public void OnAuthorization(AuthorizationFilterContext context) { //OnAuthorization method will be called per http request }
protected virtual void goToContractPage(AuthorizationFilterContext filterContext) { goTo(filterContext, "Users", "Contract"); }
protected virtual void goToUninvited(AuthorizationFilterContext filterContext) { goTo(filterContext, "Users", "LogOn"); }
private AuthorizationFilterContext GetAuthorizationContext( bool anonymous = false, Action <IServiceCollection> registerServices = null) { var basicPrincipal = new ClaimsPrincipal( new ClaimsIdentity( new Claim[] { new Claim("Permission", "CanViewPage"), new Claim(ClaimTypes.Role, "Administrator"), new Claim(ClaimTypes.Role, "User"), new Claim(ClaimTypes.NameIdentifier, "John") }, "Basic")); var validUser = basicPrincipal; var bearerIdentity = new ClaimsIdentity( new Claim[] { new Claim("Permission", "CupBearer"), new Claim(ClaimTypes.Role, "Token"), new Claim(ClaimTypes.NameIdentifier, "John Bear") }, "Bearer"); var bearerPrincipal = new ClaimsPrincipal(bearerIdentity); validUser.AddIdentity(bearerIdentity); // ServiceProvider var serviceCollection = new ServiceCollection(); var auth = new Mock <IAuthenticationService>(); serviceCollection.AddOptions(); serviceCollection.AddLogging(); serviceCollection.AddSingleton(auth.Object); serviceCollection.AddAuthorization(); serviceCollection.AddAuthorizationPolicyEvaluator(); registerServices?.Invoke(serviceCollection); var serviceProvider = serviceCollection.BuildServiceProvider(); // HttpContext var httpContext = new Mock <HttpContext>(); auth.Setup(c => c.AuthenticateAsync(httpContext.Object, "Bearer")).ReturnsAsync(AuthenticateResult.Success(new AuthenticationTicket(bearerPrincipal, "Bearer"))); auth.Setup(c => c.AuthenticateAsync(httpContext.Object, "Basic")).ReturnsAsync(AuthenticateResult.Success(new AuthenticationTicket(basicPrincipal, "Basic"))); auth.Setup(c => c.AuthenticateAsync(httpContext.Object, "Fails")).ReturnsAsync(AuthenticateResult.Fail("Fails")); httpContext.SetupProperty(c => c.User); if (!anonymous) { httpContext.Object.User = validUser; } httpContext.SetupGet(c => c.RequestServices).Returns(serviceProvider); var contextItems = new Dictionary <object, object>(); httpContext.SetupGet(c => c.Items).Returns(contextItems); // AuthorizationFilterContext var actionContext = new ActionContext( httpContext: httpContext.Object, routeData: new RouteData(), actionDescriptor: new ActionDescriptor()); var authorizationContext = new AuthorizationFilterContext( actionContext, Enumerable.Empty <IFilterMetadata>().ToList() ); return(authorizationContext); }
/// <summary> /// Called early in the filter pipeline to confirm request is authorized /// </summary> /// <param name="context">Authorization filter context</param> public async Task OnAuthorizationAsync(AuthorizationFilterContext context) { await ValidateHoneypotAsync(context); }
/// <summary> /// 将当前请求结果重新描绘到新的内容结果中 /// </summary> /// <param name="filterContext">The action context.</param> /// <param name="status">The status.</param> protected void SetHttpStatusCode(AuthorizationFilterContext filterContext, HttpStatusCode status) { filterContext.Result = new StatusCodeResult((int)status); }
/// <summary> /// 获取用户 /// </summary> /// <param name="filterContext"></param> /// <param name="ticket"></param> /// <returns></returns> public virtual IUser GetUser(AuthorizationFilterContext context, Microsoft.AspNetCore.Http.HttpRequest request) { return(null); }
public void OnAuthorization(AuthorizationFilterContext context) { var actionDescriptor = (ControllerActionDescriptor)context.ActionDescriptor; //this.GetType().CustomAttributes //.FirstOrDefault(r => r.AttributeType == typeof(RouteAttribute)) //.ConstructorArguments[0].Value.ToString() //.Replace("[controller]", (string)this.RouteData.Values["controller"]); var session = context.HttpContext.Session; if (context != null) { Accounts account = UTILS.SessionExtensions.Get <Accounts>(session, UTILS.SessionExtensions.SessionAccount); var permission = UTILS.SessionExtensions.Get <List <Role_Permissions> >(session, UTILS.SessionExtensions.SesscionPermission); if (permission == null) { context.Result = new RedirectToRouteResult( new RouteValueDictionary( new { controller = "tai-khoan", action = "dang-nhap" })); } else { if (_actionCode == "NoCheck") { } else { var path = context.HttpContext.Request.Path.Value.ToString(); //var controller = new