OpenAuth.Net/OpenAuth.App/SSO/SSOAuthAttribute.cs

using System.Web;
using System.Web.Mvc;

namespace OpenAuth.App.SSO
{
    public class SSOAuthAttribute : ActionFilterAttribute
    {
        public const string Token = "Token";
        public const string SessionUserName = "SessionUserName";

        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var token = "";
            var cookieSessionUserName = "";

            //Token by QueryString
            var request = filterContext.HttpContext.Request;
            if (request.QueryString[Token] != null)
            {
                token = request.QueryString[Token];
                filterContext.HttpContext.Response.Cookies.Add(new HttpCookie(Token, token));
            }
            else if (request.Cookies[Token] != null)  //从Cookie读取Token
            {
                token = request.Cookies[Token].Value;
            }

            //SessionUserName by QueryString
            if (request.QueryString[SessionUserName] != null)
            {
                cookieSessionUserName = request.QueryString[SessionUserName];
                filterContext.HttpContext.Response.Cookies.Add(new HttpCookie(SessionUserName, cookieSessionUserName));
            }
            else if (request.Cookies[SessionUserName] != null)  //从Cookie读取SessionUserName
            {
                cookieSessionUserName = request.Cookies[SessionUserName].Value;
            }
            
            if (string.IsNullOrEmpty(token))
            {
                //直接登录
                filterContext.Result = LoginResult(cookieSessionUserName);
            }
            else
            {
                //验证
                if (AuthUtil.CheckLogin(token, request.RawUrl) == false)
                {
                    //会话丢失，跳转到登录页面
                    filterContext.Result = LoginResult(cookieSessionUserName);
                }
            }

            base.OnActionExecuting(filterContext);
        }

        private static ActionResult LoginResult(string username)
        {
            //跳转到SSO站点登陆
            //return new RedirectResult(string.Format("{0}/sso/login?appkey={1}&username={2}",
            //        ConfigurationManager.AppSettings["SSOPassport"],
            //        ConfigurationManager.AppSettings["SSOAppKey"],
            //        username));

            return new RedirectResult("/Login/Index");
        }
    }
}