (!string.IsNullOrEmpty(System.Web.HttpContext.Current.Request.ServerVariables["HTTP_VIA"]))
                ip = Convert.ToString(System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"]);
            if (string.IsNullOrEmpty(ip))
                ip = Convert.ToString(System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]);
            return ip;
        }
    }


}