v1.2版，全面实现SSO登陆

OpenAuth.App/LoginApp.cs

@@ -4,6 +4,7 @@ using System.Web;
 using Infrastructure;
 using OpenAuth.App.ViewModel;
 using System.Web.Security;
+using OpenAuth.App.SSO;
 using OpenAuth.Domain.Service;
 
 namespace OpenAuth.App
@@ -17,31 +18,14 @@ namespace OpenAuth.App
             _service = service;
         }
 
-        public void Login(string userName, string password)
-        {
-            _service.Check(userName, password);
-            FormsAuthentication.SetAuthCookie(userName, true);
-
-        }
-
-        /// <summary>
-        /// 开发者登陆
-        /// </summary>
-        public void LoginByDev()
-        {
-            _service.SetSysUser();
-            FormsAuthentication.SetAuthCookie("System", true);
-         
-        }
-
         public LoginUserVM GetLoginUser()
         {
-            if (!HttpContext.Current.User.Identity.IsAuthenticated)
+            if (!AuthUtil.CheckLogin())
             {
                 throw new HttpException(401,"未登录");
             }
-            string username = HttpContext.Current.User.Identity.Name;
-            return GetLoginUser(username);
+
+            return AuthUtil.GetCurrentUser();
         }
 
         public LoginUserVM GetLoginUser(string username)
@@ -53,7 +37,6 @@ namespace OpenAuth.App
                 AccessedOrgs = _service.Orgs,
                 Modules = _service.Modules.MapToList<ModuleView>(),
                 Resources = _service.Resources,
-                Token = GenerateId.GetGuidHash()
             };
 
             foreach (var moduleView in user.Modules)

OpenAuth.App/ModuleManagerApp.cs

@@ -2,6 +2,7 @@
 using OpenAuth.Domain;
 using System.Collections.Generic;
 using System.Web;
+using OpenAuth.App.SSO;
 using OpenAuth.Domain.Service;
 
 namespace OpenAuth.App
@@ -20,8 +21,7 @@ namespace OpenAuth.App
         /// </summary>
         public dynamic Load(int parentId, int pageindex, int pagesize)
         {
-            string loginuser = HttpContext.Current.User.Identity.Name;
-            return _moduleManService.Load(loginuser, parentId, pageindex, pagesize);
+            return _moduleManService.Load(AuthUtil.GetCurrentUser().User.Account, parentId, pageindex, pagesize);
         }
 
         public void Delete(int id)

OpenAuth.App/OpenAuth.App.csproj

@@ -80,8 +80,10 @@
     <Compile Include="RevelanceManagerApp.cs" />
     <Compile Include="RoleManagerApp.cs" />
     <Compile Include="SSO\AuthUtil.cs" />
+    <Compile Include="SSO\SSOController.cs" />
     <Compile Include="SSO\LoginResult.cs" />
     <Compile Include="SSO\SSOAuthAttribute.cs" />
+    <Compile Include="SSO\UserAuthSession.cs" />
     <Compile Include="StockManagerApp.cs" />
     <Compile Include="UserManagerApp.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />

OpenAuth.App/SSO/AuthUtil.cs

@@ -1,17 +1,42 @@
+// ***********************************************************************
+// Assembly         : OpenAuth.App
+// Author           : yubaolee
+// Created          : 07-08-2016
+//
+// Last Modified By : yubaolee
+// Last Modified On : 07-08-2016
+// Contact : Microsoft
+// File: AuthUtil.cs
+// ***********************************************************************
+
+
 using System;
 using System.Configuration;
 using System.Web;
 using Infrastructure;
+using OpenAuth.App.ViewModel;
 
 namespace OpenAuth.App.SSO
 {
     public class AuthUtil
     {
         static HttpHelper _helper = new HttpHelper(ConfigurationManager.AppSettings["SSOPassport"]);
+
+        private static string GetToken()
+        {
+            string token = HttpContext.Current.Request.QueryString["Token"];
+            if (!string.IsNullOrEmpty(token)) return token;
+
+            var cookie = HttpContext.Current.Request.Cookies["Token"];
+            return cookie == null ? string.Empty : cookie.Value;
+        }
+
         public static bool CheckLogin(string token, string remark = "")
         {
-           
-            var requestUri = string.Format("/api/Passport?token={0}&requestid={1}", token, remark);
+            if (string.IsNullOrEmpty(token) || string.IsNullOrEmpty(GetToken()))
+                return false;
+
+            var requestUri = string.Format("/SSO/Check/GetStatus?token={0}&requestid={1}", token, remark);
 
             try
             {
@@ -24,6 +49,34 @@ namespace OpenAuth.App.SSO
             }
         }
 
