using Newtonsoft.Json;

using Newtonsoft.Json.Linq;

using System;

using System.Collections.Generic;

using System.Linq;

using System.Security.Cryptography;

using System.Text;

namespace DingDangSDK

{

    public class DingdangUserRetriever

    {

        private String token;

        private String publicKey;

        public DingdangUserRetriever(String token, String publicKey)

        {

            this.token = token;

            this.publicKey = publicKey;

        }

        public User retrieve(bool verify)

        {

            string result = decode(verify);

            User user = JsonConvert.DeserializeObject<User>(result);

            return user;

        }

        public static readonly DateTime UnixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);

        public static void Validate(string payloadJson)

        {

           JObject payloadData = (JObject)JsonConvert.DeserializeObject(payloadJson);//解析json

            var now = DateTime.UtcNow;

            var secondsSinceEpoch = Math.Round((now - UnixEpoch).TotalSeconds);

            // verify exp claim https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.4

            JToken expObj;

            if (payloadData.TryGetValue("exp", out expObj))

            {

                if (expObj == null)

                {

                    //throw new SignatureVerificationException("Claim 'exp' must be a number.");

                    throw new Exception("Claim 'exp' must be a number.");

                }

                double expValue;

                try

                {

                    expValue = Convert.ToDouble(expObj);

                }

                catch

                {

                    //throw new SignatureVerificationException("Claim 'exp' must be a number.");

                    throw new Exception("Claim 'exp' must be a number.");

                }

                if (secondsSinceEpoch >= expValue)

                {

                    //throw new TokenExpiredException("Token has expired.")

                    //{

                    //    Expiration = UnixEpoch.AddSeconds(expValue),

                    //    PayloadData = payloadData

                    //};

                    throw new Exception("Token has expired.");

                }

            }

            JToken nbfObj;

            if (payloadData.TryGetValue("nbf", out nbfObj))

            {

                if (nbfObj == null)

                {

                    //throw new SignatureVerificationException("Claim 'nbf' must be a number.");

                    throw new Exception("Claim 'nbf' must be a number.");

                }

                double nbfValue;

                try

                {

                    nbfValue = Convert.ToDouble(nbfObj);

                }

                catch

                {

                    throw new Exception("Claim 'nbf' must be a number.");

                }

                if (secondsSinceEpoch < nbfValue)

                {

                    throw new Exception("Token is not yet valid.");

                }

            }

        }

        /// <summary>

        ///

        /// </summary>

        /// <returns></returns>

        public string decode(bool verify)

        {

            try

            {

                JObject obj = (JObject)JsonConvert.DeserializeObject(publicKey);

                string[] tokenParts = token.Split('.');

                RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

                rsa.ImportParameters(

                  new RSAParameters()

                  {

                      Modulus = FromBase64Url(obj["n"].ToString()),

                      Exponent = FromBase64Url("AQAB")

                  });

                SHA256 sha256 = SHA256.Create();

                byte[] hash = sha256.ComputeHash(Encoding.UTF8.GetBytes(tokenParts[0] + '.' + tokenParts[1]));

                RSAPKCS1SignatureDeformatter rsaDeformatter = new RSAPKCS1SignatureDeformatter(rsa);

                rsaDeformatter.SetHashAlgorithm("SHA256");

                if (rsaDeformatter.VerifySignature(hash, FromBase64Url(tokenParts[2])))

                {

                    string result = Encoding.UTF8.GetString(Base64UrlDecode(tokenParts[1]));

                    if (verify)

                    {

                        Validate(result);

                    }

                    return result;

                }

                else

                {

                    return null;

                }

            }

            catch (Exception)

            {

                throw;

            }

        }

        private static string Base64UrlEncode(byte[] input)

        {

            var output = Convert.ToBase64String(input);

            output = output.Split('=')[0]; // Remove any trailing '='s

            output = output.Replace('+', '-'); // 62nd char of encoding

            output = output.Replace('/', '_'); // 63rd char of encoding

            return output;

        }

        // from JWT spec

        private static byte[] Base64UrlDecode(string input)

        {

            var output = input;

            output = output.Replace('-', '+');

            output = output.Replace('_', '/');

            switch (output.Length % 4)

