public static bool ShouldValidate( this IAbpAntiForgeryManager manager, IAbpAntiForgeryWebConfiguration antiForgeryWebConfiguration, MethodInfo methodInfo, Abp.Web.HttpVerb httpVerb, bool defaultValue) { if (!antiForgeryWebConfiguration.IsEnabled) { return(false); } if (methodInfo.IsDefined(typeof(ValidateAbpAntiForgeryTokenAttribute), true)) { return(true); } if (ReflectionHelper.GetSingleAttributeOfMemberOrDeclaringTypeOrDefault <DisableAbpAntiForgeryTokenValidationAttribute>(methodInfo) != null) { return(false); } if (antiForgeryWebConfiguration.IgnoredHttpVerbs.Contains(httpVerb)) { return(false); } if (methodInfo.DeclaringType?.IsDefined(typeof(ValidateAbpAntiForgeryTokenAttribute), true) ?? false) { return(true); } return(defaultValue); }
public AccountController( IUserInfoAppService userInfoAppService, IAbpAntiForgeryManager antiForgeryManager) { _userInfoAppService = userInfoAppService; _antiForgeryManager = antiForgeryManager; }
public AbpApplicationConfigurationController( IAbpApplicationConfigurationAppService applicationConfigurationAppService, IAbpAntiForgeryManager antiForgeryManager) { _applicationConfigurationAppService = applicationConfigurationAppService; _antiForgeryManager = antiForgeryManager; }
public PackageController( PackageService packageService, IAbpAntiForgeryManager antiForgeryManager ) { _packageService = packageService; _antiForgeryManager = antiForgeryManager; }
public static void SetCookie(this IAbpAntiForgeryManager manager, HttpContextBase context, IIdentity identity = null) { if (identity != null) { context.User = new ClaimsPrincipal(identity); } context.Response.Cookies.Add(new HttpCookie(manager.Configuration.TokenCookieName, manager.GenerateToken())); }
public AbpAntiForgeryMvcFilter( IAbpAntiForgeryManager abpAntiForgeryManager, IAbpMvcConfiguration mvcConfiguration, IAbpAntiForgeryWebConfiguration antiForgeryWebConfiguration) { _abpAntiForgeryManager = abpAntiForgeryManager; _mvcConfiguration = mvcConfiguration; _antiForgeryWebConfiguration = antiForgeryWebConfiguration; Logger = NullLogger.Instance; }
/// <summary> /// 构造函数 /// </summary> /// <param name="abpAntiForgeryManager"></param> /// <param name="webApiConfiguration"></param> /// <param name="antiForgeryWebConfiguration"></param> public AbpAntiForgeryApiFilter( IAbpAntiForgeryManager abpAntiForgeryManager, IAbpWebApiConfiguration webApiConfiguration, IAbpAntiForgeryWebConfiguration antiForgeryWebConfiguration) { _abpAntiForgeryManager = abpAntiForgeryManager; _webApiConfiguration = webApiConfiguration; _antiForgeryWebConfiguration = antiForgeryWebConfiguration; Logger = NullLogger.Instance; }
private static string GetCookieValue(IAbpAntiForgeryManager manager, HttpRequestHeaders headers) { var cookie = headers.GetCookies(manager.Configuration.TokenCookieName).LastOrDefault(); if (cookie == null) { return null; } return cookie[manager.Configuration.TokenCookieName].Value; }
public AbpAntiForgeryApiFilter( IAbpAntiForgeryManager abpAntiForgeryManager, IAbpWebApiConfiguration webApiConfiguration, IAbpAntiForgeryWebConfiguration antiForgeryWebConfiguration) { _abpAntiForgeryManager = abpAntiForgeryManager; _webApiConfiguration = webApiConfiguration; _antiForgeryWebConfiguration = antiForgeryWebConfiguration; Logger = NullLogger.Instance; }
private static string GetCookieValue(IAbpAntiForgeryManager manager, HttpRequestHeaders headers) { var cookie = headers.GetCookies(manager.Configuration.TokenCookieName).LastOrDefault(); if (cookie == null) { return(null); } return(cookie[manager.Configuration.TokenCookieName].Value); }
public AbpApplicationConfigurationScriptController( IAbpApplicationConfigurationAppService configurationAppService, IJsonSerializer jsonSerializer, IOptions <AbpAspNetCoreMvcOptions> options, IJavascriptMinifier javascriptMinifier, IAbpAntiForgeryManager antiForgeryManager) { _configurationAppService = configurationAppService; _jsonSerializer = jsonSerializer; _options = options.Value; _javascriptMinifier = javascriptMinifier; _antiForgeryManager = antiForgeryManager; }
