/// <summary> /// 输入拦截器 /// </summary> /// <param name="actionContext"></param> public override void OnActionExecuting(HttpActionContext actionContext) { if (!actionContext.ModelState.IsValid) { StringBuilder sb = new StringBuilder(); foreach (var m in actionContext.ModelState) { string[] key = m.Key.Split(".".ToCharArray()); string err = key.Length == 2 ? key[1] + "^" : ""; ModelErrorCollection errors = m.Value.Errors; foreach (ModelError error in errors) { err += error.ErrorMessage + ","; } err = err.Substring(0, err.Length - 1) + "|"; sb.Append(err); } var resultMsg = new BaseJsonResult <string> { Status = (int)JsonObjectStatus.ParameterError, Message = sb.ToString().Substring(0, sb.ToString().Length - 1), }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); } base.OnActionExecuting(actionContext); }
public HttpResponseMessage GetAuthorizationToken(GetTokenArgEntity arg) { BaseJsonResult <AccessTokenDto> resultMsg = null; Logger(this.GetType(), "获取授权Token-GetAuthorizationToken", () => { if (this.CheckBaseArgument(arg, out resultMsg)) { if (arg.Account.Equals("guest") && arg.UserId.Equals("guest")) { JWTPlayloadInfo playload = new JWTPlayloadInfo { iss = "S_COMMON_TOKTN", sub = arg.Account, aud = arg.UserId, userid = CommonHelper.GetGuid(), extend = "PUBLIC_TOKTN" }; string token = JWTHelper.GetToken(playload); AccessTokenDto access = new AccessTokenDto { AccessToken = token, ExpiryTime = playload.exp }; resultMsg = this.GetBaseJsonResult <AccessTokenDto>(access, JsonObjectStatus.Success); } else { //TODO 根据UserID校验用户是否存在 //JWTPlayloadInfo playload = new JWTPlayloadInfo //{ // iss = "S_USER_TOKTN", // sub = arg.Account, // aud = arg.UserId, // userid = CommonHelper.GetGuid(), // extend = "USER_TOKTN" //}; //string token = JWTHelper.GetToken(playload); //AccessTokenDto access = new AccessTokenDto //{ // AccessToken = token, // ExpiryTime = playload.exp //}; //resultMsg = this.GetBaseJsonResult<AccessTokenDto>(access, JsonObjectStatus.Success); resultMsg = this.GetBaseJsonResult <AccessTokenDto>(JsonObjectStatus.UserNotExist); } } }, e => { resultMsg = this.GetBaseJsonResult <AccessTokenDto>(JsonObjectStatus.Exception, ",异常信息:" + e.Message); }); return(resultMsg.TryToHttpResponseMessage()); }
public HttpResponseMessage AddUser(UserEntity user) { BaseJsonResult <string> resultMsg = new BaseJsonResult <string> { Status = GlobalErrorCodes.Success, Data = "V2-" + user.TryToJson(), Message = "操作成功" }; return(resultMsg.TryToHttpResponseMessage()); }
public HttpResponseMessage GetUserName(string userId, string name) { BaseJsonResult <string> resultMsg = new BaseJsonResult <string> { Status = GlobalErrorCodes.Success, Data = "V2-" + userId + ":" + name, Message = "操作成功" }; return(resultMsg.TryToHttpResponseMessage()); }
public HttpResponseMessage GetUserName(string id) { BaseJsonResult <string> resultMsg = new BaseJsonResult <string> { Status = GlobalErrorCodes.Success, Data = "V1-" + id, Message = "操作成功" }; return(resultMsg.TryToHttpResponseMessage()); }
/// <summary> /// 返回到客户端的消息 /// </summary> /// <param name="request"></param> /// <param name="statusCode"></param> /// <param name="message"></param> /// <returns></returns> private Task <HttpResponseMessage> CreateResponse(HttpRequestMessage request, HttpStatusCode statusCode, string message) { BaseJsonResult <string> resultMsg = new BaseJsonResult <string> { Status = statusCode == HttpStatusCode.OK ? GlobalErrorCodes.Success : GlobalErrorCodes.Fail, Message = message }; TaskCompletionSource <HttpResponseMessage> tsc = new TaskCompletionSource <HttpResponseMessage>(); HttpResponseMessage response = resultMsg.TryToHttpResponseMessage(); tsc.SetResult(response); return(tsc.Task); }