+        public static bool CheckLogin(string remark="")
+        {
+            return CheckLogin(GetToken(), remark);
+        }
+
+        public static LoginUserVM GetCurrentUser(string remark = "")
+        {
+
+            var requestUri = string.Format("/SSO/Check/GetUser?token={0}&requestid={1}", GetToken(), remark);
+
+            try
+            {
+                var value = _helper.Get<LoginUserVM>(null, requestUri);
+                return value;
+            }
+            catch (Exception ex)
+            {
+                throw ex;
+            }
+        }
+
+        /// <summary>
+        /// 登陆接口
+        /// </summary>
+        /// <param name="appKey">应用程序key.</param>
+        /// <param name="username">用户名</param>
+        /// <param name="pwd">密码</param>
+        /// <returns>System.String.</returns>
         public static string Login(string appKey, string username, string pwd)
         {
             var requestUri = "/SSO/Login/Check";
@@ -53,12 +106,14 @@ namespace OpenAuth.App.SSO
             }
         }
 
+        /// <summary>
+        /// 注销
+        /// </summary>
         public static bool Logout()
         {
-            var tokenCookie = HttpContext.Current.Request.Cookies["Token"];
-            if (tokenCookie == null) return true;
+            var token = GetToken();
+            if (string.IsNullOrEmpty(token)) return true;
 
-            string token = tokenCookie.Value;
             var requestUri = string.Format("/SSO/Login/Logout?token={0}&requestid={1}", token, "");
 
             try

OpenAuth.App/SSO/SSOController.cs

@@ -0,0 +1,86 @@
+// ***********************************************************************
+// Assembly         : OpenAuth.Mvc
+// Author           : Administrator
+// Created          : 09-22-2015
+//
+// Last Modified By : Administrator
+// Last Modified On : 09-22-2015
+// ***********************************************************************
+// <copyright file="BaseController.cs" company="">
+//     Copyright (c) . All rights reserved.
+// </copyright>
+// <summary>
+// 基础控制器
+// 继承该控制器可以防止未登录查看
+// 继承该控制器后，如果想访问控制器中存在，但模块配置里面没有的Action（如：Home/Git），请使用AnonymousAttribute
+// </summary>
+// ***********************************************************************
+
+using System.Web;
+using System.Web.Mvc;
+
+namespace OpenAuth.App.SSO
+{
+    public class SSOController : Controller
+    {
+        public const string Token = "Token";
+        public const string SessionUserName = "SessionUserName";
+
+        protected override void OnActionExecuting(ActionExecutingContext filterContext)
+        {
+            var token = "";
+            var cookieSessionUserName = "";
+
+            //Token by QueryString
+            var request = filterContext.HttpContext.Request;
+            if (request.QueryString[Token] != null)
+            {
+                token = request.QueryString[Token];
+                filterContext.HttpContext.Response.Cookies.Add(new HttpCookie(Token, token));
+            }
+            else if (request.Cookies[Token] != null)  //从Cookie读取Token
+            {
+                token = request.Cookies[Token].Value;
+            }
+
+            //SessionUserName by QueryString
+            if (request.QueryString[SessionUserName] != null)
+            {
+                cookieSessionUserName = request.QueryString[SessionUserName];
+                filterContext.HttpContext.Response.Cookies.Add(new HttpCookie(SessionUserName, cookieSessionUserName));
+            }
+            else if (request.Cookies[SessionUserName] != null)  //从Cookie读取SessionUserName
+            {
+                cookieSessionUserName = request.Cookies[SessionUserName].Value;
+            }
+
+            if (string.IsNullOrEmpty(token))
+            {
+                //直接登录
+                filterContext.Result = SsoLoginResult(cookieSessionUserName);
+            }
+            else
+            {
+                //验证
+                if (AuthUtil.CheckLogin(token, request.RawUrl) == false)
+                {
+                    //会话丢失，跳转到登录页面
+                    filterContext.Result = SsoLoginResult(cookieSessionUserName);
+                }
+            }
+
+            base.OnActionExecuting(filterContext);
+        }
+
+        private static ActionResult SsoLoginResult(string username)
+        {
+            //跳转到SSO站点登陆
+            //return new RedirectResult(string.Format("{0}/sso/login?appkey={1}&username={2}",
+            //        ConfigurationManager.AppSettings["SSOPassport"],
+            //        ConfigurationManager.AppSettings["SSOAppKey"],
+            //        username));
+
+            return new RedirectResult("/Login/Index");
+        }
+    }
+}