ControllerContext().ActionDescriptor.ControllerName; var controller = actionDescriptor.ControllerTypeInfo.CustomAttributes.FirstOrDefault().ConstructorArguments[0].Value.ToString();//lấy tên controll var exist = permission.Where(c => c.MenuUrl.ToString().ToLower().Contains(controller)).ToList(); if (exist.Count == 0) { context.Result = new RedirectToRouteResult( new RouteValueDictionary( new { controller = "Error", action = "NoPermission" } )); } else { if (!string.IsNullOrEmpty(_actionCode)) { var control = exist.Find(c => c.ActionCode == _actionCode); if (control == null) { context.Result = new RedirectToRouteResult( new RouteValueDictionary( new { controller = "Error", action = "NoPermission" } )); } } else { } } } } } }
public void OnAuthorization(AuthorizationFilterContext context) { IServiceProvider services = context.HttpContext.RequestServices; object authorization = services.GetRequiredService(serviceType); IAuthorizationResultAccessor accessor = services.GetRequiredService <IAuthorizationResultAccessor>(); PolicyResult policyResult = (PolicyResult)tryAuthorizeMethod.Invoke(authorization, new object[] { policyExpression }); SortedSet <string> succeeded = new SortedSet <string>(); SortedSet <string> failed = new SortedSet <string>(); SortedSet <string> notHandled = new SortedSet <string>(); switch (policyResult) { case PolicyResult.Success: succeeded.Add(policyExpression); break; case PolicyResult.Failed: failed.Add(policyExpression); break; case PolicyResult.NotHandled: default: notHandled.Add(policyExpression); break; } PolicyOnlyExpression exp = new PolicyOnlyExpression(policyExpression, policyResult); PolicyExpressionRoot root = new PolicyExpressionRoot(exp); AuthorizationResult result = new AuthorizationResult(root); if (accessor.Result == null) { accessor.Result = result; } else { result.CombineAsAnd(accessor.Result); accessor.Result = result; } bool overall = false; switch (result.Result) { case PolicyResult.Success: overall = true; break; case PolicyResult.Failed: break; case PolicyResult.NotHandled: default: if (!failedIfNotHandled) { overall = true; } break; } if (overall) { return; } switch (failedAction) { case AuthorizationFailedAction.KeepUnauthorized: return; case AuthorizationFailedAction.Return401: context.Result = new HttpUnauthorizedResult(); return; case AuthorizationFailedAction.CustomHandler: break; } // custom handler IAuthorizationDeclarationCache cache = services.GetRequiredService <IAuthorizationDeclarationCache>(); AuthorizationDeclarationInfo info = null; switch (context.ActionDescriptor) { case ControllerActionDescriptor controllerActionDescriptor: info = cache.Get(controllerActionDescriptor); break; case CompiledPageActionDescriptor compiledPageActionDescriptor: info = cache.Get(compiledPageActionDescriptor); break; default: throw new Exception($"not handled with action descriptor of type {context.ActionDescriptor.GetType().Name}"); } if (info != null && info.Declaration != AuthorizationDeclaration.No && info.FailedAction == AuthorizationFailedAction.CustomHandler && info.FailedHandler != null) { IActionResult actionResult = info.FailedHandler.Execute(context.HttpContext, result); if (actionResult != null) { context.Result = actionResult; return; } else { // not handled throw new Exception($"not handled"); } } throw new Exception($"no handler set for type {context.ActionDescriptor.GetType().Name}"); }
public void OnAuthorization(AuthorizationFilterContext context) { // ============================================================================= // Validate Authorization header // ============================================================================= var __tokens = context.HttpContext .Request .Headers["Authorization"] .ToString() .Split(" "); if (__tokens[0] != "Bearer") { context.Result = new UnauthorizedResult(); return; } if (__tokens.Length < 2) { context.Result = new UnauthorizedResult(); return; } // ============================================================================= // Validate token // ============================================================================= try { var __SEPARATORS = ",;".ToCharArray(); var __secretKey = _config["JWTAutentication:Secret"]; var __claims = new JwtValidator().ValidateToken(__tokens[1], __secretKey) .ToList(); // ============================================================================= // User Id // ============================================================================= var __userId = __claims.Where(c => c.Type == "UserId") .FirstOrDefault() .Value; // ============================================================================= // User roles // ============================================================================= var __userRoles = __claims.Where(c => c.Type == "Roles") .FirstOrDefault() .Value.Split(__SEPARATORS, StringSplitOptions.RemoveEmptyEntries); // ============================================================================= // Valid roles // ============================================================================= var __validRoles = _value.Split(__SEPARATORS, StringSplitOptions.RemoveEmptyEntries); if (0 == __validRoles.Intersect(__userRoles).ToList().Count) { context.Result = new UnauthorizedResult(); return; } context.HttpContext.Items.Add("userid", __userId); context.HttpContext.Items.Add("roles", __userRoles); } catch (System.Exception) { context.Result = new UnauthorizedResult(); return; } }
/// <summary> /// /// </summary> /// <param name="context"></param> /// <remarks>用于统一过滤登录用户的状态是否有效,如果无效,拒绝请求</remarks> public void OnAuthorization(AuthorizationFilterContext context) { return; }
public async Task OnAuthorizationAsync(AuthorizationFilterContext context) { context.HttpContext.Items.Add("AuthorizationFilter", "Passed Authorization Filter"); context.HttpContext.Items.Add("Age", "20"); }
public virtual Task OnAuthorizationAsync(AuthorizationFilterContext context) { return(Task.CompletedTask); }
public async Task OnAuthorizationAsync(AuthorizationFilterContext context) { }
/// <summary> /// Sets the status result to the appropriate StatusCodeResult specified in the constructor. /// The default is 400 Bad Request. /// </summary> /// <param name="filterContext"></param> protected override void HandleNonHttpsRequest(AuthorizationFilterContext filterContext) { filterContext.Result = new StatusCodeResult(StatusCode); }
public void OnAuthorization(AuthorizationFilterContext context) { string strUrl = ""; strUrl = context.HttpContext.Request.Path.Value; if (context.HttpContext.Request.QueryString.HasValue) { strUrl += context.HttpContext.Request.QueryString.Value; } #region Session代码 if (context.HttpContext.Session.Get <UserViewModel>("UserInfo") == null) //没有登录系统直接访问控制器 { //filterContext.Result = new RedirectResult("/Account/Login"); if (context.HttpContext.Request.IsAjaxRequest()) { var data = new JsonModel { Statu = "y", BackUrl = strUrl }; context.Result = new JsonResult(data); } else { context.Result = new RedirectToRouteResult ( new RouteValueDictionary ( new { controller = "Account", action = "Login", area = "", ReturnUrl = strUrl, } ) ); } return; } #endregion return; //判断类或方法上是否应用了“AllowAnonymousAttribute”特性,该特性表示要跳过权限认证 bool b = context.ActionDescriptor.FilterDescriptors.Any(t => t.Filter.ToString() == "Microsoft.AspNetCore.Mvc.Authorization.AllowAnonymousFilter"); if (b) { return; } string strControllerName = ""; string strActionName = ""; //获取控制器名称 context.ActionDescriptor.RouteValues.TryGetValue("controller", out strControllerName); //获取操作名称 context.ActionDescriptor.RouteValues.TryGetValue("action", out strActionName); string str = context.HttpContext.Request.Method; // base.OnActionExecuting(filterContext); }
public async Task OnAuthorizationAsync(AuthorizationFilterContext context) { if (context.ActionDescriptor.EndpointMetadata.OfType <AllowAnonymousAttribute>().Any()) { return; } var userId = context.HttpContext.User.Claims .SingleOrDefault(p => p.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier")?.Value; if (userId == null) { context.Result = new UnauthorizedObjectResult(new { Type = "https://tools.ietf.org/html/rfc7231#section-6.5.3", Title = "授權失敗", Message = "無法識別使用者", Status = 401 }); return; } var securityStamp = context.HttpContext.User.Claims .SingleOrDefault(p => p.