单点登录(Single Sign On),简称为 SSO,是目前比较流行的企业业务整合的解决方案之一。SSO的定义是在多个应用系统中,用户只需要登录一次就可以访问所有相互信任的应用系统。
1、跨子域单点登录。如 blog.a.com 和 info.a.com 这2个站点同属一个主域.a.com,实现跨子域单点登录很简单,可以利用cookie,设置Domain为".a.com'即可,这里就不再赘叙。
比如说,我现在有3个分站点和1个认证中心(总站)。当用户访问分站点的时候,分站点会发Token到验证中心进行验证。验证中心判断用户是否已经登录。如果未登录,则返回到验证中心登录入口进行登录,否之则返回Token验证到分站点,直接进入分站点。
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Text;
public partial class _Default : System.Web.UI.Page
{
protectedvoid Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
SSORequest ssoRequest = new SSORequest();
#region 验证 Post 过来的参数
//--------------------------------
// 请求注销
if (!string.IsNullOrEmpty(Request["Logout"]))
{
Authentication.Logout();
return;
}
//--------------------------------
// 各独立站点标识
if (string.IsNullOrEmpty(Request["IASID"]))
{
return;
}
else
{
ssoRequest.IASID = Request["IASID"];
}
//--------------------------------
// 时间戳
if (string.IsNullOrEmpty(Request["TimeStamp"]))
{
return;
}
else
{
ssoRequest.TimeStamp = Request["TimeStamp"];
}
//--------------------------------
// 各独立站点的访问地址
if (string.IsNullOrEmpty(Request["AppUrl"]))
{
return;
}
else
{
ssoRequest.AppUrl = Request["AppUrl"];
}
//--------------------------------
// 各独立站点的 Token
if (string.IsNullOrEmpty(Request["Authenticator"]))
{
return;
}
else
{
ssoRequest.Authenticator = Request["Authenticator"];
}
ViewState["SSORequest"] = ssoRequest;
#endregion
//验证从分站发过来的Token
if (Authentication.ValidateAppToken(ssoRequest))
{
string userAccount = null;
// 验证用户之前是否登录过
//验证 EAC 认证中心的 Cookie,验证通过时获取用户登录账号
if (Authentication.ValidateEACCookie(out userAccount))
{
ssoRequest.UserAccount = userAccount;
//创建认证中心发往各分站的 Token
if (Authentication.CreateEACToken(ssoRequest))
{
Post(ssoRequest);
}
}
else
{
return;
}
}
else
{
return;
}
}
}
//post请求
void Post(SSORequest ssoRequest)
{
PostService ps = new PostService();
ps.Url = ssoRequest.AppUrl;
ps.Add("UserAccount", ssoRequest.UserAccount);
ps.Add("IASID", ssoRequest.IASID);
ps.Add("TimeStamp", ssoRequest.TimeStamp);
ps.Add("AppUrl", ssoRequest.AppUrl);
ps.Add("Authenticator", ssoRequest.Authenticator);
ps.Post();
}
/// <summary>
/// 验证登录账号和密码是否正确
/// </summary>
/// <param name="userName">登录账号</param>
/// <param name="userPwd">登录密码</param>
/// <returns></returns>
privatebool ValidateUserInfo(string userName, string userPwd)
{
//从数据库中读取,验证登录账号和密码
//略...
returntrue;
}
protectedvoid Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
if (string.IsNullOrEmpty(Login1.UserName) || string.IsNullOrEmpty(Login1.Password))
{
Page.RegisterClientScriptBlock("Add", "<mce:script lanuage=\"javascript\"><!--
alert('用户名密码不能为空!');
// --></mce:script>");
return;
}
elseif (ValidateUserInfo(Login1.UserName, Login1.Password) == false)
{
Page.RegisterClientScriptBlock("Add", "<mce:script lanuage=\"javascript\"><!--
alert('用户名密码错误!');
// --></mce:script>");
return;
}
else
{
Session["CurrUserName"] = Login1.UserName;
Session.Timeout = 120;
SSORequest ssoRequest = ViewState["SSORequest"] as SSORequest;
// 如果不是从各分站 Post 过来的请求,则默认登录主站
if (ssoRequest == null)
{
FormsAuthentication.SetAuthCookie(Login1.UserName, false);
ssoRequest = new SSORequest();
//主站标识ID
ssoRequest.IASID = "00";
ssoRequest.AppUrl = "SiteList.aspx";
ssoRequest.TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm");
ssoRequest.Authenticator = string.Empty;
Response.Redirect("SiteList.aspx");
}
ssoRequest.UserAccount = Login1.UserName;
//创建Token
if (Authentication.CreateEACToken(ssoRequest))
{
string expireTime = DateTime.Now.AddHours(3).ToString("yyyy-MM-dd HH:mm");
Authentication.CreatEACCookie(ssoRequest.UserAccount, ssoRequest.TimeStamp, expireTime);
Post(ssoRequest);
}
}
}
}
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Text;
public partial class _Default : System.Web.UI.Page
{
protectedvoid Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
SSORequest ssoRequest = new SSORequest();
#region 验证 Post 过来的参数
//--------------------------------
// 请求注销
if (!string.IsNullOrEmpty(Request["Logout"]))
{
Authentication.Logout();
return;
}
//--------------------------------
// 各独立站点标识
if (string.IsNullOrEmpty(Request["IASID"]))
{
return;
}
else
{
ssoRequest.IASID = Request["IASID"];
}
//--------------------------------
// 时间戳
if (string.IsNullOrEmpty(Request["TimeStamp"]))
{
return;
}
else
{
ssoRequest.TimeStamp = Request["TimeStamp"];
}
//--------------------------------
// 各独立站点的访问地址
if (string.IsNullOrEmpty(Request["AppUrl"]))
{
return;
}
else
{
ssoRequest.AppUrl = Request["AppUrl"];
}
//--------------------------------
// 各独立站点的 Token
if (string.IsNullOrEmpty(Request["Authenticator"]))
{
return;
}
else
{
ssoRequest.Authenticator = Request["Authenticator"];
}
ViewState["SSORequest"] = ssoRequest;
#endregion
//验证从分站发过来的Token
if (Authentication.ValidateAppToken(ssoRequest))
{
string userAccount = null;
// 验证用户之前是否登录过
//验证 EAC 认证中心的 Cookie,验证通过时获取用户登录账号
if (Authentication.ValidateEACCookie(out userAccount))
{
ssoRequest.UserAccount = userAccount;
//创建认证中心发往各分站的 Token
if (Authentication.CreateEACToken(ssoRequest))
{
Post(ssoRequest);
}
}
else
{
return;
}
}
else
{
return;
}
}
}
//post请求
void Post(SSORequest ssoRequest)
{
PostService ps = new PostService();
ps.Url = ssoRequest.AppUrl;
ps.Add("UserAccount", ssoRequest.UserAccount);
ps.Add("IASID", ssoRequest.IASID);
ps.Add("TimeStamp", ssoRequest.TimeStamp);
ps.Add("AppUrl", ssoRequest.AppUrl);
ps.Add("Authenticator", ssoRequest.Authenticator);
ps.Post();
}
/// <summary>
/// 验证登录账号和密码是否正确
/// </summary>
/// <param name="userName">登录账号</param>
/// <param name="userPwd">登录密码</param>
/// <returns></returns>
privatebool ValidateUserInfo(string userName, string userPwd)
{
//从数据库中读取,验证登录账号和密码
//略...