OpenAuth.App/SSO/UserAuthSession.cs

@@ -0,0 +1,20 @@
+using System;
+
+namespace OpenAuth.WebApi.Areas.SSO.Models
+{
+    [Serializable]
+    public class UserAuthSession
+    {
+        public string Token { get; set; }
+
+        public string AppKey { get; set; }
+
+        public string UserName { get; set; }
+        
+        public string IpAddress { get; set; }
+
+        public DateTime InvalidTime { get; set; }
+
+        public DateTime CreateTime { get; set; }
+    }
+}

OpenAuth.App/ViewModel/LoginUserVM.cs

@@ -22,7 +22,6 @@ namespace OpenAuth.App.ViewModel
     /// </summary>
     public class LoginUserVM 
     {
-        public string Token { get; set; }
         public User User { get; set; }
         /// <summary>
         /// 用户可以访问到的模块（包括所属角色与自己的所有模块）

OpenAuth.Mvc/Controllers/BaseController.cs

@@ -24,21 +24,20 @@ using System.Reflection;
 using System.Web;
 using System.Web.Mvc;
 using OpenAuth.App;
+using OpenAuth.App.SSO;
 
 namespace OpenAuth.Mvc.Controllers
 {
-    public class BaseController : Controller
+    public class BaseController : SSOController
     {
         protected BjuiResponse BjuiResponse = new BjuiResponse();
 
         protected override void OnActionExecuting(ActionExecutingContext filterContext)
         {
+            base.OnActionExecuting(filterContext);
+
             var loginUser = AutofacExt.GetFromFac<LoginApp>().GetLoginUser();
-            if (!User.Identity.IsAuthenticated)
-            {
-                filterContext.Result = new RedirectResult("/Login/Index");
-                return;
-            }
+           
             var controllername = Request.RequestContext.RouteData.Values["controller"].ToString().ToLower();
             var actionname = filterContext.ActionDescriptor.ActionName.ToLower();
 
@@ -69,7 +68,6 @@ namespace OpenAuth.Mvc.Controllers
                 }
             }
             
-            base.OnActionExecuting(filterContext);
         }
     }
 }

OpenAuth.Mvc/Controllers/LoginController.cs

@@ -1,10 +1,7 @@
 using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Web;
 using System.Web.Mvc;
-using System.Web.Security;
 using OpenAuth.App;
+using OpenAuth.App.SSO;
 using OpenAuth.Mvc.Models;
 
 namespace OpenAuth.Mvc.Controllers
@@ -28,8 +25,18 @@ namespace OpenAuth.Mvc.Controllers
         {
             try
             {
-                _app.Login(username, password);
-                return RedirectToAction("Index", "Home");
+                var token = AuthUtil.Login("670b14728ad9902aecba32e22fa4f6bd", username, password);
+                if (!string.IsNullOrEmpty(token))
+                    return Redirect("/home/index?Token=" + token);
+                else
+                {
+                    var response = new BjuiResponse
+                    {
+                        statusCode = "300",
+                        message = "登陆失败"
+                    };
+                    return View(response);
+                }
                 
