コード例 #1
0
        public virtual bool AuthorizedRoute(HttpContext context, RoutingModel route, IAuthorizationService authorizationService)
        {
            var ssourl = CommonUtility.GetAppConfigValue(CommonConst.CommonValue.SSOURL_CONFIG_KEY);

            if (!route.auth_users.Where(f => f == CommonConst.CommonValue.ACCESS_ALL).Any() && !string.IsNullOrEmpty(ssourl))
            {
                try
                {
                    if (route.auth_users.IndexOf(CommonConst.CommonField.API_AUTH_TOKEN) != -1)
                    {
                        var api_access_key = _httpContextProxy.GetHeader(CommonConst.CommonField.API_AUTH_TOKEN);
                        return(api_access_key == CommonUtility.GetApiAuthKey());
                    }

                    var oauthclient = context.Request.Headers[CommonConst.CommonField.OAUTH_CLIENT_ID];
                    if (!string.IsNullOrEmpty(oauthclient))
                    {
                        var oauthUser = ValidateOAuthRequest(oauthclient, context, route);
                        return(oauthUser != null);
                    }

                    UserModel userModel = null;
                    userModel = _httpContextProxy.User;

                    if (userModel == null) // || (userModel != null && userModel.user_id == "auth2")
                    {
                        var accessToken = _httpContextProxy.GetAccessTokenAync().GetAwaiter().GetResult();
                        var cackeKey    = $"{accessToken}";
                        userModel = _inMemoryCacheService.Get <UserModel>(cackeKey);
                        if (userModel == null)
                        {
                            var endpoint = ApplicationConfig.AppEndpoint;
                            if (endpoint == ApplicationConfig.SSOEndpoint)
                            {
                                endpoint = ApplicationConfig.ApiGatewayEndpoint;
                            }
                            var response = _apiGatewayService.CallAsync(CommonConst.ActionMethods.GET, "~/user/getuserinfo", "", null, new Dictionary <string, string>()
                            {
                            }, endpoint).GetAwaiter().GetResult();
                            if (response["user"] != null)
                            {
                                userModel = JsonConvert.DeserializeObject <UserModel>(response["user"].ToString());
                                _inMemoryCacheService.Put <UserModel>(cackeKey, userModel);
                            }
                        }
                        if (userModel != null)
                        {
                            var identity = new ClaimsIdentity();
                            foreach (var claim in userModel.claims)
                            {
                                if (claim.Key == "roles")
                                {
                                    var roles = new List <string>();
                                    roles.AddRange(userModel.roles);
                                    identity.AddClaim(new System.Security.Claims.Claim("roles", Newtonsoft.Json.JsonConvert.SerializeObject(roles)));
                                }
                                else
                                {
                                    identity.AddClaim(new System.Security.Claims.Claim(claim.Key, claim.Value));
                                }
                            }
                            context.User = new ClaimsPrincipal(identity);
                        }
                    }

                    if (userModel != null)
                    {
                        if (userModel.tenants != null && userModel.tenants.Any())
                        {
                            context.Response.Headers[CommonConst.CommonField.TENANT_ID] = userModel.tenants.First().tenant_id;
                        }

                        var u = _httpContextProxy.User;
                        _logger.Debug($"Assign user id :{u.user_id} Claims:{string.Join(", ", u.claims.Select(f => $"{f.Key}:{f.Value}"))} OrgRoles: { string.Join(",", userModel.roles)}");

                        var hasaccess = false;

                        hasaccess = userModel.roles.Where(f => route.auth_users.IndexOf(f) != -1).Any();
                        if (!hasaccess)
                        {
                            _logger.Debug($"Access :{hasaccess}:{route.ToString()}:{  string.Join(",", route.auth_users)}");
                        }
                        return(hasaccess);
                    }
                    return(false);
                }
                catch (UnauthorizedAccessException)
                {
                    return(false);
                }
            }
            else
            {
                return(true);
            }
        }
コード例 #2
0
        public void Exec(RoutingModel route, IHttpContextProxy httpProxy)
        {
            ILogger           loggerController  = Logger.GetLogger(route.ExecuteType, httpProxy.TransactionId);
            RouteEventHandler routeEventHandler = new RouteEventHandler();

            try
            {
                loggerController.Info(string.Format("{0}:: Route: [{1}]", "RouteExecuter.Exec", route.ToString()));
                IActionExecuter actionExecuter = new ActionExecuter(loggerController);
                ParamContainer  paramContainer = ActionExecuterHelper.CreateParamContainer(route, httpProxy, loggerController, actionExecuter);
                WriteStartTransaction(loggerController, httpProxy, route);
                (paramContainer.GetKey(CommonConst.CommonValue.PARAM_SESSION_PROVIDER) as ISessionProvider).SetValue(CommonConst.CommonField.UPDATED_DATE_TIME, CommonUtility.GetUnixTimestamp(DateTime.Now));
                // Execute before Events
                routeEventHandler.ExecBeforeEvent(actionExecuter, route, paramContainer);

                var objResult = actionExecuter.Exec(route, paramContainer);
                httpProxy.ContentType = route.ContentType;

                // Add response in param
                paramContainer.AddKey(CommonConst.CommonValue.PARAM_API_RESPONSE, () => { return(objResult); });

                if (objResult == null)
                {
                    httpProxy.SetResponse(CommonConst._500_SERVER_ERROR);
                }
                else if (objResult is byte[])
                {
                    WriteEndTransaction(loggerController, "*** Binary Data ***");
                    httpProxy.SetResponse(CommonConst._200_OK, (byte[])objResult);
                }
                else if (objResult is string)
                {
                    WriteEndTransaction(loggerController, (objResult as string));
                    httpProxy.SetResponse(CommonConst._200_OK, objResult as string);
                }
                else
                {
                    var responseData = (objResult as JObject).ToString();
                    WriteEndTransaction(loggerController, responseData);
                    httpProxy.SetResponse(CommonConst._200_OK, responseData);
                }

                // Execute after Events
                routeEventHandler.ExecAfterEvent(actionExecuter, route, paramContainer, objResult);

                //    List<string> userGroups = _httpProxy.GetSessionUserGroups();
                //    if (route.auth_users.Count == 0 || userGroups.Intersect(route.auth_users).Any())
                //    {
                //        var objResult = routeExecuter.Exec(route, helper);
                //        if (objResult == null)
                //        {
                //            SetInternalServerError();
                //            return null;
                //        }
                //        else if (objResult is byte[])
                //        {
                //            return (byte[])objResult;
                //        }
                //        else
                //        {
                //            return Encoding.UTF8.GetBytes((objResult as JObject).ToString());
                //        }
                //    }
                //    else
                //    {
                //        SetUnauthorized();
                //        return Encoding.UTF8.GetBytes((ZApp.Common.HttpUtility.GetFullResponse((int)ResponseCodes.Unauthorized, ResponseCodes.Unauthorized.ToString(), null)).ToString());
                //    }
            }
            catch (UnauthorizedAccessException ex)
            {
                loggerController.Error(string.Format("Error While executing Route : {0}, Error : {1}", route.ToString(), ex.Message), ex);
                httpProxy.SetResponse(CommonConst._401_UNAUTHORIZED);
            }
            catch (Exception ex)
            {
                httpProxy.SetResponse(CommonConst._500_SERVER_ERROR);
                loggerController.Error(string.Format("Error While executing Route : {0}, Error : {1}", route.ToString(), ex.Message), ex);
            }
        }