returntrue;
}
protectedvoid Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
if (string.IsNullOrEmpty(Login1.UserName) || string.IsNullOrEmpty(Login1.Password))
{
Page.RegisterClientScriptBlock("Add", "<mce:script lanuage=\"javascript\"><!--
alert('用户名密码不能为空!');
// --></mce:script>");
return;
}
elseif (ValidateUserInfo(Login1.UserName, Login1.Password) == false)
{
Page.RegisterClientScriptBlock("Add", "<mce:script lanuage=\"javascript\"><!--
alert('用户名密码错误!');
// --></mce:script>");
return;
}
else
{
Session["CurrUserName"] = Login1.UserName;
Session.Timeout = 120;
SSORequest ssoRequest = ViewState["SSORequest"] as SSORequest;
// 如果不是从各分站 Post 过来的请求,则默认登录主站
if (ssoRequest == null)
{
FormsAuthentication.SetAuthCookie(Login1.UserName, false);
ssoRequest = new SSORequest();
//主站标识ID
ssoRequest.IASID = "00";
ssoRequest.AppUrl = "SiteList.aspx";
ssoRequest.TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm");
ssoRequest.Authenticator = string.Empty;
Response.Redirect("SiteList.aspx");
}
ssoRequest.UserAccount = Login1.UserName;
//创建Token
if (Authentication.CreateEACToken(ssoRequest))
{
string expireTime = DateTime.Now.AddHours(3).ToString("yyyy-MM-dd HH:mm");
Authentication.CreatEACCookie(ssoRequest.UserAccount, ssoRequest.TimeStamp, expireTime);
Post(ssoRequest);
}
}
}
}
代码说明:验证分站post过来的Token请求,如果用户已经登录,则创建认证中心发往各分站的 Token验证,转向分站,否之则返回登录。若是直接登录主站则转向站点选择页面sitelist.aspx,选择你要登录的分站点。
如图:
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Text;
public partial class _Default : System.Web.UI.Page
{
protectedvoid Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
#region SSO 部分代码
SSORequest ssoRequest = new SSORequest();
if (string.IsNullOrEmpty(Request["IASID"]))
{
ssoRequest.IASID = "01";
ssoRequest.TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm");
ssoRequest.AppUrl = Request.Url.ToString();
Authentication.CreateAppToken(ssoRequest);
Post(ssoRequest);
}
elseif (!string.IsNullOrEmpty(Request["IASID"])
&& !string.IsNullOrEmpty(Request["TimeStamp"])
&& !string.IsNullOrEmpty(Request["AppUrl"])
&& !string.IsNullOrEmpty(Request["UserAccount"])
&& !string.IsNullOrEmpty(Request["Authenticator"]))
{
ssoRequest.IASID = Request["IASID"];
ssoRequest.TimeStamp = Request["TimeStamp"];
ssoRequest.AppUrl = Request["AppUrl"];
ssoRequest.UserAccount = Request["UserAccount"];
ssoRequest.Authenticator = Request["Authenticator"];
if (Authentication.ValidateEACToken(ssoRequest))
{
//从数据库中获取UserId
Session["CurrUserName"] = Request["UserAccount"];
Session.Timeout = 120;
FormsAuthentication.SetAuthCookie(Request["UserAccount"], false);
Response.Write(string.Format("{0},您好!欢迎来到site1, >> 访问<a href="\" mce_href="\""http://localhost/Site2/Default.aspx\">site2</a>",ssoRequest.UserAccount));
}
}
ViewState["SSORequest"] = ssoRequest;
#endregion
}
}
void Post(SSORequest ssoRequest)
{
PostService ps = new PostService();
//认证中心(主站)地址
string EACUrl = "http://localhost/MasterSite/Default.aspx";
ps.Url = EACUrl;
//ps.Add("UserAccount", ssoRequest.UserAccount);
ps.Add("IASID", ssoRequest.IASID);
ps.Add("TimeStamp", ssoRequest.TimeStamp);
ps.Add("AppUrl", ssoRequest.AppUrl);
ps.Add("Authenticator", ssoRequest.Authenticator);
ps.Post();
}
//注销登录
protectedvoid LinkButton2_Click(object sender, EventArgs e)
{
FormsAuthentication.SignOut();
SSORequest ssoRequest = new SSORequest();
ssoRequest.IASID = "01";
ssoRequest.TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm");
ssoRequest.AppUrl = Request.Url.ToString();
Authentication.CreateAppToken(ssoRequest);
PostService ps = new PostService();
//认证中心(主站)地址
string EACUrl = "http://localhost/MasterSite/Default.aspx";
ps.Url = EACUrl;
ps.Add("IASID", ssoRequest.IASID);
ps.Add("TimeStamp", ssoRequest.TimeStamp);
ps.Add("AppUrl", ssoRequest.AppUrl);
ps.Add("Authenticator", ssoRequest.Authenticator);
ps.Add("Logout", "true");
ps.Post();
}
//返回主站
protectedvoid LinkButton1_Click(object sender, EventArgs e)
{
if (Session["CurrUserName"] != null)
{
Response.Redirect("http://localhost/MasterSite/SiteList.aspx");
}
}
}
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Text;
public partial class _Default : System.Web.UI.Page
{
protectedvoid Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
#region SSO 部分代码
SSORequest ssoRequest = new SSORequest();
if (string.IsNullOrEmpty(Request["IASID"]))
{
ssoRequest.IASID = "01";
ssoRequest.TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm");
ssoRequest.AppUrl = Request.Url.ToString();
Authentication.CreateAppToken(ssoRequest);
Post(ssoRequest);
}
elseif (!string.IsNullOrEmpty(Request["IASID"])
&& !string.IsNullOrEmpty(Request["TimeStamp"])
&& !string.IsNullOrEmpty(Request["AppUrl"])
&& !string.IsNullOrEmpty(Request["UserAccount"])
&& !string.IsNullOrEmpty(Request["Authenticator"]))
{
ssoRequest.IASID = Request["IASID"];
ssoRequest.TimeStamp = Request["TimeStamp"];
ssoRequest.AppUrl = Request["AppUrl"];
ssoRequest.UserAccount = Request["UserAccount"];
ssoRequest.Authenticator = Request["Authenticator"];
if (Authentication.ValidateEACToken(ssoRequest))
{
//从数据库中获取UserId
Session["CurrUserName"] = Request["UserAccount"];
Session.Timeout = 120;
FormsAuthentication.SetAuthCookie(Request["UserAccount"], false);
Response.Write(string.Format("{0},您好!欢迎来到site1, >> 访问<a href="\" mce_href="\""http://localhost/Site2/Default.aspx\">site2</a>",ssoRequest.UserAccount));