             }
             catch (Exception e)
@@ -50,8 +57,14 @@ namespace OpenAuth.Mvc.Controllers
         {
             try
             {
-                _app.LoginByDev();
-                return RedirectToAction("Index", "Home");
+                var token = AuthUtil.Login("670b14728ad9902aecba32e22fa4f6bd", "System","");
+                if (!string.IsNullOrEmpty(token))
+                    return Redirect("/home/index?Token=" + token);
+                else
+                {
+                    return RedirectToAction("Index", "Login");
+
+                }
 
             }
             catch (Exception e)
@@ -63,7 +76,7 @@ namespace OpenAuth.Mvc.Controllers
         public ActionResult Logout()
         {
 
-            FormsAuthentication.SignOut();
+            AuthUtil.Logout();
             return RedirectToAction("Index", "Login");
         }
     }

OpenAuth.Mvc/Global.asax.cs

@@ -24,39 +24,39 @@ namespace OpenAuth.Mvc
         }
 
 
-        //protected void Application_Error(object sender, EventArgs e)
-        //{
-        //    var app = (MvcApplication)sender;
-        //    var context = app.Context;
-        //    var ex = app.Server.GetLastError();
-        //    LogHelper.Fatal(ex.Message);
+        protected void Application_Error(object sender, EventArgs e)
+        {
+            var app = (MvcApplication)sender;
+            var context = app.Context;
+            var ex = app.Server.GetLastError();
+            LogHelper.Fatal(ex.Message);
 
-        //    context.Response.Clear();
-        //    context.ClearError();
-        //    var httpException = ex as HttpException;
-        //    var routeData = new RouteData();
-        //    routeData.Values["controller"] = "error";
-        //    routeData.Values["exception"] = ex;
-        //    routeData.Values["action"] = "http500";
-        //    if (httpException != null)
-        //    {
+            context.Response.Clear();
+            context.ClearError();
+            var httpException = ex as HttpException;
+            var routeData = new RouteData();
+            routeData.Values["controller"] = "error";
+            routeData.Values["exception"] = ex;
+            routeData.Values["action"] = "http500";
+            if (httpException != null)
+            {
 
 
-        //        switch (httpException.GetHttpCode())
-        //        {
-        //            case 404:
-        //                routeData.Values["action"] = "http404";
-        //                break;
-        //            case 401:  //没有登录
-        //                routeData.Values["action"] = "http401";
-        //                break;
-        //            case 400:  //演示版本，没有执行的权限
-        //                routeData.Values["action"] = "DemoError";
-        //                break;
-        //        }
-        //    }
-        //    IController controller = new ErrorController();
-        //    controller.Execute(new RequestContext(new HttpContextWrapper(context), routeData));
-        //}
+                switch (httpException.GetHttpCode())
+                {
+                    case 404:
+                        routeData.Values["action"] = "http404";
+                        break;
+                    case 401:  //没有登录
+                        routeData.Values["action"] = "http401";
+                        break;
+                    case 400:  //演示版本，没有执行的权限
+                        routeData.Values["action"] = "DemoError";
+                        break;
+                }
+            }
+            IController controller = new ErrorController();
+            controller.Execute(new RequestContext(new HttpContextWrapper(context), routeData));
+        }
     }
 }

OpenAuth.WebApi/Areas/SSO/Controllers/CheckController.cs

@@ -0,0 +1,38 @@
+using System.Web.Http;
+using System.Web.Mvc;
+using Infrastructure;
+using OpenAuth.App;
+using OpenAuth.WebApi.Areas.SSO.Models.Services;
+
+namespace OpenAuth.WebApi.Areas.SSO.Controllers
+{
+    public class CheckController : Controller
+    {
+        private LoginApp _app;
+        public CheckController()
+        {
+            _app = AutofacExt.GetFromFac<LoginApp>();
+        }
+
+        public bool GetStatus(string token = "", string requestid = "")
+        {
+            if (new UserAuthSessionService().GetCache(token))
+            {
+                return true;
+            }
+
+            return false;
+        }
+
+        public string GetUser(string token = "", string requestid = "")
+        {
+            var user = new UserAuthSessionService().Get(token);
+            if (user != null)
+            {
+                return JsonHelper.Instance.Serialize(_app.GetLoginUser(user.UserName));
+            }
+
+            return string.Empty;
+        }
+    }
+}