public HttpResponseMessage RefreshAuthorizationToken(GetTokenArgEntity arg) { BaseJsonResult <string> resultMsg = null; Logger(this.GetType(), "刷新Token-RefreshAuthorizationToken", () => { if (this.CheckBaseArgument(arg, out resultMsg)) { JWTHelper.CheckTokenHasExpiry(arg.UserId, arg.Account); resultMsg = this.GetBaseJsonResult <string>("Token刷新成功", JsonObjectStatus.Success); } }, e => { resultMsg = this.GetBaseJsonResult <string>(JsonObjectStatus.Exception, ",异常信息:" + e.Message); }); return(resultMsg.TryToHttpResponseMessage()); }
public virtual HttpResponseMessage HelloWorld(TestApiArgEntity arg) { BaseJsonResult <TestApiArgEntity> resultMsg = null; Logger(this.GetType(), "测试是否连接成功-HelloWorld", () => { if (this.CheckBaseArgument(arg, out resultMsg)) { //TODO DoSomething resultMsg = this.GetBaseJsonResult <TestApiArgEntity>(arg, JsonObjectStatus.Success); } }, e => { resultMsg = this.GetBaseJsonResult <TestApiArgEntity>(JsonObjectStatus.Exception, ",异常信息:" + e.Message); }); return(resultMsg.TryToHttpResponseMessage()); }
public virtual HttpResponseMessage Login(WeChatLoginArgEntity arg) { BaseJsonResult <WeChatUserInfoEntity> resultMsg = null; Logger(this.GetType(), "微信登陆-Login", () => { if (this.CheckBaseArgument(arg, out resultMsg)) { HttpItem httpItem = new HttpItem { Url = string.Format(WeChatBaseInfo.I_GET_USER_INFO, arg.access_token, arg.openid, "zh_CN"), Method = "GET", ContentType = "application/json" }; HttpResult result = httpHelper.GetHtml(httpItem); if (result.StatusCode == HttpStatusCode.OK) { if (!string.IsNullOrEmpty(result.Html)) { BaseJsonResult <WeChatUserInfoEntity> jsonResult = this.PreprocessingWeChatData <WeChatUserInfoEntity>(result.Html); if (jsonResult.Status == (int)JsonObjectStatus.Success && jsonResult.Data != null) { WeChatUserInfoEntity userInfo = jsonResult.Data; resultMsg = this.GetBaseJsonResult <WeChatUserInfoEntity>(userInfo, JsonObjectStatus.Success); } else { resultMsg = jsonResult; } } } } }, e => { resultMsg = this.GetBaseJsonResult <WeChatUserInfoEntity>(JsonObjectStatus.Exception, ",异常信息:" + e.Message); }); return(resultMsg.TryToHttpResponseMessage()); }
/// <summary> /// 正在请求时 /// </summary> /// <param name="actionContext"></param> public override void OnActionExecuting(HttpActionContext actionContext) { string isInterfaceSignature = ConfigHelper.GetValue("IsInterfaceSignature"); if (isInterfaceSignature.ToLower() == "false") { base.OnActionExecuting(actionContext); return; } BaseJsonResult <string> resultMsg = null; //操作上下文请求信息 HttpRequestMessage request = actionContext.Request; //请求方法 //string method = request.Method.Method; string appkey = string.Empty, timestamp = string.Empty, nonce = string.Empty, access_token = string.Empty; //string authority = request.RequestUri.Authority; //string host = request.RequestUri.Host; //string port = request.RequestUri.Port.ToString(); //if (request.IsLocal()) //{ //} //参数列表 //Dictionary<string, object> dictionary = actionContext.ActionArguments; //if (dictionary.ContainsKey("arg")) //{ //} //用户编号 if (request.Headers.Contains("AppKey")) { appkey = HttpUtility.UrlDecode(request.Headers.GetValues("AppKey").FirstOrDefault()); } //时间戳 if (request.Headers.Contains("TimeStamp")) { timestamp = HttpUtility.UrlDecode(request.Headers.GetValues("TimeStamp").FirstOrDefault()); } //随机数 if (request.Headers.Contains("Nonce")) { nonce = HttpUtility.UrlDecode(request.Headers.GetValues("Nonce").FirstOrDefault()); } //数字签名数据 if (request.Headers.Contains("Authorization")) { access_token = HttpUtility.UrlDecode(request.Headers.GetValues("Authorization").FirstOrDefault()); } //接受客户端预请求 if (actionContext.Request.Method == HttpMethod.Options) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Accepted); base.OnActionExecuting(actionContext); return; } //GetToken和Login方法不需要进行签名验证 string[] exceptRequest = GlobalConstCode.NOT_NEED_DIGITAL_SIGNATURE; if (exceptRequest.Contains(actionContext.ActionDescriptor.ActionName)) { if (string.IsNullOrEmpty(appkey) || string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(nonce)) { resultMsg = new BaseJsonResult <string> { Status = (int)JsonObjectStatus.ParameterError, Message = JsonObjectStatus.ParameterError.GetEnumDescription(), Data = "" }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); base.OnActionExecuting(actionContext); return; } else { base.OnActionExecuting(actionContext); return; } //base.OnActionExecuting(actionContext); //return; } //判断请求头是否包含以下参数 if (string.IsNullOrEmpty(appkey) || string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(nonce) || string.IsNullOrEmpty(access_token)) //if (string.IsNullOrEmpty(access_token) || string.IsNullOrEmpty(appkey)) { resultMsg = new BaseJsonResult <string> { Status = (int)JsonObjectStatus.ParameterError, Message = JsonObjectStatus.ParameterError.GetEnumDescription(), Data = "" }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); base.OnActionExecuting(actionContext); return; } //判断当前时间戳是否有效 long now = (DateTime.Now.ToUniversalTime().Ticks - 621355968000000000) / 10000000; //客户端传入得时间戳 long qeruest = 0; bool timespanvalidate = long.TryParse(timestamp, out qeruest); //当前时间必与请求时间差应在1分钟以内才算有效时间戳,防止伪造时间戳 bool falg = (now - qeruest) < 1 * 60; //如果时间差大于1分钟或者时间戳转换失败则视为无效时间戳 if (!falg || !timespanvalidate) { resultMsg = new BaseJsonResult <string> { Status = (int)JsonObjectStatus.UrlExpireError, Message = JsonObjectStatus.UrlExpireError.GetEnumDescription(), Data = "" }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); base.OnActionExecuting(actionContext); return; } //判断token是否有效 TokenViewModel token = CacheFactory.GetCache().Get <TokenViewModel>(appkey); string serveraccesstoken = "AccessToken "; if (token == null) { resultMsg = new BaseJsonResult <string> { Status = (int)JsonObjectStatus.TokenInvalid, Message = JsonObjectStatus.TokenInvalid.GetEnumDescription(), Data = "" }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); base.OnActionExecuting(actionContext); return; } else { serveraccesstoken += token.AccessToken; } #region 请求参数签名,GET请求即参数不带?、&、=符号,如id1nametest;POST请求将数据序列化成Json字符串 //请求参数签名,GET请求即参数不带?、&、=符号,如id1nametest;POST请求将数据序列化成Json字符串 //string data; //switch (method)//根据请求类型拼接参数 //{ // case "POST": // Stream stream = HttpContext.Current.Request.InputStream; // StreamReader streamReader = new StreamReader(stream); // data = streamReader.ReadToEnd(); // break; // case "GET": // NameValueCollection form = HttpContext.Current.Request.QueryString; // //第一步:取出所有get参数 // IDictionary<string, string> parameters = new Dictionary<string, string>(); // for (int f = 0; f < form.Count; f++) // { // string key = form.Keys[f]; // parameters.Add(key, form[key]); // } // // 第二步:把字典按Key的字母顺序排序 // IDictionary<string, string> sortedParams = new SortedDictionary<string, string>(parameters); // // ReSharper disable once GenericEnumeratorNotDisposed // IEnumerator<KeyValuePair<string, string>> dem = sortedParams.GetEnumerator(); // // 第三步:把所有参数名和参数值串在一起 // StringBuilder query = new StringBuilder(); // while (dem.MoveNext()) // { // string key = dem.Current.Key; // string value = dem.Current.Value; // if (!string.IsNullOrEmpty(key)) // { // query.Append(key).Append(value); // } // } // data = query.ToString(); // break; // default: // resultMsg = new BaseJson<string> // { // Status = (int)JsonObjectStatus.HttpMehtodError, // Message = JsonObjectStatus.HttpMehtodError.GetEnumDescription(), // Data = "" // }; // actionContext.Response = resultMsg.ToJson().ToHttpResponseMessage(); // base.OnActionExecuting(actionContext); // return; //} #endregion //校验签名信息 bool result = SignExtension.ValidateSign(appkey, nonce, timestamp, serveraccesstoken, access_token); if (!result) { resultMsg = new BaseJsonResult <string> { Status = (int)JsonObjectStatus.HttpRequestError, Message = JsonObjectStatus.HttpRequestError.GetEnumDescription(), Data = "" }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); base.OnActionExecuting(actionContext); } else { base.OnActionExecuting(actionContext); } }
