/// <summary>
/// Called when [authorization].
/// </summary>
/// <param name="filterContext">The filter context.</param>
public async Task OnAuthorization(AuthorizationFilterContext filterContext)
{
if (filterContext.Route != null && filterContext.Route.ServiceDescriptor.DisableNetwork())
{
filterContext.Result = new HttpResultMessage <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.RequestError, Message = "Request error"
};
}
else
{
if (filterContext.Route != null && filterContext.Route.ServiceDescriptor.EnableAuthorization())
{
if (filterContext.Route.ServiceDescriptor.AuthType() == AuthorizationType.JWTBearer.ToString())
{
if (filterContext.Context.User.Identity?.IsAuthenticated == true)
{
RestContext.GetContext().SetClaimsPrincipal("payload", filterContext.Context.User);
}
else
{
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false,
StatusCode = (int)ServiceStatusCode.AuthorizationFailed,
Message = "Invalid authentication credentials"
};
}
}
}
}
}
private void AppResolve(IApplicationBuilder app)
{
RestContext.GetContext().Initialize(app.ApplicationServices);
app.ApplicationServices.GetRequiredService <ObjectAccessor <IApplicationBuilder> >().Value = app;
app.UseStaticFiles();
app.UseRouting();
_moduleProvider.Configure(new ApplicationInitializationContext(app.ApplicationServices));
app.UseEndpoints(endpoints => { endpoints.MapDefaultControllerRoute(); });
app.Run(async context =>
{
var messageId = Guid.NewGuid().ToString("N");
var sender = new HttpServerMessageSender(_serializer, context, _diagnosticListener);
try
{
var filters = app.ApplicationServices.GetServices <IAuthorizationFilter>();
var isSuccess = await OnAuthorization(context, sender, messageId, filters);
if (isSuccess)
{
var actionFilters = app.ApplicationServices.GetServices <IActionFilter>();
await OnReceived(sender, messageId, context, actionFilters);
}
}
catch (Exception ex)
{
var filters = app.ApplicationServices.GetServices <IExceptionFilter>();
WirteDiagnosticError(messageId, ex);
await OnException(context, sender, messageId, ex, filters);
}
});
}
public async Task <bool> OnAuthorization(HttpContext context, HttpServerMessageSender sender, string messageId, IEnumerable <IAuthorizationFilter> filters)
{
foreach (var filter in filters)
{
var path = HttpUtility.UrlDecode(GetRoutePath(context.Request.Path.ToString()));
var serviceRoute = await _serviceRouteProvider.GetRouteByPathRegex(path);
if (serviceRoute == null)
{
serviceRoute = await _serviceRouteProvider.GetLocalRouteByPathRegex(path);
}
RestContext.GetContext().SetAttachment("route", serviceRoute);
var filterContext = new AuthorizationFilterContext
{
Path = path,
Context = context,
Route = serviceRoute
};
await filter.OnAuthorization(filterContext);
if (filterContext.Result != null)
{
await sender.SendAndFlushAsync(new TransportMessage(messageId, filterContext.Result));
return(false);
}
}
return(true);
}
/// <summary>
/// Called when [authorization].
/// </summary>
/// <param name="filterContext">The filter context.</param>
public virtual async Task OnAuthorization(AuthorizationFilterContext filterContext)
{
var gatewayAppConfig = AppConfig.Options.ApiGetWay;
if (filterContext.Route != null && filterContext.Route.ServiceDescriptor.DisableNetwork())
{
filterContext.Result = new HttpResultMessage <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.RequestError, Message = "Request error"
};
}
else
{
if (filterContext.Route != null && filterContext.Route.ServiceDescriptor.EnableAuthorization())
{
if (filterContext.Route.ServiceDescriptor.AuthType() == AuthorizationType.JWT.ToString())
{
var author = filterContext.Context.Request.Headers["Authorization"];
if (author.Count > 0)
{
var isSuccess = await _authorizationServerProvider.ValidateClientAuthentication(author);
if (!isSuccess)
{
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed,
Message = "Invalid authentication credentials"
};
}
else
{
var payload = _authorizationServerProvider.GetPayloadString(author);
RestContext.GetContext().SetAttachment("payload", payload);
}
}
else
{
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed,
Message = "Invalid authentication credentials"
}
};
}
}
}
if (string.Compare(filterContext.Path.ToLower(), gatewayAppConfig.TokenEndpointPath, StringComparison.OrdinalIgnoreCase) == 0)
{
filterContext.Context.Items.Add("path", gatewayAppConfig.AuthorizationRoutePath);
}
}
}
public Task OnActionExecuting(ActionExecutingContext filterContext)
{
var address = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress;
RestContext.GetContext().SetAttachment("RemoteIpAddress", address.ToString());
if (_ipChecker.IsBlackIp(address, filterContext.Message.RoutePath))
{
filterContext.Result = new HttpResultMessage <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Your IP address is not allowed"
};
}
return(Task.CompletedTask);
}
private void WirteDiagnosticBefore(TransportMessage message)
{
if (!AppConfig.ServerOptions.DisableDiagnostic)
{
RpcContext.GetContext().SetAttachment("TraceId", message.Id);
var remoteInvokeMessage = message.GetContent <HttpMessage>();
_diagnosticListener.WriteTransportBefore(TransportType.Rest, new TransportEventData(new DiagnosticMessage
{
Content = message.Content,
ContentType = message.ContentType,
Id = message.Id,
MessageName = remoteInvokeMessage.RoutePath
}, TransportType.Rest.ToString(),
message.Id,
RestContext.GetContext().GetAttachment("RemoteIpAddress")?.ToString()));
}
else
{
var parameters = RpcContext.GetContext().GetContextParameters();
RpcContext.GetContext().SetContextParameters(parameters);
}
}
public virtual void Initialize(ApplicationInitializationContext builder)
{
RestContext.GetContext().Initialize(builder.Builder.ApplicationServices);
}
/// <summary>
/// Called when [received].
