private async Task <ServiceRoute> LocationServiceRoute(string routePath, string httpMethod)
{
var serviceRoute = await _serviceRouteProvider.GetRouteByPathOrRegexPath(routePath.ToLower(), httpMethod);
if (serviceRoute == null)
{
throw new CPlatformException($"不存在api为{routePath}的路由信息");
}
return(serviceRoute);
}
protected override void ChannelRead0(IChannelHandlerContext ctx, IFullHttpRequest msg)
{
var data = new byte[msg.Content.ReadableBytes];
msg.Content.ReadBytes(data);
Task.Run(async() =>
{
var parameters = GetParameters(HttpUtility.UrlDecode(msg.Uri), out string path);
path = AppConfig.MapRoutePathOptions.GetRoutePath(path, msg.Method.Name);
var serviceRoute = await _serviceRouteProvider.GetRouteByPathOrRegexPath(path, msg.Method.Name.ToUpper());
if (serviceRoute == null)
{
throw new CPlatformException($"未能找到路径为{path}-{msg.Method.Name.ToUpper()}的路由信息", StatusCode.Http404EndpointStatusCode);
}
parameters.Remove("servicekey", out object serviceKey);
if (data.Length > 0)
{
parameters = _serializer.Deserialize <string, IDictionary <string, object> >(System.Text.Encoding.ASCII.GetString(data)) ?? new Dictionary <string, object>();
}
if (String.Compare(serviceRoute.ServiceDescriptor.RoutePath, path, true) != 0)
{
var @params = RouteTemplateSegmenter.Segment(serviceRoute.ServiceDescriptor.RoutePath, path);
foreach (var param in @params)
{
parameters.Add(param.Key, param.Value);
}
}
if (msg.Method.Name == "POST")
{
_readAction(ctx, new TransportMessage(new HttpMessage
{
Parameters = parameters,
RoutePath = serviceRoute.ServiceDescriptor.RoutePath,
HttpMethod = msg.Method.Name.ToUpper(),
ServiceKey = serviceKey?.ToString()
}));
}
else
{
_readAction(ctx, new TransportMessage(new HttpMessage
{
Parameters = parameters,
RoutePath = serviceRoute.ServiceDescriptor.RoutePath,
HttpMethod = msg.Method.Name.ToUpper(),
ServiceKey = serviceKey?.ToString()
}));
}
});
}
public async Task OnActionExecuting(ActionExecutingContext filterContext)
{
var serviceEntry= _serviceEntryLocate.Locate(filterContext.Message);
if (serviceEntry != null)
{
var httpMethods = serviceEntry.Methods;
if (httpMethods.Count()>0 && !httpMethods.Any(p => String.Compare(p, filterContext.Context.Request.Method, true) == 0))
{
filterContext.Result = new HttpResultMessage<object>
{
IsSucceed = false,
StatusCode = Http405EndpointStatusCode,
Message = Http405EndpointDisplayName
};
}
}
else
{
var path = HttpUtility.UrlDecode(GetRoutePath(filterContext.Context.Request.Path.ToString()));
path = AppConfig.MapRoutePathOptions.GetRoutePath(path, filterContext.Message.HttpMethod);
var serviceRoute = await _serviceRouteProvider.GetRouteByPathOrRegexPath(path, filterContext.Message.HttpMethod);
if (serviceRoute == null)
{
throw new CPlatformException($"未能找到路径为{path}-{filterContext.Message.HttpMethod}的路由信息", StatusCode.Http404EndpointStatusCode);
}
var httpMethods = serviceRoute.ServiceDescriptor.HttpMethod();
if (httpMethods != null && !httpMethods.Contains(filterContext.Context.Request.Method))
{
filterContext.Result = new HttpResultMessage<object>
{
IsSucceed = false,
StatusCode = Http405EndpointStatusCode,
Message = Http405EndpointDisplayName
};
}
}
}
public async Task OnAuthorization(AuthorizationFilterContext filterContext)
{
var gatewayAppConfig = AppConfig.Options.ApiGetWay;
if (filterContext.Route != null && filterContext.Route.ServiceDescriptor.DisableNetwork())
{
var actionName = filterContext.Route.ServiceDescriptor.GroupName().IsNullOrEmpty()
? filterContext.Route.ServiceDescriptor.RoutePath
: filterContext.Route.ServiceDescriptor.GroupName();