OpenAuth.WebApi/Areas/SSO/Controllers/PassportController.cs

@@ -1,18 +0,0 @@
-using System.Web.Http;
-using OpenAuth.WebApi.Areas.SSO.Models.Services;
-
-namespace OpenAuth.WebApi.Areas.SSO.Controllers
-{
-    public class PassportController : ApiController
-    {
-        public bool Get(string token = "", string requestid = "")
-        {
-            if (new UserAuthSessionService().GetCache(token))
-            {
-                return true;
-            }
-
-            return false;
-        }
-    }
-}

OpenAuth.WebApi/Areas/SSO/Views/Login/Index.cshtml

@@ -1,5 +1,5 @@
 @using OpenAuth.WebApi.Areas.SSO.Models
-@model OpenAuth.WebApi.Areas.SSO.Models.PassportLoginRequest
+@model PassportLoginRequest
 @{
     ViewBag.Title = "用户授权应用登录";
 

OpenAuth.WebApi/OpenAuth.WebApi.csproj

@@ -150,7 +150,7 @@
     <Compile Include="App_Start\RouteConfig.cs" />
     <Compile Include="App_Start\WebApiConfig.cs" />
     <Compile Include="Areas\SSO\Controllers\LoginController.cs" />
-    <Compile Include="Areas\SSO\Controllers\PassportController.cs" />
+    <Compile Include="Areas\SSO\Controllers\CheckController.cs" />
     <Compile Include="Areas\SSO\Models\AppInfo.cs" />
     <Compile Include="Areas\SSO\Models\AppUser.cs" />
     <Compile Include="Areas\SSO\Models\PassportLoginRequest.cs" />
@@ -159,7 +159,6 @@
     <Compile Include="Areas\SSO\Models\Services\AppUserService.cs" />
     <Compile Include="Areas\SSO\Models\Services\UserAuthSessionService.cs" />
     <Compile Include="Areas\SSO\Models\StringExtensions.cs" />
-    <Compile Include="Areas\SSO\Models\UserAuthSession.cs" />
     <Compile Include="Areas\SSO\SSOAreaRegistration.cs" />
     <Compile Include="AutofacExt.cs" />
     <Compile Include="Global.asax.cs">

OpenAuth.WebTest/Controllers/HomeController.cs

@@ -1,15 +1,24 @@
 using System.Web.Mvc;
+using OpenAuth.App;
 using OpenAuth.App.SSO;
 
 namespace OpenAuth.WebTest.Controllers
 {
     public class HomeController :Controller
     {
+
         [SSOAuth]
         public ActionResult Index()
         {
+            var currentUser = AuthUtil.GetCurrentUser();
+            ViewBag.CurrentUser = currentUser;
             return View();
         }
+
+        public ActionResult Admin()
+        {
+            return Redirect("http://localhost:56813?token=" + Request.Cookies["Token"].Value);
+        }
        
     }
 }

OpenAuth.WebTest/Controllers/LoginController.cs

@@ -18,7 +18,7 @@ namespace OpenAuth.WebTest.Controllers
         [HttpPost]
         public ActionResult Index(string username, string password)
         {
-            var token = AuthUtil.Login("670b14728ad9902aecba32e22fa4f6bd", username, "123");
+            var token = AuthUtil.Login("670b14728ad9902aecba32e22fa4f6bd", username, password);
             if (!string.IsNullOrEmpty(token))
                 return Redirect("/home/index?Token=" + token);
             else
@@ -26,5 +26,11 @@ namespace OpenAuth.WebTest.Controllers
                 return View();
             }
         }
+
+        public ActionResult Logout()
+        {
+            AuthUtil.Logout();
+            return Redirect("/Home/Index");
+        }
     }
 }

OpenAuth.WebTest/Views/Home/Index.cshtml

@@ -1,62 +1,51 @@
 @{
-    ViewBag.Title = "Home Page";
+    ViewBag.Title = "OpenAuth.net 测试页面";
 }
 
