public override void OnAuthorization(AuthorizationContext filterContext)
        {
            HttpRequestBase     Request    = filterContext.RequestContext.HttpContext.Request;
            NameValueCollection parameters = new NameValueCollection()
            {
                Request.Form,
                Request.QueryString
            };

            string sign = parameters["sign"];

            parameters.Remove("sign");
            List <string> paramlist = new List <string>();

            foreach (var item in parameters.AllKeys.OrderBy(k => k))
            {
                paramlist.Add(item + "=" + HttpUtility.UrlDecode(parameters[item]));
            }
            string presignstr = string.Join("&", paramlist);
            string digest     = RSAHelper.DecryptString(sign, ConfigurationManager.AppSettings[PrivateKey]);

            if (Sha1.Compute(presignstr) != digest)
            {
                ContentResult result = new ContentResult();
                result.Content       = "Sign Error.";
                filterContext.Result = result;
            }
        }
Esempio n. 2
0
        public static string Create(string urlpath, object querystring, object form, string publickey)
        {
            List <string>       paramlist   = new List <string>();
            List <string>       signparam   = new List <string>();
            NameValueCollection QueryString = new NameValueCollection();
            NameValueCollection Form        = new NameValueCollection();

            if (querystring != null)
            {
                foreach (PropertyDescriptor propertyDescriptor in TypeDescriptor.GetProperties(querystring))
                {
                    object obj = propertyDescriptor.GetValue(querystring);
                    paramlist.Add(propertyDescriptor.Name + "=" + HttpUtility.UrlEncode(obj.ToString()));
                    QueryString.Add(propertyDescriptor.Name, obj.ToString());
                }
            }
            if (form != null)
            {
                foreach (PropertyDescriptor propertyDescriptor in TypeDescriptor.GetProperties(form))
                {
                    object obj = propertyDescriptor.GetValue(form);
                    paramlist.Add(propertyDescriptor.Name + "=" + HttpUtility.UrlEncode(obj.ToString()));
                    Form.Add(propertyDescriptor.Name, obj.ToString());
                }
            }
            NameValueCollection parameters = new NameValueCollection()
            {
                Form,
                QueryString
            };

            foreach (var item in parameters.AllKeys.OrderBy(k => k))
            {
                signparam.Add(item + "=" + parameters[item]);
            }

            string digest = Sha1.Compute(string.Join("&", signparam));

            paramlist.Add("sign=" + RSAHelper.EncryptString(digest, publickey));
            return(urlpath + (paramlist.Count > 0 ? "?" + string.Join("&", paramlist) : ""));
        }
Esempio n. 3
0
        public async Task <CompilerResult> Compile(string name, string script, CompilerOptions compilerOptions)
        {
            var result       = new CompilerResult(name);
            var rootClass    = result.RootClass;
            var parsedScript = new ScriptParser(compilerOptions, name, script);

            result.ParsedScript = parsedScript;

            foreach (var assemblyName in parsedScript.AssemblyFiles)
            {
                var ass = assemblyName;
                // ignore during debugging
                if (ass.StartsWith('!'))
                {
                    if (compilerOptions.Debugging)
                    {
                        continue;
                    }

                    ass = assemblyName.Substring(1);
                }

                if (_loadedAssemblies.Contains(ass))
                {
                    continue;
                }

                try
                {
                    var found = false;
                    foreach (var assemblyDirectory in _runtime.AssemblyDirectories)
                    {
                        var assemblyPath = Path.Combine(assemblyDirectory.FullName, ass);
                        if (File.Exists(assemblyPath))
                        {
                            var assembly = Assembly.LoadFrom(assemblyPath);
                            _runtime.ReferenceAssembly(assembly);
                            _loadedAssemblies.Add(ass);
                            found = true;
                            break;
                        }
                    }

                    if (!found)
                    {
                        throw new FileNotFoundException("Assembly not found.", ass);
                    }
                }
                catch (ReflectionTypeLoadException ex)
                {
                    var error = new StringBuilder();
                    error.AppendLine(ass);
                    foreach (Exception loaderEx in ex.LoaderExceptions)
                    {
                        error.AppendLine(loaderEx.Message);
                    }

                    var e = error.ToString();
                    Log.Error(e, this);
                    result.SetError(CompilerResultType.AssemblyError, e);
                    return(result);
                }
                catch (Exception ex)
                {
                    var error = Tr.Get("Compiler.AssemblyError", ass, ex.Message);
                    Log.Error(error, this);