}
}
ViewState["SSORequest"] = ssoRequest;
#endregion
}
}
void Post(SSORequest ssoRequest)
{
PostService ps = new PostService();
//认证中心(主站)地址
string EACUrl = "http://localhost/MasterSite/Default.aspx";
ps.Url = EACUrl;
//ps.Add("UserAccount", ssoRequest.UserAccount);
ps.Add("IASID", ssoRequest.IASID);
ps.Add("TimeStamp", ssoRequest.TimeStamp);
ps.Add("AppUrl", ssoRequest.AppUrl);
ps.Add("Authenticator", ssoRequest.Authenticator);
ps.Post();
}
//注销登录
protectedvoid LinkButton2_Click(object sender, EventArgs e)
{
FormsAuthentication.SignOut();
SSORequest ssoRequest = new SSORequest();
ssoRequest.IASID = "01";
ssoRequest.TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm");
ssoRequest.AppUrl = Request.Url.ToString();
Authentication.CreateAppToken(ssoRequest);
PostService ps = new PostService();
//认证中心(主站)地址
string EACUrl = "http://localhost/MasterSite/Default.aspx";
ps.Url = EACUrl;
ps.Add("IASID", ssoRequest.IASID);
ps.Add("TimeStamp", ssoRequest.TimeStamp);
ps.Add("AppUrl", ssoRequest.AppUrl);
ps.Add("Authenticator", ssoRequest.Authenticator);
ps.Add("Logout", "true");
ps.Post();
}
//返回主站
protectedvoid LinkButton1_Click(object sender, EventArgs e)
{
if (Session["CurrUserName"] != null)
{
Response.Redirect("http://localhost/MasterSite/SiteList.aspx");
}
}
}
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
public partial class _Default : System.Web.UI.Page
{
protectedvoid Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
#region SSO 部分代码
SSORequest ssoRequest = new SSORequest();
if (string.IsNullOrEmpty(Request["IASID"]))
{
ssoRequest.IASID = "02";
ssoRequest.TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm");
ssoRequest.AppUrl = Request.Url.ToString();
Authentication.CreateAppToken(ssoRequest);
Post(ssoRequest);
}
elseif (!string.IsNullOrEmpty(Request["IASID"])
&& !string.IsNullOrEmpty(Request["TimeStamp"])
&& !string.IsNullOrEmpty(Request["AppUrl"])
&& !string.IsNullOrEmpty(Request["UserAccount"])
&& !string.IsNullOrEmpty(Request["Authenticator"]))
{
ssoRequest.IASID = Request["IASID"];
ssoRequest.TimeStamp = Request["TimeStamp"];
ssoRequest.AppUrl = Request["AppUrl"];
ssoRequest.UserAccount = Request["UserAccount"];
ssoRequest.Authenticator = Request["Authenticator"];
if (Authentication.ValidateEACToken(ssoRequest))
{
Session["CurrUserName"] = Request["UserAccount"];
Session.Timeout = 120;
FormsAuthentication.SetAuthCookie(Request["UserAccount"], false);
Response.Write(string.Format("{0},您好!欢迎来到site2, >> 访问<a href="\" mce_href="\""http://localhost/Site1/Default.aspx\">site1</a>", ssoRequest.UserAccount));
}
}
ViewState["SSORequest"] = ssoRequest;
#endregion
}
}
void Post(SSORequest ssoRequest)
{
PostService ps = new PostService();
//认证中心(主站)地址
string EACUrl = "http://localhost/MasterSite/Default.aspx";
ps.Url = EACUrl;
//ps.Add("UserAccount", ssoRequest.UserAccount);
ps.Add("IASID", ssoRequest.IASID);
ps.Add("TimeStamp", ssoRequest.TimeStamp);
ps.Add("AppUrl", ssoRequest.AppUrl);
ps.Add("Authenticator", ssoRequest.Authenticator);
ps.Post();
}
//注销登录
protectedvoid LinkButton2_Click(object sender, EventArgs e)
{
FormsAuthentication.SignOut();
SSORequest ssoRequest = new SSORequest();
ssoRequest.IASID = "02";
ssoRequest.TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm");
ssoRequest.AppUrl = Request.Url.ToString();
Authentication.CreateAppToken(ssoRequest);
PostService ps = new PostService();
//认证中心(主站)地址
string EACUrl = "http://localhost/MasterSite/Default.aspx";
ps.Url = EACUrl;
ps.Add("IASID", ssoRequest.IASID);
ps.Add("TimeStamp", ssoRequest.TimeStamp);
ps.Add("AppUrl", ssoRequest.AppUrl);
ps.Add("Authenticator", ssoRequest.Authenticator);
ps.Add("Logout", "true");
ps.Post();
}
//返回主站
protectedvoid LinkButton1_Click(object sender, EventArgs e)
{
if (Session["CurrUserName"] != null)
{
Response.Redirect("http://localhost/MasterSite/SiteList.aspx");
}
}
}
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
public partial class _Default : System.Web.UI.Page
{
protectedvoid Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
#region SSO 部分代码
SSORequest ssoRequest = new SSORequest();
if (string.IsNullOrEmpty(Request["IASID"]))
{
ssoRequest.IASID = "02";
ssoRequest.TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm");
ssoRequest.AppUrl = Request.Url.ToString();
Authentication.CreateAppToken(ssoRequest);
Post(ssoRequest);
}
elseif (!string.IsNullOrEmpty(Request["IASID"])
&& !string.IsNullOrEmpty(Request["TimeStamp"])
&& !string.IsNullOrEmpty(Request["AppUrl"])
&& !string.IsNullOrEmpty(Request["UserAccount"])
&& !string.IsNullOrEmpty(Request["Authenticator"]))
{
ssoRequest.IASID = Request["IASID"];
ssoRequest.TimeStamp = Request["TimeStamp"];
ssoRequest.AppUrl = Request["AppUrl"];
ssoRequest.UserAccount = Request["UserAccount"];
ssoRequest.Authenticator = Request["Authenticator"];
if (Authentication.ValidateEACToken(ssoRequest))
{
Session["CurrUserName"] = Request["UserAccount"];
Session.Timeout = 120;
FormsAuthentication.SetAuthCookie(Request["UserAccount"], false);
Response.Write(string.Format("{0},您好!欢迎来到site2, >> 访问<a href="\" mce_href="\""http://localhost/Site1/Default.aspx\">site1</a>", ssoRequest.UserAccount));
}
}
ViewState["SSORequest"] = ssoRequest;
#endregion
}
}
void Post(SSORequest ssoRequest)
{
PostService ps = new PostService();
