public bool ValidateJwtAuthentication(ServiceRoute route, Dictionary <string, object> model, ref ServiceResult <object> result)
{
bool isSuccess = true;
var author = HttpContext.Request.Headers["Authorization"];
if (author.Count > 0)
{
isSuccess = _authorizationServerProvider.ValidateClientAuthentication(author).Result;
if (!isSuccess)
{
result = new ServiceResult <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Invalid authentication credentials"
};
}
else
{
var keyValue = model.FirstOrDefault();
if (!(keyValue.Value is IConvertible) || !typeof(IConvertible).GetTypeInfo().IsAssignableFrom(keyValue.Value.GetType()))
{
dynamic instance = keyValue.Value;
instance.Payload = _authorizationServerProvider.GetPayloadString(author);
model.Remove(keyValue.Key);
model.Add(keyValue.Key, instance);
}
}
}
else
{
result = new ServiceResult <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.RequestError, Message = "Request error"
};
isSuccess = false;
}
return(isSuccess);
}
public void OnAuthorization(AuthorizationFilterContext filterContext)
{
if (filterContext.Route.ServiceDescriptor.EnableAuthorization())
{
if (filterContext.Route.ServiceDescriptor.AuthType() == AuthorizationType.JWT.ToString())
{
var author = filterContext.Context.Request.Headers["Authorization"];
if (author.Count > 0)
{
var isSuccess = _authorizationServerProvider.ValidateClientAuthentication(author).Result;
if (!isSuccess)
{
filterContext.Result = new HttpResultMessage <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Invalid authentication credentials"
};
}
else
{
var payload = _authorizationServerProvider.GetPayloadString(author);
RpcContext.GetContext().SetAttachment("payload", payload);
}
}
}
}
}
public async Task OnAuthorization(AuthorizationFilterContext filterContext)
{
if (filterContext.Route != null && filterContext.Route.ServiceDescriptor.EnableAuthorization())
{
if (filterContext.Route.ServiceDescriptor.AuthType() == AuthorizationType.JWT.ToString())
{
var author = filterContext.Context.Request.Headers["Authorization"];
if (author.Count > 0)
{
var isSuccess = await _authorizationServerProvider.ValidateClientAuthentication(author);
if (!isSuccess)
{
filterContext.Result = new HttpResultMessage <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Invalid authentication credentials"
};
}
else
{
var payload = _authorizationServerProvider.GetPayloadString(author);
RpcContext.GetContext().SetAttachment("payload", payload);
}
}
}
}
var gatewayAppConfig = AppConfig.Options.ApiGetWay;
if (String.Compare(filterContext.Path.ToLower(), gatewayAppConfig.TokenEndpointPath, true) == 0)
{
filterContext.Context.Items.Add("path", gatewayAppConfig.AuthorizationRoutePath);
}
}
public async Task <(bool, ServiceResult <object>)> ValidateJwtAuthentication(ServiceRoute route, Dictionary <string, object> model)
{
var result = ServiceResult <object> .Create(false, null);
bool isSuccess = true;
var author = HttpContext.Request.Headers["Authorization"];
if (author.Count > 0)
{
isSuccess = await _authorizationServerProvider.ValidateClientAuthentication(author);
if (!isSuccess)
{
result = new ServiceResult <object> {
IsSucceed = false, StatusCode = Surging.Core.CPlatform.Exceptions.StatusCode.UnAuthentication, Message = "Invalid authentication credentials"
};
}
else
{
var payload = _authorizationServerProvider.GetPayloadString(author);
RpcContext.GetContext().SetAttachment("payload", payload);
if (model.Count > 0)
{
var keyValue = model.FirstOrDefault();
if (!(keyValue.Value is IConvertible) || !typeof(IConvertible).GetTypeInfo().IsAssignableFrom(keyValue.Value.GetType()))
{
dynamic instance = keyValue.Value;
instance.Payload = payload;
model.Remove(keyValue.Key);
model.Add(keyValue.Key, instance);
}
}
}
}
else
{
result = new ServiceResult <object> {
IsSucceed = false, StatusCode = Surging.Core.CPlatform.Exceptions.StatusCode.RequestError, Message = "Request error"
};
isSuccess = false;
}
return(isSuccess, result);
}
public bool ValidateJwtAuthentication(ServiceRoute route, Dictionary <string, object> model, ref ServiceResult <object> result)
{
bool isSuccess = true;
var author = HttpContext.Request.Headers["Authorization"].ToString();
if (author.StartsWith("Bearer "))
{
author = author.Substring(7);
}
if (!string.IsNullOrEmpty(author))
{
isSuccess = _authorizationServerProvider.ValidateClientAuthentication(author).Result;
if (!isSuccess)
{
result = new ServiceResult <object> {
IsSucceed = false, StatusCode = MessageStatusCode.UnAuthentication, Message = "不合法的身份凭证"
};
}
else
{
var keyValue = model.FirstOrDefault();