            {

                case 0: break; // No pad chars in this case

                case 1: output += "==="; break; // Three pad chars

                case 2: output += "=="; break; // Two pad chars

                case 3: output += "="; break; // One pad char

                default: throw new System.Exception("Illegal base64url string!");

            }

            var converted = Convert.FromBase64String(output); // Standard base64 decoder

            return converted;

        }

        static byte[] FromBase64Url(string base64Url)

        {

            string padded = base64Url.Length % 4 == 0

                ? base64Url : base64Url + "====".Substring(base64Url.Length % 4);

            string base64 = padded.Replace("_", "/")

                                  .Replace("-", "+");

            return Convert.FromBase64String(base64);

        }

    }

    public class User

    {

        public String aud { set; get; }

        public String userId { set; get; }

        public String name { set; get; }

        public String email { set; get; }

        public String openId { set; get; }

        public String mobile { set; get; }

        public String exp { set; get; }

        public String jti { set; get; }

        public String iat { set; get; }

        public String nbf { set; get; }

        public String sub { set; get; }

        public override String ToString()

        {

            return "Username{" +

                    "aud='" + aud + '\'' +

                    ", userId='" + userId + '\'' +

                    ", name='" + name + '\'' +

                    ", email='" + email + '\'' +

                    ", openId='" + openId + '\'' +

                    ", mobile='" + mobile + '\'' +

                    ", exp='" + exp + '\'' +

                    ", jti='" + jti + '\'' +

                    ", nbf='" + nbf + '\'' +

                    ", sub='" + sub + '\'' +

                    '}';

        }

    }

}

  

using System;

using System.Collections.Generic;

using System.Windows.Forms;

using System.IO;

namespace AutoUpdate

{

    static class Program

    {

        /// <summary>

        /// 应用程序的主入口点。

        /// </summary>

        [STAThread]

        static void Main(string[] args)

        {

            string username;

            File.AppendAllText("g:\\log.txt", args[0]+"\r\n");

            string id_token = args[0].Substring(20);

            //string id_token = "eyJhbGciOiJSUzI1NiIsImtpZCI6IjY1Mzk2NjA3MTQ3ODA5MzY3MzYifQ.eyJlbWFpbCI6IjI2MDI2MyIsIm5hbWUiOiIyNjAyNjMiLCJleHAiOjE1MDY1NjkzMDAsImp0aSI6IjhqakVBRkd0NFo5ZnZNV2JTTWNvVVEiLCJpYXQiOjE1MDY1Njg3MDAsIm5iZiI6MTUwNjU2ODY0MCwic3ViIjoiMjYwMjYzIn0.OwaxyfRiHzgfzsHWHa1I4n5EeTswD1yeh2xHOjWPOt27qXm9Lh2zGLqgfniQU1nZxW7u2FMvESv8oTAq8MFhPX9Jy5LlaU4yfr1HwPS5K_os0oYZpscXqrL4-6OJcQeE0I6AC9ymB5InonDQCQEMuOaijn3VhNpIu4BnJomppcb5IBWJS3VHfJnDxT9JBOf_XRuvS_l1F4BK8nDW7G2QMHMH54-7WarOnFD3DWKexSLNANW_Po458zbI7sYthrft9MnRIk8ctB75ofSUbGjQAjI9b95jYdTKwa9Mu2z3TBNBJXzYe5_WztHgMLfS66IRbEIx0ah2QCZTbK6iTtXEDw";

            string publickey = "{\"kty\":\"RSA\",\"kid\":\"6057314195784354233\",\"alg\":\"ES256\",\"n\":\"n7d5K4m_mtYva7fb8x7AQWPQe95fu1LYkxLFlJQOwV-mC2yibqtEC-Tu2hLlSZYloJfDn9ELsGvOwXOkU8ktcvZvxIvnb1tN2rifDyxQfsNf90tt-IglKukVSGBZqM_EI3DHPh6lqmu3LLSvBPKdTAuo2a88vnASv5HDfyjT-9LhHpB4_2_XmI0O8_5sD-gaxlR7DTJ6tRWg7vKnu6gCC3HgG4MsyZZR5TNapUA9rMTrXNQJThrSdjxIVhcSF_XNYVagpt-01h6DvV2pzdNU06Q3p0172BhzFFCOM1gSRi__St9Rgtp1Ax--GxY9UR543ZIA9kTG7cvEIz82Ibx7Vw\",\"e\":\"AQAB\"}";

