/// <summary>
/// Determines whether the current request requires a Gateway authentication redirect
/// </summary>
/// <returns>True if the request requires Gateway authentication, otherwise False</returns>
internal static bool GetRequestRequiresGateway()
{
CasAuthentication.Initialize();
HttpContext context = HttpContext.Current;
HttpRequest request = context.Request;
GatewayStatus status = CasAuthentication.GetGatewayStatus();
bool gatewayEnabled = CasAuthentication.Gateway;
bool gatewayWasNotAttempted = (status == GatewayStatus.NotAttempted);
bool requestDoesNotHaveGatewayParameter = !GetRequestHasGatewayParameter();
bool cookiesRequiredUrlIsDefined = !string.IsNullOrEmpty(CasAuthentication.CookiesRequiredUrl);
bool requestIsNotCookiesRequiredUrl = !GetRequestIsCookiesRequiredUrl();
bool notAuthorizedUrlIsDefined = !String.IsNullOrEmpty(CasAuthentication.NotAuthorizedUrl);
bool requestIsNotAuthorizedUrl = notAuthorizedUrlIsDefined && request.RawUrl.StartsWith(UrlUtil.ResolveUrl(CasAuthentication.NotAuthorizedUrl), true, CultureInfo.InvariantCulture);
bool result =
(
gatewayEnabled &&
gatewayWasNotAttempted &&
requestDoesNotHaveGatewayParameter &&
cookiesRequiredUrlIsDefined &&
requestIsNotCookiesRequiredUrl &&
!requestIsNotAuthorizedUrl
);
return(result);
}
/// <summary>
/// Determines whether the user's browser refuses to accept session cookies
/// </summary>
/// <returns>True if the browser does not allow session cookies, otherwise False</returns>
internal static bool GetUserDoesNotAllowSessionCookies()
{
CasAuthentication.Initialize();
// If the request has a gateway parameter but the cookie does not
// reflect the fact that gateway was attempted, then cookies must
// be disabled.
GatewayStatus status = CasAuthentication.GetGatewayStatus();
bool gatewayEnabled = CasAuthentication.Gateway;
bool gatewayWasNotAttempted = (status == GatewayStatus.NotAttempted);
bool requestHasGatewayParameter = GetRequestHasGatewayParameter();
bool cookiesRequiredUrlIsDefined = !string.IsNullOrEmpty(CasAuthentication.CookiesRequiredUrl);
bool requestIsNotCookiesRequiredUrl = cookiesRequiredUrlIsDefined && !GetRequestIsCookiesRequiredUrl();
bool result =
(
gatewayEnabled &&
gatewayWasNotAttempted &&
requestHasGatewayParameter &&
requestIsNotCookiesRequiredUrl
);
return(result);
}
/// <summary>
/// 默认构造函数
/// </summary>
public BaseResponse()
{
GatewayStatus = GatewayStatusCode.Success;
GatewayMessage = GatewayStatus.Description();
DetailedStatus = DetailedStatusCode.Success;
DetailedMessage = DetailedStatus.Description();
}
/// <summary>
/// Attempts to set the GatewayStatus client cookie. If the cookie is not
/// present and equal to GatewayStatus.Attempting when a CAS Gateway request
/// comes in (indicated by the presence of the 'gatewayParameterName'
/// defined in web.config appearing in the URL), the server knows that the
/// client is not accepting session cookies and will optionally redirect
/// the user to the 'cookiesRequiredUrl' (also defined in web.config). If
/// 'cookiesRequiredUrl' is not defined but 'gateway' is, every page request
/// will result in a round-trip to the CAS server.