//认证中心(主站)地址
string EACUrl = "http://localhost/MasterSite/Default.aspx";
ps.Url = EACUrl;
//ps.Add("UserAccount", ssoRequest.UserAccount);
ps.Add("IASID", ssoRequest.IASID);
ps.Add("TimeStamp", ssoRequest.TimeStamp);
ps.Add("AppUrl", ssoRequest.AppUrl);
ps.Add("Authenticator", ssoRequest.Authenticator);
ps.Post();
}
//注销登录
protectedvoid LinkButton2_Click(object sender, EventArgs e)
{
FormsAuthentication.SignOut();
SSORequest ssoRequest = new SSORequest();
ssoRequest.IASID = "02";
ssoRequest.TimeStamp = DateTime.Now.ToString("yyyy-MM-dd HH:mm");
ssoRequest.AppUrl = Request.Url.ToString();
Authentication.CreateAppToken(ssoRequest);
PostService ps = new PostService();
//认证中心(主站)地址
string EACUrl = "http://localhost/MasterSite/Default.aspx";
ps.Url = EACUrl;
ps.Add("IASID", ssoRequest.IASID);
ps.Add("TimeStamp", ssoRequest.TimeStamp);
ps.Add("AppUrl", ssoRequest.AppUrl);
ps.Add("Authenticator", ssoRequest.Authenticator);
ps.Add("Logout", "true");
ps.Post();
}
//返回主站
protectedvoid LinkButton1_Click(object sender, EventArgs e)
{
if (Session["CurrUserName"] != null)
{
Response.Redirect("http://localhost/MasterSite/SiteList.aspx");
}
}
}
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Collections.Generic;
using System.Text;
/// <summary>
/// 安全验证类
/// </summary>
publicclass Authentication
{
staticreadonlystring cookieName = "EACToken";
staticreadonlystring hashSplitter = "|";
public Authentication()
{
}
publicstaticstring GetAppKey(int appID)
{
//string cmdText = @"select * from ";
returnstring.Empty;
}
publicstaticstring GetAppKey()
{
return"22362E7A9285DD53A0BBC2932F9733C505DC04EDBFE00D70";
}
publicstaticstring GetAppIV()
{
return"1E7FA9231E7FA923";
}
/// <summary>
/// 取得加密服务
/// </summary>
/// <returns></returns>
static CryptoService GetCryptoService()
{
string key = GetAppKey();
string IV = GetAppIV();
CryptoService cs = new CryptoService(key, IV);
return cs;
}
/// <summary>
/// 创建各分站发往认证中心的 Token
/// </summary>
/// <param name="ssoRequest"></param>
/// <returns></returns>
publicstaticbool CreateAppToken(SSORequest ssoRequest)
{
string OriginalAuthenticator = ssoRequest.IASID + ssoRequest.TimeStamp + ssoRequest.AppUrl;
string AuthenticatorDigest = CryptoHelper.ComputeHashString(OriginalAuthenticator);
string sToEncrypt = OriginalAuthenticator + AuthenticatorDigest;
byte[] bToEncrypt = CryptoHelper.ConvertStringToByteArray(sToEncrypt);
CryptoService cs = GetCryptoService();
byte[] encrypted;
if (cs.Encrypt(bToEncrypt, out encrypted))
{
ssoRequest.Authenticator = CryptoHelper.ToBase64String(encrypted);
returntrue;
}
else
{
returnfalse;
}
}
/// <summary>
/// 验证从各分站发送过来的 Token
/// </summary>
/// <param name="ssoRequest"></param>
/// <returns></returns>
publicstaticbool ValidateAppToken(SSORequest ssoRequest)
{
string Authenticator = ssoRequest.Authenticator;
string OriginalAuthenticator = ssoRequest.IASID + ssoRequest.TimeStamp + ssoRequest.AppUrl;
string AuthenticatorDigest = CryptoHelper.ComputeHashString(OriginalAuthenticator);
string sToEncrypt = OriginalAuthenticator + AuthenticatorDigest;
byte[] bToEncrypt = CryptoHelper.ConvertStringToByteArray(sToEncrypt);
CryptoService cs = GetCryptoService();
byte[] encrypted;
if (cs.Encrypt(bToEncrypt, out encrypted))
{
return Authenticator == CryptoHelper.ToBase64String(encrypted);
}
else
{
returnfalse;
}
}
/// <summary>
/// 创建认证中心发往各分站的 Token
/// </summary>
/// <param name="ssoRequest"></param>
/// <returns></returns>
publicstaticbool CreateEACToken(SSORequest ssoRequest)
{
string OriginalAuthenticator = ssoRequest.UserAccount + ssoRequest.IASID + ssoRequest.TimeStamp + ssoRequest.AppUrl;
string AuthenticatorDigest = CryptoHelper.ComputeHashString(OriginalAuthenticator);
string sToEncrypt = OriginalAuthenticator + AuthenticatorDigest;
byte[] bToEncrypt = CryptoHelper.ConvertStringToByteArray(sToEncrypt);
CryptoService cs = GetCryptoService();
byte[] encrypted;
if (cs.Encrypt(bToEncrypt, out encrypted))
{
ssoRequest.Authenticator = CryptoHelper.ToBase64String(encrypted);
returntrue;
}
else
{
returnfalse;
}
}
/// <summary>
/// 验证从认证中心发送过来的 Token
/// </summary>
/// <param name="ssoRequest"></param>
/// <returns></returns>
publicstaticbool ValidateEACToken(SSORequest ssoRequest)
{
string Authenticator = ssoRequest.Authenticator;
string OriginalAuthenticator = ssoRequest.UserAccount + ssoRequest.IASID + ssoRequest.TimeStamp + ssoRequest.AppUrl;
string AuthenticatorDigest = CryptoHelper.ComputeHashString(OriginalAuthenticator);
string sToEncrypt = OriginalAuthenticator + AuthenticatorDigest;
byte[] bToEncrypt = CryptoHelper.ConvertStringToByteArray(sToEncrypt);
string EncryCurrentAuthenticator = string.Empty;
CryptoService cs = GetCryptoService();
byte[] encrypted;
if (cs.Encrypt(bToEncrypt, out encrypted))
{
EncryCurrentAuthenticator = CryptoHelper.ToBase64String(encrypted);
return Authenticator == EncryCurrentAuthenticator;
}
else
{
returnfalse;
}
}
/// <summary>
/// 创建 EAC 认证中心的 Cookie
/// </summary>
/// <param name="userAccount"></param>
/// <param name="timeStamp"></param>
/// <param name="expireTime"></param>
/// <param name="cookieValue"></param>
/// <returns></returns>
publicstaticbool CreatEACCookie(string userAccount, string timeStamp, string expireTime)
{
string plainText = "UserAccount=" + userAccount + ";TimeStamp=" + timeStamp + ";ExpireTime=" + expireTime;
