/// <summary>
/// 接收到客户端消息请求后执行
/// </summary>
/// <param name="request"></param>
/// <param name="channel"></param>
/// <param name="instanceContext"></param>
/// <returns></returns>
public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
{
try
{
System.ServiceModel.Web.WebOperationContext context = System.ServiceModel.Web.WebOperationContext.Current;
string enterpriseStr = context.IncomingRequest.Headers.Get("YSWL_Auto_Enterprise");
if (string.IsNullOrEmpty(enterpriseStr))
{
enterpriseStr = request.Headers.GetHeader <string>("YSWL_Auto_Enterprise", "YSWL");
}
long enterpriseId = Common.DEncrypt.DEncrypt.ConvertToNumber(enterpriseStr);
Common.CallContextHelper.SetValue("YSWL_SAAS_EnterpriseID", enterpriseId.ToString());
}
catch (Exception ex)
{
//记录日志
}
return(null);
}
/// <summary>
/// The configuration
/// </summary>
//private static IConfiguration config = ConfigManager.GetConfigManager();
/// <summary>
/// The _logger
/// </summary>
// private static ILogger _logger = LogManager.GetLogger(typeof(AuthorizationManager).ToString());
/// <summary>
/// Checks authorization for the given operation context based on default policy evaluation.
/// </summary>
/// <param name="operationContext">The <see cref="T:System.ServiceModel.OperationContext" /> for the current authorization request.</param>
/// <returns>
/// true if access is granted; otherwise, false. The default is true.
/// </returns>
protected override bool CheckAccessCore(OperationContext operationContext)
{
//if (_logger.IsTraceEnabled) _logger.Trace("{0} - {1}", MethodBase.GetCurrentMethod().Name, _logger.Start);
//dev env disable token validation
//if (config.GetValueBool("Api.IgnoreAuthValidation"))
//{
// return true;
//}
bool returnValue = false;
bool isWebHttp = false;
string token = "";
string fullUrl = "";
try
{
try
{
if (operationContext.EndpointDispatcher.ChannelDispatcher.BindingName.ToLower().EndsWith("webhttpbinding"))
{
isWebHttp = true;
System.ServiceModel.Web.WebOperationContext ctx = System.ServiceModel.Web.WebOperationContext.Current;
//ignore routes
if (ctx.IncomingRequest.Method.ToUpper() == "OPTIONS")
{
Uri origin = new Uri(ctx.IncomingRequest.Headers["Origin"]);
//IList<String> allowedDomains = config.GetList<string>("Api.CORS_AllowedDomains");
//if (_logger.IsDebugEnabled) _logger.Debug("Api.CORS_AllowedDomains - {0}", string.Join(",", allowedDomains));
////validate CORS domain contains
//if (allowedDomains.Contains(origin.Host))
// returnValue = true;
//else
//{
// returnValue = false;
// if (_logger.IsDebugEnabled) _logger.Debug("origin.Host - {0}", origin.Host);
//}
}
else
{
string url = operationContext.IncomingMessageProperties.Via.AbsolutePath.ToLower();
if (url.EndsWith("/ping"))
{
returnValue = true;
}
else if (url.EndsWith("/token"))
{
returnValue = true;
}
else if (url.EndsWith("/help"))
{
returnValue = true;
}
else if (url.Contains("/help/operations/"))
{
returnValue = true;
}
else
{
token = ctx.IncomingRequest.Headers["Authorization"];
fullUrl = ctx.IncomingRequest.UriTemplateMatch.RequestUri.PathAndQuery;
//if (_logger.IsDebugEnabled)
//{
// _logger.Trace("{0} - {1}", "token", token);
// _logger.Trace("{0} - {1}", "fullUrl", fullUrl);
//}
//fullUrl = operationContext.IncomingMessageHeaders.To.AbsoluteUri;
}
}
}
else
{
//soap
if (operationContext.IncomingMessageHeaders.Action.ToLower().EndsWith("/ping"))
{
returnValue = true;
}
else if (operationContext.IncomingMessageHeaders.Action.ToLower().EndsWith("/token"))
{
returnValue = true;
}
else
{
token = operationContext.IncomingMessageHeaders.GetHeader <string>("Authorization", "http://tempuri.org").Trim();
}
}
}
catch (Exception ex)
{
// _logger.Error(ex);
}
if (!string.IsNullOrEmpty(token))
{
returnValue = TokenHelper.Validate(token, fullUrl);
}
}
catch (Exception ex)
{
returnValue = false;
// _logger.Error(ex);
}
// if (_logger.IsTraceEnabled) _logger.Trace("{0} - {1}", MethodBase.GetCurrentMethod().Name, _logger.Start);
if (isWebHttp && !returnValue)
{
throw new System.ServiceModel.Web.WebFaultException(System.Net.HttpStatusCode.Unauthorized);
}
return(returnValue);
}
