public Task OnExceptionAsync(HttpActionExecutedContext actionExecutedContext, CancellationToken cancellationToken)
        {
            var response = new HttpResponseMessage();
            response.StatusCode = HttpStatusCode.OK;
            var responseContent = new ResponseBaseModel();

            if (actionExecutedContext.Exception is LogicErrorException)
            {
                responseContent.SetResponse(ResStatusCode.LogicError, actionExecutedContext.Exception.Message);
            }
            else if (actionExecutedContext.Exception is UnAuthorizeException)
            {
                responseContent.SetResponse(ResStatusCode.UnAuthorize, actionExecutedContext.Exception.Message);
            }
            else if (actionExecutedContext.Exception is UnAuthenticateException)
            {
                responseContent.SetResponse(ResStatusCode.UnAuthenticate, actionExecutedContext.Exception.Message);
            }
            else if(actionExecutedContext.Exception is FrontInputValidateErrorException)
            {
                responseContent.SetResponse(ResStatusCode.FrontInputValidateError, actionExecutedContext.Exception.Message);
            }
            else if (actionExecutedContext.Exception is UserInputValidateErrorException)
            {
                responseContent.SetResponse(ResStatusCode.UserInputValidateError, actionExecutedContext.Exception.Message);
            }
            else
            {
                responseContent.SetResponse(ResStatusCode.InternalServerError, "服务器内部错误");

                _logger.Error(JsonConvert.SerializeObject(new { uri = actionExecutedContext.Request.RequestUri, head = actionExecutedContext.Request.Headers, content = actionExecutedContext.Request.Content }), actionExecutedContext.Exception);
            }
            response.Content = new StringContent(JsonConvert.SerializeObject(responseContent));
            actionExecutedContext.Response = response;
            actionExecutedContext.Response.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
        
            return Task.FromResult(0);
        }
        public Task OnActionExecutingAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
        {
            if (!actionContext.ModelState.IsValid)
            {
                IDictionary <string, IEnumerable <string> > errors = new Dictionary <string, IEnumerable <string> >();
                ResponseBaseModel responseContent = new ResponseBaseModel();
                responseContent.code = ResStatusCode.UserInputValidateError;
                foreach (var keyModelStatePair in actionContext.ModelState)
                {
                    if (keyModelStatePair.Value.Errors != null && keyModelStatePair.Value.Errors.Count > 0)
                    {
                        IEnumerable <string> errorMessages = keyModelStatePair.Value.Errors
                                                             .Where(s => !string.IsNullOrEmpty(s.ErrorMessage))
                                                             .Select(s => s.ErrorMessage).ToList();
                        string key = keyModelStatePair.Key;
                        if (keyModelStatePair.Key.Split('.').Count() > 0)
                        {
                            key = string.Join(".", keyModelStatePair.Key.Split('.').Skip(1));
                        }
                        errors.Add(key, errorMessages);
                    }
                }

                //暂时性先显示第一个错误
                //if (errors.Count > 0)
                //{
                //    responseContent.message = errors.First().Value.First();
                //}
                responseContent.message = Newtonsoft.Json.JsonConvert.SerializeObject(errors);

                actionContext.Response         = new System.Net.Http.HttpResponseMessage();
                actionContext.Response.Content = new StringContent(Newtonsoft.Json.JsonConvert.SerializeObject(responseContent));
                actionContext.Response.Content.Headers.ContentType = new System.Net.Http.Headers.MediaTypeHeaderValue("application/json");
                actionContext.Response.Content.Headers.ContentEncoding.Add("utf-8");
            }
            return(Task.FromResult(0));
        }
Esempio n. 3
0
        public Task OnActionExecutingAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
        {
            var actionAttrs = actionContext.ActionDescriptor.GetCustomAttributes <CustomAuthorizeAttribute>();

            if (actionAttrs.Count > 0)
            {
                var responseBaseModel = new ResponseBaseModel();

