private async Task <AuthorServiceResult> OnAuthorization(string path, ServiceRoute route, Dictionary <string, object> model)
{
// bool isSuccess = true;
AuthorServiceResult authorServiceResult = new AuthorServiceResult();
// var route = await _serviceRouteProvider.GetRouteByPath(path);
if (route.ServiceDescriptor.EnableAuthorization())
{
if (route.ServiceDescriptor.AuthType() == AuthorizationType.JWT.ToString())
{
authorServiceResult = await ValidateJwtAuthentication(route, path, model);
}
else
{
authorServiceResult = await ValidateAppSecretAuthentication(route, path, model);
}
}
return(authorServiceResult);
}
private async Task <AuthorServiceResult> ValidateAppSecretAuthentication(ServiceRoute route,
string path,
Dictionary <string, object> model)
{
AuthorServiceResult authorServiceResult = new AuthorServiceResult();
var author = HttpContext.Request.Headers["Authorization"];
if (author.Count > 0)
{
var token = AuthenticationCommon.GetAuthToken(author);
authorServiceResult.isSuccess = await _authorizationServerProvider.ValidateClientAuthentication(token);
if (!authorServiceResult.isSuccess)
{
authorServiceResult.result = new Surging.Core.ApiGateWay.ServiceResult <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Invalid authentication credentials"
};
}
else
{
var keyValue = model.FirstOrDefault();
if (!(keyValue.Value is IConvertible) || !typeof(IConvertible).GetTypeInfo().IsAssignableFrom(keyValue.Value.GetType()))
{
dynamic instance = keyValue.Value;
instance.Payload = _authorizationServerProvider.GetPayloadString(token);
RpcContext.GetContext().SetAttachment("payload", instance.Payload.ToString());
model.Remove(keyValue.Key);
model.Add(keyValue.Key, instance);
}
}
}
else
{
authorServiceResult.result = new Surging.Core.ApiGateWay.ServiceResult <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.RequestError, Message = "Request error"
};
authorServiceResult.isSuccess = false;
}
return(authorServiceResult);
}
public async Task <AuthorServiceResult> ValidateJwtAuthentication(ServiceRoute route, string path, Dictionary <string, object> model)
{
AuthorServiceResult authorServiceResult = new AuthorServiceResult();
// bool isSuccess = true;
var author = HttpContext.Request.Headers["Authorization"];
if (author.Count > 0)
{
var token = AuthenticationCommon.GetAuthToken(author);
authorServiceResult.isSuccess = await _authorizationServerProvider.ValidateClientAuthentication(token);
if (!authorServiceResult.isSuccess)
{
authorServiceResult.result = new Surging.Core.ApiGateWay.ServiceResult <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "Invalid authentication credentials"
};
}
else
{
var onAuthorModel = new Dictionary <string, object>();
var payload = _authorizationServerProvider.GetPayloadString(token);;
var keyValue = model.FirstOrDefault();
if (!(keyValue.Value is IConvertible) || !typeof(IConvertible).GetTypeInfo().IsAssignableFrom(keyValue.Value.GetType()))
{
dynamic instance = keyValue.Value;
instance.Payload = payload;
RpcContext.GetContext().SetAttachment("payload", instance.Payload.ToString());
model.Remove(keyValue.Key);
model.Add(keyValue.Key, instance);
}
//onAuthorModel.Add("input", JsonConvert.SerializeObject(new
//{
// Path = path,
// Payload = payload
//}));
//var data = await _serviceProxyProvider.Invoke<bool>(onAuthorModel, "api/user/onauthentication", "User");
//if (!data)
//{
// authorServiceResult.isSuccess = false;
// authorServiceResult.result = new Surging.Core.ApiGateWay.ServiceResult<object> { IsSucceed = false, StatusCode = (int)ServiceStatusCode.AuthorizationFailed, Message = "没有该操作权限" };
//}
//else
//{
// var keyValue = model.FirstOrDefault();
// if (!(keyValue.Value is IConvertible) || !typeof(IConvertible).GetTypeInfo().IsAssignableFrom(keyValue.Value.GetType()))
// {
// dynamic instance = keyValue.Value;
// instance.Payload = payload;
// RpcContext.GetContext().SetAttachment("payload", instance.Payload.ToString());
// model.Remove(keyValue.Key);
// model.Add(keyValue.Key, instance);
// }
//}
}
}
else
{
authorServiceResult.result = new Surging.Core.ApiGateWay.ServiceResult <object> {
IsSucceed = false, StatusCode = (int)ServiceStatusCode.RequestError, Message = "Request error"
};
authorServiceResult.isSuccess = false;
}
return(authorServiceResult);
}