plainText += hashSplitter + CryptoHelper.ComputeHashString(plainText);
CryptoService cs = GetCryptoService();
byte[] encrypted;
if (cs.Encrypt(CryptoHelper.ConvertStringToByteArray(plainText), out encrypted))
{
string cookieValue = CryptoHelper.ToBase64String(encrypted);
SetCookie(cookieValue);
returntrue;
}
else
{
returnfalse;
}
}
/// <summary>
/// 验证 EAC 认证中心的 Cookie,验证通过时获取用户登录账号
/// </summary>
/// <param name="userAccount">输出用户登录账号</param>
/// <returns></returns>
publicstaticbool ValidateEACCookie(outstring userAccount)
{
userAccount = string.Empty;
try
{
string cookieValue = GetCookie().Value;
byte[] toDecrypt = CryptoHelper.FromBase64String(cookieValue);
CryptoService cs = GetCryptoService();
string decrypted = string.Empty;
if (cs.Decrypt(toDecrypt, out decrypted))
{
string[] arrTemp = decrypted.Split(Convert.ToChar(hashSplitter));
string plainText = arrTemp[0];
string hashedText = arrTemp[1];
userAccount = plainText.Split(Convert.ToChar(";"))[0].Split(Convert.ToChar("="))[1];
return hashedText.Replace("\0", string.Empty) == CryptoHelper.ComputeHashString(plainText);
}
else
{
returnfalse;
}
}
catch (Exception e)
{
returnfalse;
}
}
publicstaticvoid Logout()
{
HttpContext.Current.Response.Cookies[cookieName].Expires = DateTime.Parse("1900-1-1");
HttpContext.Current.Response.Cookies[cookieName].Path = "/";
}
privatestaticvoid SetCookie(string cookieValue)
{
HttpContext.Current.Response.Cookies[cookieName].Value = cookieValue;
HttpContext.Current.Response.Cookies[cookieName].Expires = DateTime.Now.AddHours(24);
HttpContext.Current.Response.Cookies[cookieName].Path = "/";
}
privatestatic HttpCookie GetCookie()
{
HttpCookie cookie = HttpContext.Current.Request.Cookies["EACToken"];
return cookie;
}
}
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Collections.Generic;
using System.Text;
/// <summary>
/// 安全验证类
/// </summary>
publicclass Authentication
{
staticreadonlystring cookieName = "EACToken";
staticreadonlystring hashSplitter = "|";
public Authentication()
{
}
publicstaticstring GetAppKey(int appID)
{
//string cmdText = @"select * from ";
returnstring.Empty;
}
publicstaticstring GetAppKey()
{
return"22362E7A9285DD53A0BBC2932F9733C505DC04EDBFE00D70";
}
publicstaticstring GetAppIV()
{
return"1E7FA9231E7FA923";
}
/// <summary>
/// 取得加密服务
/// </summary>
/// <returns></returns>
static CryptoService GetCryptoService()
{
string key = GetAppKey();
string IV = GetAppIV();
CryptoService cs = new CryptoService(key, IV);
return cs;
}
/// <summary>
/// 创建各分站发往认证中心的 Token
/// </summary>
/// <param name="ssoRequest"></param>
/// <returns></returns>
publicstaticbool CreateAppToken(SSORequest ssoRequest)
{
string OriginalAuthenticator = ssoRequest.IASID + ssoRequest.TimeStamp + ssoRequest.AppUrl;
string AuthenticatorDigest = CryptoHelper.ComputeHashString(OriginalAuthenticator);
string sToEncrypt = OriginalAuthenticator + AuthenticatorDigest;
byte[] bToEncrypt = CryptoHelper.ConvertStringToByteArray(sToEncrypt);
CryptoService cs = GetCryptoService();
byte[] encrypted;
if (cs.Encrypt(bToEncrypt, out encrypted))
{
ssoRequest.Authenticator = CryptoHelper.ToBase64String(encrypted);
returntrue;
}
else
{
returnfalse;
}
}
/// <summary>
/// 验证从各分站发送过来的 Token
/// </summary>
/// <param name="ssoRequest"></param>
/// <returns></returns>
publicstaticbool ValidateAppToken(SSORequest ssoRequest)
{
string Authenticator = ssoRequest.Authenticator;
string OriginalAuthenticator = ssoRequest.IASID + ssoRequest.TimeStamp + ssoRequest.AppUrl;
string AuthenticatorDigest = CryptoHelper.ComputeHashString(OriginalAuthenticator);
string sToEncrypt = OriginalAuthenticator + AuthenticatorDigest;
byte[] bToEncrypt = CryptoHelper.ConvertStringToByteArray(sToEncrypt);
CryptoService cs = GetCryptoService();
byte[] encrypted;
if (cs.Encrypt(bToEncrypt, out encrypted))
{
return Authenticator == CryptoHelper.ToBase64String(encrypted);
}
else
{
returnfalse;
}
}
/// <summary>
/// 创建认证中心发往各分站的 Token
/// </summary>
/// <param name="ssoRequest"></param>
/// <returns></returns>
publicstaticbool CreateEACToken(SSORequest ssoRequest)
{
string OriginalAuthenticator = ssoRequest.UserAccount + ssoRequest.IASID + ssoRequest.TimeStamp + ssoRequest.AppUrl;
string AuthenticatorDigest = CryptoHelper.ComputeHashString(OriginalAuthenticator);
string sToEncrypt = OriginalAuthenticator + AuthenticatorDigest;
byte[] bToEncrypt = CryptoHelper.ConvertStringToByteArray(sToEncrypt);
CryptoService cs = GetCryptoService();
byte[] encrypted;
if (cs.Encrypt(bToEncrypt, out encrypted))
{
ssoRequest.Authenticator = CryptoHelper.ToBase64String(encrypted);
returntrue;
}
else
{
returnfalse;
}
}
/// <summary>
/// 验证从认证中心发送过来的 Token
/// </summary>
/// <param name="ssoRequest"></param>
/// <returns></returns>
publicstaticbool ValidateEACToken(SSORequest ssoRequest)
{
string Authenticator = ssoRequest.Authenticator;
string OriginalAuthenticator = ssoRequest.UserAccount + ssoRequest.IASID + ssoRequest.TimeStamp + ssoRequest.AppUrl;
string AuthenticatorDigest = CryptoHelper.ComputeHashString(OriginalAuthenticator);
string sToEncrypt = OriginalAuthenticator + AuthenticatorDigest;
byte[] bToEncrypt = CryptoHelper.ConvertStringToByteArray(sToEncrypt);
string EncryCurrentAuthenticator = string.Empty;
CryptoService cs = GetCryptoService();
byte[] encrypted;