                    result.SetError(CompilerResultType.AssemblyError, error);
                    return(result);
                }
            }

            var finalScript = parsedScript.Script;

            if (string.IsNullOrWhiteSpace(finalScript))
            {
                var error = Tr.Get("Compiler.ScriptEmpty", name);
                Log.Error(error, this);
                result.SetError(CompilerResultType.CompileError, error);
                return(result);
            }

            var useCachedAssemblies = compilerOptions.UseCachedAssemblies;

            var baseFileName = $"{Sha1.Compute($"{Sha1.Compute(finalScript)}|{Environment.UserName}").Replace("-", "")}-{rootClass}-rosi";

            var pdbFilePath     = Path.Combine(Path.GetTempPath(), $"{baseFileName}.pdb");
            var assemblyFilPath = Path.Combine(Path.GetTempPath(), $"{baseFileName}.dll");

            var loadedFromFile = false;

            if (useCachedAssemblies && File.Exists(assemblyFilPath) && File.Exists(pdbFilePath))
            {
                try
                {
                    var assemblyData = await File.ReadAllBytesAsync(assemblyFilPath);

                    var pdbData = await File.ReadAllBytesAsync(pdbFilePath);

                    result.Assembly = AppDomain.CurrentDomain.Load(assemblyData, pdbData);
                    loadedFromFile  = true;
                }
                catch { }
            }

            try
            {
                if (!loadedFromFile)
                {
                    var compilerSettings = ScriptOptions.Default.AddReferences(_runtime.ReferencedAssemblies).WithEmitDebugInformation(compilerOptions.Debugging);
                    var compilation      = CSharpScript.Create(finalScript, compilerSettings).GetCompilation();

                    compilation = compilation.WithOptions(compilation.Options
                                                          .WithOutputKind(OutputKind.DynamicallyLinkedLibrary)
                                                          .WithOptimizationLevel(compilerOptions.Debugging ? OptimizationLevel.Debug : OptimizationLevel.Release)
                                                          .WithScriptClassName(rootClass)
                                                          );

                    var emitOptions = new EmitOptions(false, DebugInformationFormat.PortablePdb);

                    using var pdbStream      = new MemoryStream();
                    using var assemblyStream = new MemoryStream();
                    var emitResult = compilation.Emit(assemblyStream, pdbStream, options: emitOptions);

                    if (emitResult.Success)
                    {
                        assemblyStream.Seek(0, SeekOrigin.Begin);
                        var assemblyData = assemblyStream.GetBuffer();

                        pdbStream.Seek(0, SeekOrigin.Begin);
                        var pdbData = pdbStream.GetBuffer();

                        await File.WriteAllBytesAsync(assemblyFilPath, assemblyData);

                        await File.WriteAllBytesAsync(pdbFilePath, pdbData);

                        result.Assembly = AppDomain.CurrentDomain.Load(assemblyData, pdbData);
                    }
                    else
                    {
                        var diagnostics = emitResult.Diagnostics.Where(d => d.IsWarningAsError || d.Severity == DiagnosticSeverity.Error);

                        var message = new StringBuilder();
                        foreach (var diagnostic in diagnostics)
                        {
                            var errorLocation = string.Empty;
                            if (diagnostic.Location.IsInSource)
                            {
                                var errorPosition = diagnostic.Location.GetLineSpan().StartLinePosition;
                                errorLocation = $" ({errorPosition.Line},{errorPosition.Character})";
                            }
                            message.AppendLine($"{diagnostic.Id}{errorLocation}: {diagnostic.GetMessage()}");
                        }

                        throw new Exception(message.ToString());
                    }
                }
            }
            catch (Exception ex)
            {
                var error = Tr.Get("Compiler.Error", name, ex.Message);

                if (compilerOptions.LogScriptOnError)
                {
                    error += finalScript + "\n";
                }

                Log.Error(error, this);

                result.SetError(CompilerResultType.CompileError, error);
                return(result);
            }

            var outputPath = compilerOptions.ScriptOutputPath;

            if (!string.IsNullOrWhiteSpace(outputPath))
            {
                try
                {
                    var scriptPath = Path.Combine(outputPath, name);
                    if (!loadedFromFile || !File.Exists(scriptPath))
                    {
                        Directory.CreateDirectory(outputPath);
                        await File.WriteAllTextAsync(scriptPath, finalScript);
                    }
                }
                catch
                { }
            }

            result.Result = CompilerResultType.Ok;
            return(result);
        }