private static void AddCustomClaims(string token, ClaimsPrincipal principal, HttpContext httpContext) { var headers = httpContext.Response.Headers; var httpConnectionFeature = httpContext.Features.Get <IHttpConnectionFeature>(); var correlationId = new Microsoft.Extensions.Primitives.StringValues(Guid.Empty.ToString()); var claimsAditionals = new ClaimsIdentity(); headers.TryGetValue(Constants.HeaderNameCorrelationId, out correlationId); claimsAditionals.AddClaim(new Claim("token", token)); claimsAditionals.AddClaim(new Claim("correlationId", correlationId.FirstOrDefault().ToString())); claimsAditionals.AddClaim(new Claim("host_ip", GetIpAddress(httpConnectionFeature))); claimsAditionals.AddClaim(new Claim("local_ip", GetLocalIpAddress(httpConnectionFeature))); principal.AddIdentity(claimsAditionals); httpContext.User = principal; }
/// <summary> /// Create meta /// </summary> /// <param name="context"></param> /// <returns></returns> protected AppUserProviderMeta _createMeta(HttpContext context) { var userAgent = "Unknown agent"; Microsoft.Extensions.Primitives.StringValues agent = new Microsoft.Extensions.Primitives.StringValues(); if (context.Request.Headers.TryGetValue("User-Agent", out agent)) { userAgent = agent.FirstOrDefault() ?? "Unknown agent"; } return(new AppUserProviderMeta { Ip = context.Connection.RemoteIpAddress.ToString(), UserAgent = userAgent, UpdatedTime = DateTime.UtcNow }); }
// http header to grpc header private IDictionary<string, string> GetRequestHeaders(DownstreamContext context) { Dictionary<string, string> headers = new Dictionary<string, string>(); foreach (string key in context.HttpContext.Request.Headers.Keys) { string grpcKey = null; string prefix = "grpc."; if (key.Length > prefix.Length && key.StartsWith(prefix)) { grpcKey = key.Substring(prefix.Length); } else { continue; } Microsoft.Extensions.Primitives.StringValues value = context.HttpContext.Request.Headers[key]; headers.Add(grpcKey, value.FirstOrDefault()); } return headers; }
/// <summary> /// /// </summary> /// <param name="context"></param> /// <param name="keyNameFilter"></param> /// <returns></returns> private IDictionary <string, string> GetRequestHeaders(HttpContext context, GrpcRequestHeaderFilter keyNameFilter) { Dictionary <string, string> headers = new Dictionary <string, string>(); foreach (string key in context.Request.Headers.Keys) { string grpcKey = null; if (keyNameFilter != null && !keyNameFilter(key, out grpcKey)) { continue; } Microsoft.Extensions.Primitives.StringValues value = context.Request.Headers[key]; headers.Add(grpcKey, value.FirstOrDefault()); } return(headers); }
public override void OnActionExecuting(ActionExecutingContext context) { //if (!context.ModelState.IsValid) //{ // context.Result = new BadRequestObjectResult(context.ModelState); //} string requestControllerAndMethodName = context.ActionDescriptor.DisplayName.Replace("Product.Api.Controllers.", "").Replace(" (Product.Api)", "");; context.HttpContext.Request.Headers.TryGetValue("Token", out _Token); bool isAccess = false; if (_Token.Count > 0) { UserView visitorUser = null; ProductDatabaseContext _productDatabaseContext = (ProductDatabaseContext)context.HttpContext.RequestServices.GetService(typeof(ProductDatabaseContext)); //IJwtService _jwtService = (JwtService)context.HttpContext.RequestServices.GetService(typeof(IJwtService)); UserView systemUserView = AsyncHelpers.RunSync <UserView>(() => identityClient.GetSystemUserCacheAsync(new UserLoginView { Email = Config.IdentitySystemUserName, Password = Config.IdentitySystemPassword })); List <RoleView> systemRoleList = AsyncHelpers.RunSync <List <RoleView> >(() => identityClient.GetRoleListCacheAsync(systemUserView.Jwt.Token)); List <Permission> permissionList = AsyncHelpers.RunSync <List <Permission> >(() => identityClient.GetPermissionListCacheAsync(systemUserView.Jwt.Token)); Guid token; Jwt jwt = new Jwt(); try { //jwt guid format kontrol ediliyor. token = Guid.Parse(_Token.FirstOrDefault()); jwt = identityClient.CheckTokenAsync(token).Result; if (jwt == null) { CommonApiResponse <dynamic> response = CommonApiResponse <dynamic> .Create(context.HttpContext.Response, System.Net.HttpStatusCode.OK, false, null, "Token geçersiz."); BadRequestObjectResult badReq = new BadRequestObjectResult(response); context.Result = badReq; return; } visitorUser = AsyncHelpers.RunSync <UserView>(() => identityClient.GetUserByTokenAsync(jwt.Token));//userGetirildi. } catch (Exception ex) { CommonApiResponse <dynamic> response = CommonApiResponse <dynamic> .Create(context.HttpContext.Response, System.Net.HttpStatusCode.InternalServerError, false, null, ex.Message); BadRequestObjectResult badReq = new BadRequestObjectResult(response); context.Result = badReq; return; } try { //Burada jwt ile gelen kullanıcının istekte bulunduğu controller içindeki fonksiyona erişimi olup olmadığı sorgulanıyor isAccess = Client.IsAccessRole(systemRoleList, permissionList, visitorUser.Roles, requestControllerAndMethodName); if (!isAccess) { CommonApiResponse <dynamic> response = CommonApiResponse <dynamic> .Create(context.HttpContext.Response, System.Net.HttpStatusCode.OK, false, null, "Yetkiniz yok."); BadRequestObjectResult badReq = new BadRequestObjectResult(response); context.Result = badReq; return; } var controller = context.Controller as Controller; controller.ViewBag.Jwt = jwt; } catch (Exception ex) { CommonApiResponse <dynamic> response = CommonApiResponse <dynamic> .Create(context.HttpContext.Response, System.Net.HttpStatusCode.InternalServerError, false, null, ex.Message); BadRequestObjectResult badReq = new BadRequestObjectResult(response); context.Result = badReq; return; } } else { CommonApiResponse <dynamic> response = CommonApiResponse <dynamic> .Create(context.HttpContext.Response, System.Net.HttpStatusCode.OK, false, null, "Header Token bulunamadı."); ObjectResult badReq = new ObjectResult(response); context.Result = badReq; return; } }
public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { token_err = "token_error"; token_detail = ""; //Initial Part var client_secret = secret_key; var role = role_auth; HttpRequest rq = context.HttpContext.Request; var header = rq.Headers; var response = context.HttpContext.Response; if (header.ContainsKey("token")) { Microsoft.Extensions.Primitives.StringValues r = ""; var tk = header.TryGetValue("token", out r); var token = r.FirstOrDefault(); if (tk && token.Length != 0 && token != null) { /* * success to get token from header */ try { Redis rd = new Redis(); if (checkDebug()) { rd = new Redis(authServ); } else { rd = new Redis(redisServ); } var secretKey = await rd.getSecret(token, client_secret, role); if (secretKey == "token_error" || secretKey == null) { token_err = "token_error"; ChallengeAuthorization(response); return; } /* * If JwtCore.JsonWebToken.Decode not success it mean * token has expired (timeout). */ string jsonPayload = JwtCore.JsonWebToken.Decode(token, secretKey); await next(); } catch (Exception e) { token_err = "token_expired"; ChallengeAuthorization(response); return; } } else { /* * fail to get token from header * token = null || length = 0 */ ChallengeAuthorization(response); return; } } else if (header.ContainsKey("access") && header.ContainsKey("refresh")) { /* * request for new token */ Microsoft.Extensions.Primitives.StringValues at = ""; var ac = header.TryGetValue("access", out at); var access = at.FirstOrDefault(); Microsoft.Extensions.Primitives.StringValues rt = ""; var re = header.TryGetValue("refresh", out