if (cs.Encrypt(bToEncrypt, out encrypted))
{
EncryCurrentAuthenticator = CryptoHelper.ToBase64String(encrypted);
return Authenticator == EncryCurrentAuthenticator;
}
else
{
returnfalse;
}
}
/// <summary>
/// 创建 EAC 认证中心的 Cookie
/// </summary>
/// <param name="userAccount"></param>
/// <param name="timeStamp"></param>
/// <param name="expireTime"></param>
/// <param name="cookieValue"></param>
/// <returns></returns>
publicstaticbool CreatEACCookie(string userAccount, string timeStamp, string expireTime)
{
string plainText = "UserAccount=" + userAccount + ";TimeStamp=" + timeStamp + ";ExpireTime=" + expireTime;
plainText += hashSplitter + CryptoHelper.ComputeHashString(plainText);
CryptoService cs = GetCryptoService();
byte[] encrypted;
if (cs.Encrypt(CryptoHelper.ConvertStringToByteArray(plainText), out encrypted))
{
string cookieValue = CryptoHelper.ToBase64String(encrypted);
SetCookie(cookieValue);
returntrue;
}
else
{
returnfalse;
}
}
/// <summary>
/// 验证 EAC 认证中心的 Cookie,验证通过时获取用户登录账号
/// </summary>
/// <param name="userAccount">输出用户登录账号</param>
/// <returns></returns>
publicstaticbool ValidateEACCookie(outstring userAccount)
{
userAccount = string.Empty;
try
{
string cookieValue = GetCookie().Value;
byte[] toDecrypt = CryptoHelper.FromBase64String(cookieValue);
CryptoService cs = GetCryptoService();
string decrypted = string.Empty;
if (cs.Decrypt(toDecrypt, out decrypted))
{
string[] arrTemp = decrypted.Split(Convert.ToChar(hashSplitter));
string plainText = arrTemp[0];
string hashedText = arrTemp[1];
userAccount = plainText.Split(Convert.ToChar(";"))[0].Split(Convert.ToChar("="))[1];
return hashedText.Replace("\0", string.Empty) == CryptoHelper.ComputeHashString(plainText);
}
else
{
returnfalse;
}
}
catch (Exception e)
{
returnfalse;
}
}
publicstaticvoid Logout()
{
HttpContext.Current.Response.Cookies[cookieName].Expires = DateTime.Parse("1900-1-1");
HttpContext.Current.Response.Cookies[cookieName].Path = "/";
}
privatestaticvoid SetCookie(string cookieValue)
{
HttpContext.Current.Response.Cookies[cookieName].Value = cookieValue;
HttpContext.Current.Response.Cookies[cookieName].Expires = DateTime.Now.AddHours(24);
HttpContext.Current.Response.Cookies[cookieName].Path = "/";
}
privatestatic HttpCookie GetCookie()
{
HttpCookie cookie = HttpContext.Current.Request.Cookies["EACToken"];
return cookie;
}
}
using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Cryptography;
publicclass CryptoHelper
{
/// <summary>
/// 复合 Hash:string --> byte[] --> hashed byte[] --> base64 string
/// </summary>
/// <param name="s"></param>
/// <returns></returns>
publicstaticstring ComputeHashString(string s)
{
return ToBase64String(ComputeHash(ConvertStringToByteArray(s)));
}
publicstaticbyte[] ComputeHash(byte[] buf)
{
//return ((HashAlgorithm)CryptoConfig.CreateFromName("SHA1")).ComputeHash(buf);
return SHA1.Create().ComputeHash(buf);
}
/// <summary>
/// //System.Convert.ToBase64String
/// </summary>
/// <param name="buf"></param>
/// <returns></returns>
publicstaticstring ToBase64String(byte[] buf)
{
return System.Convert.ToBase64String(buf);
}
publicstaticbyte[] FromBase64String(string s)
{
return System.Convert.FromBase64String(s);
}
/// <summary>
/// //Encoding.UTF8.GetBytes(s)
/// </summary>
/// <param name="s"></param>
/// <returns></returns>
publicstaticbyte[] ConvertStringToByteArray(String s)
{
return Encoding.UTF8.GetBytes(s);//gb2312
}
publicstaticstring ConvertByteArrayToString(byte[] buf)
{
//return System.Text.Encoding.GetEncoding("utf-8").GetString(buf);
return Encoding.UTF8.GetString(buf);
}
/// <summary>
/// 字节数组转换为十六进制字符串
/// </summary>
/// <param name="buf"></param>
/// <returns></returns>
publicstaticstring ByteArrayToHexString(byte[] buf)
{
StringBuilder sb = new StringBuilder();
for (int i = 0; i < buf.Length; i++)
{
sb.Append(buf[i].ToString("X").Length == 2 ? buf[i].ToString("X") : "0" + buf[i].ToString("X"));
}
return sb.ToString();
}
/// <summary>
/// 十六进制字符串转换为字节数组
/// </summary>
/// <param name="s"></param>
/// <returns></returns>
publicstaticbyte[] HexStringToByteArray(string s)
{
Byte[] buf = newbyte[s.Length / 2];
for (int i = 0; i < buf.Length; i++)
{
buf[i] = (byte)(Char2Hex(s.Substring(i * 2, 1)) * 0x10 + Char2Hex(s.Substring(i * 2 + 1, 1)));
}
return buf;
}
privatestaticbyte Char2Hex(string chr)
{
switch (chr)
{
case"0":
return 0x00;
case"1":
return 0x01;
case"2":
return 0x02;
case"3":
return 0x03;
case"4":
return 0x04;
case"5":
return 0x05;
case"6":
return 0x06;
case"7":
return 0x07;
case"8":
return 0x08;
case"9":
return 0x09;
case"A":
return 0x0a;
case"B":
return 0x0b;
case"C":
return 0x0c;
case"D":
return 0x0d;
case"E":
return 0x0e;
case"F":
return 0x0f;
}
return 0x00;
}
}
using System;
using System.Collections.Generic;
using System.Text;
using System.Security.Cryptography;
publicclass CryptoHelper
{
/// <summary>
/// 复合 Hash:string --> byte[] --> hashed byte[] --> base64 string
/// </summary>
/// <param name="s"></param>
/// <returns></returns>
publicstaticstring ComputeHashString(string s)
{
return ToBase64String(ComputeHash(ConvertStringToByteArray(s)));
}
publicstaticbyte[] ComputeHash(byte[] buf)
{
//return ((HashAlgorithm)CryptoConfig.CreateFromName("SHA1")).ComputeHash(buf);
return SHA1.Create().ComputeHash(buf);
}
/// <summary>
/// //System.Convert.ToBase64String
