/// <summary> /// Called when [authorization]. /// </summary> /// <param name="filterContext">The filter context.</param> public async Task OnAuthorization(AuthorizationFilterContext filterContext) { if (filterContext.Route != null && filterContext.Route.ServiceDescriptor.DisableNetwork()) { filterContext.Result = new HttpResultMessage <object> { IsSucceed = false, StatusCode = (int)ServiceStatusCode.RequestError, Message = "Request error" }; } else { if (filterContext.Route != null && filterContext.Route.ServiceDescriptor.EnableAuthorization()) { if (filterContext.Route.ServiceDescriptor.AuthType() == AuthorizationType.JWTBearer.ToString()) { if (filterContext.Context.User.Identity?.IsAuthenticated == true) { RestContext.GetContext().SetClaimsPrincipal("payload", filterContext.Context.User); } else { filterContext.Result = new HttpResultMessage <object> { IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Invalid authentication credentials" }; } } } } }
private void AppResolve(IApplicationBuilder app) { RestContext.GetContext().Initialize(app.ApplicationServices); app.ApplicationServices.GetRequiredService <ObjectAccessor <IApplicationBuilder> >().Value = app; app.UseStaticFiles(); app.UseRouting(); _moduleProvider.Configure(new ApplicationInitializationContext(app.ApplicationServices)); app.UseEndpoints(endpoints => { endpoints.MapDefaultControllerRoute(); }); app.Run(async context => { var messageId = Guid.NewGuid().ToString("N"); var sender = new HttpServerMessageSender(_serializer, context, _diagnosticListener); try { var filters = app.ApplicationServices.GetServices <IAuthorizationFilter>(); var isSuccess = await OnAuthorization(context, sender, messageId, filters); if (isSuccess) { var actionFilters = app.ApplicationServices.GetServices <IActionFilter>(); await OnReceived(sender, messageId, context, actionFilters); } } catch (Exception ex) { var filters = app.ApplicationServices.GetServices <IExceptionFilter>(); WirteDiagnosticError(messageId, ex); await OnException(context, sender, messageId, ex, filters); } }); }
public async Task <bool> OnAuthorization(HttpContext context, HttpServerMessageSender sender, string messageId, IEnumerable <IAuthorizationFilter> filters) { foreach (var filter in filters) { var path = HttpUtility.UrlDecode(GetRoutePath(context.Request.Path.ToString())); var serviceRoute = await _serviceRouteProvider.GetRouteByPathRegex(path); if (serviceRoute == null) { serviceRoute = await _serviceRouteProvider.GetLocalRouteByPathRegex(path); } RestContext.GetContext().SetAttachment("route", serviceRoute); var filterContext = new AuthorizationFilterContext { Path = path, Context = context, Route = serviceRoute }; await filter.OnAuthorization(filterContext); if (filterContext.Result != null) { await sender.SendAndFlushAsync(new TransportMessage(messageId, filterContext.Result)); return(false); } } return(true); }
/// <summary> /// Called when [authorization]. /// </summary> /// <param name="filterContext">The filter context.</param> public virtual async Task OnAuthorization(AuthorizationFilterContext filterContext) { var gatewayAppConfig = AppConfig.Options.ApiGetWay; if (filterContext.Route != null && filterContext.Route.ServiceDescriptor.DisableNetwork()) { filterContext.Result = new HttpResultMessage <object> { IsSucceed = false, StatusCode = (int)ServiceStatusCode.RequestError, Message = "Request error" }; } else { if (filterContext.Route != null && filterContext.Route.ServiceDescriptor.EnableAuthorization()) { if (filterContext.Route.ServiceDescriptor.AuthType() == AuthorizationType.JWT.ToString()) { var author = filterContext.Context.Request.Headers["Authorization"]; if (author.Count > 0) { var isSuccess = await _authorizationServerProvider.ValidateClientAuthentication(author); if (!isSuccess) { filterContext.Result = new HttpResultMessage <object> { IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Invalid authentication credentials" }; } else { var payload = _authorizationServerProvider.GetPayloadString(author); RestContext.GetContext().SetAttachment("payload", payload); } } else { filterContext.Result = new HttpResultMessage <object> { IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Invalid authentication credentials" } }; } } } if (string.Compare(filterContext.Path.ToLower(), gatewayAppConfig.TokenEndpointPath, StringComparison.OrdinalIgnoreCase) == 0) { filterContext.Context.Items.Add("path", gatewayAppConfig.AuthorizationRoutePath); } } }