/// </summary>
/// <param name="httpContext"></param>
/// <param name="gatewayStatus">The GatewayStatus to attempt to store</param>
public void SetGatewayStatusCookie(HttpContextBase httpContext, GatewayStatus gatewayStatus)
{
var cookie = new HttpCookie(_casServices.Settings.GatewayStatusCookieName, gatewayStatus.ToString())
{
HttpOnly = false,
Secure = false,
Path = FormsAuthentication.FormsCookiePath
};
if (!String.IsNullOrEmpty(_settings.RequestUrlPrefix))
{
cookie.Path = GetCookiePath(httpContext);
}
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
// Add it to the request collection for later processing during this request
httpContext.Request.Cookies.Remove(_casServices.Settings.GatewayStatusCookieName);
httpContext.Request.Cookies.Add(cookie);
// Add it to the response collection for delivery to client
httpContext.Response.Cookies.Add(cookie);
}
public IActionResult Status()
{
var res = new GatewayStatus()
{
Status = StatusEnum.OK, Version = Program.AppVersion()
};
return(Json(res)); // Format the output
}
private void InitSystem()
{
Context.System.Scheduler.ScheduleTellRepeatedlyCancelable(1000, 1000, Self, new Evalutate(), ActorRefs.NoSender);
var gatewaystrepo = repositoryManager.Ask <List <GatewayModel> >(new GetAll()).Result;
foreach (var gateway in gatewaystrepo)
{
var gatewayCreated = new GatewayCreated(gateway.Id);
var gatewaySended = new GatewaySended(gateway.Id, gateway.Value);
var gatewayStarted = new GatewayStarted(gateway.Id, gateway.Ip);
var gatewayUpdate = new GatewayUpdate(gateway.Id, gateway.Name);
var gatewayDisconnectd = new GatewayDisconnected(gateway.Id);
var gatewayStatus = new GatewayStatus(gateway.Id);
deviceManager.Tell(gatewayCreated.GatewayPhysicalCreated);
dashboardManager.Tell(gatewayCreated.GatewayDashBoardCreated);
deviceManager.Tell(gatewaySended.GatewayPhysicalSended);
dashboardManager.Tell(gatewaySended.GatewayDashBoardSended);
dashboardManager.Tell(gatewayStarted.GatewayDashBoardStarted);
dashboardManager.Tell(gatewayUpdate.GatewayDashBoardUpdate);
deviceManager.Tell(gatewayDisconnectd.GatewayPhysicalDisconnected);
dashboardManager.Tell(gatewayDisconnectd.GatewayDashBoardDisconnected);
deviceManager.Tell(gatewayStatus.GatewayPhysicalStatus);
foreach (var device in gateway.Devices)
{
var deviceInfo = new DeviceInfo(device.Id, gateway.Id);
var deviceCreated = new DeviceCreated(deviceInfo);
var deviceSended = new DeviceSended(deviceInfo, device.Value);
var deviceStarted = new DeviceStarted(deviceInfo, device.Ip);
var deviceUpdate = new DeviceUpdate(deviceInfo, device.Name);
var deviceDisconnectd = new DeviceDisconnected(deviceInfo);
var deviceStatus = new DeviceStatus(deviceInfo);
deviceManager.Tell(deviceCreated.DevicePhysicalCreated);
dashboardManager.Tell(deviceCreated.DeviceDashBoardCreated);
deviceManager.Tell(deviceSended.DevicePhysicalSended);
dashboardManager.Tell(deviceSended.DeviceDashBoardSended);
dashboardManager.Tell(deviceStarted.DeviceDashBoardStarted);
dashboardManager.Tell(deviceUpdate.DeviceDashBoardUpdate);
deviceManager.Tell(deviceDisconnectd.DevicePhysicalDisconnected);
dashboardManager.Tell(deviceDisconnectd.DeviceDashBoardDisconnected);
deviceManager.Tell(deviceStatus.DevicePhysicalStatus);
}
}
}
// GET: api/Gateway
public GatewayStatus Get()
{
Gateway gw = GatewayPersistence.Instance.Current;
GatewayStatus gws = new GatewayStatus(gw);
BoolPacket bp = GatewayLinker.Instance.GetValue <BoolPacket>(new CodePacket(MessageCode.IsServerStarted));
gws.IsStarted = bp == null ? false : bp.Value;
return(gws);
}
/// <summary>
/// encrypt string using gateway settings
/// </summary>
/// <param name="status">gateway status <see cref="GatewayStatus"/> contains settings for encryption</param>
/// <param name="source">source <see cref="string"/> to encrypt</param>
/// <returns>base 64 encoded string after encryption</returns>
public static string EncryptUsingGatewaySettings(GatewayStatus status, string source)
{
if (string.IsNullOrEmpty(source))
{
return(source);
}
if (status == null)
{
throw new ArgumentNullException(nameof(status), "gateway status not set");
}
var result = string.Empty;
var jwk = status.EncryptionJwk;
#if NET45
using (var rsa = new RSACryptoServiceProvider())
{
rsa.ImportParameters(
new RSAParameters
{
Exponent = Convert.FromBase64String(jwk.E),
Modulus =
Convert.FromBase64String(
jwk.N.Replace('_', '/')
.Replace('-', '+')
.PadRight(jwk.N.Length + ((4 - (jwk.N.Length % 4)) % 4), '='))
});
var bytes = rsa.Encrypt(Encoding.UTF8.GetBytes(source), true);
result = System.Convert.ToBase64String(bytes);
}
#elif PORTABLE
using (var rsa = RSA.Create())
{
rsa.ImportParameters(
new RSAParameters
{
Exponent = Convert.FromBase64String(jwk.E),
Modulus =
Convert.FromBase64String(
jwk.N.Replace('_', '/')
.Replace('-', '+')
.PadRight(jwk.N.Length + ((4 - (jwk.N.Length % 4)) % 4), '='))
});
var bytes = rsa.Encrypt(Encoding.UTF8.GetBytes(source), RSAEncryptionPadding.Pkcs1);
result = System.Convert.ToBase64String(bytes);
}
#endif
return(result);
}
private void OnGatewayStateChanged(GatewayStatus newState)
{
switch (newState)
{
case GatewayStatus.Resuming:
Resuming?.Invoke();
break;
case GatewayStatus.Reconnecting:
Reconnecting?.Invoke();
break;
case GatewayStatus.Disconnected:
LoggedOut?.Invoke();
break;
}
}
/// <summary>
/// Determines whether the user's browser refuses to accept session cookies
/// </summary>
/// <returns>True if the browser does not allow session cookies, otherwise False</returns>
public bool GetUserDoesNotAllowSessionCookies(HttpContextBase httpContext, GatewayStatus status)
{
// If the request has a gateway parameter but the cookie does not
// reflect the fact that gateway was attempted, then cookies must
// be disabled.