if (!(keyValue.Value is IConvertible) || !typeof(IConvertible).GetTypeInfo().IsAssignableFrom(keyValue.Value.GetType()))
{
var payload = _authorizationServerProvider.GetPayloadString(author);
RpcContext.GetContext().SetAttachment("payload", payload);
}
}
}
else
{
result = new ServiceResult <object> {
IsSucceed = false, StatusCode = MessageStatusCode.UnAuthentication, Message = "请先登录系统"
};
isSuccess = false;
}
return(isSuccess);
}
public async Task <AuthorServiceResult> ValidateJwtAuthentication(ServiceRoute route, string path, Dictionary <string, object> model)
{
AuthorServiceResult authorServiceResult = new AuthorServiceResult();
// bool isSuccess = true;
var author = HttpContext.Request.Headers["Authorization"];
if (author.Count > 0)
{
var token = AuthenticationCommon.GetAuthToken(author);
authorServiceResult.isSuccess = await _authorizationServerProvider.ValidateClientAuthentication(token);
if (!authorServiceResult.isSuccess)
{
authorServiceResult.result = new Surging.Core.ApiGateWay.ServiceResult <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Invalid authentication credentials"
};
}
else
{
var onAuthorModel = new Dictionary <string, object>();
var payload = _authorizationServerProvider.GetPayloadString(token);;
var keyValue = model.FirstOrDefault();
if (!(keyValue.Value is IConvertible) || !typeof(IConvertible).GetTypeInfo().IsAssignableFrom(keyValue.Value.GetType()))
{
dynamic instance = keyValue.Value;
instance.Payload = payload;
RpcContext.GetContext().SetAttachment("payload", instance.Payload.ToString());
model.Remove(keyValue.Key);
model.Add(keyValue.Key, instance);
}
//onAuthorModel.Add("input", JsonConvert.SerializeObject(new
//{
// Path = path,
// Payload = payload
//}));
//var data = await _serviceProxyProvider.Invoke<bool>(onAuthorModel, "api/user/onauthentication", "User");
//if (!data)
//{
// authorServiceResult.isSuccess = false;
// authorServiceResult.result = new Surging.Core.ApiGateWay.ServiceResult<object> { IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "没有该操作权限" };
//}
//else
//{
// var keyValue = model.FirstOrDefault();
// if (!(keyValue.Value is IConvertible) || !typeof(IConvertible).GetTypeInfo().IsAssignableFrom(keyValue.Value.GetType()))
// {
// dynamic instance = keyValue.Value;
// instance.Payload = payload;
// RpcContext.GetContext().SetAttachment("payload", instance.Payload.ToString());
// model.Remove(keyValue.Key);
// model.Add(keyValue.Key, instance);
// }
//}
}
}
else
{
authorServiceResult.result = new Surging.Core.ApiGateWay.ServiceResult <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.RequestError, Message = "Request error"
};
authorServiceResult.isSuccess = false;
}
return(authorServiceResult);
}
public async Task <ServiceResult <object> > SignIn(LoginReq req)
{
//要注意参数类型
var model = new Dictionary <string, object>();
model.Add("req", JsonConvert.SerializeObject(req));
var serviceKey = "Auth";
ServiceResult <object> result = ServiceResult <object> .Create(false, null);
var path = GateWayAppConfig.AuthorizationRoutePath;
if (OnAuthorization(path, model, ref result))
{
if (path == GateWayAppConfig.AuthorizationRoutePath)
{
var token = await _authorizationServerProvider.GenerateTokenCredential(model);
if (token != null)
{
//查询当前用户的权限,返回给客户端
var tmp = JsonConvert.DeserializeObject <string>(_authorizationServerProvider.GetPayloadString(token));
var identify = JsonConvert.DeserializeObject <TokenDto>(tmp);
Dictionary <string, object> reqQueryUserPermission = new Dictionary <string, object>();
reqQueryUserPermission.Add("req", JsonConvert.SerializeObject(new
{
Identify = identify
}));
string servicePath = "api/orgapp/QueryUserPermission";
var res = await _serviceProxyProvider.Invoke <BaseListResponseDto>(reqQueryUserPermission, servicePath);
if (res != null && res.OperateFlag)
{
result = ServiceResult <object> .Create(true, new { token = token, auth = res.Result });
result.StatusCode = (int)ServiceStatusCode.Success;
}
else
{
result = new ServiceResult <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Invalid authentication credentials"
};
}
}
else
{
result = new ServiceResult <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Invalid authentication credentials"
};
}
}
else
{
if (!string.IsNullOrEmpty(serviceKey))
{
result = ServiceResult <object> .Create(true, await _serviceProxyProvider.Invoke <object>(model, path, serviceKey));
result.StatusCode = (int)ServiceStatusCode.Success;
}
else
{
result = ServiceResult <object> .Create(true, await _serviceProxyProvider.Invoke <object>(model, path));
result.StatusCode = (int)ServiceStatusCode.Success;
}
}
}
return(result);
}