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/sid")?.Value; if (securityStamp == null) { context.Result = new UnauthorizedObjectResult(new { Type = "https://tools.ietf.org/html/rfc7231#section-6.5.3", Title = "授權失敗", Message = "無法識別使用者", Status = 401 }); return; } try { var logger = (ILogger <AuthAuthorizeAttribute>)context.HttpContext.RequestServices .GetService(typeof(ILogger <AuthAuthorizeAttribute>)) ?? throw new ArgumentNullException(); var userManager = (UserManager <ApplicationUser>)context.HttpContext.RequestServices .GetService(typeof(UserManager <ApplicationUser>)) ?? throw new ArgumentNullException(); var user = await userManager.FindByIdAsync(userId); if (user == null) { context.Result = new UnauthorizedObjectResult(new { Type = "https://tools.ietf.org/html/rfc7231#section-6.5.3", Title = "授權失敗", Message = "無法識別使用者", Status = 401 }); return; } if (securityStamp != user.SecurityStamp) { context.Result = new UnauthorizedObjectResult(new { Type = "https://tools.ietf.org/html/rfc7231#section-6.5.3", Title = "授權失敗", Message = "無法識別SecurityStamp", Status = 401 }); return; } if (!user.EmailConfirmed) { context.Result = new UnauthorizedObjectResult(new { Type = "https://tools.ietf.org/html/rfc7231#section-6.5.3", Title = "授權失敗", Message = "帳戶未驗證", Status = 401 }); return; } if (!user.IsEnable) { context.Result = new UnauthorizedObjectResult(new { Type = "https://tools.ietf.org/html/rfc7231#section-6.5.3", Title = "授權失敗", Message = "帳戶未啟用", Status = 401 }); return; } if (user.LockoutEnd != null) { if ((TimeComparisonStatus)DateTimeOffset.Compare(DateTimeOffset.UtcNow, (DateTimeOffset)user.LockoutEnd) != TimeComparisonStatus.Later) { context.Result = new UnauthorizedObjectResult(new { Type = "https://tools.ietf.org/html/rfc7231#section-6.5.3", Title = "授權失敗", Message = "帳戶鎖定", Status = 401 }); return; } } } catch (ArgumentNullException) { context.Result = new StatusCodeResult(StatusCodes.Status500InternalServerError); } }
public void OnAuthorization(AuthorizationFilterContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } if (!filterContext.HttpContext.Request.TryGetHeader(_userTokenKey, out string accessToken)) { var result = new SysApiResult <string>() { Status = SysApiStatus.未授权, Message = "您的登陆身份已过期,请重新登陆" }; filterContext.Result = new JsonNetResult(value: result); return; } var tokenModel = _tokenSvc.DecodeToken(accessToken); //从数据库获取客户信息 if (tokenModel == null) { var result = new SysApiResult <string>() { Status = SysApiStatus.未授权, Message = "您的身份未授权" }; filterContext.Result = new JsonNetResult(value: result); return; } //时间过期 if (tokenModel.TokenExpireTime <= DateTime.Now) { var result = new SysApiResult <string>() { Status = SysApiStatus.未授权, Message = "token已过期,请重新登陆" }; filterContext.Result = new JsonNetResult(value: result); return; } if (!filterContext.HttpContext.Request.TryGetHeader("DeviceType", out string deviceTypeStr) || !Enum.TryParse(deviceTypeStr, out DeviceType deviceType)) { var result = new SysApiResult <string>() { Status = SysApiStatus.异常, Message = "缺失DeviceType" }; filterContext.Result = new JsonNetResult(value: result); return; } bool isOk = _tokenSvc.检查用户登陆是否合法(tokenModel.UserId, deviceType, accessToken, isAdmin: false, isSingleLogin: true, out string errorMsg); if (!isOk) { var result = new SysApiResult <string>() { Status = SysApiStatus.未授权, Message = errorMsg }; filterContext.Result = new JsonNetResult(value: result); return; } }
/// <summary> /// 当验证完成后怎么做 /// </summary> /// <param name="context"></param> /// <param name="user">用户</param> protected virtual void OnAuthorizeCompleted(AuthorizationFilterContext context, IUser user) { }
// /// <summary>返回结果并跳转</summary> // /// <param name="data">结果。可以是错误文本、成功文本、其它结构化数据</param> // /// <param name="url">提示信息后跳转的目标地址,[refresh]表示刷新当前页</param> // /// <returns></returns> // public static ActionResult JsonTips(Object data, String url = null) // { // object value; // if (data is Exception ex) // value = new { result = false, data = ex.GetTrue()?.Message, url }; // else // value = new { result = true, data, url }; //#if __CORE__ // var vr = new JsonResult(value); //#else // var vr = new JsonResult() // { // Data = value, // JsonRequestBehavior = JsonRequestBehavior.AllowGet // }; //#endif // return vr; // } // /// <summary>返回结果并刷新</summary> // /// <param name="data">消息</param> // /// <returns></returns> // public static ActionResult JsonRefresh(Object data) => JsonTips(data, "[refresh]"); #endregion /// <summary>无权访问</summary> /// <param name="filterContext"></param> /// <param name="pm"></param> /// <returns></returns> #if __CORE__ public static ActionResult NoPermission(this AuthorizationFilterContext filterContext, PermissionFlags pm) { var act = (ControllerActionDescriptor)filterContext.ActionDescriptor; var ctrl = act;
/// <summary> /// /// </summary> /// <param name="filterContext"></param> /// <returns></returns> protected void SetUnauthorized(AuthorizationFilterContext filterContext) { filterContext.Result = new UnauthorizedResult(); }