bool gatewayEnabled = _casServices.Settings.Gateway;
bool gatewayWasNotAttempted = (status == GatewayStatus.NotAttempted);
bool requestHasGatewayParameter = GetRequestHasGatewayParameter(httpContext);
bool cookiesRequiredUrlIsDefined = !String.IsNullOrEmpty(_casServices.Settings.CookiesRequiredUrl);
bool requestIsNotCookiesRequiredUrl = cookiesRequiredUrlIsDefined && !GetRequestIsCookiesRequiredUrl(httpContext);
bool result =
(
gatewayEnabled &&
gatewayWasNotAttempted &&
requestHasGatewayParameter &&
requestIsNotCookiesRequiredUrl
);
return(result);
}
/// <summary>
/// Determines whether the current request requires a Gateway authentication redirect
/// </summary>
/// <returns>True if the request requires Gateway authentication, otherwise False</returns>
public bool GetRequestRequiresGateway(HttpContextBase httpContext, GatewayStatus status)
{
HttpRequestBase request = httpContext.Request;
bool gatewayEnabled = _casServices.Settings.Gateway;
bool gatewayWasNotAttempted = (status == GatewayStatus.NotAttempted);
bool requestDoesNotHaveGatewayParameter = !GetRequestHasGatewayParameter(httpContext);
bool cookiesRequiredUrlIsDefined = !String.IsNullOrEmpty(_casServices.Settings.CookiesRequiredUrl);
bool requestIsNotCookiesRequiredUrl = !GetRequestIsCookiesRequiredUrl(httpContext);
bool notAuthorizedUrlIsDefined = !String.IsNullOrEmpty(_casServices.Settings.NotAuthorizedUrl);
bool requestIsNotAuthorizedUrl = notAuthorizedUrlIsDefined && request.RawUrl.StartsWith(_urlUtil.ResolveUrl(_casServices.Settings.NotAuthorizedUrl), true, CultureInfo.InvariantCulture);
bool result =
(
gatewayEnabled &&
gatewayWasNotAttempted &&
requestDoesNotHaveGatewayParameter &&
cookiesRequiredUrlIsDefined &&
requestIsNotCookiesRequiredUrl &&
!requestIsNotAuthorizedUrl
);
return(result);
}
/// <summary>
/// Attempts to set the GatewayStatus client cookie. If the cookie is not
/// present and equal to GatewayStatus.Attempting when a CAS Gateway request
/// comes in (indicated by the presence of the 'gatewayParameterName'
/// defined in web.config appearing in the URL), the server knows that the
/// client is not accepting session cookies and will optionally redirect
/// the user to the 'cookiesRequiredUrl' (also defined in web.config). If
/// 'cookiesRequiredUrl' is not defined but 'gateway' is, every page request
/// will result in a round-trip to the CAS server.
