public void OnAuthorization(AuthorizationFilterContext context) { if (context.Filters.Any(filter => filter is IAllowAnonymousFilter)) { return; } var token = MemberShiper.AppAuthorize.Token; if (string.IsNullOrEmpty(token)) { ReponseEnd(new ResultMo(ResultTypes.UnAuthorize, "用户未登录!"), context); return; } var userRes = UserCommon.GetCurrentUser().Result; if (!userRes.IsSuccess()) { ReponseEnd(userRes, context); return; } MemberShiper.SetIdentity(new MemberIdentity() { Id = userRes.data.id, MemberInfo = userRes.data }); }
public void OnAuthorization(AuthorizationFilterContext context) { if (context.Filters.Any(filter => filter is IAllowAnonymousFilter)) { return; } // 防止cotroller层和action的或者成员信息需求不一致时 的去重验证 if (infoType == MemberInfoType.OnlyId && MemberShiper.IsAuthenticated || infoType == MemberInfoType.Info && MemberShiper.Identity.MemberInfo != null) { return; } var identity = MemberShiper.Identity; if (identity == null) { var identityRes = GetIndentityId(); if (!identityRes.IsSuccess) { context.Result = new JsonResult(identityRes); return; } identity = identityRes.Data; } if (infoType == MemberInfoType.Info) { if (!GetIdentityMemberInfo(identity).IsSuccess) { context.Result = new JsonResult(new ResultMo(ResultTypes.UnAuthorize, "未发现授权用户信息")); return; } } MemberShiper.SetIdentity(identity); }
public static ResultMo <(long id, int authType)> GetTokenDetail(string appSource, string tokenStr) { var tokenDetail = MemberShiper.GetTokenDetail(tokenSecret, tokenStr); var tokenSplit = tokenDetail.Split('|'); return(new ResultMo <ValueTuple <long, int> >((tokenSplit[0].ToInt64(), tokenSplit[1].ToInt32()))); }
private static UserTokenResp GenerateUserToken(UserInfoBigMo user, MemberAuthorizeType authType) { var tokenStr = string.Concat(user.id, "|", (int)authType, "|", DateTime.Now.ToUtcSeconds()); var token = MemberShiper.GetToken(tokenSecret, tokenStr); return(new UserTokenResp() { token = token, user = user.ConvertToMo() }); }
public async Task Invoke(HttpContext context) { if (MemberShiper.AppAuthorize != null) { await _next.Invoke(context); return; } SysAuthorizeInfo sysInfo = null; // 这里是为了兼容App嵌套h5页面,使用App的授权信息 string auticketStr = context.Request.Headers[GlobalKeysUtil.AuthorizeTicketName]; if (!string.IsNullOrEmpty(auticketStr)) { sysInfo = new SysAuthorizeInfo(); sysInfo.FromSignData(auticketStr); var secretKeyRes = ApiSourceKeyUtil.GetAppSecretKey(sysInfo.AppSource); if (!secretKeyRes.IsSuccess()) { await ResponseEnd(context, secretKeyRes); return; } if (!sysInfo.CheckSign(secretKeyRes.data)) { await ResponseEnd(context, new ResultMo(ResultTypes.ParaError, "签名验证失败!")); return; } sysInfo.OriginAppSource = sysInfo.AppSource; } // 如果不是App访问,添加Web相关系统信息 if (sysInfo == null) { sysInfo = new SysAuthorizeInfo { Token = context.Request.Cookies[GlobalKeysUtil.UserCookieName], DeviceId = "WEB" }; // todo appclient } CompleteAuthInfo(sysInfo, context); MemberShiper.SetAppAuthrizeInfo(sysInfo); await _next.Invoke(context); }
public static ResultMo <string> AppendToken(string appSource, long id, MemberAuthorizeType authType) { var secreateKeyRes = ApiSourceKeyUtil.GetAppSecretKey(appSource); if (!secreateKeyRes.IsSuccess) { return(secreateKeyRes.ConvertToResultOnly <string>()); } var tokenCon = string.Concat(id, "|", (int)authType, "|", DateTime.Now.ToUtcSeconds()); return(new ResultMo <string>(MemberShiper.GetToken(secreateKeyRes.Data, tokenCon))); }
public async void TestRestCommonJson() { var req = new OsHttpRequest { AddressUrl = "http://localhost:62936", HttpMethod = HttpMethod.Get }; MemberShiper.SetAppAuthrizeInfo(new AppAuthorizeInfo()); var res = await req.RestCommonJson <ResultMo>(); Assert.True(res.IsSuccess()); }
public static ResultMo <(long id, int authType)> GetTokenDetail(string appSource, string tokenStr) { var secreateKeyRes = ApiSourceKeyUtil.GetAppSecretKey(appSource); if (!secreateKeyRes.IsSuccess) { return(secreateKeyRes.ConvertToResultOnly <(long id, int authType)>()); } var tokenDetail = MemberShiper.GetTokenDetail(secreateKeyRes.Data, tokenStr); var tokenSplit = tokenDetail.Split('|'); return(new ResultMo <ValueTuple <long, int> >((tokenSplit[0].ToInt64(), tokenSplit[1].ToInt32()))); }