/// </summary>
/// <param name="buf"></param>
/// <returns></returns>
publicstaticstring ToBase64String(byte[] buf)
{
return System.Convert.ToBase64String(buf);
}
publicstaticbyte[] FromBase64String(string s)
{
return System.Convert.FromBase64String(s);
}
/// <summary>
/// //Encoding.UTF8.GetBytes(s)
/// </summary>
/// <param name="s"></param>
/// <returns></returns>
publicstaticbyte[] ConvertStringToByteArray(String s)
{
return Encoding.UTF8.GetBytes(s);//gb2312
}
publicstaticstring ConvertByteArrayToString(byte[] buf)
{
//return System.Text.Encoding.GetEncoding("utf-8").GetString(buf);
return Encoding.UTF8.GetString(buf);
}
/// <summary>
/// 字节数组转换为十六进制字符串
/// </summary>
/// <param name="buf"></param>
/// <returns></returns>
publicstaticstring ByteArrayToHexString(byte[] buf)
{
StringBuilder sb = new StringBuilder();
for (int i = 0; i < buf.Length; i++)
{
sb.Append(buf[i].ToString("X").Length == 2 ? buf[i].ToString("X") : "0" + buf[i].ToString("X"));
}
return sb.ToString();
}
/// <summary>
/// 十六进制字符串转换为字节数组
/// </summary>
/// <param name="s"></param>
/// <returns></returns>
publicstaticbyte[] HexStringToByteArray(string s)
{
Byte[] buf = newbyte[s.Length / 2];
for (int i = 0; i < buf.Length; i++)
{
buf[i] = (byte)(Char2Hex(s.Substring(i * 2, 1)) * 0x10 + Char2Hex(s.Substring(i * 2 + 1, 1)));
}
return buf;
}
privatestaticbyte Char2Hex(string chr)
{
switch (chr)
{
case"0":
return 0x00;
case"1":
return 0x01;
case"2":
return 0x02;
case"3":
return 0x03;
case"4":
return 0x04;
case"5":
return 0x05;
case"6":
return 0x06;
case"7":
return 0x07;
case"8":
return 0x08;
case"9":
return 0x09;
case"A":
return 0x0a;
case"B":
return 0x0b;
case"C":
return 0x0c;
case"D":
return 0x0d;
case"E":
return 0x0e;
case"F":
return 0x0f;
}
return 0x00;
}
}
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Text;
using System.Security.Cryptography;
using System.IO;
publicclass CryptoService
{
/// <summary>
/// 加密的密钥
/// </summary>
string sKey = "22362E7A9285DD53A0BBC2932F9733C505DC04EDBFE00D70";
string sIV = "1E7FA9231E7FA923";
byte[] byteKey;
byte[] byteIV;
/// <summary>
/// 加密向量
/// </summary>
staticbyte[] bIV ={ 1, 2, 3, 4, 5, 6, 7, 8 };
public CryptoService()
{ }
public CryptoService(string key, string IV)
{
sKey = key;
sIV = IV;
byteKey = CryptoHelper.HexStringToByteArray(sKey);
byteIV = CryptoHelper.HexStringToByteArray(sIV);
}
/// <summary>
/// 将明文加密,返回密文
/// </summary>
/// <param name="Data">要加密的字串</param>
/// <returns></returns>
publicbyte[] Encrypt(string Data)
{
try
{
byte[] ret;
using (MemoryStream mStream = new MemoryStream())
using (CryptoStream cStream = new CryptoStream(mStream,
new TripleDESCryptoServiceProvider().CreateEncryptor(byteKey, byteIV),
CryptoStreamMode.Write))
{
byte[] toEncrypt = new ASCIIEncoding().GetBytes(Data);
// Write the byte array to the crypto stream and flush it.
cStream.Write(toEncrypt, 0, toEncrypt.Length);
cStream.FlushFinalBlock();
// Get an array of bytes from the
// MemoryStream that holds the
// encrypted data.
ret = mStream.ToArray();
}
return ret;
}
catch (CryptographicException e)
{
//Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
returnnull;
}
}
/// <summary>
/// 将明文加密,返回密文
/// </summary>
/// <param name="toEncrypt">明文</param>
/// <param name="encrypted">密文</param>
/// <returns></returns>
publicbool Encrypt(byte[] toEncrypt, outbyte[] encrypted)
{
encrypted = null;
try
{
// Create a new MemoryStream using the passed
// array of encrypted data.
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
using (MemoryStream mStream = new MemoryStream())
using (CryptoStream cStream = new CryptoStream(mStream,
new TripleDESCryptoServiceProvider().CreateEncryptor(byteKey, byteIV),
CryptoStreamMode.Write))
{
// Write the byte array to the crypto stream and flush it.
cStream.Write(toEncrypt, 0, toEncrypt.Length);
cStream.FlushFinalBlock();
// Get an array of bytes from the
// MemoryStream that holds the
// encrypted data.
encrypted = mStream.ToArray();
}
returntrue;
}
catch (CryptographicException e)
{
//Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
returnfalse;
}
}
/// <summary>
/// 将明文加密,返回 Base64 字符串
/// </summary>
/// <param name="Data"></param>
/// <returns></returns>
publicstring EncryptToString(string Data)
{
try
{
string base64String = string.Empty;
using (MemoryStream mStream = new MemoryStream())
using (CryptoStream cStream = new CryptoStream(mStream,
new TripleDESCryptoServiceProvider().CreateEncryptor(byteKey, byteIV),
CryptoStreamMode.Write))
{
byte[] toEncrypt = new ASCIIEncoding().GetBytes(Data);
cStream.Write(toEncrypt, 0, toEncrypt.Length);
cStream.FlushFinalBlock();
byte[] ret = mStream.ToArray();
base64String = Convert.ToBase64String(ret);
}
return base64String;
}
catch (CryptographicException e)
{
returnnull;
}
}
/// <summary>
/// 将密文解密,返回明文
/// </summary>
/// <param name="Data">密文</param>
/// <returns>明文</returns>
publicbool Decrypt(byte[] Data, outstring decrypted)
{
decrypted = string.Empty;
try
{
using (MemoryStream msDecrypt = new MemoryStream(Data))
using (CryptoStream csDecrypt = new CryptoStream(msDecrypt,
new TripleDESCryptoServiceProvider().CreateDecryptor(byteKey, byteIV),
CryptoStreamMode.Read))
{
byte[] fromEncrypt = newbyte[Data.Length];
// Read the decrypted data out of the crypto stream
// and place it into the temporary buffer.
