using Infrastructure.Application.Services.Settings; using Infrastructure.Data; using Infrastructure.Extensions; using Application.Domain.Entities; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Hosting; using Microsoft.Extensions.Logging; using System; using System.Collections.Generic; using System.Linq; using System.Net.Http; using System.Security.Claims; using System.Web; using System.Xml; using Microsoft.IdentityModel.Tokens; namespace Platform.Apis.Controllers { [ApiVersion("1.0")] [Route("api/v{version:apiVersion}/[controller]/[action]")] [ApiController] public class ProjectController : ControllerBase { private readonly IWebHostEnvironment _env; private readonly IHttpClientFactory _httpClientFactory; private readonly ILogger logger; private readonly IConfiguration _cfg; private readonly ISettingService _settingService; private readonly IRepository _organRepo; private readonly IRepository _userRepo; private readonly IRepository _organUserRepo; private readonly IRepository _roleRepo; private readonly IRepository _userRoleRepo; private readonly TokenValidationParameters _parameters; public ProjectController( IWebHostEnvironment env, IHttpClientFactory httpClientFactory, ILogger logger, IConfiguration cfg, ISettingService settingService, IRepository organRepo, IRepository userRepo, IRepository organUserRepo, IRepository roleRepo, IRepository userRoleRepo, TokenValidationParameters parameters) { this._env = env; this._httpClientFactory = httpClientFactory; this.logger = logger; this._cfg = cfg; this._settingService = settingService; this._organRepo = organRepo; this._userRepo = userRepo; this._organUserRepo = organUserRepo; this._roleRepo = roleRepo; this._userRoleRepo = userRoleRepo; this._parameters = parameters; } [AllowAnonymous] [HttpGet] public IActionResult CasLogin(string ticket, string home) { var sso = this._settingService.GetValue("sso"); if (_env.IsDevelopment()) { sso = sso ?? "http://kpsso.kpedu.com";//debug home = "http://221.194.113.154:8100";//debug } var url = sso + "/serviceValidate?ticket=" + ticket + "&service=" + HttpUtility.UrlEncode(home); var httpClient = this._httpClientFactory.CreateClient(); var result = httpClient.GetAsync(url).Result.Content.ReadAsStringAsync().Result; var doc = new XmlDocument(); doc.LoadXml(result); var userName = doc.GetElementsByTagName("cas:USER_NAME")[0].InnerText.Trim(); var realName = doc.GetElementsByTagName("cas:REAL_NAME")[0].InnerText.Trim(); var organNumber = doc.GetElementsByTagName("cas:ORG_ID")[0].InnerText.Trim(); var organName = doc.GetElementsByTagName("cas:ORG_NAME")[0].InnerText.Trim(); UpdateOrganUser(userName, realName, organName, organNumber); if (_env.IsDevelopment()) { home = "http://localhost:8100";//debug } home += "?accessToken=" + Request.HttpContext.CreateJwtToken(new List { new Claim(this._parameters.NameClaimType, userName) }, DateTime.Now.AddYears(100)); home += "&refreshToken=" + Request.HttpContext.CreateJwtToken(new List { new Claim(this._parameters.NameClaimType, userName) }, DateTime.Now.AddYears(100)); return Redirect(home); } [AllowAnonymous] [HttpGet] public IActionResult Update(string userName, string realName, string organName, string organNumber, long timestamp, string role, string token) { if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(organName)) { var message = "参数不能为空"; this.logger.LogError(message); return Problem(message); } try { var query = this.Request.QueryString.ToString().RemoveParam("token").TrimStart('?').Trim(); var token2 = $"{query},123456".Md5(); if (token2 != token) { var message = "token无效"; this.logger.LogError(message); throw new Exception(message); } var sendTime = DateTimeOffset.FromUnixTimeSeconds(timestamp); var seconds = (DateTime.UtcNow - sendTime).TotalSeconds; if (seconds > 60) { var message = $"timestamp差距{seconds}秒"; this.logger.LogError(message); throw new Exception(message); } User user = UpdateOrganUser(userName, realName, organName, organNumber); var roles = role.Split(','); var userRoles = this._userRoleRepo.Table().Where(o => o.OrganUser.User.UserName == userName); if (roles.Any()) { foreach (var item in roles) { var role2 = _roleRepo.Table().FirstOrDefault(o => o.Name == item); if (role2 == null) { role2 = new Role { Name = item }; _roleRepo.Add(role2); _roleRepo.SaveChanges(); } if (!userRoles.Any(o => o.OrganRole.Name == item)) { _userRoleRepo.Add(new OrganUserRole { OrganUserId = user.Id, OrganRoleId = role2.Id }); _userRoleRepo.SaveChanges(); } } } } catch (Exception ex) { this.logger.LogError(ex.ToString()); return Problem(ex.Message); } return Ok(new { AccessToken = Request.HttpContext.CreateJwtToken(new List { new Claim(this._parameters.NameClaimType, userName) }, DateTime.Now.AddYears(100)), RefreshToken = Request.HttpContext.CreateJwtToken(new List { new Claim(this._parameters.NameClaimType, userName) }, DateTime.Now.AddYears(100)), }); } private User UpdateOrganUser(string userName, string realName, string organName, string organNumber) { var organ = this._organRepo.Table().FirstOrDefault(o => o.Name == organName); if (organ == null) { organ = new Organ { Name = organName, Number = organNumber }; this._organRepo.Add(organ); } else { organ.Number = organNumber; } this._organRepo.SaveChanges(); var user = this._userRepo.Table().FirstOrDefault(o => o.UserName == userName); if (user == null) { user = new User { UserName = userName, NickName = realName, Email = $"{userName}@test.com" }; this._userRepo.Add(user); } this._userRepo.SaveChanges(); var organUser = this._organUserRepo.Table().FirstOrDefault(o => o.UserId == user.Id && o.Organ.Id == organ.Id); if (organUser == null) { organUser = new OrganUser { UserId = user.Id, OrganId = organ.Id }; this._organUserRepo.SaveChanges(); } return user; } } }