/// <summary>授权事件</summary>
 public void DoAuth(HttpContext context, MethodInfo method, HttpApiAttribute attr, string securityCode)
 {
     if (this.OnAuth != null)
     {
         this.OnAuth(context, method, attr, securityCode);
     }
 }
 //--------------------------------------------
 // 包裹方法
 //--------------------------------------------
 public void DoVisit(HttpContext context, MethodInfo method, HttpApiAttribute attr, Dictionary <string, object> inputs)
 {
     if (this.OnVisit != null)
     {
         this.OnVisit(context, method, attr, inputs);
     }
 }
Example #3
0
        /// <summary>取得HttpApiAttribute</summary>
        public static HttpApiAttribute GetHttpApiAttribute(this MethodInfo info)
        {
            if (info == null)
            {
                return(null);
            }
            HttpApiAttribute attr = GetAttribute <HttpApiAttribute>(info);

            return(attr);
        }
Example #4
0
        //-----------------------------------------------------------
        // 获取接口清单
        //-----------------------------------------------------------
        // 获取接口清单
        static TypeAPI GetTypeApi(Type type)
        {
            // 获取接口列表
            var rootUrl = GetApiRootUrl(type);
            var typeapi = new TypeAPI();
            var apis    = new List <API>();
            var methods = type.GetMethods(BindingFlags.Public | BindingFlags.Instance | BindingFlags.Static | BindingFlags.DeclaredOnly);

            foreach (MethodInfo method in methods)
            {
                HttpApiAttribute attr = ReflectHelper.GetHttpApiAttribute(method);
                if (attr != null)
                {
                    var api = new API()
                    {
                        Name          = method.Name,
                        Description   = attr.Description,
                        ReturnType    = ParseDataType(attr.Type, method.ReturnType).ToString(),
                        CacheDuration = attr.CacheSeconds,
                        AuthIP        = attr.AuthIP,
                        AuthToken     = attr.AuthToken,
                        AuthLogin     = attr.AuthLogin,
                        AuthUsers     = attr.AuthUsers,
                        AuthRoles     = attr.AuthRoles,
                        AuthVerbs     = attr.AuthVerbs.IsEmpty() ? "" : attr.AuthVerbs.ToUpper(),
                        Status        = attr.Status,
                        Log           = attr.Log,
                        Remark        = attr.Remark,
                        Example       = attr.Example,
                        Url           = GetMethodDisplayUrl(rootUrl, method),
                        UrlTest       = GetMethodTestUrl(rootUrl, method, attr.AuthToken),
                        Params        = GetMethodParams(method, attr.AuthToken),
                        Method        = method,
                        RType         = attr.Type
                    };
                    apis.Add(api);
                }
            }


            //
            typeapi.Apis        = apis.OrderBy(t => t.Name).ToList();
            typeapi.Description = ReflectHelper.GetDescription(type);
            typeapi.Histories   = ReflectHelper.GetHistories(type);
            return(typeapi);
        }
Example #5
0
        // 检测方法的可用性
        static void CheckMethodEnable(HttpContext context, MethodInfo method, HttpApiAttribute attr)
        {
            // 校验访问方式
            if (!attr.AuthVerbs.IsEmpty())
            {
                var verbs = attr.VerbList;
                if (verbs.Count == 0)
                {
                    return;
                }
                if (!verbs.Contains(context.Request.HttpMethod.ToLower()))
                {
                    throw new HttpApiException(400, "Auth verbs fail: " + attr.AuthVerbs);
                }
            }

            // 校验登录与否
            if (attr.AuthLogin)
            {
                if (!Asp.IsLogin())
                {
                    throw new HttpApiException(401, "Auth login fail");
                }
            }

            // 校验用户
            if (!string.IsNullOrEmpty(attr.AuthUsers))
            {
                if (!Asp.IsInUsers(attr.AuthUsers.Split(',', ';')))
                {
                    throw new HttpApiException(401, "Auth user fail");
                }
            }

            // 校验角色
            if (!string.IsNullOrEmpty(attr.AuthRoles))
            {
                if (!Asp.IsInRoles(attr.AuthRoles.Split(',', ';')))
                {
                    throw new HttpApiException(401, "Auth role fail");
                }
            }
        }
Example #6
0
        /// <summary>方法可访问性校验</summary>
        private static void CheckMethod(HttpContext context, MethodInfo method, HttpApiAttribute attr, Dictionary <string, object> inputs)
        {
            // 方法未找到或未公开
            if (method == null || attr == null)
            {
                throw new HttpApiException(404, "Not Found.");
            }

            // 访问事件
            var instance = HttpApiConfig.Instance;

            instance.DoVisit(context, method, attr, inputs);

            // 校验方法可用性
            AuthHelper.LoadPrincipalFromCookie();  // 获取身份验票
            CheckMethodEnable(context, method, attr);

            // 自定义鉴权
            string token = inputs.Keys.Contains("token") ? inputs["token"].ToString() : "";

            instance.DoAuth(context, method, attr, token);
        }
        /// <summary>方法可访问性校验</summary>
        private static void CheckMethod(HttpContext context, MethodInfo method, HttpApiAttribute attr, Dictionary <string, object> inputs)
        {
            // 方法未找到或未公开
            if (method == null || attr == null)
            {
                throw new HttpApiException(404, "API " + method.Name + " not found. Please check the [HttpApi] attribute.");
            }

            // 访问事件
            var instance = HttpApiConfig.Instance;

            instance.DoVisit(context, method, attr, inputs);

            // 校验方法可用性
            App.Core.AuthHelper.LoadCookiePrincipal();  // 获取身份验票
            CheckMethodEnable(context, method, attr);

            // 自定义鉴权
            string securityCode = context.Request.Params["securityCode"];

            instance.DoAuth(context, method, attr, securityCode);
        }
Example #8
0
 /// <summary>授权事件</summary>
 public void DoAuth(HttpContext context, MethodInfo method, HttpApiAttribute attr, string token)
 {
     this.OnAuth?.Invoke(context, method, attr, token);
 }