public void OnAuthorization(AuthorizationFilterContext context) { var action = context.RouteData.Values["action"]; var controller = context.RouteData.Values["controller"]; }
public async Task AuthorizeAsync(AuthorizationFilterContext context, string api, string key, string verb) { //Put your authorization here await Task.CompletedTask; }
public void OnAuthorization(AuthorizationFilterContext context) { var controllerActionDescriptor = context.ActionDescriptor as ControllerActionDescriptor; if (controllerActionDescriptor != null) { var service = controllerActionDescriptor.ControllerTypeInfo.Namespace.Replace("Advice.", "").Replace(".Services.WebApi", ""); var controller = controllerActionDescriptor.ControllerName.Replace("Controller", ""); var methodName = controllerActionDescriptor.MethodInfo.Name; //procura o controller no cache pra ver se tem. ControllerRegistry registry = null; if (!_cache.TryGetValue(controller, out registry)) { //Roadmap: //(1) - Fazer fetch via REST quando precisar //(2) - Mover tudo para Core/Nugets //(3) - Testar se Attribute herda com classe //(4) - Endpoint para resetar cache String token = ""; IRestClient client; IRestRequest request; IRestResponse response; if (!_cache.TryGetValue("Token", out token)) { client = new RestClient("http://localhost:1241"); request = new RestRequest("api/Token", Method.POST); var body = new { Login = "******", Password = "******" }; request.AddHeader("Content-Type", "application/json"); request.AddHeader("Accept", "application/json"); //request.AddParameter("application/json", body, ParameterType.RequestBody); request.AddJsonBody(body); response = client.Execute(request); token = response.Content.Replace("\"", ""); _cache.Set("Token", token); } client = new RestClient("http://localhost:1240"); //8080 8000 request = new RestRequest("api/services/{id}"); request.AddUrlSegment("id", service + "." + controller); request.AddHeader("Authorization", "Bearer " + token); request.AddHeader("Content-Type", "application/json"); request.AddHeader("Accept", "application/json"); response = client.Execute(request); var content = response.Content.Replace("[", "").Replace("]", "").Split(',').Select(x => x.Replace("\"", "")); registry = new ControllerRegistry(); registry.Name = controller; foreach (var item in content) { registry.Methods.Add(item); } _cache.Set(controller, registry); } var methodIndex = registry.Methods.IndexOf(methodName); var claim = context.HttpContext.User.Claims.SingleOrDefault(x => x.Type.Equals("Service." + service + "." + controller)); if (claim == null) { context.Result = new UnauthorizedResult(); } var claimValue = claim.Value.ElementAt(methodIndex); if (claimValue != '1') { context.Result = new UnauthorizedResult(); } } }
private Task Next(ref State next, ref Scope scope, ref object state, ref bool isCompleted) { switch (next) { case State.InvokeBegin: { goto case State.AuthorizationBegin; } case State.AuthorizationBegin: { _cursor.Reset(); goto case State.AuthorizationNext; } case State.AuthorizationNext: { var current = _cursor.GetNextFilter <IAuthorizationFilter, IAsyncAuthorizationFilter>(); if (current.FilterAsync != null) { if (_authorizationContext == null) { _authorizationContext = new AuthorizationFilterContext(_actionContext, _filters); } state = current.FilterAsync; goto case State.AuthorizationAsyncBegin; } else if (current.Filter != null) { if (_authorizationContext == null) { _authorizationContext = new AuthorizationFilterContext(_actionContext, _filters); } state = current.Filter; goto case State.AuthorizationSync; } else { goto case State.AuthorizationEnd; } } case State.AuthorizationAsyncBegin: { Debug.Assert(state != null); Debug.Assert(_authorizationContext != null); var filter = (IAsyncAuthorizationFilter)state; var authorizationContext = _authorizationContext; _diagnosticSource.BeforeOnAuthorizationAsync(authorizationContext, filter); _logger.BeforeExecutingMethodOnFilter( FilterTypeConstants.AuthorizationFilter, nameof(IAsyncAuthorizationFilter.OnAuthorizationAsync), filter); var task = filter.OnAuthorizationAsync(authorizationContext); if (task.Status != TaskStatus.RanToCompletion) { next = State.AuthorizationAsyncEnd; return(task); } goto case State.AuthorizationAsyncEnd; } case State.AuthorizationAsyncEnd: { Debug.Assert(state != null); Debug.Assert(_authorizationContext != null); var filter = (IAsyncAuthorizationFilter)state; var authorizationContext = _authorizationContext; _diagnosticSource.AfterOnAuthorizationAsync(authorizationContext, filter); _logger.AfterExecutingMethodOnFilter( FilterTypeConstants.AuthorizationFilter, nameof(IAsyncAuthorizationFilter.OnAuthorizationAsync), filter); if (authorizationContext.Result != null) { goto case State.AuthorizationShortCircuit; } goto case State.AuthorizationNext; } case State.AuthorizationSync: { Debug.Assert(state != null); Debug.Assert(_authorizationContext != null); var filter = (IAuthorizationFilter)state; var authorizationContext = _authorizationContext; _diagnosticSource.BeforeOnAuthorization(authorizationContext, filter); _logger.BeforeExecutingMethodOnFilter( FilterTypeConstants.AuthorizationFilter, nameof(IAuthorizationFilter.OnAuthorization), filter); filter.OnAuthorization(authorizationContext); _diagnosticSource.AfterOnAuthorization(authorizationContext, filter); _logger.AfterExecutingMethodOnFilter( FilterTypeConstants.AuthorizationFilter, nameof(IAuthorizationFilter.OnAuthorization), filter); if (authorizationContext.Result != null) { goto case State.AuthorizationShortCircuit; } goto case State.AuthorizationNext; } case State.AuthorizationShortCircuit: { Debug.Assert(state != null); Debug.Assert(_authorizationContext != null); Debug.Assert(_authorizationContext.Result != null); _logger.AuthorizationFailure((IFilterMetadata)state); // This is a short-circuit - execute relevant result filters + result and complete this invocation. isCompleted = true; _result = _authorizationContext.Result; return(InvokeAlwaysRunResultFilters()); } case State.AuthorizationEnd: { goto case State.ResourceBegin; } case State.ResourceBegin: { _cursor.Reset(); goto case State.ResourceNext; } case State.ResourceNext: { var current = _cursor.GetNextFilter <IResourceFilter, IAsyncResourceFilter>(); if (current.FilterAsync != null) { if (_resourceExecutingContext == null) { _resourceExecutingContext = new ResourceExecutingContext( _actionContext, _filters, _valueProviderFactories); } state = current.FilterAsync; goto case State.ResourceAsyncBegin; } else if (current.Filter != null) { if (_resourceExecutingContext == null) { _resourceExecutingContext = new ResourceExecutingContext( _actionContext, _filters, _valueProviderFactories); } state = current.Filter; goto case State.ResourceSyncBegin; } else { // All resource filters are currently on the stack - now execute the 'inside'. goto case State.ResourceInside; } } case State.ResourceAsyncBegin: { Debug.Assert(state != null); Debug.Assert(_resourceExecutingContext != null); var filter = (IAsyncResourceFilter)state; var resourceExecutingContext = _resourceExecutingContext; _diagnosticSource.BeforeOnResourceExecution(resourceExecutingContext, filter); _logger.BeforeExecutingMethodOnFilter( FilterTypeConstants.ResourceFilter, nameof(IAsyncResourceFilter.OnResourceExecutionAsync), filter); var task = filter.OnResourceExecutionAsync(resourceExecutingContext, InvokeNextResourceFilterAwaitedAsync); if (task.Status != TaskStatus.RanToCompletion) { next = State.ResourceAsyncEnd; return(task); } goto case State.ResourceAsyncEnd; } case State.ResourceAsyncEnd: { Debug.Assert(state != null); Debug.Assert(_resourceExecutingContext != null); var filter = (IAsyncResourceFilter)state; if (_resourceExecutedContext == null) { // If we get here then the filter didn't call 'next' indicating a short circuit. _resourceExecutedContext = new ResourceExecutedContext(_resourceExecutingContext, _filters) { Canceled = true, Result = _resourceExecutingContext.Result, }; _diagnosticSource.AfterOnResourceExecution(_resourceExecutedContext, filter); _logger.AfterExecutingMethodOnFilter( FilterTypeConstants.ResourceFilter, nameof(IAsyncResourceFilter.OnResourceExecutionAsync), filter); // A filter could complete a Task without setting a result if (_resourceExecutingContext.Result != null) { goto case State.ResourceShortCircuit; } } goto case State.ResourceEnd; } case State.ResourceSyncBegin: { Debug.Assert(state != null); Debug.Assert(_resourceExecutingContext != null); var filter = (IResourceFilter)state; var resourceExecutingContext = _resourceExecutingContext; _diagnosticSource.BeforeOnResourceExecuting(resourceExecutingContext, filter); _logger.BeforeExecutingMethodOnFilter( FilterTypeConstants.ResourceFilter, nameof(IResourceFilter.OnResourceExecuting), filter); filter.OnResourceExecuting(resourceExecutingContext); _diagnosticSource.AfterOnResourceExecuting(resourceExecutingContext, filter); _logger.AfterExecutingMethodOnFilter( FilterTypeConstants.ResourceFilter, nameof(IResourceFilter.OnResourceExecuting), filter); if (resourceExecutingContext.Result != null) { _resourceExecutedContext = new ResourceExecutedContext(resourceExecutingContext, _filters) { Canceled = true, Result = _resourceExecutingContext.Result, }; goto case State.ResourceShortCircuit; } var task = InvokeNextResourceFilter(); if (task.Status != TaskStatus.RanToCompletion) { next = State.ResourceSyncEnd; return(task); } goto case State.ResourceSyncEnd; } case State.ResourceSyncEnd: { Debug.Assert(state != null); Debug.Assert(_resourceExecutingContext != null); Debug.Assert(_resourceExecutedContext != null); var filter = (IResourceFilter)state; var resourceExecutedContext = _resourceExecutedContext; _diagnosticSource.BeforeOnResourceExecuted(resourceExecutedContext, filter); _logger.BeforeExecutingMethodOnFilter( FilterTypeConstants.ResourceFilter, nameof(IResourceFilter.OnResourceExecuted), filter); filter.OnResourceExecuted(resourceExecutedContext); _diagnosticSource.AfterOnResourceExecuted(resourceExecutedContext, filter); _logger.AfterExecutingMethodOnFilter( FilterTypeConstants.ResourceFilter, nameof(IResourceFilter.OnResourceExecuted), filter); goto case State.ResourceEnd; } case State.ResourceShortCircuit: { Debug.Assert(state != null); Debug.Assert(_resourceExecutingContext != null); Debug.Assert(_resourceExecutedContext != null); _logger.ResourceFilterShortCircuited((IFilterMetadata)state); _result = _resourceExecutingContext.Result; var task = InvokeAlwaysRunResultFilters(); if (task.Status != TaskStatus.RanToCompletion) { next = State.ResourceEnd; return(task); } goto case State.ResourceEnd; } case State.ResourceInside: { goto case State.ExceptionBegin; } case State.ExceptionBegin: { _cursor.Reset(); goto case State.ExceptionNext; } case State.ExceptionNext: { var current = _cursor.GetNextFilter <IExceptionFilter, IAsyncExceptionFilter>(); if (current.FilterAsync != null) { state = current.FilterAsync; goto case State.ExceptionAsyncBegin; } else if (current.Filter != null) { state = current.Filter; goto case State.ExceptionSyncBegin; } else if (scope == Scope.Exception) { // All exception filters are on the stack already - so execute the 'inside'. goto case State.ExceptionInside; } else { // There are no exception filters - so jump right to the action. Debug.Assert(scope == Scope.Invoker || scope == Scope.Resource); goto case State.ActionBegin; } } case State.ExceptionAsyncBegin: { var task = InvokeNextExceptionFilterAsync(); if (task.Status != TaskStatus.RanToCompletion) { next = State.ExceptionAsyncResume; return(task); } goto case State.ExceptionAsyncResume; } case State.ExceptionAsyncResume: { Debug.Assert(state != null); var filter = (IAsyncExceptionFilter)state; var exceptionContext = _exceptionContext; // When we get here we're 'unwinding' the stack of exception filters. If we have an unhandled exception, // we'll call the filter. Otherwise there's nothing to do. if (exceptionContext?.Exception != null && !exceptionContext.ExceptionHandled) { _diagnosticSource.BeforeOnExceptionAsync(exceptionContext, filter); _logger.BeforeExecutingMethodOnFilter( FilterTypeConstants.ExceptionFilter, nameof(IAsyncExceptionFilter.OnExceptionAsync), filter); var task = filter.OnExceptionAsync(exceptionContext); if (task.Status != TaskStatus.RanToCompletion) { next = State.ExceptionAsyncEnd; return(task); } goto case State.ExceptionAsyncEnd; } goto case State.ExceptionEnd; } case State.ExceptionAsyncEnd: { Debug.Assert(state != null); Debug.Assert(_exceptionContext != null); var filter = (IAsyncExceptionFilter)state; var exceptionContext = _exceptionContext; _diagnosticSource.AfterOnExceptionAsync(exceptionContext, filter); _logger.AfterExecutingMethodOnFilter( FilterTypeConstants.ExceptionFilter, nameof(IAsyncExceptionFilter.OnExceptionAsync), filter); if (exceptionContext.Exception == null || exceptionContext.ExceptionHandled) { // We don't need to do anything to trigger a short circuit. If there's another // exception filter on the stack it will check the same set of conditions // and then just skip itself. _logger.ExceptionFilterShortCircuited(filter); } goto case State.ExceptionEnd; } case State.ExceptionSyncBegin: { var task = InvokeNextExceptionFilterAsync(); if (task.Status != TaskStatus.RanToCompletion) { next = State.ExceptionSyncEnd; return(task); } goto case State.ExceptionSyncEnd; } case State.ExceptionSyncEnd: { Debug.Assert(state != null); var filter = (IExceptionFilter)state; var exceptionContext = _exceptionContext; // When we get here we're 'unwinding' the stack of exception filters. If we have an unhandled exception, // we'll call the filter. Otherwise there's nothing to do. if (exceptionContext?.Exception != null && !exceptionContext.ExceptionHandled) { _diagnosticSource.BeforeOnException(exceptionContext, filter); _logger.BeforeExecutingMethodOnFilter( FilterTypeConstants.ExceptionFilter, nameof(IExceptionFilter.OnException), filter); filter.OnException(exceptionContext); _diagnosticSource.AfterOnException(exceptionContext, filter); _logger.AfterExecutingMethodOnFilter( FilterTypeConstants.ExceptionFilter, nameof(IExceptionFilter.OnException), filter); if (exceptionContext.Exception == null || exceptionContext.ExceptionHandled) { // We don't need to do anything to trigger a short circuit. If there's another // exception filter on the stack it will check the same set of conditions // and then just skip itself. _logger.ExceptionFilterShortCircuited(filter); } } goto case State.ExceptionEnd; } case State.ExceptionInside: { goto case State.ActionBegin; } case State.ExceptionHandled: { // We arrive in this state when an exception happened, but was handled by exception filters // either by setting ExceptionHandled, or nulling out the Exception or setting a result // on the ExceptionContext. // // We need to execute the result (if any) and then exit gracefully which unwinding Resource // filters. Debug.Assert(state != null); Debug.Assert(_exceptionContext != null); if (_exceptionContext.Result == null) { _exceptionContext.Result = new EmptyResult(); } _result = _exceptionContext.Result; var task = InvokeAlwaysRunResultFilters(); if (task.Status != TaskStatus.RanToCompletion) { next = State.ResourceInsideEnd; return(task); } goto case State.ResourceInsideEnd; } case State.ExceptionEnd: { var exceptionContext = _exceptionContext; if (scope == Scope.Exception) { isCompleted = true; return(Task.CompletedTask); } if (exceptionContext != null) { if (exceptionContext.Result != null || exceptionContext.Exception == null || exceptionContext.ExceptionHandled) { goto case State.ExceptionHandled; } Rethrow(exceptionContext); Debug.Fail("unreachable"); } var task = InvokeResultFilters(); if (task.Status != TaskStatus.RanToCompletion) { next = State.ResourceInsideEnd; return(task); } goto case State.ResourceInsideEnd; } case State.ActionBegin: { var task = InvokeInnerFilterAsync(); if (task.Status != TaskStatus.RanToCompletion) { next = State.ActionEnd; return(task); } goto case State.ActionEnd; } case State.ActionEnd: { if (scope == Scope.Exception) { // If we're inside an exception filter, let's allow those filters to 'unwind' before // the result. isCompleted = true; return(Task.CompletedTask); } Debug.Assert(scope == Scope.Invoker || scope == Scope.Resource); var task = InvokeResultFilters(); if (task.Status != TaskStatus.RanToCompletion) { next = State.ResourceInsideEnd; return(task); } goto case State.ResourceInsideEnd; } case State.ResourceInsideEnd: { if (scope == Scope.Resource) { _resourceExecutedContext = new ResourceExecutedContext(_actionContext, _filters) { Result = _result, }; goto case State.ResourceEnd; } goto case State.InvokeEnd; } case State.ResourceEnd: { if (scope == Scope.Resource) { isCompleted = true; return(Task.CompletedTask); } Debug.Assert(scope == Scope.Invoker); Rethrow(_resourceExecutedContext); goto case State.InvokeEnd; } case State.InvokeEnd: { isCompleted = true; return(Task.CompletedTask); } default: throw new InvalidOperationException(); } }
/// <summary> /// /// </summary> /// <param name="context"></param> /// <param name="target"></param> public AnnotationAuthorizer(AuthorizationFilterContext context, Permission?target) : base(context, target) { }
protected virtual void goToTFA(AuthorizationFilterContext filterContext) { goTo(filterContext, "Users", "TFA"); }
/// <summary> /// /// </summary> /// <param name="context"></param> /// <param name="target"></param> public static void Authorize(AuthorizationFilterContext context, Permission?target) => new AnnotationAuthorizer(context, target).Authorize();
public void OnAuthorization(AuthorizationFilterContext context) { // context可以包含所有的上下文信息,包括请求信息、cookie信息 Console.WriteLine("授权过滤器,执行OnAuthorization方法"); }
public bool HasActionAttribute <T>(AuthorizationFilterContext context) where T : ActionFilterAttribute { return(context.Filters.Any(p => p is T)); }