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false, StatusCode = CPlatform.Exceptions.StatusCode.UnAuthorized,
Message = $"{actionName}禁止被外网访问"
};
}
else
{
var token = filterContext.Context.Request.Headers["Authorization"];
if (filterContext.Route != null)
{
if (filterContext.Route.ServiceDescriptor.AuthType() == AuthorizationType.JWT.ToString())
{
if (token.Any() && token.Count >= 1)
{
var validateResult = _authorizationServerProvider.ValidateClientAuthentication(token);
if (filterContext.Route.ServiceDescriptor.EnableAuthorization() &&
validateResult != ValidateResult.Success)
{
if (validateResult == ValidateResult.TokenFormatError)
{
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false,
StatusCode = CPlatform.Exceptions.StatusCode.UnAuthentication,
Message = "token格式不正确"
};
return;
}
if (validateResult == ValidateResult.SignatureError)
{
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false,
StatusCode = CPlatform.Exceptions.StatusCode.UnAuthentication,
Message = "token凭证不合法,请重新登录"
};
return;
}
if (validateResult == ValidateResult.TokenExpired)
{
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false, StatusCode = CPlatform.Exceptions.StatusCode.TokenExpired,
Message = "登录超时,请重新登录"
};
return;
}
}
var payload = _authorizationServerProvider.GetPayload(token);
var claimsIdentity = new ClaimsIdentity();
foreach (var item in payload)
{
claimsIdentity.AddClaim(new Claim(item.Key, item.Value.ToString()));
}
if (!gatewayAppConfig.AuthorizationRoutePath.IsNullOrEmpty() &&
filterContext.Route.ServiceDescriptor.EnableAuthorization())
{
var rpcParams = new Dictionary <string, object>()
{
{ "serviceId", filterContext.Route.ServiceDescriptor.Id }
};
var authorizationRoutePath =
await _serviceRouteProvider.GetRouteByPathOrRegexPath(
gatewayAppConfig.AuthorizationRoutePath, HttpMethod.POST.ToString());
if (authorizationRoutePath == null)
{
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false, StatusCode = CPlatform.Exceptions.StatusCode.RequestError,
Message = "没有找到实现接口鉴权的WebApi的路由信息"
};
return;
}
foreach (var kv in payload)
{
RpcContext.GetContext().SetAttachment(kv.Key, kv.Value);
}
var checkPermissionResult =
await _serviceProxyProvider.Invoke <IDictionary <string, object> >(rpcParams,
gatewayAppConfig.AuthorizationRoutePath, HttpMethod.POST,
gatewayAppConfig.AuthorizationServiceKey);
if (checkPermissionResult == null || !checkPermissionResult.ContainsKey("isPermission"))
{
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false, StatusCode = StatusCode.UnAuthorized,
Message = $"接口鉴权返回数据格式错误,鉴权接口返回数据格式必须为字典,且必须包含IsPermission的key"
};
return;
}
var isPermission = Convert.ToBoolean(checkPermissionResult["isPermission"]);
if (!isPermission)
{
var actionName = filterContext.Route.ServiceDescriptor.GroupName().IsNullOrEmpty()
? filterContext.Route.ServiceDescriptor.RoutePath
: filterContext.Route.ServiceDescriptor.GroupName();
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false, StatusCode = StatusCode.UnAuthorized,
Message = $"没有请求{actionName}的权限"
};
return;
}
foreach (var kv in checkPermissionResult)
{
if (kv.Key == "isPermission")
{
continue;
}
if (kv.Value == null)
{
continue;
}
claimsIdentity.AddClaim(new Claim(kv.Key, kv.Value.ToString()));
}
}
filterContext.Context.User = new ClaimsPrincipal(claimsIdentity);
}
else
{
if (filterContext.Route.ServiceDescriptor.EnableAuthorization())
{
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false, StatusCode = CPlatform.Exceptions.StatusCode.UnAuthentication,
Message = $"请先登录系统"
};
return;
}
else
{
filterContext.Context.User = null;
}
}
}
else
{
if (filterContext.Route.ServiceDescriptor.EnableAuthorization())
{