private static string GetHeaderValue(IAbpAntiForgeryManager manager, HttpRequestHeaders headers) { IEnumerable<string> headerValues; if (!headers.TryGetValues(manager.Configuration.TokenHeaderName, out headerValues)) { return null; } var headersArray = headerValues.ToArray(); if (!headersArray.Any()) { return null; } return headersArray.Last().Split(", ").Last(); }
public static void SetCookie(this IAbpAntiForgeryManager manager, HttpContext context, IIdentity identity = null, CookieOptions cookieOptions = null) { if (identity != null) { context.User = new ClaimsPrincipal(identity); } if (cookieOptions != null) { context.Response.Cookies.Append(manager.Configuration.TokenCookieName, manager.GenerateToken(), cookieOptions); } else { context.Response.Cookies.Append(manager.Configuration.TokenCookieName, manager.GenerateToken()); } }
public static bool IsValid(this IAbpAntiForgeryManager manager, HttpRequestHeaders headers) { var cookieTokenValue = GetCookieValue(manager, headers); if (cookieTokenValue.IsNullOrEmpty()) { return(true); } var headerTokenValue = GetHeaderValue(manager, headers); if (headerTokenValue.IsNullOrEmpty()) { return(false); } return(manager.As <IAbpAntiForgeryValidator>().IsValid(cookieTokenValue, headerTokenValue)); }
private static string GetHeaderValue(IAbpAntiForgeryManager manager, HttpRequestHeaders headers) { IEnumerable <string> headerValues; if (!headers.TryGetValues(manager.Configuration.TokenHeaderName, out headerValues)) { return(null); } var headersArray = headerValues.ToArray(); if (!headersArray.Any()) { return(null); } return(headersArray.Last().Split(", ").Last()); }
public static bool IsValid(this IAbpAntiForgeryManager manager, HttpContextBase context) { var cookieValue = GetCookieValue(context); if (cookieValue.IsNullOrEmpty()) { return(true); } var formOrHeaderValue = manager.Configuration.GetFormOrHeaderValue(context); if (formOrHeaderValue.IsNullOrEmpty()) { return(false); } return(manager.As <IAbpAntiForgeryValidator>().IsValid(cookieValue, formOrHeaderValue)); }
public static bool IsValid(this IAbpAntiForgeryManager manager, HttpRequestHeaders headers) { var authCookieValue = GetCookieValue(manager.Configuration.AuthorizationCookieName, headers); var antiForgeryCookieValue = GetCookieValue(manager.Configuration.TokenCookieName, headers); if (antiForgeryCookieValue.IsNullOrEmpty()) { return(authCookieValue.IsNullOrEmpty()); } var headerTokenValue = GetHeaderValue(manager, headers); if (headerTokenValue.IsNullOrEmpty()) { return(false); } return(manager.As <IAbpAntiForgeryValidator>().IsValid(antiForgeryCookieValue, headerTokenValue)); }
public static bool IsValid(this IAbpAntiForgeryManager manager, HttpContextBase context) { var authCookieValue = GetCookieValue(context, manager.Configuration.AuthorizationCookieName); var antiForgeryCookieValue = GetCookieValue(context, AntiForgeryConfig.CookieName); if (antiForgeryCookieValue.IsNullOrEmpty()) { return(authCookieValue.IsNullOrEmpty()); } var formOrHeaderValue = manager.Configuration.GetFormOrHeaderValue(context); if (formOrHeaderValue.IsNullOrEmpty()) { return(false); } return(manager.As <IAbpAntiForgeryValidator>().IsValid(antiForgeryCookieValue, formOrHeaderValue)); }
public AbpSwashbuckleController(IAbpAntiForgeryManager antiForgeryManager) { _antiForgeryManager = antiForgeryManager; }
public static void SetCookie(this IAbpAntiForgeryManager manager, HttpResponseHeaders headers) { headers.SetCookie(new Cookie(manager.Configuration.TokenCookieName, manager.GenerateToken())); }
public HomeController(INotificationPublisher notificationPublisher, IAbpAntiForgeryManager abpAntiForgeryManager) { _notificationPublisher = notificationPublisher; _abpAntiForgeryManager = abpAntiForgeryManager; }
public AntiForgeryController(IAbpAntiForgeryManager antiForgeryManager) { _antiForgeryManager = antiForgeryManager; }
public AntiForgeryController(IAntiforgery antiforgery, IAbpAntiForgeryManager antiForgeryManager) { _antiforgery = antiforgery; _antiForgeryManager = antiForgeryManager; }
public static void SetCookie(this IAbpAntiForgeryManager manager) { manager.HttpContext.Response.Cookies.Append(manager.Options.TokenCookieName, manager.GenerateToken()); }