/// <summary>在调用操作方法之前发生。</summary> /// <param name="actionContext">操作上下文。</param> public override void OnActionExecuting(HttpActionContext actionContext) { string isInterfaceSignature = ConfigHelper.GetValue("IsInterfaceSignature"); if (isInterfaceSignature.ToLower() != "true") { return; } BaseJsonResult <string> resultMsg = null; //授权码,最终签名字符串,时间戳,随机数字符串 string accessToken = string.Empty, signature = string.Empty, timestamp = string.Empty, nonce = string.Empty; //操作上下文请求信息 HttpRequestMessage request = actionContext.Request; //请求方法 string method = request.Method.Method; #region 接受客户端预请求 //接受客户端预请求 if (actionContext.Request.Method == HttpMethod.Options) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Accepted); return; } #endregion 接受客户端预请求 #region 忽略不需要授权的方法 //忽略不需要授权的方法 var attributes = actionContext.ActionDescriptor.GetCustomAttributes <IgnoreTokenAttribute>(); if (attributes.Count > 0 && attributes[0].Ignore) { return; } #endregion 忽略不需要授权的方法 _logHelper.Debug("*************************授权开始*************************\r\n"); _logHelper.Debug("鉴权地址:" + actionContext.Request.RequestUri + "\r\n"); #region 获取请求头信息 //授权Token if (request.Headers.Contains("access_token")) { accessToken = HttpUtility.UrlDecode(request.Headers.GetValues("access_token").FirstOrDefault()); _logHelper.Debug("access_token:" + accessToken + "\r\n"); } //签名字符串 if (request.Headers.Contains("signature")) { signature = HttpUtility.UrlDecode(request.Headers.GetValues("signature").FirstOrDefault()); _logHelper.Debug("signature:" + signature + "\r\n"); } //时间戳 if (request.Headers.Contains("timestamp")) { timestamp = HttpUtility.UrlDecode(request.Headers.GetValues("timestamp").FirstOrDefault()); _logHelper.Debug("timestamp:" + timestamp + "\r\n"); } //随机字符串 if (request.Headers.Contains("nonce_str")) { nonce = HttpUtility.UrlDecode(request.Headers.GetValues("nonce_str").FirstOrDefault()); _logHelper.Debug("nonce_str:" + nonce + "\r\n"); } #endregion 获取请求头信息 #region 判断请求头是否包含以下参数 //判断请求头是否包含以下参数 if (string.IsNullOrEmpty(accessToken) || string.IsNullOrEmpty(signature) || string.IsNullOrEmpty(timestamp) || string.IsNullOrEmpty(nonce)) { resultMsg = new BaseJsonResult <string> { Status = GlobalErrorCodes.AuthParameterError, Message = GlobalErrorCodes.AuthParameterError.GetEnumDescription() }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); _logHelper.Debug("*************************授权结束(请求头参数不完整)*************************\r\n"); return; } #endregion 判断请求头是否包含以下参数 #region 校验参数是否被篡改 ////校验参数是否被篡改 //Dictionary<string, object> actionArguments = null; //switch (method) //{ // case "POST": // actionArguments = actionContext.ActionArguments; // KeyValuePair<string, object> keyValuePair = actionArguments.FirstOrDefault(); // actionArguments = keyValuePair.Value.Object2Dictionary(); // break; // case "GET": // actionArguments = actionContext.ActionArguments; // break; //} //bool isSucc = this.CheckSignature(signature, actionArguments); //if (!isSucc) //{ // resultMsg = new BaseJsonResult<string> // { // Status = (int)JsonObjectStatus.ParameterManipulation, // Message = JsonObjectStatus.ParameterManipulation.GetEnumDescription() // }; // actionContext.Response = resultMsg.TryToHttpResponseMessage(); // _logHelper.Debug("*************************授权结束(请求参数被篡改或指纹有误)*************************\r\n"); // return; //} #endregion 校验参数是否被篡改 #region 校验Token是否有效 //校验Token是否有效 bool isCheckSucc = JWTHelper.CheckToken(accessToken, out JWTPlayloadInfo jwtPlayloadInfo); if (!isCheckSucc) { _logHelper.Debug("校验Token是否有效:TOKEN失效\r\n"); resultMsg = new BaseJsonResult <string> { Status = GlobalErrorCodes.TokenInvalid, Message = GlobalErrorCodes.TokenInvalid.GetEnumDescription() }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); _logHelper.Debug("*************************授权结束(TOKEN失效)*************************\r\n"); return; } else { //校验当前用户是否能够操作某些特定方法(比如更新用户信息) if (!attributes[0].Ignore) { string userId = jwtPlayloadInfo.aud; //访客用户不能访问未忽略的接口 if (!string.IsNullOrEmpty(userId) && userId.Equals(JWTPlayloadInfo.DefaultAud)) { resultMsg = new BaseJsonResult <string> { Status = GlobalErrorCodes.NoPermission, Message = GlobalErrorCodes.NoPermission.GetEnumDescription() }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); _logHelper.Debug("*************************授权结束(无权执行此操作)*************************\r\n"); return; } //TODO 验证正式用户或者试用用户是否有权操作当前方法 } } #endregion 校验Token是否有效 #region 验证签名字符串是否有效 SortedDictionary <string, object> dict = new SortedDictionary <string, object> { { "access_token", accessToken }, { "timestamp", timestamp }, { "nonce_str", nonce }, }; bool isSucc = this.CheckSignature(signature, dict); if (isSucc) { base.OnActionExecuting(actionContext); } else { resultMsg = new BaseJsonResult <string> { Status = GlobalErrorCodes.SignError, Message = GlobalErrorCodes.SignError.GetEnumDescription() }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); _logHelper.Debug("*************************授权结束(签名有误)*************************\r\n"); return; } #endregion _logHelper.Debug("*************************授权结束*************************\r\n"); }
/// <summary> /// 输出拦截器 /// </summary> /// <param name="actionExecutedContext"></param> public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext) { if (actionExecutedContext.Exception != null) { var resultMsg = new BaseJsonResult <string> { Status = (int)JsonObjectStatus.Exception, Message = actionExecutedContext.Exception.Message, }; actionExecutedContext.Response = resultMsg.TryToHttpResponseMessage(); } else { if (actionExecutedContext.Response.Content == null) { var resultMsg = new BaseJsonResult <string> { Status = (int)JsonObjectStatus.Error, Message = "HTTP响应消息内容为空", }; actionExecutedContext.Response = resultMsg.TryToHttpResponseMessage(); } else { string result; long resultLength = 0; if (actionExecutedContext.Response.Content is ObjectContent) { result = ((ObjectContent)actionExecutedContext.Response.Content).Value.ToString(); } else { byte[] ctx = actionExecutedContext.Response.Content.ReadAsByteArrayAsync().Result; //resultLength = ctx.LongLength; result = Encoding.UTF8.GetString(ctx); } var Headers = actionExecutedContext.ActionContext.Request.Headers; var AcceptEncoding = Headers.AcceptEncoding; if (AcceptEncoding != null && AcceptEncoding.Contains(new StringWithQualityHeaderValue("gzip"))) { byte[] body = Encoding.UTF8.GetBytes(result.ToString()); byte[] compressedData = GZipHelper.GZipCompress(body); actionExecutedContext.Response.Content = new ByteArrayContent(compressedData); actionExecutedContext.Response.Content.Headers.Remove("Content-Type"); actionExecutedContext.Response.Content.Headers.Add("Content-Encoding", "gzip"); actionExecutedContext.Response.Content.Headers.Add("Content-Type", "application/json; charset=utf-8"); } else if (AcceptEncoding != null && AcceptEncoding.Contains(new StringWithQualityHeaderValue("deflate"))) { byte[] body = Encoding.UTF8.GetBytes(result.ToString()); byte[] compressedData = GZipHelper.DeflateCompress(body); actionExecutedContext.Response.Content = new ByteArrayContent(compressedData); actionExecutedContext.Response.Content.Headers.Remove("Content-Type"); actionExecutedContext.Response.Content.Headers.Add("Content-Encoding", "deflate"); actionExecutedContext.Response.Content.Headers.Add("Content-Type", "application/json; charset=utf-8"); } else { actionExecutedContext.Response = result.TryToHttpResponseMessage(); } //if (resultLength > 1024) //{ //} //else //{ // actionExecutedContext.Response.Content = new StringContent(result.TryToJson(), Encoding.UTF8, "application/json"); //} } } base.OnActionExecuted(actionExecutedContext); }