filterContext.Result = new HttpResultMessage <object>
{
IsSucceed = false, StatusCode = CPlatform.Exceptions.StatusCode.UnAuthentication,
Message = $"暂不支持{filterContext.Route.ServiceDescriptor.AuthType()}类型的身份认证方式"
};
}
}
}
}
if (string.Compare(filterContext.Path.ToLower(), gatewayAppConfig.TokenEndpointPath, true) == 0)
{
filterContext.Context.Items.Add("path", gatewayAppConfig.AuthenticationRoutePath);
}
}
public async Task OnReceived(IMessageSender sender, string messageId, HttpContext context, IEnumerable <IActionFilter> actionFilters)
{
var serviceRoute = context.Items["route"] as ServiceRoute;
var path = (context.Items["path"]
?? HttpUtility.UrlDecode(GetRoutePath(context.Request.Path.ToString()))) as string;
path = AppConfig.MapRoutePathOptions.GetRoutePath(path, context.Request.Method);
if (serviceRoute == null)
{
var route = await _serviceRouteProvider.GetRouteByPathOrRegexPath(path, context.Request.Method);
if (route == null)
{
throw new CPlatformException($"未能找到路径为{path}-{context.Request.Method}的路由信息", StatusCode.Http404EndpointStatusCode);
}
serviceRoute = route;
}
IDictionary <string, object> parameters = context.Request.Query.ToDictionary(p => p.Key, p => (object)p.Value.ToString());
object serviceKey = null;
foreach (var key in _serviceKeys)
{
parameters.Remove(key, out object value);
if (value != null)
{
serviceKey = value;
break;
}
}
if (!serviceRoute.ServiceDescriptor.RoutePath.Equals(path, StringComparison.OrdinalIgnoreCase))
{
var @params = RouteTemplateSegmenter.Segment(serviceRoute.ServiceDescriptor.RoutePath, path);
foreach (var param in @params)
{
parameters.Add(param.Key, param.Value);
}
}
var httpMessage = new HttpMessage
{
Parameters = parameters,
RoutePath = serviceRoute.ServiceDescriptor.RoutePath,
HttpMethod = context.Request.Method,
ServiceKey = serviceKey?.ToString()
};
if (context.Request.HasFormContentType)
{
if (context.Request.ContentType == "multipart/form-data")
{
var collection = await GetFormCollection(context.Request);
httpMessage.Parameters.Add("form", collection);
}
else
{
var formData = new Dictionary <string, object>();
foreach (var item in context.Request.Form.Keys)
{
formData.Add(item, context.Request.Form[item]);
}
httpMessage.Parameters.Add("form", formData);
}
if (!await OnActionExecuting(new ActionExecutingContext {
Context = context, Route = serviceRoute, Message = httpMessage
},
sender, messageId, actionFilters))
{
return;
}
httpMessage.Attachments = GetHttpMessageAttachments(context);
await Received(sender, new TransportMessage(messageId, httpMessage));
}
else
{
StreamReader streamReader = new StreamReader(context.Request.Body);
var data = await streamReader.ReadToEndAsync();
if (context.Request.Method != "GET")
{
var bodyParams = _serializer.Deserialize <string, IDictionary <string, object> >(data) ?? new Dictionary <string, object>();
foreach (var param in bodyParams)
{
httpMessage.Parameters.Add(param.Key, param.Value);
}
if (!await OnActionExecuting(new ActionExecutingContext {
Context = context, Route = serviceRoute, Message = httpMessage
},
sender, messageId, actionFilters))
{
return;
}
httpMessage.Attachments = GetHttpMessageAttachments(context);
await Received(sender, new TransportMessage(messageId, httpMessage));
}
else
{
if (!await OnActionExecuting(new ActionExecutingContext {
Context = context, Route = serviceRoute, Message = httpMessage
},
sender, messageId, actionFilters))
{
return;
}
httpMessage.Attachments = GetHttpMessageAttachments(context);
await Received(sender, new TransportMessage(messageId, httpMessage));
}
}
await OnActionExecuted(context, httpMessage, actionFilters);
}
