1.非自研系统
通过接口,获取第三方系统token,存redis缓存,设计跳转配置,根据获取的配置路由等用户信息来访问第三方系统免登录。(登入校验在第三方系统实现)
public async Task<string> PostOaAcessTokenAsync(string loginid)
{
string resToken = "";
var formData = new Dictionary<string, string>
{
{ "appid", "*************************" },
{ "loginid", loginid }
};
var content = new FormUrlEncodedContent(formData);
HttpResponseMessage response = await HttpHelper.Client.PostAsync("http://127.0.0.1:8888/ssologin/getToken", content);
if (response.IsSuccessStatusCode)
{
var responseContent = await response.Content.ReadAsStringAsync();
resToken = responseContent;
if (resToken.Contains("has no account:"))
{
throw new UserFriendlyException(UserConst.OA_User_No_Exist);
}
return resToken;
}
else
{
throw new UserFriendlyException(UserConst.Login_Error);
}
}
1.自研系统(OOS机制-单点登录)
通过调整自研系统登入接口参数,添加token字段,由门户创建token,这边按照token值来判断是否不走正常账号密码登入,直接通过token值调用门户接口校验,如果校验成功则质检进入自研系统。
public async Task SSOLoginValidationAsync(string token, Action<UserEntity> userAction = null)
{
var user = new UserEntity();
HttpResponseMessage response = await HttpHelper.Client.PostAsync("http://127.0.0.1/prod-api/auth/get-token/" + token, null);
if (response.IsSuccessStatusCode)
{
var responseContent = await response.Content.ReadAsStringAsync();
var jObject = JObject.Parse(responseContent);
var bo = jObject["succeeded"].Value<bool>();
if (bo)
{
string UserCode = jObject["data"].Value<string>();
if (await ExistAsync(UserCode, o => user = o))
{
if (userAction is not null)
{
userAction.Invoke(user);
return;
}
}
throw new UserFriendlyException(UserConst.Login_User_No_Exist);
}
else
{
throw new UserFriendlyException(UserConst.Auth_User_Token_Invalid);
}
}
else
{
throw new UserFriendlyException(UserConst.SSO_Token_Err);
}
}