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
decrypted = Encoding.UTF8.GetString(fromEncrypt);//new ASCIIEncoding().GetString(fromEncrypt);
returntrue;
}
}
catch (CryptographicException e)
{
returnfalse;
}
}
}
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Text;
using System.Security.Cryptography;
using System.IO;
publicclass CryptoService
{
/// <summary>
/// 加密的密钥
/// </summary>
string sKey = "22362E7A9285DD53A0BBC2932F9733C505DC04EDBFE00D70";
string sIV = "1E7FA9231E7FA923";
byte[] byteKey;
byte[] byteIV;
/// <summary>
/// 加密向量
/// </summary>
staticbyte[] bIV ={ 1, 2, 3, 4, 5, 6, 7, 8 };
public CryptoService()
{ }
public CryptoService(string key, string IV)
{
sKey = key;
sIV = IV;
byteKey = CryptoHelper.HexStringToByteArray(sKey);
byteIV = CryptoHelper.HexStringToByteArray(sIV);
}
/// <summary>
/// 将明文加密,返回密文
/// </summary>
/// <param name="Data">要加密的字串</param>
/// <returns></returns>
publicbyte[] Encrypt(string Data)
{
try
{
byte[] ret;
using (MemoryStream mStream = new MemoryStream())
using (CryptoStream cStream = new CryptoStream(mStream,
new TripleDESCryptoServiceProvider().CreateEncryptor(byteKey, byteIV),
CryptoStreamMode.Write))
{
byte[] toEncrypt = new ASCIIEncoding().GetBytes(Data);
// Write the byte array to the crypto stream and flush it.
cStream.Write(toEncrypt, 0, toEncrypt.Length);
cStream.FlushFinalBlock();
// Get an array of bytes from the
// MemoryStream that holds the
// encrypted data.
ret = mStream.ToArray();
}
return ret;
}
catch (CryptographicException e)
{
//Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
returnnull;
}
}
/// <summary>
/// 将明文加密,返回密文
/// </summary>
/// <param name="toEncrypt">明文</param>
/// <param name="encrypted">密文</param>
/// <returns></returns>
publicbool Encrypt(byte[] toEncrypt, outbyte[] encrypted)
{
encrypted = null;
try
{
// Create a new MemoryStream using the passed
// array of encrypted data.
// Create a CryptoStream using the MemoryStream
// and the passed key and initialization vector (IV).
using (MemoryStream mStream = new MemoryStream())
using (CryptoStream cStream = new CryptoStream(mStream,
new TripleDESCryptoServiceProvider().CreateEncryptor(byteKey, byteIV),
CryptoStreamMode.Write))
{
// Write the byte array to the crypto stream and flush it.
cStream.Write(toEncrypt, 0, toEncrypt.Length);
cStream.FlushFinalBlock();
// Get an array of bytes from the
// MemoryStream that holds the
// encrypted data.
encrypted = mStream.ToArray();
}
returntrue;
}
catch (CryptographicException e)
{
//Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
returnfalse;
}
}
/// <summary>
/// 将明文加密,返回 Base64 字符串
/// </summary>
/// <param name="Data"></param>
/// <returns></returns>
publicstring EncryptToString(string Data)
{
try
{
string base64String = string.Empty;
using (MemoryStream mStream = new MemoryStream())
using (CryptoStream cStream = new CryptoStream(mStream,
new TripleDESCryptoServiceProvider().CreateEncryptor(byteKey, byteIV),
CryptoStreamMode.Write))
{
byte[] toEncrypt = new ASCIIEncoding().GetBytes(Data);
cStream.Write(toEncrypt, 0, toEncrypt.Length);
cStream.FlushFinalBlock();
byte[] ret = mStream.ToArray();
base64String = Convert.ToBase64String(ret);
}
return base64String;
}
catch (CryptographicException e)
{
returnnull;
}
}
/// <summary>
/// 将密文解密,返回明文
/// </summary>
/// <param name="Data">密文</param>
/// <returns>明文</returns>
publicbool Decrypt(byte[] Data, outstring decrypted)
{
decrypted = string.Empty;
try
{
using (MemoryStream msDecrypt = new MemoryStream(Data))
using (CryptoStream csDecrypt = new CryptoStream(msDecrypt,
new TripleDESCryptoServiceProvider().CreateDecryptor(byteKey, byteIV),
CryptoStreamMode.Read))
{
byte[] fromEncrypt = newbyte[Data.Length];
// Read the decrypted data out of the crypto stream
// and place it into the temporary buffer.
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
decrypted = Encoding.UTF8.GetString(fromEncrypt);//new ASCIIEncoding().GetString(fromEncrypt);
returntrue;
}
}
catch (CryptographicException e)
{
returnfalse;
}
}
}
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
[Serializable]
publicclass SSORequest : MarshalByRefObject
{
publicstring IASID; //各独立站点标识ID
publicstring TimeStamp; //时间戳
publicstring AppUrl; //各独立站点的访问地址
publicstring Authenticator; //各独立站点的 Token
publicstring UserAccount; //账号
publicstring Password; //密码
publicstring IPAddress; //IP地址
//为ssresponse对象做准备
publicstring ErrorDescription = "认证失败"; //用户认证通过,认证失败,包数据格式不正确,数据校验不正确
publicint Result = -1;
public SSORequest()
{
}
/// <summary>
/// 获取当前页面上的SSORequest对象
/// </summary>
/// <param name="CurrentPage"></param>
/// <returns></returns>
publicstatic SSORequest GetRequest(Page CurrentPage)
{
SSORequest request = new SSORequest();
request.IPAddress = CurrentPage.Request.UserHostAddress;
request.IASID = CurrentPage.Request["IASID"].ToString();// Request本身会Decode
request.UserAccount = CurrentPage.Request["UserAccount"].ToString();//this.Text
request.Password = CurrentPage.Request["Password"].ToString();
request.AppUrl = CurrentPage.Request["AppUrl"].ToString();
request.Authenticator = CurrentPage.Request["Authenticator"].ToString();
request.TimeStamp = CurrentPage.Request["TimeStamp"].ToString();
return request;
}
}
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
[Serializable]
publicclass SSORequest : MarshalByRefObject
{
publicstring IASID; //各独立站点标识ID
publicstring TimeStamp; //时间戳
publicstring AppUrl; //各独立站点的访问地址
publicstring Authenticator; //各独立站点的 Token
publicstring UserAccount; //账号
publicstring Password; //密码
publicstring IPAddress; //IP地址
//为ssresponse对象做准备
publicstring ErrorDescription = "认证失败"; //用户认证通过,认证失败,包数据格式不正确,数据校验不正确
publicint Result = -1;
public SSORequest()
{
}
/// <summary>
/// 获取当前页面上的SSORequest对象
/// </summary>
/// <param name="CurrentPage"></param>
/// <returns></returns>
publicstatic SSORequest GetRequest(Page CurrentPage)
{
SSORequest request = new SSORequest();
request.IPAddress = CurrentPage.Request.UserHostAddress;
request.IASID = CurrentPage.Request["IASID"].ToString();// Request本身会Decode
request.UserAccount = CurrentPage.Request["UserAccount"].ToString();//this.Text
request.Password = CurrentPage.Request["Password"].ToString();
request.AppUrl = CurrentPage.Request["AppUrl"].ToString();
request.Authenticator = CurrentPage.Request["Authenticator"].ToString();
request.TimeStamp = CurrentPage.Request["TimeStamp"].ToString();
return request;
}
}