zoukankan      html  css  js  c++  java

  • web api 单点登录(SSO) 权限验证

      本文介绍利用web api实现单点登录,具体原理请看http://www.cnblogs.com/Work-hard/archive/2013/04/10/3011589.html,下面主要介绍相关代码:

      分站代码:

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Text.RegularExpressions;
    using System.Web;
    using System.Web.Mvc;
    using System.Net.Http;

    namespace MvcApplication2.Controllers
    {
    public class HomeController : Controller
    {
    public class infoMassege
    {
    public string webName { get; set; }
    public string[] message { get; set; }
    }
    public ActionResult Index()
    {
    //令牌验证结果
    if (Request.QueryString["Token"] != null)
    {
    //持有令牌
    string tokenValue = Request.QueryString["Token"];
    HttpCookie tokenCookie = new HttpCookie("Token");
    tokenCookie.Values.Add("Value", tokenValue);
    tokenCookie.Expires = DateTime.Now.Add(new TimeSpan(24, 0, 0));
    tokenCookie.Path = "/";
    Response.AppendCookie(tokenCookie);

    if (Session["Info"]==null)
    {
    getInfo(tokenValue);
    }
    }
    else if (Request.Cookies["Token"]!= null)
    {
    string tokenValue = Convert.ToString(Request.Cookies["Token"].Value);
    if (Session["Info"] == null)
    {
    getInfo(tokenValue);
    }
    }
    else
    {
    //未持有令牌
    Response.Redirect("http://localhost:4213/?BackURL=" + Server.UrlEncode(Request.Url.AbsoluteUri));
    }
    return View();
    }

    public void getInfo(string tokenValue)
    { //客户端调用Web api
    System.Net.Http.HttpClient client = new System.Net.Http.HttpClient();
    client.BaseAddress = new Uri("http://localhost:4213/");
    client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
    HttpResponseMessage response = client.GetAsync("api/Login/?token=" + tokenValue).Result;
    if (response.IsSuccessStatusCode)
    {
    infoMassege info = response.Content.ReadAsAsync<infoMassege>().Result;
    string[] a = info.message;
    System.Web.HttpContext.Current.Session["Info"] = a;
    System.Web.HttpContext.Current.Session.Timeout = 1;
    }
    else
    {
    Response.Redirect("http://localhost:4213/?BackURL=" + Server.UrlEncode(Request.Url.AbsoluteUri));
    return;
    }
    }
    }
    }

    主站代码:

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Net;
    using System.Net.Http;
    using System.Web;
    using System.Web.Http;
    using SSO.Passport.Class;
    using System.Data;

    namespace MvcApplication1.Controllers
    {
    public class LoginController : ApiController
    {
    public class infoMassege
    {
    public string webName { get; set; }
    public string[] message { get; set; }
    //public string webName = "a";
    //public string[] message = { "user", "admin", "tuorist" };
    };
    HttpResponseMessage response;
    LoginController()
    {
    response = new HttpResponseMessage();
    }
    [HttpPost]
    public HttpResponseMessage Post()
    {

    //摸拟用户登录验证(帐号、密码于web.config中)
    //真实环境此处应通过数据库进行验证
    //if (this.txtAccount.Text == System.Configuration.ConfigurationManager.AppSettings["acc"] && this.txtPassport.Text == System.Configuration.ConfigurationManager.AppSettings["pas"])
    //{
    //产生令牌
    string tokenValue = this.getGuidString();
    HttpContext.Current.Cache.Insert(tokenValue+"a", tokenValue, null, DateTime.Now.AddMinutes(3), TimeSpan.Zero);

    //产生主站凭证
    CreateInfo(tokenValue);
    response = Request.CreateResponse(HttpStatusCode.OK, @"{""tokenValue"":""" + tokenValue+@"""}");
    return response;
    }
    //产生主站凭证
    private void CreateInfo(string tokenValue)
    {
    infoMassege info = new infoMassege();
    info.message = new string[] { "user", "admin", "tuorist" };
    info.webName = "a";
    if (HttpContext.Current.Cache[tokenValue] == null)
    {
    HttpContext.Current.Cache.Insert(tokenValue, info, null, DateTime.Now.AddMinutes(1),TimeSpan.Zero);
    }
    //System.Web.Caching.Cache c = HttpContext.Current.Cache;
    //CacheManager.TokenInsert(tokenValue, info, DateTime.Now.AddMinutes(100));
    }

    [HttpGet]
    public HttpResponseMessage getCache(string token)
    {
    if (HttpContext.Current.Cache[token + "a"] != null)
    {
    infoMassege proof = new infoMassege();
    proof = (infoMassege)HttpContext.Current.Cache[token];
    if (proof != null)
    {
    response = Request.CreateResponse(HttpStatusCode.OK, proof);
    }
    else
    {
    CreateInfo(token);
    getCache(token);
    }
    }
    else
    {
    response = Request.CreateResponse(HttpStatusCode.Forbidden);
    }
    return response;
    }


    /// <summary>
    /// 产生绝对唯一字符串,用于令牌
    /// </summary>
    /// <returns></returns>
    private string getGuidString()
    {
    return Guid.NewGuid().ToString().ToUpper();
    }
    }
    }
  • 相关阅读:
    独立思考模型与经验-仅供参考
    独立思考与输入、吸收
    基于事实和全方位思考
    独立思考有四个层次-知识体系
    思维框架
    阅读、思考与吸收
    思考与阅读
    博学之,审问之,慎思之,明辨之,笃行之:思考与成长
    如何成为有想法的人?如何培养独立思考的能力?
    人的本质--以人为本--思考-认识世界、改造世界
  • 原文地址:https://www.cnblogs.com/zhyc/p/3111793.html
Copyright © 2011-2022 走看看