public Task OnActionExecuting(ActionExecutingContext filterContext) { var address = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress; RestContext.GetContext().SetAttachment("RemoteIpAddress", address.ToString()); if (_ipChecker.IsBlackIp(address, filterContext.Message.RoutePath)) { filterContext.Result = new HttpResultMessage <object> { IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Your IP address is not allowed" }; } return(Task.CompletedTask); }
private void WirteDiagnosticBefore(TransportMessage message) { if (!AppConfig.ServerOptions.DisableDiagnostic) { RpcContext.GetContext().SetAttachment("TraceId", message.Id); var remoteInvokeMessage = message.GetContent <HttpMessage>(); _diagnosticListener.WriteTransportBefore(TransportType.Rest, new TransportEventData(new DiagnosticMessage { Content = message.Content, ContentType = message.ContentType, Id = message.Id, MessageName = remoteInvokeMessage.RoutePath }, TransportType.Rest.ToString(), message.Id, RestContext.GetContext().GetAttachment("RemoteIpAddress")?.ToString())); } else { var parameters = RpcContext.GetContext().GetContextParameters(); RpcContext.GetContext().SetContextParameters(parameters); } }
public virtual void Initialize(ApplicationInitializationContext builder) { RestContext.GetContext().Initialize(builder.Builder.ApplicationServices); }
/// <summary> /// Called when [received]. /// </summary> /// <param name="sender">The sender.</param> /// <param name="messageId">The message identifier.</param> /// <param name="context">The context.</param> /// <param name="actionFilters">The action filters.</param> public async Task OnReceived(IMessageSender sender, string messageId, HttpContext context, IEnumerable <IActionFilter> actionFilters) { var serviceRoute = RestContext.GetContext().GetAttachment("route") as ServiceRoute; RestContext.GetContext().RemoveContextParameters("route"); var path = (RestContext.GetContext().GetAttachment("path") ?? HttpUtility.UrlDecode(GetRoutePath(context.Request.Path.ToString()))) as string; if (serviceRoute == null) { serviceRoute = await _serviceRouteProvider.GetRouteByPathRegex(path); } IDictionary <string, object> parameters = context.Request.Query.ToDictionary(p => p.Key, p => (object)p.Value.ToString()); object serviceKey = null; foreach (var key in _serviceKeys) { parameters.Remove(key, out var value); if (value != null) { serviceKey = value; break; } } if (string.Compare(serviceRoute.ServiceDescriptor.RoutePath, path, true) != 0) { var @params = RouteTemplateSegmenter.Segment(serviceRoute.ServiceDescriptor.RoutePath, path); foreach (var param in @params) { parameters.Add(param.Key, param.Value); } } var httpMessage = new HttpRequestMessage { Parameters = parameters, RoutePath = serviceRoute.ServiceDescriptor.RoutePath, ServiceKey = serviceKey?.ToString() }; if (context.Request.HasFormContentType) { var collection = await GetFormCollection(context.Request); foreach (var item in collection) { httpMessage.Parameters.Add(item.Key, item.Value); } if (!await OnActionExecuting( new ActionExecutingContext { Context = context, Route = serviceRoute, Message = httpMessage }, sender, messageId, actionFilters)) { return; } httpMessage.Attachments = RestContext.GetContext().GetContextParameters(); await Received(sender, new TransportMessage(messageId, httpMessage)); } else { var streamReader = new StreamReader(context.Request.Body); var data = await streamReader.ReadToEndAsync(); if (context.Request.Method == "POST" || context.Request.Method == "PUT") { var bodyParams = _serializer.Deserialize <string, IDictionary <string, object> >(data) ?? new Dictionary <string, object>(); foreach (var param in bodyParams) { httpMessage.Parameters.Add(param.Key, param.Value); } if (!await OnActionExecuting( new ActionExecutingContext { Context = context, Route = serviceRoute, Message = httpMessage }, sender, messageId, actionFilters)) { return; } httpMessage.Attachments = RestContext.GetContext().GetContextParameters(); await Received(sender, new TransportMessage(messageId, httpMessage)); } else { if (!await OnActionExecuting( new ActionExecutingContext { Context = context, Route = serviceRoute, Message = httpMessage }, sender, messageId, actionFilters)) { return; } httpMessage.Attachments = RestContext.GetContext().GetContextParameters(); await Received(sender, new TransportMessage(messageId, httpMessage)); } } await OnActionExecuted(context, httpMessage, actionFilters); }