            DingDangSDK.DingdangUserRetriever retriever = new DingDangSDK.DingdangUserRetriever(id_token, publickey);

            DingDangSDK.User user = null;

            //2.获取用户信息

            user = retriever.retrieve(false);

            username = user.name;

            MessageBox.Show(username);

            Application.EnableVisualStyles();

            Application.SetCompatibleTextRenderingDefault(false);

            AppSingleton.Run(new login(args));  //防止对应用程序进行多次实际化

        }

    }

}

  

http://10.10.6.18:8023/COA.aspx?id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6Ijg0NzE1ODg1MTQ5NjgwNjA2MjYifQ.eyJlbWFpbCI6IndhbnFxIiwibmFtZSI6IndhbnFxIiwiZXhwIjoxNTA4MzE4ODMwLCJqdGkiOiJnNVpSbkllc2tNOEZSSjRvRlRSZm9BIiwiaWF0IjoxNTA4MzE4MjMwLCJuYmYiOjE1MDgzMTgxNzAsInN1YiI6IndhbnFxIn0.I1DLYYXJ_PwcTbCrRM0UpQtqLuXrqy5xJol6kuuyQBNQFh57swJj_htkBSf1iRajxG8Oo0Azhq-yTajnxkmvFxrv29jKfYV4Vvk53FPqz2zC9VMI5FNE9dbfdFyAkFibBo-vNmH96j5I8uz19rwJiC3xFwf-4r5bUUeL9vGdCgfemU9Z9xmbKS7gRpS3A7heyZExzHnQyhab0PEFSzED1v1rWVPUR9Wv99xkIaGRBUiuYchGY4kIhaw5SpHP091tZJGMhDjcJDq__cC6FPM-q2hH_vCxBTFHZ7KyQbdz_P3ay3h6zsWEz8ErAdEsBcH_yqdpZF5arKjNqTMzyrGXFQ

  

   public void Tylogin() {

        string id_token = "";

        string publickey = "{\"kty\":\"RSA\",\"kid\":\"8471588514968060626\",\"alg\":\"ES256\",\"n\":\"4Qa6W-PES5g_STkS2Z4md_XG1UhZUq9JJeMTOC5Yg4RkqULREGj97n6ON-2iWsUl1hlbzzU0n-4l2LZJUrOT0xeaunbo7WOkCiGEwrbpVhvY7fHCi_d4LViJpFZDPIX7h8a_CMjqMSyTesp5SbK7JDzL324g-YsciZV2y8pJeYHgIoauKd6OuOtl5noBOBgz_WrZDkEr6P5TE8_F7TV0CBXWfFSwBSvof7YaVdwOOFFFYrUZVBbqvG5uFreji-V-d2diMgWMaUT3hPBQ7fDY0RE5p5xbqZvYQwgUNVIAmOiHRBB98Mlu-EU-iAHSADYWWp3x6BF0KdojiR34Mb8upw\",\"e\":\"AQAB\"}";

        if (Request.QueryString["id_token"] != null)

        {

            id_token = Request.QueryString["id_token"].ToString();

        }

        //具体类在Contorls对象中,Contorls对象中添加Newtonsoft.json.dll引用

        DdLogin.DingdangUserRetriever c = new DdLogin.DingdangUserRetriever(id_token, publickey);

        DdLogin.User Employeeinfo = null;

        Employeeinfo = c.retrieve(false);

        //去掉登录首页直接登录。具体业务逻辑还的重新做

        string name = Employeeinfo.name;

            Response.Write("用户名:"

  

单点logi,n的更多相关文章

  1. 著名ERP厂商的SSO单点登录解决方案介绍一

          SSO英文全称Single Sign On,单点登录.SSO是在多个应用系统中,用户只需要登录一次就可以访问所有相互信任的应用系统.它包括可以将这次主要的登录映射到其他应用中用于同一个用户 ...

  2. 看图理解JWT如何用于单点登录

    单点登录是我比较喜欢的一个技术解决方案,一方面他能够提高产品使用的便利性,另一方面他分离了各个应用都需要的登录服务,对性能以及工作量都有好处.自从上次研究过JWT如何应用于会话管理,加之以前的项目中也 ...