/// </summary>
/// <param name="sender">The sender.</param>
/// <param name="messageId">The message identifier.</param>
/// <param name="context">The context.</param>
/// <param name="actionFilters">The action filters.</param>
public async Task OnReceived(IMessageSender sender, string messageId, HttpContext context,
IEnumerable <IActionFilter> actionFilters)
{
var serviceRoute = RestContext.GetContext().GetAttachment("route") as ServiceRoute;
RestContext.GetContext().RemoveContextParameters("route");
var path = (RestContext.GetContext().GetAttachment("path")
?? HttpUtility.UrlDecode(GetRoutePath(context.Request.Path.ToString()))) as string;
if (serviceRoute == null)
{
serviceRoute = await _serviceRouteProvider.GetRouteByPathRegex(path);
}
IDictionary <string, object> parameters =
context.Request.Query.ToDictionary(p => p.Key, p => (object)p.Value.ToString());
object serviceKey = null;
foreach (var key in _serviceKeys)
{
parameters.Remove(key, out var value);
if (value != null)
{
serviceKey = value;
break;
}
}
if (string.Compare(serviceRoute.ServiceDescriptor.RoutePath, path, true) != 0)
{
var @params = RouteTemplateSegmenter.Segment(serviceRoute.ServiceDescriptor.RoutePath, path);
foreach (var param in @params)
{
parameters.Add(param.Key, param.Value);
}
}
var httpMessage = new HttpRequestMessage
{
Parameters = parameters,
RoutePath = serviceRoute.ServiceDescriptor.RoutePath,
ServiceKey = serviceKey?.ToString()
};
if (context.Request.HasFormContentType)
{
var collection = await GetFormCollection(context.Request);
foreach (var item in collection)
{
httpMessage.Parameters.Add(item.Key, item.Value);
}
if (!await OnActionExecuting(
new ActionExecutingContext {
Context = context, Route = serviceRoute, Message = httpMessage
},
sender, messageId, actionFilters))
{
return;
}
httpMessage.Attachments = RestContext.GetContext().GetContextParameters();
await Received(sender, new TransportMessage(messageId, httpMessage));
}
else
{
var streamReader = new StreamReader(context.Request.Body);
var data = await streamReader.ReadToEndAsync();
if (context.Request.Method == "POST" || context.Request.Method == "PUT")
{
var bodyParams = _serializer.Deserialize <string, IDictionary <string, object> >(data) ??
new Dictionary <string, object>();
foreach (var param in bodyParams)
{
httpMessage.Parameters.Add(param.Key, param.Value);
}
if (!await OnActionExecuting(
new ActionExecutingContext {
Context = context, Route = serviceRoute, Message = httpMessage
},
sender, messageId, actionFilters))
{
return;
}
httpMessage.Attachments = RestContext.GetContext().GetContextParameters();
await Received(sender, new TransportMessage(messageId, httpMessage));
}
else
{
if (!await OnActionExecuting(
new ActionExecutingContext {
Context = context, Route = serviceRoute, Message = httpMessage
},
sender, messageId, actionFilters))
{
return;
}
httpMessage.Attachments = RestContext.GetContext().GetContextParameters();
await Received(sender, new TransportMessage(messageId, httpMessage));
}
}
await OnActionExecuted(context, httpMessage, actionFilters);
}