rt); var refresh = rt.FirstOrDefault(); if (ac && re && access.Length != 0 && access != null && refresh.Length != 0 && refresh != null) { /* * request for new token * with old access and refresh token */ RefreshToken ref_token = new RefreshToken(authServ, redisServ); token_detail = ref_token.GenerateNewToken(access, refresh); ChallengeAuthorization(response); return; } else { /* * fail to get access_token or refresh_token * length = 0 || value is null */ ChallengeAuthorization(response); return; } } else { /* * empty header * not contain token or ( access_token and refresh_token ) */ ChallengeAuthorization(response); return; } }
public override void OnActionExecuting(ActionExecutingContext context) { IdentityDatabaseContext _identityDatabaseContext = (IdentityDatabaseContext)context.HttpContext.RequestServices.GetService(typeof(IdentityDatabaseContext)); IJwtService _jwtService = (JwtService)context.HttpContext.RequestServices.GetService(typeof(IJwtService)); IUserService _userService = (UserService)context.HttpContext.RequestServices.GetService(typeof(IUserService)); IRoleService _roleService = (RoleService)context.HttpContext.RequestServices.GetService(typeof(IRoleService)); IUserRoleService _userRoleService = (UserRoleService)context.HttpContext.RequestServices.GetService(typeof(IUserRoleService)); context.HttpContext.Request.Headers.TryGetValue("Token", out _Token); if (_Token.Count > 0) { Guid token; Jwt jwt = new Jwt(); try { token = Guid.Parse(_Token.FirstOrDefault()); jwt = (Jwt)_jwtService.CheckToken(token).Data; if (jwt == null) { CommonApiResponse <dynamic> response = CommonApiResponse <dynamic> .Create(context.HttpContext.Response, System.Net.HttpStatusCode.OK, false, null, "Token geçersiz."); BadRequestObjectResult badReq = new BadRequestObjectResult(response); context.Result = badReq; return; } } catch (Exception ex) { CommonApiResponse <dynamic> response = CommonApiResponse <dynamic> .Create(context.HttpContext.Response, System.Net.HttpStatusCode.InternalServerError, false, null, ex.Message); BadRequestObjectResult badReq = new BadRequestObjectResult(response); context.Result = badReq; return; } try { var controller = context.Controller as Controller; User user = _userService.GetById(jwt.UserId); List <UserRoleView> userRoleViewList = _userRoleService.GetByUserId(jwt.UserId); if (user == null) { CommonApiResponse <dynamic> response = CommonApiResponse <dynamic> .Create(context.HttpContext.Response, System.Net.HttpStatusCode.OK, false, null, "Kullanıcı bulunamadı."); BadRequestObjectResult badReq = new BadRequestObjectResult(response); context.Result = badReq; return; } if (requiredRoleList.Count > 0) { foreach (string requiredRoleName in requiredRoleList) { foreach (var userRole in userRoleViewList) { if (Guid.Parse(requiredRoleName) == userRole.RoleId) { IsAcces = true; break; } } } if (!IsAcces) { CommonApiResponse <dynamic> response = CommonApiResponse <dynamic> .Create(context.HttpContext.Response, System.Net.HttpStatusCode.OK, false, null, "Yetkiniz yok."); BadRequestObjectResult badReq = new BadRequestObjectResult(response); context.Result = badReq; return; } } controller.ViewBag.Jwt = jwt; controller.ViewBag.User = user; } catch (Exception ex) { CommonApiResponse <dynamic> response = CommonApiResponse <dynamic> .Create(context.HttpContext.Response, System.Net.HttpStatusCode.InternalServerError, false, null, ex.Message); BadRequestObjectResult badReq = new BadRequestObjectResult(response); context.Result = badReq; return; } } else { CommonApiResponse <dynamic> response = CommonApiResponse <dynamic> .Create(context.HttpContext.Response, System.Net.HttpStatusCode.OK, false, null, "Header Token bulunamadı."); ObjectResult badReq = new ObjectResult(response); context.Result = badReq; } }