/// </summary>
/// <param name="gatewayStatus">The GatewayStatus to attempt to store</param>
internal static void SetGatewayStatusCookie(GatewayStatus gatewayStatus)
{
Initialize();
HttpContext current = HttpContext.Current;
HttpCookie cookie = new HttpCookie(GatewayStatusCookieName, gatewayStatus.ToString());
cookie.HttpOnly = false;
cookie.Path = FormsAuthentication.FormsCookiePath;
cookie.Secure = false;
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
// Add it to the request collection for later processing during this request
current.Request.Cookies.Remove(GatewayStatusCookieName);
current.Request.Cookies.Add(cookie);
// Add it to the response collection for delivery to client
current.Response.Cookies.Add(cookie);
}
/// <summary>
/// Attempts to set the GatewayStatus client cookie. If the cookie is not
/// present and equal to GatewayStatus.Attempting when a CAS Gateway request
/// comes in (indicated by the presence of the 'gatewayParameterName'
/// defined in web.config appearing in the URL), the server knows that the
/// client is not accepting session cookies and will optionally redirect
/// the user to the 'cookiesRequiredUrl' (also defined in web.config). If
/// 'cookiesRequiredUrl' is not defined but 'gateway' is, every page request
/// will result in a round-trip to the CAS server.
/// </summary>
/// <param name="httpContext"></param>
/// <param name="gatewayStatus">The GatewayStatus to attempt to store</param>
public void SetGatewayStatusCookie(HttpContextBase httpContext, GatewayStatus gatewayStatus) {
var cookie = new HttpCookie(_casServices.Settings.GatewayStatusCookieName, gatewayStatus.ToString()) {
HttpOnly = false,
Secure = false,
Path = FormsAuthentication.FormsCookiePath
};
if (!String.IsNullOrEmpty(_settings.RequestUrlPrefix)) {
cookie.Path = GetCookiePath(httpContext);
}
if (FormsAuthentication.CookieDomain != null) {
cookie.Domain = FormsAuthentication.CookieDomain;
}
// Add it to the request collection for later processing during this request
httpContext.Request.Cookies.Remove(_casServices.Settings.GatewayStatusCookieName);
httpContext.Request.Cookies.Add(cookie);
// Add it to the response collection for delivery to client
httpContext.Response.Cookies.Add(cookie);
}
/// <summary>
/// Determines whether the user's browser refuses to accept session cookies
/// </summary>
/// <returns>True if the browser does not allow session cookies, otherwise False</returns>
public bool GetUserDoesNotAllowSessionCookies(HttpContextBase httpContext, GatewayStatus status) {
// If the request has a gateway parameter but the cookie does not
// reflect the fact that gateway was attempted, then cookies must
// be disabled.
bool gatewayEnabled = _casServices.Settings.Gateway;
bool gatewayWasNotAttempted = (status == GatewayStatus.NotAttempted);
bool requestHasGatewayParameter = GetRequestHasGatewayParameter(httpContext);
bool cookiesRequiredUrlIsDefined = !String.IsNullOrEmpty(_casServices.Settings.CookiesRequiredUrl);
bool requestIsNotCookiesRequiredUrl = cookiesRequiredUrlIsDefined && !GetRequestIsCookiesRequiredUrl(httpContext);
bool result =
(
gatewayEnabled &&
gatewayWasNotAttempted &&
requestHasGatewayParameter &&
requestIsNotCookiesRequiredUrl
);
return result;
}
/// <summary>
/// Determines whether the current request requires a Gateway authentication redirect
/// </summary>
/// <returns>True if the request requires Gateway authentication, otherwise False</returns>
public bool GetRequestRequiresGateway(HttpContextBase httpContext, GatewayStatus status) {
HttpRequestBase request = httpContext.Request;
bool gatewayEnabled = _casServices.Settings.Gateway;
bool gatewayWasNotAttempted = (status == GatewayStatus.NotAttempted);
bool requestDoesNotHaveGatewayParameter = !GetRequestHasGatewayParameter(httpContext);
bool cookiesRequiredUrlIsDefined = !String.IsNullOrEmpty(_casServices.Settings.CookiesRequiredUrl);
bool requestIsNotCookiesRequiredUrl = !GetRequestIsCookiesRequiredUrl(httpContext);
bool notAuthorizedUrlIsDefined = !String.IsNullOrEmpty(_casServices.Settings.NotAuthorizedUrl);
bool requestIsNotAuthorizedUrl = notAuthorizedUrlIsDefined && request.RawUrl.StartsWith(_urlUtil.ResolveUrl(_casServices.Settings.NotAuthorizedUrl), true, CultureInfo.InvariantCulture);
bool result =
(
gatewayEnabled &&
gatewayWasNotAttempted &&
requestDoesNotHaveGatewayParameter &&
cookiesRequiredUrlIsDefined &&
requestIsNotCookiesRequiredUrl &&
!requestIsNotAuthorizedUrl
);
return result;
}
