/// <summary>
/// 验证客户端发来的token是否有效
/// </summary>
/// <param name="header"></param>
/// <returns></returns>
public static ValidTokenResult ValidClientToken(string tokenStr)
{
if (string.IsNullOrWhiteSpace(tokenStr))
{
return(new ValidTokenResult()
{
Success = false, Message = "请求的token为空"
});
}
TokenClaims tcParam = TokenBuilder.DecodeToken(tokenStr);
if (tcParam.Iss != Iss)
{
ToolFactory.LogHelper.Info("token验证失败,token发行者与当前系统不匹配:iss" + tcParam.Iss);
return(new ValidTokenResult()
{
Success = false, Message = "用户权限验证失败,token发行者与当前系统不匹配"
});
}
if (!ValidTokenAuth(tcParam.Role))
{
ToolFactory.LogHelper.Info("token验证失败,用户权限验证失败,角色没有权限调用该接口:role" + tcParam.Role);
return(new ValidTokenResult()
{
Success = false, Message = "用户权限验证失败,角色没有权限调用该接口"
});
}
if (TokenIsTimeLoss(tcParam.Exp))
{
ToolFactory.LogHelper.Info("token验证失败,token过时,token:" + tokenStr);
return(new ValidTokenResult()
{
Success = false, Message = "请求的token过时"
});
}
else
{
return(new ValidTokenResult()
{
Success = true
});
}
}
/// <summary>
/// 为请求用户生成token
/// </summary>
/// <param name="RequestParam">action的参数</param>
/// <returns></returns>
public static TokenResult MakeToken(string RequestParam, string PrimaryKey = null)
{
try
{
dynamic p = JsonConvert.DeserializeObject(RequestParam);
string RequestAuth = p.RequestAuth; //请求人信息
string DesAuth; //解密后的author
if (PrimaryKey == null)
{
DesAuth = RSAHelper.Decrypt(RequestAuth, Config_PrimaryKey);
}
else
{
DesAuth = RSAHelper.Decrypt(RequestAuth, PrimaryKey);
}
#region 请求历史是否有重复
if (MakeTokenParamHistory.Contains(DesAuth))
{
ToolFactory.LogHelper.Info("生成token身份验证失败:该请求的字符串与之前重复:" + DesAuth);
return(new TokenResult()
{
Success = false, Error_Message = "请求数据非法"
});
}
MakeTokenParamHistory.Insert(0, DesAuth);
if (MakeTokenParamHistory.Count > 1000)
{
MakeTokenParamHistory.RemoveRange(1000, MakeTokenParamHistory.Count - 1000);
}
#endregion
string ReqAuthId = DesAuth.Substring(DesAuth.Length - 46, 10); //请求人身份标识
long reqTimespan = long.Parse(DesAuth.Substring(0, DesAuth.Length - 46)); //客户端请求时间秒数
if (!ValidTokenAuth(ReqAuthId))
{
ToolFactory.LogHelper.Info("生成token身份验证失败:DesAuth" + DesAuth);
return(new TokenResult()
{
Success = false, Error_Message = "身份验证失败"
});
}
if ((TimeHelper.GetTimeSecond() - reqTimespan) > ReqToken_OverTime)
{
ToolFactory.LogHelper.Info("生成token请求时间超时:DesAuth" + DesAuth);
return(new TokenResult()
{
Success = false, Error_Message = "请求时间超时"
});
}
string uname = TokenBuilder.CreateUserName(ReqAuthId);
long TokenOverTime = Token_OverTime;
if (AuthMapOverTime != null && AuthMapOverTime.ContainsKey(ReqAuthId))
{
TokenOverTime = AuthMapOverTime[ReqAuthId];
}
string tokenStr = TokenBuilder.MakeToken(Iss, uname, ReqAuthId, TokenOverTime);
ToolFactory.LogHelper.Notice("生成token:" + tokenStr);
return(new TokenResult()
{
Success = true, Token = tokenStr
});;
}
catch (Exception ex)
{
ToolFactory.LogHelper.Error("生成token出现异常", ex);
return(new TokenResult()
{
Success = false, Error_Message = "错误的请求:" + ex.Message
});
}
}