/// <summary>在调用操作方法之前发生。</summary> /// <param name="actionContext">操作上下文。</param> public override void OnActionExecuting(HttpActionContext actionContext) { string isInterfaceSignature = ConfigHelper.GetValue("IsInterfaceSignature"); if (isInterfaceSignature.ToLower() == "false") { return; } BaseJsonResult <string> resultMsg = null; //授权码,指纹,时间戳,8位随机数 string accessToken = string.Empty, signature = string.Empty, timestamp = string.Empty, nonce = string.Empty; //操作上下文请求信息 HttpRequestMessage request = actionContext.Request; //请求方法 string method = request.Method.Method; #region 接受客户端预请求 //接受客户端预请求 if (actionContext.Request.Method == HttpMethod.Options) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Accepted); return; } #endregion #region 忽略不需要授权的方法 //忽略不需要授权的方法 var attributes = actionContext.ActionDescriptor.GetCustomAttributes <IgnoreTokenAttribute>(); if (attributes.Count == 0 || (attributes.Count > 0 && attributes[0].Ignore)) { return; } #endregion _logHelper.Debug("*************************授权开始*************************\r\n"); _logHelper.Debug("鉴权地址:" + actionContext.Request.RequestUri + "\r\n"); #region 获取请求头信息 //授权Token if (request.Headers.Contains("Authorization")) { accessToken = HttpUtility.UrlDecode(request.Headers.GetValues("Authorization").FirstOrDefault()); _logHelper.Debug("Authorization:" + accessToken + "\r\n"); } ////指纹 //if (request.Headers.Contains("Signature")) //{ // signature = HttpUtility.UrlDecode(request.Headers.GetValues("Signature").FirstOrDefault()); // _logHelper.Debug("Signature:" + signature + "\r\n"); //} #endregion #region 判断请求头是否包含以下参数 //判断请求头是否包含以下参数 if (string.IsNullOrEmpty(accessToken)) { resultMsg = new BaseJsonResult <string> { Status = (int)JsonObjectStatus.ParameterError, Message = JsonObjectStatus.ParameterError.GetEnumDescription() }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); _logHelper.Debug("*************************授权结束(请求头参数不完整)*************************\r\n"); return; } #endregion #region 校验参数是否被篡改 ////校验参数是否被篡改 //Dictionary<string, object> actionArguments = null; //switch (method) //{ // case "POST": // actionArguments = actionContext.ActionArguments; // KeyValuePair<string, object> keyValuePair = actionArguments.FirstOrDefault(); // actionArguments = keyValuePair.Value.Object2Dictionary(); // break; // case "GET": // actionArguments = actionContext.ActionArguments; // break; //} //bool isSucc = this.CheckSignature(signature, actionArguments); //if (!isSucc) //{ // resultMsg = new BaseJsonResult<string> // { // Status = (int)JsonObjectStatus.ParameterManipulation, // Message = JsonObjectStatus.ParameterManipulation.GetEnumDescription() // }; // actionContext.Response = resultMsg.TryToHttpResponseMessage(); // _logHelper.Debug("*************************授权结束(请求参数被篡改或指纹有误)*************************\r\n"); // return; //} #endregion #region 校验Token是否有效 //校验Token是否有效 JWTPlayloadInfo playload = JWTHelper.CheckToken(accessToken); if (playload == null) { _logHelper.Debug("校验Token是否有效:TOKEN失效\r\n"); resultMsg = new BaseJsonResult <string> { Status = (int)JsonObjectStatus.TokenInvalid, Message = JsonObjectStatus.TokenInvalid.GetEnumDescription() }; actionContext.Response = resultMsg.TryToHttpResponseMessage(); _logHelper.Debug("*************************授权结束(TOKEN失效)*************************\r\n"); return; } else { //TODO 等系统开放了登陆,取消此段代码注释 //校验当前用户是否能够操作某些特定方法(比如更新用户信息) //if (!attributes[0].Ignore) //{ // if (!string.IsNullOrEmpty(playload.aud) && playload.aud.Equals("guest")) // { // resultMsg = new BaseJsonResult<string> // { // Status = (int)JsonObjectStatus.Unauthorized, // Message = JsonObjectStatus.Unauthorized.GetEnumDescription() // }; // actionContext.Response = resultMsg.TryToHttpResponseMessage(); // return; // } //} } #endregion _logHelper.Debug("*************************授权结束*************************\r\n"); //base.OnActionExecuting(actionContext); }