 <div class="jumbotron">
     <h1>OpenAuth.NET</h1>
     <p class="lead">这是OpenAuth.Net的测试站点，模拟一个第三方网站如何使用OpenAuth.net提供的权限功能！</p>
-    <p><a href="https://git.oschina.net/yubaolee/OpenAuth.Net" class="btn btn-primary btn-lg">Learn more &raquo;</a>
+    <p>
+        <a href="https://git.oschina.net/yubaolee/OpenAuth.Net" class="btn btn-default btn-lg">Learn more &raquo;</a>
     </p>
 </div>
-<script src="~/Scripts/jquery-1.10.2.js"></script>
-<script type="text/javascript">
-    $(function() {
-        $("#btnGetValue").click(function() {
-            $.get("/Values/index", function(data) {
-                console.log(data);
-            });
-        });
-    });
-</script>
 
 <div class="row">
-    <div class="col-md-4">
-        <h2>登录</h2>
-        <p>
-            @if (ViewBag.CurrentUser != null)
-            {
-                <span> 当前登录用户:@ViewBag.CurrentUser.User.Account</span>
-                <a href="/home/logout">退出</a>
-                <button class="button alert-danger" id="btnGetValue">获取值</button>
-            }
-            else
-            {
-                <a href="/home/login">点击这里登陆</a>
-            }
-        </p>
-        <form class="form-group">
-            
-        </form>
-    </div>
     <div class="col-md-8">
-      @if (ViewBag.CurrentUser != null)
-      {
-        <h2>可访问的机构</h2>
-            <ul>
-                @foreach (var org in ViewBag.CurrentUser.AccessedOrgs)
+        @if (ViewBag.CurrentUser != null)
+            {
+            <div class="media">
+                <div class="media-body">
+                    <h4 class="media-heading">@ViewBag.CurrentUser.User.Account ,您好！</h4>
+                    <p>因为使用了SSO，所以您可以直接进入OpenAuth.Net，而不用重复登陆</p>
+                    <p>
+                        <a href="/Home/Admin" class="btn btn-primary">直接进入OpenAuth.Net</a>
+                        <a href="/login/logout" class="btn btn-danger">注销</a>
+                    </p>
+                </div>
+            </div>
+            
+        }
+    </div>
+    <div class="col-md-4">
+        @if (ViewBag.CurrentUser != null)
+            {
+            <h2>可访问的机构</h2>
+                <ul>
+                    @foreach (var org in ViewBag.CurrentUser.AccessedOrgs)
                 {
-                    <li>@org.Name</li>
-                }
-            </ul>
+                        <li>@org.Name</li>
+                    }
+                </ul>
 
-            <h2>可访问的资源</h2>
-            <ul>
-                @foreach (var resource in ViewBag.CurrentUser.Resources)
+                <h2>可访问的资源</h2>
+                <ul>
+                    @foreach (var resource in ViewBag.CurrentUser.Resources)
                 {
-                    <li>@resource.Name</li>
-                }
-            </ul>
-      }
+                        <li>@resource.Name</li>
+                    }
+                </ul>
+        }
 
     </div>
 </div>

OpenAuth.WebTest/Views/Login/Index.cshtml

@@ -2,17 +2,17 @@
     ViewBag.Title = "title";
 }
 
-<h2>Login</h2>
+<h2>OpenAuth.net测试站点登陆</h2>
 
 <form class="form-horizontal" method="POST">
     <div class="control-group">
-        <label class="control-label" for="username">Email</label>
+        <label class="control-label" for="username">用户名</label>
         <div class="controls">
             <input type="text" id="username" name="username" value="admin">
         </div>
     </div>
     <div class="control-group">
-        <label class="control-label" for="password">Password</label>
+        <label class="control-label" for="password">密码</label>
         <div class="controls">
             <input type="password" id="password" name="password" value="admin">
         </div>
@@ -22,7 +22,7 @@
             <label class="checkbox">
                 <input type="checkbox"> Remember me
             </label>
-            <button type="submit" class="btn">Sign in</button>
+            <button type="submit" class="btn btn-primary">登陆</button>
         </div>
     </div>
 </form>