                ClaimsPrincipal principal = actionContext.RequestContext.Principal as ClaimsPrincipal;
                if (principal != null && principal.Identity.IsAuthenticated)
                {
                    //认证成功
                    if (actionAttrs.Any(s => null != s.Roles && s.Roles.Count() > 0))
                    {
                        //需要验证权限的情况
                        List <Role> needRoles = actionAttrs
                                                .Select(s => s.Roles.Select(m => new Role()
                        {
                            roleType = s.RoleType, roleCode = m
                        }).ToList())
                                                .Aggregate((result, next) =>
                        {
                            result.AddRange(next.Where(s => !result.Exists(m => m.roleType.Equals(s.roleType) && m.roleCode.Equals(s.roleCode))));
                            return(result);
                        });
                        //当前用户具有的权限
                        //var oAuthRoles = principal.Claims.Where(s => s.Type.Equals(ClaimTypes.Role)).Select(s => s.Value).ToList();
                        //List<Role> localRoles = identityService.TransformOAuthRoleToLocalRole(oAuthRoles);
                        var         userMail      = ((ClaimsIdentity)principal.Identity).FindFirst(ClaimTypes.Email).Value;
                        var         userRepoModel = this.userRepository.GetUser(userMail);
                        List <Role> localRoles    = userRepoModel.roleList;
                        var         reqParams     = actionContext.ActionArguments.Values.FirstOrDefault() as RequestBaseModel;
                        if (needRoles.Count(s => s.roleType.Equals(RoleType.Team)).Equals(needRoles.Count()) && (null == reqParams || reqParams.teamID == 0))
                        {
                            //为了可读性,因此不采用!needRoles.Exists(s=>!s.roleType.Equals(RoleType.Team))
                            //全部是团队的角色
                            responseBaseModel.SetResponse(ResStatusCode.FrontInputValidateError, "团队ID不能为空");
                            SetOAuthErrorResponse(actionContext, responseBaseModel);
                        }
                        else if (needRoles.Count(s => s.roleType.Equals(RoleType.Project)).Equals(needRoles.Count()) && (null == reqParams || reqParams.projectID == 0))
                        {
                            //全部是项目的角色
                            responseBaseModel.SetResponse(ResStatusCode.FrontInputValidateError, "项目ID不能为空");
                            SetOAuthErrorResponse(actionContext, responseBaseModel);
                        }
                        else if (null == reqParams || (reqParams.teamID == 0 && reqParams.projectID == 0))
                        {
                            //混合项目和团队的角色(一般不可能发生)
                            responseBaseModel.SetResponse(ResStatusCode.FrontInputValidateError, "团队ID和项目ID不能同时为空");
                            SetOAuthErrorResponse(actionContext, responseBaseModel);
                        }
                        else if (!CheckAuthorize(localRoles, needRoles, reqParams))
                        {
                            //无角色匹配
                            responseBaseModel.SetResponse(ResStatusCode.UnAuthorize, "未授权用户");
                            SetOAuthErrorResponse(actionContext, responseBaseModel);
                        }
                    }
                }
                else
                {
                    //认证失败
                    responseBaseModel.SetResponse(ResStatusCode.UnAuthenticate, "未认证用户");
                    SetOAuthErrorResponse(actionContext, responseBaseModel);
                }

                #region 废弃代码

                //var response = new HttpResponseMessage();
                //var responseContent = new ResponseBaseModel();
                //var resMsg = new List<string>();
                //var reqParams = (RequestBaseModel)actionContext.ActionArguments.Values.FirstOrDefault();
                //reqParams = reqParams == null ? new RequestBaseModel() : reqParams;
                //if (string.IsNullOrEmpty(reqParams.createUser))
                //{
                //    resMsg.Add("创建人未填");
                //}
                //if (string.IsNullOrEmpty(reqParams.createUserName))
                //{
                //    resMsg.Add("创建人姓名未填");
                //}
                //if (reqParams.createTime < 0)
                //{
                //    resMsg.Add("创建时间未填");
                //}
                //if (string.IsNullOrEmpty(reqParams.token))
                //{
                //    resMsg.Add("token未填");
                //}

                //if (resMsg.Count > 0)
                //{
                //    responseContent.SetResponse(ResStatusCode.UnAuthenticate, String.Join(",", resMsg));
                //    response.Content = new StringContent(JsonConvert.SerializeObject(responseContent));
                //    actionContext.Response = response;
                //    actionContext.Response.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
                //}

                #endregion
            }

            return(Task.FromResult(0));
        }
Esempio n. 4
0
 public void SetOAuthErrorResponse(HttpActionContext actionContext, ResponseBaseModel content)
 {
     actionContext.Response         = new HttpResponseMessage();
     actionContext.Response.Content = new StringContent(JsonConvert.SerializeObject(content));
     actionContext.Response.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
 }