public HttpResponseMessage GetAuthorizationToken(GetTokenArgEntity arg)
{
BaseJsonResult <AccessTokenDto> resultMsg = null;
Logger(this.GetType(), "获取授权Token-GetAuthorizationToken", () =>
{
if (this.CheckBaseArgument(arg, out resultMsg))
{
if (arg.Account.Equals("guest") && arg.UserId.Equals("guest"))
{
JWTPlayloadInfo playload = new JWTPlayloadInfo
{
iss = "S_COMMON_TOKTN",
sub = arg.Account,
aud = arg.UserId,
userid = CommonHelper.GetGuid(),
extend = "PUBLIC_TOKTN"
};
string token = JWTHelper.GetToken(playload);
AccessTokenDto access = new AccessTokenDto
{
AccessToken = token,
ExpiryTime = playload.exp
};
resultMsg = this.GetBaseJsonResult <AccessTokenDto>(access, JsonObjectStatus.Success);
}
else
{
//TODO 根据UserID校验用户是否存在
//JWTPlayloadInfo playload = new JWTPlayloadInfo
//{
// iss = "S_USER_TOKTN",
// sub = arg.Account,
// aud = arg.UserId,
// userid = CommonHelper.GetGuid(),
// extend = "USER_TOKTN"
//};
//string token = JWTHelper.GetToken(playload);
//AccessTokenDto access = new AccessTokenDto
//{
// AccessToken = token,
// ExpiryTime = playload.exp
//};
//resultMsg = this.GetBaseJsonResult<AccessTokenDto>(access, JsonObjectStatus.Success);
resultMsg = this.GetBaseJsonResult <AccessTokenDto>(JsonObjectStatus.UserNotExist);
}
}
}, e =>
{
resultMsg = this.GetBaseJsonResult <AccessTokenDto>(JsonObjectStatus.Exception, ",异常信息:" + e.Message);
});
return(resultMsg.TryToHttpResponseMessage());
}
/// <summary>在调用操作方法之前发生。</summary>
/// <param name="actionContext">操作上下文。</param>
public override void OnActionExecuting(HttpActionContext actionContext)
{
string isInterfaceSignature = ConfigHelper.GetValue("IsInterfaceSignature");
if (isInterfaceSignature.ToLower() == "false")
{
return;
}
BaseJsonResult <string> resultMsg = null;
//授权码,指纹,时间戳,8位随机数
string accessToken = string.Empty, signature = string.Empty, timestamp = string.Empty, nonce = string.Empty;
//操作上下文请求信息
HttpRequestMessage request = actionContext.Request;
//请求方法
string method = request.Method.Method;
#region 接受客户端预请求
//接受客户端预请求
if (actionContext.Request.Method == HttpMethod.Options)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Accepted);
return;
}
#endregion
#region 忽略不需要授权的方法
//忽略不需要授权的方法
var attributes = actionContext.ActionDescriptor.GetCustomAttributes <IgnoreTokenAttribute>();
if (attributes.Count == 0 || (attributes.Count > 0 && attributes[0].Ignore))
{
return;
}
#endregion
_logHelper.Debug("*************************授权开始*************************\r\n");
_logHelper.Debug("鉴权地址:" + actionContext.Request.RequestUri + "\r\n");
#region 获取请求头信息
//授权Token
if (request.Headers.Contains("Authorization"))
{
accessToken = HttpUtility.UrlDecode(request.Headers.GetValues("Authorization").FirstOrDefault());
_logHelper.Debug("Authorization:" + accessToken + "\r\n");
}
////指纹
//if (request.Headers.Contains("Signature"))
//{
// signature = HttpUtility.UrlDecode(request.Headers.GetValues("Signature").FirstOrDefault());
// _logHelper.Debug("Signature:" + signature + "\r\n");
//}
#endregion
#region 判断请求头是否包含以下参数
//判断请求头是否包含以下参数
if (string.IsNullOrEmpty(accessToken))
{
resultMsg = new BaseJsonResult <string>
{
Status = (int)JsonObjectStatus.ParameterError,
Message = JsonObjectStatus.ParameterError.GetEnumDescription()
};
actionContext.Response = resultMsg.TryToHttpResponseMessage();
_logHelper.Debug("*************************授权结束(请求头参数不完整)*************************\r\n");
return;
}
#endregion
#region 校验参数是否被篡改
////校验参数是否被篡改
//Dictionary<string, object> actionArguments = null;
//switch (method)
//{
// case "POST":
// actionArguments = actionContext.ActionArguments;
// KeyValuePair<string, object> keyValuePair = actionArguments.FirstOrDefault();
// actionArguments = keyValuePair.Value.Object2Dictionary();
// break;
// case "GET":
// actionArguments = actionContext.ActionArguments;
// break;
//}
//bool isSucc = this.CheckSignature(signature, actionArguments);
//if (!isSucc)
//{
// resultMsg = new BaseJsonResult<string>
// {
// Status = (int)JsonObjectStatus.ParameterManipulation,
// Message = JsonObjectStatus.ParameterManipulation.GetEnumDescription()
// };
// actionContext.Response = resultMsg.TryToHttpResponseMessage();
// _logHelper.Debug("*************************授权结束(请求参数被篡改或指纹有误)*************************\r\n");
// return;
//}
#endregion
#region 校验Token是否有效
//校验Token是否有效
JWTPlayloadInfo playload = JWTHelper.CheckToken(accessToken);
if (playload == null)
{
_logHelper.Debug("校验Token是否有效:TOKEN失效\r\n");
resultMsg = new BaseJsonResult <string>
{
Status = (int)JsonObjectStatus.TokenInvalid,
Message = JsonObjectStatus.TokenInvalid.GetEnumDescription()
};
actionContext.Response = resultMsg.TryToHttpResponseMessage();
_logHelper.Debug("*************************授权结束(TOKEN失效)*************************\r\n");
return;
}
else
{
//TODO 等系统开放了登陆,取消此段代码注释
//校验当前用户是否能够操作某些特定方法(比如更新用户信息)
//if (!attributes[0].Ignore)
//{
// if (!string.IsNullOrEmpty(playload.aud) && playload.aud.Equals("guest"))
// {
// resultMsg = new BaseJsonResult<string>
// {
// Status = (int)JsonObjectStatus.Unauthorized,
// Message = JsonObjectStatus.Unauthorized.GetEnumDescription()
// };
// actionContext.Response = resultMsg.TryToHttpResponseMessage();
// return;
// }
//}
}
#endregion
_logHelper.Debug("*************************授权结束*************************\r\n");
//base.OnActionExecuting(actionContext);
}