public async Task Invoke(HttpContext context) { if (MemberShiper.AppAuthorize != null) { await _next.Invoke(context); return; } AppAuthorizeInfo sysInfo = null; // 这里是为了兼容App内部嵌套h5页面,使用App的授权信息 string auticketStr = context.Request.Headers[GlobalKeysUtil.AuthorizeTicketName]; if (!string.IsNullOrEmpty(auticketStr)) { sysInfo = new AppAuthorizeInfo(); sysInfo.FromSignData(auticketStr); } // 如果不是App访问,添加Web相关系统信息 if (sysInfo == null) { sysInfo = new AppAuthorizeInfo { Token = context.Request.Cookies[GlobalKeysUtil.UserCookieName], DeviceId = "WEB" }; // todo 给 webbrowser 赋值 } sysInfo.AppVersion = _appVersion; sysInfo.AppSource = _appSource; if (string.IsNullOrEmpty(sysInfo.IpAddress)) { sysInfo.IpAddress = GetIpAddress(context); } MemberShiper.SetAppAuthrizeInfo(sysInfo); await _next.Invoke(context); }
public async Task Invoke(HttpContext context) { if (MemberShiper.AppAuthorize != null) { await _next.Invoke(context); return; } SysAuthorizeInfo sysInfo = null; // 这里是为了兼容App嵌套h5页面,使用App的授权信息 string auticketStr = context.Request.Headers[authorizeTicket]; if (!string.IsNullOrEmpty(auticketStr)) { sysInfo = new SysAuthorizeInfo(); sysInfo.FromSignData(auticketStr); var secretKeyRes = ApiSourceKeyUtil.GetAppSecretKey(sysInfo.AppSource); if (!secretKeyRes.IsSuccess || !sysInfo.CheckSign(secretKeyRes.Data)) { context.Response.Redirect(string.Concat("/un/error?msg=", "不正确的应用来源!")); return; } sysInfo.OriginAppSource = sysInfo.AppSource; } // 如果不是App访问,添加Web相关系统信息 if (sysInfo == null) { sysInfo = new SysAuthorizeInfo(); sysInfo.Token = context.Request.Cookies["ct_id"]; // todo appclient sysInfo.DeviceId = "WEB"; } CompleteAuthInfo(sysInfo, context); MemberShiper.SetAppAuthrizeInfo(sysInfo); await _next.Invoke(context); }
public async Task Invoke(HttpContext context) { string auticketStr = context.Request.Headers[GlobalKeysUtil.AuthorizeTicketName]; if (string.IsNullOrEmpty(auticketStr)) { await ResponseEnd(context, new ResultMo(ResultTypes.UnKnowSource, "未知应用来源")); return; } var sysInfo = new SysAuthorizeInfo(); sysInfo.FromSignData(auticketStr); var secretKeyRes = ApiSourceKeyUtil.GetAppSecretKey(sysInfo.AppSource); if (!secretKeyRes.IsSuccess()) { await ResponseEnd(context, secretKeyRes); return; } if (!sysInfo.CheckSign(secretKeyRes.data)) { await ResponseEnd(context, new ResultMo(ResultTypes.ParaError, "非法应用签名!")); return; } if (string.IsNullOrEmpty(sysInfo.IpAddress)) { sysInfo.IpAddress = GetIpAddress(context); } MemberShiper.SetAppAuthrizeInfo(sysInfo); await _next.Invoke(context); }
public void OnAuthorization(AuthorizationFilterContext context) { AppAuthorizeInfo sysInfo = null; var checkSign = !context.Filters.Any(filter => filter is AllowNoSignAttribute); if (checkSign) { string auticketStr = context.HttpContext.Request.Headers[GlobalKeysUtil.AuthorizeTicketName]; if (string.IsNullOrEmpty(auticketStr)) { context.Result = new JsonResult(new ResultMo(ResultTypes.UnKnowSource, "未知应用来源")); return; } sysInfo = new AppAuthorizeInfo(); sysInfo.FromTicket(auticketStr); var secretKeyRes = ApiSourceKeyUtil.GetAppSecretKey(sysInfo.AppSource, sysInfo.TenantId); if (!secretKeyRes.IsSuccess()) { context.Result = new JsonResult(secretKeyRes); return; } if (!sysInfo.CheckSign(secretKeyRes.data)) { context.Result = new JsonResult(new ResultMo(ResultTypes.ParaError, "非法应用签名!")); return; } } if (sysInfo == null) { sysInfo = new AppAuthorizeInfo(); } SetSystemAuthorizeInfo(sysInfo, context); MemberShiper.SetAppAuthrizeInfo(sysInfo); }
public async Task Invoke(HttpContext context) { string auticketStr = context.Request.Headers[authorizeTicket]; if (auticketStr == null) { await ResponseEnd(context, new ResultMo(ResultTypes.UnKnowSource, "未知应用来源")); return; } var sysInfo = new SysAuthorizeInfo(); sysInfo.FromSignData(auticketStr); var secretKeyRes = ApiSourceKeyUtil.GetAppSecretKey(sysInfo.AppSource); if (!secretKeyRes.IsSuccess) { await ResponseEnd(context, secretKeyRes); return; } if (!sysInfo.CheckSign(secretKeyRes.Data)) { await ResponseEnd(context, new ResultMo(ResultTypes.ParaNotMeet, "非法应用签名!")); return; } CompleteAuthInfo(sysInfo, context); MemberShiper.SetAppAuthrizeInfo(sysInfo); await _next.Invoke(context); }