コード例 #1
0
 public CustomJwtTokenAuthMiddleware(INacosNamingService serv, RequestDelegate next, IAuthenticationSchemeProvider schemes, Appsettings appset, ICaching cache)
 {
     NacosServClient = serv;
     _cache          = cache;
     _next           = next;
     Schemes         = schemes;
     List <PermissionItem> Permissions = _cache.Cof_AsyncGetICaching <List <PermissionItem> >("Permissions", GetPermitionData, 10).GetAwaiter().GetResult();
 }
コード例 #2
0
        /// <summary>
        /// 网关授权
        /// </summary>
        /// <param name="httpContext"></param>
        /// <returns></returns>
        public async Task Invoke(HttpContext httpContext)
        {
            var questUrl = httpContext?.Request.Path.Value.ToLower();

            if (string.IsNullOrEmpty(questUrl))
            {
                return;
            }
            //白名单验证
            if (CheckWhiteList(questUrl))
            {
                await _next.Invoke(httpContext);

                return;
            }
            //黑名单验证
            if (CheckBlackList(questUrl))
            {
                return;
            }

            List <PermissionItem> Permissions = await _cache.Cof_AsyncGetICaching <List <PermissionItem> >("Permissions", GetPermitionData, 10);

            httpContext.Features.Set <IAuthenticationFeature>(new AuthenticationFeature
            {
                OriginalPath     = httpContext.Request.Path,
                OriginalPathBase = httpContext.Request.PathBase
            });

            //判断请求是否拥有凭据,即有没有登录
            var defaultAuthenticate = await Schemes.GetDefaultAuthenticateSchemeAsync();

            if (defaultAuthenticate != null)
            {
                var Authresult = await httpContext.AuthenticateAsync(defaultAuthenticate.Name);

                if (Authresult?.Principal != null)
                {
                    httpContext.User = Authresult.Principal;
                    // 获取当前用户的角色信息
                    var currentUserRoles = (from item in httpContext.User.Claims
                                            where item.Type == "CofRole"
                                            select item.Value).ToList();
                    var isMatchRole      = false;
                    var permisssionRoles = Permissions.Where(w => currentUserRoles.Contains(w.Role));
                    foreach (var item in permisssionRoles)
                    {
                        try
                        {
                            if (Regex.IsMatch(questUrl, item.Url, RegexOptions.IgnoreCase))
                            {
                                isMatchRole = true;
                                break;
                            }
                        }
                        catch (Exception)
                        {
                            // ignored
                        }
                    }

                    //验证权限
                    if (currentUserRoles.Count <= 0 || !isMatchRole)
                    {
                        await httpContext.Cof_SendResponse(HttpStatusCode.ServiceUnavailable, "未授权此资源");

                        return;
                    }
                }
                else
                {
                    await httpContext.Cof_SendResponse(HttpStatusCode.Unauthorized, "请重新登录");

                    return;
                }
            }
            else
            {
                await httpContext.Cof_SendResponse(HttpStatusCode.Unauthorized, "系统鉴权出错");

                return;
            }
            await _next.Invoke(httpContext);
        }