  3. 集成基于OAuth协议的单点登陆

    在之前的一篇文章中,我们已经介绍了如何为一个应用添加对CAS协议的支持,进而使得我们的应用可以与所有基于CAS协议的单点登陆服务通讯.但是现在的单点登陆服务实际上并不全是通过实现CAS协议来完成的.例 ...

  4. 集成基于CAS协议的单点登陆

    相信大家对单点登陆(SSO,Single Sign On)这个名词并不感到陌生吧?简单地说,单点登陆允许多个应用使用同一个登陆服务.一旦一个用户登陆了一个支持单点登陆的应用,那么在进入其它使用同一单点 ...

  5. 细说SSO单点登录

    什么是SSO? 如果你已知道,请略过本节! SSO核心意义就一句话:一处登录,处处登录:一处注销,处处注销.即:在多个应用系统中,用户只需要登录一次就可以访问所有相互信任的应用系统. 很多人容易把SS ...

  6. [原创]django+ldap+memcache实现单点登录+统一认证

    前言 由于公司内部的系统越来越多,为了方便用户使用,通过django进行了单点登录和统一认证的尝试,目前实现了django项目的单点登录和非django项目的统一认证,中间波折挺多,涉及的技术包括dj ...

  7. [原创]django+ldap实现单点登录(装饰器和缓存)

    前言 参考本系列之前的文章,我们已经搭建了ldap并且可以通过django来操作ldap了,剩下的就是下游系统的接入了,现在的应用场景,我是分了2个层次,第一层次是统一认证,保证各个系统通过ldap来 ...

  8. CAS FOR WINDOW ACTIVE DIRECTORY SSO单点登录

    一.CAS是什么? CAS(Central Authentication Service)是 Yale 大学发起的一个企业级的.开源的项目,旨在为 Web 应用系统提供一种可靠的单点登录解决方法(支持 ...

  9. Lind.DDD.SSO单点登陆组件的使用(原创)

    回到目录 一般sso的说明 在Lind.DDD框架里,有对单点登陆的集成,原理就是各个网站去sso网站统一登陆授权,之后在sso网站将登陆的token进行存储,存储方式随你(cache,redis,m ...

随机推荐

  1. S905系列的uboot分析

    Ubuntu18.04通过PL2303HX连接TTL 接线的连接 PL2303的3.3V悬空, TX接盒子RX, RX接盒子TX, GND接盒子GND 终端选择 系统自带pl2303的驱动, 可以通过 ...

  2. linux中高并发socket最大连接数的优化详解

    linux中高并发socket最大连接数的优化详解 https://m.jb51.net/article/106546.htm?from=singlemessage

  3. 946. Validate Stack Sequences

    946. Validate Stack Sequences class Solution { public: bool validateStackSequences(vector<int> ...

  4. angular的路由例子

    app.routing.module.ts里面,关键部分 const routes: Routes = [ { path: '', redirectTo : 'c3/c2/mmc', pathMatc ...

  5. “庚武讲堂”(v.gw66.net) 缘起

    转载自: https://v.gw66.net/origin/ 我叫“庚武”,一个从业10余年的程序员,其实我更愿意自称软件工程师或软件设计师.转眼间倏忽十年,从最开始用ASP.net 2.0做网站入 ...

  6. flask 运行 flask db init 报错,init-db 命令找不到

    flask init-db 结果是 `Error: No such command “init-db”. 那是因为init-db 已经被 flask db init 给代替了 运行 flask db ...

  7. Sword 位运算取余操作

    /* 位运算取余操作 */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include ...

  8. java多线程(二)线程的生命周期

    1.   线程生命周期 新建(New).就绪(Runnable).运行(Running).阻塞(Blocked)和死亡(Dead)5种状态. 1.1. 新建 l  new关键字创建了一个线程之后,该线 ...

  9. a simple machine learning system demo, for ML study.

    Machine Learning System introduction This project is a full stack Django/React/Redux app that uses t ...

  10. EasyDSS高性能RTMP、HLS(m3u8)、HTTP-FLV、RTSP流媒体服务器解决方案之多方式虚拟直播

    EasyDSS流媒体解决方案之虚拟直播 虚拟直播相对于传统的实时直播的差别在于,实时的直播在于播放的是一个实时的直播流,而虚拟直播,可能适应范围更加的广.虚拟直播,不仅仅可以播放实时的视频直播流,也可 ...